Sign in to follow this  
Followers 0
Falkor

Basic PID Reading

12 posts in this topic

#include <NomadMemory.au3>

SetPrivilege("SeDebugPrivilege", 1)

$pid = _MemoryOpen(ProcessExists("notepad.exe"))
MsgBox(0, "PID", $pid)
_MemoryClose($pid)

Hey all, I'm pretty new to AutoIT but a fast learner :mellow:

I've been trying to figure out memory reading and starting off by simple trying to get the PID from the current notepad.exe process.

Running the above code presents a blank msgbox, I've tried everything I can think of but its either the code or the fact im running Windows 7 x64.

Any replys would be much appreiciated and I apologise if its a really really simple mistake!.

Share this post


Link to post
Share on other sites



Addtional Notes:

I've added #RequireAdmin to the top of this script and this has no effect.

I have noticed that when notepad.exe is closed I get the PID 0 and when its open I get a blank PID in the msgbox...

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

Solved :mellow:

I was trying to read the memoryopen+pid value which of course is useless!

After some carefull thinking / research I came up with the following code which proberly demonstrates the basic memory reading with AutoITv3

#include <NomadMemory.au3>
#RequireAdmin

SetPrivilege("SeDebugPrivilege", 1)

$pid = ProcessExists("MyProgram.exe") ;get process ID
$mem_Open = _MemoryOpen($pid) ;open memory for read/write
$mem_Read = _MemoryRead("0x63043C", $Mem_Open) ;read the memory
MsgBox(0, "Output", $mem_Read) ;display memory
_MemoryClose($mem_Open) ;close the memory
Edited by Falkor

Share this post


Link to post
Share on other sites

Well, congratulations :mellow: Next time try to think a bit harder before posting though, as you solved your own problem in +- 1 hour :(

Share this post


Link to post
Share on other sites

Falkor

Always i use this way too:(Additional Method :mellow: )

#RequireAdmin
;WMIC PROCESS WHERE handle="definehandlehere" get name  ;you can get name of Proc

;Proc name to pid
Run("cmd.exe /c " & "notepad.exe",@WindowsDir,@SW_HIDE)
RunWait("cmd.exe /c " & "WMIC PROCESS WHERE Name='notepad.exe' get handle >>"&@TempDir&"\proc4.txt",@ScriptDir,@SW_HIDE)
$hfileopen=FileOpen(@TempDir&"\proc4.txt",0)
MsgBox(64,"","pid for notepad.exe Process Name = > " & FileRead(@TempDir&"\proc4.txt"))
FileClose($hfileopen)
FileDelete(@TempDir&"\proc4.txt")

[size="5"] [/size]

Share this post


Link to post
Share on other sites

Well, congratulations :mellow: Next time try to think a bit harder before posting though, as you solved your own problem in +- 1 hour :(

I will persist longer in future but I hope my post becomes some use to someone else in the future thats just starting out.

Share this post


Link to post
Share on other sites

#8 ·  Posted (edited)

It is good that you are learning. Ignore the trolls. Feel free to ask questions here. There are plenty of friendly people that are happy to help.

Are you implying I'm a troll? Quite strange as I always try to help people. I just think it is odd if people post a question and an hour later post the solution. To me it seems that they didn't actually try to solve it themselves in the first place, I think it's fair enough to point that out. Edited by d4ni

Share this post


Link to post
Share on other sites

Where do you get this "NomadMemory.au3"? I searched but all links i can find are broken?

Share this post


Link to post
Share on other sites

Where do you get this "NomadMemory.au3"? I searched but all links i can find are broken?

Took a while for me to find it as well, I've included a unedited copy attached onto this post.

NomadMemory.au3

Share this post


Link to post
Share on other sites

Are you implying I'm a troll? Quite strange as I always try to help people. I just think it is odd if people post a question and an hour later post the solution. To me it seems that they didn't actually try to solve it themselves in the first place, I think it's fair enough to point that out.

I'm was implying (but being very clumsy about it) your response was a bit harsh to the OP. Some people figure out soon after posting their question and respond that they figured it out. Usually they will just make a new post instead of editing the original post. The fact he figured it out & saying he did - it helps others in not trying to do the work themselves. Thanks for helping though. Helping others in the forum is always welcomed.

Sorry about the troll comment. That was a bit harsh on my part. Moving on...

Share this post


Link to post
Share on other sites

Took a while for me to find it as well, I've included a unedited copy attached onto this post.

Thanks alot.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0