How to get value of ram address using module + base pointer + offsets?

Question

I'm trying to use Autohotkey for reading out some RAM values. To do this I'm using the following library:

https://github.com/Kalamity/SC2-MacroTrainer/blob/master/Lib/classMemory.ahk

Documention on how this library works is clearly written on top of it, but it lacks any documentation on how to use this with a module.

My base pointer is: "jvm.dll"+00338E84

My offsets are (top to bottom): 0x8, 0x294, 0x4B8, 0x24, 0x20

My code so far is:

#include %a_scriptdir%/classMemory.ahk

java := new _ClassMemory("ahk_exe javaw.exe", "", hProcessCopy)

if !isObject(java)
    msgbox failed to open a handle

myBase := java.getModuleBaseAddress("jvm.dll")
pointerBase := myBase + 0x00338E84

arrayPointerOffsets := [0x20, 0x24, 0x4B8, 0x294, 0x8]
value := java.read(pointerBase, "UInt", arrayPointerOffsets*)

msgbox %value%

Unfortunately this is not working. Obviously the pointerBase calculation is wrong. Been trying to use all kinds of variations for 2 days now without success. Could anyone explain me what I'm doing wrong and how to fix it?

Answer 1

I don't really have time to check the library you are using, but here are some tips:
If your target process runs as admin your program will have to, too. Also you might wanna set SeDebugPrivileges (if the lib isn't doing it on it's own).

If !A_IsAdmin {
    Run *RunAs "%A_ScriptFullPath%"
    ExitApp
}

SetSeDebugPrivilege()

SetSeDebugPrivilege(enable := True)
{
    h := DllCall("OpenProcess", "UInt", 0x0400, "Int", false, "UInt", DllCall("GetCurrentProcessId"), "Ptr")
    ; Open an adjustable access token with this process (TOKEN_ADJUST_PRIVILEGES = 32)
    DllCall("Advapi32.dll\OpenProcessToken", "Ptr", h, "UInt", 32, "PtrP", t)
    VarSetCapacity(ti, 16, 0)  ; structure of privileges
    NumPut(1, ti, 0, "UInt")  ; one entry in the privileges array...
    ; Retrieves the locally unique identifier of the debug privilege:
    DllCall("Advapi32.dll\LookupPrivilegeValue", "Ptr", 0, "Str", "SeDebugPrivilege", "Int64P", luid)
    NumPut(luid, ti, 4, "Int64")
    if enable
        NumPut(2, ti, 12, "UInt")  ; enable this privilege: SE_PRIVILEGE_ENABLED = 2
    ; Update the privileges of this process with the new access token:
    r := DllCall("Advapi32.dll\AdjustTokenPrivileges", "Ptr", t, "Int", false, "Ptr", &ti, "UInt", 0, "Ptr", 0, "Ptr", 0)
    DllCall("CloseHandle", "Ptr", t)  ; close this access token handle to save memory
    DllCall("CloseHandle", "Ptr", h)  ; close this process handle to save memory
    return r
}

To read offsets you simply have to add them to your address.
So let's pretend you are memory reading a game. And you wanna read the health of player one which is always stored in ["example.dll"+0x01088450]+0x4 (as float value). Then you would have to go like this (if you work with raw ReadProcessMemory or similar):

player1moduleOffset := 0x01088450  
healthOffset := 0x4  

moduleBaseAddress := GetModuleAddr("example.dll")  
player1BaseAddress := moduleBaseAddress+player1moduleOffset  
player1Base := MemoryReasAsInt(player1BaseAddress)  
player1HealthAddress := player1Base+healthOffset  
player1Health := MemoryReasAsFloat(player1HealthAddress)  

Answer 2

With the help of the library developer I managed to fix the issue. This is the working code:

#include %a_scriptdir%/classMemory.ahk

java := new _ClassMemory("ahk_exe javaw.exe")
if !isObject(java)
    msgbox failed to open a handle

baseAddress := java.getModuleBaseAddress("jvm.dll")

arrayPointerOffsets := [0x20, 0x24, 0x4B8, 0x294, 0x8]
value := java.read(baseAddress + 0x00338E84, "UInt", arrayPointerOffsets*)

msgbox %value%