Viktor1703
AutoIT Гуру
- Сообщения
- 1,535
- Репутация
- 413
Как с найти начальный адрес HP не используя ArtMoney и т.д. а с помощью Автоита?
Global $ScanDll = DllOpen(@ScriptDir & "\ScanMemory.dll")
Global $ScanValue = ScanMemory("Текстовый документ (2) - Блокнот", "Hello")
$hForm = GUICreate("ScanMemory", 220, 40)
$Input = GUIctrlCreateInput("Address: " & $ScanValue, 10, 10, 200, 20)
GUISetState()
While 1
Switch GUIGetMsg()
Case -3
Exit
EndSwitch
WEnd
Func ScanMemory($Title, $SearchValue)
If IsNumber($Title) Then $Title = String($Title)
If IsNumber($SearchValue) Then $SearchValue = String($SearchValue)
Local $Ret = DllCall($ScanDll, "int", "ScanValueMemory", "str", $Title, "str", $SearchValue)
Return "0x" & Hex($Ret[0], 7)
EndFunc
Func FindBA()
Local $BAArr[50][2], $i, $n, $BACnt = 0
For $i = 0 To 49; Обнуление массива
$BAArr[$i][0] = 0
$BAArr[$i][1] = 0
Next
For $n = 0x00401000 To 0x00403000 Step 1; Диапазон поиска
$Ram = _MemoryRead($n,$HendleDll, "ushort")
If $Ram == 0x0D8B Then; искать mov ecx, dword ptr BA
$Ram = _MemoryRead($n+2,$HendleDll)
For $i = 0 To 49
If $BAArr[$i][0] == 0 Then
$BAArr[$i][0] = $Ram
$BAArr[$i][1] = 1
ExitLoop
ElseIf $BAArr[$i][0] == $Ram Then
$BAArr[$i][1] += 1
ExitLoop
EndIf
Next
EndIf
Next
For $i = 0 To 49
If $BAArr[$i][1] > $BACnt Then
$BaseAdress = $BAArr[$i][0]
$BACnt = $BAArr[$i][1]
EndIf
Next
EndFunc
$File=FileOpen("elementclient.exe",16)
$Data=FileRead($File,FileGetSize("elementclient.exe"))
FileClose($File)
$Search=StringRegExp($Data,"8B15(.{8})50518B4A2081C1.{8}E8.{8}",2)