Jump to content

Recommended Posts

Posted (edited)

hmm, so if you want to write double, it would be

$double = DllStructCreate('double') 
DllStructSetData($double,1,0xVALUE)
_MemWrite($pid,0xADDRESS,$double)

?

Edited by NegativeNrG

[size=20]My File Upload[/size]Register at my site and upload.

Posted

ASCII To Decimal Conversion And Back Again

(As seen in SciTE with default colours PS some one should make a script for this would be handy for posting code on forums :) )

#include <string.au3>

$Process = "egprocess.exe"

$Pid = ProcessExists($Process)

$h_open = _MemOpen($pid)

$ASCII = _MemRead($h_open, 0x77D67807,0)

;~ ASCII To Decimal

$ASCII = "*/"

$Temp = _StringReverse($ASCII)

$Temp = _StringToHex($Temp)

$dec = Dec($Temp)

MsgBox(0, "ASCII To Decimal", "ASCII: " & $ASCII & @LF & "Hex: " & $Temp & @LF & "Decimal: " & $dec)

;~ Decimal To ASCII

$dec = 12074

$Hex = Hex($dec,8)

$Temp = _HexToString($Hex)

$ASCII = _StringReverse($Temp)

MsgBox(0, "Decimal To ASCII", "Decimal: " & $dec & @LF & "Hex: " & $Hex & @LF & "ASCII: " & $ASCII)

_________________________________________________________________________________________________

@Analritter

No problems and Cheers NOTE: Your code is too far advanced compared to my level of AutoIt at the moment. But i am in to memory editing with other programs and botting with AutoIt so i would love to have them both rolled into the one program (i sorta understand memory editing and Cheat Engine 5.2 makes it easy)

@w0uter

Would you be able to look into getting the "_MemWrite" Working as this would be a very useful feature. The only feature that i can really use these for at the moment is just like a stats program on the application but no real editing of these values

Thanks!! I didn't realize the output was in ASCII and needed converted. :(

Posted (edited)

well i think u need also float values to write a teleport-hack...

i would like to see more types of values and not only byte if that would be possible :(

hmm, so if you want to write double, it would be

$double = DllStructCreate('double') 
DllStructSetData($double,1,0xVALUE)
_MemWrite($pid,0xADDRESS,$double)

?

After looking further into this I modified some of w0uter's functions and now you can use different data types with it. The types were gotten from the AutoIt help file for DllStructCreate(). Append this to w0uter's code to run the example:

Global Const $MEM_STRING = ''
Global Const $MEM_BYTE = 'byte'     ; 1
Global Const $MEM_UBYTE = 'ubyte'   ; 1
Global Const $MEM_CHAR = 'char'     ; 1
Global Const $MEM_SHORT = 'short'   ; 2
Global Const $MEM_USHORT = 'ushort' ; 2
Global Const $MEM_INT = 'int'       ; 4
Global Const $MEM_UINT = 'uint'     ; 4
Global Const $MEM_DWORD = 'dword'   ; 4
Global Const $MEM_UDWORD = 'udword' ; 4
Global Const $MEM_PTR = 'ptr'       ; 4
Global Const $MEM_FLOAT = 'float'   ; 4
Global Const $MEM_DOUBLE = 'double' ; 8
Global Const $MEM_INT64 = 'int64'   ; 8
Global Const $MEM_UINT64 = 'uint64' ; 8



Func _MemReadType( $ah_Mem, $i_Address, $s_Type = '' )
    If $s_Type = $MEM_STRING Then
        Local $v_Return = ''
        Local $v_Struct = DllStructCreate('byte[1]')
        Local $v_Ret
        While 1
            DllCall($ah_Mem[0], 'int', 'ReadProcessMemory', 'int', $ah_Mem[1], 'int', $i_Address, 'ptr', DllStructGetPtr($v_Struct), 'int', 1, 'int', '')
            $v_Ret = DllStructGetData($v_Struct, 1)
            If $v_Ret = 0 Then ExitLoop
            $v_Return &= Chr($v_Ret)
            $i_Address += 1
        WEnd
    Else
        Local $v_Struct = DllStructCreate($s_Type)
        DllCall($ah_Mem[0], 'int', 'ReadProcessMemory', 'int', $ah_Mem[1], 'int', $i_Address, 'ptr', DllStructGetPtr($v_Struct), 'int', _SizeOf($s_Type), 'int', '')
        Local $v_Return = DllStructGetData($v_Struct, 1, 1)
    EndIf
    Return $v_Return
EndFunc  ;==>_MemReadType

Func _MemCreateType( $v_Data, $s_Type = '' )
    If $s_Type = $MEM_STRING Then
        $v_Data = StringSplit($v_Data, '')
        Local $v_Struct = DllStructCreate('byte[' & $v_Data[0] + 1 & ']')
        For $i = 1 To $v_Data[0]
            DllStructSetData($v_Struct, 1, Asc($v_Data[$i]), $i)
        Next
    Else
        Local $v_Struct = DllStructCreate($s_Type)
        DllStructSetData($v_Struct, 1, $v_Data, 1)
    EndIf
    Return $v_Struct
EndFunc  ;==>_MemCreateType

Func _SizeOf( $s_Type )
    Local $v_Struct = DllStructCreate($s_Type), $i_Size = DllStructGetSize($v_Struct)
    $v_Struct = 0
    Return $i_Size
EndFunc  ;==>_SizeOf



$i_Open = _MemOpen(@AutoItPID)
$i_Addr = _MemAlloc($i_Open, _SizeOf($MEM_FLOAT))
_MemWrite($i_Open, $i_Addr, _MemCreateType(-0.12345678912345, $MEM_FLOAT))
MsgBox(0, 'Address: 0x' & $i_Addr, _MemReadType($i_Open, $i_Addr, $MEM_FLOAT))
_MemFree($i_Open, $i_Addr)
_MemClose($i_Open)

The only problem with this is that in the example there are junk numbers on the end of the float. W0uter, do you have any insight on this? :)

Edited by erifash
Posted (edited)

I have updated the code above, as parts of it were confusing and unnecessary. I have no clue what the problem might be. Any ideas? :)

Edited by erifash
  • 2 weeks later...
Posted

i'm kinda new to this udf, so i'm gonna give it a try, but it seems it aint working for me

i know the adress is correct, since Tsearch and cheat engine both give the needed float.

but when i try it with autoit, it returns nothing.

$PID = ProcessExists ( "rbo_ex2.exe" )
$rboMEM = _MemOpen($PID)
ConsoleWrite("memopen"&@CR)
$test = _MemRead($rboMEM,0x00BD3B6F)
ConsoleWrite($test&@CR)
*If u thought life couldn't get worse, u meet me *<guy> What would you give my little sister to unzip ?<friend> 10 bucks<guy> No, i mean like Winzip...
Posted (edited)

so it should be

_MemRead($rboMEM,0x00BD3B6F,????)

but howmuch bytes is a float ?

i just tryed 4 bytes, and the msg box is just empty

Edited by zeroZshadow
*If u thought life couldn't get worse, u meet me *<guy> What would you give my little sister to unzip ?<friend> 10 bucks<guy> No, i mean like Winzip...
Posted

tryed both now, still NO value returned -.-

i did check if the pid was correct

and if it passed every step

i used:

$PID = ProcessExists ( "rbo_ex2.exe" )
if $PID = 0 Then
    MsgBox(0,"error","could not open file")
    Exit
EndIf
$rboMEM = _MemOpen($PID)
ConsoleWrite("memopen"&@CR)
$test = _MemRead($rboMEM,0x00BD3B6F,8)
MsgBox(0,"debug",$test)
*If u thought life couldn't get worse, u meet me *<guy> What would you give my little sister to unzip ?<friend> 10 bucks<guy> No, i mean like Winzip...
Posted (edited)

ya u should -.- make a nice description per function xD

oke i just tested it

$test[0] gives 0

$test[1] gives (if 8 bytes) -73 (if 4 bytes) 44

but it SHOULD be 6.38543684223533E-41

strange he -.-

Edited by zeroZshadow
*If u thought life couldn't get worse, u meet me *<guy> What would you give my little sister to unzip ?<friend> 10 bucks<guy> No, i mean like Winzip...
Posted

in the memread function i see this line

Local $v_Struct = DllStructCreate('byte[1]')

doesn't that have tobe a float if i want to read a float ?

since till now, floats aint read correctly

*If u thought life couldn't get worse, u meet me *<guy> What would you give my little sister to unzip ?<friend> 10 bucks<guy> No, i mean like Winzip...
Posted

I have been fooling around with the idea of a simple memory editor in AutoIt. It uses some of my modified memory functions but it doesn't exactly work. I know that I might not be using these in the correct way and I'm really not all that experienced with the memory functions. Could someone throw any ideas or suggestions my way as to what might the problem be? :D The code is attached.

Memory_GUI.au3

Posted

in the memread function i see this line

Local $v_Struct = DllStructCreate('byte[1]')

doesn't that have tobe a float if i want to read a float ?

since till now, floats aint read correctly

i dont think this functions can read/write floats..
Posted

really ?? that would suck big time

*If u thought life couldn't get worse, u meet me *<guy> What would you give my little sister to unzip ?<friend> 10 bucks<guy> No, i mean like Winzip...
Posted

really ?? that would suck big time

it would but dont be sure that its not possible with this functions ask the coder who did that he might know what it is possible and what not
Posted

wadda ya mean with, modify the call ?

*If u thought life couldn't get worse, u meet me *<guy> What would you give my little sister to unzip ?<friend> 10 bucks<guy> No, i mean like Winzip...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...