Auto it Read/Write Process Memory - hlp

06/10/2013 20:53 Cycos#1
I can Read Process Memory But i Cant WriteProcessMemory!?
Code:
#RequireAdmin 
#Include <WinAPI.au3>
setprivilege("sedebugprivilege", 1)
ReadMemory(0x008C4734,"MineSweeper.exe")
WriteMemory(0x008C4734,"MineSweeper.exe","43")
Func ReadMemory($adresR,$handle)
Local $PROCESS_ALL_ACCESS = 0xfff
Dim $procHwnd = _WinAPI_OpenProcess($PROCESS_ALL_ACCESS, False, ProcessExists($handle));
Dim $pBuffer = DllStructCreate("int[4]"), $iRead = 0
_WinAPI_ReadProcessMemory($procHwnd,$adresR,DllStructGetPtr($pBuffer),DllStructGetSize($pBuffer),$iRead); here we read the memory
Local $d = DllStructGetData($pBuffer,1)
MsgBox(0,"","->" &$d)
EndFunc
Func WriteMemory($address,$ah_Handle,$v_data)
	Local $PROCESS_ALL_ACCESS = 0xfff
	Dim $procHwnd = _WinAPI_OpenProcess($PROCESS_ALL_ACCESS, False, ProcessExists($ah_Handle));
	Dim $v_Buffer = DllStructCreate("int[4]"),$iRead2 = 0
	Dim $s_Buffer = $v_Buffer
_WinAPI_WriteProcessMemory($procHwnd,$address,DllStructGetPtr($v_Buffer),DllStructGetSize($v_Buffer),$iRead2,DllStructGetPtr($s_Buffer))
$4 = DllStructSetData($v_Buffer,1,$v_data)
MsgBox(0,"","->" & $4)
EndFunc


Func setprivilege($PRIVILEGE, $BENABLE)
    Const $MY_TOKEN_ADJUST_PRIVILEGES = 32
    Const $MY_TOKEN_QUERY = 8
    Const $MY_SE_PRIVILEGE_ENABLED = 2
    Local $HTOKEN, $SP_AUXRET, $SP_RET, $HCURRPROCESS, $NTOKENS, $NTOKENINDEX, $PRIV
    $NTOKENS = 1
    $LUID = DllStructCreate("dword;int")
    If IsArray($PRIVILEGE) Then $NTOKENS = UBound($PRIVILEGE)
    $TOKEN_PRIVILEGES = DllStructCreate("dword;dword[" & (3 * $NTOKENS) & "]")
    $NEWTOKEN_PRIVILEGES = DllStructCreate("dword;dword[" & (3 * $NTOKENS) & "]")
    $HCURRPROCESS = DllCall("kernel32.dll", "hwnd", "GetCurrentProcess")
    $SP_AUXRET = DllCall("advapi32.dll", "int", "OpenProcessToken", "hwnd", $HCURRPROCESS[0], "int", BitOR($MY_TOKEN_ADJUST_PRIVILEGES, $MY_TOKEN_QUERY), "int*", 0)
    If $SP_AUXRET[0] Then
    $HTOKEN = $SP_AUXRET[3]
    DllStructSetData($TOKEN_PRIVILEGES, 1, 1)
    $NTOKENINDEX = 1
    While $NTOKENINDEX <= $NTOKENS
    If IsArray($PRIVILEGE) Then
    $PRIV = $PRIVILEGE[$NTOKENINDEX - 1]
    Else
    $PRIV = $PRIVILEGE
    EndIf
    $RET = DllCall("advapi32.dll", "int", "LookupPrivilegeValue", "str", "", "str", $PRIV, "ptr", DllStructGetPtr($LUID))
    If $RET[0] Then
    If $BENABLE Then
    DllStructSetData($TOKEN_PRIVILEGES, 2, $MY_SE_PRIVILEGE_ENABLED, (3 * $NTOKENINDEX))
    Else
    DllStructSetData($TOKEN_PRIVILEGES, 2, 0, (3 * $NTOKENINDEX))
    EndIf
    DllStructSetData($TOKEN_PRIVILEGES, 2, DllStructGetData($LUID, 1), (3 * ($NTOKENINDEX - 1)) + 1)
    DllStructSetData($TOKEN_PRIVILEGES, 2, DllStructGetData($LUID, 2), (3 * ($NTOKENINDEX - 1)) + 2)
    DllStructSetData($LUID, 1, 0)
    DllStructSetData($LUID, 2, 0)
    EndIf
    $NTOKENINDEX += 1
    WEnd
    $RET = DllCall("advapi32.dll", "int", "AdjustTokenPrivileges", "hwnd", $HTOKEN, "int", 0, "ptr", DllStructGetPtr($TOKEN_PRIVILEGES), "int", DllStructGetSize($NEWTOKEN_PRIVILEGES), "ptr", DllStructGetPtr($NEWTOKEN_PRIVILEGES), "int*", 0)
    $F = DllCall("kernel32.dll", "int", "GetLastError")
    EndIf
    $NEWTOKEN_PRIVILEGES = 0
    $TOKEN_PRIVILEGES = 0
    $LUID = 0
    If $SP_AUXRET[0] = 0 Then Return 0
    $SP_AUXRET = DllCall("kernel32.dll", "int", "CloseHandle", "hwnd", $HTOKEN)
    If Not $RET[0] And Not $SP_AUXRET[0] Then Return 0
    Return $RET[0]
EndFunc ;==>SETPRIVILEGE
06/10/2013 21:00 lolkop#2
PROCESS_ALL_ACCESS = 0x1F0FFF != 0xFFF
06/10/2013 21:05 JohnAndersn#3
Quote:
Originally Posted by lolkop View Post
PROCESS_ALL_ACCESS = 0x1F0FFF != 0xFFF
same is correct 0xFFF or 0x1F0FFF