I try to catch some Base Pointer Adresses from a Windows Application which I want to Bot (Its not a game, Its an Online Broker). So, I know how to find Base Pointer Adresses, but I do this with Cheatengine (Find Adresses, set Breakpointes, search for the Output Adresses... and so on) - but this takes very much time for Base Pointers with 6+ Offsets. Maybe there is a much faster technique how to scrape them out of Memory?
And here is my presumption: In This Pic you can see, there are many similar Entrys (Forex Entrys), and they are all similar structured. They have a Adress for Ask-Value and Bid-Value - these are the Pointers I need! The Values are represented as Double. Maybe, I can find multiple Adresses at once, if I find the one from another. I thought on object oriented programing, where many Instances have Adresses nearby to the other. So, is there a way to find multiple at once, and fast?
I tried some stuff with OllyDbg, and didnt find some nearby (But my skills with OllyDbg are not insane, I still dont know all functions of it). Do you guys have a better solution, how I can find them faster? I dont really want to code some stuff in Assembler - but if nececary, I can do this. Would be great if you can help. There are 89 Entrys, and I will need per something like 20 - 30 minutes. Would be awful.
Cheers!
Filthy Frank
Using pointers and offsets is not the correct way to go about this. On the back end they're just using HTTP and an API. You should either use that directly or hook the function that does it and then work with the data right after it is received by the client.
Related
I believe I have a found a very good and fast solution for efficiently counting page views:
Working example in go playground here: https://play.golang.org/p/q_mYEYLa1h
My idea is to push this to the database every X minutes, and after pushing a key then delete it from the page map.
My question now is, what would be the optimal way to ensure that this isn't abused? Ideally, I would only want to increase page count from the same person if there was a time interval of 2 hours since last visiting the page.
As far as I know, it would be ideal to store and compare both IP and user agent (I don't want to rely on cookie/localstorage), but I'm not quite sure how to efficiently store and compare this information.
I'd likely get both the IP (req.Header.Get("x-forwarded-for")) and UserAgent (req.UserAgent()) from http.Request.
I was thinking making a visitor struct similar to my page struct that would look like this:
type visitor struct {
mutex sync.Mutex
urlIPUAAndTime map[string]time
}
This way should make it possible to do something similar to before. However, imagine if the website had so many requests that there would be hundreds of millions of unique visitor maps being stored, and each of these could only be deleted after 2 (or more) hours. I therefore think this is not a good solution.
I guess it would be ideal/necessary to write to and read from some file, but not sure how this should be done efficiently. Help would be greatly appreciated
One of optimization ways is to add a Bloom filter before this map. Bloom filter is a probabilistic structure which can say one of these:
this user is definitely new
and this user possibly was here
This is a way to cut off computation on early stage. If many of your users are new then you save requests to database to check all of them.
What if structure says "user is possibly non-unique"? Then you go the database and check it.
Here's one more optimization: if you do not need very accurate information and can agree with mistake about several percent, you may use the sole bloom filter. I guess many large sites use this technique for estimation.
I am trying to figure out what is the fastest way the figure out the current user Country. I know there are a lot of location examples online, my actual is question: since I don't care much about precision, is it OK if I use RegionInfo.CurrentRegion.DisplayName; to figure out the user country?
What are the downsides of using this approach (besides precision)?
No, you shouldn't use RegionInfo.CurrentRegion for that.
For example, I live in Montenegro, but RegionInfo.CurrentRegion on my phone will return USA, which is completely irrelevant being almost 4000 miles away from here.
You have to use Geolocator class for that. Here's some sample code.
I was reading code from one of the projects from github. I came across something called a Vectored Referencing buffer implementation. Can have someone come across this ? What are the practical applications of this. I did a quick google search and wasn't able to find any simple sample implementation for this.
Some insight would be helpful.
http://www.ibm.com/developerworks/library/j-zerocopy/
http://www.linuxjournal.com/article/6345
http://www.seccuris.com/documents/whitepapers/20070517-devsummit-zerocopybpf.pdf
https://github.com/joyent/node/pull/304
I think some more insight on your specific project/usage/etc would allow for a more specific answer.
However, the term is generally used to either change or start an interface/function/routine with the goal that it does not allocate another instance of its input in order to perform its operations.
EDIT: Ok, after reading the new title, I think you are simply talking about pushing buffers into a vector of buffers. This keeps your code clean, you can pass any buffer you need with minimal overhead to any function call, and allows for a better cleanup time if your code isn't managed.
EDIT 2: Do you mean this http://cpansearch.perl.org/src/TYPESTER/Data-MessagePack-Stream-0.07/msgpack-0.5.7/src/msgpack/vrefbuffer.h
i need a geolocation service and i wanted to try some of them before buying anything for my client.
i tried api.ipinfodb.com and is pretty good...
then i recently tried Quova APi, that as far as i remeber Quova was considered good...
well...i tried it and the result is really sloppy... the zipcode with ipinfodb.com was perfect, whereas Quova was quite distant...
also the XML of the first was good formatted, whereas Quova gives you all lowercase name..why? shouldn be the city name cpaitalize ? i know i can do it with php but with name syou have to be careful...sound sjust sloppy to me...
I wonder if the paid Quova service is the same..
I'm actually the product manager for Quova, so I hope I can help. Sorry you're having problems with the API.
To answer your first question about the zip code, no vendor can be right 100% of the time, and there will always be individual cases where we are wrong and someone else is right, or we are right and someone else is wrong. We do provide confidence factors to help you decide how confident we are in the assignments we make, which helps customers make better decisions about the data. Our customers stay with us because they know that the overall quality of our data outperforms the other vendors they've tried. If you respond with the actual IP addresses and ZIP codes that you think are wrong, I can have them investigated.
With regard to our data being all lowercase, we made that decision a long time ago to make the data predictable and to make comparisions with our data easier. I know there are use cases where having the correct capitalization of place names would be valuable, and lowercasing strings is easy enough if you have to do that, so we're considering how to provide capitalized names without impacting current customers who might be relying on the data in its current format. One thing you can do in the meantime is use the Lat/Long to lookup the place name with a service like geonames.org.
To answer your last question, yes, the data is also lowercase in the commercial service.
Does midiOutPrepareHeader, midiInPrepareHeader just setup some data fields, or does it do something that is more time intensive?
I am trying to decide whether to build and destroy the MIDIHDR's as needed, or to maintain a pool of them.
You really have only two ways to tell (without the Windows source):
1) Profile it. Depending on your findings for how long it takes, have a debug-only scoped timer that logs when it suddenly takes longer than what you think is acceptable for your application, or do your pool solution. Though the docs say not to modify the buffer once you call the prepare function, and it seems if you wanted to re-use it you may have to modify it. I'm not familiar enough with the docs to say one way or the other if your proposed solution would work.
2) Step through the assembly and see. Don't be afraid. Get the MSFT public symbols and see if it looks like it's just filling out fields or if it's doing something complicated.