Comments (4)
I see what is happening. I'm not gonna lie, I don't know much about text and unicode. But from what I see, it seems that notepad.exe
stores text with Utf16 encoding (I guess this means each character takes up 2 bytes instead of 1 byte which memoryjs
is expecting).
Take a look at the following image:
As you can tell, the text Hello world!
in hex is 48 65 6c 6c 6f 20 77 6f 72 6c 64 21
. Now, I'm guessing Notepad stores text as Utf16 because in memory Cheat Engine is telling us the text appears as 48 00 65 00 6c 00 6c 00 6f 00 20 00 77 00 6f 00 72 00 6c 00 64 00 21
which implies each character is taking up 2 bytes.
Therefore, if you alter your signature to have 00
after each byte, you will be able to find the correct address. However, my implementation of reading a string in memory causes the readMemory
function to fail when it encounters a 00
byte (null character/string terminator) because the text is expected to be Utf8. To counter this, this section of code would need to be altered to support Utf16 strings. This also means a parameter would need to be passed when reading strings from memory to flag whether the string is Utf8 or Utf16 (or even higher).
from memoryjs.
Just do const p = memoryjs.openProcess('notepad.exe');
And also I'm not really sure what you're trying to do with the /^H/
in findPattern
. The signature argument for findPattern
is a string in the form of XX ? ? XX ?
where XX
are known bytes and ?
are unknown bytes.
In this case you would need to find where notepad
stores the text displayed in memory and read memory from that address.
from memoryjs.
The /^H/
was supposed to be a regular expression to find strings beginning with H
, but I see now the pattern function doesn't expect a regular expression.
I am trying to find the memory address where notepad
stores displayed text by searching the entire memory of notepad
for the string that matches my pattern. Here is my new code:
const memoryjs = require('memoryjs');
const p = memoryjs.openProcess('notepad.exe');
const sig = '48??????????21'; //'Hello World!' -> '48656C6C6F20576F726C6421' -> '48??????????21'
const addr = memoryjs.findPattern(p.handle, 'notepad.exe', sig, memoryjs.READ, 0, 0);
const txt = memoryjs.readMemory(p.handle, addr, 'string');
console.log(txt); // should show 'Hello World!' but actually shows nothing or gives the error: 'TypeError: unable to read string (no null-terminator found after 1 million chars)'
My open notepad
window contains the text Hello World!
and I thought my code could find it. But apparently not?
I'm trying to do what CheatEngine
does, searching for memory addresses within a process which contain a certain string. Isn't memoryjs
capable of that? If not, then I am disappointed.
UPDATE: Changing the signature type to memoryjs.NORMAL
gives me the string MZ�
which is the original problem I had in the first place. Clearly the signature is being totally ignored, because MZ�
are magic-bytes which definitely don't match the pattern 48??????????21
.
UPDATE: Seems the signature must have a space before and after each question mark, because after adding spaces it's now returning something that does match the signature. It's not what I'm looking for though, it's some nonsesnse (H�H���!
) but I will continue experimenting.
UPDATE: Neither the signatures 48 ? ? ? ? ? ? ? ? ? ? 2121
nor 48 ? ? ? ? ? ? ? ? ? ? 21 21
nor even the exact, full string 48656C6C6F20576F726C642121
are able to find the displayed text Hello World!!
. They just give the following error:
TypeError: unable to read string (no null-terminator found after 1 million chars)
Why is CheatEngine
able to find the string but not memoryjs
?
from memoryjs.
That makes sense, thank you very much!
from memoryjs.
Related Issues (20)
- How to read shared memory channel? (Windows) HOT 5
- Reading an address that is a BigInt throwing errors? HOT 3
- The library can't read memory for me can someone help me figure it out? HOT 2
-
- Any way to get module exports? HOT 2
- Add "Windows only" to readme HOT 2
- Usage with electron HOT 2
- Just pushed a commit (3be70b051025327db5d5f54cd5a1f777dea75943) that I think should enable this now (not on NPM yet). I wasn't familiar with memory mapped files before working on this change, but from my little testing it seems like you should be able to replicate this C# logic with memoryjs now. Updated the README with an example ([documentation](https://github.com/Rob--/memoryjs#memory-mapped-files-1)). HOT 2
- Error reading BigInt pointer HOT 6
- Feature: Open process using th32ProcessID instead of process name(multiple processes same name) HOT 2
- functionTest.cpp does not work on x64 builds HOT 1
- Using Cheat Engine Pointer HOT 6
- Writing to an adres using pointers HOT 2
- Little Endian Support HOT 3
- add pointer or int64 parameters on callFunction?
- publish/release newest version to npm? :) HOT 2
- Linux/Unix support HOT 2
- setProtection is not available in latest version HOT 1
- Problems when using with electron. HOT 1
- Hi Rob, HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from memoryjs.