I'm currently writing this "mini tuto" so don't be too rude if there is any mistake.
The complete code :
Simple usage, for exemple :Code:using System; using System.Collections.Generic; using System.Diagnostics; using System.Linq; using System.Runtime.InteropServices; using System.Text; namespace My_Hack_Name { internal class SimpleMemoryEditing { public bool errorFlag; public byte[] errorMemBytes; public IntPtr errorMemPointer = IntPtr.Zero; public Process tempProcess; public IntPtr tempProcessHandle = IntPtr.Zero; public IntPtr AllocProcMem(uint size) { return VirtualAllocEx(this.tempProcessHandle, IntPtr.Zero, size, 0x3000, 0x40); } public bool AllowMem(IntPtr address, uint size) { try { uint num; VirtualProtectEx(this.tempProcessHandle, address, (UIntPtr)4, 0x40, out num); this.errorFlag = false; } catch { this.errorFlag = true; this.errorMemPointer = address; } return this.errorFlag; } [DllImport("kernel32.dll")] public static extern int CloseHandle(IntPtr hObject); [DllImport("kernel32.dll")] private static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr lpThreadAttributes, uint dwStackSize, IntPtr lpStartAddress, IntPtr lpParameter, uint dwCreationFlags, out uint lpThreadId); [DllImport("USER32.DLL")] public static extern IntPtr FindWindow(string lpClassName, string lpWindowName); public bool ForbidMem(IntPtr address, uint size) { try { uint num; VirtualProtectEx(this.tempProcessHandle, address, (UIntPtr)4, 0x100, out num); this.errorFlag = false; } catch { this.errorFlag = true; this.errorMemPointer = address; } return this.errorFlag; } public void FreeProcMem(IntPtr address, int size) { VirtualFreeEx(this.tempProcessHandle, address, size, 0x4000); } [DllImport("kernel32.dll")] public static extern uint GetProcessId([In] IntPtr process); [DllImport("user32.dll", SetLastError = true)] private static extern uint GetWindowThreadProcessId(IntPtr hWnd, out uint lpdwProcessId); [DllImport("kernel32.dll")] public static extern IntPtr OpenProcess(uint dwDesiredAccess, int bInheritHandle, uint dwProcessId); [DllImport("kernel32.dll")] private static extern IntPtr OpenThread(ThreadAccess dwDesiredAccess, bool bInheritHandle, uint dwThreadId); public byte[] ReadMem(IntPtr address, uint size) { byte[] lpBuffer = new byte[size]; uint lpNumberOfBytesRead = 0; try { ReadProcessMemory(this.tempProcessHandle, address, lpBuffer, size, ref lpNumberOfBytesRead); } catch { this.errorFlag = true; } if (lpNumberOfBytesRead != size) { this.errorFlag = true; return lpBuffer; } this.errorFlag = false; return lpBuffer; } [DllImport("Kernel32.dll")] public static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, uint nSize, ref uint lpNumberOfBytesRead); public void ResumeProcess() { Process tempProcess = this.tempProcess; if (tempProcess.ProcessName != string.Empty) { foreach (ProcessThread thread in tempProcess.Threads) { IntPtr hThread = OpenThread(ThreadAccess.SUSPEND_RESUME, false, (uint)thread.Id); if (hThread == IntPtr.Zero) { break; } ResumeThread(hThread); } } } [DllImport("kernel32.dll")] private static extern int ResumeThread(IntPtr hThread); public void SetProcess(IntPtr handle, Process proc) { this.tempProcessHandle = handle; this.tempProcess = proc; } public void SuspendProcess() { Process tempProcess = this.tempProcess; if (tempProcess.ProcessName != string.Empty) { foreach (ProcessThread thread in tempProcess.Threads) { IntPtr hThread = OpenThread(ThreadAccess.SUSPEND_RESUME, false, (uint)thread.Id); if (hThread == IntPtr.Zero) { break; } SuspendThread(hThread); } } } [DllImport("kernel32.dll")] private static extern uint SuspendThread(IntPtr hThread); [DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)] private static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress, uint dwSize, uint flAllocationType, uint flProtect); [DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)] private static extern bool VirtualFreeEx(IntPtr hProcess, IntPtr lpAddress, int dwSize, uint dwFreeType); [DllImport("kernel32.dll")] private static extern bool VirtualProtectEx(IntPtr hProcess, IntPtr lpAddress, UIntPtr dwSize, uint flNewProtect, out uint lpflOldProtect); [DllImport("kernel32.dll")] private static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, UIntPtr nSize, out IntPtr lpNumberOfBytesWritten); public bool WriteToMem(IntPtr address, uint size, byte[] value) { try { IntPtr ptr; uint num; VirtualProtectEx(this.tempProcessHandle, address, (UIntPtr)size, 0x40, out num); WriteProcessMemory(this.tempProcessHandle, address, value, (UIntPtr)size, out ptr); VirtualProtectEx(this.tempProcessHandle, address, (UIntPtr)size, num, out num); this.errorFlag = false; } catch { this.errorFlag = true; this.errorMemBytes = value; this.errorMemPointer = address; } return this.errorFlag; } [Flags] public enum ThreadAccess { DIRECT_IMPERSONATION = 0x200, GET_CONTEXT = 8, IMPERSONATE = 0x100, QUERY_INFORMATION = 0x40, SET_CONTEXT = 0x10, SET_INFORMATION = 0x20, SET_THREAD_TOKEN = 0x80, SUSPEND_RESUME = 2, TERMINATE = 1 } } }
1° Add at the top of your class :
2° Define class variables :Code:[DllImport("kernel32.dll")] public static extern IntPtr OpenProcess(uint dwDesiredAccess, int bInheritHandle, uint dwProcessId);
3° In your Main constructor add :Code:public IntPtr ProcessHandle; public Thread thread; public SimpleMemoryEditing memTools; public bool Running; public Process ProcessName; public bool Ingame; private uint ProcID; private String GameVersion;
4° In your form closing event add :Code:this.memTools = new SimpleMemoryEditing(); this.ProcessHandle = IntPtr.Zero; this.Running = true;
5° Then you need those two functions to get handle on the process :Code:this.Running = false;
6° Now you are ready ! Just a simple usage down here :Code:public void ScanThread() { try { this.FindHandle(); this.memTools.SetProcess(this.ProcessHandle, this.LFSProcess); while (this.Running) { if ((!this.Ingame && (this.ProcessHandle != IntPtr.Zero)) && this.ProcessName.HasExited) { this.Close(); // for exemple close programm. } } } catch (Exception exception) { MessageBox.Show(exception.Message, "Scan thread exception !"); } } public void FindHandle() { this.ProcessHandle = IntPtr.Zero; while ((this.ProcessHandle == IntPtr.Zero) && this.Running) { foreach (Process process in Process.GetProcesses()) { if (process.ProcessName == "ProcessName") { this.ProcessHandle = OpenProcess(0x1f0fff, 1, (uint)process.Id); this.ProcID = (uint)process.Id; this.ProcessName = process; return; } this.ProcessHandle = IntPtr.Zero; } } }
Code:// Read example byte[] BytesToRead; BytesToRead = this.memTools.ReadMem((IntPtr)0xXXXXXX, YY); // XX -> ADDRESS, YY -> SIZE // Write example this.memTools.WriteToMem((IntPtr)0xXXXXXX, size, BytesToRead);
Results 1 to 1 of 1
-
2012-12-07, 03:39 PM #1GuestTheTime
- Join Date
- 2012 Dec
- Posts
- 1
- Thanks
- 0
- Thanks
- 0
- Thanked in
- 0 Posts
- Rep Power
- 0
Yet Another Simple Write / Read Memory Class
-
Reply With QuoteSimilar Threads
-
[C#] class Read/Write Memory in C#
By bigbozz in forum Perfect World Bots, CheatsReplies: 0Last Post: 2012-12-02, 09:08 AM -
Simple VB Write/Read Memory Class
By Dwar in forum VB, .NET FrameworkReplies: 3Last Post: 2012-07-22, 05:11 PM -
[C++] Write a simple memory scanner from scratch [Video]
By Grooguz in forum Programming TutorialsReplies: 1Last Post: 2011-12-25, 12:19 PM -
[C#] How to Read and Write to the Process Memory
By Grooguz in forum VB, .NET FrameworkReplies: 0Last Post: 2011-11-27, 05:27 AM
