Quantcast

Jump to content

» «
Photo

Pointers !

7 replies to this topic
Ashwin.Star
  • Ashwin.Star

    I'm a Business Boy Now !

  • Members
  • Joined: 14 Nov 2010
  • India

#1

Posted 09 April 2012 - 11:32 AM

hi guys,
Memory addresses can be Written in Many Ways

(1)0x4406EC

(2) 0x7E49C0+244

(3) Cleo.asi+3D748

but only 1 & 2 can be used While Scripting,
so, can anyone tell me How can i find Pointer(2)
for some mem add like 3 ?

i want to read this one i my script
cleo.asi+41094 // no of cleo script Attached to the Game

I am using CE

fastman92
  • fastman92

    фастман92 | ف

  • Members
  • Joined: 28 Jul 2009

#2

Posted 09 April 2012 - 12:24 PM Edited by fastman92, 15 November 2012 - 07:45 PM.

CODE
{$CLEO}
0000: NOP

if
0AA2: 0@ = load_library "Kernel32.dll" // IF and SET
else_jump @Error
0AA4: 1@ = get_proc_address "GetModuleHandleA" library 0@ // IF and SET

0A9F: 2@ = current_thread_pointer
2@ += 0x10
0A8D: 2@ = read_memory 2@ size 4 virtual_protect FALSE
2@ -= @DLL_Name

0AA7: call_function 1@ num_params 1 pop 0 lpModuleName 2@ HMODULE_result 2@
// 2@ - address of CLEO.asi

// You can do: 2@ += 0x3D748

0AA3: free_library 0@       // if you don't want to use it anymore

   while true
   wait 0
   0AD1: show_formatted_text_highpriority "DLL base address: %X" time 2000 2@
   end
   
:Error
wait 0
// error comunique
0AD1: show_formatted_text_highpriority "Error" time 2000
jump @Error    

:DLL_Name
hex
"cleo.asi" 00
end



Use GetModuleHandle function

Remember 0AD1 is used only to show in example and it's CLEO4 opcode.

Silent
  • Silent

    Moderating Cookie Monster

  • Feroci Racing
  • Joined: 01 Feb 2010
  • Poland

#3

Posted 09 April 2012 - 01:17 PM

If you use SA, it can be done faster:

CODE
{$CLEO}
0A9F: 0@ = current_thread_pointer
0@ += 0x10
0A8D: 0@ = read_memory 0@ size 4 virtual_protect 0
0@ -= @DLL_Name

0AA7: call_function 0x81E406 num_params 1 pop 0 lpModuleName 0@ HMODULE_result 2@
// 1@ - address of CLEO.asi

// You can do: 1@ += 0x3D748


while true
  wait 0
  0AD1: show_formatted_text_highpriority "DLL base address: %X" time 2000 2@
end

:DLL_Name
hex
"cleo.asi" 00
end


CLEO4 makes stuff EVEN easier:

CODE
{$CLEO}
0AA7: call_function 0x81E406 num_params 1 pop 0 lpModuleName "cleo.asi" HMODULE_result 2@
// 1@ - address of CLEO.asi

// You can do: 1@ += 0x3D748


while true
  wait 0
  0AD1: show_formatted_text_highpriority "DLL base address: %X" time 2000 2@
end


Edit:
As you seem to mod VC more, address of this function in VC is 0x663550, so you can try the 2nd method using this address instead (and, of course, VC opcode IDs).

Ashwin.Star
  • Ashwin.Star

    I'm a Business Boy Now !

  • Members
  • Joined: 14 Nov 2010
  • India

#4

Posted 09 April 2012 - 01:47 PM

Sorry Guys i forget to tell you that i need it for VC,

Did i created any Topic for SA yet ?

Silent
  • Silent

    Moderating Cookie Monster

  • Feroci Racing
  • Joined: 01 Feb 2010
  • Poland

#5

Posted 09 April 2012 - 01:53 PM

Then read my EDIT, I've added it before you've even posted.

Ashwin.Star
  • Ashwin.Star

    I'm a Business Boy Now !

  • Members
  • Joined: 14 Nov 2010
  • India

#6

Posted 09 April 2012 - 02:37 PM

A Little Confusion >>>

SA
0AA7: call_function 0x81E406 num_params 1 pop 0 lpModuleName "cleo.asi" HMODULE_result 2@

VC
05E2: call_function 0x4BC1E0 num_params 0 pop 0 0@
05E4: call_function_method 0x5BAA80 struct 0@ num_params 0 pop 0 1@

none of them is Similar to that of SA

Silent
  • Silent

    Moderating Cookie Monster

  • Feroci Racing
  • Joined: 01 Feb 2010
  • Poland

#7

Posted 09 April 2012 - 02:39 PM

05E2 is.

LINK/2012
  • LINK/2012

    LIVIN' IN CODE

  • Feroci Racing
  • Joined: 30 Jan 2011
  • Brazil

#8

Posted 09 April 2012 - 03:03 PM

CODE
lpModuleName "cleo.asi" HMODULE_result 2@

This is just extra params.




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users