What's new

C/C++ [Xbox 360] Reading physical memory.

  • Thread starter XxZingyxX
  • Start date
  • Views 2,083
XxZingyxX

XxZingyxX

Enthusiast
Messages
69
Reaction score
9
Points
65
Sin$
0
Hi, so I was reading a trainer making guide I found on the internet and the guy was using a tool called X360 Trainer Tool instead of dumping his RAM everytime. I tried to find it but apparently it's not public. So I was wondering if there wasn't a way to make a Dashlaunch plugin that could do something similar. The idea would be that the plugin would act as a server and the client, on PC, would ask it to find a value in the RAM, then the server sends the addresses to the client. After that, you could filter the list of addresses you found with another value, etc. The problem is, I don't know how to read the physical memory. I found that I could use ReadProcessMemory function but it's not in the sdk(or I couldn't find it). Also, I need information about how to read to find a value. Let's say I want to find an int in a memory like this:
Code:
5A 62 C7 19 BE 00 00 00 00 00 00 0A 52 41 A6 ED
So if I read the tutorial right, the int would be 8bytes long. Meaning that if the int I'm looking for is 2642, I'd have to go through each bytes like this:
Code:
5A 62 C7 19 BE 00 00 00 = 6512986924506939392
62 C7 19 BE 00 00 00 00 = 7117686039916838912
C7 19 BE 00 00 00 00 00 = 1.43467069952E+19
19 BE 00 00 00 00 00 00 = 1854920096523223040
BE 00 00 00 00 00 00 0A = 1.36909428672E+19
00 00 00 00 00 00 0A 52 = 2642 <-- This would be the address?(0x00000005)
Then keep going....

This is a question by the way, so if my method is totally wrong, tell me, I'm just speculating about what I understood from memory reading.

One last thing. Since it's useful to find a value when the memory is frozen, how could I freeze the memory? Can I simply freeze it using Peek Poker or Visual Studio? Or will it freeze my plugin too?

Also, will this method be as long as dumping the memory?

Thanks in advance!
 
Fire30

Fire30

Seasoned Member
Messages
7,222
Reaction score
2,364
Points
635
Sin$
0
I think that the easiest way to read memory is to use xdevkit. The library has get and set memory functions. You will need to have the xbdm plugin installed if you are not on dev. If you look in the sdk documentation it will have a good description of what xdevkit can do.
 
XxZingyxX

XxZingyxX

Enthusiast
Messages
69
Reaction score
9
Points
65
Sin$
0
I think that the easiest way to read memory is to use xdevkit. The library has get and set memory functions. You will need to have the xbdm plugin installed if you are not on dev. If you look in the sdk documentation it will have a good description of what xdevkit can do.
I'll take a look at that, thanks!

EDIT: Looking at this, it seems it's for C#. Does it work as a C++ library too or do I have to learn C#?
 
Last edited:
Fire30

Fire30

Seasoned Member
Messages
7,222
Reaction score
2,364
Points
635
Sin$
0
I'll take a look at that, thanks!

EDIT: Looking at this, it seems it's for C#. Does it work as a C++ library too or do I have to learn C#?
oh sorry my bad, you should be able to use the xbdm library. I believe it has the same functionality.
 
XxZingyxX

XxZingyxX

Enthusiast
Messages
69
Reaction score
9
Points
65
Sin$
0
oh sorry my bad, you should be able to use the xbdm library. I believe it has the same functionality.
Ah okay, thought I had to use both at the same time. I'll definitely look into this.
 
AceInfinity

AceInfinity

Enthusiast
Messages
146
Reaction score
39
Points
85
Sin$
0
Code:
5A 62 C7 19 BE 00 00 00 00 00 00 0A 52 41 A6 ED

That's not really an int, unless you have a way to store a 128 bit integer. This would be more like 4 regular sized (32 bit) integers...

Lastly, what SDK are you talking about? ReadProcessMemory is a Windows function from Kernel32.dll. If you're using C#, you'll have to P/Invoke this function, otherwise, it's available in C/C++ by including the <windows.h> header.

If you don't know as much about P/Invoke, then chances are you won't understand much of what you're doing, whether you're reading a tutorial or not, to be able to jump right in and make a game trainer..
 
XxZingyxX

XxZingyxX

Enthusiast
Messages
69
Reaction score
9
Points
65
Sin$
0
Code:
5A 62 C7 19 BE 00 00 00 00 00 00 0A 52 41 A6 ED

That's not really an int, unless you have a way to store a 128 bit integer. This would be more like 4 regular sized (32 bit) integers...

Lastly, what SDK are you talking about? ReadProcessMemory is a Windows function from Kernel32.dll. If you're using C#, you'll have to P/Invoke this function, otherwise, it's available in C/C++ by including the <windows.h> header.

If you don't know as much about P/Invoke, then chances are you won't understand much of what you're doing, whether you're reading a tutorial or not, to be able to jump right in and make a game trainer..

I'm not using C#, but C++. Also, I was talking about the Xbox 360 SDK. But yeah, that's exactly what I was asking, what should I look for in the memory? I'd look for a 4 bytes integer then? Or both 4 and 8 bytes? The thing you quoted by the way was a part of a fictional memory, not an actual integer.
 
Xeren

Xeren

♦♦♦ God Complex ♦♦♦
Legendary Veteran Programmer Modder
Messages
5,668
Reaction score
2,107
Points
795
Sin$
0
I'm not using C#, but C++. Also, I was talking about the Xbox 360 SDK. But yeah, that's exactly what I was asking, what should I look for in the memory? I'd look for a 4 bytes integer then? Or both 4 and 8 bytes? The thing you quoted by the way was a part of a fictional memory, not an actual integer.
You grammar there lost me, but using "integer" usually describes a 32-bit(4 bytes) integer. The Xbox 360 doesn't usually use long integers(64-bit or 8 bytes). Your method is correct though. You'd have to shift one byte at a time.
 
XxZingyxX

XxZingyxX

Enthusiast
Messages
69
Reaction score
9
Points
65
Sin$
0
You grammar there lost me, but using "integer" usually describes a 32-bit(4 bytes) integer. The Xbox 360 doesn't usually use long integers(64-bit or 8 bytes). Your method is correct though. You'd have to shift one byte at a time.
Well, sorry about my grammar, I don't always take time to reread and rephrase everything I write. Anyways, 32-bit integer makes more sense indeed on the Xbox 360. And thanks for confirming that my method would work!
 
Top Bottom
Login
Register