 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
nielskool
Advanced Cheater
![]() Reputation: 0
Joined: 03 Jun 2007
Posts: 65
|
 Posted: Sat Nov 21, 2009 7:12 pm Post subject: scan array of byte |
 |
|
Heey guys,
Little question, long answer:P
How to find a array of byte in delphi with readprocessmemory?
I need to find: 01 00 00 00 00 73 74 65 72 2F
How to do this:P
Grtz,
Niels
_________________
cheaters are the best race in the world, they love eachother:P, so i would say never fuck poeple of your own race, unless they're beautiful:P |
|
| Back to top |
|
 |
hcavolsdsadgadsg
I'm a spammer
![]() Reputation: 26
Joined: 11 Jun 2007
Posts: 5801
|
| Posted: Sat Nov 21, 2009 7:38 pm Post subject: |
|
|
| Read, compare, repeat
|
|
| Back to top |
|
|
nielskool
Advanced Cheater
![]() Reputation: 0
Joined: 03 Jun 2007
Posts: 65
|
| Posted: Sat Nov 21, 2009 8:26 pm Post subject: |
|
|
already got it:
| Code: | procedure TForm1.Button1Click(Sender: TObject);
var
test: byte;
test2: variant;
a,b: integer;
begin
for a:=978893079 to 978893279 do
begin
ReadProcessMemory(PHandle,Pointer(a),@test,1,Read);
test2:= 00;
if (test = test2) then
begin
ReadProcessMemory(PHandle,Pointer(a+1),@test,1,Read);
if (test = test2) then
begin
ReadProcessMemory(PHandle,Pointer(a+3),@test,1,Read);
if (test = test2) then
begin
ReadProcessMemory(PHandle,Pointer(a+4),@test,1,Read);
if (test = test2) then
begin
test2:= 115;
ReadProcessMemory(PHandle,Pointer(a+5),@test,1,Read);
if (test = test2) then
begin
test2:= 116;
ReadProcessMemory(PHandle,Pointer(a+6),@test,1,Read);
if (test = test2) then
begin
test2:= 101;
ReadProcessMemory(PHandle,Pointer(a+7),@test,1,Read);
if (test = test2) then
begin
test2:= 114;
ReadProcessMemory(PHandle,Pointer(a+8),@test,1,Read);
if (test = test2) then
begin
test2:= 47;
ReadProcessMemory(PHandle,Pointer(a+9),@test,1,Read);
if (test = test2) then
begin
b:=a;
metinsteen:=a;
end;
end;
end;
end;
end;
end;
end;
end;
end;
end;
ShowMessage('found');
ShowMessage(inttostr(b));
end; |
bit vrapy but t works:P
didn't know it works that fast in delphi, thougt it would be much slower because it isn't asm
//edit
hmm not so fast as i thougt. i need to scan a bigger area, than it is very slow.
_________________
cheaters are the best race in the world, they love eachother:P, so i would say never fuck poeple of your own race, unless they're beautiful:P |
|
| Back to top |
|
|
hcavolsdsadgadsg
I'm a spammer
![]() Reputation: 26
Joined: 11 Jun 2007
Posts: 5801
|
| Posted: Sat Nov 21, 2009 8:42 pm Post subject: |
|
|
it compiles to asm, fyi.
and why are you doing a billion single byte reads
|
|
| Back to top |
|
|
nielskool
Advanced Cheater
![]() Reputation: 0
Joined: 03 Jun 2007
Posts: 65
|
| Posted: Sat Nov 21, 2009 8:51 pm Post subject: |
|
|
is there an other way to do this?
_________________
cheaters are the best race in the world, they love eachother:P, so i would say never fuck poeple of your own race, unless they're beautiful:P |
|
| Back to top |
|
|
hcavolsdsadgadsg
I'm a spammer
![]() Reputation: 26
Joined: 11 Jun 2007
Posts: 5801
|
| Posted: Sat Nov 21, 2009 11:17 pm Post subject: |
|
|
| hmm, read the array length worth of bytes from an address, then compare what you got to the original with CompareMem
|
|
| Back to top |
|
|
nielskool
Advanced Cheater
![]() Reputation: 0
Joined: 03 Jun 2007
Posts: 65
|
| Posted: Sun Nov 22, 2009 4:28 am Post subject: |
|
|
i don't really know what you mean
//edit
hmm i now know how to use comparemem, but i don't know how to read a larger area.
//edit2
i found a few things but don't know how to use them.
copymem
getprop
how do i copy the memory of an other app?
_________________
cheaters are the best race in the world, they love eachother:P, so i would say never fuck poeple of your own race, unless they're beautiful:P |
|
| Back to top |
|
|
Jani
Grandmaster Cheater
![]() Reputation: 2
Joined: 29 Dec 2006
Posts: 804
|
| Posted: Sun Nov 22, 2009 5:48 am Post subject: |
|
|
| slovach wrote: | | Read, compare, repeat |
Read, compare, compare, compare, ..., repeat for faster results :P
|
|
| Back to top |
|
|
nielskool
Advanced Cheater
![]() Reputation: 0
Joined: 03 Jun 2007
Posts: 65
|
| Posted: Sun Nov 22, 2009 6:20 am Post subject: |
|
|
how or what do i read in this case?
_________________
cheaters are the best race in the world, they love eachother:P, so i would say never fuck poeple of your own race, unless they're beautiful:P |
|
| Back to top |
|
|
hcavolsdsadgadsg
I'm a spammer
![]() Reputation: 26
Joined: 11 Jun 2007
Posts: 5801
|
| Posted: Sun Nov 22, 2009 6:08 pm Post subject: |
|
|
| nielskool wrote: | i don't really know what you mean
//edit
hmm i now know how to use comparemem, but i don't know how to read a larger area.
//edit2
i found a few things but don't know how to use them.
copymem
getprop
how do i copy the memory of an other app? |
you don't unless you've injected a dll.
just read a chunk with ReadProcessMemory
|
|
| Back to top |
|
|
nielskool
Advanced Cheater
![]() Reputation: 0
Joined: 03 Jun 2007
Posts: 65
|
| Posted: Mon Nov 23, 2009 10:10 am Post subject: |
|
|
how to read a large area with readprocessmemory?
if i read about 8bytes then the first byte is 1 and all other bytes are zero
_________________
cheaters are the best race in the world, they love eachother:P, so i would say never fuck poeple of your own race, unless they're beautiful:P |
|
| Back to top |
|
|
hcavolsdsadgadsg
I'm a spammer
![]() Reputation: 26
Joined: 11 Jun 2007
Posts: 5801
|
| Posted: Mon Nov 23, 2009 12:39 pm Post subject: |
|
|
http://msdn.microsoft.com/en-us/library/ms680553%28VS.85%29.aspx
BOOL WINAPI ReadProcessMemory(
__in HANDLE hProcess,
__in LPCVOID lpBaseAddress,
__out LPVOID lpBuffer,
__in SIZE_T nSize,
__out SIZE_T *lpNumberOfBytesRead
);
nSize [in]
The number of bytes to be read from the specified process.
|
|
| Back to top |
|
|
nielskool
Advanced Cheater
![]() Reputation: 0
Joined: 03 Jun 2007
Posts: 65
|
| Posted: Mon Nov 23, 2009 5:28 pm Post subject: |
|
|
you where right, this moring i tryed again reading more bytes. this time i worked.
so now i read 1.000.000 bytes and it works.
thank you very much.
_________________
cheaters are the best race in the world, they love eachother:P, so i would say never fuck poeple of your own race, unless they're beautiful:P |
|
| Back to top |
|
|
Jonathan.Ramlie
Cheater
![]() Reputation: 0
Joined: 13 May 2011
Posts: 39
Location: Cheat Engine
|
| Posted: Sat May 28, 2011 8:14 am Post subject: |
|
|
i didnt understand 
|
|
| Back to top |
|
|
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Sat May 28, 2011 11:12 am Post subject: |
|
|
| nielskool wrote: | you where right, this moring i tryed again reading more bytes. this time i worked.
so now i read 1.000.000 bytes and it works.
thank you very much. |
Keep in mind when you are reading from another processes memory:
| Quote: |
The entire area to be read must be accessible, and if it is not accessible, the function fails.
|
So just setting nSize to 1,000,000 has high potential to fail. Use VirtualQueryEx to get page size and information and read based on that instead for a more secure method.
_________________
- Retired. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
