Data hosted with ♥ by Pastebin.com - Download Raw - See Original
  1. ---- AOBScanModule: Original post by TheyCallMeTim13
  2. ---- function AOBScanModule(moduleName, signature, aobSignaturePrivileges, alignmentType, alignmentParam)
  3. ---- moduleName: Execueable name
  4. ---- signature: aobstring
  5. ---- aobSignaturePrivileges: Executable flag: same as aobscan protectionflags. data type is string.
  6. ----  X=Executable W=Writable memory C=Copy On Write. Add a + to indicate that flag MUST be set  
  7. ----  and a - to indicate that that flag MUST NOT be set. (* sets it to don't care)
  8. ----  Examples:
  9. ----    +W-C = Writable memory exluding copy on write and doesn't care about the Executable flag
  10. ----    +X-C-W = Find readonly executable memory
  11. ----    +W = Finds all writable memory and don't care about copy on write or execute
  12. ----    "" = Find everything (is the same as "*X*C*W" )
  13. ---- alignmentType (optional): number :
  14. ----   The module to scan for the array of bytes.
  15. ----   0 : No alignment check
  16. ----   1 : Address must be dividable by alignment parameter.
  17. ----   2 : Address must end with alignment parameter.
  18. ---- alignmentParam (optional): string :
  19. ----   Alignment parameter is a string which either holds the value the addresses must be
  20. ----   dividable by or what the last digits of the address must be.
  21. ---- Return:
  22. ----   userdata : TFoundList :
  23. ----   A list of found addresses.
  24.  
  25.  
  26. function AOBScanModule(moduleName, signature, aobSignaturePrivileges, alignmentType, alignmentParam)
  27.     --checkArgType(moduleName, 1, 'string')
  28.     if not signature or not moduleName then return end
  29.     index = index or 1
  30.     local modStartAddr = getAddress(moduleName)
  31.     local modEndAddr = modStartAddr + getModuleSize(moduleName)
  32.     local ms = createMemScan()
  33.     if type(signature) == 'table' then
  34.         local sig = ''
  35.         for i, byte in ipairs(signature) do
  36.             sig = sig..string.format('%02X', byte)
  37.         end
  38.         signature = sig
  39.     end
  40.     ms.firstScan(soExactValue, vtByteArray, nil, signature, nil, modStartAddr, modEndAddr,
  41.                  aobSignaturePrivileges, alignmentType, alignmentParam, true, true, false, false)
  42.     ms.waitTillDone()
  43.     local results = createFoundList(ms)
  44.     results.initialize()
  45.     ms.destroy()
  46.     return results
  47. end
  48.  
  49. registerLuaFunctionHighlight('AOBScanModule')
  50.  
  51.