Memory.h is a C++ header file that provides a collection of functions and utilities for memory management and manipulation in a Windows environment which supports both x86 and x64 architectures. It includes functions for reading and writing to process memory, obtaining process information, and scanning memory regions for specific patterns.
- Process Information Retrieval: Functions to get process ID by name and main module of a process.
- Memory Reading and Writing: Templates for reading from and writing to process memory.
- Memory Scanning: Functions for pattern scanning in memory regions (synchronous and asynchronous).
- Multi-Level Pointer Handling: Function to follow multi-level pointers.
- Function Detouring: Functions for detouring functions in process memory (5-byte jmp near, 14-byte jmp far).
This header file relies on the following Windows-specific libraries:
- Windows.h
- Psapi.h
- TlHelp32.h
Here are some examples of how you might use the functions provided in this header file:
#include "Memory.h"
// Get process ID by name
std::int32_t process_id = memory::get_process_id_by_name("process_name.exe");
// Open the process
bool success = memory::open_process(process_id);
// Read from a specific memory address
std::uint64_t value = memory::read<std::uint64_t>(0x12345678);
// Write to a specific memory address
bool result = memory::write<float>(0x12345678, 43.5);
// Scan for a pattern in memory
std::string pattern = "AA BB CC ?? DD";
std::uint64_t found_address = memory::aob_scan(0x10000000, 0x20000000, pattern);
// Asynchronously scan for a pattern in memory
memory::aob_scan_async(pattern, [](std::uint64_t result) {
// Callback function to handle the result
});
#include "Memory.h"
#include <iostream>
int main()
{
const auto pid = memory::get_process_id_by_name("Tutorial-i386.exe");
if (pid == -1)
{
std::cerr << "Process not found\n";
return 1;
}
if (!memory::open_process(pid))
{
std::cerr << "Failed at open_process\n";
return 1;
}
memory::aob_scan_async("83 C0 01 29 83 B0 04 00 00", [](const std::uint64_t& result)
{
if (result == 0)
{
std::cerr << "Pattern not found\n";
return;
}
std::cout << "Pattern scan result:" << std::hex << result << '\n';
const auto detour_addr = memory::create_detour(result, { 0x83, 0xC0, 0x01, 0x29, 0x83, 0xB0, 0x04, 0x00, 0x00 }, 9);
std::cout << "Detour address:" << std::hex << detour_addr;
});
std::cin.get();
return 0;
}
This project is licensed under the GPL-3.0 License. See the LICENSE file for details.
This code is provided as-is for educational purposes and should not be used maliciously. The author is not responsible for any misuse of this code.
Contributions are welcome. Please open an issue or submit a pull request.
If you encounter any problems or have any questions, please open an issue on GitHub.