No "FindPattern" functionality? Find location/address of Array of Bytes? I really expected it to at least have that... or at least an AoBSwap function because of it being a closed source DLL, & not being able to edit the source to add these features.
I always hear "smarty pants" folks responding with "...just enter the base address, or pointer", but understand that not all games work with fixed base address/pointers due to being changed at every game start.
This project is by far the best attempt at bundling all these features into one I've seen, but I think it would be awesome if it also included an AoBSwap feature as well as a FindPattern function.
Just my 2 cents worth (Not much... I know, just contributing a suggestion)
Here's an example in VB.NET that I found online (in C#) for finding the first occurrence of a string in a process's memory:
Imports:
Code:
Imports System.Collections.Generic
imports System.Diagnostics
Imports System.Text
Imports ManagedWinapi '<=== From ****** (ManagedWinapi.dll)
Code:
Code:
Private Sub Button1_Click(sender As System.Object, e As System.EventArgs) Handles Button1.Click
Dim tmpByte() As Byte = Encoding.ASCII.GetBytes("Hi... I'm a test string :)")
Dim p As Process() = Process.GetProcessesByName("plugin-container")
TextBox1.Text = "&H" & Hex(GetMemoryAddressOfString(tmpByte, p(0))).ToString
End Sub
Private Shared Function GetMemoryAddressOfString(searchedBytes As Byte(), p As Process) As List(Of String)
Dim addr As Integer = 0
Dim speed As Integer = 1024 * 64
Dim j As Integer = &H400000
While j < &H7FFFFFFF
' I think J should be casted to IntPtr in the next line :)
Dim mem As ManagedWinapi.ProcessMemoryChunk = New ManagedWinapi.ProcessMemoryChunk(p, j, speed + searchedBytes.Length)
Dim bigMem As Byte() = mem.Read()
For k As Integer = 0 To bigMem.Length - searchedBytes.Length - 1
Dim found As Boolean = True
For l As Integer = 0 To searchedBytes.Length - 1
If bigMem(k + l) <> searchedBytes(l) Then
found = False
Exit For
End If
Next
If found Then
addr = k + j
Exit For
End If
Next
If addr <> 0 Then
'addrList.Add(addr);
'addr = 0;
Exit While
End If
j += speed
End While
'return addrList;
Return addr
End Function
This one is not as fast as the FindPattern function of BlackMagic1.1, but it works. :P
I'm going to find out where I got this code from, & add the appropriate credits. Have no clue at the moment.
EDIT:
Instead of just exiting out, returning the address found, you can add to an AddressList, & continue until no more instances of the byte array is found, then return the list.
The list can be List(Of Uint32), or List(Of String) pre-formatted to include the &H, or 0x along with the UInt32 being converted to Hex - Like:
Code:
MyList.Add("&H" & Hex(addr))
Here's a List(Of String) example:
Code:
Private Sub Button1_Click(sender As System.Object, e As System.EventArgs) Handles Button1.Click
Dim tmpByte() As Byte = Encoding.ASCII.GetBytes("Hi... I'm a test string :)")
Dim p As Process() = Process.GetProcessesByName("plugin-container")
TextBox1.Text = "&H" & Hex(GetAddressOfString(tmpByte, p(0))).ToString
End Sub
Private Shared Function GetAddressOfString(searchedBytes As Byte(), p As Process) As List(Of String)
Dim addrLst As New List(Of String)
Dim addr As UInt32 = 0
Dim speed As Integer = 1024 * 64
Dim j As UInt32 = &H0 ' &H400000
While j < &H7FFFFFFF
' I think J should be casted to IntPtr in the next line, but works as UInt32 :)
Dim mem As ManagedWinapi.ProcessMemoryChunk = New ManagedWinapi.ProcessMemoryChunk(p, j, speed + searchedBytes.Length)
Dim bigMem As Byte() = mem.Read()
For k As Integer = 0 To bigMem.Length - searchedBytes.Length - 1
Dim found As Boolean = True
For l As Integer = 0 To searchedBytes.Length - 1
If bigMem(k + l) <> searchedBytes(l) Then
found = False
Exit For
End If
Next
If found Then
addr = k + j
Exit For
End If
Next
If addr <> 0 Then
addrLst.Add("&H" & Hex(addr))
addr = 0
End If
j += speed
End While
Return addrLst
End Function
I hope it's enough to get folks started in the right direction. This has been seriously lacking online, & here it is, on MPGH.NET! :P
ps: As I said before, I will post credits for the authors of the original unedited code when I locate where I got them from. I saw one earlier, but forgot to take note of names, & site. If you find them before me, then PM me, or just make a mention below. I'll update this post with the appropriate details as I relocate them.