Also using "??" when replacing, will not touch that byte.
The result will be "66 DA 66"
Here is a working without wildcards code using the normal search and replace that I created:
import ctypes
from mem_edit import Process
hex_pattern = "33 00 00 00 00 00 00 00 CF 80 CA 7F F4 E8 91 7E"
pattern = bytes.fromhex(hex_pattern)
bytes object
replacement_hex = "22 00 00 00 00 00 00 00 CF 80 CA 7F F4 E8 91 7E"
replacement = bytes.fromhex(replacement_hex)
replacement_buffer = ctypes.create_string_buffer(replacement, len(replacement))
pid = Process.get_pid_by_name("MyProcess.exe")
with Process.open_process(pid) as p:
addrs = p.search_all_memory(pattern)
for addr in addrs:
p.write_memory(addr, replacement_buffer)
This will search for:
"33 00 00 00 00 00 00 00 CF 80 CA 7F F4 E8 91 7E"
and replace it with:
"22 00 00 00 00 00 00 00 CF 80 CA 7F F4 E8 91 7E"
Is there any way of using "??" as a search wildcard like in Cheat Engine?
For example, I want to find the next pattern using "??":
44 01 1B 2F 33 **??** 6A 06 CF **??** 80 CA 7F F4 E8 91 7E
It should find all patterns that match all the bytes and matching any byte on the positions of all the "??", so the next patterns are matched:
"44 01 1B 2F 33 **04** 6A 06 CF **45** 80 CA 7F F4 E8 91 7E"
"44 01 1B 2F 33 **2B** 6A 06 CF **FB** 80 CA 7F F4 E8 91 7E"
"44 01 1B 2F 33 **6C** 6A 06 CF **16** 80 CA 7F F4 E8 91 7E"
"44 01 1B 2F 33 **11** 6A 06 CF **4F** 80 CA 7F F4 E8 91 7E"
Another example in Cheat Engine:
Also using "??" when replacing, will not touch that byte.
The result will be "66 DA 66"
Here is a working without wildcards code using the normal search and replace that I created:
```
import ctypes
from mem_edit import Process
hex_pattern = "33 00 00 00 00 00 00 00 CF 80 CA 7F F4 E8 91 7E"
pattern = bytes.fromhex(hex_pattern)
bytes object
replacement_hex = "22 00 00 00 00 00 00 00 CF 80 CA 7F F4 E8 91 7E"
replacement = bytes.fromhex(replacement_hex)
replacement_buffer = ctypes.create_string_buffer(replacement, len(replacement))
pid = Process.get_pid_by_name("MyProcess.exe")
with Process.open_process(pid) as p:
addrs = p.search_all_memory(pattern)
for addr in addrs:
p.write_memory(addr, replacement_buffer)
```
This will search for:
**"33 00 00 00 00 00 00 00 CF 80 CA 7F F4 E8 91 7E"**
and replace it with:
**"22 00 00 00 00 00 00 00 CF 80 CA 7F F4 E8 91 7E"**
jan
Is there any way of using "??" as a search wildcard like in Cheat Engine?
For example, I want to find the next pattern using "??":
44 01 1B 2F 33 ?? 6A 06 CF ?? 80 CA 7F F4 E8 91 7E
It should find all patterns that match all the bytes and matching any byte on the positions of all the "??", so the next patterns are matched:
"44 01 1B 2F 33 04 6A 06 CF 45 80 CA 7F F4 E8 91 7E"
"44 01 1B 2F 33 2B 6A 06 CF FB 80 CA 7F F4 E8 91 7E"
"44 01 1B 2F 33 6C 6A 06 CF 16 80 CA 7F F4 E8 91 7E"
"44 01 1B 2F 33 11 6A 06 CF 4F 80 CA 7F F4 E8 91 7E"
Another example in Cheat Engine:
Also using "??" when replacing, will not touch that byte.
The result will be "66 DA 66"
Here is a working without wildcards code using the normal search and replace that I created:
This will search for:
"33 00 00 00 00 00 00 00 CF 80 CA 7F F4 E8 91 7E"
and replace it with:
"22 00 00 00 00 00 00 00 CF 80 CA 7F F4 E8 91 7E"