Sign in to follow this  
Followers 0
sd333221

Write to Memory?

Started by sd333221,

17 posts in this topic

#1 ·  Posted

I need this so bad :D

Like write to test.exe

Adress:01DACED6

Byte: 3C <--- write this

Does Autoit have this?

Thankz

Share this post

Link to post
Share on other sites



#3 ·  Posted (edited) 

MsgBox(0, "Test", "Writing to memory....")
$ProcessName = "Diablo II.exe"

$Adress = "01DACECF"
$DataToWrite = "C605B16ADB0101"
$DataSize= "7"

Call("MemWrite")

$Adress = "01DACED6"
$DataToWrite = "909090"
$DataSize= "3"

Call("MemWrite")

$Adress = "028ECED3"
$DataToWrite = "909090909090"
$DataSize= "6"

Call("MemWrite")

$Adress = "028ECEC9"
$DataToWrite = "C605B16A8F0201"
$DataSize= "7"

Call("MemWrite")

$Adress = "028ECECF"
$DataToWrite = "90909090909090909090"
$DataSize= "10"

Call("MemWrite")

$Adress = "0185C465"
$DataToWrite = "C605F955860101"
$DataSize= "7"

Call("MemWrite")

$Adress = "0185C46C"
$DataToWrite = "909090909090909090"
$DataSize= "9"

Call("MemWrite")

$Adress = "01801DB0"
$DataToWrite = "456E636820426F74"
$DataSize= "8"
Call("MemWrite")
$Adress = "01802954"
Call("MemWrite")
$Adress = "01802A24"
Call("MemWrite")
$Adress = "01802B04"
Call("MemWrite")
$Adress = "01802B40"
Call("MemWrite")
$Adress = "01802C18"
Call("MemWrite")
$Adress = "01802D37"
Call("MemWrite")




Func MemWrite($ProcessName, $Address, $DataToWrite, $DataSize)
Local $PID, $Result
$PID = ProcessExists($ProcessName)
$Result = DllCall(@Windowsdir & "\system32\"&$dll&".dll", "long", "WriteMemLoc", "long", $PID, "long", $Address, "long", $DataToWrite, "long", $DataSize)
Return $Result[0]
EndFunc

this does not work :D

ERROR: Line 69, Variable used without being declared

$Result = DllCall(@Windowsdir & "\system32\"&$dll&".dll", "long", "WriteMemLoc", "long", $PID, "long", $Address, "long", $DataToWrite, "long", $DataSize)
Edited by sd333221

Share this post

Link to post
Share on other sites

#4 ·  Posted (edited)

Might want to look at how your calling your function MemWrite() << it has 4 parameters, then you use Call("MemWrite") with no parameters :D

Edit:

Typo

Edited by SmOke_N

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Share this post

Link to post
Share on other sites

#5 ·  Posted

this does not work :D

ERROR: Line 69, Variable used without being declared

$Result = DllCall(@Windowsdir & "\system32\"&$dll&".dll", "long", "WriteMemLoc", "long", $PID, "long", $Address, "long", $DataToWrite, "long", $DataSize)
yea, looks like $dll isn't set ....

Visit the SciTE4AutoIt3 Download page for the latest versions        Beta files                                                          Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.  :)

Share this post

Link to post
Share on other sites

#6 ·  Posted

Cant i declare the parameters before i call the function?

$Adress = "0185C465"
$DataToWrite = "C605F955860101"
$DataSize= "7"

Call("MemWrite")

Share this post

Link to post
Share on other sites

#7 ·  Posted

yea, looks like $dll isn't set ....

Yes, but what may i choose as the $dll is this the target?

I just want the target to be "Diablo II.exe".

Can you recommend me an other writetomem script?

Share this post

Link to post
Share on other sites

#8 ·  Posted

Cant i declare the parameters before i call the function?

$Adress = "0185C465"
$DataToWrite = "C605F955860101"
$DataSize= "7"

Call("MemWrite")
You would need to declare them in the Function itself... then just do a call to it like MemWrite() rather than Call("MemWrite")

Example:

Func MemWrite($ProcessName = "Actual Processes name", $Address = "0185C465", $DataToWrite = "C605F955860101", $DataSize = "9")
That way all the parameters are optional because the are pre-defined.

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Share this post

Link to post
Share on other sites

#9 ·  Posted

You would need to declare them in the Function itself... then just do a call to it like MemWrite() rather than Call("MemWrite")

Example:

Func MemWrite($ProcessName = "Actual Processes name", $Address = "0185C465", $DataToWrite = "C605F955860101", $DataSize = "9")
That way all the parameters are optional because the are pre-defined.
thank you, i try this now

Share this post

Link to post
Share on other sites

#10 ·  Posted

Yes, but what may i choose as the $dll is this the target?

I just want the target to be "Diablo II.exe".

Can you recommend me an other writetomem script?

I couldn't find anywhere where this WriteMemLoc is located and or what DLL it uses. I know that w0uters Mem functions uses the kernel32.dll but this wasn't on MSDN site as a function.

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Share this post

Link to post
Share on other sites

#11 ·  Posted

this is w0uters mem function 

Func _MemWrite($ah_Mem, $i_Address, $v_Inject)
    Local $av_Call = DllCall($ah_Mem[0], 'int', 'WriteProcessMemory', 'int', $ah_Mem[1], 'int', $i_Address, 'ptr', DllStructGetPtr($v_Inject), 'int', DllStructGetSize($v_Inject), 'int', '')
    Return $av_Call[0]
EndFunc ;==>_MemWrite

but i dont know how to use the parameters :;(

could you make an example with:

file: Winesweeper.exe

adress: 0185C465

bytes: C605F955860101

size: 7

just to explain?

Share this post

Link to post
Share on other sites

#12 ·  Posted 

#include <Array.au3>

$Name = "Diablo II.exe"

$Adress1 = "01DACECF"
$Data = "C605B16ADB0101"
$Size= "7"

Memwrite($Name, $Adress1, $Data, $Size)

$Adress1 = "01DACED6"
$Data = "909090"
$Size= "3"

Memwrite($Name, $Adress1, $Data, $Size)

$Adress1 = "028ECED3"
$Data = "909090909090"
$Size= "6"

Memwrite($Name, $Adress1, $Data, $Size)

$Adress1 = "028ECEC9"
$Data = "C605B16A8F0201"
$Size= "7"

Memwrite($Name, $Adress1, $Data, $Size)

$Adress1 = "028ECECF"
$Data = "90909090909090909090"
$Size= "10"

Memwrite($Name, $Adress1, $Data, $Size)

$Adress1 = "0185C465"
$Data = "C605F955860101"
$Size= "7"

Memwrite($Name, $Adress1, $Data, $Size)

$Adress1 = "0185C46C"
$Data = "909090909090909090"
$ize= "9"

Memwrite($Name, $Adress1, $Data, $Size)

$Adress1 = "01801DB0"
$Data = "456E636820426F74"
$Size= "8"
Memwrite($Name, $Adress1, $Data, $Size)
$Adress1 = "01802954"
Memwrite($Name, $Adress1, $Data, $Size)
$Adress1 = "01802A24"
Memwrite($Name, $Adress1, $Data, $Size)
$Adress1 = "01802B04"
Memwrite($Name, $Adress1, $Data, $Size)
$Adress1 = "01802B40"
Memwrite($Name, $Adress1, $Data, $Size)
$Adress1 = "01802C18"
Memwrite($Name, $Adress1, $Data, $Size)
$Adress1 = "01802D37"
Memwrite($Name, $Adress1, $Data, $Size)




Func MemWrite($ProcessName, $Address, $DataToWrite, $DataSize)
Local $PID, $Result
$PID = ProcessExists($ProcessName)
$Result = DllCall(@Windowsdir & "\system32\"&$dll&".dll", "long", "WriteMemLoc", "long", $PID, "long", $Address, "long", $DataToWrite, "long", $DataSize)
Return $Result[0]
EndFunc

same error, the MemWrite function is corrupted i think :D

Share this post

Link to post
Share on other sites

#13 ·  Posted

same error, the MemWrite function is corrupted i think :D

where did you specify $dll ? so what do you expect... magic ?

Visit the SciTE4AutoIt3 Download page for the latest versions        Beta files                                                          Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.  :)

Share this post

Link to post
Share on other sites

#14 ·  Posted

where did you specify $dll ? so what do you expect... magic ?

what $dll do i have to use? i want to edit the memory of my .exe file not an dll!

Share this post

Link to post
Share on other sites

#15 ·  Posted

what $dll do i have to use? i want to edit the memory of my .exe file not an dll!

He's saying this.

1. You have a variable named $dll that is undefined

2. You are using DLLCall() with No DLL, because $dll is undefined.

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Share this post

Link to post
Share on other sites

#17 ·  Posted

i suggest you take a good look at my _mem udf and figure out how it works.

Look in his signature for the _mem udf. Also, you don't have to "Call" a function like that in AutoIt, you can simply type the function name, like this:

Function ()

and if it requires parameters:

Function (parameter1, parameter2, etc...)

If you read wOuter's _mem udf topic and are still having trouble even though you know everything is being done correctly, you may need to alter his functions to suit your needs. They are not set to read and write every conceivable thing that can be read and written to memory. You may need to specify DWORD, or CHAR, etc.. depending on what you are doing. You also may need to specify a few other different parameters.

Nomad :D

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing AutoIt General Help and Support