shokerplz/mem_edit
1
0
Fork 0
forked from jan/mem_edit
Code Issues Pull requests Releases Wiki Activity

Compare commits

base: shokerplz:v0.4
Branches Tags
shokerplz:master
shokerplz:test
jan:master
jan:test
shokerplz:v0.7
shokerplz:v0.6
shokerplz:v0.5
shokerplz:v0.4
shokerplz:v0.3
shokerplz:release
shokerplz:0.2
shokerplz:0.1
jan:0.1
jan:0.2
jan:release
jan:v0.3
jan:v0.4
jan:v0.5
jan:v0.6
jan:v0.7
jan:v0.8
..
compare: shokerplz:master
Branches Tags
shokerplz:master
shokerplz:test
jan:master
jan:test
shokerplz:v0.7
shokerplz:v0.6
shokerplz:v0.5
shokerplz:v0.4
shokerplz:v0.3
shokerplz:release
shokerplz:0.2
shokerplz:0.1
jan:0.1
jan:0.2
jan:release
jan:v0.3
jan:v0.4
jan:v0.5
jan:v0.6
jan:v0.7
jan:v0.8

No commits in common. "v0.4" and "master" have entirely different histories.
v0.4 ... master

2 changed files with 7 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

2
mem_edit/VERSION
View file

@ -1 +1 @@
0.4 0.3

46
mem_edit/windows.py
View file

@ -67,51 +67,19 @@ mem_types = {
'MEM_PRIVATE': 0x20000, 'MEM_PRIVATE': 0x20000,
} }
# C struct for VirtualQueryEx # C struct for VirtualQueryEx
class MEMORY_BASIC_INFORMATION32(ctypes.Structure): class MEMORY_BASIC_INFORMATION(ctypes.Structure):
_fields_ = [ _fields_ = [
('BaseAddress', ctypes.wintypes.DWORD), ('BaseAddress', ctypes.c_void_p),
('AllocationBase', ctypes.wintypes.DWORD), ('AllocationBase', ctypes.c_void_p),
('AllocationProtect', ctypes.wintypes.DWORD), ('AllocationProtect', ctypes.wintypes.DWORD),
('RegionSize', ctypes.wintypes.DWORD), ('RegionSize', ctypes.wintypes.UINT),
('State', ctypes.wintypes.DWORD), ('State', ctypes.wintypes.DWORD),
('Protect', ctypes.wintypes.DWORD), ('Protect', ctypes.wintypes.DWORD),
('Type', ctypes.wintypes.DWORD), ('Type', ctypes.wintypes.DWORD),
] ]
class MEMORY_BASIC_INFORMATION64(ctypes.Structure):
_fields_ = [
('BaseAddress', ctypes.c_ulonglong),
('AllocationBase', ctypes.c_ulonglong),
('AllocationProtect', ctypes.wintypes.DWORD),
('__alignment1', ctypes.wintypes.DWORD),
('RegionSize', ctypes.c_ulonglong),
('State', ctypes.wintypes.DWORD),
('Protect', ctypes.wintypes.DWORD),
('Type', ctypes.wintypes.DWORD),
('__alignment2', ctypes.wintypes.DWORD),
]
PTR_SIZE = ctypes.sizeof(ctypes.c_void_p)
if PTR_SIZE == 8: # 64-bit python
MEMORY_BASIC_INFORMATION = MEMORY_BASIC_INFORMATION64
elif PTR_SIZE == 4: # 32-bit python
MEMORY_BASIC_INFORMATION = MEMORY_BASIC_INFORMATION32
ctypes.windll.kernel32.VirtualQueryEx.argtypes = [ctypes.wintypes.HANDLE,
ctypes.wintypes.LPCVOID,
ctypes.c_void_p,
ctypes.c_size_t]
ctypes.windll.kernel32.ReadProcessMemory.argtypes = [ctypes.wintypes.HANDLE,
ctypes.wintypes.LPCVOID,
ctypes.c_void_p,
ctypes.c_size_t,
ctypes.c_void_p]
ctypes.windll.kernel32.WriteProcessMemory.argtypes = [ctypes.wintypes.HANDLE,
ctypes.wintypes.LPCVOID,
ctypes.c_void_p,
ctypes.c_size_t,
ctypes.c_void_p]
# C struct for GetSystemInfo # C struct for GetSystemInfo
class SYSTEM_INFO(ctypes.Structure): class SYSTEM_INFO(ctypes.Structure):
@ -121,7 +89,7 @@ class SYSTEM_INFO(ctypes.Structure):
('dwPageSize', ctypes.wintypes.DWORD), ('dwPageSize', ctypes.wintypes.DWORD),
('lpMinimumApplicationAddress', ctypes.c_void_p), ('lpMinimumApplicationAddress', ctypes.c_void_p),
('lpMaximumApplicationAddress', ctypes.c_void_p), ('lpMaximumApplicationAddress', ctypes.c_void_p),
('dwActiveProcessorMask', ctypes.c_void_p), ('dwActiveProcessorMask', ctypes.wintypes.DWORD),
('dwNumberOfProcessors', ctypes.wintypes.DWORD), ('dwNumberOfProcessors', ctypes.wintypes.DWORD),
('dwProcessorType', ctypes.wintypes.DWORD), ('dwProcessorType', ctypes.wintypes.DWORD),
('dwAllocationGranularity', ctypes.wintypes.DWORD), ('dwAllocationGranularity', ctypes.wintypes.DWORD),
@ -237,8 +205,6 @@ class Process(AbstractProcess):
return pid return pid
except ValueError: except ValueError:
pass pass
except MemEditError as err:
logger.info(repr(err))
logger.info('Found no process with name {}'.format(target_name)) logger.info('Found no process with name {}'.format(target_name))
return None return None