heres a memory searcher i wrote, also, quite awhile ago. hope it helps in anyway.
Code:
#include <windows.h>
#include <iostream>
class CMemory
{
public:
BOOL SearchMemory(BYTE *Find, DWORD dwStart, DWORD dwEnd, DWORD pID)
{
DWORD dwLength = (dwEnd - dwStart) + 1;
BYTE *dwBuffer = new BYTE[dwLength], dwReadByte;
DWORD BufferPosition = 0, dwCurrent = 0, dwOldProtection;
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pID);
BOOL bReturn = FALSE;
VirtualProtectEx(hProcess, (void *)dwStart, dwLength, PAGE_EXECUTE_READ, &dwOldProtection);
for (dwCurrent = dwStart; dwCurrent <= dwEnd; dwCurrent++)
{
ReadProcessMemory(hProcess, (LPCVOID)dwCurrent, (LPVOID)&dwReadByte, 1, 0);
dwBuffer[BufferPosition] = dwReadByte;
BufferPosition++;
}
VirtualProtectEx(hProcess, (void *)dwStart, dwLength, dwOldProtection, &dwOldProtection);
std::cout << std::endl;
DWORD dwFindLen = strlen((char *)Find);
BYTE *bBufferEnd = &dwBuffer[ dwLength - dwFindLen + 1 ];
BYTE *Current = dwBuffer;
for (;Current < bBufferEnd; Current++)
{
if (*Current == *Find)
{
if (!memcmp(Current + 1, Find + 1, dwFindLen - 1))
{
bReturn = TRUE;
break;
}
}
}
delete [] dwBuffer;
return bReturn;
};
};
int main ()
{
DWORD dwPid;
char Search[ 0x100 ];
std::cout << "Search? ";
std::cin.getline( Search, 0x100 );
std::cout << "Pid: ";
std::cin >> dwPid;
CMemory *myMemory = new CMemory;
if (myMemory->SearchMemory((BYTE *)Search, 0x00400000, 0x00409050, dwPid))
{
std: :cout << "Found\n";
} else {
std::cout << "Not found\n";
}
delete myMemory;
return 0;
}