EasyToUse MemoryReading/Writing Class

Sleinzel · May 24, 2012

This is a simple MemoryReading/Writing Class I used in one of my projects:

C++:

class Memory
{
    public static int proccID;
    public static IntPtr pHandle;

    #region DllImports
    [DllImport("kernel32.dll")]
    private static extern bool WriteProcessMemory(IntPtr hProcess, UIntPtr lpBaseAddress, byte[] lpBuffer, UIntPtr nSize, IntPtr lpNumberOfBytesWritten);

    [DllImport("kernel32.dll")]
    private static extern IntPtr OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);

    [DllImport("kernel32.dll")]
    private static extern bool _CloseHandle(IntPtr hObject);

    [DllImport("kernel32.dll")]
    private static extern bool ReadProcessMemory(IntPtr hProcess, UIntPtr lpBaseAddress, [Out] byte[] lpBuffer, UIntPtr nSize, IntPtr lpNumberOfBytesRead);
    #endregion

    public static void OpenProcess(string ProcName)
    {
      Process[] procs = Process.GetProcessesByName(ProcName);
      if (procs.Length == 0)
      {
        proccID = 0;
      }
      else
      {
        proccID = procs[0].Id;
        pHandle = OpenProcess(0x1F0FFF, false, proccID);
      }

    }
    public static int readInt(long Address)
    {
      byte[] buffer = new byte[sizeof(int)];
      ReadProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)4, IntPtr.Zero);
      return BitConverter.ToInt32(buffer, 0);
    }
    public static uint readUInt(long Address)
    {
      byte[] buffer = new byte[sizeof(int)];
      ReadProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)4, IntPtr.Zero);
      return (uint)BitConverter.ToUInt32(buffer, 0);
    }
    public static float readFloat(long Address)
    {
      byte[] buffer = new byte[sizeof(float)];
      ReadProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)4, IntPtr.Zero);
      return BitConverter.ToSingle(buffer, 0);
    }
    public static string ReadString(long Address)
    {
      byte[] buffer = new byte[50];

      ReadProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)50, IntPtr.Zero);

      string ret = Encoding.Unicode.GetString(buffer);

      if (ret.IndexOf('\0') != -1)
        ret = ret.Remove(ret.IndexOf('\0'));
      return ret;
    }
    public static byte readByte(long Address)
    {
      byte[] buffer = new byte[1];
      ReadProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)1, IntPtr.Zero);
      return buffer[0];
    }
    public static void WriteFloat(long Address, float value)
    {
      byte[] buffer = BitConverter.GetBytes(value);
      WriteProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)buffer.Length, IntPtr.Zero);
    }
    public static void WriteInt(long Address, int value)
    {
      byte[] buffer = BitConverter.GetBytes(value);
      WriteProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)buffer.Length, IntPtr.Zero);
    }
    public static void WriteUInt(long Address, uint value)
    {
      byte[] buffer = BitConverter.GetBytes(value);
      WriteProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)buffer.Length, IntPtr.Zero);
    }
    public static void CloseProcess()
    {
       _CloseHandle(pHandle);
    }


  }

How To use It:

C++:

 Memory.OpenProcess("chrome.exe");
 float asdf = Memory.ReadFloat(0x999999);
 Memory.CloseProcess();

(Edit changed Quote tags to code Fl)

Have Fun

Fleep · May 24, 2012

Very useful code, shame C# always needs a lot to write to memory :/, good thing is its much more friendly to write than c++.

Thanks a lot for sharing.

konsowa · May 24, 2012

Here is another one

C++:

using System;
using System.Diagnostics;
using System.Runtime.InteropServices;

namespace ProcessMemoryReaderLib
{
	/// <summary>
	/// ProcessMemoryReader is a class that enables direct reading a process memory
	/// </summary>
	class ProcessMemoryReaderApi
	{
		// constants information can be found in <winnt.h>
		[Flags]
		public enum ProcessAccessType
		{
			PROCESS_TERMINATE			= (0x0001),
			PROCESS_CREATE_THREAD		= (0x0002), 
			PROCESS_SET_SESSIONID		= (0x0004), 
			PROCESS_VM_OPERATION		= (0x0008), 
			PROCESS_VM_READ				= (0x0010), 
			PROCESS_VM_WRITE			= (0x0020), 
			PROCESS_DUP_HANDLE			= (0x0040), 
			PROCESS_CREATE_PROCESS		= (0x0080), 
			PROCESS_SET_QUOTA			= (0x0100), 
			PROCESS_SET_INFORMATION		= (0x0200), 
			PROCESS_QUERY_INFORMATION	= (0x0400) 
		}
		
		// function declarations are found in the MSDN and in <winbase.h> 
		
		//		HANDLE OpenProcess(
		//			DWORD dwDesiredAccess, // access flag
		//			BOOL bInheritHandle,  // handle inheritance option
		//			DWORD dwProcessId    // process identifier
		//			);
		[DllImport("kernel32.dll")]
		public static extern IntPtr OpenProcess(UInt32 dwDesiredAccess, Int32 bInheritHandle, UInt32 dwProcessId);

		//		BOOL CloseHandle(
		//			HANDLE hObject  // handle to object
		//			);
		[DllImport("kernel32.dll")]
		public static extern Int32 CloseHandle(IntPtr hObject);

		//		BOOL ReadProcessMemory(
		//			HANDLE hProcess,       // handle to the process
		//			LPCVOID lpBaseAddress,    // base of memory area
		//			LPVOID lpBuffer,       // data buffer
		//			SIZE_T nSize,         // number of bytes to read
		//			SIZE_T * lpNumberOfBytesRead // number of bytes read
		//			);
		[DllImport("kernel32.dll")]
		public static extern Int32 ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress,[In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesRead);
	
		//		BOOL WriteProcessMemory(
		//			HANDLE hProcess,        // handle to process
		//			LPVOID lpBaseAddress,      // base of memory area
		//			LPCVOID lpBuffer,        // data buffer
		//			SIZE_T nSize,          // count of bytes to write
		//			SIZE_T * lpNumberOfBytesWritten // count of bytes written
		//			);
		[DllImport("kernel32.dll")]
		public static extern Int32 WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress,[In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesWritten);

	}

	public class ProcessMemoryReader
	{

		public ProcessMemoryReader()
		{
		}

    /// <summary>	
		/// Process from which to read		
		/// </summary>
		public Process ReadProcess
		{
			get
			{
				return m_ReadProcess;
			}
			set
			{
				m_ReadProcess = value;
			}
		}

		private Process m_ReadProcess = null;

		private IntPtr m_hProcess = IntPtr.Zero;

		public void OpenProcess()
		{
//			m_hProcess = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ, 1, (uint)m_ReadProcess.Id);
			ProcessMemoryReaderApi.ProcessAccessType access;
			access = ProcessMemoryReaderApi.ProcessAccessType.PROCESS_VM_READ 
				| ProcessMemoryReaderApi.ProcessAccessType.PROCESS_VM_WRITE 
				| ProcessMemoryReaderApi.ProcessAccessType.PROCESS_VM_OPERATION;
				m_hProcess = ProcessMemoryReaderApi.OpenProcess((uint)access, 1, (uint)m_ReadProcess.Id);
		}

		public void CloseHandle()
		{
			int iRetValue;
			iRetValue = ProcessMemoryReaderApi.CloseHandle(m_hProcess);
			if (iRetValue == 0)
				throw new Exception("CloseHandle failed");
		}

		public byte[] ReadProcessMemory(IntPtr MemoryAddress, uint bytesToRead, out int bytesRead)
		{
			byte[] buffer = new byte[bytesToRead];
			
			IntPtr ptrBytesRead;
			ProcessMemoryReaderApi.ReadProcessMemory(m_hProcess,MemoryAddress,buffer ,bytesToRead,out ptrBytesRead);
			
			bytesRead = ptrBytesRead.ToInt32();

			return buffer;
		}

		public void WriteProcessMemory(IntPtr MemoryAddress, byte[] bytesToWrite ,out int bytesWritten)
		{
			IntPtr ptrBytesWritten;
			ProcessMemoryReaderApi.WriteProcessMemory(m_hProcess,MemoryAddress,bytesToWrite,(uint)bytesToWrite.Length,out ptrBytesWritten);
			
			bytesWritten = ptrBytesWritten.ToInt32();
		}

		


	}
}

Fleep · May 24, 2012

Nice add konsowa, think i used similar code to that on some of my hacks also, next time though post it in a seperate topic please. This time il leave it before they both perform the same thing.

Fleep

till0sch · Mar 22, 2013

For those of you who want to write byte arrays (-> opcodes):

public static void WriteByteArray(string EXENAME, int address, byte[] bytes)
{
for (int i = 0; i < bytes.Length; i++)
{
WriteByte(EXENAME, address + i, bytes);
}
}

When it writes the opcodes a bit uncorrect and you gave it the right opcode hex bytes, then change this in ReadByte:
WriteProcessMemoryByte(Handle,Address,ref Value,2,ref Bytes);

to WriteProcessMemoryByte(Handle,Address,ref Value,1,ref Bytes);

Read a string (also can be useful)

public static string ReadStringUntilNULL(string EXENAME, int Address)
{
string value = "";
bool endOfString = false;
int counter = 0;
while (!endOfString)
{
if (ReadByte(EXENAME, Address + counter) > (byte)0)
{
value += (char)ReadByte(EXENAME, Address + counter);
}
else
{
return value;
}
counter++;
}
return value;
}

Write string:

public static void WriteString(string EXENAME, int Address, string value)
{
if (value != null)
{
int counter = 0;
foreach (char chr in value.ToCharArray())
{
Trainer.WriteByte(EXENAME, Address + counter, (byte)chr);
counter++;
}
}
}

Just wanted to add this, maybe you'll need this function at some time!

Thread starter	Similar threads	Forum	Replies	Date
	Solved Trouble Writing Float Value in Kernel	Questions & Answers - Hacking Help	9	Jul 20, 2020
	Tutorial From start to finish: Writing a Bad Company 2 Hack	GamePhreakers - Game Modding Tutorials	8	Jul 10, 2020
	Solved Cannot open dll for writing after injecting	Questions & Answers - Hacking Help	10	Jun 13, 2020
	Solved CSGO writing to camera angles directly	CSGO Hacks - Questions & Answers	9	May 7, 2020
	Solved parallel memory reading and writing	Questions & Answers - Hacking Help	5	Dec 12, 2019
E	Solved Keep Writing	C / C++ Coding and Game Hacking	14	Apr 11, 2019
C	Solved Writing MMORPG bot with Python	Questions & Answers - Hacking Help	5	Mar 13, 2019
N	Solved Reading/Writing memory to Linux host from Windows Guest VM.	Questions & Answers - Hacking Help	4	Jan 22, 2019
Y	Solved C++ Writing Multi Level Pointer	Cheat Engine & Pointers	4	Jan 4, 2019
C	Solved Writing up your own MemManager.	CSGO Hacks - Questions & Answers	5	Nov 28, 2018

Search

Search

EasyToUse MemoryReading/Writing Class

Sleinzel

Fleep

Founder

konsowa

Coder

Fleep

Founder

till0sch

Respected Hacker