1. ## Reading Array Elements - AOB Scan Function

Hey Guys,

I have been trying to crack this for hours now, Ive been trying to create my own AOB Scan Function and well I am able to read the first byte and return the address but I dont know how to access the entire array to say if address bytes = DefinedByteArray, Ill show you my code and maybe you can help.

```DWORD AOBscan(){

BYTE  Bytes[] = {0x71, 0x16};

if(Res == Bytes[0]){
cout << hex << StartAddress << endl;
break;
}

}
}```

I am getting so close - i know i have to read the addresses one by one, and byte by byte and i need some sort of loop, i just cant think of how to code it.

I have tried many different lopping methods - i guess i need to go back to learning about arrays and just general C++ .

here is a different approach:

```DWORD AOBscan(){
DWORD ReadLength = 0x19; // how many bytes to read from base
int bytePattern = 0;
BYTE PatternOfBytes[] = {0x89, 0xFF};

for(int i = 0; i != ReadLength; i++){

{
bytePattern++; //Increase the array number to read
}

else if(bytePattern == PatternOfBytes[2]) //If the POB has reached it's end, return the address location
{
cout << hex << StartAddress + i << endl;
}

else
{
bytePattern = 0; //The pattern was false so start from 0 and next address
}
}

}```

dont worry about different address its just for debuging on solitaire atm, i will eventually have it so user can input start/end address and bytes to look for

2. Pattern scan i understand?
make a BYTE* pointer to this memory and check from 0 to sizeof(yourpattern) if all bytes match i guess, if not, startaddress++ till u reach the end

3. Originally Posted by Nether

4. Originally Posted by till0sch97
......

I can read every byte from StartAddress to EndAddress Perfectly but its one at a time - im trying the sizeof method provided, the only problem is reading it as an array so hopefully can solve later on, if not ill go back to learning about pointers and arrays

5. Originally Posted by Nether
......

I can read every byte from StartAddress to EndAddress Perfectly but its one at a time - im trying the sizeof method provided, the only problem is reading it as an array so hopefully can solve later on, if not ill go back to learning about pointers and arrays
[PHP]
/* an array with 5 elements */
double balance[5] = {1000.0, 2.0, 3.4, 17.0, 50.0};
double *p;
int i;

p = balance; // p is a pointer to the first element of balance 0x6A21B25 in your case I guess

/* output each array element's value */
printf( "Array values using pointer\n");
for ( i = 0; i < 5; i++ )
{
printf("*(p + %d) : %f\n", i, *(p + i) ); // loop through the array
}
[/PHP]

So you could try to use the pointer of the first element and just loop the bytes if you know the size of the array. (end address - start address).
It is legal to use array names as constant pointers, and vice versa. Therefore, *(balance + 4) is a legitimate way of accessing the data at balance[4].

6. Originally Posted by Nether
......

I can read every byte from StartAddress to EndAddress Perfectly but its one at a time - im trying the sizeof method provided, the only problem is reading it as an array so hopefully can solve later on, if not ill go back to learning about pointers and arrays
I'm sorry I misread sth there.. Why's your pattern only 2 bytes btw?

7. Don't know if this works but you could maybe try creating a buffer in your loop, with the length of your pattern, then just read X bytes (pattern length) and compare them with '=='

8. Originally Posted by till0sch97
Don't know if this works but you could maybe try creating a buffer in your loop, with the length of your pattern, then just read X bytes (pattern length) and compare them with '=='
I think i may have to make a buffer size.

Im able to read more than 1 byte now thanks to NTvalk.

Only problem with that is - say the address 0x11A4C2 - 0x89 / 0xFF

it will find it and return that address but also return 0x11A4C3 :P im getting really close now, i do apreciate the help you guys have provided

9. Originally Posted by Nether
I think i may have to make a buffer size.

Im able to read more than 1 byte now thanks to NTvalk.

Only problem with that is - say the address 0x11A4C2 - 0x89 / 0xFF

it will find it and return that address but also return 0x11A4C3 :P im getting really close now, i do apreciate the help you guys have provided
Compare all those buffer bytes with the ones that you need, then it will give you 1 address only..

10. Originally Posted by till0sch97
Compare all those buffer bytes with the ones that you need, then it will give you 1 address only..
erm okay but that was pretty obvious...

the only compare functions i know is string compare so im guessing just convert them into char*/string and use strcmp(ResultBytes, MyByteArray).

```DWORD AOBscan(){

DWORD bArray;

BYTE Bytes[] = {0x89, 0xFF};
BYTE *p;
p = Bytes;

int i;

for ( i = 0; i < 2; i++ )
{
bArray = (DWORD)p[i]; // Produces 89FF (Both My Bytes)