Jump to content

Recommended Posts

Posted

Heya.

I got question about reading from memory. I am trying to make simple app that will read HP from a game and MsgBox me with it. I should rather say read a value from a specifided adress. Adress is const, always the same (so no pointer needed?). It is Little Fighter 2. Adress of that value is 01C7F964. What func I should use WinApi or from maybe any other, like NomadMemory. I spend like 2-3 hours, and still cant find proper one. I was earching forum too, but no simple scripts, which from I can learn. As You know there aint much turtorials about IT, and memory reading for me is a lil hard. For getting adress i was getting cheat engine. Maybe someone can wrote simple script simmilar to mine so I can see how the script should looks like. Thanks, Bye.

Posted

#include <nomadmemory.au3>
MsgBox(0,"HP", "HP " & CurrentHP())
Func CurrentHP()
$ID=_MemoryOpen(1100)
$Address=0x01C7F968
$CurrentHP=_MemoryRead($Address,$ID)
EndFunc

Got smt like that. But there is another problem. The script is showing 0 HP each time. Adress is proper 100%. Any ideas, please.

Posted (edited)

There's UDF's to handle reading/writing memory that are included with autoit(no need to download anything).

This is an example I newly wrote as an example for a friend(reads the value of the calculator app):

#Include <WinAPI.au3>

If Not ProcessExists("calc.exe") Then Exit ; exit if calculator is not running

Dim $procHwnd = _WinAPI_OpenProcess($PROCESS_ALL_ACCESS, False, ProcessExists("calc.exe")); get access to read/write/anything the process memory
If Not $procHwnd Then _Exit("Error while getting process handle!") ; if we didn't get a valid 'access' handle then exit

Dim $pBuffer = DllStructCreate("byte[256]"), $iRead = 0; create our structure(I assume we won't need to read more than 256 bytes), and iRead which specifies how many bytes where really read.

_WinAPI_ReadProcessMemory($procHwnd, 0x01014dd4, DllStructGetPtr($pBuffer), 256, $iRead) ; here we read the memory
If Not $iRead Then _Exit("Error while reading data!"); exit if no data was read

MsgBox(0, "Data Read:", _UnicodeToStr(DllStructGetData($pBuffer, 1))) ; convert the unicode text(as it turned out to be stored as) to normal text and display it



Func _UnicodeToStr($b_Unicode)
    
    Local $a_Tmp = StringSplit(StringTrimLeft($b_Unicode, 2), "00", 1), $s_Str
    
    For $i = 1 To $a_Tmp[0]
        
        $s_Str &= Chr(Dec($a_Tmp[$i]))
        
    Next
    
    Return $s_Str
    
EndFunc

Func _Exit($s_Msg)
    
    MsgBox(0, "Error", $s_Msg)
    Exit
    
EndFunc

Just run the calculator app, and type something in it, then run the script. It should work(as the address seems to be the same on different languages, etc.). In any case, the principle for reading(and also writing) is basically the same.

Edited by FreeFry
Posted

I tried it with "Little Fighter 2" game and I was getting clear MsgBox each time. Can it be because of wrong adress? I am almost 100 % sure that adress is correct.

Posted

I'm not sure if you got it correct but, the example I posted is specifically made for the calculator, you can't just change the address and hope it'll work. The _UnicodeToStr function needs to be removed(unless it's unicode you're reading).

  • 2 weeks later...
  • 3 weeks later...
Posted

@FreeFry

Check this....

#Include <WinAPI.au3>

If Not ProcessExists("calc.exe") Then Exit ; exit if calculator is not running
Dim $procHwnd = _WinAPI_OpenProcess($PROCESS_ALL_ACCESS, False, ProcessExists("calc.exe"))
If Not $procHwnd Then _Exit("Error while getting process handle!")

Dim $pBuffer = DllStructCreate("byte[256]"), $iRead = 0

_WinAPI_ReadProcessMemory($procHwnd, 0x01014dd4, DllStructGetPtr($pBuffer), 256, $iRead)
If Not $iRead Then _Exit("Error while reading data!")
    
; convert the unicode text(as it turned out to be stored as) to normal text and display it
MsgBox(0, "Data Read", BinaryToString(Binary(DllStructGetData($pBuffer, 1)), 2)) 


Func _Exit($s_Msg)
   
    MsgBox(0, "Error", $s_Msg)
    Exit
   
EndFunc
Posted (edited)

I usually use CheatEngine to search, but sometimes it doesn't find some addresses(rarely), so I use ArtMoney(not free though), as it has a more extensive search feature, but it doesn't have any of the debugger features that CheatEngine does. :)

Also, nice find about the BinaryToString(Binary) solution, didn't think of that it removes the null chars from the string. :)

Edited by FreeFry
  • 3 years later...
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...