find base address of a process Topic is solved

[Trigun]

hello
when i use cheatengine for find the address i get "game.exe"+1234
if i add the address manually "game.exe" i get the address: 00a50000
how i can find that address?
i tried with this code:

Code: Select all

getProcessBaseAddress(WindowTitle, windowMatchMode := "3")    ;WindowTitle can be anything ahk_exe ahk_class etc
{

    WinGet, hWnd, ID, %WindowTitle%
    return DllCall(A_PtrSize = 4     ; If DLL call fails, returned value will = 0
        ? "GetWindowLong"
        : "GetWindowLongPtr"
        , "Ptr", hWnd, "Int", -6, A_Is64bitOS ? "Int64" : "UInt")
        ; For the returned value when the OS is 64 bit use Int64 to prevent negative overflow when AHK is 32 bit and target process is 64bit
        ; however if the OS is 32 bit, must use UInt, otherwise the number will be huge (however it will still work as the lower 4 bytes are correct)
        ; Note - it's the OS bitness which matters here, not the scripts/AHKs
}

but i get a different address 0x7ffbfdaf0000
so i can't use the offset ... how i can solve? tnx

[Trigun]

Code: Select all

#include classMemory.ahk
test := new _ClassMemory("A", "", hProcessCopy)
value := test.read(0xA5F604, "UInt")

if i try with that code i get the address 0x7ff6cc670000
different address but still 6 byte instead 4

Ps i have windows 10

[SnowFlake]

Code: Select all

IF NOT A_IsAdmin
{
   Run *RunAs "%A_ScriptFullPath%"
   ExitApp
}
setSeDebugPrivilege(enable := True)

#SingleInstance Force

#include %a_scriptdir%/classMemory.ahk

Game := new _ClassMemory("ahk_exe AQ3D.exe")
if !isObject(Game)
    msgbox failed to open a handle

baseAddress := Game.getModuleBaseAddress("mono.dll")

arrayPointerOffsets := [0x6F8, 0x290, 0x10, 0x24, 0x44]
value := Game.read(baseAddress + 0x001F65AC, "int", arrayPointerOffsets*)

msgbox %value%

i use this,

[Trigun]

Code: Select all

Game := new _ClassMemory("A")
if !isObject(Game)
    msgbox failed to open a handle

baseAddress := Game.getModuleBaseAddress("mono.dll")
msgbox %baseAddress%
value := Game.read(baseAddress + 0xA5F604, "int")

i get -1 on baseAddress

no idea why i can't get the baseaddress...

[RHCP]

Code: Select all

Game := new _ClassMemory("A")
if !isObject(Game)
    msgbox failed to open a handle

baseAddress := Game.getModuleBaseAddress("mono.dll")
msgbox %baseAddress%
value := Game.read(baseAddress + 0xA5F604, "int")

i get -1 on baseAddress

no idea why i can't get the baseaddress...

-1 means that DLL wasn't found.

Are you using 64 or 32 AHK?

What game?
Don't use "A" as the winTitle. Try something like

Code: Select all

Game := new _ClassMemory("ahk_exe AQ3D.exe") ;Where AQ3D.exe is the exe/process name
if !isObject(Game)
    msgbox failed to open a handle

msgbox % game.BaseAddress  ;process base address.

[Trigun1]

in windows 10 the ahk_exe don't works with a lot of process ( https://autohotkey.com/boards/viewtopic.php?f=5&t=29765 ) so i'm using "A" for bypass this problem
i have 64bit ahk

and u can try it with the calculator (on win10)

http://imgur.com/a/9Pj3X

[RHCP]

in windows 10 the ahk_exe don't works with a lot of process ( https://autohotkey.com/boards/viewtopic.php?f=5&t=29765 ) so i'm using "A" for bypass this problem
i have 64bit ahk

and u can try it with the calculator (on win10)

http://imgur.com/a/9Pj3X

The active window 'A' title won't always fix this issue. I have windows 10 and haven't had any issues with STANDALONE games.... but the built in windows apps are another story.

Calculator in win10 works, but you need to use another method to find the 'correct' PID and then turn on DetectHiddenWindows before using classMemory.

Code: Select all

F1::
; This gets the PID that matches Task Manager Details and CE
for process in ComObjGet("winmgmts:").ExecQuery("Select * from Win32_Process where Name = 'Calculator.exe'")
    PID := process.processId
if !PID 
{
    msgbox PID not found 
    reload
}

DetectHiddenWindows, On ; Required for the next line to work.
Game := new _ClassMemory("AHK_PID " PID)


if !isObject(Game)
{
    msgbox failed to open a handle
    reload
}

SetFormat, IntegerFast, H
msgbox % "Base: " game.BaseAddress 

 
return

[Trigun1]

oh this way works
i tried with pid but not with the memoryclass.ahk and still failed

thanks
this will solve me a lot of problems in the future