EasyToUse MemoryReading/Writing Class

  • Thread starter Sleinzel
  • Start date
  • Replies 4
  • Views 3K
Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat
S

Sleinzel

This is a simple MemoryReading/Writing Class I used in one of my projects:


C++:
class Memory
{
    public static int proccID;
    public static IntPtr pHandle;

    #region DllImports
    [DllImport("kernel32.dll")]
    private static extern bool WriteProcessMemory(IntPtr hProcess, UIntPtr lpBaseAddress, byte[] lpBuffer, UIntPtr nSize, IntPtr lpNumberOfBytesWritten);

    [DllImport("kernel32.dll")]
    private static extern IntPtr OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);

    [DllImport("kernel32.dll")]
    private static extern bool _CloseHandle(IntPtr hObject);

    [DllImport("kernel32.dll")]
    private static extern bool ReadProcessMemory(IntPtr hProcess, UIntPtr lpBaseAddress, [Out] byte[] lpBuffer, UIntPtr nSize, IntPtr lpNumberOfBytesRead);
    #endregion

    public static void OpenProcess(string ProcName)
    {
      Process[] procs = Process.GetProcessesByName(ProcName);
      if (procs.Length == 0)
      {
        proccID = 0;
      }
      else
      {
        proccID = procs[0].Id;
        pHandle = OpenProcess(0x1F0FFF, false, proccID);
      }

    }
    public static int readInt(long Address)
    {
      byte[] buffer = new byte[sizeof(int)];
      ReadProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)4, IntPtr.Zero);
      return BitConverter.ToInt32(buffer, 0);
    }
    public static uint readUInt(long Address)
    {
      byte[] buffer = new byte[sizeof(int)];
      ReadProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)4, IntPtr.Zero);
      return (uint)BitConverter.ToUInt32(buffer, 0);
    }
    public static float readFloat(long Address)
    {
      byte[] buffer = new byte[sizeof(float)];
      ReadProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)4, IntPtr.Zero);
      return BitConverter.ToSingle(buffer, 0);
    }
    public static string ReadString(long Address)
    {
      byte[] buffer = new byte[50];

      ReadProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)50, IntPtr.Zero);

      string ret = Encoding.Unicode.GetString(buffer);

      if (ret.IndexOf('\0') != -1)
        ret = ret.Remove(ret.IndexOf('\0'));
      return ret;
    }
    public static byte readByte(long Address)
    {
      byte[] buffer = new byte[1];
      ReadProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)1, IntPtr.Zero);
      return buffer[0];
    }
    public static void WriteFloat(long Address, float value)
    {
      byte[] buffer = BitConverter.GetBytes(value);
      WriteProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)buffer.Length, IntPtr.Zero);
    }
    public static void WriteInt(long Address, int value)
    {
      byte[] buffer = BitConverter.GetBytes(value);
      WriteProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)buffer.Length, IntPtr.Zero);
    }
    public static void WriteUInt(long Address, uint value)
    {
      byte[] buffer = BitConverter.GetBytes(value);
      WriteProcessMemory(pHandle, (UIntPtr)Address, buffer, (UIntPtr)buffer.Length, IntPtr.Zero);
    }
    public static void CloseProcess()
    {
       _CloseHandle(pHandle);
    }


  }

How To use It:

C++:
 Memory.OpenProcess("chrome.exe");
 float asdf = Memory.ReadFloat(0x999999);
 Memory.CloseProcess();
(Edit changed Quote tags to code Fl)

Have Fun
 

Fleep

Founder
Meme Tier VIP
May 20, 2012
572
11,023
6
Very useful code, shame C# always needs a lot to write to memory :/, good thing is its much more friendly to write than c++.

Thanks a lot for sharing.
 

konsowa

Coder
Full Member
Nobleman
May 24, 2012
178
753
3
Here is another one ;)


C++:
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;

namespace ProcessMemoryReaderLib
{
	/// <summary>
	/// ProcessMemoryReader is a class that enables direct reading a process memory
	/// </summary>
	class ProcessMemoryReaderApi
	{
		// constants information can be found in <winnt.h>
		[Flags]
		public enum ProcessAccessType
		{
			PROCESS_TERMINATE			= (0x0001),
			PROCESS_CREATE_THREAD		= (0x0002), 
			PROCESS_SET_SESSIONID		= (0x0004), 
			PROCESS_VM_OPERATION		= (0x0008), 
			PROCESS_VM_READ				= (0x0010), 
			PROCESS_VM_WRITE			= (0x0020), 
			PROCESS_DUP_HANDLE			= (0x0040), 
			PROCESS_CREATE_PROCESS		= (0x0080), 
			PROCESS_SET_QUOTA			= (0x0100), 
			PROCESS_SET_INFORMATION		= (0x0200), 
			PROCESS_QUERY_INFORMATION	= (0x0400) 
		}
		
		// function declarations are found in the MSDN and in <winbase.h> 
		
		//		HANDLE OpenProcess(
		//			DWORD dwDesiredAccess, // access flag
		//			BOOL bInheritHandle,  // handle inheritance option
		//			DWORD dwProcessId    // process identifier
		//			);
		[DllImport("kernel32.dll")]
		public static extern IntPtr OpenProcess(UInt32 dwDesiredAccess, Int32 bInheritHandle, UInt32 dwProcessId);

		//		BOOL CloseHandle(
		//			HANDLE hObject  // handle to object
		//			);
		[DllImport("kernel32.dll")]
		public static extern Int32 CloseHandle(IntPtr hObject);

		//		BOOL ReadProcessMemory(
		//			HANDLE hProcess,       // handle to the process
		//			LPCVOID lpBaseAddress,    // base of memory area
		//			LPVOID lpBuffer,       // data buffer
		//			SIZE_T nSize,         // number of bytes to read
		//			SIZE_T * lpNumberOfBytesRead // number of bytes read
		//			);
		[DllImport("kernel32.dll")]
		public static extern Int32 ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress,[In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesRead);
	
		//		BOOL WriteProcessMemory(
		//			HANDLE hProcess,        // handle to process
		//			LPVOID lpBaseAddress,      // base of memory area
		//			LPCVOID lpBuffer,        // data buffer
		//			SIZE_T nSize,          // count of bytes to write
		//			SIZE_T * lpNumberOfBytesWritten // count of bytes written
		//			);
		[DllImport("kernel32.dll")]
		public static extern Int32 WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress,[In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesWritten);

	}

	public class ProcessMemoryReader
	{

		public ProcessMemoryReader()
		{
		}

    /// <summary>	
		/// Process from which to read		
		/// </summary>
		public Process ReadProcess
		{
			get
			{
				return m_ReadProcess;
			}
			set
			{
				m_ReadProcess = value;
			}
		}

		private Process m_ReadProcess = null;

		private IntPtr m_hProcess = IntPtr.Zero;

		public void OpenProcess()
		{
//			m_hProcess = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ, 1, (uint)m_ReadProcess.Id);
			ProcessMemoryReaderApi.ProcessAccessType access;
			access = ProcessMemoryReaderApi.ProcessAccessType.PROCESS_VM_READ 
				| ProcessMemoryReaderApi.ProcessAccessType.PROCESS_VM_WRITE 
				| ProcessMemoryReaderApi.ProcessAccessType.PROCESS_VM_OPERATION;
				m_hProcess = ProcessMemoryReaderApi.OpenProcess((uint)access, 1, (uint)m_ReadProcess.Id);
		}

		public void CloseHandle()
		{
			int iRetValue;
			iRetValue = ProcessMemoryReaderApi.CloseHandle(m_hProcess);
			if (iRetValue == 0)
				throw new Exception("CloseHandle failed");
		}

		public byte[] ReadProcessMemory(IntPtr MemoryAddress, uint bytesToRead, out int bytesRead)
		{
			byte[] buffer = new byte[bytesToRead];
			
			IntPtr ptrBytesRead;
			ProcessMemoryReaderApi.ReadProcessMemory(m_hProcess,MemoryAddress,buffer ,bytesToRead,out ptrBytesRead);
			
			bytesRead = ptrBytesRead.ToInt32();

			return buffer;
		}

		public void WriteProcessMemory(IntPtr MemoryAddress, byte[] bytesToWrite ,out int bytesWritten)
		{
			IntPtr ptrBytesWritten;
			ProcessMemoryReaderApi.WriteProcessMemory(m_hProcess,MemoryAddress,bytesToWrite,(uint)bytesToWrite.Length,out ptrBytesWritten);
			
			bytesWritten = ptrBytesWritten.ToInt32();
		}

		


	}
}
 

Fleep

Founder
Meme Tier VIP
May 20, 2012
572
11,023
6
Nice add konsowa, think i used similar code to that on some of my hacks also, next time though post it in a seperate topic please. This time il leave it before they both perform the same thing.

Fleep
 

till0sch

Respected Hacker
Dank Tier VIP
Dank Tier Donator
Oct 14, 2012
1,107
12,593
51
For those of you who want to write byte arrays (-> opcodes):

public static void WriteByteArray(string EXENAME, int address, byte[] bytes)
{
for (int i = 0; i < bytes.Length; i++)
{
WriteByte(EXENAME, address + i, bytes);
}
}

When it writes the opcodes a bit uncorrect and you gave it the right opcode hex bytes, then change this in ReadByte:
WriteProcessMemoryByte(Handle,Address,ref Value,2,ref Bytes);

to WriteProcessMemoryByte(Handle,Address,ref Value,1,ref Bytes);

Read a string (also can be useful)

public static string ReadStringUntilNULL(string EXENAME, int Address)
{
string value = "";
bool endOfString = false;
int counter = 0;
while (!endOfString)
{
if (ReadByte(EXENAME, Address + counter) > (byte)0)
{
value += (char)ReadByte(EXENAME, Address + counter);
}
else
{
return value;
}
counter++;
}
return value;
}

Write string:

public static void WriteString(string EXENAME, int Address, string value)
{
if (value != null)
{
int counter = 0;
foreach (char chr in value.ToCharArray())
{
Trainer.WriteByte(EXENAME, Address + counter, (byte)chr);
counter++;
}
}
}




Just wanted to add this, maybe you'll need this function at some time!
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods League of Legends Accounts