ฟอรั่ม PSsix

Would you like to react to this message? Create an account in a few clicks or log in to continue.

ฟอรั่มของบล็อก http://pssix.blogspot.com


4 posters

    เขียนคำสั่งให้หน่อยครับ

    Arm
    Arm
    PSsix Member Super Class III
    PSsix Member Super Class III


    PSsix Master PSsix Program Coder
    จำนวนข้อความ : 268
    ความนิยม : 54
    เข้าร่วมเมื่อ : 31/03/2011
    อายุ : 26

    เขียนคำสั่งให้หน่อยครับ Empty เขียนคำสั่งให้หน่อยครับ

    ตั้งหัวข้อ by Arm 05/10/11, 09:36 am

    แบบต้องการให้กดปุ่ม F1 แล้วให้ Freeze ค่า address 0022F3B4 = 0
    แล้วถ้ากด F1 อีกครั้งให้ UnFreeze น่ะครับ

    เกม VVVVVV
    [You must be registered and logged in to see this link.]
    flapjack
    flapjack
    PSsix Member Super Class III
    PSsix Member Super Class III


    PSsix Moderator PSsix Master PSsix Game Coder
    จำนวนข้อความ : 314
    ความนิยม : 75
    เข้าร่วมเมื่อ : 05/10/2010

    เขียนคำสั่งให้หน่อยครับ Empty Re: เขียนคำสั่งให้หน่อยครับ

    ตั้งหัวข้อ by flapjack 05/10/11, 12:16 pm

    ต้องรอผู้รู้มาตอบล่ะครับ... em230
    ปล.(การ Freeze นี้จะเหมือนหลักการ MemoryWrite หรือเปล่า...?)
    Arm
    Arm
    PSsix Member Super Class III
    PSsix Member Super Class III


    PSsix Master PSsix Program Coder
    จำนวนข้อความ : 268
    ความนิยม : 54
    เข้าร่วมเมื่อ : 31/03/2011
    อายุ : 26

    เขียนคำสั่งให้หน่อยครับ Empty Re: เขียนคำสั่งให้หน่อยครับ

    ตั้งหัวข้อ by Arm 05/10/11, 01:18 pm

    ใช้ครับเวลาเปลี่ยนแปลงค่าใน CE โปรแกรมมันจะ freeze สถานะไว้ครับ
    สมมุติเช่นเปลี่ยนค่าพลังชีวิตจาก 2 เป็น 6 พอมัน freeze ไว้ค่านั้นก็จะคงอยู่ตลอดไปไม่เปลี่ยนแปลงครับ em218
    Arm
    Arm
    PSsix Member Super Class III
    PSsix Member Super Class III


    PSsix Master PSsix Program Coder
    จำนวนข้อความ : 268
    ความนิยม : 54
    เข้าร่วมเมื่อ : 31/03/2011
    อายุ : 26

    เขียนคำสั่งให้หน่อยครับ Empty Re: เขียนคำสั่งให้หน่อยครับ

    ตั้งหัวข้อ by Arm 05/10/11, 01:21 pm

    ถ้าจะ Freeze ไว้ก็คงใช้ประมาณนี้ละมั้งครับ em218 ชินจัง
    Code:
    AdlibRegister("A1", 500)

    Func A1()
       MemoryWrite("0022F3B4", "zzxx")
    EndFunc
    asokura
    asokura
    PSsix Member High Class
    PSsix Member High Class


    PSsix Game Coder
    จำนวนข้อความ : 72
    ความนิยม : 11
    เข้าร่วมเมื่อ : 03/09/2011

    เขียนคำสั่งให้หน่อยครับ Empty Re: เขียนคำสั่งให้หน่อยครับ

    ตั้งหัวข้อ by asokura 05/10/11, 04:12 pm

    การ Freeze มีเขียนไว้ที่เว็ปนี่ครับ [You must be registered and logged in to see this link.]
    การให้กดปุ่มเพื่อหยุดและให้ทำต่อ Admin เขียนไว้ตรง Func Pause() ที่ [You must be registered and logged in to see this link.]

    ลองนำมา mix กันดูน๊ะครับ

    avatar
    Fast
    PSsix Member Super Class III
    PSsix Member Super Class III


    เขียนคำสั่งให้หน่อยครับ Empty PSsix Program Coder
    จำนวนข้อความ : 217
    ความนิยม : 54
    เข้าร่วมเมื่อ : 19/06/2011

    เขียนคำสั่งให้หน่อยครับ Empty Re: เขียนคำสั่งให้หน่อยครับ

    ตั้งหัวข้อ by Fast 05/10/11, 05:04 pm

    ^^
    ^^
    เข้ามาดูลิ้ง _Freeze_Value() ขอก๊อปมาให้ดูตรงนี้ละกัน วิธีการทำเขาใส่ While 1 เอาไว้ระหว่างคำสั่งสคริ๊ปเขียนเมมคับ เอามาแก้เขียนเองง่ายกว่านะ เขียนแบบนี้ใส่ sleep ไปด้วยซีพียูจะไม่โดนใช้หนักเกิน

    While 1
    MemoryWrite("0022F3B4", "zzxx")
    sleep(10)
    WEnd



    ;;;;;;;;;;;;;;;สคริ๊ป _Freeze_Value() ;;;;;;;;;;;;;;;;;;;;;;


    #include "Nomadmemory.au3"
    ;===============================================================================
    ; Function Name: _Freeze_Value()
    ; Description: Freezes a Value just like Cheat Engine
    ; Syntax:
    ; Parameter(s): $Address - Address you want to freesze

    ; $ID
    ; An array containing the Dll handle and the handle
    ; of the open process as returned by _MemoryOpen()

    ; $Value - Value you want to freeze it at

    ; $sv_Type - (optional) The "Type" of value you intend to read.
    ; This is set to 'dword'(32bit(4byte) signed integer)
    ; by default. See the help file for DllStructCreate
    ; for all types. An example: If you want to read a
    ; word that is 15 characters in length, you would use
    ; 'char[16]' since a 'char' is 8 bits (1 byte) in size.

    ; Your main While 1 loop in the Script duplicated, put into a function
    ; Requirement(s): Need #Nomadmemory, Need 2 Main while 1 one reg while one, the other func() EX.
    ;
    ;
    ;while 1 ---------> Main while in script
    ; $nMsg = GUIGetMsg()
    ; Switch $nMsg
    ; Case $GUI_EVENT_CLOSE
    ; SoundPlay (@HomeDrive& "\Windows\System\t1alarm.wav")
    ; Exit
    ;Endswitch
    ;WEnd
    ;
    ;Func While -------->While 1 loop duplicated, into a function (this is the one that = $mainloop, without the ()), (you must have Both)
    ; $nMsg = GUIGetMsg()
    ; Switch $nMsg
    ; Case $GUI_EVENT_CLOSE
    ; Exit
    ;EndSwitch
    ;EndFunc

    ; Return Value(s): Success = Freezes Value
    ; Author(s): Liiten \ tri407tiny
    ; Modification(s):
    ;===============================================================================
    Func _Freeze_Value($ID, $Address, $value, $mainloop)
    SetPrivilege("SeDebugPrivilege", 1)
    $M1 = _Memoryread($Address)
    if $M1 <> $Value then
    while 1 ;; ใส่ while เพื่อทำงานคำสั่งซ้ำเดิม
    _memorywrite($ID, $address, $Value) ;คำสั่งเขียนเมม
    $mainloop ()
    WEnd
    EndIf
    EndFunc
    Arm
    Arm
    PSsix Member Super Class III
    PSsix Member Super Class III


    PSsix Master PSsix Program Coder
    จำนวนข้อความ : 268
    ความนิยม : 54
    เข้าร่วมเมื่อ : 31/03/2011
    อายุ : 26

    เขียนคำสั่งให้หน่อยครับ Empty Re: เขียนคำสั่งให้หน่อยครับ

    ตั้งหัวข้อ by Arm 05/10/11, 08:43 pm

    ที่จริงก็..ทำได้แล้วล่ะครับ
    ขอบคุณสำหรับทุกๆคำแนะนำนะครับ
    ลองเปิดไฟล์ Freeze.au3 แล้ว
    ที่หัวสคริปต์มี
    Code:
    #include "Nomadmemory.au3"
    งั้นก็ เอา Function จาก Freeze.au3 ไปใส่ใน Nomadmemory.au3 ได้เลยน่ะสิครับ em230
    เหมือนท่าน Admin จะอัพไฟล์ NomadMemoryPSsix.zip ไว้แถวไหนก็ไม่รู้..ลองไปหาโหลดกันนะครับ

    Example:....VVVVVV_Test.au3 ;ชื่อไฟล์ที่ทำโกงเกม
    Code:
    #AutoIt3Wrapper_UseX64=n
    #RequireAdmin
    #NoTrayIcon
    #include <NomadMemoryPSsix.au3> ; อ้างอิงไฟล์ NomadMemoryPSsix.au3 จาก NomadMemoryPSsix.zip

    #cs
       การอ่านและเขียนค่าลงแอดเดรสที่แน่นอน
       ซึ่งแอดเดรสนี้จะไม่มีวันเปลี่ยนแม้จะเปิดโปรแกรมมากี่ครั้งก็ตาม
    #ce


    Global $address = "0x0022F3B4" ;ใส่ตำแหน่งแอดเดรส ที่ต้องการจะอ่านค่า

    $memopen = _MEMORYOPEN(ProcessExists("vvvvvv.exe")) ;เปลี่ยนชื่อไฟล์เกมส์
    If $memopen = 0 Then
       ConsoleWrite('ผิดพลาดไม่มีโปรแกรม =' & $memopen & @CRLF)
       Exit
    EndIf

    ;;  1 อ่านค่า address  ในตำแหน่งที่แน่นอน
    $value = _MEMORYREAD(($address), $memopen) ;ค่าที่อ่านได้จะเก็บไว้ในตัวแปร  $value
    ConsoleWrite('ค่าที่อ่านได้จากแอดเดรส ' & $address & ' = ' & $value & @CRLF) ;แสดงผลค่าออกมา

    ;;  1 เขียนค่า address  ในตำแหน่งที่แน่นอน
    $WriteValue = "0"
    _MemoryWrite($address, $memopen, $WriteValue) ;เขียนค่า
    ConsoleWrite('เปลี่ยนแปลงค่าเป็น ' & $WriteValue & ' เรียบร้อยแล้ว' & @CRLF)
    ConsoleWrite('ต่อจากนี้ไปจะทำการเขียนค่าเป็น ' & $WriteValue & ' ตลอด' & @CRLF)
    AdlibRegister("FreezeState", 500)
    ;~ HotKeySet("{ESC}", "_Exit")
    OnAutoItExitRegister("_Exit")

    While 1
       Sleep(100)
       If ProcessExists("vvvvvv.exe") = 0 Then _Exit()
    WEnd

    ;FreezeState
    Func FreezeState()
       _MemoryWrite($address, $memopen, $WriteValue) ;เขียนค่า
    EndFunc

    Func _Exit()
       _MEMORYCLOSE($memopen) ;ปิดการอ่านหน่วยความจำ นำไปวางไว้ท้ายสุดเมื่อไม่ต้องการอ่านหรือเขียนแล้ว  เช่น ตอนปิดโปรแกรม
       Exit
    EndFunc
    สำหรับไฟล์ NomadMemoryPSsix.au3 ที่ผมโมมาแล้วนั้นสามารถดาวน์โหลดได้จากที่นี่เลยครับ
    NomadMemoryPSsix_Modified.au3
    Code:
    #include-once
    #region _Memory

    ;==================================================================================
    ; Test on AutoIt Version:  3.3.6.1 By  http://pssix.blogspot.com          v1.0
    ;==================================================================================

    ;Function Reference
    ;~ _MemoryOpen
    ;~  _MemoryRead
    ;~  _MemoryWrite
    ;~ _MemoryClose
    ;~ _MemoryPointerRead
    ;~ _MemoryPointerWrite
    ;~ SetPrivilege
    ;~ _MemoryGetBaseAddress
    ;~ _MemoryModuleGetBaseAddress
    ;~  _MemReadDLL
    ;~  _MemWriteDLL
    ;~ _MemWriteDLLByteArray
    ;~ _MemoryWriteByteArray


    SetPrivilege("SeDebugPrivilege", 1)

    ;=================================================================================================
    ; Language:            English
    ; Platform:            All Windows
    ; Author:            Nomad
    ; Requirements:        These functions will only work with beta.
    ;=================================================================================================
    ; Credits:    wOuter - These functions are based on his original _Mem() functions.  But they are
    ;            easier to comprehend and more reliable.  These functions are in no way a direct copy
    ;            of his functions.  His functions only provided a foundation from which these evolved.
    ;=================================================================================================


    ;=================================================================================================
    ; Function:            _MemoryOpen($iv_Pid(, $iv_DesiredAccess(, $iv_InheritHandle)))
    ; Description:        Opens a process and enables all possible access rights to the process.  The
    ;                    Process ID of the process is used to specify which process to open.  You must
    ;                    call this function before calling _MemoryClose(), _MemoryRead(), or _MemoryWrite().
    ; Parameter(s):        $iv_Pid - The Process ID of the program you want to open.
    ;                    $iv_DesiredAccess - (optional) Set to 0x1F0FFF by default, which enables all
    ;                                        possible access rights to the process specified by the
    ;                                        Process ID.
    ;                    $if_InheritHandle - (optional) If this value is TRUE, all processes created by
    ;                                        this process will inherit the access handle.  Set to TRUE
    ;                                        (1) by default.  Set to 0 if you want it to be FALSE.
    ; Requirement(s):    A valid process ID.
    ; Return Value(s):    On Success - Returns an array containing the Dll handle and an open handle to
    ;                                the specified process.
    ;                    On Failure - Returns 0
    ;                    @Error - 0 = No error.
    ;                            1 = Invalid $iv_Pid.
    ;                            2 = Failed to open Kernel32.dll.
    ;                            3 = Failed to open the specified process.
    ; Author(s):        Nomad
    ; Note(s):
    ;=================================================================================================
    Func _MemoryOpen($iv_Pid, $iv_DesiredAccess = 0x1F0FFF, $if_InheritHandle = 1)

       If Not ProcessExists($iv_Pid) Then
          SetError(1)
          Return 0
       EndIf

       Local $ah_Handle[2] = [DllOpen('kernel32.dll')]

       If @error Then
          SetError(2)
          Return 0
       EndIf

       Local $av_OpenProcess = DllCall($ah_Handle[0], 'int', 'OpenProcess', 'int', $iv_DesiredAccess, 'int', $if_InheritHandle, 'int', $iv_Pid)

       If @error Then
          DllClose($ah_Handle[0])
          SetError(3)
          Return 0
       EndIf

       $ah_Handle[1] = $av_OpenProcess[0]

       Return $ah_Handle

    EndFunc  ;==>_MemoryOpen


    ;=================================================================================================
    ; Function:            _MemoryRead($iv_Address, $ah_Handle(, $sv_Type))
    ; Description:        Reads the value located in the memory address specified.
    ; Parameter(s):        $iv_Address - The memory address you want to read from. It must be in hex
    ;                                  format (0x00000000).
    ;                    $ah_Handle - An array containing the Dll handle and the handle of the open
    ;                                process as returned by _MemoryOpen().
    ;                    $sv_Type - (optional) The "Type" of value you intend to read.  This is set to
    ;                                'dword'(32bit(4byte) signed integer) by default.  See the help file
    ;                                for DllStructCreate for all types.
    ;                                An example: If you want to read a word that is 15 characters in
    ;                                length, you would use 'char[16]'.
    ; Requirement(s):    The $ah_Handle returned from _MemoryOpen.
    ; Return Value(s):    On Success - Returns the value located at the specified address.
    ;                    On Failure - Returns 0
    ;                    @Error - 0 = No error.
    ;                            1 = Invalid $ah_Handle.
    ;                            2 = $sv_Type was not a string.
    ;                            3 = $sv_Type is an unknown data type.
    ;                            4 = Failed to allocate the memory needed for the DllStructure.
    ;                            5 = Error allocating memory for $sv_Type.
    ;                            6 = Failed to read from the specified process.
    ; Author(s):        Nomad
    ; Note(s):            Values returned are in Decimal format, unless specified as a 'char' type, then
    ;                    they are returned in ASCII format.  Also note that size ('char[size]') for all
    ;                    'char' types should be 1 greater than the actual size.
    ;=================================================================================================
    Func _MemoryRead($iv_Address, $ah_Handle, $sv_Type = 'dword')

       If Not IsArray($ah_Handle) Then
          SetError(1)
          Return 0
       EndIf

       Local $v_Buffer = DllStructCreate($sv_Type)

       If @error Then
          SetError(@error + 1)
          Return 0
       EndIf

       DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')

       If Not @error Then
          Local $v_Value = DllStructGetData($v_Buffer, 1)
          Return $v_Value
       Else
          SetError(6)
          Return 0
       EndIf

    EndFunc  ;==>_MemoryRead


    ;=================================================================================================
    ; Function:            _MemoryWrite($iv_Address, $ah_Handle, $v_Data(, $sv_Type))
    ; Description:        Writes data to the specified memory address.
    ; Parameter(s):        $iv_Address - The memory address you want to write to.  It must be in hex
    ;                                  format (0x00000000).
    ;                    $ah_Handle - An array containing the Dll handle and the handle of the open
    ;                                process as returned by _MemoryOpen().
    ;                    $v_Data - The data to be written.
    ;                    $sv_Type - (optional) The "Type" of value you intend to write.  This is set to
    ;                                'dword'(32bit(4byte) signed integer) by default.  See the help file
    ;                                for DllStructCreate for all types.
    ;                                An example: If you want to write a word that is 15 characters in
    ;                                length, you would use 'char[16]'.
    ; Requirement(s):    The $ah_Handle returned from _MemoryOpen.
    ; Return Value(s):    On Success - Returns 1
    ;                    On Failure - Returns 0
    ;                    @Error - 0 = No error.
    ;                            1 = Invalid $ah_Handle.
    ;                            2 = $sv_Type was not a string.
    ;                            3 = $sv_Type is an unknown data type.
    ;                            4 = Failed to allocate the memory needed for the DllStructure.
    ;                            5 = Error allocating memory for $sv_Type.
    ;                            6 = $v_Data is not in the proper format to be used with the "Type"
    ;                                selected for $sv_Type, or it is out of range.
    ;                            7 = Failed to write to the specified process.
    ; Author(s):        Nomad
    ; Note(s):            Values sent must be in Decimal format, unless specified as a 'char' type, then
    ;                    they must be in ASCII format.  Also note that size ('char[size]') for all
    ;                    'char' types should be 1 greater than the actual size.
    ;=================================================================================================
    Func _MemoryWrite($iv_Address, $ah_Handle, $v_Data, $sv_Type = 'dword')

       If Not IsArray($ah_Handle) Then
          SetError(1)
          Return 0
       EndIf

       Local $v_Buffer = DllStructCreate($sv_Type)

       If @error Then
          SetError(@error + 1)
          Return 0
       Else
          DllStructSetData($v_Buffer, 1, $v_Data)
          If @error Then
             SetError(6)
             Return 0
          EndIf
       EndIf

       DllCall($ah_Handle[0], 'int', 'WriteProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')

       If Not @error Then
          Return 1
       Else
          SetError(7)
          Return 0
       EndIf

    EndFunc  ;==>_MemoryWrite


    ;=================================================================================================
    ; Function:            _MemoryClose($ah_Handle)
    ; Description:        Closes the process handle opened by using _MemoryOpen().
    ; Parameter(s):        $ah_Handle - An array containing the Dll handle and the handle of the open
    ;                                process as returned by _MemoryOpen().
    ; Requirement(s):    The $ah_Handle returned from _MemoryOpen.
    ; Return Value(s):    On Success - Returns 1
    ;                    On Failure - Returns 0
    ;                    @Error - 0 = No error.
    ;                            1 = Invalid $ah_Handle.
    ;                            2 = Unable to close the process handle.
    ; Author(s):        Nomad
    ; Note(s):
    ;=================================================================================================
    Func _MemoryClose($ah_Handle)

       If Not IsArray($ah_Handle) Then
          SetError(1)
          Return 0
       EndIf

       DllCall($ah_Handle[0], 'int', 'CloseHandle', 'int', $ah_Handle[1])
       If Not @error Then
          DllClose($ah_Handle[0])
          Return 1
       Else
          DllClose($ah_Handle[0])
          SetError(2)
          Return 0
       EndIf

    EndFunc  ;==>_MemoryClose


    ;=================================================================================================
    ; Function:            _MemoryPointerRead ($iv_Address, $ah_Handle, $av_Offset(, $sv_Type))
    ; Description:        Reads a chain of pointers and returns an array containing the destination
    ;                    address and the data at the address.
    ; Parameter(s):        $iv_Address - The static memory address you want to start at. It must be in
    ;                                  hex format (0x00000000).
    ;                    $ah_Handle - An array containing the Dll handle and the handle of the open
    ;                                process as returned by _MemoryOpen().
    ;                    $av_Offset - An array of offsets for the pointers.  Each pointer must have an
    ;                                offset.  If there is no offset for a pointer, enter 0 for that
    ;                                array dimension. (Offsets must be in decimal format, NOT hex!)
    ;                    $sv_Type - (optional) The "Type" of data you intend to read at the destination
    ;                                address.  This is set to 'dword'(32bit(4byte) signed integer) by
    ;                                default.  See the help file for DllStructCreate for all types.
    ; Requirement(s):    The $ah_Handle returned from _MemoryOpen.
    ; Return Value(s):    On Success - Returns an array containing the destination address and the value
    ;                                located at the address.
    ;                    On Failure - Returns 0
    ;                    @Error - 0 = No error.
    ;                            1 = $av_Offset is not an array.
    ;                            2 = Invalid $ah_Handle.
    ;                            3 = $sv_Type is not a string.
    ;                            4 = $sv_Type is an unknown data type.
    ;                            5 = Failed to allocate the memory needed for the DllStructure.
    ;                            6 = Error allocating memory for $sv_Type.
    ;                            7 = Failed to read from the specified process.
    ; Author(s):        Nomad
    ; Note(s):            Values returned are in Decimal format, unless a 'char' type is selected.
    ;                    Set $av_Offset like this:
    ;                    $av_Offset[0] = NULL (not used)
    ;                    $av_Offset[1] = Offset for pointer 1 (all offsets must be in Decimal)
    ;                    $av_Offset[2] = Offset for pointer 2
    ;                    etc...
    ;                    (The number of array dimensions determines the number of pointers)
    ;=================================================================================================
    Func _MemoryPointerRead($iv_Address, $ah_Handle, $av_Offset, $sv_Type = 'dword')

       If IsArray($av_Offset) Then
          If IsArray($ah_Handle) Then
             Local $iv_PointerCount = UBound($av_Offset) - 1
          Else
             SetError(2)
             Return 0
          EndIf
       Else
          SetError(1)
          Return 0
       EndIf

       Local $iv_Data[2], $i
       Local $v_Buffer = DllStructCreate('dword')

       For $i = 0 To $iv_PointerCount

          If $i = $iv_PointerCount Then
             $v_Buffer = DllStructCreate($sv_Type)
             If @error Then
                SetError(@error + 2)
                Return 0
             EndIf

             $iv_Address = '0x' & Hex($iv_Data[1] + $av_Offset[$i])
             DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
             If @error Then
                SetError(7)
                Return 0
             EndIf

             $iv_Data[1] = DllStructGetData($v_Buffer, 1)

          ElseIf $i = 0 Then
             DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
             If @error Then
                SetError(7)
                Return 0
             EndIf

             $iv_Data[1] = DllStructGetData($v_Buffer, 1)

          Else
             $iv_Address = '0x' & Hex($iv_Data[1] + $av_Offset[$i])
             DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
             If @error Then
                SetError(7)
                Return 0
             EndIf

             $iv_Data[1] = DllStructGetData($v_Buffer, 1)

          EndIf

       Next

       $iv_Data[0] = $iv_Address

       Return $iv_Data

    EndFunc  ;==>_MemoryPointerRead


    ;=================================================================================================
    ; Function:            _MemoryPointerWrite ($iv_Address, $ah_Handle, $av_Offset, $v_Data(, $sv_Type))
    ; Description:        Reads a chain of pointers and writes the data to the destination address.
    ; Parameter(s):        $iv_Address - The static memory address you want to start at. It must be in
    ;                                  hex format (0x00000000).
    ;                    $ah_Handle - An array containing the Dll handle and the handle of the open
    ;                                process as returned by _MemoryOpen().
    ;                    $av_Offset - An array of offsets for the pointers.  Each pointer must have an
    ;                                offset.  If there is no offset for a pointer, enter 0 for that
    ;                                array dimension.
    ;                    $v_Data - The data to be written.
    ;                    $sv_Type - (optional) The "Type" of data you intend to write at the destination
    ;                                address.  This is set to 'dword'(32bit(4byte) signed integer) by
    ;                                default.  See the help file for DllStructCreate for all types.
    ; Requirement(s):    The $ah_Handle returned from _MemoryOpen.
    ; Return Value(s):    On Success - Returns the destination address.
    ;                    On Failure - Returns 0.
    ;                    @Error - 0 = No error.
    ;                            1 = $av_Offset is not an array.
    ;                            2 = Invalid $ah_Handle.
    ;                            3 = Failed to read from the specified process.
    ;                            4 = $sv_Type is not a string.
    ;                            5 = $sv_Type is an unknown data type.
    ;                            6 = Failed to allocate the memory needed for the DllStructure.
    ;                            7 = Error allocating memory for $sv_Type.
    ;                            8 = $v_Data is not in the proper format to be used with the
    ;                                "Type" selected for $sv_Type, or it is out of range.
    ;                            9 = Failed to write to the specified process.
    ; Author(s):        Nomad
    ; Note(s):            Data written is in Decimal format, unless a 'char' type is selected.
    ;                    Set $av_Offset like this:
    ;                    $av_Offset[0] = NULL (not used, doesn't matter what's entered)
    ;                    $av_Offset[1] = Offset for pointer 1 (all offsets must be in Decimal)
    ;                    $av_Offset[2] = Offset for pointer 2
    ;                    etc...
    ;                    (The number of array dimensions determines the number of pointers)
    ;=================================================================================================
    Func _MemoryPointerWrite($iv_Address, $ah_Handle, $av_Offset, $v_Data, $sv_Type = 'dword')

       If IsArray($av_Offset) Then
          If IsArray($ah_Handle) Then
             Local $iv_PointerCount = UBound($av_Offset) - 1
          Else
             SetError(2)
             Return 0
          EndIf
       Else
          SetError(1)
          Return 0
       EndIf

       Local $iv_StructData, $i
       Local $v_Buffer = DllStructCreate('dword')

       For $i = 0 To $iv_PointerCount
          If $i = $iv_PointerCount Then
             $v_Buffer = DllStructCreate($sv_Type)
             If @error Then
                SetError(@error + 3)
                Return 0
             EndIf

             DllStructSetData($v_Buffer, 1, $v_Data)
             If @error Then
                SetError(8)
                Return 0
             EndIf

             $iv_Address = '0x' & Hex($iv_StructData + $av_Offset[$i])
             DllCall($ah_Handle[0], 'int', 'WriteProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
             If @error Then
                SetError(9)
                Return 0
             Else
                Return $iv_Address
             EndIf
          ElseIf $i = 0 Then
             DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
             If @error Then
                SetError(3)
                Return 0
             EndIf

             $iv_StructData = DllStructGetData($v_Buffer, 1)

          Else
             $iv_Address = '0x' & Hex($iv_StructData + $av_Offset[$i])
             DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
             If @error Then
                SetError(3)
                Return 0
             EndIf

             $iv_StructData = DllStructGetData($v_Buffer, 1)

          EndIf
       Next

    EndFunc  ;==>_MemoryPointerWrite


    ;==================================================================================
    ; Function:            SetPrivilege( $privilege, $bEnable )
    ; Description:        Enables (or disables) the $privilege on the current process
    ;                  (Probably) requires administrator privileges to run
    ;
    ; Author(s):        Larry (from autoitscript.com's Forum)
    ; Notes(s):
    ; http://www.autoitscript.com/forum/index.php?s=&showtopic=31248&view=findpost&p=223999
    ;==================================================================================

    Func SetPrivilege($privilege, $bEnable)
       Const $TOKEN_ADJUST_PRIVILEGES = 0x0020
       Const $TOKEN_QUERY = 0x0008
       Const $SE_PRIVILEGE_ENABLED = 0x0002
       Local $hToken, $SP_auxret, $SP_ret, $hCurrProcess, $nTokens, $nTokenIndex, $priv
       $nTokens = 1
       $LUID = DllStructCreate("dword;int")
       If IsArray($privilege) Then $nTokens = UBound($privilege)
       $TOKEN_PRIVILEGES = DllStructCreate("dword;dword[" & (3 * $nTokens) & "]")
       $NEWTOKEN_PRIVILEGES = DllStructCreate("dword;dword[" & (3 * $nTokens) & "]")
       $hCurrProcess = DllCall("kernel32.dll", "hwnd", "GetCurrentProcess")
       $SP_auxret = DllCall("advapi32.dll", "int", "OpenProcessToken", "hwnd", $hCurrProcess[0], _
             "int", BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY), "int*", 0)
       If $SP_auxret[0] Then
          $hToken = $SP_auxret[3]
          DllStructSetData($TOKEN_PRIVILEGES, 1, 1)
          $nTokenIndex = 1
          While $nTokenIndex <= $nTokens
             If IsArray($privilege) Then
                $ntokenvar = $nTokenIndex - 1 ;;modify
                $priv = $privilege[$ntokenvar]
             Else
                $priv = $privilege
             EndIf
             $ret = DllCall("advapi32.dll", "int", "LookupPrivilegeValue", "str", "", "str", $priv, _
                   "ptr", DllStructGetPtr($LUID))
             If $ret[0] Then
                If $bEnable Then
                   DllStructSetData($TOKEN_PRIVILEGES, 2, $SE_PRIVILEGE_ENABLED, (3 * $nTokenIndex))
                Else
                   DllStructSetData($TOKEN_PRIVILEGES, 2, 0, (3 * $nTokenIndex))
                EndIf
                DllStructSetData($TOKEN_PRIVILEGES, 2, DllStructGetData($LUID, 1), (3 * ($nTokenIndex - 1)) + 1)
                DllStructSetData($TOKEN_PRIVILEGES, 2, DllStructGetData($LUID, 2), (3 * ($nTokenIndex - 1)) + 2)
                DllStructSetData($LUID, 1, 0)
                DllStructSetData($LUID, 2, 0)
             EndIf
             $nTokenIndex += 1
          WEnd
          $ret = DllCall("advapi32.dll", "int", "AdjustTokenPrivileges", "hwnd", $hToken, "int", 0, _
                "ptr", DllStructGetPtr($TOKEN_PRIVILEGES), "int", DllStructGetSize($NEWTOKEN_PRIVILEGES), _
                "ptr", DllStructGetPtr($NEWTOKEN_PRIVILEGES), "int*", 0)
          $f = DllCall("kernel32.dll", "int", "GetLastError")
       EndIf
       $NEWTOKEN_PRIVILEGES = 0
       $TOKEN_PRIVILEGES = 0
       $LUID = 0
       If $SP_auxret[0] = 0 Then Return 0
       $SP_auxret = DllCall("kernel32.dll", "int", "CloseHandle", "hwnd", $hToken)
       If Not $ret[0] And Not $SP_auxret[0] Then Return 0
       Return $ret[0]
    EndFunc  ;==>SetPrivilege


    ;===================================================================================================
    ; Function........:  _MemoryGetBaseAddress($ah_Handle, $iHD)
    ;
    ; Description.....:  Reads the 'Allocation Base' from the open process.
    ;
    ; Parameter(s)....:  $ah_Handle - An array containing the Dll handle and the handle of the open
    ;                              process as returned by _MemoryOpen().
    ;                    $iHD - Return type:
    ;                      |0 = Hex (Default)
    ;                      |1 = Dec
    ;
    ; Requirement(s)..:  A valid process ID.
    ;
    ; Return Value(s).:  On Success - Returns the 'allocation Base' address and sets @Error to 0.
    ;                    On Failure - Returns 0 and sets @Error to:
    ;                  |1 = Invalid $ah_Handle.
    ;                  |2 = Failed to find correct allocation address.
    ;                  |3 = Failed to read from the specified process.
    ;
    ; Author(s).......:  Nomad. Szhlopp.
    ; URL.............:  http://www.autoitscript.com/forum/index.php?showtopic=78834
    ; Note(s).........:  Go to [You must be registered and logged in to see this link.] for the latest version of CheatEngine.
    ;===================================================================================================

    Func _MemoryGetBaseAddress($ah_Handle, $iHexDec = 0)

       Local $iv_Address = 0x00100000
       Local $v_Buffer = DllStructCreate('dword;dword;dword;dword;dword;dword;dword')
       Local $vData
       Local $vType

       If Not IsArray($ah_Handle) Then
          SetError(1)
          Return 0
       EndIf


       DllCall($ah_Handle[0], 'int', 'VirtualQueryEx', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer))

       If Not @error Then

          $vData = Hex(DllStructGetData($v_Buffer, 2))
          $vType = Hex(DllStructGetData($v_Buffer, 3))

          While $vType <> "00000080"
             DllCall($ah_Handle[0], 'int', 'VirtualQueryEx', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer))
             $vData = Hex(DllStructGetData($v_Buffer, 2))
             $vType = Hex(DllStructGetData($v_Buffer, 3))
             If Hex($iv_Address) = "01000000" Then ExitLoop
             $iv_Address += 65536

          WEnd

          If $vType = "00000080" Then
             SetError(0)
             If $iHexDec = 1 Then
                Return Dec($vData)
             Else
                Return $vData
             EndIf

          Else
             SetError(2)
             Return 0
          EndIf

       Else
          SetError(3)
          Return 0
       EndIf

    EndFunc  ;==>_MemoryGetBaseAddress


    Func _MemoryModuleGetBaseAddress($iPID, $sModule)
       If Not ProcessExists($iPID) Then Return SetError(1, 0, 0)

       If Not IsString($sModule) Then Return SetError(2, 0, 0)

       Local $PSAPI = DllOpen("psapi.dll")

       ;Get Process Handle
       Local $hProcess
       Local $PERMISSION = BitOR(0x0002, 0x0400, 0x0008, 0x0010, 0x0020) ; CREATE_THREAD, QUERY_INFORMATION, VM_OPERATION, VM_READ, VM_WRITE

       If $iPID > 0 Then
          Local $hProcess = DllCall("kernel32.dll", "ptr", "OpenProcess", "dword", $PERMISSION, "int", 0, "dword", $iPID)
          If $hProcess[0] Then
             $hProcess = $hProcess[0]
          EndIf
       EndIf

       ;EnumProcessModules
       Local $Modules = DllStructCreate("ptr[1024]")
       Local $aCall = DllCall($PSAPI, "int", "EnumProcessModules", "ptr", $hProcess, "ptr", DllStructGetPtr($Modules), "dword", DllStructGetSize($Modules), "dword*", 0)
       If $aCall[4] > 0 Then
          Local $iModnum = $aCall[4] / 4
          Local $aTemp
          For $i = 1 To $iModnum
             $aTemp = DllCall($PSAPI, "dword", "GetModuleBaseNameW", "ptr", $hProcess, "ptr", Ptr(DllStructGetData($Modules, 1, $i)), "wstr", "", "dword", 260)
             If $aTemp[3] = $sModule Then
                DllClose($PSAPI)
                Return Ptr(DllStructGetData($Modules, 1, $i))
             EndIf
          Next
       EndIf

       DllClose($PSAPI)
       Return SetError(-1, 0, 0)

    EndFunc  ;==>_MemoryModuleGetBaseAddress


    ;============================================================================================
    ; MemReadDLL - Function
    ;    Quick way of accessing a module offset.
    ;============================================================================================

    Func _MemReadDLL($dll, $offset, $ah_Handle, $sv_Type = 'dword')
       $StaticOffset = Dec($offset)
       $baseADDR = _MemoryModuleGetBaseAddress($ah_Handle, $dll)
       $finalADDR = "0x" & Hex($baseADDR + $StaticOffset)
       $MemTest = _MemoryRead($finalADDR, $ah_Handle, $sv_Type)
       Return $MemTest
    EndFunc  ;==>_MemReadDLL


    ;============================================================================================
    ; MemWriteDLL - Function
    ;    Quick way of writing to a module offset.
    ;============================================================================================

    Func _MemWriteDLL($dll, $offset, $value, $ah_Handle, $sv_Type = 'dword')
       $StaticOffset = Dec($offset)
       $baseADDR = _MemoryModuleGetBaseAddress($ah_Handle, $dll)
       $finalADDR = "0x" & Hex($baseADDR + $StaticOffset)
       $MemTest = _MemoryWrite($finalADDR, $ah_Handle, $value, $sv_Type)
       Return $MemTest
    EndFunc  ;==>_MemWriteDLL


    ;============================================================================================
    ; MemWriteDLLByteArray - Function
    ;   Writes an array of bytes to memory
    ;============================================================================================

    Func _MemWriteDLLByteArray($dll, $offset, $ah_Handle, $v_Array)
       Local $StaticOffset = Dec($offset)
       Local $baseADDR = _MemoryModuleGetBaseAddress($ah_Handle, $dll)
       Local $finalADDR = "0x" & Hex($baseADDR + $StaticOffset)
       Local $MemTest = _MemoryWriteByteArray($finalADDR, $ah_Handle, $v_Array)
       Return $MemTest
    EndFunc  ;==>_MemWriteDLLByteArray


    ;============================================================================================
    ; _MemoryWriteByteArray - Function
    ;   Writes an array of bytes to memory
    ;============================================================================================

    Func _MemoryWriteByteArray($iv_Address, $ah_Handle, $v_Array)
       If Not IsArray($ah_Handle) Then
          SetError(1)
          Return 0
       EndIf

       If Not IsArray($v_Array) Then
          Return 0
       EndIf

       Local $eMax = UBound($v_Array)
       Local $byteString = ""
       For $i = 0 To $eMax - 1
          $byteString = $byteString & "byte;"
       Next
       Local $v_Buffer = DllStructCreate($byteString)
       If @error Then
          Return 0
       Else
          For $i = 1 To $eMax
             DllStructSetData($v_Buffer, $i, $v_Array[$i - 1])
             If @error Then
                Return 0
             EndIf
          Next
       EndIf
       DllCall($ah_Handle[0], 'int', 'WriteProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
       If Not @error Then
          Return 1
       Else
          SetError(7)
          Return 0
       EndIf
    EndFunc  ;==>_MemoryWriteByteArray


    [b]; @@@@@@@@@@@@@@@@@ Freeze.au3 @@@@@@@@@@@@@@@@@  (Freeze.au3 ==>> NomadMemoryPSsix_Modified.au3)[/b]
    [b]; นำ Function จากไฟล์ Freeze.au3 มาใส่ใน NomadMemoryPSsix_Modified.au3 ครับ[/b]
    [b]; Modified by Arm at http://www.pssix.blogspot.com[/b]
    [b];===============================================================================[/b]
    [b]; Function Name:    _Freeze_Value()[/b]
    [b]; Description:          Freezes a Value just like Cheat Engine[/b]
    [b]; Parameter(s):    $Address - Address you want to freesze[/b]
    [b];[/b]
    [b];               $ID[/b]
    [b];                 An array containing the Dll handle and the handle[/b]
    [b];               of the open process as returned by _MemoryOpen()[/b]
    [b];[/b]
    [b];                  $Value - Value you want to freeze it at[/b]
    [b];[/b]
    [b];               $sv_Type - (optional) The "Type" of value you intend to read.[/b]
    [b];               This is set to 'dword'(32bit(4byte) signed integer)[/b]
    [b];               by default.  See the help file for DllStructCreate[/b]
    [b];               for all types.  An example: If you want to read a[/b]
    [b];               word that is 15 characters in length, you would use[/b]
    [b];               'char[16]' since a 'char' is 8 bits (1 byte) in size.[/b]
    [b];[/b]
    [b];               Your main While 1 loop in the Script duplicated, put into a function [/b]
    [b];[/b]
    [b]; Return Value(s):  Success = Freezes Value[/b]
    [b]; Author(s):  Liiten \ tri407tiny[/b]
    [b];===============================================================================[/b]

    [b]Func _Freeze_Value($ID, $Address, $value, $mainloop)[/b]
    [b]   SetPrivilege("SeDebugPrivilege", 1)[/b]
    [b]   $M1 = _Memoryread($Address)[/b]
    [b]   if $M1 <> $Value then [/b]
    [b]      while 1[/b]
    [b]      _memorywrite($ID, $address, $Value)[/b]
    [b]      $mainloop ()[/b]
    [b]      WEnd[/b]
    [b]   EndIf[/b]
    [b]EndFunc[/b]


    #endregion _Memory
    em218 em233 ชินจัง
    ดาวน์โหลด..เล้ย ไฟล์ NomadMemoryPSsix_Modified.au3 ครับ (คลิกตรงนี้แหละ ^^)

      เวลาขณะนี้ 29/03/24, 12:24 am