Heyho ppl,

as the title says, my pointer scan can't find an address which CE finds (AoB search).

Array of Byte:
Code:
2B C1 88 47 4A 8D 87 90 00 00 00 8B 4D 10 89 08 8B 4D 14 89 48 04 8B 4D 18 89 48 08 8B 47 10 89 45 D4 83 EC 08 6A 01 68 ?? ?? ?? ?? E8 ?? ?? ?? ?? 83 C4 10 89 45 CC 89 45 D0 0F B6 47 4A 89 45
The address for this AoB was found by CE(e.g. 3A73BFB1, non-static).
(Info: The scan success if the player was damaged once)
After injecting the DLL and pressing F1, the address is not displayed (even if the player was damaged once).

Code - main.cpp:
Code:
#include <windows.h>
#include <stdio.h>
#include "Pattern.h"

bool HealthStatus = false;
char* HealthPattern = "\x2B\xC1\x88\x47\x4A\x8D\x87\x90\x00\x00\x00\x8B\x4D\x10\x89\x08\x8B\x4D\x14\x89\x48\x04\x8B\x4D\x18\x89\x48\x08\x8B\x47\x10\x89\x45\xD4\x83\xEC\x08\x6A\x01\x68\x00\x00\x00\x00\xE8\x00\x00\x00\x00\x83\xC4\x10\x89\x45\xCC\x89\x45\xD0\x0F\xB6\x47\x4A\x89\x45";
char* HealthMask = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx????x????xxxxxxxxxxxxxxx";
char HealthNew[] = "\x90\x90";
char HealthOld[] = "\x2B\xC1";

bool IsGameReadyForHook()
{
	if( GetModuleHandleA( "Unturned.exe" ) != NULL )
		return true;

	return false;
}

void SearchPatterns(void)
{
	while (!IsGameReadyForHook()){
		Sleep(50);

	}
	while(IsGameReadyForHook()){

		if(GetAsyncKeyState(VK_F1))
		{

			DWORD dwHealth = FindPattern("Unturned.exe", HealthPattern, HealthMask);
			MsgBoxAddy(dwHealth);
			if(dwHealth != -1)
			{

				HealthStatus = !HealthStatus;
				if(HealthStatus)
				{
					WriteToMem(dwHealth, HealthNew, 2);
				}
				else
				{
					WriteToMem(dwHealth, HealthOld, 2);
				}
			} else {
				MessageBoxA(NULL, "Get hit once first!", "Error", MB_OK);	
			}
		}
	}
}

BOOL WINAPI DllMain ( HMODULE hDll, DWORD dwReason, LPVOID lpReserved )
{
	if (dwReason==DLL_PROCESS_ATTACH)
	{
		CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)SearchPatterns, NULL, NULL, NULL);		
	}
	return TRUE;
}
Code - Pattern.h
Code:
#include <iostream>
#include <Windows.h>
#include <TlHelp32.h>
#include <Psapi.h>

void MsgBoxAddy(DWORD address)
{
	char szBuffer[1024];
	sprintf_s(szBuffer, "Address: %02x", address);
	MessageBox(NULL, szBuffer, "Title", MB_OK);
}

MODULEINFO GetModuleInfo(char* szModule)
{
	MODULEINFO modInfo = {0};
	HMODULE hModule = GetModuleHandle(szModule);
	if(hModule == 0)
		return modInfo;

	GetModuleInformation(GetCurrentProcess(), hModule, &modInfo, sizeof(MODULEINFO));
	return modInfo;
}

void WriteToMem(uintptr_t addressToWrite, char* valueToWrite, int byteNum)
{
	unsigned long oldProtection;

	VirtualProtect((LPVOID)(addressToWrite), byteNum, PAGE_EXECUTE_READWRITE, &oldProtection);

	memcpy((LPVOID)(addressToWrite), valueToWrite, byteNum);

	VirtualProtect((LPVOID)(addressToWrite), byteNum, oldProtection, NULL);
}
DWORD FindPattern(char *module, char *pattern, char*mask)
{
	MODULEINFO mInfo = GetModuleInfo(module);
	DWORD base = (DWORD)mInfo.lpBaseOfDll;
	DWORD size = (DWORD)mInfo.SizeOfImage;
	DWORD patternLength = (DWORD) strlen(mask);

		for(DWORD i=0; i < size- patternLength; i++)
		{
			bool found = true;
			for(DWORD j = 0; j < patternLength; j++)
			{
				found &= mask[j] == '?' || pattern[j] == *(char*)(base+i+j);
			}
			if(found)
				return base+i;
		}

		return -1;
			
}