Jump to content

Sky Slate Blueberry Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate

WriteProcessMemory


  • Please log in to reply
7 replies to this topic
YoYowazzup
  • Guests
  • Last active:
  • Joined: --
hey, it was on japanese forum and says if u use this u could edit some game codes and make cheats possibly

anyone could tell me in specific please?

getProcessHandle(pid,mode=0x001F0FFF){
	return DllCall("OpenProcess",UInt,mode,UInt,0,UInt,pid,UInt)
}
releaseProcessHandle(hProcess){
	DllCall("psapi\CloseProcess","Int",hProcess)
}

getPEName(pid){
	hModule=0
	dwNeed=0
	l=0
	max:=VarSetCapacity(s,256,0)
	hProcess:=getProcessHandle(pid,0x410)		if(DllCall("psapi\EnumProcessModules","Int",hProcess,"Int*",hModule,"Int",4,"UInt*",dwNeed,"Int")<>0){
		l:=DllCall("psapi\GetModuleFileNameExA","Int",hProcess,"Int",hModule,"Str",s,"Int",max,"Int")
	}
	releaseProcessHandle(hProcess)
	return s
}



readProcMem(pid,addr,len){
	if(len="Int64"){
		type=Int64 *
		size=8
	}else If len in Int,UInt
	{
		type=%len% *
		size=4
	}else If len in Short,UShort
	{
		type=%len% *
		size=2
	}else If len in Char,UChar
	{
		type=%len% *
		size=1
	}else{
		type=Str
		size:=VarSetCapacity(s,len)+1
	}
	hProcess:=getProcessHandle(pid)
	DllCall("ReadProcessMemory","Int",hProcess,"Int",addr,type,res,"Int",size,"Int",0)
	releaseProcessHandle(hProcess)
	return res
}

;;;;
;; writeProcMem(pid,addr,val)
;;   任意プロセスのメモリの値を書き換え
;; 引数
;;   pid  対象プロセスID
;;   addr 対象アドレス
;;   val  書き込む値
;;          0xで始まる16進数の場合は、桁数に応じてInt,Short,Charから自動決定
;;          10進数値の場合は、Int(4バイト)で書き込み
;;          文字列の場合は、文字列としてnull終端文字までを書き込み
;;;;
writeProcMem(pid,addr,val){
	StringLen,size,val
	if val is integer
	{
		IfInString,val,0x
		{
			if(size>10){
				type=Int64 *
				size=8
			}else if(size>6){
				type=Int *
				size=4
			}else if(size>4){
				type=Short *
				size=2
			}else{
				type=Char *
				size=1
			}
		}else{
			type=Int *
			size=4
		}
	}else{
		type=Str
		size++
	}
	hProcess:=getProcessHandle(pid)
	DllCall("WriteProcessMemory","Int",hProcess,"Int",addr,type,val,"Int",size,"Int",0)
	releaseProcessHandle(hProcess)
}

thx

[Title edited. Please write descriptive titles for your topics. ~jaco0646]

imapow
  • Members
  • 155 posts
  • Last active: Oct 13 2009 08:35 AM
  • Joined: 13 Mar 2008
just read the text

;;;; 
;; writeProcMem(pid,addr,val) 
;;   任意プロセスのメモリの値を書き換え 
;; 引数 
;;   pid  対象プロセスID 
;;   addr 対象アドレス 
;;   val  書き込む値 
;;          0xで始まる16進数の場合は、桁数に応じてInt,Short,Charから自動決定 
;;          10進数値の場合は、Int(4バイト)で書き込み 
;;          文字列の場合は、文字列としてnull終端文字までを書き込み 
;;;; 

Hehe...

sorry, dont know chinese. god luck
-._.-¨¯¨-._.-IM@PΩW-._.-¨¯¨-._.-

yoyowazzup
  • Guests
  • Last active:
  • Joined: --
yea, get it correctly. thats why i posted the damn code so some1 could read and understand the CODE at least, not those letters.
its obvious i see u dont understand them, what did u expect lol?

  • Guests
  • Last active:
  • Joined: --
And another script kiddie is born.

VxE
  • Moderators
  • 3622 posts
  • Last active: Dec 24 2015 02:21 AM
  • Joined: 07 Oct 2006
WriteProcessMemory

It's obviously part of a memory tweaker script. If you knew beforehand which addresses in a running program were responsible for... say... detecting if a CD rom is present, you could theoretically overwrite that part of the program while it is in memory (probably won't corrupt the image file on HDD).

That being said, I don't know how someone would find out which addresses to write what to to do a specific thing.

p.s. that's japanese, btw

who knows
  • Guests
  • Last active:
  • Joined: --
it looks like functions to read and write the memory of another process.

yoyowazzup
  • Guests
  • Last active:
  • Joined: --
kk thx guys

p.s. to Guest
this is help forum so i dont need ur comment thanks

  • Guests
  • Last active:
  • Joined: --

hey, it was on japanese forum and says if u use this u could edit some game codes and make cheats possibly

anyone could tell me in specific please?

getProcessHandle(pid,mode=0x001F0FFF){
	return DllCall("OpenProcess",UInt,mode,UInt,0,UInt,pid,UInt)
}
releaseProcessHandle(hProcess){
	DllCall("psapi\CloseProcess","Int",hProcess)
}

getPEName(pid){
	hModule=0
	dwNeed=0
	l=0
	max:=VarSetCapacity(s,256,0)
	hProcess:=getProcessHandle(pid,0x410)		if(DllCall("psapi\EnumProcessModules","Int",hProcess,"Int*",hModule,"Int",4,"UInt*",dwNeed,"Int")<>0){
		l:=DllCall("psapi\GetModuleFileNameExA","Int",hProcess,"Int",hModule,"Str",s,"Int",max,"Int")
	}
	releaseProcessHandle(hProcess)
	return s
}



readProcMem(pid,addr,len){
	if(len="Int64"){
		type=Int64 *
		size=8
	}else If len in Int,UInt
	{
		type=%len% *
		size=4
	}else If len in Short,UShort
	{
		type=%len% *
		size=2
	}else If len in Char,UChar
	{
		type=%len% *
		size=1
	}else{
		type=Str
		size:=VarSetCapacity(s,len)+1
	}
	hProcess:=getProcessHandle(pid)
	DllCall("ReadProcessMemory","Int",hProcess,"Int",addr,type,res,"Int",size,"Int",0)
	releaseProcessHandle(hProcess)
	return res
}

;;;;
;; writeProcMem(pid,addr,val)
;;   任意プロセスのメモリの値を書き換え
;; 引数
;;   pid  対象プロセスID
;;   addr 対象アドレス
;;   val  書き込む値
;;          0xで始まる16進数の場合は、桁数に応じてInt,Short,Charから自動決定
;;          10進数値の場合は、Int(4バイト)で書き込み
;;          文字列の場合は、文字列としてnull終端文字までを書き込み
;;;;
writeProcMem(pid,addr,val){
	StringLen,size,val
	if val is integer
	{
		IfInString,val,0x
		{
			if(size>10){
				type=Int64 *
				size=8
			}else if(size>6){
				type=Int *
				size=4
			}else if(size>4){
				type=Short *
				size=2
			}else{
				type=Char *
				size=1
			}
		}else{
			type=Int *
			size=4
		}
	}else{
		type=Str
		size++
	}
	hProcess:=getProcessHandle(pid)
	DllCall("WriteProcessMemory","Int",hProcess,"Int",addr,type,val,"Int",size,"Int",0)
	releaseProcessHandle(hProcess)
}

thx

[Title edited. Please write descriptive titles for your topics. ~jaco0646]



wow thanks a lot ^^ i was looking for this