Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


C++ AOB Scan

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
B14CKS1D3
Cheater
Reputation: 0

Joined: 30 Jul 2014
Posts: 26
PostPosted: Sun Jul 24, 2016 8:29 pm    Post subject: C++ AOB Scan Reply with quote
I'm trying to port my tool(x64, internal) to windows 10 and I'm having the following issue:

On windows 7, I start scanning memory from 0x10000000 to find what I need. Though, on windows 10 memory address are way higher in numbers and that doesn't work. (I can't use GetModuleHandle(0) because the address I search for are before the game's base address)


----------Edit------------
I can get where memory starts, but since on windows 10 memory seems so random and ends up crashing because after a while it gets in a memory region that I can't read.

I got the following code, which seems to work after letting my computer run the ScanC function for over 30min... How can I make it faster?
Code:
static bool IsReadable(void* p)
   {
      MEMORY_BASIC_INFORMATION mbi = { 0 };
      if (VirtualQuery(p, &mbi, sizeof(MEMORY_BASIC_INFORMATION))){
         if (mbi.State == MEM_COMMIT && ((mbi.Protect & PAGE_GUARD) == 0) && ((mbi.Protect == PAGE_NOACCESS) == 0)){
            bool CanBeAccessed = ((mbi.Protect & PAGE_READWRITE) != 0 || (mbi.Protect & PAGE_WRITECOPY) != 0 || (mbi.Protect & PAGE_EXECUTE_READWRITE) != 0 || (mbi.Protect & PAGE_EXECUTE_WRITECOPY) != 0);
            if (CanBeAccessed) return true;
         }
      }
      return false;
   }

   static DWORD64 ScanC(DWORD64 dwStart, DWORD64 dwLength, std::string s) {
      std::vector<PatternByte> p;
      std::istringstream iss(s);
      std::string w;
      while (iss >> w) {
         if (w.data()[0] == '?') { // Wildcard
            p.push_back(PatternByte());
         }
         else if (w.length() == 2 && isxdigit(w.data()[0]) && isxdigit(w.data()[1])) { // Hex
            p.push_back(PatternByte(w));
         }
         else {
            return NULL;
         }
      }
      printf("Scanning from %p to %p\n", dwStart, dwStart + dwLength);
      for (DWORD64 i = 0; i < dwLength; i++) {
         UINT8* lpCurrentByte = (UINT8*)(dwStart + i);
         if (!IsReadable((void*)(dwStart + i))) {
            printf("This is invalid: %p", (dwStart + i));
            continue;
         }
            bool found = true;

            for (size_t ps = 0; ps < p.size(); ps++) {
               if (p[ps].ignore == false && lpCurrentByte[ps] != p[ps].data) {
                  found = false;
                  break;
               }
            }

            if (found) {
               return (DWORD64)lpCurrentByte;
            }
      }

      return NULL;
   }


Last edited by B14CKS1D3 on Tue Jul 26, 2016 5:32 pm; edited 2 times in total
Back to top
View user's profile Send private message
hhhuut
Grandmaster Cheater
Reputation: 6

Joined: 08 Feb 2015
Posts: 607
PostPosted: Mon Jul 25, 2016 2:26 am    Post subject: Reply with quote
Start your search from address 0x0 and use VirtualQueryEx to determine if the page actually is committed.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites