writeprocessmemory function
writeprocessmemory function
can sum1 tell me how to use the write process memory function?
ive got this
"ProcessHandle" and "address" are two variables which i have declared and all, all i need to know is wat i need to put in for "newdata" and "newdatasize"?
is new data the new value for the address?
i think newdatasize is a signature?
can sum1 help plz?
ive got this
Code:
WriteProcessMemory(ProcessHandle,address, &newdata, newdatasize, NULL);
is new data the new value for the address?
i think newdatasize is a signature?
can sum1 help plz?
Pictures would help...
I could be wrong but, I thought there were countless examples of WPM on this forum as is. I posted an example as well. I see you want a give away so truth be told it's as easy as:
Code:
#include <windows.h>
void write(LPVOID addy, DWORD mydata);
void enableDebugPrivileges();
void urMemoryInjection();
void write(LPVOID addy, DWORD mydata) {
DWORD PID, TID;
TID = ::GetWindowThreadProcessId (hHack, &PID);
HANDLE hopen=OpenProcess( PROCESS_ALL_ACCESS|PROCESS_TERMINATE|PROCESS_VM_OPERATION|PROCESS_VM_READ|
PROCESS_VM_WRITE,FALSE,PID);
WriteProcessMemory(hopen,addy,&mydata,1,0);
CloseHandle(hopen);
}
void enableDebugPrivileges() {
HANDLE hcurrent=GetCurrentProcess();
HANDLE hToken;
BOOL bret=OpenProcessToken(hcurrent,40,&hToken);
LUID luid;
bret=LookupPrivilegeValue(NULL,"SeDebugPrivilege",&luid);
TOKEN_PRIVILEGES NewState,PreviousState;
DWORD ReturnLength;
NewState.PrivilegeCount =1;
NewState.Privileges[0].Luid =luid;
NewState.Privileges[0].Attributes=2;
AdjustTokenPrivileges(hToken,FALSE,&NewState,28,&PreviousState,&ReturnLength);
}
void urMemoryInjection() {
write((LPVOID)0xOFFSET1, 0xBYTE1);
}
so all i need is:
WriteProcessMemory(processHandle, Address, Value, Bytes, Nothing)
^^^^^^^^^^^^^^^i got the above from a VB tut but what does bytes mean??
i usually see this in source codes as sumthin like:
or sumthin like that?
but wat does the words in red stand for?
so i just declare mydata as whatever i want to change the address value to?
and what does the 1 and 0 stand for?
sorry, its just ive got everything else like findprocessid and all working, its just this function that getting tricky
(btw 0x00000000 is not the actual address, just a representation of it)
WriteProcessMemory(processHandle, Address, Value, Bytes, Nothing)
^^^^^^^^^^^^^^^i got the above from a VB tut but what does bytes mean??
i usually see this in source codes as sumthin like:
Code:
newdatasize = ( {0x0} {0x74}..........................}
Code:
WriteProcessMemory(ProcessHandle,0x00000000,&mydata,1,0);
Code:
int mydata = 4000 WriteProcessMemory(ProcessHandle,0x000000,&mydata,1,0);
and what does the 1 and 0 stand for?
sorry, its just ive got everything else like findprocessid and all working, its just this function that getting tricky
(btw 0x00000000 is not the actual address, just a representation of it)
Originally Posted by qsc
so all i need is:
WriteProcessMemory(processHandle, Address, Value, Bytes, Nothing)
^^^^^^^^^^^^^^^i got the above from a VB tut but what does bytes mean??
i usually see this in source codes as sumthin like:
or sumthin like that?
but wat does the words in red stand for?
so i just declare mydata as whatever i want to change the address value to?
and what does the 1 and 0 stand for?
sorry, its just ive got everything else like findprocessid and all working, its just this function that getting tricky
(btw 0x00000000 is not the actual address, just a representation of it)
WriteProcessMemory(processHandle, Address, Value, Bytes, Nothing)
^^^^^^^^^^^^^^^i got the above from a VB tut but what does bytes mean??
i usually see this in source codes as sumthin like:
Code:
newdatasize = ( {0x0} {0x74}..........................}
Code:
WriteProcessMemory(ProcessHandle,0x00000000,&mydata,1,0);
Code:
int mydata = 4000 WriteProcessMemory(ProcessHandle,0x000000,&mydata,1,0);
and what does the 1 and 0 stand for?
sorry, its just ive got everything else like findprocessid and all working, its just this function that getting tricky
(btw 0x00000000 is not the actual address, just a representation of it)
I really can't get what hes saying...If I could,I would help tho...
Originally Posted by OMGitsasabotage!
I really can't get what hes saying...If I could,I would help tho...
but when itry to use the writeprocessmemory function, i cant work out what to put in the brackets.
ive got this basic code:
Code:
WriteProcessMemory(ProcessHandle,address, &newdata, newdatasize, NULL);
Code:
LPVOID address = (void*) 0x000000;
MY PROBLEM IS THAT I DONT KNOW HOW TO DECLARE "newdata" and "newdatasize"
Oh, I didn't check this thread recently. Any way you got it confused. Value is the 'bytes to write' and Byte is the 'length,' so WriteProcessMemory(processHandle, Offset, Byte, Length, Nothing) is technically what it should read. But you don't change those at all, dude, you modify the
only. The example I gave you is ready to rock. Notice offset1, byte1.
Code:
void urMemoryInjection() {
write((LPVOID)0xOFFSET1, 0xBYTE1);
}
Originally Posted by Toymaker
Oh, I didn't check this thread recently. Any way you got it confused. Value is the 'bytes to write' and Byte is the 'length,' so WriteProcessMemory(processHandle, Offset, Byte, Length, Nothing) is technically what it should read. But you don't change those at all, dude, you modify the
only. The example I gave you is ready to rock. Notice offset1, byte1.
Code:
void urMemoryInjection() {
write((LPVOID)0xOFFSET1, 0xBYTE1);
}
Code:
WriteProcessMemory(ProcessHandle,address, &newdata, newdatasize, NULL);
but im just wonderin wen does the urMemoryInjection function get called?
do i have to change the writeprocessmemory to this:
Code:
urMemoryFunction(ProcessHandle,address, &newdata, newdatasize, NULL);
also in urMemoryFunction, if byte is the value to change the memory adress to, then why is it written like 0x0, can it not be written as just a standard integer?
If you don't understand the definition of WriteProcessMemory on MSDN Library, you should be programming this in C++.
WriteProcessMemory Function (Windows)
It's a pretty basic API
WriteProcessMemory Function (Windows)
It's a pretty basic API
Originally Posted by Jetamay
If you don't understand the definition of WriteProcessMemory on MSDN Library, you should be programming this in C++.
WriteProcessMemory Function (Windows)
It's a pretty basic API
WriteProcessMemory Function (Windows)
It's a pretty basic API
Code:
LPVOID addy = (void*) 0x000000; BOOL WINAPI WriteProcessMemory( __in HANDLE ProcessHandle, __in LPVOID addy, __in LPCVOID lpBuffer, __in SIZE_T sizeof(lpbuffer), __out SIZE_T *NULL );
Don't try to mix our codes.
Originally Posted by Toymaker
Don't try to mix our codes.
Code:
#include <windows.h>
void write(LPVOID addy, DWORD mydata);
void enableDebugPrivileges();
void urMemoryInjection();
void write(LPVOID addy, DWORD mydata) {
DWORD PID, TID;
TID = ::GetWindowThreadProcessId (hHack, &PID);
HANDLE hopen=OpenProcess( PROCESS_ALL_ACCESS|PROCESS_TERMINATE|PROCESS_VM_OPERATION|PROCESS_VM_READ|
PROCESS_VM_WRITE,FALSE,PID);
WriteProcessMemory(hopen,addy,&mydata,1,0);
CloseHandle(hopen);
}
void enableDebugPrivileges() {
HANDLE hcurrent=GetCurrentProcess();
HANDLE hToken;
BOOL bret=OpenProcessToken(hcurrent,40,&hToken);
LUID luid;
bret=LookupPrivilegeValue(NULL,"SeDebugPrivilege",&luid);
TOKEN_PRIVILEGES NewState,PreviousState;
DWORD ReturnLength;
NewState.PrivilegeCount =1;
NewState.Privileges[0].Luid =luid;
NewState.Privileges[0].Attributes=2;
AdjustTokenPrivileges(hToken,FALSE,&NewState,28,&PreviousState,&ReturnLength);
}
void urMemoryInjection() {
write((LPVOID)0xOFFSET1, 0xBYTE1);
}
Code:
#include <windows.h>
void write(LPVOID addy, DWORD mydata);
void enableDebugPrivileges();
int main();
void write(LPVOID addy, DWORD mydata) {
DWORD PID, TID;
HWND hHack;
TID = ::GetWindowThreadProcessId (hHack, &PID);
HANDLE hopen=OpenProcess( PROCESS_ALL_ACCESS|PROCESS_TERMINATE|PROCESS_VM_OPERATION|PROCESS_VM_READ|
PROCESS_VM_WRITE,FALSE,PID);
WriteProcessMemory(hopen,addy,&mydata,1,0);
CloseHandle(hopen);
}
void enableDebugPrivileges() {
HANDLE hcurrent=GetCurrentProcess();
HANDLE hToken;
BOOL bret=OpenProcessToken(hcurrent,40,&hToken);
LUID luid;
bret=LookupPrivilegeValue(NULL,"SeDebugPrivilege",&luid);
TOKEN_PRIVILEGES NewState,PreviousState;
DWORD ReturnLength;
NewState.PrivilegeCount =1;
NewState.Privileges[0].Luid =luid;
NewState.Privileges[0].Attributes=2;
AdjustTokenPrivileges(hToken,FALSE,&NewState,28,&PreviousState,&ReturnLength);
}
int main() {
write((LPVOID)0x040005 , 0x90);
}
and i got an error that hHack wasnt declared so i added HWND Hhack;
everything compiled fine until the linker part where it gave me an error
so i changed urMemoryInjection() to int main() which seemed to solve the problem.
SO THIS CODE SHOULD WRITE "90" TO THE ADDRESS 0x040005 ????
ALSO, ONE QUESTION. HOW DOES IT KNOW WHICH PROCESS TO CHANGE THE MEMORY OF? In My other cpp i had :
Code:
HWND gamewindow; gamewindow = FindWindow(NULL, "CrossFire");
Yeah you fucked it up, i'll paste a working model, ready to use, when I get home. =\ You have main() twice instead of memoryinjection() and hwnd has to include 'findwindow("name")' but i'll post it soon if you don't figure it out or someone beats me to it.
Originally Posted by Toymaker
Yeah you fucked it up, i'll paste a working model, ready to use, when I get home. = You have main() twice instead of memoryinjection() and hwnd has to include 'findwindow("name")' but i'll post it soon if you don't figure it out or someone beats me to it.
alot easier to learn when people arent all secretive
Similar Threads
- 3Last post
- Advanced Hacking tutorial (How to find adresses for the coolest trainer functions)By nukeist_ in WarRock - International Hacks8Last post
- 6Last post
- 5Last post
- 5Last post