Jump to content

Sky Slate Blueberry Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate

ReadMemory function


  • Please log in to reply
109 replies to this topic
RaptorOne
  • Members
  • 43 posts
  • Last active: Apr 07 2012 08:44 PM
  • Joined: 07 Apr 2010
thanks for the guest who recommend me

porrasnick no you must use the normal writeProcessMemory
MapleStory.exe+004955C8
is that a real address??
can you use that without the MapleStory.exe+ ??????
if yes than:
WriteProcessMemory(your titel,004955C8,your value,0x384,8)


porrasnick
  • Members
  • 166 posts
  • Last active: Mar 09 2011 09:27 AM
  • Joined: 30 Jan 2010
MapleStory.exe+004955C8 just means TheBaseAddressofMapleStory.exe+004955C8

Is it possible to get the base address of a process with autohotkey?

Also, there are 5 offsets, just not the one of 384, and I want to read memory, not write to it.

MasterFocus
  • Moderators
  • 4323 posts
  • Last active: Jan 28 2016 01:38 AM
  • Joined: 08 Apr 2009
In Cheat Engine, try adding the address manually and enter "MapleStory.exe".
The resulting address (a number) will probably be visible in the addresses list.

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Antonio França -- git.io -- github.com -- ahk4.net -- sites.google.com -- ahkscript.org

Member of the AHK community since 08/Apr/2009. Moderator since mid-2012.


porrasnick
  • Members
  • 166 posts
  • Last active: Mar 09 2011 09:27 AM
  • Joined: 30 Jan 2010
Thanks a lot.

I feel really dumb now. I was under the impression that MapleStory was doing some crazy stuff and shifting their base address.

Nope, it's at 400000 just like everything else...

Now, what do I need to do? I figured I could just add it all up in the function, but PlatformID keeps returning a value of 0 that way.

Here's what I did(obviously incorrect)

PlatformID:=ReadMemory(0x00400000+0x004955C8+0x384+0x1C+0x24+0x1C+0x11C, "MapleStory")

What do I need to do?

MasterFocus
  • Moderators
  • 4323 posts
  • Last active: Jan 28 2016 01:38 AM
  • Joined: 08 Apr 2009
As I've already said, you have to "loop" it.
You can't just sum all offsets. This will give you only one incorrect offset.
Program := "MappleStory.exe"
Address := 0x00400000 ; base address
Offset := 0x004955C8 ; offset 1
Address := ReadMemory( Address+Offset , Program )
Offset := 0x384 ; offset 2
Address := ReadMemory( Address+Offset , Program )
Offset := 0x1C ; offset 3
Address := ReadMemory( Address+Offset , Program )
Offset := 0x24 ; offset 4
Address := ReadMemory( Address+Offset , Program )
Offset := 0x1C ; offset 5
Address := ReadMemory( Address+Offset , Program )
Offset := 0x11C ; offset 6
Final := ReadMemory( Address+Offset , Program )
MsgBox %Final% ; final result

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Antonio França -- git.io -- github.com -- ahk4.net -- sites.google.com -- ahkscript.org

Member of the AHK community since 08/Apr/2009. Moderator since mid-2012.


porrasnick
  • Members
  • 166 posts
  • Last active: Mar 09 2011 09:27 AM
  • Joined: 30 Jan 2010
Thank you very much!

my next question might not be related enough to be asked here, i'll take it to Ask for Help for now.

Damein
  • Members
  • 296 posts
  • Last active: Nov 17 2011 07:37 PM
  • Joined: 27 Aug 2009
Okay.. so I've read through this but I don't quite understand it.

Here is what I am trying to do:

Create an anti-hack program for a game I play.

Now, I know that these programs modify the memory of the game: This is the memory address that has been changed: 0041E280, so if I am trying to detect if that is true, how would I go about doing that?

schwenn001
  • Members
  • 7 posts
  • Last active: Aug 01 2010 10:42 PM
  • Joined: 17 Jul 2010
how does someone use this in autohotkey "ReadMemory" is it something that is already on autohotkey or do i have to add it to autohotkey and if so how would i do that? thanks.

Nelly
  • Guests
  • Last active:
  • Joined: --
How can i read floats out of the memory?

Dokujin
  • Guests
  • Last active:
  • Joined: --
ok...i have been working on an cheat-automation script for a game called UFO: Alien Invasion (UFO:AI)...

the script is about giving my campaing's starting-soldiers the max-skill in the 9 skills they have, as well as put 250 as theyr current and max HP...(11 "skills")

...well, going to the point, why this function "only read" numbers under 9?

i did a test, getting values wich variate from 7 to 12, and only the ones with a single digit show up in the "results" generated by the following code:

TSKILL1 = 0
TSKILL2 = 0
TSKILL3 = 0
TSKILL4 = 0
TSKILL5 = 0
TSKILL6 = 0
TSKILL7 = 0
TSKILL8 = 0
TSKILL9 = 0
TSKILL10 = 0
TSKILL11 = 0

Delete::
{
TSKILL1 := ReadMemory(0x181ea1e8,"UFO")
TSKILL2 := ReadMemory(0x181ea438,"UFO")
TSKILL3 := ReadMemory(0x181ea688,"UFO")
TSKILL4 := ReadMemory(0x181ea960,"UFO")
TSKILL5 := ReadMemory(0x181eac38,"UFO")
TSKILL6 := ReadMemory(0x181eaf10,"UFO")
TSKILL7 := ReadMemory(0x181eb1e8,"UFO")
TSKILL8 := ReadMemory(0x181eb4c0,"UFO")
TSKILL9 := ReadMemory(0x181eb798,"UFO")
TSKILL10 := ReadMemory(0x181eba70,"UFO")
TSKILL11 := ReadMemory(0x181ebd48,"UFO")
}
return

Insert::
{
ifwinactive, notepad
   {
   send, {%TSKILL1%}{enter}
   send, {%TSKILL2%}{enter}
   send, {%TSKILL3%}{enter}
   send, {%TSKILL4%}{enter}
   send, {%TSKILL5%}{enter}
   send, {%TSKILL6%}{enter}
   send, {%TSKILL7%}{enter}
   send, {%TSKILL8%}{enter}
   send, {%TSKILL9%}{enter}
   send, {%TSKILL10%}{enter}
   send, {%TSKILL11%}{enter}
   }
}
return

the result outputted to notepad:

9
                <<<---missing. showed a "10" in cheatengine.
7
9
8
9
                <<<---missing. showed a "11" in cheatengine.
                <<<---missing. showed a "12" in cheatengine.
                <<<---missing. showed a "10" in cheatengine.
7
                <<<---missing. showed a "10" in cheatengine.




how can i make it read//output values with more digits?

thx in advance,
Dokujin.[/code]

MasterFocus
  • Moderators
  • 4323 posts
  • Last active: Jan 28 2016 01:38 AM
  • Joined: 08 Apr 2009
send, [color=red]{[/color]%TSKILL1%[color=red]}[/color]{enter}
Don't use those brackets.
Also, MsgBox is better for checking results.

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Antonio França -- git.io -- github.com -- ahk4.net -- sites.google.com -- ahkscript.org

Member of the AHK community since 08/Apr/2009. Moderator since mid-2012.


evan
  • Members
  • 125 posts
  • Last active: Feb 25 2011 03:05 AM
  • Joined: 19 Feb 2009
for save purposes:
value:=ReadMemoryTxt(0x75ed388c,"Calc")
msgbox, % value 
return



ReadMemoryTxt(MADDRESS,PROGRAM)
{
winget, pid, PID, %PROGRAM%

VarSetCapacity(MVALUE,4,0)
ProcessHandle := DllCall("OpenProcess", "Int", 24, "Char", 0, "UInt", pid, "UInt")
DllCall("ReadProcessMemory","UInt",ProcessHandle,"UInt",MADDRESS,"Str",MVALUE,"UInt",4,"UInt *",0)

Loop 4
{
result += *(&MVALUE + A_Index-1) << 8*(A_Index-1)
}

SetFormat, IntegerFast, hex
result+=0

loop 4
{
pos:= 2* A_index +1
StringMid, text, result, %pos%, 2

convert := chr("0x" . text)
string = %convert%%string%
}

return string
}
the above function will return the 4 character text from the 4 byte number

GeekDude
  • Spam Officer
  • 391 posts
  • Last active: Oct 05 2015 08:13 PM
  • Joined: 23 Nov 2009
I'm sorry to bump an old topic, But how would I go about reading, or writing for that matter, a float? The function I am using is this:
ReadMemory(MADDRESS=0,PID=0,BYTES=4,WVALUE=-1)
{
	Static OLDPID, ProcessHandle
	VarSetCapacity(MVALUE,4,0)
	If PID != %OLDPID%
	{
		ProcessHandle := ( ProcessHandle ? 0*(closed:=DllCall("CloseHandle"
		,"UInt",ProcessHandle)) : 0 )+(pid ? DllCall("OpenProcess"
		,"Int",2035711,"Int",0,"UInt",pid) : 0)
	}
	IF WVALUE != -1
	{
		If (ProcessHandle) && DllCall("WriteProcessMemory", "UInt", ProcessHandle
		, "UInt", MADDRESS, "Uint*", WVALUE, "Uint", BYTES, "Uint *", 0)
			Return "Success"
		Return !ProcessHandle ? "Handle Closed: " closed : "Fail"
	}
	If (ProcessHandle) && DllCall("ReadProcessMemory","UInt"
	,ProcessHandle,"UInt",MADDRESS,"Str",MVALUE,"UInt",BYTES,"UInt",0)
		return *(&MVALUE+3)<<24 | *(&MVALUE+2)<<16 | *(&MVALUE+1)<<8 | *(&MVALUE)
	return !ProcessHandle ? "Handle Closed: " closed : "Fail"
}

Despite being called "read memory", It can write memory too. It also has the option of choosing the length of the value to read/write.

I searched online for the length of a float and a double, and I found respectively four, and eight. Please correct me If I am wrong. I Plugged these values in, but they Did not return anything but a lot of fail.

I saw that someone else was asking the same question But I did not see an answer. If there was an answer, can someone please point me too it? I'm sorry about posting if there was.

The current Code I am using is supposed to automate the cheat engine tutorial.

#NoEnv  ; Recommended for performance and compatibility with future AutoHotkey releases.
SendMode Input  ; Recommended for new scripts due to its superior speed and reliability.
SetWorkingDir %A_ScriptDir%  ; Ensures a consistent starting directory.

#Include ReadMem.ahk
#Persistent

File = C:\Program Files\Cheat Engine 6\Tutorial-i386.exe
Run, %File%,,, PID

WinWaitActive, Step 2

Address := 0x0057C310
Pointer := ReadMemory(Address, PID)
Offset  := 0x00000458
Address := Pointer + Offset

ReadMemory(Address, PID,, 1000)

WinWaitActive, Step 3

Address := 0x0057C320
Pointer := ReadMemory(Address, PID)
Offset  := 0x0000045C
Address := Pointer + Offset

ReadMemory(Address, PID,, 5000)

WinWaitActive, Step 4

Address := 0x000FEC30
Pointer := ReadMemory(Address, PID)
Offset  := 0x0000046C
Address := Pointer + Offset

ReadMemory(Address, PID, 4, 5000.0)

Address := 0x0057C340
Pointer := ReadMemory(Address, PID)
Offset  := 0x00000470
Address := Pointer + Offset

ReadMemory(Address, PID, 8, 5000.0)

Loop {
	Value := ReadMemory(Address, PID)
	Tooltip, %Value%
	If Value contains Fail,Handle Closed:
	{
		ReadMemory()
		ExitApp
	}
}
Return


GeekDude
  • Spam Officer
  • 391 posts
  • Last active: Oct 05 2015 08:13 PM
  • Joined: 23 Nov 2009
I did a MAJOR overhaul of my memory function, and I finally figured out how to read/write floats. I only figured out how to write doubles though...

Anyways, here is my code for anyone interested in it, or in helping me figure out how to read doubles.
Open  = 1
Close = 2
Read  = 3
Write = 4
Point = 5

File = C:\Program Files\Cheat Engine 6\Tutorial-i386.exe
Run, %File%,,, PID

Memory(Open, PID)

WinWaitActive, Step 2

Address := Memory(Point, 0x0057C310, 0x458)
Memory(Write, Address, 1000)

WinWaitActive, Step 3

Address := Memory(Point, 0x0057C320, 0x45C)
Memory(Write, Address, 5000)

WinWaitActive, Step 4

Address := Memory(Point, 0x0057C340, 0x46C)
Memory(Write, Address, FloatToHex(5000))
Address := Memory(Point, 0x0057C340, 0x470)
Memory(Write, Address, DoubleToHex(5000), 8)

Value := Memory(Read, Address, 8)
MsgBox, % "Value Read:     " Value "`nValue Written: " DoubleToHex(5000) ;%
Memory(Close)
ExitApp
Return

Memory(Type=3,Param1=0,Param2=0,Param3=0)
{
	Static ProcessHandle
	If Type = 1 ; Open a new handle.     Syntax: Memory(1, PID)
		ProcessHandle := DllCall("OpenProcess","Int",2035711,"Int", 0,"UInt",Param1)
	Else If Type = 2 ; Close the handle. Syntax: Memory(2)
		DllCall("CloseHandle","UInt",ProcessHandle)
	Else If Type = 3 ; Reading a value.  Syntax: Memory(3, Address [, Length])
	{
		Param2 := ((!Param2) ? 4 : Param2) ; If length is left out it defaults to 4
		VarSetCapacity(MVALUE,Param2,0)
		If (ProcessHandle) && DllCall("ReadProcessMemory","UInt"
		,ProcessHandle,"UInt",Param1,"Str",MVALUE,"UInt",Param2,"UInt",0)
		{
			Loop %Param2%
				Result += *(&MVALUE + A_Index-1) << 8*(A_Index-1)
			Return Result
		}
		Return !ProcessHandle ? "Handle Closed: " Closed : "Fail"
	}
	Else If Type = 4 ; Writing a Value.  Syntax: Memory(4, Address, Value [, Length])
	{
		Param3 := ((!Param3) ? 4 : Param3) ; If length is left out it defaults to 4
		If (ProcessHandle) && DllCall("WriteProcessMemory","UInt"
		,ProcessHandle,"UInt",Param1,"Uint*",Param2,"Uint",Param3,"Uint",0)
			Return "Success"
		Return !ProcessHandle ? "Handle Closed: " closed : "Fail"
	}
	Else If Type = 5 ; Pointing.         Syntax: Memory(5, Pointer, Offset)
	{
		Param1 := Memory(3, Param1)
		If Param1 is not xdigit
			Return Param1
		Return Param1 + Param2
	}
}

;#############################################################################
; Code from this thread: http://www.autohotkey.com/forum/viewtopic.php?t=18327
;#############################################################################

HexToFloat(x) {
   Return (1-2*(x>>31)) * (2**((x>>23 & 255)-150)) * (0x800000 | x & 0x7FFFFF)
}

HexToDouble(x) { ; may be wrong at extreme values
   Return (2*(x>0)-1) * (2**((x>>52 & 0x7FF)-1075)) * (0x10000000000000 | x & 0xFFFFFFFFFFFFF)
}

FloatToHex(f) {
   form := A_FormatInteger
   SetFormat Integer, HEX
   v := DllCall("MulDiv", Float,f, Int,1, Int,1, UInt)
   SetFormat Integer, %form%
   Return v
}

DoubleToHex(d) {
   form := A_FormatInteger
   SetFormat Integer, HEX
   v := DllCall("ntdll.dll\RtlLargeIntegerShiftLeft",Double,d, UChar,0, Int64)
   SetFormat Integer, %form%
   Return v
}



EDIT: I got reading doubles to work, there was an error with the VarSetCapacity in the read function. It would only set the capacity to 4 even when reading an 8-byte number.
The above code is fixed and will now work.

  • Guests
  • Last active:
  • Joined: --
I've been using this function to ready memory values, and it works brilliantly. So firstly, thanks!

Secondly, i need to read a memory address which has a stored string (not a 4byte). How would i go about doing this using this function?

Thanks.