Simple Pattern Scanner

[Edlmann]

As im sealing my trainer development for now, i decided to release the source of my pattern scanner i use in my hack. Its a really simple one, and i already have a more advanced version, but to get the idea, this is enough.

Code:

function TMainForm.FindPatterns(SAddr, SLength: Integer; sPattern: String): Integer;
var buf: array of Byte;
  raw: String;
  i, foundpos: Integer;
begin
  Result := 0;
  //Set Scan-Length
  SetLength(buf, SLength);
  //Null the Buffer
  for i := 0 to Length(buf)-1 do
      Buf[i] := 0;
  //Read out the Memory Values
  RPM(SAddr, buf);
  //Translate into an hex-String
  raw := '';
  for i := 0 to Length(buf)-1 do
    raw := raw + StrToHex(Chr(buf[i]));
  //Searching the position the pattern is contained in raw
  //div 2 is needed because 1 byte = 2 Hex-Chars
  foundpos := pos(sPattern, raw) div 2;
  //if it was found anywhere, return that value
  if foundpos <> 0 then
  Result := foundpos + SAddr;
end;

For calling this procedure (which is delphi btw), you have to have 3 parameters: A start adress (SAddr), the Length of the Area that will be scanned (Slength) and the pattern you want to search for (SPattern).
if you want to find e.g. Health for BlackOps, these 3 parameters wil work:

PATTERN_START_ADDR = $1B00000;
PATTERN_LEN = $100000;
HEALTH_PATTERN = '0000000000640000000000000064';

The procedure RPM just reads out the Memory of BlackOps into an array of byte. This is then translated into an Hexadecimal string (raw).

It is a really simple one, but for understanding the idea behind it, its okey.
An extension would be masking the pattern, so you can say stuff like "the first 10 signs have to be exactly the same, the next 6 dont matter, last 6 need to be the same again", but that would need regular expressions, which would let this thread explode :P

Thanks if i helped,
Edlmann