Lua:AOBScan
<> Reference
function AOBScan(aobstring, protectionflags, alignmenttype, alignmentparam) : StringList
<> Reference
function AOBScan(byte1, byte2, ...) : StringList
Scans the currently opened process for an array of bytes and returns a StringList containing all matching addresses.
The returned StringList must be destroyed when it is no longer needed.
Contents
Function Parameters[edit]
String Pattern Form[edit]
| Parameter | Type | Description |
|---|---|---|
| aobstring | String | The array-of-bytes pattern to scan for. Wildcards can be used in the pattern. |
| protectionflags | String (optional) | A string that controls which memory regions are scanned based on executable, writable, and copy-on-write protection flags. |
| alignmenttype | Integer (optional) | Controls the address alignment check. |
| alignmentparam | String | The alignment parameter. Required when the selected alignment type needs a value. |
Byte Parameter Form[edit]
| Parameter | Type | Description |
|---|---|---|
| byte1, byte2, ... | Integer | The byte values to scan for. Values higher than 255 or values that are not integers are treated as wildcards. |
Returns[edit]
StringList — A StringList containing all matching addresses as strings.
The returned list must be destroyed manually when it is no longer needed.
Protection Flags[edit]
The protectionflags parameter is a string made from memory protection flags.
| Flag | Meaning |
|---|---|
| X | Executable memory. |
| W | Writable memory. |
| C | Copy-on-write memory. |
Each flag can be prefixed with one of the following operators:
| Operator | Meaning |
|---|---|
| + | The flag must be set. |
| - | The flag must not be set. |
| * | The flag does not matter. |
Protection Flag Examples[edit]
| Protection Flags | Description |
|---|---|
| +W-C | Scans writable memory, excludes copy-on-write memory, and does not care about the executable flag. |
| +X-C-W | Scans read-only executable memory. |
| +W | Scans writable memory and does not care about copy-on-write or executable memory. |
| Scans everything. This is the same as *X*C*W. |
Alignment Types[edit]
| Value | Name | Description |
|---|---|---|
| 0 | No alignment check | No alignment restriction is applied. |
| 1 | Divisible alignment | The address must be divisible by alignmentparam. |
| 2 | Last digits alignment | The address must end with the digits specified by alignmentparam. |
Alignment Parameter[edit]
The alignmentparam parameter is a string.
Its meaning depends on alignmenttype:
| Alignment Type | alignmentparam Meaning |
|---|---|
| 0 | Not used. |
| 1 | The value the address must be divisible by. |
| 2 | The last digits the address must end with. |
Wildcard Behavior[edit]
In the byte parameter form, every value higher than 255 or every value that is not an integer is treated as a wildcard.
In the string pattern form, use the normal array-of-bytes wildcard syntax inside the pattern string.
Examples[edit]
1 local results = AOBScan("48 8B ?? ?? ?? 89")
2
3 if results ~= nil then
4 print("Results found: " .. tostring(results.Count))
5
6 for i = 0, results.Count - 1 do
7 print(results[i])
8 end
9
10 results.destroy()
11 end
1 local results = AOBScan("48 8B ?? ?? ?? 89", "+X-C-W")
2
3 if results ~= nil then
4 print("Executable read-only results: " .. tostring(results.Count))
5 results.destroy()
6 end
7 </pre>
8
9 <syntaxhighlight lang="lua" line>
10 local results = AOBScan("48 8B ?? ?? ?? 89", "+W-C", 1, "4")
11
12 if results ~= nil then
13 print("Writable aligned results: " .. tostring(results.Count))
14 results.destroy()
15 end
1 local results = AOBScan(0x48, 0x8B, 999, 0x89)
2
3 if results ~= nil then
4 print("Results found: " .. tostring(results.Count))
5 results.destroy()
6 end
Notes[edit]
- AOBScan scans the currently opened process.
- The returned StringList must be destroyed when it is no longer needed.
- The string pattern form is usually easier to read and maintain.
- The byte parameter form treats values higher than 255 or non-integer values as wildcards.
- An empty protectionflags string scans all memory regions.
- Use protection flags and alignment when you want to reduce false positives or improve scan performance.
See Also[edit]
Main Pages
Related Pages
Readonly Classes[edit]
- StringList - String list object documentation
