_WinAPI : OpenProcess & WriteProcessMemory

[LinuZ]

#Include <WinAPI.au3>

DllOpen("kernel32.dll")

Const $PROCESS_ALL_ACCESS = 0xFFFF

Global $return

$process = ProcessExists("war3.exe")

$war3 = _WinAPI_OpenProcess($PROCESS_ALL_ACCESS, 1, $process)

_WinAPI_WriteProcessMemory($war3, 0x6f3a04ab, 0x9090, 2, $return)

This is the code. What is should do is:

1. Open the specified process (in this case Warcraft III process)

2. Write some bytes

3. Exit

What I do get is:

or this:

Anyone that has experienced this problem before?

The thing is: I guess Warcraft III has protected its memory somehow :/

Any syntax/practical errors I've made? Any way to get more access?

Thanks for taking your time!

Edited August 20, 2008 by LinuZ

[killerofsix]

try adding #RequireAdmin

[LinuZ]

try adding #RequireAdmin

Ehh, I am using XP...

But however, thanks for trying!

[killerofsix]

try using Nomads memory functions. there are a lot more topics regarding his memory functions then the winapi one's

Here's the topic: http://www.autoitscript.com/forum/index.php?showtopic=28351

[LinuZ]

try using Nomads memory functions. there are a lot more topics regarding his memory functions then the winapi one's

Here's the topic: http://www.autoitscript.com/forum/index.php?showtopic=28351

Oh thanks m8! That helped

Will look into them, and reply if I need further help or if I can't get that to work either!

Thanks again!

[LinuZ]

#include "Memory.au3"
Opt("WinTitleMatchMode", 4)
$DecimalWrite = 9090
$PID = WinGetProcess("ClassName=Warcraft III", "")
If $PID = -1 Then
    MsgBox(4096, "ERROR", "Failed to detect process.")
    Exit
EndIf
$open = _MemoryOpen($PID)
_MemoryWrite(0x6f3a04ab, $open, $DecimalWrite)
_MemoryClose($open)

This is what I tried this time. Not working at all

Any more ideas?

[oMBRa]

change $PID = WinGetProcess("ClassName=Warcraft III", "") with $PID = WinGetProcess("Warcraft III", "")

[killerofsix]

#include "Memory.au3"
Opt("WinTitleMatchMode", 4)
$DecimalWrite = 9090
$PID = WinGetProcess("ClassName=Warcraft III", "")
If $PID = -1 Then
    MsgBox(4096, "ERROR", "Failed to detect process.")
    Exit
EndIf
$open = _MemoryOpen($PID)
_MemoryWrite(0x6f3a04ab, $open, $DecimalWrite)
_MemoryClose($open)oÝ÷ Ù8b²+0«H¶¸vØb²Ø¦xÚ-Âäxµ©e|¦¢·¢uæ¬þ«¨µå,y'­>¸¯W y§]Ûhʫ騯&®Ý«­¢+Øìôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôô(ìչѥ½¸è$$%MÑAÉ¥Ù¥± ÀÌØíÁÉ¥Ù¥±°ÀÌØí¹±¤(ìÍÉ¥ÁÑ¥½¸è$%¹±Ì¡½È¥Í±Ì¤Ñ¡ÀÌØíÁÉ¥Ù¥±½¸Ñ¡ÕÉɹÐÁɽÍÌ(ì¡Aɽ±ä¤ÉÅÕ¥É̵¥¹¥ÍÑÉѽÈÁÉ¥Ù¥±ÌѼÉÕ¸(ì(ìÕÑ¡½È¡Ì¤è$%1ÉÉä¡É½´Õѽ¥ÑÍÉ¥Áй½´Ìäí̽ÉÕ´¤(ì9½Ñ̡̤è(ì¡ÑÑÀè¼½ÝÝܹÕѽ¥ÑÍÉ¥Áй½´½½ÉÕ´½¥¹à¹Á¡ÀýÌôµÀíÍ¡½ÝѽÁ¥ôÌÄÈÐàµÀíÙ¥Üõ¥¹Á½ÍеÀíÀôÈÈÌäää(ìôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôôô()Õ¹MÑAÉ¥Ù¥± ÀÌØíÁÉ¥Ù¥±°ÀÌØí¹±¤(
½¹ÍÐÀÌØí5e}Q=-9})UMQ}AI%Y%1LôÁàÀÀÈÀ(
½¹ÍÐÀÌØí5e}Q=-9}EUIdôÁàÀÀÀà(
½¹ÍÐÀÌØí5e}M}AI%Y%1}9   1ôÁàÀÀÀÈ(1½°ÀÌØí¡Q½­¸°ÀÌØíMA}ÕáÉаÀÌØíMA}ÉаÀÌØí¡
ÕÉÉAɽÍÌ°ÀÌØí¹Q½­¹Ì°ÀÌØí¹Q½­¹%¹à°ÀÌØíÁÉ¥Ø(ÀÌØí¹Q½­¹ÌôÄ(ÀÌØí1U%ô11MÑÉÕÑ
ÉÑ ÅÕ½ÐíݽÉí¥¹ÐÅÕ½Ðì¤(%%ÍÉÉä ÀÌØíÁÉ¥Ù¥±¤Q¡¸ÀÌØí¹Q½­¹ÌôU  ½Õ¹ ÀÌØíÁÉ¥Ù¥±¤(ÀÌØíQ=-9}AI%Y%1Lô11MÑÉÕÑ
ÉÑ ÅÕ½ÐíݽÉíݽÉlÅÕ½ÐìµÀì ̨ÀÌØí¹Q½­¹Ì¤µÀìÅÕ½ÐítÅÕ½Ðì¤(ÀÌØí9]Q=-9}AI%Y%1Lô11MÑÉÕÑ
ÉÑ ÅÕ½ÐíݽÉíݽÉlÅÕ½ÐìµÀì ̨ÀÌØí¹Q½­¹Ì¤µÀìÅÕ½ÐítÅÕ½Ðì¤(ÀÌØí¡
ÕÉÉAɽÍÌô11
±° ÅÕ½Ðí­É¹°Ìȹ±°ÅÕ½Ðì°ÅÕ½Ðí¡Ý¹ÅÕ½Ðì°ÅÕ½ÐíÑ
ÕÉɹÑAɽÍÌÅÕ½Ðì¤(ÀÌØíMA}ÕáÉÐô11
±° ÅÕ½ÐíÙÁ¤Ìȹ±°ÅÕ½Ðì°ÅÕ½Ðí¥¹ÐÅÕ½Ðì°ÅÕ½Ðí=Á¹AɽÍÍQ½­¸ÅÕ½Ðì°ÅÕ½Ðí¡Ý¹ÅÕ½Ðì°ÀÌØí¡
ÕÉÉAɽÍÍlÁt°|(ÅÕ½Ðí¥¹ÐÅÕ½Ðì± ¥Ñ=H ÀÌØí5e}Q=-9})UMQ}AI%Y%1L°ÀÌØí5e}Q=-9}EUId¤°ÅÕ½Ðí¥¹Ð¨ÅÕ½Ðì°À¤(%ÀÌØíMA}ÕáÉÑlÁtQ¡¸(ÀÌØí¡Q½­¸ôÀÌØíMA}ÕáÉÑlÍt(11MÑÉÕÑMÑÑ ÀÌØíQ=-9}AI%Y%1L°Ä°Ä¤(ÀÌØí¹Q½­¹%¹àôÄ(]¡¥±ÀÌØí¹Q½­¹%¹à±ÐìôÀÌØí¹Q½­¹Ì(%%ÍÉÉä ÀÌØíÁÉ¥Ù¥±¤Q¡¸(ÀÌØíÁÉ¥ØôÀÌØíÁÉ¥Ù¥±lÀÌØí¹Q½­¹%¹à´Åt(±Í(ÀÌØíÁÉ¥ØôÀÌØíÁÉ¥Ù¥±(¹%(ÀÌØíÉÐô11
±° ÅÕ½ÐíÙÁ¤Ìȹ±°ÅÕ½Ðì°ÅÕ½Ðí¥¹ÐÅÕ½Ðì°ÅÕ½Ðí1½½­ÕÁAÉ¥Ù¥±Y±ÕÅÕ½Ðì°ÅÕ½ÐíÍÑÈÅÕ½Ðì°ÅÕ½ÐìÅÕ½Ðì°ÅÕ½ÐíÍÑÈÅÕ½Ðì°ÀÌØíÁɥذ|(ÅÕ½ÐíÁÑÈÅÕ½Ðì±11MÑÉÕÑÑAÑÈ ÀÌØí1U%¤¤(%ÀÌØíÉÑlÁtQ¡¸(%ÀÌØí¹±Q¡¸(11MÑÉÕÑMÑÑ ÀÌØíQ=-9}AI%Y%1L°È°ÀÌØí5e}M}AI%Y%1}9 1° ̨ÀÌØí¹Q½­¹%¹à¤¤(±Í(11MÑÉÕÑMÑÑ ÀÌØíQ=-9}AI%Y%1L°È°À° ̨ÀÌØí¹Q½­¹%¹à¤¤(¹%(11MÑÉÕÑMÑÑ ÀÌØíQ=-9}AI%Y%1L°È±±±MÑÉÕÑÑÑ ÀÌØí1U%°Ä¤° ̨ ÀÌØí¹Q½­¹%¹à´Ä¤¤¬Ä¤(11MÑÉÕÑMÑÑ ÀÌØíQ=-9}AI%Y%1L°È±±±MÑÉÕÑÑÑ ÀÌØí1U%°È¤° ̨ ÀÌØí¹Q½­¹%¹à´Ä¤¤¬È¤(11MÑÉÕÑMÑÑ ÀÌØí1U%°Ä°À¤(11MÑÉÕÑMÑÑ ÀÌØí1U%°È°À¤(¹%(ÀÌØí¹Q½­¹%¹à¬ôÄ(]¹(ÀÌØíÉÐô11
±° ÅÕ½ÐíÙÁ¤Ìȹ±°ÅÕ½Ðì°ÅÕ½Ðí¥¹ÐÅÕ½Ðì°ÅÕ½Ðí©ÕÍÑQ½­¹AÉ¥Ù¥±ÌÅÕ½Ðì°ÅÕ½Ðí¡Ý¹ÅÕ½Ðì°ÀÌØí¡Q½­¸°ÅÕ½Ðí¥¹ÐÅÕ½Ðì°À°|(ÅÕ½ÐíÁÑÈÅÕ½Ðì±±±MÑÉÕÑÑAÑÈ ÀÌØíQ=-9}AI%Y%1L¤°ÅÕ½Ðí¥¹ÐÅÕ½Ðì±±±MÑÉÕÑÑM¥é ÀÌØí9]Q=-9}AI%Y%1L¤°|(ÅÕ½ÐíÁÑÈÅÕ½Ðì±±±MÑÉÕÑÑAÑÈ ÀÌØí9]Q=-9}AI%Y%1L¤°ÅÕ½Ðí¥¹Ð¨ÅÕ½Ðì°À¤(ÀÌØíô11
±° ÅÕ½Ðí­É¹°Ìȹ±°ÅÕ½Ðì°ÅÕ½Ðí¥¹ÐÅÕ½Ðì°ÅÕ½ÐíÑ1ÍÑÉɽÈÅÕ½Ðì¤(¹%(ÀÌØí9]Q=-9}AI%Y%1LôÀ(ÀÌØíQ=-9}AI%Y%1LôÀ(ÀÌØí1U%ôÀ(%ÀÌØíMA}ÕáÉÑlÁtôÀQ¡¸IÑÕɸÀ(ÀÌØíMA}ÕáÉÐô11
±° ÅÕ½Ðí­É¹°Ìȹ±°ÅÕ½Ðì°ÅÕ½Ðí¥¹ÐÅÕ½Ðì°ÅÕ½Ðí
±½Í!¹±ÅÕ½Ðì°ÅÕ½Ðí¡Ý¹ÅÕ½Ðì°ÀÌØí¡Q½­¸¤(%9½ÐÀÌØíÉÑlÁt¹9½ÐÀÌØíMA}ÕáÉÑlÁtQ¡¸IÑÕɸÀ(ÉÑÕɸÀÌØíÉÑlÁt)¹Õ¹ìôôÐíMÑAÉ¥Ù¥±oÝ÷ Øw«{& ¢×¥g¢~Øb³
+Æ®¶­sb6æ6ÇVFRgV÷C´ÖVÖ÷'æS2gV÷C°¤÷BgV÷CµvåFFÆTÖF6ÖöFRgV÷C²ÂB¢b33c´FV6ÖÅw&FRÒ¢b33cµBÒvävWE&ö6W72gV÷Cµv&7&gBgV÷C²ÂgV÷C²gV÷C²¤bb33cµBÒÓFVà ×6t&÷CbÂgV÷C´U%$õ"gV÷C²ÂgV÷C´fÆVBFòFWFV7B&ö6W72âgV÷C² W@¤VæD`¢b33cµ&bÒ6WE&fÆVvRgV÷Cµ6TFV'Vu&fÆVvRgV÷C²Â´Föâb33·B6ævRF2b333°¢b33cµ&bÒ3´FöçB6ævRF2b333²R6â6ævRFRf"æÖP¢b33c¶÷VâÒôÖVÖ÷'÷Vâb33cµBÂb33cµ&bÂfÇ6R¶fVBF0¥ôÖVÖ÷'w&FRfc6F"Âb33c¶÷VâÂb33c´FV6ÖÅw&FR¥ôÖVÖ÷'6Æ÷6Rb33c¶÷Vâ

[LinuZ]

I think it works... Not sure though, gonna play around a bit

I PM you if I have problems, if that is ok?

Thanks!

[killerofsix]

ya sure no problem