 |
Cheat Engine The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Reak I post too much
Reputation: 0
Joined: 15 May 2007 Posts: 3496
|
Posted: Sat Dec 29, 2007 6:38 pm Post subject: [delphi] allocating memory |
|
|
Hey guys,
Well I'm still working on my first trainer. But I've got a problem with allocating memory.
I took a address and allocated 128 bytes and assigned my shit to. Worked great, but the address wasn't not constant, it was dynamic.
Here's my question:
How can find a memory region which writeable, free and constant?
Or just like CE does, allocating on a dynamic address and writing there.
But I've no idea how to do this stuff.
Can someone please clear me up ?
|
|
| Back to top |
|
 |
appalsap Moderator
Reputation: 0
Joined: 27 Apr 2006 Posts: 6753 Location: Pakistan
|
Posted: Sat Dec 29, 2007 6:48 pm Post subject: Re: [delphi] allocating memory |
|
|
| rEakW0n wrote: | | Or just like CE does, allocating on a dynamic address and writing there. |
Do this. samuri25404 made a topic about this recently, go search for it
_________________
|
|
| Back to top |
|
 |
Reak I post too much
Reputation: 0
Joined: 15 May 2007 Posts: 3496
|
Posted: Sat Dec 29, 2007 8:12 pm Post subject: |
|
|
Well, I searched long time for it. I can't even find 1 thread made by him the first 15 pages...
|
|
| Back to top |
|
 |
Reak I post too much
Reputation: 0
Joined: 15 May 2007 Posts: 3496
|
Posted: Sun Dec 30, 2007 7:53 am Post subject: |
|
|
Okay well so far. I already thought about the same as you x0r but look at this:
| Code: | ...
var
lulz, lulz2: pointer;
...
// Allocating for CSEAX X
lulz := VirtualAllocEx(HandleWindow, nil, 128, MEM_RESERVE or MEM_COMMIT, PAGE_READWRITE);
// Write on allocated memory CSEAX X
WriteProcessMemory(HandleWindow, lulz, @ZoritaAllc1, 2, Write);
WriteProcessMemory(HandleWindow, ptr($3CC60005), @ZoritaAllc2, 1, Write);
WriteProcessMemory(HandleWindow, ptr($3CC60006), @ZoritaAllc3, 6, Write);
WriteProcessMemory(HandleWindow, ptr($3CC6000C), @ZoritaAllc4, 1, Write);
WriteProcessMemory(HandleWindow, ptr($3CC6000D), @ZoritaAllc5, 6, Write);
WriteProcessMemory(HandleWindow, ptr($3CC60013), @ZoritaAllc6, 2, Write);
WriteProcessMemory(HandleWindow, ptr($3CC60015), @ZoritaAllc7, 3, Write);
WriteProcessMemory(HandleWindow, ptr($3CC60018), @ZoritaAllc8, 1, Write);
// Allocating for CSEAX Y
lulz2 := VirtualAllocEx(HandleWindow, nil, 128, MEM_RESERVE or MEM_COMMIT, PAGE_READWRITE);
// Write on allocated memory CSEAX Y
WriteProcessMemory(HandleWindow, ptr($3CC60080), @ZoritaAllc1_1, 5, Write);
WriteProcessMemory(HandleWindow, ptr($3CC60085), @ZoritaAllc2_2, 1, Write);
WriteProcessMemory(HandleWindow, ptr($3CC60086), @ZoritaAllc3_3, 6, Write);
WriteProcessMemory(HandleWindow, ptr($3CC6008C), @ZoritaAllc4_4, 6, Write);
WriteProcessMemory(HandleWindow, ptr($3CC60092), @ZoritaAllc5_5, 1, Write);
WriteProcessMemory(HandleWindow, ptr($3CC60093), @ZoritaAllc6_6, 6, Write);
WriteProcessMemory(HandleWindow, ptr($3CC60099), @ZoritaAllc7_7, 2, Write);
WriteProcessMemory(HandleWindow, ptr($3CC6009B), @ZoritaAllc8_8, 3, Write);
WriteProcessMemory(HandleWindow, ptr($3CC6009E), @ZoritaAllc9_9, 1, Write);
// Finally changing the calls on CSEAX x and Y
WriteProcessMemory(HandleWindow, ptr($006DF140), @ZoritaOn1, 2, Write);
WriteProcessMemory(HandleWindow, ptr($006DF1A5), @ZoritaOn2, 1, Write);
CloseHandle(HandleWindow); |
The first WPM thing writes on the allocated memory, but other ones..Where should there write on? Somethine like lulz+5 ?
And if the allocated memory is done and the things are written on, then I gotta change on CSEAX X/Y that it calls it.
|
|
| Back to top |
|
 |
HolyBlah Master Cheater
Reputation: 2
Joined: 24 Aug 2007 Posts: 446
|
Posted: Sun Dec 30, 2007 7:57 am Post subject: |
|
|
Try this: | Code: | WriteProcessMemory(HandleWindow, lulz, @ZoritaAllc1, 2, Write);
WriteProcessMemory(HandleWindow, lulz+2, @ZoritaAllc2, 1, Write); |
|
|
| Back to top |
|
 |
Reak I post too much
Reputation: 0
Joined: 15 May 2007 Posts: 3496
|
Posted: Sun Dec 30, 2007 8:35 am Post subject: |
|
|
| HolyBlah wrote: | Try this: | Code: | WriteProcessMemory(HandleWindow, lulz, @ZoritaAllc1, 2, Write);
WriteProcessMemory(HandleWindow, lulz+2, @ZoritaAllc2, 1, Write); |
|
I've already tried this way thx but it didn't work.
And I wasn't really sure if this is the right way so I stopped trying this out in other ways, but then I saw your post and I got it working with:
| Code: | | ptr(integer(lulz)+2) |
(lets hope it does what I want)
Now I tried to get the address where it allocated the memory, so I used:
And then it said: "1020592128" hex= 3CD50000.
And it really allocated there.
Then I tried this code out:
| Code: | WriteProcessMemory(HandleWindow, lulz, @ZoritaAllc1, 2, Write);
WriteProcessMemory(HandleWindow, ptr(integer(lulz)+2), @ZoritaAllc2, 1, Write);
WriteProcessMemory(HandleWindow, ptr(integer(lulz)+1), @ZoritaAllc3, 6, Write);
WriteProcessMemory(HandleWindow, ptr(integer(lulz)+6), @ZoritaAllc4, 1, Write);
WriteProcessMemory(HandleWindow, ptr(integer(lulz)+1), @ZoritaAllc5, 6, Write);
WriteProcessMemory(HandleWindow, ptr(integer(lulz)+6), @ZoritaAllc6, 2, Write);
WriteProcessMemory(HandleWindow, ptr(integer(lulz)+2), @ZoritaAllc7, 3, Write);
WriteProcessMemory(HandleWindow, ptr(integer(lulz)+3), @ZoritaAllc8, 1, Write); |
But it just wrote this on it:
(don't worry about the different address (from 3CD50000) I reopened the program and allocated it again.)
Instead of this:
| Code: | mov eax, [80c898]
push eax
mov eax, [eax+640]
pop eax
mov eax, [eax+648]
mov [ebx],eax
mov edi,[ebp+10]
ret |
So my problems:
1. What did I do wrong that it doesn't write there what I want?
2. Later, when I am done, I gotta write on address CSEAX X/Y that it calls on the allocated memory. But how do I make the address where the memory is where it calls to in an array ?
thanks alot to all you guys who helped me so far
Edit: me dumbass....
I forgot to count right. (and 1 byte integer was wrong)
| Code: | WriteProcessMemory(HandleWindow, lulz, @ZoritaAllc1, 5, Write);
WriteProcessMemory(HandleWindow, ptr(integer(lulz)+5), @ZoritaAllc2, 1, Write);
WriteProcessMemory(HandleWindow, ptr(integer(lulz)+6), @ZoritaAllc3, 6, Write);
WriteProcessMemory(HandleWindow, ptr(integer(lulz)+12), @ZoritaAllc4, 1, Write);
WriteProcessMemory(HandleWindow, ptr(integer(lulz)+13), @ZoritaAllc5, 6, Write);
WriteProcessMemory(HandleWindow, ptr(integer(lulz)+19), @ZoritaAllc6, 2, Write);
WriteProcessMemory(HandleWindow, ptr(integer(lulz)+21), @ZoritaAllc7, 3, Write);
WriteProcessMemory(HandleWindow, ptr(integer(lulz)+24), @ZoritaAllc8, 1, Write); |
Now it writes what I want.
So only question 2 is open:
| Quote: | | 2. Later, when I am done, I gotta write on address CSEAX X/Y that it calls on the allocated memory. But how do I make the address where the memory is where it calls to in an array ? |
And ohw..I forgot. I doesn't allocate 128 bytes...it allocates everything which is free or so. What did I do wrong there?
| Code: | | lulz := VirtualAllocEx(HandleWindow, nil, 128, MEM_RESERVE or MEM_COMMIT, PAGE_READWRITE); |
(I already tried $128)
|
|
| Back to top |
|
 |
HolyBlah Master Cheater
Reputation: 2
Joined: 24 Aug 2007 Posts: 446
|
Posted: Sun Dec 30, 2007 9:01 am Post subject: |
|
|
Try this method:
| Code: |
WriteProcessMemory(HandleWindow, lulz, @ZoritaAllc1, 5, Write);
lulz:=integer(lulz)+5;
WriteProcessMemory(HandleWindow, ptr(lulz), @ZoritaAllc2, 1, Write);
lulz:=integer(lulz)+1;
WriteProcessMemory(HandleWindow, ptr(lulz), @ZoritaAllc3, 6, Write);
lulz:=integer(lulz)+6;
.
.
. |
|
|
| Back to top |
|
 |
Reak I post too much
Reputation: 0
Joined: 15 May 2007 Posts: 3496
|
Posted: Sun Dec 30, 2007 9:06 am Post subject: |
|
|
| HolyBlah wrote: | Try this method:
| Code: |
WriteProcessMemory(HandleWindow, lulz, @ZoritaAllc1, 5, Write);
lulz:=integer(lulz)+5;
WriteProcessMemory(HandleWindow, ptr(lulz), @ZoritaAllc2, 1, Write);
lulz:=integer(lulz)+1;
WriteProcessMemory(HandleWindow, ptr(lulz), @ZoritaAllc3, 6, Write);
lulz:=integer(lulz)+6;
.
.
. |
|
Thanks but my method is working
My only problems are:
1. It allocated too much.
2. It wont dealloc it with:
| Code: | | VirtualFreeEx(HandleWindow, lulz, 0, MEM_RELEASE); |
or
| Code: | | VirtualFreeEx(HandleWindow, ptr(test), 0, MEM_RELEASE); |
test is | Code: | | test := integer(lulz); |
3. I gotta write on CSEAX X/Y and "call MyMem" but I don't know how that. Hence it's not always the same array to inject.
|
|
| Back to top |
|
 |
Symbol I'm a spammer
Reputation: 0
Joined: 18 Apr 2007 Posts: 5094 Location: Israel.
|
Posted: Sun Dec 30, 2007 12:34 pm Post subject: |
|
|
| Lets say your address is 30, your allocation is at 50, do Allocation(which is 50)-Address(30)-5 = 1B, call it. (if its more than 1 byte then you'll need to convert the bytes opposite)
|
|
| Back to top |
|
 |
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|