Results 1 to 1 of 1
  1. #1
    Grooguz
    Grooguz is offline
    BanHammer Holder
    Grooguz's Avatar
    Join Date
    2010 May
    Posts
    678
    Thanks Thanks Given 
    152
    Thanks Thanks Received 
    537
    Thanked in
    167 Posts
    Rep Power
    14

    How to Read and Write to the Process Memory

    Create new Class
    This is The MemoryWrite / Read Class
    using System;
    using System.Diagnostics;
    using System.Management;
    using System.Runtime.InteropServices;

    namespace ProcessMemoryReaderLib
    {
    /// <summary>
    /// </summary>
    class ProcessMemoryReaderApi
    {
    [Flags]
    public enum ProcessAccessType
    {
    PROCESS_TERMINATE = (0x0001),
    PROCESS_CREATE_THREAD = (0x0002),
    PROCESS_SET_SESSIONID = (0x0004),
    PROCESS_VM_OPERATION = (0x0008),
    PROCESS_VM_READ = (0x0010),
    PROCESS_VM_WRITE = (0x0020),
    PROCESS_DUP_HANDLE = (0x0040),
    PROCESS_CREATE_PROCESS = (0x0080),
    PROCESS_SET_QUOTA = (0x0100),
    PROCESS_SET_INFORMATION = (0x0200),
    PROCESS_QUERY_INFORMATION = (0x0400)
    }

    [DllImport("kernel32.dll")]
    public static extern IntPtr OpenProcess(UInt32 dwDesiredAccess, Int32 bInheritHandle, UInt32 dwProcessId);


    [DllImport("kernel32.dll")]
    public static extern Int32 CloseHandle(IntPtr hObject);


    [DllImport("kernel32.dll")]
    public static extern Int32 ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesRead);


    [DllImport("kernel32.dll")]
    public static extern Int32 WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesWritten);

    }

    public class ProcessMemoryReader
    {

    public ProcessMemoryReader()
    {
    }

    /// <summary>
    /// </summary>
    public Process ReadProcess
    {
    get
    {
    return m_ReadProcess;
    }
    set
    {
    m_ReadProcess = value;
    }
    }

    private Process m_ReadProcess = null;

    private IntPtr m_hProcess = IntPtr.Zero;

    public void OpenProcess()
    {
    ProcessMemoryReaderApi.ProcessAccessType access;
    access = ProcessMemoryReaderApi.ProcessAccessType.PROCESS_V M_READ
    | ProcessMemoryReaderApi.ProcessAccessType.PROCESS_V M_WRITE
    | ProcessMemoryReaderApi.ProcessAccessType.PROCESS_V M_OPERATION;
    m_hProcess = ProcessMemoryReaderApi.OpenProcess((uint)access, 1, (uint)m_ReadProcess.Id);
    }

    public void CloseHandle()
    {
    int iRetValue;
    iRetValue = ProcessMemoryReaderApi.CloseHandle(m_hProcess);
    if (iRetValue == 0)
    throw new Exception("closehandle failed");
    }

    public byte[] ReadProcessMemory(IntPtr MemoryAddress, uint bytesToRead, out int bytesRead)
    {
    byte[] buffer = new byte[bytesToRead];

    IntPtr ptrBytesRead;
    ProcessMemoryReaderApi.ReadProcessMemory(m_hProces s, MemoryAddress, buffer, bytesToRead, out ptrBytesRead);

    bytesRead = ptrBytesRead.ToInt32();

    return buffer;
    }

    public void WriteProcessMemory(IntPtr MemoryAddress, byte[] bytesToWrite, out int bytesWritten)
    {
    IntPtr ptrBytesWritten;
    ProcessMemoryReaderApi.WriteProcessMemory(m_hProce ss, MemoryAddress, bytesToWrite, (uint)bytesToWrite.Length, out ptrBytesWritten);

    bytesWritten = ptrBytesWritten.ToInt32();
    }





    }
    }

    Now Go to your Form
    After:
    Code:
    public partial class FormName : Form 
    {
    add this
    Code:
    ProcessMemoryReaderLib.ProcessMemoryReader preader = new ProcessMemoryReaderLib.ProcessMemoryReader();
    Now you can Write the Memory Like This
    Code:
    System.Diagnostics.Process[] MS = System.Diagnostics.Process.GetProcessesByName("SomeGame");
                    if (MS.Length != 0)
                    {
                        preader.ReadProcess = MS[0];
                        preader.OpenProcess();
                        int thosewrote;
                        byte[] vals = { 0x0F, 0x84, 0xF1, 0x20, 0x00, 0x00 };
                        preader.WriteProcessMemory((IntPtr)0x009343FC, vals , out thosewrote);
                    }
    Bytes to Write = 0F & 84 & F1 & 20 & 00 & 00
    The Address that will it be wrote to = 009343FC

  2. The Following User Says Thank You to Grooguz For This Useful Post:


Similar Threads

  1. [Snippet] Write bytes to memory
    By Dwar in forum Delphi
    Replies: 1
    Last Post: 2019-10-06, 10:30 AM
  2. Replies: 2
    Last Post: 2018-04-02, 04:48 PM
  3. Simple VB Write/Read Memory Class
    By Dwar in forum VB, .NET Framework
    Replies: 3
    Last Post: 2012-07-22, 05:11 PM
  4. [Process, Services & Network] Process Hacker
    By wildspirit in forum Files & Tools
    Replies: 0
    Last Post: 2011-11-09, 05:00 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •