10 replies to this topic

[HaHaItsJake]

So, I learned how to do a AOB scan via Cheat Engine to find the changing address.
 

[ENABLE]

aobscan(player, 00 00 00 00 00 ?? 34 00 04 00 00 00 ?? ?? ?? ?? ?? ?? ?? 41 06 01 78 42 ?? ?? ?? 41 ?? ?? ?? ?? 01 00 00 00 01 ?? 34 00 04 00 00 00 ?? ?? ?? ?? 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 3F)

label(_player)

registersymbol(_player)

 

player:

_player:

 

[DISABLE]

unregistersymbol(_player)

 

Address set: _player+10 and _player+18

 

It finds the characters Pos (X/Y). 

 

I was wondering, how would I go about coding something like this in AHK? 

 

I know how to read/write to pointers with AHK, but this scan is all new to me. I'm pretty sure; 

mem.processPatternScan() is involved? I've look into other post about pattern scan and came with some pre-made script. Editing them to my needs has failed and pretty sure I've not even come close to figuring it out. lol

 

Any help would be awesome. 
HaHaItsJake

[RHCP]

Post what you tried i.e. with mem.processPatternScan() 

[HaHaItsJake]

Post what you tried i.e. with mem.processPatternScan() 

#include <classMemory>

WinGet, PID, PID, Chara1

mem := new memory(ahk_pid PID)

address := mem.processPatternScan( ,, 0x00, 0x00, 0x00, 0x00, 0x00, 0x??, 0x34, 0x00, 0x04, 0x00, 0x00, 0x00, 0x??, 0x??, 0x??, 0x??, 0x??, 0x??, 0x??, 0x41, 0x06, 0x01, 0x??, 0x42, 0x??, 0x??, 0x??, 0x41, 0x??, 0x??, 0x??, 0x??, 0x01, 0x00, 0x00, 0x00, 0x01, 0x??, 0x34, 0x00, 0x04, 0x00, 0x00, 0x00, 0x??, 0x??, 0x??, 0x??, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x3f)
if address > 0
{
    msgbox % "Found Pattern at: " address
        . "`nActual Pattern at: " &myTestVar
}
else msgbox Pattern not found or error: %address%
return 

I'm 99% Sure idfk what I'm doing. Idk about the wildcard, using 0x?? either. 

EDIT: Found your post http://autohotkey.co...a-of-byte-scan/
Looking more into it now, I'm sure that will solve my problem, just going to be a lot of trying to understand what is going on.

[RHCP]

Best Answer

#include <classMemory>

if (_ClassMemory.__Class != "_ClassMemory")
{
    msgbox class memory not correctly installed. 
    ExitApp
}

WinGet, PID, PID, Chara1

mem := new _ClassMemory("ahk_pid " PID, "", hProcess) ; note tha quotes and space around AHK_Pid

if !IsObject(mem)
{
    if (hProcess = "")
        msgbox OpenProcess failed. If the target process has admin rights, then the script also needs to be ran as admin. Consult A_LastError for more information.
    else msgbox The program isn't running (not found) or you passed an incorrect program identifier parameter.
    ExitApp
}

; I just put the pattern in an array so that it's a bit neater with 2 function calls
aPattern := [0x00, 0x00, 0x00, 0x00, 0x00, "?", 0x34, 0x00, 0x04, 0x00, 0x00, 0x00, "?", "?", "?", "?", "?", "?", "?", 0x41, 0x06, 0x01, "?", 0x42, "?", "?", "?", 0x41, "?", "?", "?", "?", 0x01, 0x00, 0x00, 0x00, 0x01, "?", 0x34, 0x00, 0x04, 0x00, 0x00, 0x00, "?", "?", "?", "?", 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x3f]
address := mem.processPatternScan(,, aPattern*)
if address > 0
    msgbox % "Found Pattern at: " address
else msgbox Pattern not found or error: %address%

address := mem.modulePatternScan(, aPattern*) ; assume its in the main process module. This will probably be quicker.
if address > 0
    msgbox % "Found Pattern at: " address
else msgbox Pattern not found or error: %address%


return 

Did you download the memory class from the git repo recently?

 

Try that. 

[HaHaItsJake]

Yes I did.

Hmmm, 

Getting the Error: 
"OpenProcess failed. If the target process has admin rights, then the script also needs to be ran as admin. Consult A_LastError for more information."

 

Game is not in Admin, so I put it in Admin along with the script same error. 

[RHCP]

I see what I did wrong. Copied your code which was using the old class name. 

 

Try

mem := new _ClassMemory("ahk_pid " PID, "", hProcess)

Or 

mem := new _ClassMemory("Chara1 ", "", hProcess, "1")

[HaHaItsJake]

 

I see what I did wrong. Copied your code which was using the old class name. 

 

Try

mem := new _ClassMemory("ahk_pid " PID, "", hProcess)

 

That one worked! Looking over the code now, I understand it other than the mem := new _ClassMemory("ahk_pid " PID, "", hProcess) and if !IsObject(mem) function. I thought it was going to be 100+ lines. Holy crap, I'm so mind blown right now. I can now incorporate this into other scripts I have done. This is why I love programming. Thanks so much RHCP!

 

address := mem.processPatternScan(,, aPattern*)

AddressX := Address + 16

AddressY := Address + 24

if address > 0

    msgbox % "Found Pattern at: " AddressX "and" AddressY

else msgbox Pattern not found or error: %address%

Perfect pointers, even on reboot and different PC. 
 

[RHCP]

Awesome! Memory reading takes AHK scripting to another level, and OAB scans are a god send.

 

 

 

I thought it was going to be 100+ lines

 

There probably are 100+ lines inside the class doing all the work  

It utilises a machine code function to perform the comparison, hence why it's so fast - at least for an AHK AOB scanner.

 

Cheers.

[HaHaItsJake]

Yes, I agree. 

 

Do you by chance have any insight to - 

When searching for the AOB when multiple of the same program with the same AOB pattern - it seems to cross over to the other program both in CE and AHK. 

[RHCP]

When searching for the AOB when multiple of the same program with the same AOB pattern - it seems to cross over to the other program both in CE and AHK. 

 

I'm not exactly sure what you mean.

 

Is it a standalone game? Or is it running via flash or emulator? 

[HaHaItsJake]

I'm not exactly sure what you mean.

 

Is it a standalone game? Or is it running via flash or emulator? 

 

It's a standalone, I believe I figured it out why - Picking up the other characters X/Z poses also. Guess the AOB going to be a lot longer. Lol