Memory Hacking Software

Discussions Regarding Memory Hacking Software
http://www.memoryhacking.com/forums/

MHS POINTER HELP 2

http://www.memoryhacking.com/forums/viewtopic.php?f=4&t=1210

Page 1 of 1

MHS POINTER HELP 2

PostPosted: Sun Mar 09, 2008 11:28 am
by zile
Hi, i need help changing the code u gave me,

struct MyThing {
BYTE bBuffer[16];
struct {
BYTE bBuffer[0xA4];
struct {
struct {
BYTE bBuffer[24];
struct {
bBuffer[0xB1];
DWORD dwValue;
} * poObj;
} * poObj;
} * poObj;
} * poObj;
} * poBase = (MyThing *)0x340022F0;
poBase->poObj->poObj->poObj->poObj->dwValue = 0;


above is the code u gave

*((BYTE *) ((((((*((DWORD *) 0x340022F0) + 0x16) + 0xA4) + 0x00) + 0x24) + 0xB1 ))) = 1349014592;


this is my code, but for some reason, it doesnt work , i need your help to check the problem please, please reply

In MHS, the pointer for it is

[[[[[340022f0]+16]+a4]+0]+24]+b1


it works in MHS. Please reply.

PostPosted: Sun Mar 09, 2008 11:55 am
by L. Spiro
Code: Select all
struct MyThing {
   BYTE bBuffer[16];
   struct {
      BYTE bBuffer[0xA4];
      struct {
         struct {
            BYTE bBuffer[24];
            struct {
               bBuffer[0xB1];
               DWORD dwValue;
            } * poObj;
         } * poObj;
      } * poObj;
   } * poObj;
} * poBase = (MyThing *)0x340022F0;
poBase->poObj->poObj->poObj->poObj->dwValue = 0;



L. Spiro

PostPosted: Tue Mar 11, 2008 4:42 am
by Shynd
Maybe 0x16 and 0x24:
Code: Select all
struct MyThing {
   BYTE bBuffer[0x16];
   struct {
      BYTE bBuffer[0xA4];
      struct {
         struct {
            BYTE bBuffer[0x24];
            struct {
               bBuffer[0xB1];
               DWORD dwValue;
            } * poObj;
         } * poObj;
      } * poObj;
   } * poObj;
} * poBase = (MyThing *)0x340022F0;
poBase->poObj->poObj->poObj->poObj->dwValue = 0;

PostPosted: Tue Mar 11, 2008 6:13 am
by zile
Still doesnt work.. the code give by L .Spiro also doesnt work,

the pointer is
[[[[[340022f0]+16]+a4]+0]+24]+b1

it works in MHS, so the address should be correct

PostPosted: Tue Mar 11, 2008 7:39 am
by mezzo
[[[[[340022f0]+16]+a4]+0]+24]+b1


just wanted to mention that you might want to add 0x in front of the hex numbers..
I've had strange things myself when using the expression evaluator.
Sometimes it looks like the evaluator takes the ascii value of characters

PostPosted: Tue Mar 11, 2008 9:30 am
by L. Spiro
My code is correct depending on the formats of your numbers. That is why you should always use 0x in front of h behind the number, so we always know for sure it is hex.

But when you use the Expression Evaluator or the Complex Address it defaults to decimal numbers unless:
#1: You specify hex manually.
#2: The number is valid in hex but not in decimal (hence your “b1” is known to be in hex format).


With this in mind my code is correct, but correct code is not the only factor here.
How are you using it? You need to use it in an injected DLL. If you are using it in an MHS L. Spiro Script you need to use extern.


L. Spiro

PostPosted: Tue Mar 11, 2008 9:31 am
by zile
mezzo wrote:
[[[[[340022f0]+16]+a4]+0]+24]+b1


just wanted to mention that you might want to add 0x in front of the hex numbers..
I've had strange things myself when using the expression evaluator.
Sometimes it looks like the evaluator takes the ascii value of characters


a4 and b1 is the only hex numbers? right?

EDIT: i compiled my dll in c++ express edition and inject it using an injector..

PostPosted: Tue Mar 11, 2008 3:15 pm
by WhiteHat
340022f0 is also a hex number...

PostPosted: Wed Mar 12, 2008 11:02 pm
by zile
Whitehat wrote:340022f0 is also a hex number...


lol yeah that too..

EDIT: i just realized 340022f0 is the only pointer address that crashes the game the other hack which uses another address is able to function, anyone know why?

EDIT2: i tried on another address.. this pointer
[[[[[340022f0]+16]+a4]+0]+24]+b1

when i go ingame it changes to
106341289 (656A3A9)

is this possible cuz i cant do it in the expression evaluator..
Lspiro i need your help..

EDIT3: still crash even though i use 656a3a9..

PostPosted: Thu Mar 13, 2008 1:48 am
by Sychotix
btw... those are ALL hex numbers -.- hex counts 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 18 19 1a 1b... yada yada

PostPosted: Thu Mar 13, 2008 9:30 am
by zile
Sychotix wrote:btw... those are ALL hex numbers -.- hex counts 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 18 19 1a 1b... yada yada


*((BYTE *) ((((((*((DWORD *) 0x340022F0) + 0x16) + 0xA4) + 0x00) + 0x24) + 0xB1 ))) = 1349014592;

still doesnt work if i hex them all..

PostPosted: Thu Mar 13, 2008 9:47 am
by L. Spiro
That isn’t going to work at all and you are not on the right track.

I told you already the shortest conversion is via structures.
If you are going to even dream of going the route you are going you need to use macros.

Code: Select all
#define PTR( BASE, OFFSET )  ((*((PDWORD)(BASE)))+(OFFSET))

//(*(PDWORD)PTR( PTR( PTR( PTR( PTR( 0x340022F0, 0x16 ), 0xA4 ), 0x0 ), 0x24, 0xB1 ))
(*(PDWORD)PTR( PTR( PTR( PTR( PTR( 0x340022F0, 16 ), 0xA4 ), 0x0 ), 24, 0xB1 ))



And ASM is much easier than both.

Code: Select all
__declspec( naked ) DWORD GetVal() {
    __asm {
        mov eax, [0x340022F0]
        add eax, 16    ; Change to 0x16?
        mov eax, [eax]
        add eax, 0xA4
        mov eax, [eax]
        //add eax, 0
        mov eax, [eax]
        add eax, 24    ; Change to 0x24?
        mov eax, [eax]
        add eax, 0xB1
        mov eax, [eax]
        retn
    }
}



L. Spiro

PostPosted: Thu Mar 13, 2008 10:39 am
by WhiteHat
Sychotix wrote:btw... those are ALL hex numbers -.- hex counts 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 18 19 1a 1b... yada yada

Yes you’re right...

But, in context of applies [[[[[340022f0]+16]+a4]+0]+24]+b1 as a complex
address, both 16 and 24 would assumed as decimal numbers...

To make sure that they would assumed as hex numbers you should type 0x16 /
0x24 OR 16h / 24h.

CMIIW...

PostPosted: Thu Mar 13, 2008 10:48 am
by zile
L. Spiro wrote:That isn’t going to work at all and you are not on the right track.

I told you already the shortest conversion is via structures.
If you are going to even dream of going the route you are going you need to use macros.

Code: Select all
#define PTR( BASE, OFFSET )  ((*((PDWORD)(BASE)))+(OFFSET))

//(*(PDWORD)PTR( PTR( PTR( PTR( PTR( 0x340022F0, 0x16 ), 0xA4 ), 0x0 ), 0x24, 0xB1 ))
(*(PDWORD)PTR( PTR( PTR( PTR( PTR( 0x340022F0, 16 ), 0xA4 ), 0x0 ), 24, 0xB1 ))



And ASM is much easier than both.

Code: Select all
__declspec( naked ) DWORD GetVal() {
    __asm {
        mov eax, [0x340022F0]
        add eax, 16    ; Change to 0x16?
        mov eax, [eax]
        add eax, 0xA4
        mov eax, [eax]
        //add eax, 0
        mov eax, [eax]
        add eax, 24    ; Change to 0x24?
        mov eax, [eax]
        add eax, 0xB1
        mov eax, [eax]
        retn
    }
}



L. Spiro


still crashes my game...nevermind..i give up
All times are UTC + 7 hours
Page 1 of 1
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/