 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
SleepiDreamer
Cheater
![]() Reputation: 0
Joined: 27 Aug 2021
Posts: 41
|
 Posted: Wed Mar 23, 2022 5:17 am Post subject: C++ - Something is going wrong in this function |
 |
|
Hey all!
I'm trying to AOBScan using an external C++ program. For now I just manually look up the address of the .exe, but I can make that automatic later. I know that what I'm trying to find is definitely within .exe+1000000 and .exe+3000000. I know the AOB is correct because Cheat Engine finds it without any problems.
I found this function by Atom0s (and added some qDebug() stuff which is basically just cout):
| Code: | static intptr_t FindPattern(std::vector<intptr_t> data, intptr_t baseAddress, const unsigned char* lpPattern, const char* pszMask, intptr_t offset, intptr_t resultUsage)
{
// Build vectored pattern..
std::vector<std::pair<intptr_t, bool>> pattern; //declare vector containing positive numbers
for (size_t x = 0, y = strlen(pszMask); x < y; x++) //repeat len(pszMask)
pattern.push_back(std::make_pair(lpPattern[x], pszMask[x] == 'x')); //append the pair (lpPattern[x], pszMask[x] == 'x') to vector pattern, for example: (0x9F, 1)
auto scanStart = data.begin();
auto resultCnt = 0;
while (true)
{
// Search for the pattern..;
auto ret = std::search(scanStart, data.end(), pattern.begin(), pattern.end(), [&](intptr_t curr, std::pair<intptr_t, bool> currPattern)
{
qDebug() << "return something idk";
return (!currPattern.second) || curr == currPattern.first;
});
qDebug() << "resultCnt:" << resultCnt;
// Did we find a match..
if (ret != data.end())
{
// If we hit the usage count, return the result..
if (resultCnt == resultUsage || resultUsage == 0)
return (std::distance(data.begin(), ret) + baseAddress) + offset;
//or possibly:
//return (scanStart+resultCnt);
// Increment the found count and scan again..
++resultCnt;
scanStart = ++ret;
}
else
qDebug("didn't find the fookin AOB");
break;
}
return 0; //return 0 if there are no matches
} |
main.cpp:
| Code: |
const intptr_t baseAddressP = 0x7FF7DDDCA5D8;
std::vector<intptr_t> dataP = {baseAddressP, baseAddressP+0x8000000};
const unsigned char lpPatternP[] = {0x8B, 0x82, 0xA4, 0x00, 0x00, 0x00, 0x89, 0x81, 0xA4, 0x00, 0x00, 0x00, 0x8B, 0x82, 0xA8, 0x00, 0x00, 0x00, 0x89, 0x81, 0xA8, 0x00, 0x00, 0x00, 0x8B, 0x82, 0xAC, 0x00, 0x00, 0x00, 0x89, 0x81, 0xAC, 0x00, 0x00, 0x00};
const char* pszMaskP = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
intptr_t offsetP = 0;
intptr_t resultUsageP = 0;
DWORD addy = FindPattern(dataP, baseAddressP, lpPatternP, pszMaskP, offsetP, resultUsageP);
qDebug() << "addy:" << addy; |
But when I run it it just returns 0 after the first iteration. I've studied it for a few hours now but don't fully understand everything in it, but I definitely do understand the part where the pattern is made (which looks correct while debugging).
Is there something simple I did wrong or is this just not made for an external program? (for Minecraft Windows 10 Edition, which is a UWP app)
_________________
Hope you're having a great day! |
|
| Back to top |
|
 |
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Wed Mar 23, 2022 8:47 pm Post subject: |
|
|
You need to dump information from the remote process, what you're doing there is just mapping your own processes memory to 'dataP'. Look into using:
- OpenProcess
- ReadProcessMemory
Read the region(s) you want to scan within and pass that data to the FindPattern call instead.
_________________
- Retired. |
|
| Back to top |
|
|
SleepiDreamer
Cheater
![]() Reputation: 0
Joined: 27 Aug 2021
Posts: 41
|
| Posted: Thu Mar 24, 2022 4:29 am Post subject: |
|
|
Thanks for the reply!
Should I do something like this pseudo code?
| Code: |
dataP = OpenProcess(GetBaseAddress("Minecraft.Windows.exe"))
FindPattern(dataP, ...);
|
I'm sorry if I misunderstood your response.
_________________
Hope you're having a great day! |
|
| Back to top |
|
|
TsTg
Master Cheater
 Reputation: 5
Joined: 12 Dec 2012
Posts: 340
Location: Somewhere....
|
| Posted: Thu Mar 24, 2022 2:08 pm Post subject: |
|
|
1- get the ID of the target process, by looping through system running processes, there are multiple methods of getting the ID, google and choose the best one for you  .
2- Get a Handle to the process, using the ID you obtained (OpenProcess api)
3- Get the base address and the virtual memory size of the module you need (using Createtoolhelp32snapshot, Module32First, Module32Next, VirtualQueryEx,...etc)
4- do your FindPattern call and any other memory reads/write after
5- Close the process handle once you are done with all the memory work .
|
|
| Back to top |
|
|
SleepiDreamer
Cheater
![]() Reputation: 0
Joined: 27 Aug 2021
Posts: 41
|
| Posted: Sat Mar 26, 2022 8:25 am Post subject: |
|
|
| Code: | //1- get the ID of the target process, by looping through system running processes, there are multiple methods of getting the ID, google and choose the best one for you.
DWORD ProcessId = GetProcessId(L"Minecraft.Windows.exe");
//2- Get a Handle to the process, using the ID you obtained (OpenProcess api)
HANDLE ProcessHandle = OpenProcess(PROCESS_ALL_ACCESS, NULL, ProcessId);
//3- Get the base address and the virtual memory size of the module you need (using Createtoolhelp32snapshot, Module32First, Module32Next, VirtualQueryEx,...etc)
uintptr_t BaseAddress = GetModuleBaseAddress(ProcessId, L"Minecraft.Windows.exe");
//3.5 Get Data
LPVOID ReadBuffer;
SIZE_T nReadBuffer;
SIZE_T ReadSize = 0x5000000;
ReadProcessMemory(ProcessHandle, (LPCVOID)BaseAddress, &ReadBuffer, ReadSize, &nReadBuffer);
qDebug() << ReadBuffer << nReadBuffer; |
ReadBuffer is just '0x1' and nReadBuffer is '0'.
I thought it would store all the memory data of Minecraft.Windows.exe?
EDIT: dumb me forgot to open the game...
_________________
Hope you're having a great day! |
|
| Back to top |
|
|
TsTg
Master Cheater
Reputation: 5
Joined: 12 Dec 2012
Posts: 340
Location: Somewhere....
|
| Posted: Sun Mar 27, 2022 3:38 pm Post subject: |
|
|
| Quote: | | I thought it would store all the memory data of Minecraft.Windows.exe? |
the pointer &ReadBuffer points to a memory area you allocated in your application, which will recieve the bytes from the game's process, this memory must be big enough to hold the data you are reading.
ReadSize is a integer value that specifies the size of that memory you allocated, let's say you are reading 14 bytes of memory, so you set this to 14, and provide a pointer to a memory that has at least 14 bytes of writable area.
whereas &nReadBuffer is a pointer to a value that recieves the actually-read number of bytes when the operation has finished (its for error checking mostly)
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
