NewsForumsCodeLogsGallerySpecsSearch

Code archives/User Libs/Read/Write to an app/process's local memory

This code has been declared by its author to be Public Domain code.

Download source code

Read/Write to an app/process's local memory by skn32004
you need the following userlib:

.lib " "
GetProcessId%(name$)
GetWindowProcessId%(name$)
OpenProcessMemory(class$,name$,access%)
WriteProcessByte(process%,offset%,value%)
WriteProcessShort(process%,offset%,value%)
WriteProcessInt(process%,offset%,value%)
ReadProcessByte(process%,offset%)
ReadProcessShort(process%,offset%)
ReadProcessInt(process%,offset%)
CloseProcessMemory(process%)

.lib "user32.dll"
Pmem_FindWindow%(class%,name$):"FindWindowA"
Pmem_GetWindowThreadProcessId%(hwnd%,processid*):"GetWindowThreadProcessId"
Pmem_GetClassName%(hwnd%,classname*,max%):"GetClassNameA"

.lib "Kernel32.dll"
Pmem_OpenProcess%(access%,inherit%,processid%):"OpenProcess"
Pmem_ReadProcessMemory%(process%,address%,buffer*,size%,numberofbytesread%):"ReadProcessMemory"
Pmem_WriteProcessMemory%(process%,address%,buffer*,size%,numberofbytesread%):"WriteProcessMemory"
Pmem_CloseHandle%(object%):"CloseHandle"
Pmem_GetLastError%():"GetLastError"
Pmem_CreateToolhelp32Snapshot%(flags%,processid%):"CreateToolhelp32Snapshot"
Pmem_Process32First%(snapshot%,entry*):"Process32First"
Pmem_Process32Next%(snapshot%,entry*):"Process32Next"


Example:
Include "ProcessMemory.bb"
process = OpenProcessMemory(GetProcessId("someapp.exe"))
For i=0 To 255
	WriteProcessByte(process,$20222E8,i)
	Delay 10
Next
CloseProcessMemory(process)

Make a blitz file called "ProcessMemory.bb":

Global pmem_bank = CreateBank(4)
Global pmem_proc32 = CreateBank(296) : PokeInt(pmem_proc32,0,296)

Function GetWindowProcessId(name$)
	Local hwnd,bank
	
	hwnd = Pmem_FindWindow(0,name$)
	If hwnd = 0 Return False
	Pmem_GetWindowThreadProcessId(hwnd,pmem_bank)
	Return PeekInt(pmem_bank,0)	
End Function

Function GetProcessId(name$)
	Local snapshot,processid,offset,processname$,char
	
	snapshot = Pmem_CreateToolhelp32Snapshot(2,0)
	If snapshot = 0 Return False
	
	If Pmem_Process32First(snapshot,pmem_proc32)
		While Pmem_Process32Next(snapshot,pmem_proc32)
			processid = PeekInt(pmem_proc32,8)
			processname$ = ""
			offset = 36
			char = PeekByte(pmem_proc32,offset)
			If char <> 0
				While char <> 0
					processname$ = processname$ + Chr$(char)
					offset = offset + 1
					char = PeekByte(pmem_proc32,offset)
				Wend
				If Lower(processname$) = Lower(name$)
					Pmem_CloseHandle(snapshot)
					Return processid
				End If
			End If
		Wend
	End If
	
	Pmem_CloseHandle(snapshot)
	Return False
End Function

Function OpenProcessMemory(processid,access=983040 Or 1048576 Or 4095)
	Return Pmem_OpenProcess(access,False,processid)
End Function

Function WriteProcessByte(process,offset,i)
	PokeByte(pmem_bank,0,i)
	If Pmem_WriteProcessMemory(process,offset,pmem_bank,1,0) = 0 Return False
	Return True
End Function

Function WriteProcessShort(process,offset,i)
	PokeShort(pmem_bank,0,i)
	If Pmem_WriteProcessMemory(process,offset,pmem_bank,3,0) = 0 Return False
	Return True
End Function

Function WriteProcessInt(process,offset,i)
	PokeInt(pmem_bank,0,i)
	If Pmem_WriteProcessMemory(process,offset,pmem_bank,4,0) = 0 Return False
	Return True
End Function

Function ReadProcessByte(process,offset)
	If Pmem_ReadProcessMemory(process,offset,pmem_bank,1,0) = 0 Return False
	Return PeekByte(pmem_bank,0)
End Function

Function ReadProcessShort(process,offset)
	If Pmem_ReadProcessMemory(process,offset,pmem_bank,2,0) = 0 Return False
	Return PeekShort(pmem_bank,0)
End Function

Function ReadProcessInt(process,offset)
	If Pmem_ReadProcessMemory(process,offset,pmem_bank,4,0) = 0 Return False
	Return PeekInt(pmem_bank,0)
End Function

Function CloseProcessMemory(process)
	Pmem_CloseHandle(process)
End Function

Comments

Who was John Galt?2004
Excellent work, my friend. Been looking for a way to do this kind of thing for AGES.


aab2004
i was thinking about how usefull this'd be the other day
Thanks!


soja2004
I'm kind of at a loss figuring out why or how this is practical.

How do you know where and what to read and right? How do you know the internal structure of the memory; what's stored where, etc? If it's your own process, why not just use RtlMoveMemory (kernel32)? What do you do with this?


ICECAP2004
soja,
I think the idea is not to modify your own programs memory but other programs. Like games.
If you need to find the memory address for something, use Hack32 that looks for a spaciffic value held in an address.

I think it would be perticually usefull for the likes of a game trainer.


soja2004
I see.


skn32004
http://pes4online.acsv.net it is used in this :)


Wings2010
Hey this is usefull today :)


virtlands2013
What does .lib " " mean? Where does that data go into?

This is great code; I can imagine great things to do with it.


Code Archives Forum