Jump to content
  • Advertisement
Sign in to follow this  
SelethD

Help reading a value with DMA variable

This topic is 3490 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

I am trying to read a certain value from the process of a game running in memory. The only problem is that apparently its DMA, so that the value is at a different location each time. I am coding in C#, so where do I start to learn how to make my program be able to find this certain variable and read its value? Thanks

Share this post


Link to post
Share on other sites
Advertisement
I very much doubt it's DMA - application level code isn't likely to have access to something as low level.
The only way I can see to find the value is to scan memory for it.

What is the variable you're trying to find? And what game?

Share this post


Link to post
Share on other sites
The game is a small client server type called Space Quest 2009, its one my cousin and his friends have been working on.

The value im trying to read is the inventory ammount of the cargo , in the cargo hold.

Example... In my cargo hold 5x5 compartments... I have in compartment 1 5xUranium, in compartment 2 1xQuartz in compartment 3 17xOrganics

I am trying to make a little 'bot' that will auto trade with a starport. My program needs to be able to know how much 'organics' i am holding.

I scanned the memory, and found the location for the compartments and was able to read how much of each material was in each compartment. I hard coded my 'bot' program, and everything was fine.

Next time I loaded the game (my client side) There was inaccurate values in the previously mapped locations. So I did a search again, and found the cargo hold data but at a new location.

So I exited the game and loaded it again, the cargo hold data was at another new location.

After looking online I thought this might be a case of DMA. So I needed to know more about how to create a program that can 'find' the cargo hold variables without having to search and change values and search again each time i run the program

Thanks

Share this post


Link to post
Share on other sites
Quote:
Original post by SelethD
The game is a small client server type called Space Quest 2009, its one my cousin and his friends have been working on.

The value im trying to read is the inventory ammount of the cargo , in the cargo hold.

Example... In my cargo hold 5x5 compartments... I have in compartment 1 5xUranium, in compartment 2 1xQuartz in compartment 3 17xOrganics

I am trying to make a little 'bot' that will auto trade with a starport. My program needs to be able to know how much 'organics' i am holding.
First, I'd suggest contacting your friend and asking them to make an interface for plugins for bots. I can understand why they might not want to though.

Quote:
Original post by SelethD
I scanned the memory, and found the location for the compartments and was able to read how much of each material was in each compartment. I hard coded my 'bot' program, and everything was fine.

Next time I loaded the game (my client side) There was inaccurate values in the previously mapped locations. So I did a search again, and found the cargo hold data but at a new location.

So I exited the game and loaded it again, the cargo hold data was at another new location.

After looking online I thought this might be a case of DMA. So I needed to know more about how to create a program that can 'find' the cargo hold variables without having to search and change values and search again each time i run the program
It's not to do with DMA at all, it's because that's the way dynamic memory allocation works. The game says to the OS "Give me a wodge of memory" and the OS allocates it and returns a pointer - the pointer might not be the same through each run of the game though, and is more likely to vary if anything at all different happens between 2 runs of the game up to the point that the memory is allocated.

The only way I can think of to do this is to write an app to fake keyboard input to the game to add / remove the amount of cargo stored in a slot, and scan the process memory each time. Then you compare the memory snapshots and look for a value that's E.g. 1 when you started, and goes up to 2 when you added an item of cargo.
See "The Cheat Machine" - it's a program that lets you scan through program memory and check for values changing.
However, this isn't guaranteed to work by any means.

Share this post


Link to post
Share on other sites
Lol, no, I dont want him to know im cheating his little game, :D

I found the code that manipulates the 'ammount' of organics, and the code is always at the same place in memeory. From this code can my bot program get the address?

the address is 7CF091 mov al,[eax+0x11]

So is there a way in c# to access what is in 'eax' (since im assuming eax holds the address offset to the data I seek)

Share this post


Link to post
Share on other sites
If you're lucky you may find that a pointer to that dynamically allocated data is stored at a fixed location, but it's not always the case. Searching for that pointer shouldn't be too hard though, and you may be lucky.

Edit: EAX is a CPU register that will change very frequently. Reading it won't help, unless you can catch it at exactly the right moment.

Share this post


Link to post
Share on other sites
Quote:
Original post by Evil Steve
The game says to the OS "Give me a wodge of memory" and the OS allocates it and returns a pointer - the pointer might not be the same through each run of the game though, and is more likely to vary if anything at all different happens between 2 runs of the game up to the point that the memory is allocated.

Or if you're running Vista or Windows 7 the OS will automatically randomize allocated memory regions like stack base addresses as part of the security enhancements.

Share this post


Link to post
Share on other sites
ok, so if I have a static pointer to the 'code' that manipulates the data I seek.... Then what can I do to get the address of the data?

Share this post


Link to post
Share on other sites
Quote:
Original post by Adam_42

Edit: EAX is a CPU register that will change very frequently. Reading it won't help, unless you can catch it at exactly the right moment.


It won't in this case. eax is pointer to structure holding the data at offset 11h. Probably something like:
struct Foo {
...
...
unsigned char value;
...
};
while the code is doing:
Foo * foo = getFooFromSomewhere();
unsigned char temp = foo->value; // this is the mov statement
temp += 10;
...
// and so on...


Quote:
the address is 7CF091 mov al,[eax+0x11]


Where does eax come from? Backtrack to see where it is.

If it's dynamically allocated, then you will need to find where the pointer is stored. If it's in static location, then you simply read the address from there, add 11 and are done with it.

If it's stored dynamically, then it gets trickier, but can be done, you just need to figure out where it's stored. Usually, such values will not get moved around much.

Quote:
So is there a way in c# to access what is in 'eax'


You'll be using Windows API anyway to access process memory, so it doesn't matter which language you are using, as long as you can invoke native API. As said, it's not EAX you are interested in, it's where its value comes from.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

GameDev.net is your game development community. Create an account for your GameDev Portfolio and participate in the largest developer community in the games industry.

Sign me up!