Simple Pattern Scanner

[Edlmann]

As im sealing my trainer development for now, i decided to release the source of my pattern scanner i use in my hack. Its a really simple one, and i already have a more advanced version, but to get the idea, this is enough.

Code:

function TMainForm.FindPatterns(SAddr, SLength: Integer; sPattern: String): Integer;
var buf: array of Byte;
  raw: String;
  i, foundpos: Integer;
begin
  Result := 0;
  //Set Scan-Length
  SetLength(buf, SLength);
  //Null the Buffer
  for i := 0 to Length(buf)-1 do
      Buf[i] := 0;
  //Read out the Memory Values
  RPM(SAddr, buf);
  //Translate into an hex-String
  raw := '';
  for i := 0 to Length(buf)-1 do
    raw := raw + StrToHex(Chr(buf[i]));
  //Searching the position the pattern is contained in raw
  //div 2 is needed because 1 byte = 2 Hex-Chars
  foundpos := pos(sPattern, raw) div 2;
  //if it was found anywhere, return that value
  if foundpos <> 0 then
  Result := foundpos + SAddr;
end;

For calling this procedure (which is delphi btw), you have to have 3 parameters: A start adress (SAddr), the Length of the Area that will be scanned (Slength) and the pattern you want to search for (SPattern).
if you want to find e.g. Health for BlackOps, these 3 parameters wil work:

PATTERN_START_ADDR = $1B00000;
PATTERN_LEN = $100000;
HEALTH_PATTERN = '0000000000640000000000000064';

The procedure RPM just reads out the Memory of BlackOps into an array of byte. This is then translated into an Hexadecimal string (raw).

It is a really simple one, but for understanding the idea behind it, its okey.
An extension would be masking the pattern, so you can say stuff like "the first 10 signs have to be exactly the same, the next 6 dont matter, last 6 need to be the same again", but that would need regular expressions, which would let this thread explode :P

Thanks if i helped,
Edlmann

[pyton789]

Wow thats really simple.
The code for my aobscanner is about 5 times longer.

[Edlmann]

If you read closely you will have noticed that it says "simple pattern scanner". This is more meant to show the strategie behind it. My actuall pattern scanner uses RegExps, and takes up 250 lines of code. No errors on that one, but doesnt really help with newest version. But well, doesnt matter, will keep on developing games now. Hackin just isnt good for anything. You won't need it anytime again.

[ლ(ಠ_ಠლ)]

Niceeeeeeeeee. Delphi right?

[Edlmann]

Niceeeeeeeeee. Delphi right?

For calling this procedure (which is delphi btw),

Yeah, seems to be right ^^

[lolbie]

nice man that u released this one

[ლ(ಠ_ಠლ)]

Yeah, seems to be right ^^

didn't read the part under your code. Delphi is actually really really used at my country. I personally like it, but never ever tried to learn it.

[Edlmann]

You can do nearly everything with it... and you dont need some .net framework installed

[iFireLazers]

No reg expressions necessary to match patterns...

[[MPGH]master131]

No reg expressions necessary to match patterns...

I coded the same thing in C++ with mask support, no regexp needed.

[Edlmann]

But its way faster with regexps ^^

[iFireLazers]

No, regular expression parsing is VERY slow.

It's like String manipulation, CPU's aren't optimized for it.