SwieTy Posted February 16, 2008 Posted February 16, 2008 Heya. I got question about reading from memory. I am trying to make simple app that will read HP from a game and MsgBox me with it. I should rather say read a value from a specifided adress. Adress is const, always the same (so no pointer needed?). It is Little Fighter 2. Adress of that value is 01C7F964. What func I should use WinApi or from maybe any other, like NomadMemory. I spend like 2-3 hours, and still cant find proper one. I was earching forum too, but no simple scripts, which from I can learn. As You know there aint much turtorials about IT, and memory reading for me is a lil hard. For getting adress i was getting cheat engine. Maybe someone can wrote simple script simmilar to mine so I can see how the script should looks like. Thanks, Bye.
SwieTy Posted February 16, 2008 Author Posted February 16, 2008 #include <nomadmemory.au3> MsgBox(0,"HP", "HP " & CurrentHP()) Func CurrentHP() $ID=_MemoryOpen(1100) $Address=0x01C7F968 $CurrentHP=_MemoryRead($Address,$ID) EndFunc Got smt like that. But there is another problem. The script is showing 0 HP each time. Adress is proper 100%. Any ideas, please.
FreeFry Posted February 16, 2008 Posted February 16, 2008 (edited) There's UDF's to handle reading/writing memory that are included with autoit(no need to download anything). This is an example I newly wrote as an example for a friend(reads the value of the calculator app): #Include <WinAPI.au3> If Not ProcessExists("calc.exe") Then Exit ; exit if calculator is not running Dim $procHwnd = _WinAPI_OpenProcess($PROCESS_ALL_ACCESS, False, ProcessExists("calc.exe")); get access to read/write/anything the process memory If Not $procHwnd Then _Exit("Error while getting process handle!") ; if we didn't get a valid 'access' handle then exit Dim $pBuffer = DllStructCreate("byte[256]"), $iRead = 0; create our structure(I assume we won't need to read more than 256 bytes), and iRead which specifies how many bytes where really read. _WinAPI_ReadProcessMemory($procHwnd, 0x01014dd4, DllStructGetPtr($pBuffer), 256, $iRead) ; here we read the memory If Not $iRead Then _Exit("Error while reading data!"); exit if no data was read MsgBox(0, "Data Read:", _UnicodeToStr(DllStructGetData($pBuffer, 1))) ; convert the unicode text(as it turned out to be stored as) to normal text and display it Func _UnicodeToStr($b_Unicode) Local $a_Tmp = StringSplit(StringTrimLeft($b_Unicode, 2), "00", 1), $s_Str For $i = 1 To $a_Tmp[0] $s_Str &= Chr(Dec($a_Tmp[$i])) Next Return $s_Str EndFunc Func _Exit($s_Msg) MsgBox(0, "Error", $s_Msg) Exit EndFunc Just run the calculator app, and type something in it, then run the script. It should work(as the address seems to be the same on different languages, etc.). In any case, the principle for reading(and also writing) is basically the same. Edited February 16, 2008 by FreeFry
SwieTy Posted February 16, 2008 Author Posted February 16, 2008 I tried it with "Little Fighter 2" game and I was getting clear MsgBox each time. Can it be because of wrong adress? I am almost 100 % sure that adress is correct.
FreeFry Posted February 17, 2008 Posted February 17, 2008 I'm not sure if you got it correct but, the example I posted is specifically made for the calculator, you can't just change the address and hope it'll work. The _UnicodeToStr function needs to be removed(unless it's unicode you're reading).
Oldschool Posted February 26, 2008 Posted February 26, 2008 @'FreeFry' Very nice example... What are you using to memory search if you don't mind me asking?
Oldschool Posted March 18, 2008 Posted March 18, 2008 @FreeFry Check this.... #Include <WinAPI.au3> If Not ProcessExists("calc.exe") Then Exit ; exit if calculator is not running Dim $procHwnd = _WinAPI_OpenProcess($PROCESS_ALL_ACCESS, False, ProcessExists("calc.exe")) If Not $procHwnd Then _Exit("Error while getting process handle!") Dim $pBuffer = DllStructCreate("byte[256]"), $iRead = 0 _WinAPI_ReadProcessMemory($procHwnd, 0x01014dd4, DllStructGetPtr($pBuffer), 256, $iRead) If Not $iRead Then _Exit("Error while reading data!") ; convert the unicode text(as it turned out to be stored as) to normal text and display it MsgBox(0, "Data Read", BinaryToString(Binary(DllStructGetData($pBuffer, 1)), 2)) Func _Exit($s_Msg) MsgBox(0, "Error", $s_Msg) Exit EndFunc
FreeFry Posted March 21, 2008 Posted March 21, 2008 (edited) I usually use CheatEngine to search, but sometimes it doesn't find some addresses(rarely), so I use ArtMoney(not free though), as it has a more extensive search feature, but it doesn't have any of the debugger features that CheatEngine does. Also, nice find about the BinaryToString(Binary) solution, didn't think of that it removes the null chars from the string. Edited March 21, 2008 by FreeFry
FaridAgl Posted August 17, 2011 Posted August 17, 2011 why it doesn't work for me? an error say: $PROCESS_ALL_ACCESS is not declared. http://faridaghili.ir
Developers Jos Posted August 17, 2011 Developers Posted August 17, 2011 Please read our forum rules ... *click* SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past.
Recommended Posts