 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Matevos
Newbie cheater
![]() Reputation: 0
Joined: 25 Jun 2010
Posts: 23
|
 Posted: Thu Aug 12, 2010 5:52 am Post subject: [C++] Memory Scanner |
 |
|
Hello, Do you know a guide on how to make a memory scanner in C++?
For help thanks.
|
|
| Back to top |
|
 |
Anden100
Grandmaster Cheater
![]() Reputation: 0
Joined: 20 Apr 2007
Posts: 668
|
| Posted: Thu Aug 12, 2010 7:01 am Post subject: |
|
|
this topic has been asked quite a few times on this forum, a quick use of the search functions gave me these results:
| Slugsnack wrote: |
| Code: | #include <windows.h>
#include <stdio.h>
#include <conio.h>
int main()
{
IMAGE_DOS_HEADER* pIDH = (IMAGE_DOS_HEADER*)GetModuleHandle( NULL );
IMAGE_NT_HEADERS* pINH = (IMAGE_NT_HEADERS*)((BYTE*)pIDH + (pIDH -> e_lfanew));
IMAGE_OPTIONAL_HEADER IOH = pINH -> OptionalHeader;
printf( "Magic number is : %u\n", pIDH -> e_magic );
printf( "Address of entry point is : %#x", IOH.AddressOfEntryPoint );
while( !_kbhit() )
Sleep(100);
return 0;
} |
And you are using VirtualQuery completely wrong. You're not supposed to use VirtualProtect to make all memory readable either that's retarded.
Here is the code for my 'first scan' function in one of my first C projects. Yes, don't expect the code to be particularly good.
| Code: | void FirstScan( unsigned int nValue, HWND hwndList )
{
MEMORY_BASIC_INFORMATION mbi = {0};
DWORD dwEndAddr;
int iIndex;
LVITEM lvi = {0};
lvi.mask = LVIF_TEXT;
lvi.iItem = 1;
lvi.iSubItem = 0;
TCHAR szAddress[9] = {0};
TCHAR szValue[11] = {0};
swprintf_s( szValue, _countof( szValue ), _T("%d"), nValue );
while ( VirtualQuery( ( VOID * )( ( int )mbi.BaseAddress + mbi.RegionSize ), &mbi, sizeof( MEMORY_BASIC_INFORMATION ) ) )
{
if( mbi.Protect == PAGE_READWRITE )
{
dwEndAddr = ( DWORD )mbi.BaseAddress + mbi.RegionSize - 1 - ( !nScanType ? 0 : nScanType * 2 );
for( DWORD i = ( DWORD )mbi.BaseAddress; i <= dwEndAddr; i++ )
{
__try
{
if( ( !nScanType && *( BYTE * )i == ( BYTE )nValue )
|| ( nScanType == 1 && *( WORD * )i == ( WORD )nValue )
|| ( nScanType == 2 && *( DWORD* )i == ( DWORD )nValue ) )
{
swprintf_s( szAddress, _countof( szAddress ), _T("%08X"), i );
iIndex = ListView_InsertItem( hwndList, &lvi );
ListView_SetItemText( hwndList, iIndex, 0, szAddress );
ListView_SetItemText( hwndList, iIndex, 1, szValue );
lvi.iItem++;
}
}
__except( true )
{
i = dwEndAddr;
}
}
}
}
}
|
|
| Anden100 wrote: | This is what i did in my MemoryScanner (removed some functions -.-), saves all results to a file, which can then be read later to print it in a different loop
| Code: | #define SAVE_COUNT 100 //could be any number, how often values will be saved to a file
struct addr{
int address;
int value;
};
HANDLE hProcess;
BOOL scan(int value){
std::fstream save(ADDRFILE, std::ios::binary | std::ios::out | std::ios::app);
int pos = 0;
addr address[50];
MEMORY_BASIC_INFORMATION mbi;
SYSTEM_INFO si;
char bufstr[MAX_PATH];
GetSystemInfo(&si);
int min = (int)si.lpMinimumApplicationAddress;
int max = (int)si.lpMaximumApplicationAddress;
size_t s;
if(hProcess == INVALID_HANDLE_VALUE){
MessageBox(NULL, "Please choose a process!", "Notice", NULL);
return FALSE;
}
for(int i = min; i < max;){
s = VirtualQueryEx(hProcess, (LPVOID)i, &mbi, sizeof(MEMORY_BASIC_INFORMATION));
if(s == sizeof(MEMORY_BASIC_INFORMATION) && mbi.Type == MEM_PRIVATE && mbi.State == MEM_COMMIT && mbi.RegionSize > 0){
size_t reg = mbi.RegionSize;
void *buffer = malloc(reg);
ReadProcessMemory(hProcess, (LPVOID)mbi.BaseAddress, buffer, reg, NULL);
for(unsigned int j = 0; j < reg; j++){
int *val = (int*)((DWORD)buffer + j);
if(*val == value){
if(pos <= SAVE_COUNT+1){
save.write(reinterpret_cast<char*>(&address), sizeof(addr)*pos);
pos = 0;
}
address[pos].address = (int)mbi.BaseAddress+j;
address[pos].value = value;
pos++;
resultcount++;
}
}
}
if(s == 0){
DWORD err = GetLastError();
if(err == 6)
sprintf_s(bufstr, sizeof(bufstr), "Please select a process");
else
sprintf_s(bufstr, sizeof(bufstr), "VirtualQueryEx failed with error code: %d", err);
MessageBox(NULL, bufstr, "Error!", 0);
return FALSE;
}
DWORD prog = (DWORD)mbi.BaseAddress + (DWORD)mbi.RegionSize;
i = prog;
}
save.write(reinterpret_cast<char*>(&address), sizeof(addr)*pos);
save.close();
return TRUE;
} |
ps: you have to love my awesome mixture of typecasts and reinterpret_cast  |
of curse you could as well take a look at the Cheat Engine source, however it might be some more code to understand, and therefore a bit harder, since a lot of stuff has been implemented: http://ce.colddot.nl/browser/Cheat%20Engine%206/memscan.pas#L2735
Last edited by Anden100 on Thu Aug 12, 2010 4:50 pm; edited 3 times in total |
|
| Back to top |
|
|
Matevos
Newbie cheater
![]() Reputation: 0
Joined: 25 Jun 2010
Posts: 23
|
| Posted: Thu Aug 12, 2010 7:48 am Post subject: |
|
|
Thanks!
But I can't build this. Can you make for me full complite simple memory scanner? ;> Please....
|
|
| Back to top |
|
|
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Thu Aug 12, 2010 8:28 am Post subject: |
|
|
| Matevos wrote: | Thanks!
But I can't build this. Can you make for me full complite simple memory scanner? ;> Please.... |
Perhaps you should look into actually learning a coding language if you plan to make things like this first.
This section is for support with programming related questions, not requests to get things made for you.
If you are looking to learn a language, I would personally recommend learning C/C++ or C#. (Others will have their opinions, and the end choice is up to you either way. This is just my personal opinion.)
If you need help getting started with a language just ask.
_________________
- Retired. |
|
| Back to top |
|
|
Matevos
Newbie cheater
![]() Reputation: 0
Joined: 25 Jun 2010
Posts: 23
|
| Posted: Thu Aug 12, 2010 8:42 am Post subject: |
|
|
I making a bad... simple... memory scanner but most important thing is to make it work. I intend to use WirteProcessMemory and ReadProcessMemory.
But what to do as ReadProcessMemory find me some addresses where I store them? And then the second scan compared with that any number of Address? Please help...
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Thu Aug 12, 2010 8:44 am Post subject: |
|
|
| Btw the first two snippets are mine and I would advise against using them. I wrote them when I was first starting out in C. A better way would be to have a model that deals purely with data and then update that only. Then you would have a view which is bound to the model. In this case the model should have no concept of the view though.
|
|
| Back to top |
|
|
Matevos
Newbie cheater
![]() Reputation: 0
Joined: 25 Jun 2010
Posts: 23
|
| Posted: Thu Aug 12, 2010 8:49 am Post subject: |
|
|
Mostly I mean here is that the value entered in the console memory scanner 10 then looks for me to address the value of 10 and then do another scan but now entering the value 15 then searches me this one adress and change its value to, for example, the 100.
What do you use a memory scanner to look for all the addresses with a value of 10?
And where to store all those addresses?
And how to make a second scan of the negative bad addresses?
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Thu Aug 12, 2010 4:31 pm Post subject: |
|
|
I'll talk this through to you theoretically then you can think how to implement it in code. Memory is byte addressable so if you decide to search on unaligned addresses you will basically want to iterate through every readable address. You need to use some method of finding out what ranges of addresses are readable. Once you have this list, check each address in that range for your value, let's say 10. You now have a list of first scan addresses. For the next scan, you simply need to iterate through this list and check which of the addresses now point to the value 15. You can store the addresses however you like - in memory, on disk, etc.
You have a long way to go before even attempting something like this. Learning about arrays might be a good start. Although you should actually learn the basics of the language itself first.
|
|
| Back to top |
|
|
Anden100
Grandmaster Cheater
![]() Reputation: 0
Joined: 20 Apr 2007
Posts: 668
|
| Posted: Thu Aug 12, 2010 4:46 pm Post subject: |
|
|
| Slugsnack wrote: | | Btw the first two snippets are mine and I would advise against using them. I wrote them when I was first starting out in C. A better way would be to have a model that deals purely with data and then update that only. Then you would have a view which is bound to the model. In this case the model should have no concept of the view though. |
im sorry, ment to copy your name, but i dont think i got it highlighted
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
