pointer.au3

1. #include-once
2. #region _Memory
3. ;=================================================================================================
4. ; AutoIt Version:    3.1.127 (beta)
5. ; Language:            English
6. ; Platform:            All Windows
7. ; Author:            Nomad
8. ; Requirements:        These functions will only work with beta.
9. ;=================================================================================================
10. ; Credits:    wOuter - These functions are based on his original _Mem() functions.  But they are
11. ;            easier to comprehend and more reliable.  These functions are in no way a direct copy
12. ;            of his functions.  His functions only provided a foundation from which these evolved.
13. ;=================================================================================================
14. ;
15. ; Functions:
16. ;
17. ;=================================================================================================
18. ; Function:            _MemoryOpen($iv_Pid(, $iv_DesiredAccess(, $iv_InheritHandle)))
19. ; Description:        Opens a process and enables all possible access rights to the process.  The
20. ;                    Process ID of the process is used to specify which process to open.  You must
21. ;                    call this function before calling _MemoryClose(), _MemoryRead(), or _MemoryWrite().
22. ; Parameter(s):        $iv_Pid - The Process ID of the program you want to open.
23. ;                    $iv_DesiredAccess - (optional) Set to 0x1F0FFF by default, which enables all
24. ;                                        possible access rights to the process specified by the
25. ;                                        Process ID.
26. ;                    $if_InheritHandle - (optional) If this value is TRUE, all processes created by
27. ;                                        this process will inherit the access handle.  Set to TRUE
28. ;                                        (1) by default.  Set to 0 if you want it to be FALSE.
29. ; Requirement(s):    A valid process ID.
30. ; Return Value(s):     On Success - Returns an array containing the Dll handle and an open handle to
31. ;                                 the specified process.
32. ;                    On Failure - Returns 0
33. ;                    @Error - 0 = No error.
34. ;                             1 = Invalid $iv_Pid.
35. ;                             2 = Failed to open Kernel32.dll.
36. ;                             3 = Failed to open the specified process.
37. ; Author(s):        Nomad
38. ; Note(s):
39. ;=================================================================================================
40. Func _MemoryOpen($iv_Pid, $iv_DesiredAccess = 0x1F0FFF, $if_InheritHandle = 1)
41.  
42.     If Not ProcessExists($iv_Pid) Then
43.         SetError(1)
44.         Return 0
45.     EndIf
46.  
47.     Local $ah_Handle[2] = [DllOpen('kernel32.dll')]
48.  
49.     If @Error Then
50.         SetError(2)
51.         Return 0
52.     EndIf
53.  
54.     Local $av_OpenProcess = DllCall($ah_Handle[0], 'int', 'OpenProcess', 'int', $iv_DesiredAccess, 'int', $if_InheritHandle, 'int', $iv_Pid)
55.  
56.     If @Error Then
57.         DllClose($ah_Handle[0])
58.         SetError(3)
59.         Return 0
60.     EndIf
61.  
62.     $ah_Handle[1] = $av_OpenProcess[0]
63.  
64.     Return $ah_Handle
65.  
66. EndFunc
67.  
68. ;=================================================================================================
69. ; Function:            _MemoryRead($iv_Address, $ah_Handle(, $sv_Type))
70. ; Description:        Reads the value located in the memory address specified.
71. ; Parameter(s):        $iv_Address - The memory address you want to read from. It must be in hex
72. ;                                  format (0x00000000).
73. ;                    $ah_Handle - An array containing the Dll handle and the handle of the open
74. ;                                 process as returned by _MemoryOpen().
75. ;                    $sv_Type - (optional) The "Type" of value you intend to read.  This is set to
76. ;                                'dword'(32bit(4byte) signed integer) by default.  See the help file
77. ;                                for DllStructCreate for all types.
78. ;                                An example: If you want to read a word that is 15 characters in
79. ;                                length, you would use 'char[16]'.
80. ; Requirement(s):    The $ah_Handle returned from _MemoryOpen.
81. ; Return Value(s):    On Success - Returns the value located at the specified address.
82. ;                    On Failure - Returns 0
83. ;                    @Error - 0 = No error.
84. ;                             1 = Invalid $ah_Handle.
85. ;                             2 = $sv_Type was not a string.
86. ;                             3 = $sv_Type is an unknown data type.
87. ;                             4 = Failed to allocate the memory needed for the DllStructure.
88. ;                             5 = Error allocating memory for $sv_Type.
89. ;                             6 = Failed to read from the specified process.
90. ; Author(s):        Nomad
91. ; Note(s):            Values returned are in Decimal format, unless specified as a 'char' type, then
92. ;                    they are returned in ASCII format.  Also note that size ('char[size]') for all
93. ;                    'char' types should be 1 greater than the actual size.
94. ;=================================================================================================
95. Func _MemoryRead($iv_Address, $ah_Handle, $sv_Type = 'dword')
96.  
97.     If Not IsArray($ah_Handle) Then
98.         SetError(1)
99.         Return 0
100.     EndIf
101.  
102.     Local $v_Buffer = DllStructCreate($sv_Type)
103.  
104.     If @Error Then
105.         SetError(@Error + 1)
106.         Return 0
107.     EndIf
108.  
109.     DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
110.  
111.     If Not @Error Then
112.         Local $v_Value = DllStructGetData($v_Buffer, 1)
113.         Return $v_Value
114.     Else
115.         SetError(6)
116.         Return 0
117.     EndIf
118.  
119. EndFunc
120.  
121. ;=================================================================================================
122. ; Function:            _MemoryWrite($iv_Address, $ah_Handle, $v_Data(, $sv_Type))
123. ; Description:        Writes data to the specified memory address.
124. ; Parameter(s):        $iv_Address - The memory address you want to write to.  It must be in hex
125. ;                                  format (0x00000000).
126. ;                    $ah_Handle - An array containing the Dll handle and the handle of the open
127. ;                                 process as returned by _MemoryOpen().
128. ;                    $v_Data - The data to be written.
129. ;                    $sv_Type - (optional) The "Type" of value you intend to write.  This is set to
130. ;                                'dword'(32bit(4byte) signed integer) by default.  See the help file
131. ;                                for DllStructCreate for all types.
132. ;                                An example: If you want to write a word that is 15 characters in
133. ;                                length, you would use 'char[16]'.
134. ; Requirement(s):    The $ah_Handle returned from _MemoryOpen.
135. ; Return Value(s):    On Success - Returns 1
136. ;                    On Failure - Returns 0
137. ;                    @Error - 0 = No error.
138. ;                             1 = Invalid $ah_Handle.
139. ;                             2 = $sv_Type was not a string.
140. ;                             3 = $sv_Type is an unknown data type.
141. ;                             4 = Failed to allocate the memory needed for the DllStructure.
142. ;                             5 = Error allocating memory for $sv_Type.
143. ;                             6 = $v_Data is not in the proper format to be used with the "Type"
144. ;                                 selected for $sv_Type, or it is out of range.
145. ;                             7 = Failed to write to the specified process.
146. ; Author(s):        Nomad
147. ; Note(s):            Values sent must be in Decimal format, unless specified as a 'char' type, then
148. ;                    they must be in ASCII format.  Also note that size ('char[size]') for all
149. ;                    'char' types should be 1 greater than the actual size.
150. ;=================================================================================================
151. Func _MemoryWrite($iv_Address, $ah_Handle, $v_Data, $sv_Type = 'dword')
152.  
153.     If Not IsArray($ah_Handle) Then
154.         SetError(1)
155.         Return 0
156.     EndIf
157.  
158.     Local $v_Buffer = DllStructCreate($sv_Type)
159.  
160.     If @Error Then
161.         SetError(@Error + 1)
162.         Return 0
163.     Else
164.         DllStructSetData($v_Buffer, 1, $v_Data)
165.         If @Error Then
166.             SetError(6)
167.             Return 0
168.         EndIf
169.     EndIf
170.  
171.     DllCall($ah_Handle[0], 'int', 'WriteProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
172.  
173.     If Not @Error Then
174.         Return 1
175.     Else
176.         SetError(7)
177.         Return 0
178.     EndIf
179.  
180. EndFunc
181.  
182. ;=================================================================================================
183. ; Function:            _MemoryClose($ah_Handle)
184. ; Description:        Closes the process handle opened by using _MemoryOpen().
185. ; Parameter(s):        $ah_Handle - An array containing the Dll handle and the handle of the open
186. ;                                 process as returned by _MemoryOpen().
187. ; Requirement(s):    The $ah_Handle returned from _MemoryOpen.
188. ; Return Value(s):    On Success - Returns 1
189. ;                    On Failure - Returns 0
190. ;                    @Error - 0 = No error.
191. ;                             1 = Invalid $ah_Handle.
192. ;                             2 = Unable to close the process handle.
193. ; Author(s):        Nomad
194. ; Note(s):
195. ;=================================================================================================
196. Func _MemoryClose($ah_Handle)
197.  
198.     If Not IsArray($ah_Handle) Then
199.         SetError(1)
200.         Return 0
201.     EndIf
202.  
203.     DllCall($ah_Handle[0], 'int', 'CloseHandle', 'int', $ah_Handle[1])
204.     If Not @Error Then
205.         DllClose($ah_Handle[0])
206.         Return 1
207.     Else
208.         DllClose($ah_Handle[0])
209.         SetError(2)
210.         Return 0
211.     EndIf
212.  
213. EndFunc
214.  
215. ;=================================================================================================
216. ; Function:            _MemoryPointerRead ($iv_Address, $ah_Handle, $av_Offset(, $sv_Type))
217. ; Description:        Reads a chain of pointers and returns an array containing the destination
218. ;                    address and the data at the address.
219. ; Parameter(s):        $iv_Address - The static memory address you want to start at. It must be in
220. ;                                  hex format (0x00000000).
221. ;                    $ah_Handle - An array containing the Dll handle and the handle of the open
222. ;                                 process as returned by _MemoryOpen().
223. ;                    $av_Offset - An array of offsets for the pointers.  Each pointer must have an
224. ;                                 offset.  If there is no offset for a pointer, enter 0 for that
225. ;                                 array dimension. (Offsets must be in decimal format, NOT hex!)
226. ;                    $sv_Type - (optional) The "Type" of data you intend to read at the destination
227. ;                                 address.  This is set to 'dword'(32bit(4byte) signed integer) by
228. ;                                 default.  See the help file for DllStructCreate for all types.
229. ; Requirement(s):    The $ah_Handle returned from _MemoryOpen.
230. ; Return Value(s):    On Success - Returns an array containing the destination address and the value
231. ;                                 located at the address.
232. ;                    On Failure - Returns 0
233. ;                    @Error - 0 = No error.
234. ;                             1 = $av_Offset is not an array.
235. ;                             2 = Invalid $ah_Handle.
236. ;                             3 = $sv_Type is not a string.
237. ;                             4 = $sv_Type is an unknown data type.
238. ;                             5 = Failed to allocate the memory needed for the DllStructure.
239. ;                             6 = Error allocating memory for $sv_Type.
240. ;                             7 = Failed to read from the specified process.
241. ; Author(s):        Nomad
242. ; Note(s):            Values returned are in Decimal format, unless a 'char' type is selected.
243. ;                    Set $av_Offset like this:
244. ;                    $av_Offset[0] = NULL (not used)
245. ;                    $av_Offset[1] = Offset for pointer 1 (all offsets must be in Decimal)
246. ;                    $av_Offset[2] = Offset for pointer 2
247. ;                    etc...
248. ;                    (The number of array dimensions determines the number of pointers)
249. ;=================================================================================================
250. Func _MemoryPointerRead ($iv_Address, $ah_Handle, $av_Offset, $sv_Type = 'dword')
251.  
252.     If IsArray($av_Offset) Then
253.         If IsArray($ah_Handle) Then
254.             Local $iv_PointerCount = UBound($av_Offset) - 1
255.         Else
256.             SetError(2)
257.             Return 0
258.         EndIf
259.     Else
260.         SetError(1)
261.         Return 0
262.     EndIf
263.  
264.     Local $iv_Data[2], $i
265.     Local $v_Buffer = DllStructCreate('dword')
266.  
267.     For $i = 0 to $iv_PointerCount
268.  
269.         If $i = $iv_PointerCount Then
270.             $v_Buffer = DllStructCreate($sv_Type)
271.             If @Error Then
272.                 SetError(@Error + 2)
273.                 Return 0
274.             EndIf
275.  
276.             $iv_Address = '0x' & hex($iv_Data[1] + $av_Offset[$i])
277.             DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
278.             If @Error Then
279.                 SetError(7)
280.                 Return 0
281.             EndIf
282.  
283.             $iv_Data[1] = DllStructGetData($v_Buffer, 1)
284.  
285.         ElseIf $i = 0 Then
286.             DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
287.             If @Error Then
288.                 SetError(7)
289.                 Return 0
290.             EndIf
291.  
292.             $iv_Data[1] = DllStructGetData($v_Buffer, 1)
293.  
294.         Else
295.             $iv_Address = '0x' & hex($iv_Data[1] + $av_Offset[$i])
296.             DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
297.             If @Error Then
298.                 SetError(7)
299.                 Return 0
300.             EndIf
301.  
302.             $iv_Data[1] = DllStructGetData($v_Buffer, 1)
303.  
304.         EndIf
305.  
306.     Next
307.  
308.     $iv_Data[0] = $iv_Address
309.  
310.     Return $iv_Data
311.  
312. EndFunc
313.  
314. ;=================================================================================================
315. ; Function:            _MemoryPointerWrite ($iv_Address, $ah_Handle, $av_Offset, $v_Data(, $sv_Type))
316. ; Description:        Reads a chain of pointers and writes the data to the destination address.
317. ; Parameter(s):        $iv_Address - The static memory address you want to start at. It must be in
318. ;                                  hex format (0x00000000).
319. ;                    $ah_Handle - An array containing the Dll handle and the handle of the open
320. ;                                 process as returned by _MemoryOpen().
321. ;                    $av_Offset - An array of offsets for the pointers.  Each pointer must have an
322. ;                                 offset.  If there is no offset for a pointer, enter 0 for that
323. ;                                 array dimension.
324. ;                    $v_Data - The data to be written.
325. ;                    $sv_Type - (optional) The "Type" of data you intend to write at the destination
326. ;                                 address.  This is set to 'dword'(32bit(4byte) signed integer) by
327. ;                                 default.  See the help file for DllStructCreate for all types.
328. ; Requirement(s):    The $ah_Handle returned from _MemoryOpen.
329. ; Return Value(s):    On Success - Returns the destination address.
330. ;                    On Failure - Returns 0.
331. ;                    @Error - 0 = No error.
332. ;                             1 = $av_Offset is not an array.
333. ;                             2 = Invalid $ah_Handle.
334. ;                             3 = Failed to read from the specified process.
335. ;                             4 = $sv_Type is not a string.
336. ;                             5 = $sv_Type is an unknown data type.
337. ;                             6 = Failed to allocate the memory needed for the DllStructure.
338. ;                             7 = Error allocating memory for $sv_Type.
339. ;                             8 = $v_Data is not in the proper format to be used with the
340. ;                                 "Type" selected for $sv_Type, or it is out of range.
341. ;                             9 = Failed to write to the specified process.
342. ; Author(s):        Nomad
343. ; Note(s):            Data written is in Decimal format, unless a 'char' type is selected.
344. ;                    Set $av_Offset like this:
345. ;                    $av_Offset[0] = NULL (not used, doesn't matter what's entered)
346. ;                    $av_Offset[1] = Offset for pointer 1 (all offsets must be in Decimal)
347. ;                    $av_Offset[2] = Offset for pointer 2
348. ;                    etc...
349. ;                    (The number of array dimensions determines the number of pointers)
350. ;=================================================================================================
351. Func _MemoryPointerWrite ($iv_Address, $ah_Handle, $av_Offset, $v_Data, $sv_Type = 'dword')
352.  
353.     If IsArray($av_Offset) Then
354.         If IsArray($ah_Handle) Then
355.             Local $iv_PointerCount = UBound($av_Offset) - 1
356.         Else
357.             SetError(2)
358.             Return 0
359.         EndIf
360.     Else
361.         SetError(1)
362.         Return 0
363.     EndIf
364.  
365.     Local $iv_StructData, $i
366.     Local $v_Buffer = DllStructCreate('dword')
367.  
368.     For $i = 0 to $iv_PointerCount
369.         If $i = $iv_PointerCount Then
370.             $v_Buffer = DllStructCreate($sv_Type)
371.             If @Error Then
372.                 SetError(@Error + 3)
373.                 Return 0
374.             EndIf
375.  
376.             DllStructSetData($v_Buffer, 1, $v_Data)
377.             If @Error Then
378.                 SetError(8)
379.                 Return 0
380.             EndIf
381.  
382.             $iv_Address = '0x' & hex($iv_StructData + $av_Offset[$i])
383.             DllCall($ah_Handle[0], 'int', 'WriteProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
384.             If @Error Then
385.                 SetError(9)
386.                 Return 0
387.             Else
388.                 Return $iv_Address
389.             EndIf
390.         ElseIf $i = 0 Then
391.             DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
392.             If @Error Then
393.                 SetError(3)
394.                 Return 0
395.             EndIf
396.  
397.             $iv_StructData = DllStructGetData($v_Buffer, 1)
398.  
399.         Else
400.             $iv_Address = '0x' & hex($iv_StructData + $av_Offset[$i])
401.             DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
402.             If @Error Then
403.                 SetError(3)
404.                 Return 0
405.             EndIf
406.  
407.             $iv_StructData = DllStructGetData($v_Buffer, 1)
408.  
409.         EndIf
410.     Next
411.  
412. EndFunc
413.  
414.  
415. ;==================================================================================
416. ; Function:            SetPrivilege( $privilege, $bEnable )
417. ; Description:        Enables (or disables) the $privilege on the current process
418. ;                   (Probably) requires administrator privileges to run
419. ;
420. ; Author(s):        Larry (from autoitscript.com's Forum)
421. ; Notes(s):
422. ; http://www.autoitscript.com/forum/index.php?s=&showtopic=31248&view=findpost&p=223999
423. ;==================================================================================
424.  
425. Func SetPrivilege( $privilege, $bEnable )
426.     Const $TOKEN_ADJUST_PRIVILEGES = 0x0020
427.     Const $TOKEN_QUERY = 0x0008
428.     Const $SE_PRIVILEGE_ENABLED = 0x0002
429.     Local $hToken, $SP_auxret, $SP_ret, $hCurrProcess, $nTokens, $nTokenIndex, $priv
430.     $nTokens = 1
431.     $LUID = DLLStructCreate("dword;int")
432.     If IsArray($privilege) Then    $nTokens = UBound($privilege)
433.     $TOKEN_PRIVILEGES = DLLStructCreate("dword;dword[" & (3 * $nTokens) & "]")
434.     $NEWTOKEN_PRIVILEGES = DLLStructCreate("dword;dword[" & (3 * $nTokens) & "]")
435.     $hCurrProcess = DLLCall("kernel32.dll","hwnd","GetCurrentProcess")
436.     $SP_auxret = DLLCall("advapi32.dll","int","OpenProcessToken","hwnd",$hCurrProcess[0],   _
437.             "int",BitOR($TOKEN_ADJUST_PRIVILEGES,$TOKEN_QUERY),"int*",0)
438.     If $SP_auxret[0] Then
439.         $hToken = $SP_auxret[3]
440.         DLLStructSetData($TOKEN_PRIVILEGES,1,1)
441.         $nTokenIndex = 1
442.         While $nTokenIndex <= $nTokens
443.             If IsArray($privilege) Then
444.                 $ntokenvar=$ntokenindex-1
445.                 $priv = $privilege[$ntokenvar]
446.             Else
447.                 $priv = $privilege
448.             EndIf
449.             $ret = DLLCall("advapi32.dll","int","LookupPrivilegeValue","str","","str",$priv,   _
450.                     "ptr",DLLStructGetPtr($LUID))
451.             If $ret[0] Then
452.                 If $bEnable Then
453.                     DLLStructSetData($TOKEN_PRIVILEGES,2,$SE_PRIVILEGE_ENABLED,(3 * $nTokenIndex))
454.                 Else
455.                     DLLStructSetData($TOKEN_PRIVILEGES,2,0,(3 * $nTokenIndex))
456.                 EndIf
457.                 DLLStructSetData($TOKEN_PRIVILEGES,2,DllStructGetData($LUID,1),(3 * ($nTokenIndex-1)) + 1)
458.                 DLLStructSetData($TOKEN_PRIVILEGES,2,DllStructGetData($LUID,2),(3 * ($nTokenIndex-1)) + 2)
459.                 DLLStructSetData($LUID,1,0)
460.                 DLLStructSetData($LUID,2,0)
461.             EndIf
462.             $nTokenIndex += 1
463.         WEnd
464.         $ret = DLLCall("advapi32.dll","int","AdjustTokenPrivileges","hwnd",$hToken,"int",0,   _
465.                 "ptr",DllStructGetPtr($TOKEN_PRIVILEGES),"int",DllStructGetSize($NEWTOKEN_PRIVILEGES),   _
466.                 "ptr",DllStructGetPtr($NEWTOKEN_PRIVILEGES),"int*",0)
467.         $f = DLLCall("kernel32.dll","int","GetLastError")
468.     EndIf
469.     $NEWTOKEN_PRIVILEGES=0
470.     $TOKEN_PRIVILEGES=0
471.     $LUID=0
472.     If $SP_auxret[0] = 0 Then Return 0
473.     $SP_auxret = DLLCall("kernel32.dll","int","CloseHandle","hwnd",$hToken)
474.     If Not $ret[0] And Not $SP_auxret[0] Then Return 0
475.     return $ret[0]
476. EndFunc  ;==>SetPrivilege
477.  
478. ;===================================================================================================
479.  
480. ; Function........:  _MemoryGetBaseAddress($ah_Handle, $iHD)
481. ;
482. ; Description.....:  Reads the 'Allocation Base' from the open process.
483. ;
484. ; Parameter(s)....:  $ah_Handle - An array containing the Dll handle and the handle of the open
485. ;                               process as returned by _MemoryOpen().
486. ;                    $iHD - Return type:
487. ;                       |0 = Hex (Default)
488. ;                       |1 = Dec
489. ;
490. ; Requirement(s)..:  A valid process ID.
491. ;
492. ; Return Value(s).:  On Success - Returns the 'allocation Base' address and sets @Error to 0.
493. ;                    On Failure - Returns 0 and sets @Error to:
494. ;                  |1 = Invalid $ah_Handle.
495. ;                  |2 = Failed to find correct allocation address.
496. ;                  |3 = Failed to read from the specified process.
497. ;
498. ; Author(s).......:  Nomad. Szhlopp.
499. ; URL.............:  http://www.autoitscript.com/forum/index.php?showtopic=78834
500. ; Note(s).........:  Go to Www.CheatEngine.org for the latest version of CheatEngine.
501. ;===================================================================================================
502.  
503. Func _MemoryGetBaseAddress($ah_Handle, $iHexDec = 0)
504.  
505.     Local $iv_Address = 0x00100000
506.     Local $v_Buffer = DllStructCreate('dword;dword;dword;dword;dword;dword;dword')
507.     Local $vData
508.     Local $vType
509.  
510.     If Not IsArray($ah_Handle) Then
511.         SetError(1)
512.         Return 0
513.     EndIf
514.  
515.  
516.     DllCall($ah_Handle[0], 'int', 'VirtualQueryEx', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer))
517.  
518.     If Not @Error Then
519.  
520.         $vData = Hex(DllStructGetData($v_Buffer, 2))
521.         $vType = Hex(DllStructGetData($v_Buffer, 3))
522.  
523.         While $vType <> "00000080"
524.             DllCall($ah_Handle[0], 'int', 'VirtualQueryEx', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer))
525.             $vData = Hex(DllStructGetData($v_Buffer, 2))
526.             $vType = Hex(DllStructGetData($v_Buffer, 3))
527.             If Hex($iv_Address) = "01000000" Then ExitLoop
528.             $iv_Address += 65536
529.  
530.         WEnd
531.  
532.         If $vType = "00000080" Then
533.             SetError(0)
534.             If $iHexDec = 1 Then
535.                 Return Dec($vData)
536.             Else
537.                 Return $vData
538.             EndIf
539.  
540.         Else
541.             SetError(2)
542.             Return 0
543.         EndIf
544.  
545.     Else
546.         SetError(3)
547.         Return 0
548.     EndIf
549.  
550. EndFunc   ;==>_MemoryGetBaseAddress
551.  
552. Func _MemoryModuleGetBaseAddress($iPID, $sModule)
553.     If Not ProcessExists($iPID) Then Return SetError(1, 0, 0)
554.  
555.     If Not IsString($sModule) Then Return SetError(2, 0, 0)
556.  
557.     Local   $PSAPI = DllOpen("psapi.dll")
558.  
559.     ;Get Process Handle
560.     Local   $hProcess
561.     Local   $PERMISSION = BitOR(0x0002, 0x0400, 0x0008, 0x0010, 0x0020) ; CREATE_THREAD, QUERY_INFORMATION, VM_OPERATION, VM_READ, VM_WRITE
562.  
563.     If $iPID > 0 Then
564.         Local $hProcess = DllCall("kernel32.dll", "ptr", "OpenProcess", "dword", $PERMISSION, "int", 0, "dword", $iPID)
565.         If $hProcess[0] Then
566.             $hProcess = $hProcess[0]
567.         EndIf
568.     EndIf
569.  
570.     ;EnumProcessModules
571.     Local   $Modules = DllStructCreate("ptr[1024]")
572.     Local   $aCall = DllCall($PSAPI, "int", "EnumProcessModules", "ptr", $hProcess, "ptr", DllStructGetPtr($Modules), "dword", DllStructGetSize($Modules), "dword*", 0)
573.     If $aCall[4] > 0 Then
574.         Local   $iModnum = $aCall[4] / 4
575.         Local   $aTemp
576.         For $i = 1 To $iModnum
577.             $aTemp =  DllCall($PSAPI, "dword", "GetModuleBaseNameW", "ptr", $hProcess, "ptr", Ptr(DllStructGetData($Modules, 1, $i)), "wstr", "", "dword", 260)
578.             If $aTemp[3] = $sModule Then
579.                 DllClose($PSAPI)
580.                 Return Ptr(DllStructGetData($Modules, 1, $i))
581.             EndIf
582.         Next
583.     EndIf
584.  
585.     DllClose($PSAPI)
586.     Return SetError(-1, 0, 0)
587.  
588. EndFunc
589.  
590. #endregion
591.