7

Is there any good and easy-to-use module built in Python for editing memory? Or is there any module like this at all?

What I'm looking for is a way to attach to a process and read from/write to it. Much like how Cheat Engine works. Here's a example of how it works in C++.

Michael Petrotta
  • 59,888
  • 27
  • 145
  • 179
Willy
  • 635
  • 8
  • 18
  • What do you mean by memory editing? Whose memory, what kind of memory, and in which ways? –  Aug 18 '12 at 15:59
  • 1
    You might be able to do it using the [`ctypes`](http://docs.python.org/library/ctypes.html) module. Specifically, with the `ctypes.from_address()` function. – martineau Aug 18 '12 at 17:32
  • 2
    http://stackoverflow.com/questions/8250625/access-memory-address-in-python – Sheena Aug 18 '12 at 19:27

1 Answers1

9

Took me a while to find a way of doing this but here's what I came up with!

from ctypes import *
from ctypes.wintypes import *

pid = 0 #the pid of the process, aquired earlier by hand

address = 0x0000 #where to read from while in the memory

OpenProcess = windll.kernel32.OpenProcess
ReadProcessMemory = windll.kernel32.ReadProcessMemory
CloseHandle = windll.kernel32.CloseHandle


PROCESS_ALL_ACCESS = 0x1F0FFF

datadummy = b'.'*200
buffer = c_char_p(datadummy)
bufferSize = len(buffer.value)
bytesRead = c_ulong(0)

processHandle = OpenProcess(PROCESS_ALL_ACCESS, False, int(PID))

ReadProcessMemory(processHandle, address, buffer, bufferSize, byref(bytesRead))

CloseHandle(processHandle)

And to write to the memory I would just add WriteProcessMemory = windll.kernel32.WriteProcessMemory and then call it

Willy
  • 635
  • 8
  • 18
  • when i run print(readprocessmemory(...)) it prints 0, i think i should change the datadummy = b'.'*200 buffer = c_char_p(datadummy) bufferSize = len(buffer.value) bytesRead = c_ulong(0) but i have no idea with what.. – extreme4all Mar 16 '19 at 16:54
  • @extreme4all ReadProcessMemory writes to the buffer 'buffer' and the returned value is the error code (0 = no error). – Willy Mar 17 '19 at 12:24