Pictures would help...
can sum1 tell me how to use the write process memory function?
ive got this
"ProcessHandle" and "address" are two variables which i have declared and all, all i need to know is wat i need to put in for "newdata" and "newdatasize"?Code:WriteProcessMemory(ProcessHandle,address, &newdata, newdatasize, NULL);
is new data the new value for the address?
i think newdatasize is a signature?
can sum1 help plz?
Pictures would help...
I could be wrong but, I thought there were countless examples of WPM on this forum as is. I posted an example as well. I see you want a give away so truth be told it's as easy as:
Code:#include <windows.h> void write(LPVOID addy, DWORD mydata); void enableDebugPrivileges(); void urMemoryInjection(); void write(LPVOID addy, DWORD mydata) { DWORD PID, TID; TID = ::GetWindowThreadProcessId (hHack, &PID); HANDLE hopen=OpenProcess( PROCESS_ALL_ACCESS|PROCESS_TERMINATE|PROCESS_VM_OPERATION|PROCESS_VM_READ| PROCESS_VM_WRITE,FALSE,PID); WriteProcessMemory(hopen,addy,&mydata,1,0); CloseHandle(hopen); } void enableDebugPrivileges() { HANDLE hcurrent=GetCurrentProcess(); HANDLE hToken; BOOL bret=OpenProcessToken(hcurrent,40,&hToken); LUID luid; bret=LookupPrivilegeValue(NULL,"SeDebugPrivilege",&luid); TOKEN_PRIVILEGES NewState,PreviousState; DWORD ReturnLength; NewState.PrivilegeCount =1; NewState.Privileges[0].Luid =luid; NewState.Privileges[0].Attributes=2; AdjustTokenPrivileges(hToken,FALSE,&NewState,28,&PreviousState,&ReturnLength); } void urMemoryInjection() { write((LPVOID)0xOFFSET1, 0xBYTE1); }
so all i need is:
WriteProcessMemory(processHandle, Address, Value, Bytes, Nothing)
^^^^^^^^^^^^^^^i got the above from a VB tut but what does bytes mean??
i usually see this in source codes as sumthin like:
or sumthin like that?Code:newdatasize = ( {0x0} {0x74}..........................}
but wat does the words in red stand for?Code:WriteProcessMemory(ProcessHandle,0x00000000,&mydata,1,0);
so i just declare mydata as whatever i want to change the address value to?Code:int mydata = 4000 WriteProcessMemory(ProcessHandle,0x000000,&mydata,1,0);
and what does the 1 and 0 stand for?
sorry, its just ive got everything else like findprocessid and all working, its just this function that getting tricky
(btw 0x00000000 is not the actual address, just a representation of it)
Last edited by qsc; 05-10-2009 at 06:41 AM.
I really can't get what hes saying...If I could,I would help tho...
ive got the FindWindow,GetWindowThreadProcessId and OpenProcess functions working fine.
but when itry to use the writeprocessmemory function, i cant work out what to put in the brackets.
ive got this basic code:
ive already declared "address" as a variable usingCode:WriteProcessMemory(ProcessHandle,address, &newdata, newdatasize, NULL);
and ive got the "ProcessHandle" value from the other funtions.Code:LPVOID address = (void*) 0x000000;
MY PROBLEM IS THAT I DONT KNOW HOW TO DECLARE "newdata" and "newdatasize"
Oh, I didn't check this thread recently. Any way you got it confused. Value is the 'bytes to write' and Byte is the 'length,' so WriteProcessMemory(processHandle, Offset, Byte, Length, Nothing) is technically what it should read. But you don't change those at all, dude, you modify the
only. The example I gave you is ready to rock. Notice offset1, byte1.Code:void urMemoryInjection() { write((LPVOID)0xOFFSET1, 0xBYTE1); }
Sorry if i sound like a n00b, but wat ure saying is that i do this in my main.cpp (not alone but in with the rest of my code):
and leave it as it is, and then put the urMemoryInjection function under all my code.Code:WriteProcessMemory(ProcessHandle,address, &newdata, newdatasize, NULL);
but im just wonderin wen does the urMemoryInjection function get called?
do i have to change the writeprocessmemory to this:
????????Code:urMemoryFunction(ProcessHandle,address, &newdata, newdatasize, NULL);
also in urMemoryFunction, if byte is the value to change the memory adress to, then why is it written like 0x0, can it not be written as just a standard integer?
If you don't understand the definition of WriteProcessMemory on MSDN Library, you should be programming this in C++.
WriteProcessMemory Function (Windows)
It's a pretty basic API
I Have now realised that the data to write has to be in a pointer, how do i put data in a pointer ??Code:LPVOID addy = (void*) 0x000000; BOOL WINAPI WriteProcessMemory( __in HANDLE ProcessHandle, __in LPVOID addy, __in LPCVOID lpBuffer, __in SIZE_T sizeof(lpbuffer), __out SIZE_T *NULL );
Don't try to mix our codes.
i used ur code :
but got an error that hHack wasnt declared: so i changed the parts of code in red:Code:#include <windows.h> void write(LPVOID addy, DWORD mydata); void enableDebugPrivileges(); void urMemoryInjection(); void write(LPVOID addy, DWORD mydata) { DWORD PID, TID; TID = ::GetWindowThreadProcessId (hHack, &PID); HANDLE hopen=OpenProcess( PROCESS_ALL_ACCESS|PROCESS_TERMINATE|PROCESS_VM_OPERATION|PROCESS_VM_READ| PROCESS_VM_WRITE,FALSE,PID); WriteProcessMemory(hopen,addy,&mydata,1,0); CloseHandle(hopen); } void enableDebugPrivileges() { HANDLE hcurrent=GetCurrentProcess(); HANDLE hToken; BOOL bret=OpenProcessToken(hcurrent,40,&hToken); LUID luid; bret=LookupPrivilegeValue(NULL,"SeDebugPrivilege",&luid); TOKEN_PRIVILEGES NewState,PreviousState; DWORD ReturnLength; NewState.PrivilegeCount =1; NewState.Privileges[0].Luid =luid; NewState.Privileges[0].Attributes=2; AdjustTokenPrivileges(hToken,FALSE,&NewState,28,&PreviousState,&ReturnLength); } void urMemoryInjection() { write((LPVOID)0xOFFSET1, 0xBYTE1); }
I Changed the OFFSET1 to 0x040005 and BYTE1 to 0x90Code:#include <windows.h> void write(LPVOID addy, DWORD mydata); void enableDebugPrivileges(); int main(); void write(LPVOID addy, DWORD mydata) { DWORD PID, TID; HWND hHack; TID = ::GetWindowThreadProcessId (hHack, &PID); HANDLE hopen=OpenProcess( PROCESS_ALL_ACCESS|PROCESS_TERMINATE|PROCESS_VM_OPERATION|PROCESS_VM_READ| PROCESS_VM_WRITE,FALSE,PID); WriteProcessMemory(hopen,addy,&mydata,1,0); CloseHandle(hopen); } void enableDebugPrivileges() { HANDLE hcurrent=GetCurrentProcess(); HANDLE hToken; BOOL bret=OpenProcessToken(hcurrent,40,&hToken); LUID luid; bret=LookupPrivilegeValue(NULL,"SeDebugPrivilege",&luid); TOKEN_PRIVILEGES NewState,PreviousState; DWORD ReturnLength; NewState.PrivilegeCount =1; NewState.Privileges[0].Luid =luid; NewState.Privileges[0].Attributes=2; AdjustTokenPrivileges(hToken,FALSE,&NewState,28,&PreviousState,&ReturnLength); } int main() { write((LPVOID)0x040005 , 0x90); }
and i got an error that hHack wasnt declared so i added HWND Hhack;
everything compiled fine until the linker part where it gave me an error
so i changed urMemoryInjection() to int main() which seemed to solve the problem.
SO THIS CODE SHOULD WRITE "90" TO THE ADDRESS 0x040005 ????
ALSO, ONE QUESTION. HOW DOES IT KNOW WHICH PROCESS TO CHANGE THE MEMORY OF? In My other cpp i had :
thx for the help so far!Code:HWND gamewindow; gamewindow = FindWindow(NULL, "CrossFire");
Last edited by qsc; 05-12-2009 at 08:04 AM.
Yeah you fucked it up, i'll paste a working model, ready to use, when I get home. =\ You have main() twice instead of memoryinjection() and hwnd has to include 'findwindow("name")' but i'll post it soon if you don't figure it out or someone beats me to it.