| View previous topic :: View next topic |
| Author |
Message |
Obitio
Advanced Cheater
![]() Reputation: 0
Joined: 09 Apr 2012
Posts: 68
Location: null
|
 Posted: Wed Oct 17, 2012 12:01 pm Post subject: [Delphi]VirtualQueryEx |
 |
|
So are there any good tutorial's on the web to use VirtualQueryEx & how would I read the bytes off of the buffer in Delphi(since it's a chunk of memory it'll be reading).
Sorry for asking such a retarded question but I can't seem to figure out what to do (I tried a few things and everything just fucked up)>.>
_________________
Gamer |
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 471
Joined: 09 May 2003
Posts: 25833
Location: The netherlands
|
| Posted: Wed Oct 17, 2012 12:36 pm Post subject: |
|
|
The same way as in c++ but then in delphi syntax
Just use it to fill a memorybasicinformation structure for address 0 and go from there enumerating till the function fails
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Obitio
Advanced Cheater
![]() Reputation: 0
Joined: 09 Apr 2012
Posts: 68
Location: null
|
| Posted: Wed Oct 17, 2012 12:55 pm Post subject: |
|
|
| Dark Byte wrote: | The same way as in c++ but then in delphi syntax
Just use it to fill a memorybasicinformation structure for address 0 and go from there enumerating till the function fails |
I don't know that much c++ lol but i'll see what I could do anyways... why would it fail?
Anyways this is what I tried:
| Code: |
var
x:THandle;
scan:memory_basic_information;
statnow,stopatabout,what,br:dword;
hmm,addy:dword;
test:Array[0..1000] of dword;
label repeatandtryagain;
begin
ListBox1.Clear;
stopatabout:=$06000000;
statnow:=$04000000;
x:=OpenProcess(PROCESS_ALL_ACCESS,false,GetProcessID('winmine.exe'));
if x=0 then begin
ShowMessage('Failed to OP');
exit;
end;
//----------
repeat
repeatandtryagain:
VirtualQueryEx(x,pointer(statnow),scan,sizeof(MEMORY_BASIC_INFORMATION));//hmmm.....
if scan.RegionSize=0 then begin
statnow:=statnow+100;//hmm...maybe I should just cancel scan if this happens...
end;
if (DWORD(scan.BaseAddress)=0) then begin
statnow:=statnow+100;
goto repeatandtryagain;
end;
if ((scan.Protect=0) or (scan.Protect=1)) then begin
statnow:=statnow+scan.RegionSize;
goto repeatandtryagain;
end;
if ReadProcessMemory(x,pointer(scan.BaseAddress),@test,scan.RegionSize,br)=true then
begin
hmm:=0;
repeat
addy:=dword(scan.baseaddress)+hmm;
if IntToHex(Test[hmm],1)=IntToHex(StrToInt(Edit1.Text),1) then
ListBox1.Items.Add('Address:'+IntToStr(addy));
hmm:=hmm+1;
until hmm>scan.RegionSize;
end
else begin
statnow:=statnow+scan.RegionSize;
goto repeatandtryagain;
end;
statnow:=statnow+scan.RegionSize;
until stopatabout<statnow;
ShowMessage('Finished.');
end;
|
But it got a access violation+no addresses were found.Maybe I should increase the address range but I don't think that is the cause...
_________________
Gamer |
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 471
Joined: 09 May 2003
Posts: 25833
Location: The netherlands
|
| Posted: Thu Oct 18, 2012 11:57 am Post subject: |
|
|
I think it crashes because test is only 4096 bytes big, but scan.regionsize can be bigger than that
Also, never use goto
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Obitio
Advanced Cheater
![]() Reputation: 0
Joined: 09 Apr 2012
Posts: 68
Location: null
|
| Posted: Thu Oct 18, 2012 3:42 pm Post subject: |
|
|
| Dark Byte wrote: | I think it crashes because test is only 4096 bytes big, but scan.regionsize can be bigger than that
Also, never use goto |
I see.I'll guess I'll wait a few more years.And learn more c++/delphi before attempting to do this again lol..
_________________
Gamer |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
