 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
paulomendes1
How do I cheat?
![]() Reputation: 0
Joined: 10 May 2016
Posts: 2
|
 Posted: Tue May 10, 2016 7:19 pm Post subject: Fast ReadProcessMemory, Save Guest Names What is in memory |
 |
|
My code is very slow , how do I get it fast? And I would like to put a scanner on if you have a name in memory save it in a text file .
#include <iostream>
#include <iomanip>
#include <windows.h>
#include <tlhelp32.h>
#include <shlwapi.h>
#include <shlobj.h>
#include <fstream>
#define ReadLimit 100*4096 //6 zeroes - for ReadProcessMemory
#define StaticCacheSize 2*40000
using namespace std;
int main()
{
DWORD address = 0x02C076C8;
char* value = new char[79];
HANDLE hProcess, hProcesses;
MEMORY_BASIC_INFORMATION MBI;
BYTE *Buf, pGlobalBuf;
DWORD ReadAddr, QueryAddr, BytesRead, BufSize;
ofstream meuArquivo;
// OpenProcess
HANDLE phandle = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION,
0,
28104);
// verifica se o soft está em execução
if (!phandle)
{
cout << "Programa não está em execução!";
}
QueryAddr = 0;
while (1)
{ //Enumerate process memory regions
VirtualQueryEx(phandle, (LPVOID) QueryAddr, &MBI, sizeof(MBI)); //if its bigger than 1 0 000 000 bytes, read only that amount
if (MBI.BaseAddress == 0 && QueryAddr != 0)
{
break;
} //memory regions finished
QueryAddr += (DWORD) MBI.RegionSize;
if (MBI.Protect & PAGE_NOACCESS || MBI.Protect & PAGE_GUARD /*|| MBI.Protect&PAGE_EXECUTE || MBI.Protect&PAGE_EXECUTE_READ || MBI.State&MEM_FREE*/)
{
continue;
}
ReadAddr = 0;
while (MBI.RegionSize > 0)
{
if (ReadAddr != 0)
{
ReadAddr += ReadLimit;
}
else
{
ReadAddr = (DWORD) MBI.BaseAddress;
}
if (MBI.RegionSize > ReadLimit)
{
BufSize = ReadLimit;
MBI.RegionSize -= ReadLimit;
}
else
{
BufSize = MBI.RegionSize;
MBI.RegionSize = 0;
}
BytesRead = 0;
meuArquivo.open("teste.txt", ios::out | ios::ate | ios::in);
ReadProcessMemory(phandle,
(LPVOID) ReadAddr,
&value[0],
100,
&BytesRead);
meuArquivo << value << endl;
cout << value << endl;
meuArquivo.close();
}
}
return 0;
}
|
|
| Back to top |
|
 |
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Tue May 10, 2016 11:51 pm Post subject: |
|
|
You are only reading 100 bytes at a time, it is going to be insanely slow to keep doing over and over again. Read the full regions size of memory then check the return values from ReadProcessMemory to determine if it read the full section successfully. If not, it will either say it failed entirely or that it only read partial memory. If it read partial use the BytesRead value to determine how much is left to read and where to offset the read address from to continue reading etc.
_________________
- Retired. |
|
| Back to top |
|
|
spiritrg45
How do I cheat?
![]() Reputation: 0
Joined: 12 Apr 2016
Posts: 2
|
| Posted: Wed May 11, 2016 8:07 am Post subject: |
|
|
| atom0s wrote: | | You are only reading 100 bytes at a time, it is going to be insanely slow to keep doing over and over again. Read the full regions size of memory then check the return values from ReadProcessMemory to determine if it read the full section successfully. If not, it will either say it failed entirely or that it only read partial memory. If it read partial use the BytesRead value to determine how much is left to read and where to offset the read address from to continue reading etc. |
give me an example , thank you.
|
|
| Back to top |
|
|
atom0s
Moderator
Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Thu May 12, 2016 1:20 am Post subject: |
|
|
| spiritrg45 wrote: | | atom0s wrote: | | You are only reading 100 bytes at a time, it is going to be insanely slow to keep doing over and over again. Read the full regions size of memory then check the return values from ReadProcessMemory to determine if it read the full section successfully. If not, it will either say it failed entirely or that it only read partial memory. If it read partial use the BytesRead value to determine how much is left to read and where to offset the read address from to continue reading etc. |
give me an example , thank you. |
You are already using everything you need. If you are still needing an example then you probably just copy-pasted the above code. Take the time to read and learn what you are doing. I'm not spoon feeding you code.
_________________
- Retired. |
|
| Back to top |
|
|
spiritrg45
How do I cheat?
![]() Reputation: 0
Joined: 12 Apr 2016
Posts: 2
|
| Posted: Thu May 12, 2016 8:46 am Post subject: |
|
|
| atom0s wrote: | | spiritrg45 wrote: | | atom0s wrote: | | You are only reading 100 bytes at a time, it is going to be insanely slow to keep doing over and over again. Read the full regions size of memory then check the return values from ReadProcessMemory to determine if it read the full section successfully. If not, it will either say it failed entirely or that it only read partial memory. If it read partial use the BytesRead value to determine how much is left to read and where to offset the read address from to continue reading etc. |
give me an example , thank you. |
You are already using everything you need. If you are still needing an example then you probably just copy-pasted the above code. Take the time to read and learn what you are doing. I'm not spoon feeding you code. |
Problem From this source That done, he is very slow , I have to escultar suggestions to improve , you have any suggestions you can give me ?
|
|
| Back to top |
|
|
Dark Byte
Site Admin
 Reputation: 471
Joined: 09 May 2003
Posts: 25813
Location: The netherlands
|
| Posted: Thu May 12, 2016 9:30 am Post subject: |
|
|
group the reads together in as little reads as possible
VirtualQueryEx tells you the max size of the memory block. Try allocating the memory you need first, and then read it.
Or at least read in blocks of 4096 bytes. That's the smallest amount of memory windows/the system can allocate at a time.
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
WndDrgn
Cheater
![]() Reputation: 0
Joined: 24 May 2015
Posts: 49
|
| Posted: Sat May 14, 2016 7:46 pm Post subject: |
|
|
To paulomendes1,
This should help.
This code provided by atom0s
| Code: |
/**
* Simple Memory Scanner Example
* (c) 2014 atom0s [[email protected]]
*/
#include <Windows.h>
#include <string>
#include <TlHelp32.h>
/**
* @brief The target process to scan within.
*/
#define TARGET_NAME "winmine.exe"
/**
* @brief Obtains the process id of the given target.
*
* @return The process id if found, 0 otherwise.
*/
unsigned int getTargetProcessId()
{
PROCESSENTRY32 pe32 = { sizeof(PROCESSENTRY32) };
// Obtain a snapshot of the current process list..
auto handle = ::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (handle == INVALID_HANDLE_VALUE)
return 0;
// Obtain the first process..
if (!::Process32First(handle, &pe32))
{
::CloseHandle(handle);
return 0;
}
// Loop each process looking for the target..
do
{
if (!_stricmp(pe32.szExeFile, TARGET_NAME))
{
::CloseHandle(handle);
return pe32.th32ProcessID;
}
} while (::Process32Next(handle, &pe32));
// Cleanup..
::CloseHandle(handle);
return 0;
}
/**
* @brief Entry point of this application.
*
* @param argc The count of arguments passed to this application.
* @param argv The array of arguments passed to this application.
*
* @return Non-important return.
*/
int __cdecl main(int argc, char* argv[])
{
// Obtain the target process id..
auto processId = getTargetProcessId();
if (processId == 0)
return 0;
// Open a handle to the target..
auto handle = ::OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, FALSE, processId);
if (handle == INVALID_HANDLE_VALUE)
return 0;
// Obtain the current system information..
SYSTEM_INFO sysInfo = { 0 };
::GetSystemInfo(&sysInfo);
auto addr_min = (long)sysInfo.lpMinimumApplicationAddress;
auto addr_max = (long)sysInfo.lpMaximumApplicationAddress;
auto found = 0;
// Loop the pages of memory of the application..
while (addr_min < addr_max)
{
MEMORY_BASIC_INFORMATION mbi = { 0 };
if (!::VirtualQueryEx(handle, (LPCVOID)addr_min, &mbi, sizeof(mbi)))
{
printf_s("Failed to query memory.\n");
break;
}
// Determine if we have access to the page..
if (mbi.State == MEM_COMMIT && ((mbi.Protect & PAGE_GUARD) == 0) && ((mbi.Protect & PAGE_NOACCESS) == 0))
{
//
// Below are flags about the current region of memory. If you want to specifically scan for only
// certain things like if the area is writable, executable, etc. you can use these flags to prevent
// reading non-desired protection types.
//
auto isCopyOnWrite = ((mbi.Protect & PAGE_WRITECOPY) != 0 || (mbi.Protect & PAGE_EXECUTE_WRITECOPY) != 0);
auto isExecutable = ((mbi.Protect & PAGE_EXECUTE) != 0 || (mbi.Protect & PAGE_EXECUTE_READ) != 0 || (mbi.Protect & PAGE_EXECUTE_READWRITE) != 0 || (mbi.Protect & PAGE_EXECUTE_WRITECOPY) != 0);
auto isWritable = ((mbi.Protect & PAGE_READWRITE) != 0 || (mbi.Protect & PAGE_WRITECOPY) != 0 || (mbi.Protect & PAGE_EXECUTE_READWRITE) != 0 || (mbi.Protect & PAGE_EXECUTE_WRITECOPY) != 0);
// Dump the region into a memory block..
auto dump = new unsigned char[mbi.RegionSize + 1];
memset(dump, 0x00, mbi.RegionSize + 1);
if (!::ReadProcessMemory(handle, mbi.BaseAddress, dump, mbi.RegionSize, NULL))
{
printf_s("Failed to read memory of location: %08X\n", mbi.BaseAddress);
break;
}
// Scan for 4 byte value of 1337..
for (auto x = 0; x < mbi.RegionSize - 4; x += 4)
{
if (*(DWORD*)(dump + x) == 1337)
found++;
}
// Cleanup the memory dump..
delete[] dump;
}
// Step the current address by this regions size..
addr_min += mbi.RegionSize;
}
printf_s("Found %d results!\n", found);
// Cleanup..
::CloseHandle(handle);
return ERROR_SUCCESS;
}
|
You welcome! 
btw
If you have further question, ask me first.
If i cant answer, then we can ask to mod.
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
