Jump to content

Sky Slate Blueberry Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate
Photo

[Solved]DllCall(Module32First)Calculating base addr

Started by ameyrick , Oct 01 2011 11:42 PM

  • Please log in to reply
3 replies to this topic
ameyrick
  • Members
  • 69 posts
  • Last active: Feb 16 2015 11:28 AM
  • Joined: 19 Sep 2011
Hi, having problems running this code can anyone tell me why I keep getting the following error?

Module32First ERRORLEVEL 0 / 87

Running Win7/64, AutoHotkey_L Version v1.1.02.01

if not A_IsAdmin
{
   Run *RunAs "%A_ScriptFullPath%"  ; Requires v1.0.92.01+
   ExitApp
}

Base := GetDllBase()
MsgBox, %Base%
Return


GetDllBase( PID = 0,  Process = "ffxivgame.exe", DllName = "User32.dll" )
{
	Process, wait, %Process%, 0.5
	PID = %ErrorLevel%
	if PID = 0
	{
		error:= "The specified process could not be found."
		return error
	}

    TH32CS_SNAPMODULE := 0x00000008
    INVALID_HANDLE_VALUE = -1

    snapMod := DllCall("CreateToolhelp32Snapshot", "Uint", TH32CS_SNAPMODULE
                                                 , "Uint", PID)
    If (snapMod = INVALID_HANDLE_VALUE) {
		error =: "CreateToolhelp32Snapshot ERRORLEVEL " ERRORLEVEL " / " A_LastError
        Return error`
    }
	size:= sizeof(snapMod) ;//requires sizeof.ahk in /lib folder http://www.autohotkey.com/forum/viewtopic.php?t=59581&highlight=sizeof+var
	VarSetCapacity(me32, size, 0)
    NumPut(size, me32)
	
    If (DllCall("Module32First", "Uint", snapMod, "Uint", &me32)){
        while(DllCall("Module32Next", "Uint", snapMod, "UInt", &me32)) {
            If !DllCall("lstrcmpi", "Str", DllName, "UInt", &me32 + 32) {
                DllCall("CloseHandle", "UInt", snapMod)
                Return NumGet(&me32 + 20)
            }
        }
    }
	
	error := "Module32First ERRORLEVEL " ERRORLEVEL " / " A_LastError
    DllCall("CloseHandle", "Uint", snapMod)
    Return error
}


`::Reload

#1 - Posted 01 October 2011 - 11:42 PM
nimda
  • Members
  • 4368 posts
  • Last active: Aug 09 2015 02:36 AM
  • Joined: 26 Dec 2010
Try running on ANSI x32
#2 - Posted 02 October 2011 - 12:38 AM

Autofire, AutoClick, Toggle, SpamWindow Control Tools

Lexikos
  • Administrators
  • 9844 posts
  • AutoHotkey Foundation
  • Last active:
  • Joined: 17 Oct 2006

size:= sizeof(snapMod)

snapMod is just a number (a handle), whereas sizeof() expects a structure definition or object. In this case, you should be passing the definition of the MODULEENTRY32 structure.

Module32First ERRORLEVEL 0 / 87

87 is ERROR_INVALID_PARAMETER. The second parameter is invalid because sizeof() didn't return anything meaningful.

EXE files typically have a fixed base, determined when the file is compiled. You can read it from the file's header. Try this (AutoHotkey_L required):
SetFormat IntegerFast, H
MsgBox % GetImageBase(A_AhkPath) ; Replace A_AhkPath with path of executable.

GetImageBase(filename)
{
    static IMAGE_DOS_SIGNATURE := 0x5A4D
    static IMAGE_NT_SIGNATURE := 0x4550
    static IMAGE_SIZEOF_FILE_HEADER := 20
    static MAGIC_PE32 := 0x10B
    static MAGIC_PE32PLUS := 0x20B

    file := FileOpen(filename, "r")
    if !file
        return
    
    if (file.ReadUShort() != IMAGE_DOS_SIGNATURE)
    || !file.Seek(60) ; Seek to e_lfanew.
    || !file.Seek(file.ReadInt()) ; Seek to NT header.
    || (file.ReadUInt() != IMAGE_NT_SIGNATURE)
        return
    
    file.Seek(IMAGE_SIZEOF_FILE_HEADER, 1) ; Seek to optional header.
    
    magic := file.ReadUShort()
    if (magic = MAGIC_PE32)
    {
        file.Seek(26, 1)
        return file.ReadUInt()
    }
    else if (magic = MAGIC_PE32PLUS) ; x64
    {
        file.Seek(22, 1)
        return file.ReadInt64()
    }
}

#3 - Posted 02 October 2011 - 01:03 AM
ameyrick
  • Members
  • 69 posts
  • Last active: Feb 16 2015 11:28 AM
  • Joined: 19 Sep 2011
Thanks Lexikos!

That worked a treat. This code has answered some other questions I had with <!-- m -->http://www.autohotke...pic.php?t=76989<!-- m -->

I am trying to Identify the character name from each Running Process of FFXIV
The use is to populate a DropDownList with the character names. So users can select the process id to use. For things like sending macros to the game with Postmessage. <!-- m -->http://macro-bar.com<!-- m -->

Path := "C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV\ffxivgame.exe"
SetFormat IntegerFast, H
MsgBox % GetImageBase(Path) ; Replace A_AhkPath with path of executable.

GetImageBase(filename)
{
    static IMAGE_DOS_SIGNATURE := 0x5A4D
    static IMAGE_NT_SIGNATURE := 0x4550
    static IMAGE_SIZEOF_FILE_HEADER := 20
    static MAGIC_PE32 := 0x10B
    static MAGIC_PE32PLUS := 0x20B

    file := FileOpen(filename, "r")
    if !file
        return
    
    if (file.ReadUShort() != IMAGE_DOS_SIGNATURE)
    || !file.Seek(60) ; Seek to e_lfanew.
    || !file.Seek(file.ReadInt()) ; Seek to NT header.
    || (file.ReadUInt() != IMAGE_NT_SIGNATURE)
        return
    
    file.Seek(IMAGE_SIZEOF_FILE_HEADER, 1) ; Seek to optional header.
    
    magic := file.ReadUShort()
    if (magic = MAGIC_PE32)
    {
        file.Seek(26, 1)
        return file.ReadUInt()
    }
    else if (magic = MAGIC_PE32PLUS) ; x64
    {
        file.Seek(22, 1)
        return file.ReadInt64()
    }
}

#4 - Posted 02 October 2011 - 01:47 AM
Back to Ask for Help
  1. AutoHotkey Community
  2. AutoHotkey
  3. Ask for Help