Solved Pattern Scanning.

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

cNoEvil

Coder
Full Member
Nobleman
Jun 6, 2016
159
1,218
1
recently i decided to stop using my ghetto pattern scanner and make one that would work no matter the size of the array.

C#:
 public long[] FindPattern(byte[] RefByteArray, byte[] Pattern, string mask, long BASE)
        {
            //check mask
            if (Pattern.Length != mask.Length)
            {
                MessageBox.Show("Fail");
                return new long[0];
            }
            int MatchCount = 0;
            int XYZ = 0;
            List<long> AddressList = new List<long>();
            for (int i = 0; i < RefByteArray.Length; i++)
            {
                byte[] Segment = ReadByteArrayByLength(RefByteArray, Pattern.Length, XYZ); //Breaks Down The Array into an array segment
                
                //Compare Segment to mask

                for (int si = 0; si < Segment.Length; si++)
                {
                    if (mask[si].CompareTo('x') == 1)
                    {
                        if (MatchCount == Segment.Length) { long add = BASE + XYZ; AddressList.Add(add); MatchCount = 0;  }
                        if (Pattern[si] == Segment[si]) { MatchCount++; }
                    } else { MatchCount++; }
                }


            }
            return AddressList.ToArray();
        }

and then my mask and pattern
string mask = "xxxx";
byte[] Pattern = BitConverter.GetBytes(1231);

but for some reason the FindPattern returns incorrect values or none at all.
 

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
These are a couple functions I wrote a few months back for a trainer I made for Dishonored.
I really wanted a function in which I can pass it signatures copied directly from CE that look like

04 ?? 90 E4 ?? you get it...
PatternScanMod is the scan function while CheckArray is a helper function.


C++:
public bool CheckPattern(string pattern, byte[] array2check)
        {
            int len = array2check.Length;
            string[] strBytes = pattern.Split(' ');
            int x = 0;
            foreach(byte b in array2check)
            {
                if(strBytes[x] == "?" || strBytes[x] == "??")
                {
                    x++;
                }
                else if(byte.Parse(strBytes[x], NumberStyles.HexNumber) == b)
                {
                    x++;
                }
                else
                {
                    return false;
                }
            }
            return true;
        }

        public IntPtr PatternScanMod(ProcessModule pMod, string pattern)
        {
            IntPtr baseAddy = pMod.BaseAddress;
            uint dwSize = (uint)pMod.ModuleMemorySize;
            int br;
            Open();
            byte[] memDump = Read(baseAddy, dwSize, out br);
            CloseHandle();
            string[] pBytes = pattern.Split(' ');
            try
            {
                for (int y = 0; y < memDump.Length; y++)
                {
                    if (memDump[y] == byte.Parse(pBytes[0], NumberStyles.HexNumber))
                    {
                        byte[] checkArray = new byte[pBytes.Length];
                        for (int x = 0; x < pBytes.Length; x++)
                        {
                            checkArray[x] = memDump[y + x];
                        }
                        if(CheckPattern(pattern, checkArray))
                        {
                            return baseAddy + y;
                        }
                        else
                        {
                            y += pBytes.Length - (pBytes.Length / 2);
                        }
                    }
                }
            }
            catch (Exception)
            {
                return IntPtr.Zero;
            }
            return IntPtr.Zero;
        }


It ain't supal33t but the shit works... I think lol xD
I was too lazy to debug your code though... :(
 
Last edited:

cNoEvil

Coder
Full Member
Nobleman
Jun 6, 2016
159
1,218
1
well you way of pattern scanning made more sense 4D ? ? 4E.

the algorithm is right however it has to do with being able to read 64bit stuff however its fucking weird i bet it something small too.

//Confirmed
PatternScan code works.

its a pinvoke problem.
 
Last edited:
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods