Solved Reading Bitfield from Memory

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,093
78,998
2,372
I'm having a hell of a time understanding bitfields. I need to read a boolean value that is stored as a bitfield in memory.

The address where these bitfields are stored is a 32bit structure with only 30 values in the address: 7593228

It holds these values:

BITFIELD bool1;
BITFIELD bool2;
BITFIELD bool3;
Etc...
Etc...
BITFIELD bool30;

I need to read from memory if the BITFIELD bool23 is True or False.
Displayed as 4Byte Hex:
When it is true address 7593228 reads: 00402280
When itis false address 7593228 reads: 00002280

How do I view these values as bits and come out with values of 0 or 1 that correspond to the value my bool variables?
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,093
78,998
2,372
Update: Read these and use bitwise operators to read the bits:
3.8a — Bit flags and bit masks
3.8 — Bitwise operators







Thanks everyone for your help.
The game I'm working on runs on the Unreal Engine.
C++:
typedef unsigned int        BITFIELD;
#define GCC_PACK(n) __attribute__((packed,aligned(n)))

class ENGINE_API AActor : public UObject
{
public:
    BITFIELD bStatic:1 GCC_PACK(4);
    BITFIELD bHidden:1;
    BITFIELD bNoDelete:1;
    BITFIELD bAnimFinished:1;
    BITFIELD bAnimLoop:1;
    BITFIELD bAnimNotify:1;
    BITFIELD bAnimByOwner:1;
    BITFIELD bDeleteMe:1;
    BITFIELD bAssimilated:1;
    BITFIELD bTicked:1;
    BITFIELD bLightChanged:1;
    BITFIELD bDynamicLight:1;
    BITFIELD bTimerLoop:1;
    BITFIELD bCanTeleport:1;
    BITFIELD bOwnerNoSee:1;
    BITFIELD bOnlyOwnerSee:1;
    BITFIELD bIsMover:1;
    BITFIELD bAlwaysRelevant:1;
    BITFIELD bAlwaysTick:1;
    BITFIELD bHighDetail:1;
    BITFIELD bStasis:1;
    BITFIELD bForceStasis:1;
    BITFIELD bIsPawn:1;
    BITFIELD bNetTemporary:1;
    BITFIELD bNetOptional:1;
    BITFIELD bReplicateInstigator:1;
    BITFIELD bTrailerSameRotation:1;
    BITFIELD bTrailerPrePivot:1;
    BITFIELD bClientAnim:1;
    BITFIELD bSimFall:1;
The :1 means it only uses 1 bit of the unsigned int, and the GCC_PACK is a GCC extension that does not create padding between variables, but the (4) aligns them to 4 byte memory spaces?


Superspinne
Thanks for the informative reply! I'll need time to process this.

The bools I'm speaking of are not the C variable type "bool" but they are defined as type "bitfield" which is declared as an unsigned int.

I need to take a break it's making my head hurt :/
 
Last edited:

Simon-Benyo

Jr.Coder
Full Member
Nobleman
Aug 9, 2013
64
1,498
3
As far as i understood you i wrote this small code for you on the fly

C++:
BOOL GetValue(DWORD Address)
{
  DWORD result = *((PDWORD)Address)
	if (result=0x00402280)
{
	return TRUE;
}
	else
{
	return FALSE;
}

}
Good luck ,, and if i miss understood you please explain more :)
 

rN'

Jr.Hacker
Meme Tier VIP
Jan 19, 2014
340
5,268
41
C++:
union float32bits
	{
		float rawFloat;
		struct 
		{
			unsigned int mantissa : 23;
			unsigned int biased_exponent : 8;
			unsigned int sign : 1;
		} bits;
	};
this is a bitfield. Maybe you mean a struct?
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,093
78,998
2,372
Thank you for the replies.

Simon-Benyo that would work if the rest of the values of that bitfield are constant across all objects, these bits change.

1 Correction to my original post: We will call them Bool0, Bool1, all the way to Bool31.

So let me explain a little better:

Each one of those 32 bool variables is represented by a bit, 0=false, 1=true.

Now based on my understanding:
Those 32 bits are represented in the memory address 7593228 which holds a unsigned long(32bit)
We are looking at Bool22
When true the value is 00402280 which in binary is:
111010110010011001000101000

C++:
Bit         :31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
Value of Bit: 0  0  0  0  0  1  1  1  0  1  0  1  1  0  0  1  0  0  1  1  0  0 1 0 0 0 1 0 1 0 0 0
We need to find Bool22. So at Bit 22 we find the value 1(True)

When I set Bool22 to false in the game console I read value 00002280 from the same address which in binary is:
10001010000000

C++:
Bit         :31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 
Value of Bit: 0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  1  0  0  0 1 0 1 0 0 0 0 0 0 0
Now reading Bit 22 we see it is 0(False) which is what I expected. But at the same time Bool26 25 25 24 22 20 19 16 were also set to false.

That is where I am confused. Maybe if bool2 = 0 the game sets the other flags to 0 as well. Or my understanding of bitfields is totally fucked.
 

codelion

Newbie
Oct 4, 2014
1
1,854
0
Maybe if bool2 = 0 the game sets the other flags to 0 as well.
Judging from your description, and assuming your address is correct, yes, that is what is happening.


Do you know what the other changed values are for? most likely more than a single bool changes when a game setting changes.
 

Simon-Benyo

Jr.Coder
Full Member
Nobleman
Aug 9, 2013
64
1,498
3
i think something is wrong because the changing of one bool is not causing only one bit to change !
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods