Code:
#RequireAdmin
#Include <WinAPI.au3>
setprivilege("sedebugprivilege", 1)
ReadMemory(0x008C4734,"MineSweeper.exe")
WriteMemory(0x008C4734,"MineSweeper.exe","43")
Func ReadMemory($adresR,$handle)
Local $PROCESS_ALL_ACCESS = 0xfff
Dim $procHwnd = _WinAPI_OpenProcess($PROCESS_ALL_ACCESS, False, ProcessExists($handle));
Dim $pBuffer = DllStructCreate("int[4]"), $iRead = 0
_WinAPI_ReadProcessMemory($procHwnd,$adresR,DllStructGetPtr($pBuffer),DllStructGetSize($pBuffer),$iRead); here we read the memory
Local $d = DllStructGetData($pBuffer,1)
MsgBox(0,"","->" &$d)
EndFunc
Func WriteMemory($address,$ah_Handle,$v_data)
Local $PROCESS_ALL_ACCESS = 0xfff
Dim $procHwnd = _WinAPI_OpenProcess($PROCESS_ALL_ACCESS, False, ProcessExists($ah_Handle));
Dim $v_Buffer = DllStructCreate("int[4]"),$iRead2 = 0
Dim $s_Buffer = $v_Buffer
_WinAPI_WriteProcessMemory($procHwnd,$address,DllStructGetPtr($v_Buffer),DllStructGetSize($v_Buffer),$iRead2,DllStructGetPtr($s_Buffer))
$4 = DllStructSetData($v_Buffer,1,$v_data)
MsgBox(0,"","->" & $4)
EndFunc
Func setprivilege($PRIVILEGE, $BENABLE)
Const $MY_TOKEN_ADJUST_PRIVILEGES = 32
Const $MY_TOKEN_QUERY = 8
Const $MY_SE_PRIVILEGE_ENABLED = 2
Local $HTOKEN, $SP_AUXRET, $SP_RET, $HCURRPROCESS, $NTOKENS, $NTOKENINDEX, $PRIV
$NTOKENS = 1
$LUID = DllStructCreate("dword;int")
If IsArray($PRIVILEGE) Then $NTOKENS = UBound($PRIVILEGE)
$TOKEN_PRIVILEGES = DllStructCreate("dword;dword[" & (3 * $NTOKENS) & "]")
$NEWTOKEN_PRIVILEGES = DllStructCreate("dword;dword[" & (3 * $NTOKENS) & "]")
$HCURRPROCESS = DllCall("kernel32.dll", "hwnd", "GetCurrentProcess")
$SP_AUXRET = DllCall("advapi32.dll", "int", "OpenProcessToken", "hwnd", $HCURRPROCESS[0], "int", BitOR($MY_TOKEN_ADJUST_PRIVILEGES, $MY_TOKEN_QUERY), "int*", 0)
If $SP_AUXRET[0] Then
$HTOKEN = $SP_AUXRET[3]
DllStructSetData($TOKEN_PRIVILEGES, 1, 1)
$NTOKENINDEX = 1
While $NTOKENINDEX <= $NTOKENS
If IsArray($PRIVILEGE) Then
$PRIV = $PRIVILEGE[$NTOKENINDEX - 1]
Else
$PRIV = $PRIVILEGE
EndIf
$RET = DllCall("advapi32.dll", "int", "LookupPrivilegeValue", "str", "", "str", $PRIV, "ptr", DllStructGetPtr($LUID))
If $RET[0] Then
If $BENABLE Then
DllStructSetData($TOKEN_PRIVILEGES, 2, $MY_SE_PRIVILEGE_ENABLED, (3 * $NTOKENINDEX))
Else
DllStructSetData($TOKEN_PRIVILEGES, 2, 0, (3 * $NTOKENINDEX))
EndIf
DllStructSetData($TOKEN_PRIVILEGES, 2, DllStructGetData($LUID, 1), (3 * ($NTOKENINDEX - 1)) + 1)
DllStructSetData($TOKEN_PRIVILEGES, 2, DllStructGetData($LUID, 2), (3 * ($NTOKENINDEX - 1)) + 2)
DllStructSetData($LUID, 1, 0)
DllStructSetData($LUID, 2, 0)
EndIf
$NTOKENINDEX += 1
WEnd
$RET = DllCall("advapi32.dll", "int", "AdjustTokenPrivileges", "hwnd", $HTOKEN, "int", 0, "ptr", DllStructGetPtr($TOKEN_PRIVILEGES), "int", DllStructGetSize($NEWTOKEN_PRIVILEGES), "ptr", DllStructGetPtr($NEWTOKEN_PRIVILEGES), "int*", 0)
$F = DllCall("kernel32.dll", "int", "GetLastError")
EndIf
$NEWTOKEN_PRIVILEGES = 0
$TOKEN_PRIVILEGES = 0
$LUID = 0
If $SP_AUXRET[0] = 0 Then Return 0
$SP_AUXRET = DllCall("kernel32.dll", "int", "CloseHandle", "hwnd", $HTOKEN)
If Not $RET[0] And Not $SP_AUXRET[0] Then Return 0
Return $RET[0]
EndFunc ;==>SETPRIVILEGE
