|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
DanyDollaro Master Cheater Reputation: 3
Joined: 01 Aug 2019 Posts: 334
|
Posted: Thu Nov 07, 2019 5:10 pm Post subject: How can the CE memory scanner be so fast? |
|
|
Recently I have created a function in C++ (a Memory Scanner) that receives as input:
the value to look for,
the first address from which to start the search,
the last address of the search,
the alignment with which to search;
and saves the addresses on which it found the desired value in a (dynamic) vector.
The function is this [C++] (UINT64 = 64bit unsigned integer):
Code: | std::vector<UINT64> ScannValue(HANDLE hProcess, UINT64 Value, UINT64 StartAddress, UINT64 LastAddress, BYTE Alignment)
{
std::vector<UINT64> Addresses;
UINT64 Buffer = 0;
while (StartAddress <= LastAddress)
{
ReadProcessMemory(hProcess, (LPVOID)StartAddress, &Buffer, Alignment, NULL);
if (Value == Buffer)
{
Addresses.push_back(StartAddress);
}
StartAddress += Alignment;
}
return Addresses;
} |
(The fact that I showed you the function`s code is irrelevant, the most important part are the results)
I tried to do a speed test of my function against the CE memory scanner (Spoiler: had won CE ) I setted my function to look up from the address 0x0 to 0xFFFFFFFF, and set CE so that it scans from the address 0x0 to 0xFFFFFFFF (I changed the CE scan settings and ran the test several times) But CE has a speed stunning, he did all the scans in less than 1 second reporting +1300 results as opposed of my function which took 13 minutes and about 20 seconds to find 742 results (And the scan was not over yet).
After that, I want to ask you:
1) How many threads does CE use for a scan of this type ("New Scan" - 4 byte value)?
2) Scan all the bytes it finds in the range?
3) Skip the page scan if it is not inaccessible or unallocated?
4) Are there any other operations CE do to speed up the scan?
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25296 Location: The netherlands
|
Posted: Thu Nov 07, 2019 5:29 pm Post subject: |
|
|
1: The total number of CPU cores in your system (/2 if hyperthreading is detected)
4:
Limit the number of ReadProcessMemory calls
CE first builds a list of all available memory regions. Then combines that into a list of ReadProcessMemory calls (up to a max block size specified in settings)
Then for each entry call ReadProcessMemory, scan the buffer for the value, and on to the next block
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
DanyDollaro Master Cheater Reputation: 3
Joined: 01 Aug 2019 Posts: 334
|
Posted: Thu Nov 07, 2019 7:44 pm Post subject: |
|
|
Thank you very much Dark Byte is an honor to have your answer , I tried to replicate your algorithm and it has an impressive speed !!
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|