 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
TheForgottenOne
Newbie cheater
![]() Reputation: 0
Joined: 02 May 2015
Posts: 11
|
 Posted: Sat May 02, 2015 9:19 am Post subject: auto scan and pause the process(new question) |
 |
|
hi everyone,I want to dump some decrypted file content from memory.(these files are encrypted,only decrypt in memory).but these file content only show 0.5s in memory,then I can't find them anymore.pausing the process works,but I only succeed 5 times(I tried 100 times +)  so I wonder if someone write a script for me,make cheatengine scan these array of bytes automatically,and if these array of bytes are found,then stop the process,so I can dump the memory.I don't know if it is possible.
What I think I need are:
1.freeze the process.
2.scan for : 01 00 00 00 00 00 45 4E 43 53
3.if these are found,just keep the process pausing.if not,unlock the process,and freeze it after 20ms,then scan these arrary of bytes again.
damn,I know these descriptions are bad,but I really need some help.thanks!
Last edited by TheForgottenOne on Sun Jun 14, 2015 9:27 pm; edited 1 time in total |
|
| Back to top |
|
 |
Zanzer
I post too much
![]() Reputation: 126
Joined: 09 Jun 2013
Posts: 3278
|
| Posted: Sat May 02, 2015 10:21 am Post subject: |
|
|
| Code: | timer.createTimer(nil)
timer.Interval = 20
timer.OnTimer = function(timer)
pause()
local aob = AOBScan("YOUR_AOB")
if aob.Count > 0 then
timer.Enabled = false
print(aob[0])
else
unpause()
end
aob.Destroy()
aob = nil
end
timer.Enabled = true |
|
|
| Back to top |
|
|
TheForgottenOne
Newbie cheater
![]() Reputation: 0
Joined: 02 May 2015
Posts: 11
|
| Posted: Sat May 02, 2015 12:01 pm Post subject: |
|
|
| Zanzer wrote: | | Code: | timer.createTimer(nil)
timer.Interval = 20
timer.OnTimer = function(timer)
pause()
local aob = AOBScan("YOUR_AOB")
if aob.Count > 0 then
timer.Enabled = false
print(aob[0])
else
unpause()
end
aob.Destroy()
aob = nil
end
timer.Enabled = true |
|
cool,thanks!I will try this later.
|
|
| Back to top |
|
|
panraven
Grandmaster Cheater
![]() Reputation: 61
Joined: 01 Oct 2008
Posts: 958
|
| Posted: Sat May 02, 2015 12:59 pm Post subject: |
|
|
Not all situation is tested. For instance, 1st scan is already success in my example.
It seems auto-attach function only when ce not already attached to any process (reasonable).
| Code: | function pulseScan(aob,procname,doResult,interval,maxscan)
interval = type(interval)=='number' and interval or 25 -- milisec
maxscan = type(maxscan)=='number' and maxscan or 20 -- scan is slow , 20 scans can take up some mins
doResult = type(doResult)=='function' and doResult or print
local Result,errmsg,cntscan = nil,'timeout',0 -- function end if result get a number value or maxscan reached
local function cemerge(t,o) for k,v in pairs(o) do t[k]=v end return t end
local ms = cemerge(createMemScan(),{OnlyOneResult=true})
local function callLater(d,f,...)
local t,a,n = cemerge(createTimer(),{Interval=d,Enabled=true}),{...},select('#',...)
t.OnTimer = function(sender) sender.Destroy() f(unpack(a,1,n)) end
return t
end
local function scan()
cntscan = cntscan + 1
print('scanning #',cntscan,' at ',os.date('%X'))
pause()
ms.newScan()
ms.firstScan(soExactValue,vtByteArray,rtRounded,aob,'',0,0x7fffffffffffffff,'',fsmNotAligned,'1',true,false,false,false)
ms.waitTillDone()
unpause()
if ms.Result == nil and cntscan < maxscan then
callLater(interval,scan) --- no result scan again
else
if ms.Result == nil then -- timeout
callLater(1,doResult,nil,errmsg)
else -- found result
callLater(1,doResult,ms.Result)
end
ms.Destroy()
---- exit pulseScan here, since not calling scan any more
end
end
getAutoAttachList().Text = procname
--- AutoAttach ONLY when CE not already attach any process
onOpenProcess = function(pid)
local targetpid = getProcessIDFromProcessName(procname)
if pid == targetpid then
callLater(1,scan)
onOpenProcess = nil
end
end
end
--- test: open a cheat engine ct file with notepad.exe
pulseScan('40 00 68 00 65 00 61 00 74 00 45 00 6e' , [[notepad.exe]], function(result,msg)
if result ~= nil then --- can pause again here
print(string.format('found > %08X',result))
--[[ -- save memory content around result address... not tested
pause()
local f = io.open('save','wb')
f.write(readString(result-0x1000,0x2000) -- ???
f.close()
unpause()
]]
else
print(msg) -- err
end
end)
|
|
|
| Back to top |
|
|
TheForgottenOne
Newbie cheater
![]() Reputation: 0
Joined: 02 May 2015
Posts: 11
|
| Posted: Sun May 03, 2015 12:09 am Post subject: |
|
|
| Zanzer wrote: | | Code: | timer.createTimer(nil)
timer.Interval = 20
timer.OnTimer = function(timer)
pause()
local aob = AOBScan("YOUR_AOB")
if aob.Count > 0 then
timer.Enabled = false
print(aob[0])
else
unpause()
end
aob.Destroy()
aob = nil
end
timer.Enabled = true |
|
well,this script does the trick.thank you again!
| panraven wrote: | Not all situation is tested. For instance, 1st scan is already success in my example.
It seems auto-attach function only when ce not already attached to any process (reasonable).
| Code: | function pulseScan(aob,procname,doResult,interval,maxscan)
interval = type(interval)=='number' and interval or 25 -- milisec
maxscan = type(maxscan)=='number' and maxscan or 20 -- scan is slow , 20 scans can take up some mins
doResult = type(doResult)=='function' and doResult or print
local Result,errmsg,cntscan = nil,'timeout',0 -- function end if result get a number value or maxscan reached
local function cemerge(t,o) for k,v in pairs(o) do t[k]=v end return t end
local ms = cemerge(createMemScan(),{OnlyOneResult=true})
local function callLater(d,f,...)
local t,a,n = cemerge(createTimer(),{Interval=d,Enabled=true}),{...},select('#',...)
t.OnTimer = function(sender) sender.Destroy() f(unpack(a,1,n)) end
return t
end
local function scan()
cntscan = cntscan + 1
print('scanning #',cntscan,' at ',os.date('%X'))
pause()
ms.newScan()
ms.firstScan(soExactValue,vtByteArray,rtRounded,aob,'',0,0x7fffffffffffffff,'',fsmNotAligned,'1',true,false,false,false)
ms.waitTillDone()
unpause()
if ms.Result == nil and cntscan < maxscan then
callLater(interval,scan) --- no result scan again
else
if ms.Result == nil then -- timeout
callLater(1,doResult,nil,errmsg)
else -- found result
callLater(1,doResult,ms.Result)
end
ms.Destroy()
---- exit pulseScan here, since not calling scan any more
end
end
getAutoAttachList().Text = procname
--- AutoAttach ONLY when CE not already attach any process
onOpenProcess = function(pid)
local targetpid = getProcessIDFromProcessName(procname)
if pid == targetpid then
callLater(1,scan)
onOpenProcess = nil
end
end
end
--- test: open a cheat engine ct file with notepad.exe
pulseScan('40 00 68 00 65 00 61 00 74 00 45 00 6e' , [[notepad.exe]], function(result,msg)
if result ~= nil then --- can pause again here
print(string.format('found > %08X',result))
--[[ -- save memory content around result address... not tested
pause()
local f = io.open('save','wb')
f.write(readString(result-0x1000,0x2000) -- ???
f.close()
unpause()
]]
else
print(msg) -- err
end
end)
|
|
yeah,this should work too,but it is too complicated for me.thank you.
|
|
| Back to top |
|
|
TheForgottenOne
Newbie cheater
![]() Reputation: 0
Joined: 02 May 2015
Posts: 11
|
| Posted: Sun Jun 14, 2015 9:29 pm Post subject: |
|
|
| Zanzer wrote: | | Code: | timer.createTimer(nil)
timer.Interval = 20
timer.OnTimer = function(timer)
pause()
local aob = AOBScan("YOUR_AOB")
if aob.Count > 0 then
timer.Enabled = false
print(aob[0])
else
unpause()
end
aob.Destroy()
aob = nil
end
timer.Enabled = true |
|
hi,I got a new question.is it possible to set the timer's interval to microseconds?thanks!
|
|
| Back to top |
|
|
TheForgottenOne
Newbie cheater
![]() Reputation: 0
Joined: 02 May 2015
Posts: 11
|
| Posted: Tue Jun 16, 2015 8:17 pm Post subject: |
|
|
| well,can someone help me out?i really could use some help.
|
|
| Back to top |
|
|
Dark Byte
Site Admin
 Reputation: 468
Joined: 09 May 2003
Posts: 25719
Location: The netherlands
|
| Posted: Wed Jun 17, 2015 2:33 am Post subject: |
|
|
no, only milliseconds.
you could use createNativeThread and run the code in an infinite loop, but you would probably not see any difference, as the scan already takes longer than 20 milliseconds
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
TheForgottenOne
Newbie cheater
![]() Reputation: 0
Joined: 02 May 2015
Posts: 11
|
| Posted: Thu Jun 18, 2015 6:32 am Post subject: |
|
|
| Dark Byte wrote: | no, only milliseconds.
you could use createNativeThread and run the code in an infinite loop, but you would probably not see any difference, as the scan already takes longer than 20 milliseconds |
thank you,i see.when I set the interval to 1 ms,some content still went missing.well,do you know if there is another software can do this(pause the process then unlock it after some microseconds)for me?thanks!
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
