writeprocessmemory function

[qsc]

can sum1 tell me how to use the write process memory function?

ive got this

Code:

WriteProcessMemory(ProcessHandle,address, &newdata, newdatasize, NULL);

"ProcessHandle" and "address" are two variables which i have declared and all, all i need to know is wat i need to put in for "newdata" and "newdatasize"?

is new data the new value for the address?
i think newdatasize is a signature?

can sum1 help plz?

[A⁴]

Pictures would help...

[Toymaker]

I could be wrong but, I thought there were countless examples of WPM on this forum as is. I posted an example as well. I see you want a give away so truth be told it's as easy as:

Code:

#include <windows.h>
void write(LPVOID addy, DWORD mydata);
void enableDebugPrivileges();
void urMemoryInjection();
    void write(LPVOID addy, DWORD mydata) {
    DWORD PID, TID;
    TID = ::GetWindowThreadProcessId (hHack, &PID);
    HANDLE hopen=OpenProcess( PROCESS_ALL_ACCESS|PROCESS_TERMINATE|PROCESS_VM_OPERATION|PROCESS_VM_READ|
    PROCESS_VM_WRITE,FALSE,PID);
    WriteProcessMemory(hopen,addy,&mydata,1,0);
    CloseHandle(hopen);  
}
     
    void enableDebugPrivileges() {
    HANDLE hcurrent=GetCurrentProcess();
    HANDLE hToken;
    BOOL bret=OpenProcessToken(hcurrent,40,&hToken);
    LUID luid;
    bret=LookupPrivilegeValue(NULL,"SeDebugPrivilege",&luid);
    TOKEN_PRIVILEGES NewState,PreviousState;
    DWORD ReturnLength;
    NewState.PrivilegeCount =1;
    NewState.Privileges[0].Luid =luid;
    NewState.Privileges[0].Attributes=2;
    AdjustTokenPrivileges(hToken,FALSE,&NewState,28,&PreviousState,&ReturnLength);
}
     
     void urMemoryInjection() {
          write((LPVOID)0xOFFSET1, 0xBYTE1);
          }

[qsc]

so all i need is:

WriteProcessMemory(processHandle, Address, Value, Bytes, Nothing)

^^^^^^^^^^^^^^^i got the above from a VB tut but what does bytes mean??
i usually see this in source codes as sumthin like:

Code:

newdatasize = ( {0x0} {0x74}..........................}

or sumthin like that?

Code:

WriteProcessMemory(ProcessHandle,0x00000000,&mydata,1,0);

but wat does the words in red stand for?

Code:

int mydata = 4000
WriteProcessMemory(ProcessHandle,0x000000,&mydata,1,0);

so i just declare mydata as whatever i want to change the address value to?
and what does the 1 and 0 stand for?

sorry, its just ive got everything else like findprocessid and all working, its just this function that getting tricky

(btw 0x00000000 is not the actual address, just a representation of it)

[qsc]

so all i need is:

WriteProcessMemory(processHandle, Address, Value, Bytes, Nothing)

^^^^^^^^^^^^^^^i got the above from a VB tut but what does bytes mean??
i usually see this in source codes as sumthin like:

Code:

newdatasize = ( {0x0} {0x74}..........................}

or sumthin like that?

Code:

WriteProcessMemory(ProcessHandle,0x00000000,&mydata,1,0);

but wat does the words in red stand for?

Code:

int mydata = 4000
WriteProcessMemory(ProcessHandle,0x000000,&mydata,1,0);

so i just declare mydata as whatever i want to change the address value to?
and what does the 1 and 0 stand for?

sorry, its just ive got everything else like findprocessid and all working, its just this function that getting tricky

(btw 0x00000000 is not the actual address, just a representation of it)

BUMP????????

[A⁴]

I really can't get what hes saying...If I could,I would help tho...

[qsc]

I really can't get what hes saying...If I could,I would help tho...

ive got the FindWindow,GetWindowThreadProcessId and OpenProcess functions working fine.

but when itry to use the writeprocessmemory function, i cant work out what to put in the brackets.

ive got this basic code:

Code:

WriteProcessMemory(ProcessHandle,address, &newdata, newdatasize, NULL);

ive already declared "address" as a variable using

Code:

LPVOID address = (void*) 0x000000;

and ive got the "ProcessHandle" value from the other funtions.

MY PROBLEM IS THAT I DONT KNOW HOW TO DECLARE "newdata" and "newdatasize"

[Toymaker]

Oh, I didn't check this thread recently. Any way you got it confused. Value is the 'bytes to write' and Byte is the 'length,' so WriteProcessMemory(processHandle, Offset, Byte, Length, Nothing) is technically what it should read. But you don't change those at all, dude, you modify the

Code:

     void urMemoryInjection() {
          write((LPVOID)0xOFFSET1, 0xBYTE1);
          }

only. The example I gave you is ready to rock. Notice offset1, byte1.

[qsc]

Oh, I didn't check this thread recently. Any way you got it confused. Value is the 'bytes to write' and Byte is the 'length,' so WriteProcessMemory(processHandle, Offset, Byte, Length, Nothing) is technically what it should read. But you don't change those at all, dude, you modify the

Code:

     void urMemoryInjection() {
          write((LPVOID)0xOFFSET1, 0xBYTE1);
          }

only. The example I gave you is ready to rock. Notice offset1, byte1.

Sorry if i sound like a n00b, but wat ure saying is that i do this in my main.cpp (not alone but in with the rest of my code):

Code:

WriteProcessMemory(ProcessHandle,address, &newdata, newdatasize, NULL);

and leave it as it is, and then put the urMemoryInjection function under all my code.

but im just wonderin wen does the urMemoryInjection function get called?
do i have to change the writeprocessmemory to this:

Code:

urMemoryFunction(ProcessHandle,address, &newdata, newdatasize, NULL);

????????

also in urMemoryFunction, if byte is the value to change the memory adress to, then why is it written like 0x0, can it not be written as just a standard integer?

[radnomguywfq3]

If you don't understand the definition of WriteProcessMemory on MSDN Library, you should be programming this in C++.

WriteProcessMemory Function (Windows)

It's a pretty basic API

[qsc]

If you don't understand the definition of WriteProcessMemory on MSDN Library, you should be programming this in C++.

WriteProcessMemory Function (Windows)

It's a pretty basic API

Code:

LPVOID addy = (void*) 0x000000;

BOOL WINAPI WriteProcessMemory(
  __in   HANDLE ProcessHandle,
  __in   LPVOID addy,
  __in   LPCVOID lpBuffer,
  __in   SIZE_T sizeof(lpbuffer),
  __out  SIZE_T *NULL
);

I Have now realised that the data to write has to be in a pointer, how do i put data in a pointer ??

[Toymaker]

Don't try to mix our codes.

[qsc]

Don't try to mix our codes.

i used ur code :

Code:

#include <windows.h>
void write(LPVOID addy, DWORD mydata);
void enableDebugPrivileges();
void urMemoryInjection();
    void write(LPVOID addy, DWORD mydata) {
    DWORD PID, TID;
    TID = ::GetWindowThreadProcessId (hHack, &PID);
    HANDLE hopen=OpenProcess( PROCESS_ALL_ACCESS|PROCESS_TERMINATE|PROCESS_VM_OPERATION|PROCESS_VM_READ|
    PROCESS_VM_WRITE,FALSE,PID);
    WriteProcessMemory(hopen,addy,&mydata,1,0);
    CloseHandle(hopen);  
}
     
    void enableDebugPrivileges() {
    HANDLE hcurrent=GetCurrentProcess();
    HANDLE hToken;
    BOOL bret=OpenProcessToken(hcurrent,40,&hToken);
    LUID luid;
    bret=LookupPrivilegeValue(NULL,"SeDebugPrivilege",&luid);
    TOKEN_PRIVILEGES NewState,PreviousState;
    DWORD ReturnLength;
    NewState.PrivilegeCount =1;
    NewState.Privileges[0].Luid =luid;
    NewState.Privileges[0].Attributes=2;
    AdjustTokenPrivileges(hToken,FALSE,&NewState,28,&PreviousState,&ReturnLength);
}
     
     void urMemoryInjection() {
          write((LPVOID)0xOFFSET1, 0xBYTE1);
          }

but got an error that hHack wasnt declared: so i changed the parts of code in red:

Code:

#include <windows.h>
void write(LPVOID addy, DWORD mydata);
void enableDebugPrivileges();
int main();
    void write(LPVOID addy, DWORD mydata) {
    DWORD PID, TID;
    HWND hHack;
    TID = ::GetWindowThreadProcessId (hHack, &PID);
    HANDLE hopen=OpenProcess( PROCESS_ALL_ACCESS|PROCESS_TERMINATE|PROCESS_VM_OPERATION|PROCESS_VM_READ|
    PROCESS_VM_WRITE,FALSE,PID);
    WriteProcessMemory(hopen,addy,&mydata,1,0);
    CloseHandle(hopen);  
}
     
    void enableDebugPrivileges() {
    HANDLE hcurrent=GetCurrentProcess();
    HANDLE hToken;
    BOOL bret=OpenProcessToken(hcurrent,40,&hToken);
    LUID luid;
    bret=LookupPrivilegeValue(NULL,"SeDebugPrivilege",&luid);
    TOKEN_PRIVILEGES NewState,PreviousState;
    DWORD ReturnLength;
    NewState.PrivilegeCount =1;
    NewState.Privileges[0].Luid =luid;
    NewState.Privileges[0].Attributes=2;
    AdjustTokenPrivileges(hToken,FALSE,&NewState,28,&PreviousState,&ReturnLength);
}
     
     int main() {
          write((LPVOID)0x040005 , 0x90);
          }

I Changed the OFFSET1 to 0x040005 and BYTE1 to 0x90
and i got an error that hHack wasnt declared so i added HWND Hhack;

everything compiled fine until the linker part where it gave me an error
so i changed urMemoryInjection() to int main() which seemed to solve the problem.

SO THIS CODE SHOULD WRITE "90" TO THE ADDRESS 0x040005 ????

ALSO, ONE QUESTION. HOW DOES IT KNOW WHICH PROCESS TO CHANGE THE MEMORY OF? In My other cpp i had :

Code:

HWND gamewindow;
gamewindow = FindWindow(NULL, "CrossFire");

thx for the help so far!

[Toymaker]

Yeah you fucked it up, i'll paste a working model, ready to use, when I get home. =\ You have main() twice instead of memoryinjection() and hwnd has to include 'findwindow("name")' but i'll post it soon if you don't figure it out or someone beats me to it.

[qsc]

Yeah you fucked it up, i'll paste a working model, ready to use, when I get home. = You have main() twice instead of memoryinjection() and hwnd has to include 'findwindow("name")' but i'll post it soon if you don't figure it out or someone beats me to it.

thx alot! your really helpful ty
alot easier to learn when people arent all secretive