Sign in to follow this  
Followers 0
Szhlopp

CE pointer to AU3 function.

13 posts in this topic

#1 ·  Posted (edited)

Haven't posted anything in a while so I suppose it's time

This tool makes it easy to convert a CE pointer in the 'cheat table' to a function that Autoit can use to read memory.

1) Rename the description of the pointer address in the cheat table (So it's not "No Description").

2) Right click on a pointer address in the cheat table (P->012E1544) and click 'copy'.

3) Run this script.

#include <Array.au3>

$ClipGet = ClipGet()
If StringLeft($ClipGet,12) = "<CheatTable>" Then
    Local $ClipText = "Func _Read" 
    Local $Name
    Local $NameOffset
    Local $InterpretableModule
    

    $_SRE = StringRegExp($ClipGet, "<Description>(.*?)\<", 1)
    $_SRE = StringRegExp($_SRE[0], "(?i)[a-z]*", 1)
    $ClipText &= StringStripWS($_SRE[0], 8) & "($pid)" & @CRLF & @CRLF & @TAB
    
    $Name = StringStripWS($_SRE[0], 8)
    
    $ClipText &= "Global $" & $Name & "Offset"
    $NameOffset = "$" & $Name & "Offset"
    $_SRE = StringRegExp($ClipGet, "<Offset>(.*?)<", 3)
    $ClipText &= "[" & UBound($_SRE) + 1 & "]" & @CRLF & @TAB & $NameOffset & "[0] = 0" & @CRLF & @TAB
    
    _ArrayReverse($_SRE)
    For $I = 0 To UBound($_SRE) - 1
        $ClipText &= $NameOffset & "[" & $I + 1 & '] = Dec("' & $_SRE[$I] & '")' & @CRLF & @TAB
    Next
    
    $_SRE = StringRegExp($ClipGet, "<InterpretableAddress>(.*?)\<", 1)
    If Not @error Then
        $_SS = StringSplit($_SRE[0], "+")
        If $_SS[0] = 1 Then
            MsgBox(16, "Error", "This address is not static. Please make sure you're ending with a 'green address'" & @CRLF & "(Game.exe+Offset)")
        Else
            $InterpretableModule = $_SS[1]
            $ClipText &= '$StaticOffset = Dec("' & $_SS[2] & '")' & @CRLF & @TAB
        EndIf
    EndIf
    
    $ClipText &= '$openmem = _MemoryOpen($pid)' & @CRLF & @TAB
    
    If StringRight($InterpretableModule, 3) = "exe" Then
        $ClipText &= '$baseADDR = _MemoryGetBaseAddress($openmem, 1)' & @CRLF & @TAB
    Else
        $ClipText &= '$baseADDR = _MemoryModuleGetBaseAddress($pid, "' & $InterpretableModule & '")' & @CRLF & @TAB
    EndIf
    
    $ClipText &= '$finalADDR = "0x" & Hex($baseADDR + $StaticOffset)' & @CRLF & @TAB
    $ClipText &= '$MemPointer = _MemoryPointerRead($finalADDR, $openmem, ' & $NameOffset & ')' & @CRLF & @TAB
    $ClipText &= '_MemoryClose($openmem)' & @CRLF  & @CRLF & @TAB
    $ClipText &= 'Return $MemPointer' & @CRLF & 'EndFunc'
    
    ; Finished, return
    ClipPut($ClipText)
Else
    MsgBox(16, "Error", "No Cheat Table data in your clipboard")
EndIf

Ta da! Function you can paste into any script.

Return is an array where

[0] = Address

[1] = Value

Tested on CheatEngine 5.5.

For those who are missing some of the functions...

Func _MemoryPointerRead($iv_Address, $ah_Handle, $av_Offset, $sv_Type = 'dword')
    
    If IsArray($av_Offset) Then
        If IsArray($ah_Handle) Then
            Local $iv_PointerCount = UBound($av_Offset) - 1
        Else
            SetError(2)
            Return 0
        EndIf
    Else
        SetError(1)
        Return 0
    EndIf
    
    Local $iv_Data[2], $i
    Local $v_Buffer = DllStructCreate('dword')
    
    For $i = 0 To $iv_PointerCount
        
        If $i = $iv_PointerCount Then
            $v_Buffer = DllStructCreate($sv_Type)
            If @error Then
                SetError(@error + 2)
                Return 0
            EndIf
            
            $iv_Address = '0x' & Hex($iv_Data[1] + $av_Offset[$i])
            DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
            If @error Then
                SetError(7)
                Return 0
            EndIf
            
            $iv_Data[1] = DllStructGetData($v_Buffer, 1)
            
        ElseIf $i = 0 Then
            DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
            If @error Then
                SetError(7)
                Return 0
            EndIf
            
            $iv_Data[1] = DllStructGetData($v_Buffer, 1)
            
        Else
            $iv_Address = '0x' & Hex($iv_Data[1] + $av_Offset[$i])
            DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
            If @error Then
                SetError(7)
                Return 0
            EndIf
            
            $iv_Data[1] = DllStructGetData($v_Buffer, 1)
            
        EndIf
        
    Next
    
    $iv_Data[0] = $iv_Address
    
    Return $iv_Data

EndFunc   ;==>_MemoryPointerRead


;===================================================================================================
; Function........:  _MemoryGetBaseAddress($ah_Handle, $iHD)
;
; Description.....:  Reads the 'Allocation Base' from the open process.
;
; Parameter(s)....:  $ah_Handle - An array containing the Dll handle and the handle of the open
;                                 process as returned by _MemoryOpen().
;                    $iHD - Return type:
;                       |0 = Hex (Default)
;                       |1 = Dec
;
; Requirement(s)..:  A valid process ID.
;
; Return Value(s).:  On Success - Returns the 'allocation Base' address and sets @Error to 0.
;                    On Failure - Returns 0 and sets @Error to:
;                       |1 = Invalid $ah_Handle.
;                       |2 = Failed to find correct allocation address.
;                       |3 = Failed to read from the specified process.
;
; Author(s).......:  Nomad. Szhlopp.
; URL.............:  http://www.autoitscript.com/forum/index.php?showtopic=78834
; Note(s).........:  Go to Www.CheatEngine.org for the latest version of CheatEngine.
;===================================================================================================
Func _MemoryGetBaseAddress($ah_Handle, $iHexDec = 0, $iv_Address = 0x00100000)
    
    Local $v_Buffer = DllStructCreate('dword;dword;dword;dword;dword;dword;dword')
    Local $vData
    Local $vType
    
    If Not IsArray($ah_Handle) Then
        SetError(1)
        Return 0
    EndIf
    

    DllCall($ah_Handle[0], 'int', 'VirtualQueryEx', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer))
    
    If Not @Error Then
        
        $vData = Hex(DllStructGetData($v_Buffer, 2))
        $vType = Hex(DllStructGetData($v_Buffer, 3))
        
        While $vType <> "00000080"
            DllCall($ah_Handle[0], 'int', 'VirtualQueryEx', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer))
            $vData = Hex(DllStructGetData($v_Buffer, 2))
            $vType = Hex(DllStructGetData($v_Buffer, 3))
            If Hex($iv_Address) = "90000000" Then ExitLoop
            $iv_Address += 65536
            
        WEnd

        If $vType = "00000080" Then
            SetError(0)
            If $iHexDec = 1 Then
                Return Dec($vData)
            Else
                Return $vData
            EndIf
            
        Else
            SetError(2)
            Return 0
        EndIf
        
    Else
        SetError(3)
        Return 0
    EndIf
    
EndFunc   ;==>_MemoryGetBaseAddress


Func _MemoryModuleGetBaseAddress($iPID, $sModule)
    If Not ProcessExists($iPID) Then Return SetError(1, 0, 0)
    
    If Not IsString($sModule) Then Return SetError(2, 0, 0)
    
    Local   $PSAPI = DllOpen("psapi.dll")
    
    ;Get Process Handle
    Local   $hProcess
    Local   $PERMISSION = BitOR(0x0002, 0x0400, 0x0008, 0x0010, 0x0020) ; CREATE_THREAD, QUERY_INFORMATION, VM_OPERATION, VM_READ, VM_WRITE
    
    If $iPID > 0 Then
        Local $hProcess = DllCall("kernel32.dll", "ptr", "OpenProcess", "dword", $PERMISSION, "int", 0, "dword", $iPID)
        If $hProcess[0] Then
            $hProcess = $hProcess[0]
        EndIf
    EndIf
    
    ;EnumProcessModules
    Local   $Modules = DllStructCreate("ptr[1024]")
    Local   $aCall = DllCall($PSAPI, "int", "EnumProcessModules", "ptr", $hProcess, "ptr", DllStructGetPtr($Modules), "dword", DllStructGetSize($Modules), "dword*", 0)
    If $aCall[4] > 0 Then
        Local   $iModnum = $aCall[4] / 4
        Local   $aTemp
        For $i = 1 To $iModnum
            $aTemp =  DllCall($PSAPI, "dword", "GetModuleBaseNameW", "ptr", $hProcess, "ptr", Ptr(DllStructGetData($Modules, 1, $i)), "wstr", "", "dword", 260)
            If $aTemp[3] = $sModule Then
                DllClose($PSAPI)
                Return Ptr(DllStructGetData($Modules, 1, $i))
            EndIf
        Next
    EndIf
    
    DllClose($PSAPI)
    Return SetError(-1, 0, 0)
    
EndFunc
Edited by Szhlopp

Share this post


Link to post
Share on other sites



nice ..

may come in handy..

thanks

Share this post


Link to post
Share on other sites

dosnt work get error line 20

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

dosnt work get error line 20

Bah when I edited the post I forgot to put #include <Array.au3> back in the code. Doing so now...

Edited by Szhlopp

Share this post


Link to post
Share on other sites

now error line 31

Share this post


Link to post
Share on other sites

Holy macaroni! Thanks a lot for this script, it was immensely useful! At first I was a bit confused about how to use it, as once I ran the script nothing seemed to happen. But then I realized it copies code so you can paste it and use it as a function. Very useful indeed for people who want to design scripts that do stuff based on game memory.

If I bump into memory related problems later, could I possibly contact you?

Share this post


Link to post
Share on other sites

ok this works but it dont copy the address is it ment to?

Share this post


Link to post
Share on other sites

oh it dont work with pointers to a static address?

Share this post


Link to post
Share on other sites

Holy macaroni! Thanks a lot for this script, it was immensely useful! At first I was a bit confused about how to use it, as once I ran the script nothing seemed to happen. But then I realized it copies code so you can paste it and use it as a function. Very useful indeed for people who want to design scripts that do stuff based on game memory.

If I bump into memory related problems later, could I possibly contact you?

Welcome >_<

Yeah sure, feel free to contact me anytime. It sometimes takes me a few days to get back though :(

Share this post


Link to post
Share on other sites

It works perfectly well on Win XP, but I was wondering why I can't get the correct value using Vista? My CE that's running on Vista shows the right value, but once I use your script with the CE values it ends up returning an incorrect value.

Share this post


Link to post
Share on other sites

this actually is not working for me. followed instructions to the T. is it old?

Share this post


Link to post
Share on other sites

zEwt,

You have already had a topic locked for asking about memory reads for an aimbot and here you are necroing a thread about a similar thing. :)

Did you read the Forum Rules to which I linked you? ;)

We are serious about enforcing them. You are not making a good impression so far - please do not continue along the same path in your future posts here. :D

M23


Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind._______My UDFs:

Spoiler

ArrayMultiColSort ---- Sort arrays on multiple columns
ChooseFileFolder ---- Single and multiple selections from specified path treeview listing
Date_Time_Convert -- Easily convert date/time formats, including the language used
ExtMsgBox --------- A highly customisable replacement for MsgBox
GUIExtender -------- Extend and retract multiple sections within a GUI
GUIFrame ---------- Subdivide GUIs into many adjustable frames
GUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView items
GUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeView
Marquee ----------- Scrolling tickertape GUIs
NoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxes
Notify ------------- Small notifications on the edge of the display
Scrollbars ----------Automatically sized scrollbars with a single command
StringSize ---------- Automatically size controls to fit text
Toast -------------- Small GUIs which pop out of the notification area

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0