Solved Array of Bytes Scan Without Module

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

XtremeCoder

Newbie
Full Member
Jan 21, 2016
32
309
1
C++:
#include <Windows.h>
#include <iostream>
#include <TlHelp32.h>
using namespace std;

template <class T> T ReadMemoryAddress(DWORD address)
{
	static char buffer[1024];
	HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, NULL);
	ReadProcessMemory(hProcess, (LPCVOID)address, &buffer, sizeof(buffer), NULL);
	CloseHandle(hProcess);
	return reinterpret_cast<T> (buffer);
}
bool bCompare(const BYTE* pData, const BYTE* bMask, const char* szMask)
{
	for (; *szMask; ++szMask, ++pData, ++bMask)
		if (*szMask == 'x' && *pData != *bMask)
			return 0;
	return (*szMask) == NULL;
}
DWORD FindPattern(DWORD dwAddress, DWORD dwLen, BYTE *bMask, char * szMask)
{
	for (DWORD i = 0; i<dwLen; i++)
		if (bCompare(ReadMemoryAddress<BYTE*>(dwAddress + i), bMask, szMask))
			return (DWORD)(dwAddress + i);
	return 0;
}

int Scan(DWORD mode, char* content, char* mask)
{
	DWORD PageSize;
	SYSTEM_INFO si;
	GetSystemInfo(&si);
	PageSize = si.dwPageSize;
	MEMORY_BASIC_INFORMATION mi;
	for (DWORD lpAddr = 0; lpAddr < 0x7FFFFFFF; lpAddr += PageSize)
	{
		DWORD vq = VirtualQuery((void*)lpAddr, &mi, PageSize);
		if (vq == ERROR_INVALID_PARAMETER || vq == 0) break;
		if (mi.Type == MEM_MAPPED) continue;
		if (mi.Protect == mode)
		{
			int addr = FindPattern(lpAddr, PageSize, (PBYTE)content, mask);
			if (addr != 0)
			{
				return addr;
			}
		}
	}
}

int main()
{

	HWND hWndGame = NULL;
	DWORD pid = 0;
	HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
	MODULEENTRY32 me32;
	DWORD BA = NULL;
	hWndGame = FindWindow(NULL, TEXT("GameWindow"));
	GetWindowThreadProcessId(hWndGame, &pid); 

	hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid);

	me32.dwSize = sizeof(MODULEENTRY32);
	Module32First(hModuleSnap, &me32);
	BA = (DWORD)me32.modBaseAddr;
	HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, pid);
	DWORD address1 = FindPattern(0x00000000, 0xFFFFFFFF, (PBYTE)"\x4D\x9C\x00\x00\x00\x00\x8b\xd9", "xx????xx");
	cout << hex << address1 << endl;
	
	//system("pause");

}

why's it not working ? if anyone have alternetive way please post it here
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,134
78,998
2,392
Frankly this code is fucked. I have spent 30 minutes fixing it for you :)

#1 you have Scan() and FindPattern()
You should be using Scan() not FindPattern(), scan is a wrapper around FindPattern that validates the memory address and checks permissions before searching for the pattern and then breaks up the memory by regionsize/pagesize. Don't just use FindPattern

#2:
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, NULL);

NULL ProcessID? Good luck opening the process

I have moved hProcess and pid into global and removed the redundant OpenProcess calls

This code is inefficient, I have fixed it so it now works for the most part but it takes 1+ minutes to find my pattern. This function also doesn't take read permissions so you may run into trouble later. Just replace window name, pattern and mask to match your game.

C++:
#include <Windows.h>
#include <iostream>
#include <TlHelp32.h>
using namespace std;

HANDLE hProcess = 0;
DWORD pid = 0;

template <class T> T ReadMemoryAddress(DWORD address)
{
	static char buffer[1024];
	ReadProcessMemory(hProcess, (LPCVOID)address, &buffer, sizeof(buffer), NULL);
	return reinterpret_cast<T> (buffer);
}
bool bCompare(const BYTE* pData, const BYTE* bMask, const char* szMask)
{
	for (; *szMask; ++szMask, ++pData, ++bMask)
		if (*szMask == 'x' && *pData != *bMask)
			return 0;
	return (*szMask) == NULL;
}
DWORD FindPattern(DWORD dwAddress, DWORD dwLen, BYTE *bMask, char * szMask)
{
	for (DWORD i = 0; i < dwLen; i++)
	{
		if (bCompare(ReadMemoryAddress<BYTE*>(dwAddress + i), bMask, szMask))
		{
			return (DWORD)(dwAddress + i);
		}
	}
	return 0;
}

int Scan(char* content, char* mask)
{
	SYSTEM_INFO si;
	GetSystemInfo(&si);
	MEMORY_BASIC_INFORMATION mi;
	for (DWORD lpAddr = 0x0; lpAddr < 0x7FFFFFFF; lpAddr += si.dwPageSize)
	{
		DWORD vq = VirtualQuery((void*)lpAddr, &mi, si.dwPageSize);
		if (vq == ERROR_INVALID_PARAMETER || vq == 0) break;
		if (mi.Type == MEM_MAPPED) continue;
		if (mi.Protect != PAGE_NOACCESS)
		{
			int addr = FindPattern(lpAddr, si.dwPageSize, (PBYTE)content, mask);
			if (addr != 0)
			{
				return addr;
			}
		}
	}
}

int main()
{
	HWND hWndGame = NULL;
	HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
	MODULEENTRY32 me32;
	DWORD BA = NULL;
	hWndGame = FindWindow(NULL, TEXT("AssaultCube"));
	GetWindowThreadProcessId(hWndGame, &pid);

	hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid);

	me32.dwSize = sizeof(MODULEENTRY32);
	Module32First(hModuleSnap, &me32);
	BA = (DWORD)me32.modBaseAddr;
	hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, pid);

	DWORD address1 = Scan((char*)"\x29\x7b\x04\x8b\xc7\x5f", "xxxxxx");
	cout << hex << address1 << endl;

	//system("pause");
}

My updated function takes 90 milliseconds. It is hosted here: https://bitbucket.org/GH-Rake/patternscan/src
holla atch boy
 

Icew0lf

Software Ninjaneer
Dank Tier VIP
Fleep Tier Donator
Aug 20, 2013
606
17,558
43
"its not working" ...... do you want us to have a look into the crystal ball and guess what the problem is? :megusta:

have you tried to debug the code ?

hWndGame = FindWindow(NULL, TEXT("GameWindow"));
seems to be a template, have you tried to replace GameWindow with your actual processname from the game you want to read from? or is it the real name?

(PBYTE)"\x4D\x9C\x00\x00\x00\x00\x8b\xd9", "xx????xx");
are you sure the pattern is correct?

whats wrong with the code at all?
please provide more information so we can understand the problem better
 

XtremeCoder

Newbie
Full Member
Jan 21, 2016
32
309
1
"its not working" ...... do you want us to have a look into the crystal ball and guess what the problem is? :megusta:

have you tried to debug the code ?


seems to be a template, have you tried to replace GameWindow with your actual processname from the game you want to read from? or is it the real name?


are you sure the pattern is correct?

whats wrong with the code at all?
please provide more information so we can understand the problem better
yes the GameWindow is the game window :lol: and ofcourse the array of bytes is always will be find
i tried to debug it , it just pass through the function and it doesn't return anything
C++:
DWORD FindPattern(DWORD dwAddress, DWORD dwLen, BYTE *bMask, char * szMask)
{
    for (DWORD i = 0; i<dwLen; i++)
        if (bCompare(ReadMemoryAddress<BYTE*>(dwAddress + i), bMask, szMask))
            return (DWORD)(dwAddress + i);
    return 0;
}
 

XtremeCoder

Newbie
Full Member
Jan 21, 2016
32
309
1
Rake;46245 said:
Frankly this code is fucked. I have spent 30 minutes fixing it for you :)

#1 you have Scan() and FindPattern()
You should be using Scan() not FindPattern(), scan is a wrapper around FindPattern that validates the memory address and checks permissions before searching for the pattern and then breaks up the memory by regionsize/pagesize. Don't just use FindPattern

#2:
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, NULL);

NULL ProcessID? Good luck opening the process

I have moved hProcess and pid into global and removed the redundant OpenProcess calls

This code is inefficient, I have fixed it so it now works for the most part but it takes 1+ minutes to find my pattern. This function also doesn't take read permissions so you may run into trouble later. Just replace window name, pattern and mask to match your game.

C++:
#include <Windows.h>
#include <iostream>
#include <TlHelp32.h>
using namespace std;

HANDLE hProcess = 0;
DWORD pid = 0;

template <class T> T ReadMemoryAddress(DWORD address)
{
	static char buffer[1024];
	ReadProcessMemory(hProcess, (LPCVOID)address, &buffer, sizeof(buffer), NULL);
	return reinterpret_cast<T> (buffer);
}
bool bCompare(const BYTE* pData, const BYTE* bMask, const char* szMask)
{
	for (; *szMask; ++szMask, ++pData, ++bMask)
		if (*szMask == 'x' && *pData != *bMask)
			return 0;
	return (*szMask) == NULL;
}
DWORD FindPattern(DWORD dwAddress, DWORD dwLen, BYTE *bMask, char * szMask)
{
	for (DWORD i = 0; i < dwLen; i++)
	{
		if (bCompare(ReadMemoryAddress<BYTE*>(dwAddress + i), bMask, szMask))
		{
			return (DWORD)(dwAddress + i);
		}
	}
	return 0;
}

int Scan(char* content, char* mask)
{
	SYSTEM_INFO si;
	GetSystemInfo(&si);
	MEMORY_BASIC_INFORMATION mi;
	for (DWORD lpAddr = 0x0; lpAddr < 0x7FFFFFFF; lpAddr += si.dwPageSize)
	{
		DWORD vq = VirtualQuery((void*)lpAddr, &mi, si.dwPageSize);
		if (vq == ERROR_INVALID_PARAMETER || vq == 0) break;
		if (mi.Type == MEM_MAPPED) continue;
		if (mi.Protect != PAGE_NOACCESS)
		{
			int addr = FindPattern(lpAddr, si.dwPageSize, (PBYTE)content, mask);
			if (addr != 0)
			{
				return addr;
			}
		}
	}
}

int main()
{
	HWND hWndGame = NULL;
	HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
	MODULEENTRY32 me32;
	DWORD BA = NULL;
	hWndGame = FindWindow(NULL, TEXT("AssaultCube"));
	GetWindowThreadProcessId(hWndGame, &pid);

	hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid);

	me32.dwSize = sizeof(MODULEENTRY32);
	Module32First(hModuleSnap, &me32);
	BA = (DWORD)me32.modBaseAddr;
	hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, pid);

	DWORD address1 = Scan((char*)"\x29\x7b\x04\x8b\xc7\x5f", "xxxxxx");
	cout << hex << address1 << endl;

	//system("pause");
}

My updated function takes 90 milliseconds. It is hosted here: https://bitbucket.org/GH-Rake/patternscan/src
holla atch boy
thanks
is there a proper way to return the "match" ?
C++:
char* match = Scan(pattern, mask, (char*)0x0, kernelMemory, process);
cuz this way doesn't return anything
C++:
char* Matchreturned = Pattern::Ex::Proc("F3 0F 4E 28", &thisapp);
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,134
78,998
2,392
thanks
is there a proper way to return the "match" ?
C++:
char* match = Scan(pattern, mask, (char*)0x0, kernelMemory, process);
cuz this way doesn't return anything
C++:
char* Matchreturned = Pattern::Ex::Proc("F3 0F 4E 28", &thisapp);
My code works, sorry you can't get it to work
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods