Salve ospite, se leggi questo messaggio vuol dire che non sei registrato, cosa aspetti ? Premi qui per registrarti La registrazione è completamente gratuita e ti permetterà di usufruire di tutte le funzionalità del nostro forum. Buona navigazione.


Vendo, Compro, Scambio NosTale! Riapre il Black Market, concludi i tuoi scambi NosTale gratuitamente! Più info  -   Accedi alla sezione
Download file Server : File Retro Server NosTale
Visita la nuova sezione di BorderGame dedicata a Blade & Soul! Sezione Blade and Soul

 
Valutazione discussione:
  • 2 voti - 5 media
  • 1
  • 2
  • 3
  • 4
  • 5
Guida AutoIT! Scrivere una hack
10-11-2012 05:15 PM
Messaggio: #1
Guida AutoIT! Scrivere una hack
Gafra96
Elite Coder

Rynn
Spammer
Staf Away - Gruppo Onorario
Utente Saggio
Utente Storico
Vip

Finder/Tester

Messaggi : 2,029

Registrato dal : Dec 2010

Reputazione : 279

Stato : Offline


Premi :



Non pensavo di arrivare a scrivere una guida ma non avendo nulla da fare...
In questa guida verranno tenuti ormai noti i sistemi per trovare un pointer o un address(Per chi non sapesse farlo il tutorial di CheatEngine è sufficente)
Strumenti:
Un debugger(CE,IDA,Olly...)
AutoIT
KodaGUI

Guida:
Per prima cosa inizieromo col creare la GUI tramite KodaGUI
Spoiler:
İmage

Ora apriamo pinball e cerchiamo il pointer dei punti
Spoiler:
İmage

Bene ora abbiamo la gui e l pointer(sarebbe meglio fare prima pointer e poi GUI)
Spoiler:
Codice:
#include <ButtonConstants.au3>
#include <GUIConstantsEx.au3>
#include <WindowsConstants.au3>
#Region ### START Koda GUI section ### Form=
$Form1 = GUICreate("Form1", 203, 57, 192, 124)
$Button1 = GUICtrlCreateButton("Button1", 24, 16, 75, 25)
$Button2 = GUICtrlCreateButton("Button2", 112, 16, 75, 25)
GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###

While 1
    $nMsg = GUIGetMsg()
    Switch $nMsg
        Case $GUI_EVENT_CLOSE
            Exit

    EndSwitch
WEnd

Ora necessitiamo della libreria scrivere un pointer io consiglio questa libreria:
Citazione:
Codice:
#include-once
#region _Memory
;===============================================================================​==================
; AutoIt Version:    3.1.127 (beta)
; Language:            English
; Platform:            All Windows
; Author:            Nomad
; Requirements:        These functions will only work with beta.
;===============================================================================​==================
; Credits:    wOuter - These functions are based on his original _Mem() functions.  But they are
;            easier to comprehend and more reliable.  These functions are in no way a direct copy
;            of his functions.  His functions only provided a foundation from which these evolved.
;===============================================================================​==================
;
; Functions:
;
;===============================================================================​==================
; Function:            _MemoryOpen($iv_Pid(, $iv_DesiredAccess(, $iv_InheritHandle)))
; Description:        Opens a process and enables all possible access rights to the process.  The
;                    Process ID of the process is used to specify which process to open.  You must
;                    call this function before calling _MemoryClose(), _MemoryRead(), or _MemoryWrite().
; Parameter(s):        $iv_Pid - The Process ID of the program you want to open.
;                    $iv_DesiredAccess - (optional) Set to 0x1F0FFF by default, which enables all
;                                        possible access rights to the process specified by the
;                                        Process ID.
;                    $if_InheritHandle - (optional) If this value is TRUE, all processes created by
;                                        this process will inherit the access handle.  Set to TRUE
;                                        (1) by default.  Set to 0 if you want it to be FALSE.
; Requirement(s):    A valid process ID.
; Return Value(s):     On Success - Returns an array containing the Dll handle and an open handle to
;                                 the specified process.
;                    On Failure - Returns 0
;                    @Error - 0 = No error.
;                             1 = Invalid $iv_Pid.
;                             2 = Failed to open Kernel32.dll.
;                             3 = Failed to open the specified process.
; Author(s):        Nomad
; Note(s):
;===============================================================================​==================
Func _MemoryOpen($iv_Pid, $iv_DesiredAccess = 0x1F0FFF, $if_InheritHandle = 1)

    If Not ProcessExists($iv_Pid) Then
        SetError(1)
        Return 0
    EndIf

    Local $ah_Handle[2] = [DllOpen('kernel32.dll')]

    If @Error Then
        SetError(2)
        Return 0
    EndIf

    Local $av_OpenProcess = DllCall($ah_Handle[0], 'int', 'OpenProcess', 'int', $iv_DesiredAccess, 'int', $if_InheritHandle, 'int', $iv_Pid)

    If @Error Then
        DllClose($ah_Handle[0])
        SetError(3)
        Return 0
    EndIf

    $ah_Handle[1] = $av_OpenProcess[0]

    Return $ah_Handle

EndFunc

;===============================================================================​==================
; Function:            _MemoryRead($iv_Address, $ah_Handle(, $sv_Type))
; Description:        Reads the value located in the memory address specified.
; Parameter(s):        $iv_Address - The memory address you want to read from. It must be in hex
;                                  format (0x00000000).
;                    $ah_Handle - An array containing the Dll handle and the handle of the open
;                                 process as returned by _MemoryOpen().
;                    $sv_Type - (optional) The "Type" of value you intend to read.  This is set to
;                                'dword'(32bit(4byte) signed integer) by default.  See the help file
;                                for DllStructCreate for all types.
;                                An example: If you want to read a word that is 15 characters in
;                                length, you would use 'char[16]'.
; Requirement(s):    The $ah_Handle returned from _MemoryOpen.
; Return Value(s):    On Success - Returns the value located at the specified address.
;                    On Failure - Returns 0
;                    @Error - 0 = No error.
;                             1 = Invalid $ah_Handle.
;                             2 = $sv_Type was not a string.
;                             3 = $sv_Type is an unknown data type.
;                             4 = Failed to allocate the memory needed for the DllStructure.
;                             5 = Error allocating memory for $sv_Type.
;                             6 = Failed to read from the specified process.
; Author(s):        Nomad
; Note(s):            Values returned are in Decimal format, unless specified as a 'char' type, then
;                    they are returned in ASCII format.  Also note that size ('char[size]') for all
;                    'char' types should be 1 greater than the actual size.
;===============================================================================​==================
Func _MemoryRead($iv_Address, $ah_Handle, $sv_Type = 'dword')

    If Not IsArray($ah_Handle) Then
        SetError(1)
        Return 0
    EndIf

    Local $v_Buffer = DllStructCreate($sv_Type)

    If @Error Then
        SetError(@Error + 1)
        Return 0
    EndIf

    DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')

    If Not @Error Then
        Local $v_Value = DllStructGetData($v_Buffer, 1)
        Return $v_Value
    Else
        SetError(6)
        Return 0
    EndIf

EndFunc

;===============================================================================​==================
; Function:            _MemoryWrite($iv_Address, $ah_Handle, $v_Data(, $sv_Type))
; Description:        Writes data to the specified memory address.
; Parameter(s):        $iv_Address - The memory address you want to write to.  It must be in hex
;                                  format (0x00000000).
;                    $ah_Handle - An array containing the Dll handle and the handle of the open
;                                 process as returned by _MemoryOpen().
;                    $v_Data - The data to be written.
;                    $sv_Type - (optional) The "Type" of value you intend to write.  This is set to
;                                'dword'(32bit(4byte) signed integer) by default.  See the help file
;                                for DllStructCreate for all types.
;                                An example: If you want to write a word that is 15 characters in
;                                length, you would use 'char[16]'.
; Requirement(s):    The $ah_Handle returned from _MemoryOpen.
; Return Value(s):    On Success - Returns 1
;                    On Failure - Returns 0
;                    @Error - 0 = No error.
;                             1 = Invalid $ah_Handle.
;                             2 = $sv_Type was not a string.
;                             3 = $sv_Type is an unknown data type.
;                             4 = Failed to allocate the memory needed for the DllStructure.
;                             5 = Error allocating memory for $sv_Type.
;                             6 = $v_Data is not in the proper format to be used with the "Type"
;                                 selected for $sv_Type, or it is out of range.
;                             7 = Failed to write to the specified process.
; Author(s):        Nomad
; Note(s):            Values sent must be in Decimal format, unless specified as a 'char' type, then
;                    they must be in ASCII format.  Also note that size ('char[size]') for all
;                    'char' types should be 1 greater than the actual size.
;===============================================================================​==================
Func _MemoryWrite($iv_Address, $ah_Handle, $v_Data, $sv_Type = 'dword')

    If Not IsArray($ah_Handle) Then
        SetError(1)
        Return 0
    EndIf

    Local $v_Buffer = DllStructCreate($sv_Type)

    If @Error Then
        SetError(@Error + 1)
        Return 0
    Else
        DllStructSetData($v_Buffer, 1, $v_Data)
        If @Error Then
            SetError(6)
            Return 0
        EndIf
    EndIf

    DllCall($ah_Handle[0], 'int', 'WriteProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')

    If Not @Error Then
        Return 1
    Else
        SetError(7)
        Return 0
    EndIf

EndFunc

;===============================================================================​==================
; Function:            _MemoryClose($ah_Handle)
; Description:        Closes the process handle opened by using _MemoryOpen().
; Parameter(s):        $ah_Handle - An array containing the Dll handle and the handle of the open
;                                 process as returned by _MemoryOpen().
; Requirement(s):    The $ah_Handle returned from _MemoryOpen.
; Return Value(s):    On Success - Returns 1
;                    On Failure - Returns 0
;                    @Error - 0 = No error.
;                             1 = Invalid $ah_Handle.
;                             2 = Unable to close the process handle.
; Author(s):        Nomad
; Note(s):
;===============================================================================​==================
Func _MemoryClose($ah_Handle)

    If Not IsArray($ah_Handle) Then
        SetError(1)
        Return 0
    EndIf

    DllCall($ah_Handle[0], 'int', 'CloseHandle', 'int', $ah_Handle[1])
    If Not @Error Then
        DllClose($ah_Handle[0])
        Return 1
    Else
        DllClose($ah_Handle[0])
        SetError(2)
        Return 0
    EndIf

EndFunc

;===============================================================================​==================
; Function:            _MemoryPointerRead ($iv_Address, $ah_Handle, $av_Offset(, $sv_Type))
; Description:        Reads a chain of pointers and returns an array containing the destination
;                    address and the data at the address.
; Parameter(s):        $iv_Address - The static memory address you want to start at. It must be in
;                                  hex format (0x00000000).
;                    $ah_Handle - An array containing the Dll handle and the handle of the open
;                                 process as returned by _MemoryOpen().
;                    $av_Offset - An array of offsets for the pointers.  Each pointer must have an
;                                 offset.  If there is no offset for a pointer, enter 0 for that
;                                 array dimension. (Offsets must be in decimal format, NOT hex!)
;                    $sv_Type - (optional) The "Type" of data you intend to read at the destination
;                                 address.  This is set to 'dword'(32bit(4byte) signed integer) by
;                                 default.  See the help file for DllStructCreate for all types.
; Requirement(s):    The $ah_Handle returned from _MemoryOpen.
; Return Value(s):    On Success - Returns an array containing the destination address and the value
;                                 located at the address.
;                    On Failure - Returns 0
;                    @Error - 0 = No error.
;                             1 = $av_Offset is not an array.
;                             2 = Invalid $ah_Handle.
;                             3 = $sv_Type is not a string.
;                             4 = $sv_Type is an unknown data type.
;                             5 = Failed to allocate the memory needed for the DllStructure.
;                             6 = Error allocating memory for $sv_Type.
;                             7 = Failed to read from the specified process.
; Author(s):        Nomad
; Note(s):            Values returned are in Decimal format, unless a 'char' type is selected.
;                    Set $av_Offset like this:
;                    $av_Offset[0] = NULL (not used)
;                    $av_Offset[1] = Offset for pointer 1 (all offsets must be in Decimal)
;                    $av_Offset[2] = Offset for pointer 2
;                    etc...
;                    (The number of array dimensions determines the number of pointers)
;===============================================================================​==================
Func _MemoryPointerRead ($iv_Address, $ah_Handle, $av_Offset, $sv_Type = 'dword')

    If IsArray($av_Offset) Then
        If IsArray($ah_Handle) Then
            Local $iv_PointerCount = UBound($av_Offset) - 1
        Else
            SetError(2)
            Return 0
        EndIf
    Else
        SetError(1)
        Return 0
    EndIf

    Local $iv_Data[2], $i
    Local $v_Buffer = DllStructCreate('dword')

    For $i = 0 to $iv_PointerCount

        If $i = $iv_PointerCount Then
            $v_Buffer = DllStructCreate($sv_Type)
            If @Error Then
                SetError(@Error + 2)
                Return 0
            EndIf

            $iv_Address = '0x' & hex($iv_Data[1] + $av_Offset[$i])
            DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
            If @Error Then
                SetError(7)
                Return 0
            EndIf

            $iv_Data[1] = DllStructGetData($v_Buffer, 1)

        ElseIf $i = 0 Then
            DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
            If @Error Then
                SetError(7)
                Return 0
            EndIf

            $iv_Data[1] = DllStructGetData($v_Buffer, 1)

        Else
            $iv_Address = '0x' & hex($iv_Data[1] + $av_Offset[$i])
            DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
            If @Error Then
                SetError(7)
                Return 0
            EndIf

            $iv_Data[1] = DllStructGetData($v_Buffer, 1)

        EndIf

    Next

    $iv_Data[0] = $iv_Address

    Return $iv_Data

EndFunc

;===============================================================================​==================
; Function:            _MemoryPointerWrite ($iv_Address, $ah_Handle, $av_Offset, $v_Data(, $sv_Type))
; Description:        Reads a chain of pointers and writes the data to the destination address.
; Parameter(s):        $iv_Address - The static memory address you want to start at. It must be in
;                                  hex format (0x00000000).
;                    $ah_Handle - An array containing the Dll handle and the handle of the open
;                                 process as returned by _MemoryOpen().
;                    $av_Offset - An array of offsets for the pointers.  Each pointer must have an
;                                 offset.  If there is no offset for a pointer, enter 0 for that
;                                 array dimension.
;                    $v_Data - The data to be written.
;                    $sv_Type - (optional) The "Type" of data you intend to write at the destination
;                                 address.  This is set to 'dword'(32bit(4byte) signed integer) by
;                                 default.  See the help file for DllStructCreate for all types.
; Requirement(s):    The $ah_Handle returned from _MemoryOpen.
; Return Value(s):    On Success - Returns the destination address.
;                    On Failure - Returns 0.
;                    @Error - 0 = No error.
;                             1 = $av_Offset is not an array.
;                             2 = Invalid $ah_Handle.
;                             3 = Failed to read from the specified process.
;                             4 = $sv_Type is not a string.
;                             5 = $sv_Type is an unknown data type.
;                             6 = Failed to allocate the memory needed for the DllStructure.
;                             7 = Error allocating memory for $sv_Type.
;                             8 = $v_Data is not in the proper format to be used with the
;                                 "Type" selected for $sv_Type, or it is out of range.
;                             9 = Failed to write to the specified process.
; Author(s):        Nomad
; Note(s):            Data written is in Decimal format, unless a 'char' type is selected.
;                    Set $av_Offset like this:
;                    $av_Offset[0] = NULL (not used, doesn't matter what's entered)
;                    $av_Offset[1] = Offset for pointer 1 (all offsets must be in Decimal)
;                    $av_Offset[2] = Offset for pointer 2
;                    etc...
;                    (The number of array dimensions determines the number of pointers)
;===============================================================================​==================
Func _MemoryPointerWrite ($iv_Address, $ah_Handle, $av_Offset, $v_Data, $sv_Type = 'dword')

    If IsArray($av_Offset) Then
        If IsArray($ah_Handle) Then
            Local $iv_PointerCount = UBound($av_Offset) - 1
        Else
            SetError(2)
            Return 0
        EndIf
    Else
        SetError(1)
        Return 0
    EndIf

    Local $iv_StructData, $i
    Local $v_Buffer = DllStructCreate('dword')

    For $i = 0 to $iv_PointerCount
        If $i = $iv_PointerCount Then
            $v_Buffer = DllStructCreate($sv_Type)
            If @Error Then
                SetError(@Error + 3)
                Return 0
            EndIf

            DllStructSetData($v_Buffer, 1, $v_Data)
            If @Error Then
                SetError(8)
                Return 0
            EndIf

            $iv_Address = '0x' & hex($iv_StructData + $av_Offset[$i])
            DllCall($ah_Handle[0], 'int', 'WriteProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
            If @Error Then
                SetError(9)
                Return 0
            Else
                Return $iv_Address
            EndIf
        ElseIf $i = 0 Then
            DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
            If @Error Then
                SetError(3)
                Return 0
            EndIf

            $iv_StructData = DllStructGetData($v_Buffer, 1)

        Else
            $iv_Address = '0x' & hex($iv_StructData + $av_Offset[$i])
            DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
            If @Error Then
                SetError(3)
                Return 0
            EndIf

            $iv_StructData = DllStructGetData($v_Buffer, 1)

        EndIf
    Next

EndFunc


;===============================================================================​===
; Function:            SetPrivilege( $privilege, $bEnable )
; Description:        Enables (or disables) the $privilege on the current process
;                   (Probably) requires administrator privileges to run
;
; Author(s):        Larry (from autoitscript.com's Forum)
; Notes(s):
; http://www.autoitscript.com/forum/index.php?s=&showtopic=31248&view=findpost&p=223999
;===============================================================================​===

Func SetPrivilege( $privilege, $bEnable )
    Const $TOKEN_ADJUST_PRIVILEGES = 0x0020
    Const $TOKEN_QUERY = 0x0008
    Const $SE_PRIVILEGE_ENABLED = 0x0002
    Local $hToken, $SP_auxret, $SP_ret, $hCurrProcess, $nTokens, $nTokenIndex, $priv
    $nTokens = 1
    $LUID = DLLStructCreate("dword;int")
    If IsArray($privilege) Then    $nTokens = UBound($privilege)
    $TOKEN_PRIVILEGES = DLLStructCreate("dword;dword[" & (3 * $nTokens) & "]")
    $NEWTOKEN_PRIVILEGES = DLLStructCreate("dword;dword[" & (3 * $nTokens) & "]")
    $hCurrProcess = DLLCall("kernel32.dll","hwnd","GetCurrentProcess")
    $SP_auxret = DLLCall("advapi32.dll","int","OpenProcessToken","hwnd",$hCurrProcess[0],   _
            "int",BitOR($TOKEN_ADJUST_PRIVILEGES,$TOKEN_QUERY),"int*",0)
    If $SP_auxret[0] Then
        $hToken = $SP_auxret[3]
        DLLStructSetData($TOKEN_PRIVILEGES,1,1)
        $nTokenIndex = 1
        While $nTokenIndex <= $nTokens
            If IsArray($privilege) Then
                $ntokenvar=$ntokenindex-1
                $priv = $privilege[$ntokenvar]
            Else
                $priv = $privilege
            EndIf
            $ret = DLLCall("advapi32.dll","int","LookupPrivilegeValue","str","","str",$priv,   _
                    "ptr",DLLStructGetPtr($LUID))
            If $ret[0] Then
                If $bEnable Then
                    DLLStructSetData($TOKEN_PRIVILEGES,2,$SE_PRIVILEGE_ENABLED,(3 * $nTokenIndex))
                Else
                    DLLStructSetData($TOKEN_PRIVILEGES,2,0,(3 * $nTokenIndex))
                EndIf
                DLLStructSetData($TOKEN_PRIVILEGES,2,DllStructGetData($LUID,1),(3 * ($nTokenIndex-1)) + 1)
                DLLStructSetData($TOKEN_PRIVILEGES,2,DllStructGetData($LUID,2),(3 * ($nTokenIndex-1)) + 2)
                DLLStructSetData($LUID,1,0)
                DLLStructSetData($LUID,2,0)
            EndIf
            $nTokenIndex += 1
        WEnd
        $ret = DLLCall("advapi32.dll","int","AdjustTokenPrivileges","hwnd",$hToken,"int",0,   _
                "ptr",DllStructGetPtr($TOKEN_PRIVILEGES),"int",DllStructGetSize($NEWTOKEN_PRIVILEGES),   _
                "ptr",DllStructGetPtr($NEWTOKEN_PRIVILEGES),"int*",0)
        $f = DLLCall("kernel32.dll","int","GetLastError")
    EndIf
    $NEWTOKEN_PRIVILEGES=0
    $TOKEN_PRIVILEGES=0
    $LUID=0
    If $SP_auxret[0] = 0 Then Return 0
    $SP_auxret = DLLCall("kernel32.dll","int","CloseHandle","hwnd",$hToken)
    If Not $ret[0] And Not $SP_auxret[0] Then Return 0
    return $ret[0]
EndFunc  ;==>SetPrivilege

;===============================================================================​====================

; Function........:  _MemoryGetBaseAddress($ah_Handle, $iHD)
;
; Description.....:  Reads the 'Allocation Base' from the open process.
;
; Parameter(s)....:  $ah_Handle - An array containing the Dll handle and the handle of the open
;                               process as returned by _MemoryOpen().
;                    $iHD - Return type:
;                       |0 = Hex (Default)
;                       |1 = Dec
;
; Requirement(s)..:  A valid process ID.
;
; Return Value(s).:  On Success - Returns the 'allocation Base' address and sets @Error to 0.
;                    On Failure - Returns 0 and sets @Error to:
;                  |1 = Invalid $ah_Handle.
;                  |2 = Failed to find correct allocation address.
;                  |3 = Failed to read from the specified process.
;
; Author(s).......:  Nomad. Szhlopp.
; URL.............:  http://www.autoitscript.com/forum/index.php?showtopic=78834
; Note(s).........:  Go to Www.CheatEngine.org for the latest version of CheatEngine.
;===============================================================================​====================

Func _MemoryGetBaseAddress($ah_Handle, $iHexDec = 0)

    Local $iv_Address = 0x00100000
    Local $v_Buffer = DllStructCreate('dword;dword;dword;dword;dword;dword;dword')
    Local $vData
    Local $vType

    If Not IsArray($ah_Handle) Then
        SetError(1)
        Return 0
    EndIf


    DllCall($ah_Handle[0], 'int', 'VirtualQueryEx', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer))

    If Not @Error Then

        $vData = Hex(DllStructGetData($v_Buffer, 2))
        $vType = Hex(DllStructGetData($v_Buffer, 3))

        While $vType <> "00000080"
            DllCall($ah_Handle[0], 'int', 'VirtualQueryEx', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer))
            $vData = Hex(DllStructGetData($v_Buffer, 2))
            $vType = Hex(DllStructGetData($v_Buffer, 3))
            If Hex($iv_Address) = "01000000" Then ExitLoop
            $iv_Address += 65536

        WEnd

        If $vType = "00000080" Then
            SetError(0)
            If $iHexDec = 1 Then
                Return Dec($vData)
            Else
                Return $vData
            EndIf

        Else
            SetError(2)
            Return 0
        EndIf

    Else
        SetError(3)
        Return 0
    EndIf

EndFunc   ;==>_MemoryGetBaseAddress

Func _MemoryModuleGetBaseAddress($iPID, $sModule)
    If Not ProcessExists($iPID) Then Return SetError(1, 0, 0)

    If Not IsString($sModule) Then Return SetError(2, 0, 0)

    Local   $PSAPI = DllOpen("psapi.dll")

    ;Get Process Handle
    Local   $hProcess
    Local   $PERMISSION = BitOR(0x0002, 0x0400, 0x0008, 0x0010, 0x0020) ; CREATE_THREAD, QUERY_INFORMATION, VM_OPERATION, VM_READ, VM_WRITE

    If $iPID > 0 Then
        Local $hProcess = DllCall("kernel32.dll", "ptr", "OpenProcess", "dword", $PERMISSION, "int", 0, "dword", $iPID)
        If $hProcess[0] Then
            $hProcess = $hProcess[0]
        EndIf
    EndIf

    ;EnumProcessModules
    Local   $Modules = DllStructCreate("ptr[1024]")
    Local   $aCall = DllCall($PSAPI, "int", "EnumProcessModules", "ptr", $hProcess, "ptr", DllStructGetPtr($Modules), "dword", DllStructGetSize($Modules), "dword*", 0)
    If $aCall[4] > 0 Then
        Local   $iModnum = $aCall[4] / 4
        Local   $aTemp
        For $i = 1 To $iModnum
            $aTemp =  DllCall($PSAPI, "dword", "GetModuleBaseNameW", "ptr", $hProcess, "ptr", Ptr(DllStructGetData($Modules, 1, $i)), "wstr", "", "dword", 260)
            If $aTemp[3] = $sModule Then
                DllClose($PSAPI)
                Return Ptr(DllStructGetData($Modules, 1, $i))
            EndIf
        Next
    EndIf

    DllClose($PSAPI)
    Return SetError(-1, 0, 0)

EndFunc

#endregion

Bene ora dovremmo includerla nel progetto cosi
Codice:
#include<Pointer.au3>

E dovremmo scrivere la funzione che in questo caso è MemoryPointerWrite(dobbiamo scrivere in valore sul pointer)
Codice:
Func _MemoryPointerWrite ($iv_Address, $ah_Handle, $av_Offset, $v_Data, $sv_Type = 'dword')
$iv_Address = address base
$ah_Handle = Processo
$av_Offset = Offset
$v_Data = valore da scrivere
$sv_Type = tipo di scrittura(4byte,2,float,double ecc)
Esempio: _Memorypointerwrite(0x00234,$processo,$offset,9999,"DWORD")

Ricordiamoci che dovremmo anche dichiarare il processo e i relativi pointer da sommare e per farlo basterà fare cosi:
Citazione:Dim $offset[4] = [0x0,0xa4,0x8,0xa0] ;Dichiarazione offset
$processo = _MemoryOpen(ProcessExists("Processo.exe"))

In conclusione il codice risulterà
Citazione:
Codice:
#requireadmin
#include <ButtonConstants.au3>
#include <Pointer.au3>
#include <GUIConstantsEx.au3>
#include <WindowsConstants.au3>
#Region ### START Koda GUI section ### Form=
$Form1 = GUICreate("Form1", 203, 57, 192, 124)
$Button1 = GUICtrlCreateButton("ON", 24, 16, 75, 25)
$Button2 = GUICtrlCreateButton("OFF", 112, 16, 75, 25)
GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###

Dim $offset[4] = [0x0,0xa4,0x8,0xa0] ;Dichiarazione offset
$processo = _MemoryOpen(ProcessExists("pinball.exe")) ;processo

While 1
    $nMsg = GUIGetMsg()
    Switch $nMsg
        Case $GUI_EVENT_CLOSE
            Exit
        Case $Button1
            _MemoryPointerWrite(0x010253c4,$processo,$offset,5000000,"DWORD")
        Case $Button2
            _MemoryPointerWrite(0x010253c4,$processo,$offset,0,"DWORD")
    EndSwitch
WEnd
İmage
Torna al primo messaggio
Email Cerca Rispondi
11-11-2012 12:10 PM
Messaggio: #2
RE: Guida AutoIT! Scrivere una hack
scl
*
Utente Saggio

Inizio a capire

Messaggi : 249

Registrato dal : Nov 2012

Reputazione : 166

Stato : Offline


Premi :



Bella guida, è più proiettata dalla parte della programmazione che secondo me è quella più conosciuta; Bisognerebbe fare una guida per trovare il pointer..
Sarebbe necessario un video, dato che è abbastanza lunga e complessa per i newbie.
Complimenti comunque, +1!
per assistenza scrivimi su skype (contatto tramite pm) oppure taggami sul forum
Torna al primo messaggio
Email Cerca Rispondi
11-11-2012 03:30 PM
Messaggio: #3
RE: Guida AutoIT! Scrivere una hack
Gafra96
Elite Coder

Rynn
Spammer
Staf Away - Gruppo Onorario
Utente Saggio
Utente Storico
Vip

Finder/Tester

Messaggi : 2,029

Registrato dal : Dec 2010

Reputazione : 279

Stato : Offline


Premi :



(11-11-2012 12:10 PM)Loffa123 Ha scritto:  Bella guida, è più proiettata dalla parte della programmazione che secondo me è quella più conosciuta; Bisognerebbe fare una guida per trovare il pointer..
Sarebbe necessario un video, dato che è abbastanza lunga e complessa per i newbie.
Complimenti comunque, +1!
Trovare un pointer non è complesso perchè ci sono 2 metodi,manuale e automatico. Inoltre come detto da me il tutorial fornito da CHeat Engine è più che sufficente.
İmage
Torna al primo messaggio
Email Cerca Rispondi
11-11-2012 09:59 PM
Messaggio: #4
RE: Guida AutoIT! Scrivere una hack
~Giorigo1~
*
Minecraft
NosTale
Utente Saggio
Utente Storico

NosMerda D:

Messaggi : 704

Registrato dal : Feb 2012

Reputazione : 109

Stato : Offline


Premi :



Bravo Gafra Big Grin , Tongueiù: 2 meritato Tongue
I Negri sono pregati di stare lontani dalla mia firma.
Torna al primo messaggio
Email Cerca Rispondi
12-11-2012 02:38 AM
Messaggio: #5
RE: Guida AutoIT! Scrivere una hack
Gafra96
Elite Coder

Rynn
Spammer
Staf Away - Gruppo Onorario
Utente Saggio
Utente Storico
Vip

Finder/Tester

Messaggi : 2,029

Registrato dal : Dec 2010

Reputazione : 279

Stato : Offline


Premi :



Grazie Wink
İmage
Torna al primo messaggio
Email Cerca Rispondi
12-11-2012 09:41 PM
Messaggio: #6
RE: Guida AutoIT! Scrivere una hack
'Hayabusa00
Moderatori
Meys
Spammer
Utente Saggio
Utente Storico
Vip

Pitlover_Enforcement

Messaggi : 3,183

Registrato dal : Dec 2010

Reputazione : 319

Stato : Offline


Premi :



Bella guida Tongueiù: 1 Big Grin
Torna al primo messaggio
Email WWW Cerca Rispondi

PubblicitàLa tua pubblicità qui, clicca per informazioni e per le offerte!

Stanno visualizzando la discussione :

  • Versione stampabile
  • Invia ad un amico
  • Sottoscrivi questa discussione