Falkor Posted February 21, 2010 Posted February 21, 2010 #include <NomadMemory.au3> SetPrivilege("SeDebugPrivilege", 1) $pid = _MemoryOpen(ProcessExists("notepad.exe")) MsgBox(0, "PID", $pid) _MemoryClose($pid) Hey all, I'm pretty new to AutoIT but a fast learner I've been trying to figure out memory reading and starting off by simple trying to get the PID from the current notepad.exe process. Running the above code presents a blank msgbox, I've tried everything I can think of but its either the code or the fact im running Windows 7 x64. Any replys would be much appreiciated and I apologise if its a really really simple mistake!.
Falkor Posted February 21, 2010 Author Posted February 21, 2010 Addtional Notes: I've added #RequireAdmin to the top of this script and this has no effect. I have noticed that when notepad.exe is closed I get the PID 0 and when its open I get a blank PID in the msgbox...
Falkor Posted February 21, 2010 Author Posted February 21, 2010 (edited) Solved I was trying to read the memoryopen+pid value which of course is useless! After some carefull thinking / research I came up with the following code which proberly demonstrates the basic memory reading with AutoITv3 #include <NomadMemory.au3> #RequireAdmin SetPrivilege("SeDebugPrivilege", 1) $pid = ProcessExists("MyProgram.exe") ;get process ID $mem_Open = _MemoryOpen($pid) ;open memory for read/write $mem_Read = _MemoryRead("0x63043C", $Mem_Open) ;read the memory MsgBox(0, "Output", $mem_Read) ;display memory _MemoryClose($mem_Open) ;close the memory Edited February 21, 2010 by Falkor
dani Posted February 21, 2010 Posted February 21, 2010 Well, congratulations Next time try to think a bit harder before posting though, as you solved your own problem in +- 1 hour
Fire Posted February 21, 2010 Posted February 21, 2010 FalkorAlways i use this way too:(Additional Method )#RequireAdmin ;WMIC PROCESS WHERE handle="definehandlehere" get name ;you can get name of Proc ;Proc name to pid Run("cmd.exe /c " & "notepad.exe",@WindowsDir,@SW_HIDE) RunWait("cmd.exe /c " & "WMIC PROCESS WHERE Name='notepad.exe' get handle >>"&@TempDir&"\proc4.txt",@ScriptDir,@SW_HIDE) $hfileopen=FileOpen(@TempDir&"\proc4.txt",0) MsgBox(64,"","pid for notepad.exe Process Name = > " & FileRead(@TempDir&"\proc4.txt")) FileClose($hfileopen) FileDelete(@TempDir&"\proc4.txt") [size="5"] [/size]
Falkor Posted February 22, 2010 Author Posted February 22, 2010 On 2/21/2010 at 9:15 PM, 'd4ni said: Well, congratulations Next time try to think a bit harder before posting though, as you solved your own problem in +- 1 hour I will persist longer in future but I hope my post becomes some use to someone else in the future thats just starting out.
Bert Posted February 22, 2010 Posted February 22, 2010 It is good that you are learning. Ignore the trolls. Feel free to ask questions here. There are plenty of friendly people that are happy to help. The Vollatran project My blog: http://www.vollysinterestingshit.com/
dani Posted February 22, 2010 Posted February 22, 2010 (edited) On 2/22/2010 at 10:50 AM, 'Volly said: It is good that you are learning. Ignore the trolls. Feel free to ask questions here. There are plenty of friendly people that are happy to help.Are you implying I'm a troll? Quite strange as I always try to help people. I just think it is odd if people post a question and an hour later post the solution. To me it seems that they didn't actually try to solve it themselves in the first place, I think it's fair enough to point that out. Edited February 22, 2010 by d4ni
notsure Posted February 22, 2010 Posted February 22, 2010 Where do you get this "NomadMemory.au3"? I searched but all links i can find are broken?
Falkor Posted February 22, 2010 Author Posted February 22, 2010 On 2/22/2010 at 2:55 PM, 'notsure said: Where do you get this "NomadMemory.au3"? I searched but all links i can find are broken?Took a while for me to find it as well, I've included a unedited copy attached onto this post.NomadMemory.au3
Bert Posted February 22, 2010 Posted February 22, 2010 On 2/22/2010 at 12:39 PM, 'd4ni said: Are you implying I'm a troll? Quite strange as I always try to help people. I just think it is odd if people post a question and an hour later post the solution. To me it seems that they didn't actually try to solve it themselves in the first place, I think it's fair enough to point that out.I'm was implying (but being very clumsy about it) your response was a bit harsh to the OP. Some people figure out soon after posting their question and respond that they figured it out. Usually they will just make a new post instead of editing the original post. The fact he figured it out & saying he did - it helps others in not trying to do the work themselves. Thanks for helping though. Helping others in the forum is always welcomed.Sorry about the troll comment. That was a bit harsh on my part. Moving on... The Vollatran project My blog: http://www.vollysinterestingshit.com/
notsure Posted February 23, 2010 Posted February 23, 2010 On 2/22/2010 at 3:21 PM, 'Falkor said: Took a while for me to find it as well, I've included a unedited copy attached onto this post.Thanks alot.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now