also ich wollt mir mal nen eignenen namespoofer fuer wc3 basteln(der von shadowfrench suckt) aber dazu muesst ich wissen wie man in vb etwas in den speicher schreibt hab kein tut gefunden das darauf eingeht
helft mir plz
helft mir plz
The WriteProcessMemory function writes memory in a specified process. The entire area to be written to must be accessible, or the operation fails. BOOL WriteProcessMemory( HANDLE hProcess, // handle to process whose memory is written to LPVOID lpBaseAddress, // address to start writing to LPVOID lpBuffer, // pointer to buffer to write data to DWORD nSize, // number of bytes to write LPDWORD lpNumberOfBytesWritten // actual number of bytes written ); Parameters hProcess Identifies an open handle to a process whose memory is to be written to. The handle must have PROCESS_VM_WRITE and PROCESS_VM_OPERATION access to the process. lpBaseAddress Points to the base address in the specified process to be written to. Before any data transfer occurs, the system verifies that all data in the base address and memory of the specified size is accessible for write access. If this is the case, the function proceeds; otherwise, the function fails. lpBuffer Points to the buffer that supplies data to be written into the address space of the specified process. nSize Specifies the requested number of bytes to write into the specified process. lpNumberOfBytesWritten Points to the actual number of bytes transferred into the specified process. This parameter is optional. If lpNumberOfBytesWritten is NULL, the parameter is ignored. Return Values If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError. The function will fail if the requested write operation crosses into an area of the process that is inaccessible. Remarks WriteProcessMemory copies the data from the specified buffer in the current process to the address range of the specified process. Any process that has a handle with PROCESS_VM_WRITE and PROCESS_VM_OPERATION access to the process to be written to can call the function. The process whose address space is being written to is typically, but not necessarily, being debugged. The entire area to be written to must be accessible. If it is not, the function fails as noted previously.
The ReadProcessMemory function reads memory in a specified process. The entire area to be read must be accessible, or the operation fails. BOOL ReadProcessMemory( HANDLE hProcess, // handle of the process whose memory is read LPCVOID lpBaseAddress, // address to start reading LPVOID lpBuffer, // address of buffer to place read data DWORD nSize, // number of bytes to read LPDWORD lpNumberOfBytesRead // address of number of bytes read ); Parameters hProcess Identifies an open handle of a process whose memory is read. The handle must have PROCESS_VM_READ access to the process. lpBaseAddress Points to the base address in the specified process to be read. Before any data transfer occurs, the system verifies that all data in the base address and memory of the specified size is accessible for read access. If this is the case, the function proceeds; otherwise, the function fails. lpBuffer Points to a buffer that receives the contents from the address space of the specified process. nSize Specifies the requested number of bytes to read from the specified process. lpNumberOfBytesRead Points to the actual number of bytes transferred into the specified buffer. If lpNumberOfBytesRead is NULL, the parameter is ignored. Return Values If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError. The function fails if the requested read operation crosses into an area of the process that is inaccessible. Remarks ReadProcessMemory copies the data in the specified address range from the address space of the specified process into the specified buffer of the current process. Any process that has a handle with PROCESS_VM_READ access can call the function. The process whose address space is read is typically, but not necessarily, being debugged. The entire area to be read must be accessible. If it is not, the function fails as noted previously.
Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hWnd As Long, lpdwProcessId As Long) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, ByVal lpBuffer As Any, ByVal nSize As Long, ByVal lpNumberOfBytesWritten As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function WriteValue Lib "kernel32" Alias "WriteProcessMemory" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, ByVal lpNumberOfBytesWritten As Long) As Long
Private Declare Sub GetSystemInfo Lib "kernel32" (lpSystemInfo As SYSTEM_INFO)
Private Declare Function InvalidateRect Lib "user32" (ByVal hWnd As Long, ByVal lpRect As Long, ByVal bErase As Long) As Long
Private Declare Function VirtualQueryEx& Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, lpBuffer As MEMORY_BASIC_INFORMATION, ByVal dwLength As Long)
Private Declare Function GetVersionEx Lib "kernel32" Alias "GetVersionExA" (LpVersionInformation As OSVERSIONINFO) As Long
Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As Long, ByVal lpWindowName As Long) As Long
Private Declare Function GetParent Lib "user32" (ByVal hWnd As Long) As Long
Private Declare Function GetWindow Lib "user32" (ByVal hWnd As Long, ByVal wCmd As Long) As Long
Const PROCESS_ALL_ACCESS As Long = &H1F0FFF
Const PROCESS_VM_READ = (&H10)
Const PROCESS_VM_WRITE = (&H20)
Const PROCESS_VM_OPERATION = (&H8)
Const PROCESS_QUERY_INFORMATION = (&H400)
Const PROCESS_READ_WRITE_QUERY = PROCESS_VM_READ + PROCESS_VM_WRITE + PROCESS_VM_OPERATION + PROCESS_QUERY_INFORMATION
Const GW_HWNDNEXT = 2
Const MEM_PRIVATE& = &H20000
Const MEM_COMMIT& = &H1000
Private Type OSVERSIONINFO
dwOSVersionInfoSize As Long
dwMajorVersion As Long
dwMinorVersion As Long
dwBuildNumber As Long
dwPlatformId As Long
szCSDVersion As String * 128
End Type
Private Type MEMORY_BASIC_INFORMATION ' 28 bytes
BaseAddress As Long
AllocationBase As Long
AllocationProtect As Long
RegionSize As Long
State As Long
Protect As Long
lType As Long
End Type
Private Type SYSTEM_INFO ' 36 Bytes
dwOemID As Long
dwPageSize As Long
lpMinimumApplicationAddress As Long
lpMaximumApplicationAddress As Long
dwActiveProcessorMask As Long
dwNumberOrfProcessors As Long
dwProcessorType As Long
dwAllocationGranularity As Long
wProcessorLevel As Integer
wProcessorRevision As Integer
End Type
Public Function ReadByte(phWnd As Long, pAddress As Long) As Byte
Dim pRetVal As Long
Call GetWindowThreadProcessId(phWnd, pid)
pHandle = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
Call ReadProcessMemory(pHandle, pAddress, pRetVal, 1, 0&)
ReadByte = CByte(pRetVal)
CloseHandle pHandle
End Function
Public Function ReadInteger(phWnd As Long, pAddress As Long) As Integer
Dim pRetVal As Long
Call GetWindowThreadProcessId(phWnd, pid)
pHandle = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
Call ReadProcessMemory(pHandle, pAddress, pRetVal, 2, 0&)
ReadInteger = CInt(pRetVal)
CloseHandle pHandle
End Function
Public Function ReadLong(phWnd As Long, pAddress As Long) As Long
Dim pRetVal As Long
Call GetWindowThreadProcessId(phWnd, pid)
pHandle = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
Call ReadProcessMemory(pHandle, pAddress, pRetVal, 4, 0&)
ReadLong = CLng(pRetVal)
CloseHandle pHandle
End Function
Public Function ReadString(phWnd As Long, pAddress As Long, pSize As Long) As String
Dim pRetVal As Long
Dim pString As String
Call GetWindowThreadProcessId(phWnd, pid)
pHandle = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
For i& = 1 To pSize Step 1
Call ReadProcessMemory(pHandle, pAddress + i& - 1, pRetVal, 1, 0&)
pString = pString & Chr$(pRetVal)
DoEvents
Next i&
ReadString = pString
CloseHandle pHandle
End Function
'---------------------- Write Memory Functions ------------------
Public Function WriteByte(phWnd As Long, pAddress As Long, pValue As Byte)
Dim pRetVal As Long
Call GetWindowThreadProcessId(phWnd, pid)
pHandle = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
pRetVal = pValue
Call WriteValue(pHandle, pAddress, pRetVal, 1, 0&)
CloseHandle pHandle
End Function
Public Function WriteInteger(phWnd As Long, pAddress As Long, pValue As Integer)
Dim pRetVal As Long
Call GetWindowThreadProcessId(phWnd, pid)
pHandle = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
pRetVal = pValue
Call WriteValue(pHandle, pAddress, pRetVal, 2, 0&)
CloseHandle pHandle
End Function
Public Function WriteLong(phWnd As Long, pAddress As Long, pValue As Long)
Dim pRetVal As Long
Call GetWindowThreadProcessId(phWnd, pid)
pHandle = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
pRetVal = pValue
Call WriteValue(pHandle, pAddress, pRetVal, 4, 0&)
CloseHandle pHandle
End Function
Public Function WriteString(phWnd As Long, pAddress As Long, pString As String)
Dim pRetVal As Long
Call GetWindowThreadProcessId(phWnd, pid)
pHandle = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
'Call ReadProcessMemory(pHandle, pAddress + i& - 1, pRetVal, 1, 0&)
WriteProcessMemory pHandle, pAddress, StrPtr(pString), LenB(pString), 0&
CloseHandle pHandle
End Function
Public Function FindString(phWnd As Long, pFind As String, Optional pStart = 65565, Optional pReplace = False, Optional pRString = "") As Long
Dim pid As Long, hProcess As Long, hWin As Long
Dim lpMem As Long, ret As Long, lLenMBI As Long
Dim lWritten As Long, CalcAddress As Long, lPos As Long
Dim sBuffer As String
Dim sSearchString As String, sReplaceString As String
Dim si As SYSTEM_INFO
Dim mbi As MEMORY_BASIC_INFORMATION
sSearchString = pFind
sReplaceString = "" & Chr(0)
If IsWindowsNT Then 'NT store strings in RAM in UNICODE
sSearchString = StrConv(sSearchString, vbUnicode)
sReplaceString = StrConv(sReplaceString, vbUnicode)
End If
GetWindowThreadProcessId phWnd, pid
'pid = Shell("calc.exe") 'launch application (calc.exe in this sample)
hWin = InstanceToWnd(pid) 'get handle of launched window - only to repaint it after changes
'Open process with required access
hProcess = OpenProcess(PROCESS_READ_WRITE_QUERY, False, pid)
lLenMBI = Len(mbi)
'Determine applications memory addresses range
Call GetSystemInfo(si)
If pStart = 65535 Then
lpMem = si.lpMinimumApplicationAddress
Else
lpMem = pStart
End If
'Scan memory
Do While lpMem < si.lpMaximumApplicationAddress
mbi.RegionSize = 0
ret = VirtualQueryEx(hProcess, ByVal lpMem, mbi, lLenMBI)
If ret = lLenMBI Then
If ((mbi.lType = MEM_PRIVATE) And (mbi.State = MEM_COMMIT)) Then ' this block is In use by this process
If mbi.RegionSize > 0 Then
sBuffer = String(mbi.RegionSize, 0)
'Read region into string
ReadProcessMemory hProcess, ByVal mbi.BaseAddress, ByVal sBuffer, mbi.RegionSize, lWritten
'Check if region contain search string
lPos = InStr(1, sBuffer, sSearchString, vbTextCompare)
If lPos Then
CalcAddress = mbi.BaseAddress + lPos
'ret = MsgBox("Search string was found at address " & CalcAddress & "." & vbCrLf & "Do you want to replace it?", vbInformation + vbYesNo, "VB-O-Matic")
'If ret = vbYes Then
'Replace string in virtual memory
FindString = CalcAddress - 1
If pReplace = True Then
'Call WriteProcessMemory(hProcess, ByVal CalcAddress - 1, ByVal pRString , Len(pRString), lWritten)
End If
InvalidateRect hWin, 0, 1
'End If
Exit Do
End If
End If
End If
'Increase base address for next searching cicle. Last address may overhead max Long value (Windows use 2GB memory, which is near max long value), so add Error checking
On Error GoTo Finished
lpMem = mbi.BaseAddress + mbi.RegionSize
On Error GoTo 0
Else
Exit Do
End If
Loop
Finished:
CloseHandle hProcess
End Function
Private Function InstanceToWnd(ByVal target_pid As Long) As Long
Dim test_hwnd As Long
Dim test_pid As Long
Dim test_thread_id As Long
test_hwnd = FindWindow(ByVal 0&, ByVal 0&)
Do While test_hwnd <> 0
If GetParent(test_hwnd) = 0 Then
test_thread_id = GetWindowThreadProcessId(test_hwnd, test_pid)
If test_pid = target_pid Then
InstanceToWnd = test_hwnd
Exit Do
End If
End If
test_hwnd = GetWindow(test_hwnd, GW_HWNDNEXT)
Loop
End Function
Private Function IsWindowsNT() As Boolean
Dim verinfo As OSVERSIONINFO
verinfo.dwOSVersionInfoSize = Len(verinfo)
If (GetVersionEx(verinfo)) = 0 Then Exit Function
If verinfo.dwPlatformId = 2 Then IsWindowsNT = True
End Function