EasyToUse MemoryReading/Writing Class

  • Thread starter Sleinzel
  • Start date
  • Replies 4
  • Views 4K
Hexui Undetected CSGO Cheats PUBG Accounts
S

Sleinzel

This is a simple MemoryReading/Writing Class I used in one of my projects:


C++: 
class Memory
{
    public static int proccID;
    public static IntPtr pHandle;

    #region DllImports
    [DllImport("kernel32.dll")]
    private static extern bool WriteProcessMemory(IntPtr hProcess, UIntPtr lpBaseAddress, byte[] lpBuffer, UIntPtr nSize, IntPtr lpNumberOfBytesWritten);

    [DllImport("kernel32.dll")]
    private static extern IntPtr OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);

    [DllImport("kernel32.dll")]
    private static extern bool _CloseHandle(IntPtr hObject);

    [DllImport("kernel32.dll")]
    private static extern bool ReadProcessMemory(IntPtr hProcess, UIntPtr lpBaseAddress, [Out] byte[] lpBuffer, UIntPtr nSize, IntPtr lpNumberOfBytesRead);
    #endregion

    public static void OpenProcess(string ProcName)
    {
      Process[] procs = Process.GetProcessesByName(ProcName);
      if (procs.Length == 0)
      {
        proccID = 0;
      }
      else
      {
        proccID = procs[0].Id;
        pHandle = OpenProcess(0x1F0FFF, false, proccID);
      }

    }
    public static int readInt(long Address)
    {
      byte[] buffer = new byte[sizeof(int)];
      ReadProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)4, IntPtr.Zero);
      return BitConverter.ToInt32(buffer, 0);
    }
    public static uint readUInt(long Address)
    {
      byte[] buffer = new byte[sizeof(int)];
      ReadProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)4, IntPtr.Zero);
      return (uint)BitConverter.ToUInt32(buffer, 0);
    }
    public static float readFloat(long Address)
    {
      byte[] buffer = new byte[sizeof(float)];
      ReadProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)4, IntPtr.Zero);
      return BitConverter.ToSingle(buffer, 0);
    }
    public static string ReadString(long Address)
    {
      byte[] buffer = new byte[50];

      ReadProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)50, IntPtr.Zero);

      string ret = Encoding.Unicode.GetString(buffer);

      if (ret.IndexOf('\0') != -1)
        ret = ret.Remove(ret.IndexOf('\0'));
      return ret;
    }
    public static byte readByte(long Address)
    {
      byte[] buffer = new byte[1];
      ReadProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)1, IntPtr.Zero);
      return buffer[0];
    }
    public static void WriteFloat(long Address, float value)
    {
      byte[] buffer = BitConverter.GetBytes(value);
      WriteProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)buffer.Length, IntPtr.Zero);
    }
    public static void WriteInt(long Address, int value)
    {
      byte[] buffer = BitConverter.GetBytes(value);
      WriteProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)buffer.Length, IntPtr.Zero);
    }
    public static void WriteUInt(long Address, uint value)
    {
      byte[] buffer = BitConverter.GetBytes(value);
      WriteProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)buffer.Length, IntPtr.Zero);
    }
    public static void CloseProcess()
    {
       _CloseHandle(pHandle);
    }


  }

How To use It:

C++: 
 Memory.OpenProcess("chrome.exe");
 float asdf = Memory.ReadFloat(0x999999);
 Memory.CloseProcess();
(Edit changed Quote tags to code Fl)

Have Fun
 
Fleep

Fleep

Founder
Meme Tier VIP
May 20, 2012
572
11,023
6
Very useful code, shame C# always needs a lot to write to memory :/, good thing is its much more friendly to write than c++.

Thanks a lot for sharing.
 
konsowa

konsowa

Coder
Full Member
Nobleman
May 24, 2012
178
753
2
Here is another one ;)


C++: 
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;

namespace ProcessMemoryReaderLib
{
	/// <summary>
	/// ProcessMemoryReader is a class that enables direct reading a process memory
	/// </summary>
	class ProcessMemoryReaderApi
	{
		// constants information can be found in <winnt.h>
		[Flags]
		public enum ProcessAccessType
		{
			PROCESS_TERMINATE			= (0x0001),
			PROCESS_CREATE_THREAD		= (0x0002), 
			PROCESS_SET_SESSIONID		= (0x0004), 
			PROCESS_VM_OPERATION		= (0x0008), 
			PROCESS_VM_READ				= (0x0010), 
			PROCESS_VM_WRITE			= (0x0020), 
			PROCESS_DUP_HANDLE			= (0x0040), 
			PROCESS_CREATE_PROCESS		= (0x0080), 
			PROCESS_SET_QUOTA			= (0x0100), 
			PROCESS_SET_INFORMATION		= (0x0200), 
			PROCESS_QUERY_INFORMATION	= (0x0400) 
		}
		
		// function declarations are found in the MSDN and in <winbase.h> 
		
		//		HANDLE OpenProcess(
		//			DWORD dwDesiredAccess, // access flag
		//			BOOL bInheritHandle,  // handle inheritance option
		//			DWORD dwProcessId    // process identifier
		//			);
		[DllImport("kernel32.dll")]
		public static extern IntPtr OpenProcess(UInt32 dwDesiredAccess, Int32 bInheritHandle, UInt32 dwProcessId);

		//		BOOL CloseHandle(
		//			HANDLE hObject  // handle to object
		//			);
		[DllImport("kernel32.dll")]
		public static extern Int32 CloseHandle(IntPtr hObject);

		//		BOOL ReadProcessMemory(
		//			HANDLE hProcess,       // handle to the process
		//			LPCVOID lpBaseAddress,    // base of memory area
		//			LPVOID lpBuffer,       // data buffer
		//			SIZE_T nSize,         // number of bytes to read
		//			SIZE_T * lpNumberOfBytesRead // number of bytes read
		//			);
		[DllImport("kernel32.dll")]
		public static extern Int32 ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress,[In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesRead);
	
		//		BOOL WriteProcessMemory(
		//			HANDLE hProcess,        // handle to process
		//			LPVOID lpBaseAddress,      // base of memory area
		//			LPCVOID lpBuffer,        // data buffer
		//			SIZE_T nSize,          // count of bytes to write
		//			SIZE_T * lpNumberOfBytesWritten // count of bytes written
		//			);
		[DllImport("kernel32.dll")]
		public static extern Int32 WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress,[In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesWritten);

	}

	public class ProcessMemoryReader
	{

		public ProcessMemoryReader()
		{
		}

    /// <summary>	
		/// Process from which to read		
		/// </summary>
		public Process ReadProcess
		{
			get
			{
				return m_ReadProcess;
			}
			set
			{
				m_ReadProcess = value;
			}
		}

		private Process m_ReadProcess = null;

		private IntPtr m_hProcess = IntPtr.Zero;

		public void OpenProcess()
		{
//			m_hProcess = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ, 1, (uint)m_ReadProcess.Id);
			ProcessMemoryReaderApi.ProcessAccessType access;
			access = ProcessMemoryReaderApi.ProcessAccessType.PROCESS_VM_READ 
				| ProcessMemoryReaderApi.ProcessAccessType.PROCESS_VM_WRITE 
				| ProcessMemoryReaderApi.ProcessAccessType.PROCESS_VM_OPERATION;
				m_hProcess = ProcessMemoryReaderApi.OpenProcess((uint)access, 1, (uint)m_ReadProcess.Id);
		}

		public void CloseHandle()
		{
			int iRetValue;
			iRetValue = ProcessMemoryReaderApi.CloseHandle(m_hProcess);
			if (iRetValue == 0)
				throw new Exception("CloseHandle failed");
		}

		public byte[] ReadProcessMemory(IntPtr MemoryAddress, uint bytesToRead, out int bytesRead)
		{
			byte[] buffer = new byte[bytesToRead];
			
			IntPtr ptrBytesRead;
			ProcessMemoryReaderApi.ReadProcessMemory(m_hProcess,MemoryAddress,buffer ,bytesToRead,out ptrBytesRead);
			
			bytesRead = ptrBytesRead.ToInt32();

			return buffer;
		}

		public void WriteProcessMemory(IntPtr MemoryAddress, byte[] bytesToWrite ,out int bytesWritten)
		{
			IntPtr ptrBytesWritten;
			ProcessMemoryReaderApi.WriteProcessMemory(m_hProcess,MemoryAddress,bytesToWrite,(uint)bytesToWrite.Length,out ptrBytesWritten);
			
			bytesWritten = ptrBytesWritten.ToInt32();
		}

		


	}
}
 
Fleep

Fleep

Founder
Meme Tier VIP
May 20, 2012
572
11,023
6
Nice add konsowa, think i used similar code to that on some of my hacks also, next time though post it in a seperate topic please. This time il leave it before they both perform the same thing.

Fleep
 
T

till0sch

Respected Hacker
Dank Tier VIP
Dank Tier Donator
Oct 14, 2012
1,104
12,593
51
For those of you who want to write byte arrays (-> opcodes):

public static void WriteByteArray(string EXENAME, int address, byte[] bytes)
{
for (int i = 0; i < bytes.Length; i++)
{
WriteByte(EXENAME, address + i, bytes);
}
}

When it writes the opcodes a bit uncorrect and you gave it the right opcode hex bytes, then change this in ReadByte:
WriteProcessMemoryByte(Handle,Address,ref Value,2,ref Bytes);

to WriteProcessMemoryByte(Handle,Address,ref Value,1,ref Bytes);

Read a string (also can be useful)

public static string ReadStringUntilNULL(string EXENAME, int Address)
{
string value = "";
bool endOfString = false;
int counter = 0;
while (!endOfString)
{
if (ReadByte(EXENAME, Address + counter) > (byte)0)
{
value += (char)ReadByte(EXENAME, Address + counter);
}
else
{
return value;
}
counter++;
}
return value;
}

Write string:

public static void WriteString(string EXENAME, int Address, string value)
{
if (value != null)
{
int counter = 0;
foreach (char chr in value.ToCharArray())
{
Trainer.WriteByte(EXENAME, Address + counter, (byte)chr);
counter++;
}
}
}




Just wanted to add this, maybe you'll need this function at some time!
 
Log in to post or download attachments
Similar threads
Thread starter Title Forum Replies Date
zix3r Question [C#] How can I get started on making my own memory class for reading and writing memory? C# Coding and Game Hacking 2
Zaoh Solved COD Advanced Warfare - Problem Writing to Memory C# Questions & Answers - Hacking Help 8
timb3r Tutorial From start to finish: Writing a Bad Company 2 Hack GamePhreakers - Game Modding Tutorials 8
HexMurder Solved Cannot open dll for writing after injecting Questions & Answers - Hacking Help 10

Similar threads

Community Mods
Top Bottom