WriteProcessMemory Help needed

Newbie Member
16Dec2006,21:42   #1
drgn11's Avatar
Hi, I can't seem to WriteProcessMemory 3 Addresses, Im trying to nop them But i can't seem to make it work, thanks in advance, I have bolded the area where im having problems with, thanks again.
Code:
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
using System.Threading;
public delegate void SetTextDeleg(string text);
namespace WindowsApplication1
{
    public partial class Form1 : Form
    {
        delegate void SetTextCallback(string text);
        private Thread Thread_1 = null;
        private Thread Thread_2 = null;
        private int InfoBasePtr = 0x0086AF70;
        private int XAddress = 0;
        private int XAddressOff = 0x23C;
        private int x;
        private int YAddress = 0;
        private int YAddressOff = 0x238;
        private int y;
        public const uint MK_LBUTTON = (0x0201);
        private bool apprun;
        private bool updatev = true;
        public IntPtr dhWnd = IntPtr.Zero;

        public Form1()
        {
            InitializeComponent();
            apprun = false;
            updatev = true;
            this.Thread_1 = new Thread(new ThreadStart(this.init_thread));
            this.Thread_1.Start();
        }

        private void button1_Click(object sender, EventArgs e)
        {
            apprun = false;
            this.Thread_2.Abort();
        }

        private void button2_Click(object sender, EventArgs e)
        {
            apprun = true;
            this.Thread_2 = new Thread(new ThreadStart(this.init_proc));
            this.Thread_2.Start();
        }


        public int Init()
        {
            ProcessMemoryReaderLib.ProcessMemoryReader pReader = new ProcessMemoryReaderLib.ProcessMemoryReader();
            System.Diagnostics.Process[] myProcesses = System.Diagnostics.Process.GetProcessesByName("Darkages");
            if (myProcesses.Length == 0)
            {
                return 0;
            }
            else
            {
                pReader.ReadProcess = myProcesses[0];
                pReader.OpenProcess();
                int bytesReaded;
                byte[] memory;
                memory = pReader.ReadProcessMemory((IntPtr)InfoBasePtr, 4, out bytesReaded);
                int refTemp = (memory[0] + 256 * memory[1] + 256 * 256 * memory[2] + 256 * 256 * 256 * memory[3]);
                XAddress = refTemp + XAddressOff;
                YAddress = refTemp + YAddressOff;

                if (XAddress > 0 && YAddress > 0)
                {
                    memory = pReader.ReadProcessMemory((IntPtr)XAddress, 1, out bytesReaded);
                    x = (memory[0]);
                    memory = pReader.ReadProcessMemory((IntPtr)YAddress, 1, out bytesReaded);
                    y = (memory[0]);

                   
                    // This wont work..
                    int writtenBytes;
                    byte[] buffer;
                    buffer = new byte[4];
                    buffer[0] = (byte)(90);
                    pReader.WriteProcessMemory((IntPtr)0x49C523, buffer, out writtenBytes);
                    pReader.WriteProcessMemory((IntPtr)0x49C524, buffer, out writtenBytes);
                    pReader.WriteProcessMemory((IntPtr)0x49C525, buffer, out writtenBytes);
                    //

 

                    dhWnd = myProcesses[0].MainWindowHandle;
                }

            }
            return 1;
        }

        private void init_thread()
        {
            Init();

            while (updatev == true)
            {
                Thread.Sleep(200);
               textBox1.Invoke(
                new SetTextDeleg(updatevalues),
                new object[] { "0" });
            }
        }

        private void updatevalues(string text)
        {
            Init();
            this.textBox1.Text = Convert.ToString(y);
            this.textBox2.Text = Convert.ToString(x);
        }

        public void init_proc()
        {
            while (apprun == true)
            {

                ProcessMemoryReaderLib.funcs.PostMessage(dhWnd, 0x0200, 0x1, (uint)MakeLong(110, 350));
                ProcessMemoryReaderLib.funcs.PostMessage(dhWnd, 0x0201, 0x1, (uint)MakeLong(110, 350));
                ProcessMemoryReaderLib.funcs.PostMessage(dhWnd, 0x0202, 0x1, (uint)MakeLong(110, 350));
                ProcessMemoryReaderLib.funcs.PostMessage(dhWnd, 0x0201, 0x1, (uint)MakeLong(110, 350));
                ProcessMemoryReaderLib.funcs.PostMessage(dhWnd, 0x0202, 0x1, (uint)MakeLong(110, 350));
                Thread.Sleep(5);
                ProcessMemoryReaderLib.funcs.PostMessage(dhWnd, 0x0200, 0x1, (uint)MakeLong(312, 173));
                ProcessMemoryReaderLib.funcs.PostMessage(dhWnd, 0x0201, 0x1, (uint)MakeLong(312, 173));
                ProcessMemoryReaderLib.funcs.PostMessage(dhWnd, 0x0202, 0x1, (uint)MakeLong(312, 173));
                Thread.Sleep(300);

            }
        }

        public long MakeLong(int x, int y)
        {
            return (x & 0xffff) | (y & 0xffff) << 16;
        }

        private uint MakeDWORD(ushort x, ushort y)
        {
            return ((((uint)x) << 16) | y);
        }

        private void Form1_Load(object sender, EventArgs e)
        {

        }
    }
}












Here is my classes:

using System;
using System.Diagnostics;
using System.Runtime.InteropServices;

namespace ProcessMemoryReaderLib
{
    /// <summary>
    /// ProcessMemoryReader is a class that enables direct reading a process memory
    /// </summary>
    /// 

    class ProcessMemoryReaderApi
    {
        // constants information can be found in <winnt.h>
        [Flags]
        public enum ProcessAccessType
        {
            PROCESS_TERMINATE = (0x0001),
            PROCESS_CREATE_THREAD = (0x0002),
            PROCESS_SET_SESSIONID = (0x0004),
            PROCESS_VM_OPERATION = (0x0008),
            PROCESS_VM_READ = (0x0010),
            PROCESS_VM_WRITE = (0x0020),
            PROCESS_DUP_HANDLE = (0x0040),
            PROCESS_CREATE_PROCESS = (0x0080),
            PROCESS_SET_QUOTA = (0x0100),
            PROCESS_SET_INFORMATION = (0x0200),
            PROCESS_QUERY_INFORMATION = (0x0400)
        }


        // constants information can be found in <winnt.h>
        public const uint PROCESS_VM_READ = (0x0010);


        // function declarations are found in the MSDN and in <winbase.h> 

        //		HANDLE OpenProcess(
        //			DWORD dwDesiredAccess,  // access flag
        //			BOOL bInheritHandle,    // handle inheritance option
        //			DWORD dwProcessId       // process identifier
        //			);
        [DllImport("kernel32.dll")]
        public static extern IntPtr OpenProcess(UInt32 dwDesiredAccess, Int32 bInheritHandle, UInt32 dwProcessId);

        //		BOOL CloseHandle(
        //			HANDLE hObject   // handle to object
        //			);
        [DllImport("kernel32.dll")]
        public static extern Int32 CloseHandle(IntPtr hObject);

        //		BOOL ReadProcessMemory(
        //			HANDLE hProcess,              // handle to the process
        //			LPCVOID lpBaseAddress,        // base of memory area
        //			LPVOID lpBuffer,              // data buffer
        //			SIZE_T nSize,                 // number of bytes to read
        //			SIZE_T * lpNumberOfBytesRead  // number of bytes read
        //			);
        [DllImport("kernel32.dll")]
        public static extern Int32 ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesRead);
       
        
        [DllImport("kernel32.dll")]
        public static extern Int32 WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesWritten);

        //[DllImport("Kernel32.dll")]
        //public static extern unsafe bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte* lpBuffer, int nSize, int* lpNumberOfBytesWritten);
    }


    public class ProcessMemoryReader
    {

        public ProcessMemoryReader()
        {
        }

        /// <summary>	
        /// Process from which to read		
        /// </summary>
        public Process ReadProcess
        {
            get
            {
                return m_ReadProcess;
            }
            set
            {
                m_ReadProcess = value;
            }
        }

        private Process m_ReadProcess = null;

        private IntPtr m_hProcess = IntPtr.Zero;

        public void OpenProcess()
        {
            m_hProcess = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ, 1, (uint)m_ReadProcess.Id);
        }

        public void CloseHandle()
        {
            int iRetValue;
            iRetValue = ProcessMemoryReaderApi.CloseHandle(m_hProcess);
            if (iRetValue == 0)
                throw new Exception("CloseHandle failed");
        }

        public byte[] ReadProcessMemory(IntPtr MemoryAddress, uint bytesToRead, out int bytesReaded)
        {
            byte[] buffer = new byte[bytesToRead];

            IntPtr ptrBytesReaded;
            ProcessMemoryReaderApi.ReadProcessMemory(m_hProcess, MemoryAddress, buffer, bytesToRead, out ptrBytesReaded);

            bytesReaded = ptrBytesReaded.ToInt32();

            return buffer;
        }

        public void WriteProcessMemory(IntPtr MemoryAddress, byte[] bytesToWrite, out int bytesWritten)
        {
            IntPtr ptrBytesWritten;
            ProcessMemoryReaderApi.WriteProcessMemory(m_hProcess, MemoryAddress, bytesToWrite, (uint)bytesToWrite.Length, out ptrBytesWritten);

            bytesWritten = ptrBytesWritten.ToInt32();
        }

  }

    class funcs
    {
        [DllImport("user32.dll")]
        public static extern bool PostMessage(IntPtr hWnd, int Msg, int wParam, uint lParam);
    }
}
If anyone can tell me whats wrong with my code id apriecate it, thanks
Last edited by shabbir; 16Dec2006 at 21:44.. Reason: Code formating.
Go4Expert Founder
16Dec2006,21:44   #2
shabbir's Avatar
Can you please tell us what you want or where is the problem you feel like. We cant just go 100's lines of code just knowing nothing.
Newbie Member
16Dec2006,22:10   #3
drgn11's Avatar
Sorry, there problem lies inside the init function.

// This wont work..
int writtenBytes;
byte[] buffer;
buffer = new byte[4];
buffer[0] = (byte)(90);
pReader.WriteProcessMemory((IntPtr)0x49C523, buffer, out writtenBytes);
pReader.WriteProcessMemory((IntPtr)0x49C524, buffer, out writtenBytes);
pReader.WriteProcessMemory((IntPtr)0x49C525, buffer, out writtenBytes);
//
Go4Expert Founder
17Dec2006,06:27   #4
shabbir's Avatar
It should not. How did you get the magical numbers like x49C523 which you think is the handle to the processes.