ReadProcessMemory

just write whatever you want
Post Reply
Turkey
Posts: 4
Joined: Mon Aug 02, 2004 6:54 pm

ReadProcessMemory

Post by Turkey »

Hi, I would like to know how to read a value from another process's memory. I have the address and window handle and I would like to display the value in an edit box. Do you think you could help me with this? I am quite new to Delphi so your help would be greatly appreciated.

Regards Turkey
madshi
Site Admin
Posts: 10753
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

What do you know about the other process? Do you know its process ID? Or do you have a window handle of that process? Or is the only thing you know the exe name?
Turkey
Posts: 4
Joined: Mon Aug 02, 2004 6:54 pm

Post by Turkey »

I have already made code to alter the time in a game of minesweepers. Here it is

Code: Select all

var
  Form1: TForm1;
  WindowName  :  integer;
  ProcessId  :  integer;
  ThreadId  :  integer;
  buf  :  PChar;
  HandleWindow  :  Integer;
  write  :  cardinal;

Const
  WindowTitle  =  'Minesweeper';
  Address  =  $100579C;
  PokeValue  =  $0;
  NumberOfBytes  =  4;

implementation

{$R *.dfm}

procedure TForm1.Button1Click(Sender: TObject);
begin
  WindowName  :=  FindWindow(nil,WindowTitle);
          If  WindowName  =  0  then
              begin
                    MessageDlg('The  game  must  be  running  in  the  background.  Run  it  now,  and  then  try  again.',  mtwarning,[mbOK],0);
              end;

    ThreadId  :=  GetWindowThreadProcessId(WindowName,@ProcessId);
    HandleWindow  :=  OpenProcess(PROCESS_ALL_ACCESS,False,ProcessId);

    GetMem(buf,1);
    buf^  :=  Chr(PokeValue);
    WriteProcessMemory(HandleWindow,ptr(Address),buf,NumberOfBytes,write);
    FreeMem(buf);
    closehandle(HandleWindow);
end;

I would like to also be able to read the value of the memory address into an edit box. I think i have to use Readprocessmemory. Could you help me? Thanks
madshi
Site Admin
Posts: 10753
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

You allocate "buf" as one byte, but then you write 4 bytes to the target process. That's not correct. You should change NumberOfBytes to 1.

Using ReadProcessMemory works just as WriteProcessMemory. There's no trick here...
Turkey
Posts: 4
Joined: Mon Aug 02, 2004 6:54 pm

Post by Turkey »

Hi, i am having soem problems with ReadProcessmemory. Could you tell me what is the problem with this code?

Code: Select all

var
  Form1: TForm1;
  WindowName  :  integer;
  ProcessId  :  integer;
  ThreadId  :  integer;
  buf  :  PChar;
  HandleWindow  :  Integer;
  write  :  cardinal;

Const
  WindowTitle  =  'Minesweeper';
  Address  =  $100579C;
  PokeValue  =  $0;
  NumberOfBytes  =  1;

implementation

{$R *.dfm}

procedure TForm1.Button1Click(Sender: TObject);
begin
  WindowName  :=  FindWindow(nil,WindowTitle);
          If  WindowName  =  0  then
              begin
                    MessageDlg('The  game  must  be  running  in  the  background.  Run  it  now,  and  then  try  again.',  mtwarning,[mbOK],0);
              end;

    ThreadId  :=  GetWindowThreadProcessId(WindowName,@ProcessId);
    HandleWindow  :=  OpenProcess(PROCESS_ALL_ACCESS,False,ProcessId);

    GetMem(buf,1);
    buf^  :=  Chr(PokeValue);
    readProcessMemory(HandleWindow,ptr(Address),buf,NumberOfBytes,write);
    TimeEdit.text := buf;
    FreeMem(buf);
    closehandle(HandleWindow);
end;
Sorry I am quite new to delphi. Thanks for your help :)
madshi
Site Admin
Posts: 10753
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

What exactly is the problem?

Well, I don't know what exactly this byte you're reading is supposed to be. If it's an ordinal value, you should probably do this:

TimeEdit.text := IntToStr(ord(buf^));
Turkey
Posts: 4
Joined: Mon Aug 02, 2004 6:54 pm

Post by Turkey »

madshi wrote:What exactly is the problem?

Well, I don't know what exactly this byte you're reading is supposed to be. If it's an ordinal value, you should probably do this:

TimeEdit.text := IntToStr(ord(buf^));
Yes it worked! Thank you so much :D:D Im happy now :)
Post Reply