Jump to content

Recommended Posts

Posted (edited)

this is old code :)

see the new one in my signature.

well after make'ing those ftp functions i decided to pick up my old memory read func's

they didnt work at that time. but now they do,

since the FTP functions gave me a much clearer understanding of DllCall.

ty ejoc for DLL struct

ty CodeProject for the example

ty Microsoft (eww) for making winmine.exe that helped me throug testing.

next up is Writing (shouldt be that hard)

[edit] done. new file attached. [/edit]

Mem.au3

Edited by w0uter

My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll

  • Replies 44
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted

well after make'ing those ftp functions i decided to pick up my old memory read func's

they didnt work at that time. but now they do,

since the FTP functions gave me a much clearer understanding of DllCall.

ty ejoc for DLL struct

ty CodeProject for the example

ty Microsoft (eww) for making winmine.exe that helped me throug testing.

next up is Writing (shouldt be that hard)

<{POST_SNAPBACK}>

Cool. Can't wait till the writing funcs are done.

Nice Job.

Going to try them now.

HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code.
Posted

Nice, but I already wrote all my stuff with Outshynd's. Might rewrite it all so I don't have to use the external dll. Thanks :)

  • 2 weeks later...
Posted

well after make'ing those ftp functions i decided to pick up my old memory read func's

they didnt work at that time. but now they do,

since the FTP functions gave me a much clearer understanding of DllCall.

ty ejoc for DLL struct

ty CodeProject for the example

ty Microsoft (eww) for making winmine.exe that helped me throug testing.

next up is Writing (shouldt be that hard)

[edit] done. new file attached. [/edit]

<{POST_SNAPBACK}>

I see the writing is complete. Good job. :)

No more using dlls that have to be fileinstalled to read and write memory.

HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code.
  • 2 months later...
Posted (edited)

i love u man

in my pov this is the only thing left to do in autoit

writing to memory address and reading

thats all i really needed

can u give me some info about the function

what variables should i give the functions and what will the functions return?

Edited by rtk217
Posted

ok u must help either something is wrong with my code or something in urs

$pid = WinGetProcess($title)

msgbox(0,"",$pid) ; check, until here i get the real working pid

local $memh = _MemOpen (0x0010 , false , $pid)

local $v_life = _MemRead($memh, 0x80D96C, 4)

msgbox(0,"",$v_life) ; here i get value -40 when i should get 167909048

local $m_life = $v_life + 1184

$m_life = hex($m_life,8)

msgbox(0,"",$m_life) ; here i get zero!

$v_life = _MemRead($memh, $m_life, 4)

$v_life = Dec($v_life)

u see

the program is using DMA

meanning i need to use the pointer, get the value from the pointer, the value is Dec, convert the value to hex, add to the hex 4A0/1184, and check the value in the address i got.

can u help me???

pointer address: 80D96c

value: 167909048

Add: 4A0

get: A021B58

Posted (edited)

ok u must help either something is wrong with my code or something in urs

u see

the program is using DMA

meanning i need to use the pointer, get the value from the pointer, the value is Dec, convert the value to hex, add to the hex 4A0/1184, and check the value in the address i got.

can u help me???

pointer address: 80D96c

value: 167909048

Add: 4A0

get: A021B58

you are supposed to add the offset to the pointer address, not what the pointer returns. So the address where life is stored should be at..

$life = 0x80D96C + 0x4A0
$pid = WinGetProcess($title)
$memh = _MemOpen (0x0010 , false , $pid)
$v_life = _MemRead($memh, $life, 4)
msgbox(0,"",$v_life)

That should work, if it doesn't then your offset and/or pointer is wrong.

Edited by Knight
Posted (edited)

dude all the values that i wrote are right

the life was stored at: A021B58

and the offset is 4a0

found the address with tsearch

then did autohack

i found ecx+4a0

so i did A021B58-4A0

then i convert it to decimal

and searched a memory address with that value

what i got was 80D96c

so i natulraly assume that this is the pointer.

im talking about DMA method for memory address

Edited by rtk217
Posted

ok now help me

the pointer is 6F8B6379

+

offset 668 (not hexdecimal)

then i get this address

6F8B6615

i know the value of my HP is on 0100579C

but when i read 6F8B6615 i get value 0

so how do i get from the offset and the pointer to the address i want

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...