-
Notifications
You must be signed in to change notification settings - Fork 43
/
Memory.cpp
164 lines (151 loc) · 5.69 KB
/
Memory.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
#include "stdafx.hpp"
#include "Memory.hpp"
int Memory::GetProcessId(char* processName) {
SetLastError(0);
PROCESSENTRY32 pe32;
HANDLE hSnapshot = NULL;
GetLastError();
pe32.dwSize = sizeof( PROCESSENTRY32 );
hSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
if( Process32First( hSnapshot, &pe32 ) ) {
do {
if( strcmp( pe32.szExeFile, processName ) == 0 )
break;
} while( Process32Next( hSnapshot, &pe32 ) );
}
if( hSnapshot != INVALID_HANDLE_VALUE )
CloseHandle( hSnapshot );
int err = GetLastError();
//std::cout << err << std::endl;
if (err != 0)
return 0;
return pe32.th32ProcessID;
}
int Memory::GetModuleBase(HANDLE processHandle, string &sModuleName)
{
HMODULE *hModules = NULL;
char szBuf[50];
DWORD cModules;
DWORD dwBase = -1;
EnumProcessModules(processHandle, hModules, 0, &cModules);
hModules = new HMODULE[cModules/sizeof(HMODULE)];
if(EnumProcessModules(processHandle, hModules, cModules/sizeof(HMODULE), &cModules)) {
for(size_t i = 0; i < cModules/sizeof(HMODULE); i++) {
if(GetModuleBaseName(processHandle, hModules[i], szBuf, sizeof(szBuf))) {
if(sModuleName.compare(szBuf) == 0) {
dwBase = (DWORD)hModules[i];
break;
}
}
}
}
delete[] hModules;
return dwBase;
}
BOOL Memory::SetPrivilege(HANDLE hToken, LPCTSTR lpszPrivilege, BOOL bEnablePrivilege)
{
TOKEN_PRIVILEGES tp;
LUID luid;
if (!LookupPrivilegeValue(NULL, lpszPrivilege, &luid)) {
//printf("LookupPrivilegeValue error: %u\n", GetLastError() );
return FALSE;
}
tp.PrivilegeCount = 1;
tp.Privileges[0].Luid = luid;
if (bEnablePrivilege)
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
else
tp.Privileges[0].Attributes = 0;
if (!AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES) NULL, (PDWORD) NULL)) {
//printf("AdjustTokenPrivileges error: %u\n", GetLastError() );
return FALSE;
}
if (GetLastError() == ERROR_NOT_ALL_ASSIGNED) {
//printf("The token does not have the specified privilege. \n");
return FALSE;
}
return TRUE;
}
BOOL Memory::GetDebugPrivileges(void) {
HANDLE hToken = NULL;
if(!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken))
return FALSE; //std::cout << "OpenProcessToken() failed, error\n>> " << GetLastError() << std::endl;
//else std::cout << "OpenProcessToken() is OK, got the handle!" << std::endl;
if(!SetPrivilege(hToken, SE_DEBUG_NAME, TRUE))
return FALSE; //std::cout << "Failed to enable privilege, error:\n>> " << GetLastError() << std::endl;
return TRUE;
}
int Memory::ReadInt(HANDLE processHandle, int address) {
if (address == -1)
return -1;
int buffer = 0;
SIZE_T NumberOfBytesToRead = sizeof(buffer); //this is equal to 4
SIZE_T NumberOfBytesActuallyRead;
BOOL success = ReadProcessMemory(processHandle, (LPCVOID)address, &buffer, NumberOfBytesToRead, &NumberOfBytesActuallyRead);
if (!success || NumberOfBytesActuallyRead != NumberOfBytesToRead) {
std::cout << "Memory Error!" << std::endl;
return -1;
}
//if (err || NumberOfBytesActuallyRead != NumberOfBytesToRead) {
// DWORD lastError = GetLastError();
// if (lastError != 0)
// std::cout << lastError << std::endl;
// std::cout << "blub" << std::endl;
//}
return buffer;
}
int Memory::GetPointerAddress(HANDLE processHandle, int startAddress, int offsets[], int offsetCount) {
if (startAddress == -1)
return -1;
int ptr = ReadInt(processHandle, startAddress);
for (int i=0; i<offsetCount-1; i++) {
ptr+=offsets[i];
ptr = ReadInt(processHandle, ptr);
}
ptr+=offsets[offsetCount-1];
return ptr;
}
int Memory::ReadPointerInt(HANDLE processHandle, int startAddress, int offsets[], int offsetCount) {
if (startAddress == -1)
return -1;
return ReadInt(processHandle, GetPointerAddress(processHandle, startAddress, offsets, offsetCount));
}
float Memory::ReadFloat(HANDLE processHandle, int address) {
if (address == -1)
return -1;
float buffer = 0.0;
SIZE_T NumberOfBytesToRead = sizeof(buffer); //this is equal to 4
SIZE_T NumberOfBytesActuallyRead;
BOOL success = ReadProcessMemory(processHandle, (LPCVOID)address, &buffer, NumberOfBytesToRead, &NumberOfBytesActuallyRead);
if (!success || NumberOfBytesActuallyRead != NumberOfBytesToRead)
return -1;
return buffer;
}
float Memory::ReadPointerFloat(HANDLE processHandle, int startAddress, int offsets[], int offsetCount) {
if (startAddress == -1)
return -1;
return ReadFloat(processHandle, GetPointerAddress(processHandle, startAddress, offsets, offsetCount));
}
char* Memory::ReadText(HANDLE processHandle, int address) {
if (address == -1)
return "-1";
char buffer = !0;
char* stringToRead = new char[128];
SIZE_T NumberOfBytesToRead = sizeof(buffer);
SIZE_T NumberOfBytesActuallyRead;
int i = 0;
while (buffer != 0) {
BOOL success = ReadProcessMemory(processHandle, (LPCVOID)address, &buffer, NumberOfBytesToRead, &NumberOfBytesActuallyRead);
if (!success || NumberOfBytesActuallyRead != NumberOfBytesToRead)
return "-1";
stringToRead[i] = buffer;
i++;
address++;
}
return stringToRead;
}
char* Memory::ReadPointerText(HANDLE processHandle, int startAddress, int offsets[], int offsetCount) {
if (startAddress == -1)
return "-1";
return ReadText(processHandle, GetPointerAddress(processHandle, startAddress, offsets, offsetCount));
}