 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
iPromise
Grandmaster Cheater
![]() Reputation: -1
Joined: 27 Jun 2009
Posts: 529
Location: Canada
|
 Posted: Thu May 06, 2010 5:25 pm Post subject: Random Access Violations |
 |
|
Hello CEF community,
As you guys well know I coded a memory scanner to simply find addresses that I can use for my hacks. However, whenever I do a next scan with my memory scanner it tends to give me a random access violation (mostly on games not other non-gaming applications). So I saw that maybe I needed to protect the memory to PAGE_READWRITE or any other memory readable constants. So I tested it and gave it a run and it kept giving me random access violations.
So heres my code for my next scan:
| Code: |
void NextScan(HWND hWndDlg)
{
int Min = 0; int Max = SendMessage(GetDlgItem(hWndDlg, IDC_LIST1), LB_GETCOUNT, 0, 0);
char TypeBuf[500] = {0};
GetWindowTextA(GetDlgItem(hWndDlg, IDC_COMBO1), (LPSTR) TypeBuf, 500);
char ValueBuf[500] = {0};
GetWindowTextA(GetDlgItem(hWndDlg, IDC_EDIT1), (LPSTR) ValueBuf, 500);
string ValueStr;
ValueStr += (LPSTR) ValueBuf;
stringstream ConvertValue; unsigned int Value;
ConvertValue << (LPSTR) ValueBuf; ConvertValue >> Value;
char Scan[500] = {0};
GetWindowTextA(GetDlgItem(hWndDlg, IDC_COMBO2), (LPSTR) Scan, 500);
DWORD lpflOldProtect;
if (!strcmp(Scan, "Exact Value"))
{
for (int i = Min; i <= Max; i ++)
{
char AddressBuf[500] = {0};
SendMessage(GetDlgItem(hWndDlg, IDC_LIST1), LB_GETTEXT, (WPARAM) i, (LPARAM) (LPTSTR) AddressBuf);
stringstream ConvertAddress(AddressBuf); LPVOID lpAddress;
ConvertAddress >> lpAddress;
DWORD dwAddress = (DWORD) lpAddress;
VirtualProtect((LPVOID) dwAddress, 4, PAGE_READWRITE, &lpflOldProtect);
if (((!strcmp(TypeBuf, "Byte")) && *(BYTE*) dwAddress != (BYTE) Value) ||
((!strcmp(TypeBuf, "2 Bytes")) && *(WORD*) dwAddress != (WORD) Value) ||
((!strcmp(TypeBuf, "4 Bytes")) && *(DWORD*) dwAddress != (DWORD) Value) ||
((!strcmp(TypeBuf, "8 Bytes")) && *(UINT64*) dwAddress != (UINT64) Value))
{
SendMessage(GetDlgItem(hWndDlg, IDC_LIST1), LB_DELETESTRING, (WPARAM) i, 0);
}
VirtualProtect((LPVOID) dwAddress, 4, lpflOldProtect, &lpflOldProtect);
}
GetResults(hWndDlg);
}
if (!strcmp(Scan, "Decreased.."))
{
for (int i = Min; i <= Max; i ++)
{
char AddressBuf[500] = {0};
SendMessage(GetDlgItem(hWndDlg, IDC_LIST1), LB_GETTEXT, (WPARAM) i, (LPARAM) (LPTSTR) AddressBuf);
stringstream ConvertAddress(AddressBuf); LPVOID lpAddress;
ConvertAddress >> lpAddress;
DWORD dwAddress = (DWORD) lpAddress;
VirtualProtect((LPVOID) dwAddress, 4, PAGE_READWRITE, &lpflOldProtect);
if (((!strcmp(TypeBuf, "Byte")) && ((*(BYTE*) dwAddress) >= ((BYTE) Value))) ||
((!strcmp(TypeBuf, "2 Bytes")) && ((*(WORD*) dwAddress) >= ((WORD) Value))) ||
((!strcmp(TypeBuf, "4 Bytes")) && ((*(DWORD*) dwAddress) >= ((DWORD) Value))) ||
((!strcmp(TypeBuf, "8 Bytes")) && ((*(UINT64*) dwAddress) >= ((UINT64) Value))))
{
SendMessage(GetDlgItem(hWndDlg, IDC_LIST1), LB_DELETESTRING, (WPARAM) i, 0);
}
VirtualProtect((LPVOID) dwAddress, 4, lpflOldProtect, &lpflOldProtect);
}
GetResults(hWndDlg);
}
if (!strcmp(Scan, "Increased.."))
{
for (int i = Min; i <= Max; i ++)
{
char AddressBuf[500] = {0};
SendMessage(GetDlgItem(hWndDlg, IDC_LIST1), LB_GETTEXT, (WPARAM) i, (LPARAM) (LPTSTR) AddressBuf);
stringstream ConvertAddress(AddressBuf); LPVOID lpAddress;
ConvertAddress >> lpAddress;
DWORD dwAddress = (DWORD) lpAddress;
VirtualProtect((LPVOID) dwAddress, 4, PAGE_READWRITE, &lpflOldProtect);
if (((!strcmp(TypeBuf, "Byte")) && *(BYTE*) dwAddress <= (BYTE) Value) ||
((!strcmp(TypeBuf, "2 Bytes")) && *(WORD*) dwAddress <= (WORD) Value) ||
((!strcmp(TypeBuf, "4 Bytes")) && *(DWORD*) dwAddress <= (DWORD) Value) ||
((!strcmp(TypeBuf, "8 Bytes")) && *(UINT64*) dwAddress <= (UINT64) Value))
{
SendMessage(GetDlgItem(hWndDlg, IDC_LIST1), LB_DELETESTRING, (WPARAM) i, 0);
}
VirtualProtect((LPVOID) dwAddress, 4, lpflOldProtect, &lpflOldProtect);
}
GetResults(hWndDlg);
}
}
|
Please, suggestions and comments can help me out.
|
|
| Back to top |
|
 |
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Thu May 06, 2010 5:48 pm Post subject: |
|
|
| most likely the memory that you are trying to read is dynamic and got freed between now and your last scan.
|
|
| Back to top |
|
|
iPromise
Grandmaster Cheater
![]() Reputation: -1
Joined: 27 Jun 2009
Posts: 529
Location: Canada
|
| Posted: Thu May 06, 2010 5:56 pm Post subject: |
|
|
| Hmm, so should I use VirtualQuery() on the address to check if its still readable memory?
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Thu May 06, 2010 6:01 pm Post subject: |
|
|
| could do but it's probably not worth it unless you do it in a way such that doesn't involve calling it for every single address in your list. i would just wrap the reading part for that in a try/except. if it throws an exception, just remove that address and assume it's been de-allocated
|
|
| Back to top |
|
|
Flyte
Peanuts!!!!
 Reputation: 6
Joined: 19 Apr 2006
Posts: 1887
Location: Canada
|
| Posted: Thu May 06, 2010 7:15 pm Post subject: |
 |
|
I feel sorry for you, so:
memory.hpp
Your missions, should you choose to accept them:- Write a CachedRemoteMemory class that extends RemoteMemory for faster scans.
- Add a cache for the value that was found on the last scan, enabling scans such as 'incremented'.
- Understand what is going on... shouldn't be hard for one who has mastered C++ (lol). No comments, since comments are ezmode.
(As noted in the file, largely untested so something is probably broken somewhere... I suppose that's what you get for a 1 hour hack job.)
Here is how to use (part of) it.
| Code: | #include <iostream>
#include <list>
#include "memory.hpp"
void ExampleOne(int i) {
std::list<Address> items;
Scanner scanner;
std::cout << "Starting..." << std::endl;
if(scanner.Scan<int>(i, items)) {
do {
std::cout << "Scanning..." << std::endl;
} while(scanner.ScanNext(++i, items) > 1);
if(items.size() == 1) {
std::cout << "Done." << std::endl;
std::cout << "i = " << i << std::endl
<< "&i = " << &i << std::endl;
Address addr = items.front();
std::cout << "addr = " << (int)addr << std::endl
<< "&addr = " << (void *)addr.Value() << std::endl;
std::cout << "Setting addr = " << i + 42 << std::endl;
addr = i + 42;
std::cout << "i = " << i << std::endl;
} else {
std::cout << "Something broke. Go fix it." << std::endl;
}
}
}
bool GreaterThan(int a, int b) {
return a > b;
}
bool LessThan(int a, int b) {
return a < b;
}
void ExampleTwo(int i) {
std::list<Address> items;
Scanner scanner;
std::cout << "Starting..." << std::endl;
if(scanner.Scan(i-10, items, GreaterThan)) {
std::cout << items.size() << " items greater than " << i-10 << "." << std::endl;
if(scanner.ScanNext(i+10, items, LessThan)) {
std::cout << items.size() << " items also less than " << i+10 << "." << std::endl;
if(scanner.ScanNext(i-2, items, GreaterThan)) {
std::cout << items.size() << " items also greater than " << i-2 << "." << std::endl;
if(scanner.ScanNext(i+2, items, LessThan)) {
std::cout << items.size() << " items also less than " << i+2 << "." << std::endl;
}
}
}
}
}
void PrintTestHeader(int i) {
std::cout << std::endl << "Test " << i << std::endl << "--------------" << std::endl;
}
int main()
{
// Fast
PrintTestHeader(1);
ExampleOne(3);
// Slow - Will probably crash (bad_alloc) on a big process. You need to store results in a file for such a situation.
PrintTestHeader(2);
ExampleOne(0);
// Same as above.
PrintTestHeader(3);
ExampleTwo(100);
return 0;
} |
Edit: Doesn't currently compile, I went and fucked a function up. brb while I fix it.
Edit 2: I believe I've fixed it. C++ and SEH together shit all over everything.
Last edited by Flyte on Thu May 06, 2010 11:45 pm; edited 1 time in total |
|
| Back to top |
|
|
iPromise
Grandmaster Cheater
![]() Reputation: -1
Joined: 27 Jun 2009
Posts: 529
Location: Canada
|
| Posted: Thu May 06, 2010 9:44 pm Post subject: |
|
|
Thanks a lot 
|
|
| Back to top |
|
|
Flyte
Peanuts!!!!
Reputation: 6
Joined: 19 Apr 2006
Posts: 1887
Location: Canada
|
| Posted: Thu May 06, 2010 11:46 pm Post subject: |
|
|
Remind me not to hack something like this up again... every time I look at it I find another thing that makes me go "what the fuck was I thinking?".
| iPromise wrote: | | Thanks a lot |
No problem. The bill will be in the mail shortly.
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Fri May 07, 2010 11:28 am Post subject: |
|
|
| Code: | #ifndef MEMORY_HPP // Header guards. One of the few legit uses of the C preprocessor (lol)
#define MEMORY_HPP |
|
|
| Back to top |
|
|
blitz02
Cheater
![]() Reputation: 0
Joined: 28 Feb 2007
Posts: 44
|
| Posted: Fri May 07, 2010 11:47 am Post subject: |
|
|
Oh. I still can't do it.
I don't know anymore.
Help me again, this is my scenario.
if( I Scan to 0x08000000 - upward)
I am allowed.. no error and I can change values..
But if I scan 0x07FFFFFF and below.. I'm gettin crashed..
No posted errors.. It just exits my program..
I think my head will explode..
I tried different types of memory scanner code,
also added virtual query..Still it crashes.. What am I suppose to do 
|
|
| Back to top |
|
|
hcavolsdsadgadsg
I'm a spammer
![]() Reputation: 26
Joined: 11 Jun 2007
Posts: 5801
|
| Posted: Fri May 07, 2010 2:33 pm Post subject: |
|
|
| blitz02 wrote: | | Still it crashes.. What am I suppose to do |
use the debugger instead of playing guessing games
|
|
| Back to top |
|
|
blitz02
Cheater
![]() Reputation: 0
Joined: 28 Feb 2007
Posts: 44
|
| Posted: Sat May 08, 2010 6:40 am Post subject: |
|
|
| slovach wrote: | | blitz02 wrote: | | Still it crashes.. What am I suppose to do |
use the debugger instead of playing guessing games |
Finally I did it! thanks!
I can already scan areas and make them to be displayed.
But another problem occurs.
I cannot write at them, even though they are PAGE_READWRITE.
gonna do another debugging.. cya lates! 
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
