Search for an aob

Question

M3SSIAH 0 Newbie Poster

13 Years Ago

Hi,

im trying to make my .dll program written in VC++ search for an aob(array of bytes) in its own process. It's supposed to retrieve the aob from a textbox, search for it and return an address.

For example i type the following aob in the textbox = B8 ?? ?? ?? ?? E8 ?? ?? ?? ?? 83 EC ?? 53 56 8B F1 8D 9E ?? ?? 00 00 57 8B CB 89 5D ?? E8 ?? ?? ?? ?? and it should return
0048FFC4. Pretty much looks like what cheat engine does with his Find Memory function:

B8 4C B6 A2 00 E8 46 E1 57 00 83 EC 14 53 56 8B F1 8D 9E 80 00 00 00 57 8B CB 89 5D F0 E8 D8 28 F7 FF

This is what i got now:

BYTE* ScanAOB(BYTE* AOB, BYTE* memory, unsigned long searchsize, int aobsize) 
{
   unsigned long a = 0, i = 0;

   for(i = 0; i < searchsize; i++) 
   {      
	  while(AOB[a]==0xFD)
	  {
		  a++;
		  i++;
	  }

      if(memory[i] == AOB[a]) 
      { 
         if(a == (aobsize - 1))
         {
            return &memory[i-a];
         }
         a++;
      }
	  else i = i -a;
	  a =0;
   }
   return 0; 
}

this code works to search for an array of bytes but how can i convert a string into an array of bytes. Like 00 00 57 8B CB 89 5D to {0x00, 0x00, 0x57, 0x8B, 0xCB, 0x89, 0x5D}.

thanks :)

c++

Edited 13 Years Ago by M3SSIAH because: n/a

3 Contributors
5 Replies
294 Views
16 Hours Discussion Span
Latest Post 13 Years Ago Latest Post by M3SSIAH

Ancient Dragon 5,243 Achieved Level 70

13 Years Ago

You mean something like this?

#include <stdio.h>
#include <stdlib.h>
#include <ctype.h>
#pragma warning(disable: 4996)

int main()
{
    char line[] = "00 00 57 8B CB 89 5D";
    unsigned char bytes[40] = {0};
    char* ptr = strtok(line," ");
    int index = 0, i;
    char* end = 0;
    while(ptr != NULL)
    {
        bytes[index++] = (unsigned char)strtol(ptr,&end,16);
        ptr = strtok(NULL," ");

    }
    for(i = 0; i < index; i++)
        printf("0x%x ", bytes[i]);
    printf("\n");
}

Ancient Dragon 5,243 Achieved Level 70

13 Years Ago

I just answered the question how to turn "00 00 57 8B CB 89 5D" into an array of bytes that contain this: {0x00, 0x00, 0x57, 0x8B, 0xCB, 0x89, 0x5D}.

How to use that array of bytes is a different question that I can not answer.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

M3SSIAH 0 Newbie Poster · Answer 1 · 2011-04-01T02:55:42+00:00

That looks good! :D but how am i gonna let them work as seperate bytes so i can do something like

if(memory[i] == AOB[a])

Because i doubt a simple type cast like

byte(bytes[i])

will work

vijayan121 1,152 Posting Virtuoso · Answer 2 · 2011-04-01T09:27:02+00:00

You could also use a stringstream to do the conversion.

typedef unsigned char byte ;

std::vector<byte> to_byte_sequence( const std::string& str )
{
    std::vector<byte> result ;

    std::istringstream stm(str) ;
    stm >> std::hex >> std::noshowbase ;

    unsigned int b ;
    while( stm >> b ) result.push_back(b) ;

    if( stm.eof() ) return result ;
    else throw std::invalid_argument( "badly formed string" ) ;
}

M3SSIAH 0 Newbie Poster · Answer 3 · 2011-04-01T11:45:48+00:00

Hmm, ill try that when im able to. Thanks for replying :)