Jump to content

GetProcessMemory()?

Info

By Info,
in AutoIt General Help and Support

 Share

Recommended Posts

Szhlopp Universalist

Szhlopp

Posted
Posted

I wrote one in AutoIt that purely did scanning of all the addresses, skipping ones that weren't read+write. It's REALLY slow though.

CE gives their source, don't really know much of C++, don't know any Deplhi. Though you could probably see how they do it and possibly make a DLL or something that does it and returns an array.

I'll look for the code that I wrote and see how slow it really is. I just remember it being bad bad bad though.

RegEx/RegExRep Tester!Nerd Olympics - Community App!Login UDFMemory UDF - "Game.exe+753EC" - CE pointer to AU3Password Manager W/ SourceDataFiler - Include files in your au3!--- Was I helpful? Click the little green '+'
Link to comment
Share on other sites
Szhlopp Universalist

Szhlopp

Posted
Posted

Great, but one do you mean by "skipping ones that weren't read+write"?

Okay update.

Got the old autoit written scanner again. It's pretty darn slow compared to CheatEngine :/ I even am using all sorts of techniques to lower the amount I have to scan.

I am, however, writing an autoit CE UDF. Completely controls CheatEngine though autoit commands. Here are a few I am working on:

CESetProcess

CEScan

CEAddressList

=)

The only thing I can't get working at the moment is making the CE window not visible to the user.

I am setting the flag @SW_HIDE on "Cheat Engine 5.5". It does make the window go away, but the taskbar is still there. I even tried the HideTaskbar function and it can't find the window to remove it from the taskbar.

If anyone has a working example of how to hide CE completely, that would rock!

Szh

RegEx/RegExRep Tester!Nerd Olympics - Community App!Login UDFMemory UDF - "Game.exe+753EC" - CE pointer to AU3Password Manager W/ SourceDataFiler - Include files in your au3!--- Was I helpful? Click the little green '+'
Link to comment
Share on other sites
Info Universalist

Info

Posted
  • Author
Posted

Still waiting for some angel to come with a nice hint. >_<

I am setting the flag @SW_HIDE on "Cheat Engine 5.5". It does make the window go away, but the taskbar is still there.

Are you sure you're talking about the taskbar and not about the program manager?

@SW_HIDE in WinSetState() hides the window from the taskbar...

Link to comment
Share on other sites
Szhlopp Universalist

Szhlopp

Posted
Posted

Bump

Here was the scanner I was working on. Pure AU3. It's (like I said), really really slow.

#include <GUIConstants.au3>
#Include <GuiListView.au3>
#include <NomadMemory.au3>
#include <Array.au3>
;

$PID = WinGetProcess("InkBall")
$OpenMem = _MemoryOpen($PID)
ScanMemory($OpenMem, 2)



Func _ScanReadableMemory($Handle)
    
    Local $StartMemory = Dec("00400000")
    Local $EndMemory = Dec("7FFFFFFF")
    Local $Address, $LastAddress, $Progress
    Local $Buffer = DllStructCreate('dword;dword;dword;dword;dword;dword;dword')
    Local $BufferScan2 = DllStructCreate('dword;dword;dword;dword;dword;dword;dword')
    Local $ReturnArray[1][2]
    
    $Address = '0x' & Hex($StartMemory)
    
    While 1
        
        DllCall($Handle[0], 'int', 'VirtualQueryEx', 'int', $Handle[1], 'int', $Address, 'ptr', DllStructGetPtr($Buffer), 'int', DllStructGetSize($Buffer))
        
        Local $BaseAddress = '0x' & Hex(DllStructGetData($Buffer, 1)); + 0)
        Local $AllocBase = '0x' & Hex(DllStructGetData($Buffer, 2))
        Local $AllocProtect = Hex(DllStructGetData($Buffer, 3))
        Local $RegionSize = DllStructGetData($Buffer, 4)
        Local $State = '0x' & Hex(DllStructGetData($Buffer, 5))
        Local $Protect = Hex(DllStructGetData($Buffer, 6))
        Local $Type = '0x' & Hex(DllStructGetData($Buffer, 7))
        
        $LastAddress = $Address
        $Address = '0x' & Hex($BaseAddress + $RegionSize)
        
        If $Address = $LastAddress Then
            ExitLoop
        EndIf
        
        #cs
        Select
            Case $AllocProtect = 0x00
                $AllocProtect = ''
            Case $AllocProtect = 0x01
                $AllocProtect = 'No Access'
            Case $AllocProtect = 0x02
                $AllocProtect = 'Read'
            Case $AllocProtect = 0x04
                $AllocProtect = 'Read+Write'
            Case $AllocProtect = 0x08
                $AllocProtect = 'Write-Copy'
            Case $AllocProtect = 0x10
                $AllocProtect = 'Execute'
            Case $AllocProtect = 0x20
                $AllocProtect = 'Exe-Read'
            Case $AllocProtect = 0x40
                $AllocProtect = 'Exe-Read+Write'
            Case $AllocProtect = 0x80
                $AllocProtect = 'Exe-Write-Copy'
        EndSelect
        
        Select
            Case $State = 0x1000
                $State = 'Commit'
            Case $State = 0x2000
                $State = 'Reserve'
            Case $State = 0x10000
                $State = 'Free'
        EndSelect
        
        Select
            Case $Protect = 0x00
                $Protect = ''
            Case $Protect = 0x01
                $Protect = 'No Access'
            Case $Protect = 0x02
                $Protect = 'Read'
            Case $Protect = 0x04
                $Protect = 'Read+Write'
            Case $Protect = 0x08
                $Protect = 'Write-Copy'
            Case $Protect = 0x10
                $Protect = 'Execute'
            Case $Protect = 0x20
                $Protect = 'Exe-Read'
            Case $Protect = 0x40
                $Protect = 'Exe-Read+Write'
            Case $Protect = 0x80
                $Protect = 'Exe-Write-Copy'
        EndSelect
        
        Select
            Case $Type = 0x20000
                $Type = 'Private'
            Case $Type = 0x40000
                $Type = 'Mapped'
            Case $Type = 0x1000000
                $Type = 'Image'
        EndSelect
        #ce
        
        $AddressScan2 = "0x" & Hex(Dec(StringTrimLeft($BaseAddress, 2)) + $RegionSize)
        
        DllCall($Handle[0], 'int', 'VirtualQueryEx', 'int', $Handle[1], 'int', $AddressScan2, 'ptr', DllStructGetPtr($BufferScan2), 'int', DllStructGetSize($BufferScan2))
        Local $AllocBase2 = '0x' & Hex(DllStructGetData($BufferScan2, 2))
        Local $AllocProtect2 = Hex(DllStructGetData($BufferScan2, 3))
        Local $State2 = '0x' & Hex(DllStructGetData($BufferScan2, 5))
        Local $Protect2 = Hex(DllStructGetData($BufferScan2, 6))
        ; If the next set is readable as well.
        If $AllocBase2 <> 0x0 And $State2 = 0x1000 Then
            If $AllocProtect2 <> 0 And $AllocProtect2 <> 0x1 Then
                If $Protect2 <> 0 And $Protect2 <> 0x1 Then
                    ;First set
                     If $AllocBase <> 0x0 And $State = 0x1000 And $RegionSize > 282624 Then
                        If $AllocProtect <> 0 And $AllocProtect <> 0x1 Then
                            If $Protect <> 0 And $Protect <> 0x1 Then
                                ReDim $ReturnArray[UBound($ReturnArray) + 1][2]
                                $ReturnArray[UBound($ReturnArray) - 1][0] = $BaseAddress
                                $ReturnArray[UBound($ReturnArray) - 1][1] = Hex($RegionSize)
                            EndIf
                        EndIf
                    EndIf
                EndIf
            EndIf
        EndIf
        
        
        If $BaseAddress < 0 Then
            $BaseAddress = 2147483648 + ($BaseAddress) + 2147483648
        EndIf
        If ($BaseAddress + $RegionSize) >= $EndMemory Then
            ExitLoop
        EndIf
        
    WEnd
    
    Return $ReturnArray

    
EndFunc


Func ScanMemory($aOpenMemory, $vValue, $sType = 'dword')
    
    Local $ReturnAddressList[1][2]
    ; Get the scannable memory
    $aRet = _ScanReadableMemory($OpenMem)
    _ArrayDisplay($aRet)

    
    For $I = 1 To UBound($aRet) - 1
        $StartMem = Dec(StringTrimLeft($aRet[$I][0], 2))
        $EndMemory = $StartMem + Dec($aRet[$I][1])
        $CurrentAddress = $StartMem
        ;MsgBox(0, "", Hex($StartMem) & "/" & Hex($EndMemory))
        While $CurrentAddress <> $EndMemory
            If _MemoryRead("0x" & Hex($CurrentAddress), $aOpenMemory, $sType) = $vValue Then
                ReDim $ReturnAddressList[UBound($ReturnAddressList) + 1][2]
                $ReturnAddressList[UBound($ReturnAddressList) - 1][0] = "0x" & Hex($CurrentAddress)
                $ReturnAddressList[UBound($ReturnAddressList) - 1][0] = $vValue
            EndIf
            $CurrentAddress += 1
            TrayTip("Address", "0x" & Hex($CurrentAddress), 15)
        WEnd
        
        _ArrayDisplay($ReturnAddressList)
        
    Next

    
EndFunc

I'm hoping to have my CEUDF.au3 out pretty soon here. Should be a great way to completely control CE while it's not even visible to the user (I had to modify some functions, but the hide works now).

I'm not entirely sure why it will be better for the user to go through our screens and such instead of just using CheatEngine itself. But I guess we can make it as easy as possible for the user to get going on it without having to learn how to use CE >_<

RegEx/RegExRep Tester!Nerd Olympics - Community App!Login UDFMemory UDF - "Game.exe+753EC" - CE pointer to AU3Password Manager W/ SourceDataFiler - Include files in your au3!--- Was I helpful? Click the little green '+'
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...