[Help] Delphi + ReadProcessMemory

11/03/2008 16:46 redskull010101#1

I cant seem to get read process memory working in delphi i dont know why at all either, ive googled it for like 2 hours the other night and know luck. so i figured ima try here

this is my source currently
thanks in advance for help

PHP Code:


			
unit Unit1;



interface



uses

  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,

  Dialogs, Registry, tlhelp32, StdCtrls;



type

  TForm1 = class(TForm)

    Label1: TLabel;

    procedure FormCreate(Sender: TObject);

  private

    { Private declarations }

  public

    { Public declarations }

  end;



var

  Form1: TForm1;

  cFolder: string;

  Pid, Pidhandle, NewValue, Data: Integer;

  Address, Written: Cardinal;



Const

  process = 'conquer.exe';



implementation



{$R *.dfm}



// Get Process ID

//  Example

// Pidhandle := OpenProcess(PROCESS_ALL_ACCESS,False,Pid);

function GetID(Const ExeFileName: string; var ProcessId: integer): boolean;

var

  ContinueLoop: BOOL;

    FSnapshotHandle: THandle;

  FProcessEntry32: TProcessEntry32;

begin

  result := false;

    FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);

    FProcessEntry32.dwSize := Sizeof(FProcessEntry32);

  ContinueLoop := Process32First(FSnapshotHandle, FProcessEntry32);

  while integer(ContinueLoop) <> 0 do begin

    if (StrIComp(PChar(ExtractFileName(FProcessEntry32.szExeFile)), PChar(ExeFileName)) = 0)

       or (StrIComp(FProcessEntry32.szExeFile, PChar(ExeFileName)) = 0)  then begin

        ProcessId:= FProcessEntry32.th32ProcessID;

         result := true;

       break;

    end;

      ContinueLoop := Process32Next(FSnapshotHandle, FProcessEntry32);

  end;

    CloseHandle(FSnapshotHandle);

end;



// Example

//  cFolder:=(GetRegistryData(HKEY_LOCAL_MACHINE,'\software\valve\steam\', 'InstallPath'));

// ShowMessage(sFolder+'\steamapps\'+Edit1.text+'\insurgency\insurgency\')

function GetRegistryData(RootKey: HKEY; Key, Value: string): variant;

var

  Reg: TRegistry;

    RegDataType: TRegDataType;

  DataSize, Len: integer;

  s: string;

label cantread;

begin

  Reg := nil;

  try

    Reg := TRegistry.Create(KEY_QUERY_VALUE);

    Reg.RootKey := RootKey;

    if Reg.OpenKeyReadOnly(Key) then begin

      try

        RegDataType := Reg.GetDataType(Value);

        if (RegDataType = rdString) or

           (RegDataType = rdExpandString) then

          Result := Reg.ReadString(Value)

        else if RegDataType = rdInteger then

          Result := Reg.ReadInteger(Value)

        else if RegDataType = rdBinary then begin

          DataSize := Reg.GetDataSize(Value);

          if DataSize = -1 then goto cantread;

          SetLength(s, DataSize);

          Len := Reg.ReadBinaryData(Value, PChar(s)^, DataSize);

          if Len <> DataSize then goto cantread;

          Result := s;

        end else

cantread:

          raise Exception.Create(SysErrorMessage(ERROR_CANTREAD));

      except

        s := ''; // Deallocates memory if allocated

        Reg.CloseKey;

        raise;

      end;

      Reg.CloseKey;

    end else

      raise Exception.Create(SysErrorMessage(GetLastError));

  except

    Reg.Free;

    raise;

  end;

  Reg.Free;

end;







procedure TForm1.FormCreate(Sender: TObject);

begin

Address := $038506C0; //

    NewValue := 1;    //

      Data := 4;      //

      Pidhandle := OpenProcess(PROCESS_ALL_ACCESS,False,Pid);

    ReadProcessMemory(Pidhandle, Pointer(Address), @NewValue, Data, nil);

closehandle(Pidhandle);



label1.Caption:=

end;

end.

11/03/2008 18:51 unknownone#2

Scrap your long-winded way of getting the process, and instead use

PHP Code:


			
var

WndHandle, Pid, Pidhandle : integer;



begin

  Address := $038506C0;

  NewValue := 1;

  Data := 4;

  WndHandle := FindWindow(nil,'[Conquer 2.0]');

  if WndHandle <> 0

    GetWindowThreadProcessId(WndHandle,@Pid);

    Pidhandle := OpenProcess(PROCESS_ALL_ACCESS,False,Pid); 

    ReadProcessMemory(Pidhandle, ptr(Address), @NewValue, Data, nil); 

    closehandle(Pidhandle);

  end;

  //....

end;

11/03/2008 19:42 redskull010101#3

Quote:

Originally Posted by unknownone

Scrap your long-winded way of getting the process, and instead use

PHP Code:

var WndHandle, Pid, Pidhandle : integer; begin Address := $038506C0; NewValue := 1; Data := 4; WndHandle := FindWindow(nil,'[Conquer 2.0]'); if WndHandle <> 0 GetWindowThreadProcessId(WndHandle,@Pid); Pidhandle := OpenProcess(PROCESS_ALL_ACCESS,False,Pid); ReadProcessMemory(Pidhandle, ptr(Address), @NewValue, Data, nil); closehandle(Pidhandle); end; //.... end;

lulz i orignaly used that =D, well teh get window

the only problem i can see as of right NOW is that i cant physically display the Readprocess memory using

PHP Code:


			
Label1.Caption:=ReadProcessMemory(Pidhandle, ptr(Address), @NewValue, Data, Readden);

as you can see im a newb

11/03/2008 22:43 unknownone#4

No, because ReadProcessMemory doesn't return the value to be read. The result is stored in the pointer NewValue, so you'd want to use something like

PHP Code:


			
Label1.Caption:= NewValue;

11/04/2008 00:41 redskull010101#5

Quote:

Originally Posted by unknownone

No, because ReadProcessMemory doesn't return the value to be read. The result is stored in the pointer NewValue, so you'd want to use something like

PHP Code:

Label1.Caption:= NewValue;

the thing with this is i dont want it to replace any values i just noticed the read and write is the same minus the New value, SO "newvalue" shouldn't be declared from me but from the game itself correct?

11/04/2008 23:09 _fobos_#6

Quote:

Originally Posted by redskull010101

the thing with this is i dont want it to replace any values i just noticed the read and write is the same minus the New value, SO "newvalue" shouldn't be declared from me but from the game itself correct?

NewValue is just the pointer to store the value in, I dont program in Delphi but api's stay api's, See it like NewValue(or whatever name u give it) is an empty box and in that box you want to put something, you also know where that something can be found(address) so u tell Delphi to read the value and store it in ur box.
Now your box contains something and u output it with your label, or textbox, messagebox whatever you like.
I exactly said what unknown said, just in diff words hope it helped.

11/05/2008 06:19 redskull010101#7

Quote:

Originally Posted by _fobos_

NewValue is just the pointer to store the value in, I dont program in Delphi but api's stay api's, See it like NewValue(or whatever name u give it) is an empty box and in that box you want to put something, you also know where that something can be found(address) so u tell Delphi to read the value and store it in ur box.
Now your box contains something and u output it with your label, or textbox, messagebox whatever you like.
I exactly said what unknown said, just in diff words hope it helped.

i understand down o.0 time to test it tuvm both

edit bah idk is it possible somebody can write a small sample this shit doesnt work UGH!

11/05/2008 10:17 _fobos_#8

Quote:

Originally Posted by redskull010101

i understand down o.0 time to test it tuvm both

edit bah idk is it possible somebody can write a small sample this shit doesnt work UGH!

Keep trying, Id suggest you to look again at the sample unknown gave you,
Its like all you need.
all you have to do is add the way u want to output the value.

See i think ur problem is all the code for the process and stuff is messy, i mean i cant even be bothered looking thru it.
Api's stay same, C# VB Delphi, and unknowns code looked correct.

Keep trying, the code is there and otherwise start smaller, first learn how to make api calls then try again I dont say this to be mean but seeing how I have this feeling that code is just copied and pasted as you had no idea what the variable NewValue was doing.
So i think or go over unknown's code again or start smaller :)