SHOW:
|
|
- or go back to the newest paste.
| 1 | #include-once | |
| 2 | #region _Memory | |
| 3 | ;================================================================================== | |
| 4 | ; AutoIt Version: 3.1.127 (beta) | |
| 5 | ; Language: English | |
| 6 | ; Platform: All Windows | |
| 7 | ; Author: Nomad | |
| 8 | ; Requirements: These functions will only work with beta. | |
| 9 | ;================================================================================== | |
| 10 | ; Credits: wOuter - These functions are based on his original _Mem() functions. | |
| 11 | ; But they are easier to comprehend and more reliable. These | |
| 12 | ; functions are in no way a direct copy of his functions. His | |
| 13 | ; functions only provided a foundation from which these evolved. | |
| 14 | ;================================================================================== | |
| 15 | ; | |
| 16 | ; Functions: | |
| 17 | ; | |
| 18 | ;================================================================================== | |
| 19 | ; Function: _MemoryOpen($iv_Pid[, $iv_DesiredAccess[, $iv_InheritHandle]]) | |
| 20 | ; Description: Opens a process and enables all possible access rights to the | |
| 21 | ; process. The Process ID of the process is used to specify which | |
| 22 | ; process to open. You must call this function before calling | |
| 23 | ; _MemoryClose(), _MemoryRead(), or _MemoryWrite(). | |
| 24 | ; Parameter(s): $iv_Pid - The Process ID of the program you want to open. | |
| 25 | ; $iv_DesiredAccess - (optional) Set to 0x1F0FFF by default, which | |
| 26 | ; enables all possible access rights to the | |
| 27 | ; process specified by the Process ID. | |
| 28 | ; $iv_InheritHandle - (optional) If this value is TRUE, all processes | |
| 29 | ; created by this process will inherit the access | |
| 30 | ; handle. Set to 1 (TRUE) by default. Set to 0 | |
| 31 | ; if you want it FALSE. | |
| 32 | ; Requirement(s): None. | |
| 33 | ; Return Value(s): On Success - Returns an array containing the Dll handle and an | |
| 34 | ; open handle to the specified process. | |
| 35 | ; On Failure - Returns 0 | |
| 36 | ; @Error - 0 = No error. | |
| 37 | ; 1 = Invalid $iv_Pid. | |
| 38 | ; 2 = Failed to open Kernel32.dll. | |
| 39 | ; 3 = Failed to open the specified process. | |
| 40 | ; Author(s): Nomad | |
| 41 | ; Note(s): | |
| 42 | ;================================================================================== | |
| 43 | Func _MemoryOpen($iv_Pid, $iv_DesiredAccess = 0x1F0FFF, $iv_InheritHandle = 1) | |
| 44 | ||
| 45 | If Not ProcessExists($iv_Pid) Then | |
| 46 | SetError(1) | |
| 47 | Return 0 | |
| 48 | EndIf | |
| 49 | ||
| 50 | Local $ah_Handle[2] = [DllOpen('kernel32.dll')]
| |
| 51 | ||
| 52 | If @Error Then | |
| 53 | SetError(2) | |
| 54 | Return 0 | |
| 55 | EndIf | |
| 56 | ||
| 57 | Local $av_OpenProcess = DllCall($ah_Handle[0], 'int', 'OpenProcess', 'int', $iv_DesiredAccess, 'int', $iv_InheritHandle, 'int', $iv_Pid) | |
| 58 | ||
| 59 | If @Error Then | |
| 60 | DllClose($ah_Handle[0]) | |
| 61 | SetError(3) | |
| 62 | Return 0 | |
| 63 | EndIf | |
| 64 | ||
| 65 | $ah_Handle[1] = $av_OpenProcess[0] | |
| 66 | ||
| 67 | Return $ah_Handle | |
| 68 | ||
| 69 | EndFunc | |
| 70 | ||
| 71 | ;================================================================================== | |
| 72 | ; Function: _MemoryRead($iv_Address, $ah_Handle[, $sv_Type]) | |
| 73 | ; Description: Reads the value located in the memory address specified. | |
| 74 | ; Parameter(s): $iv_Address - The memory address you want to read from. It must | |
| 75 | ; be in hex format (0x00000000). | |
| 76 | ; $ah_Handle - An array containing the Dll handle and the handle | |
| 77 | ; of the open process as returned by _MemoryOpen(). | |
| 78 | ; $sv_Type - (optional) The "Type" of value you intend to read. | |
| 79 | ; This is set to 'dword'(32bit(4byte) signed integer) | |
| 80 | ; by default. See the help file for DllStructCreate | |
| 81 | ; for all types. An example: If you want to read a | |
| 82 | ; word that is 15 characters in length, you would use | |
| 83 | ; 'char[16]' since a 'char' is 8 bits (1 byte) in size. | |
| 84 | ; Return Value(s): On Success - Returns the value located at the specified address. | |
| 85 | ; On Failure - Returns 0 | |
| 86 | ; @Error - 0 = No error. | |
| 87 | ; 1 = Invalid $ah_Handle. | |
| 88 | ; 2 = $sv_Type was not a string. | |
| 89 | ; 3 = $sv_Type is an unknown data type. | |
| 90 | ; 4 = Failed to allocate the memory needed for the DllStructure. | |
| 91 | ; 5 = Error allocating memory for $sv_Type. | |
| 92 | ; 6 = Failed to read from the specified process. | |
| 93 | ; Author(s): Nomad | |
| 94 | ; Note(s): Values returned are in Decimal format, unless specified as a | |
| 95 | ; 'char' type, then they are returned in ASCII format. Also note | |
| 96 | ; that size ('char[size]') for all 'char' types should be 1
| |
| 97 | ; greater than the actual size. | |
| 98 | ;================================================================================== | |
| 99 | Func _MemoryRead($iv_Address, $ah_Handle, $sv_Type = 'dword') | |
| 100 | ||
| 101 | If Not IsArray($ah_Handle) Then | |
| 102 | SetError(1) | |
| 103 | Return 0 | |
| 104 | EndIf | |
| 105 | ||
| 106 | Local $v_Buffer = DllStructCreate($sv_Type) | |
| 107 | ||
| 108 | If @Error Then | |
| 109 | SetError(@Error + 1) | |
| 110 | Return 0 | |
| 111 | EndIf | |
| 112 | ||
| 113 | DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '') | |
| 114 | ||
| 115 | If Not @Error Then | |
| 116 | Local $v_Value = DllStructGetData($v_Buffer, 1) | |
| 117 | Return $v_Value | |
| 118 | Else | |
| 119 | SetError(6) | |
| 120 | Return 0 | |
| 121 | EndIf | |
| 122 | ||
| 123 | EndFunc | |
| 124 | ||
| 125 | ;================================================================================== | |
| 126 | ; Function: _MemoryWrite($iv_Address, $ah_Handle, $v_Data[, $sv_Type]) | |
| 127 | ; Description: Writes data to the specified memory address. | |
| 128 | ; Parameter(s): $iv_Address - The memory address which you want to write to. | |
| 129 | ; It must be in hex format (0x00000000). | |
| 130 | ; $ah_Handle - An array containing the Dll handle and the handle | |
| 131 | ; of the open process as returned by _MemoryOpen(). | |
| 132 | ; $v_Data - The data to be written. | |
| 133 | ; $sv_Type - (optional) The "Type" of value you intend to write. | |
| 134 | ; This is set to 'dword'(32bit(4byte) signed integer) | |
| 135 | ; by default. See the help file for DllStructCreate | |
| 136 | ; for all types. An example: If you want to write a | |
| 137 | ; word that is 15 characters in length, you would use | |
| 138 | ; 'char[16]' since a 'char' is 8 bits (1 byte) in size. | |
| 139 | ; Return Value(s): On Success - Returns 1 | |
| 140 | ; On Failure - Returns 0 | |
| 141 | ; @Error - 0 = No error. | |
| 142 | ; 1 = Invalid $ah_Handle. | |
| 143 | ; 2 = $sv_Type was not a string. | |
| 144 | ; 3 = $sv_Type is an unknown data type. | |
| 145 | ; 4 = Failed to allocate the memory needed for the DllStructure. | |
| 146 | ; 5 = Error allocating memory for $sv_Type. | |
| 147 | ; 6 = $v_Data is not in the proper format to be used with the | |
| 148 | ; "Type" selected for $sv_Type, or it is out of range. | |
| 149 | ; 7 = Failed to write to the specified process. | |
| 150 | ; Author(s): Nomad | |
| 151 | ; Note(s): Values sent must be in Decimal format, unless specified as a | |
| 152 | ; 'char' type, then they must be in ASCII format. Also note | |
| 153 | ; that size ('char[size]') for all 'char' types should be 1
| |
| 154 | ; greater than the actual size. | |
| 155 | ;================================================================================== | |
| 156 | Func _MemoryWrite($iv_Address, $ah_Handle, $v_Data, $sv_Type = 'dword') | |
| 157 | ||
| 158 | If Not IsArray($ah_Handle) Then | |
| 159 | SetError(1) | |
| 160 | Return 0 | |
| 161 | EndIf | |
| 162 | ||
| 163 | Local $v_Buffer = DllStructCreate($sv_Type) | |
| 164 | ||
| 165 | If @Error Then | |
| 166 | SetError(@Error + 1) | |
| 167 | Return 0 | |
| 168 | Else | |
| 169 | DllStructSetData($v_Buffer, 1, $v_Data) | |
| 170 | If @Error Then | |
| 171 | SetError(6) | |
| 172 | Return 0 | |
| 173 | EndIf | |
| 174 | EndIf | |
| 175 | ||
| 176 | DllCall($ah_Handle[0], 'int', 'WriteProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '') | |
| 177 | ||
| 178 | If Not @Error Then | |
| 179 | Return 1 | |
| 180 | Else | |
| 181 | SetError(7) | |
| 182 | Return 0 | |
| 183 | EndIf | |
| 184 | ||
| 185 | EndFunc | |
| 186 | ||
| 187 | ;================================================================================== | |
| 188 | ; Function: _MemoryClose($ah_Handle) | |
| 189 | ; Description: Closes the process handle opened by using _MemoryOpen(). | |
| 190 | ; Parameter(s): $ah_Handle - An array containing the Dll handle and the handle | |
| 191 | ; of the open process as returned by _MemoryOpen(). | |
| 192 | ; Return Value(s): On Success - Returns 1 | |
| 193 | ; On Failure - Returns 0 | |
| 194 | ; @Error - 0 = No error. | |
| 195 | ; 1 = Invalid $ah_Handle. | |
| 196 | ; 2 = Unable to close the process handle. | |
| 197 | ; Author(s): Nomad | |
| 198 | ; Note(s): | |
| 199 | ;================================================================================== | |
| 200 | Func _MemoryClose($ah_Handle) | |
| 201 | ||
| 202 | If Not IsArray($ah_Handle) Then | |
| 203 | SetError(1) | |
| 204 | Return 0 | |
| 205 | EndIf | |
| 206 | ||
| 207 | DllCall($ah_Handle[0], 'int', 'CloseHandle', 'int', $ah_Handle[1]) | |
| 208 | If Not @Error Then | |
| 209 | DllClose($ah_Handle[0]) | |
| 210 | Return 1 | |
| 211 | Else | |
| 212 | DllClose($ah_Handle[0]) | |
| 213 | SetError(2) | |
| 214 | Return 0 | |
| 215 | EndIf | |
| 216 | ||
| 217 | EndFunc | |
| 218 | ||
| 219 | ;================================================================================== | |
| 220 | ; Function: SetPrivilege( $privilege, $bEnable ) | |
| 221 | ; Description: Enables (or disables) the $privilege on the current process | |
| 222 | ; (Probably) requires administrator privileges to run | |
| 223 | ; | |
| 224 | ; Author(s): Larry (from autoitscript.com's Forum) | |
| 225 | ; Notes(s): | |
| 226 | ; http://www.autoitscript.com/forum/index.php?s=&showtopic=31248&view=findpost&p=223999 | |
| 227 | ;================================================================================== | |
| 228 | ||
| 229 | Func SetPrivilege( $privilege, $bEnable ) | |
| 230 | ||
| 231 | Const $TOKEN_ADJUST_PRIVILEGES = 0x0020 | |
| 232 | Const $TOKEN_QUERY = 0x0008 | |
| 233 | Const $SE_PRIVILEGE_ENABLED = 0x0002 | |
| 234 | Local $hToken, $SP_auxret, $SP_ret, $hCurrProcess, $nTokens, $nTokenIndex, $priv | |
| 235 | $nTokens = 1 | |
| 236 | $LUID = DLLStructCreate("dword;int")
| |
| 237 | If IsArray($privilege) Then $nTokens = UBound($privilege) | |
| 238 | $TOKEN_PRIVILEGES = DLLStructCreate("dword;dword[" & (3 * $nTokens) & "]")
| |
| 239 | $NEWTOKEN_PRIVILEGES = DLLStructCreate("dword;dword[" & (3 * $nTokens) & "]")
| |
| 240 | $hCurrProcess = DLLCall("kernel32.dll","hwnd","GetCurrentProcess")
| |
| 241 | $SP_auxret = DLLCall("advapi32.dll","int","OpenProcessToken","hwnd",$hCurrProcess[0], _
| |
| 242 | "int",BitOR($TOKEN_ADJUST_PRIVILEGES,$TOKEN_QUERY),"int_ptr",0) | |
| 243 | If $SP_auxret[0] Then | |
| 244 | $hToken = $SP_auxret[3] | |
| 245 | DLLStructSetData($TOKEN_PRIVILEGES,1,1) | |
| 246 | $nTokenIndex = 1 | |
| 247 | While $nTokenIndex <= $nTokens | |
| 248 | If IsArray($privilege) Then | |
| 249 | $priv = $privilege[$nTokenIndex-1] | |
| 250 | Else | |
| 251 | $priv = $privilege | |
| 252 | EndIf | |
| 253 | $ret = DLLCall("advapi32.dll","int","LookupPrivilegeValue","str","","str",$priv, _
| |
| 254 | "ptr",DLLStructGetPtr($LUID)) | |
| 255 | If $ret[0] Then | |
| 256 | If $bEnable Then | |
| 257 | DLLStructSetData($TOKEN_PRIVILEGES,2,$SE_PRIVILEGE_ENABLED,(3 * $nTokenIndex)) | |
| 258 | Else | |
| 259 | DLLStructSetData($TOKEN_PRIVILEGES,2,0,(3 * $nTokenIndex)) | |
| 260 | EndIf | |
| 261 | DLLStructSetData($TOKEN_PRIVILEGES,2,DllStructGetData($LUID,1),(3 * ($nTokenIndex-1)) + 1) | |
| 262 | DLLStructSetData($TOKEN_PRIVILEGES,2,DllStructGetData($LUID,2),(3 * ($nTokenIndex-1)) + 2) | |
| 263 | DLLStructSetData($LUID,1,0) | |
| 264 | DLLStructSetData($LUID,2,0) | |
| 265 | EndIf | |
| 266 | $nTokenIndex += 1 | |
| 267 | WEnd | |
| 268 | $ret = DLLCall("advapi32.dll","int","AdjustTokenPrivileges","hwnd",$hToken,"int",0, _
| |
| 269 | "ptr",DllStructGetPtr($TOKEN_PRIVILEGES),"int",DllStructGetSize($NEWTOKEN_PRIVILEGES), _ | |
| 270 | "ptr",DllStructGetPtr($NEWTOKEN_PRIVILEGES),"int_ptr",0) | |
| 271 | $f = DLLCall("kernel32.dll","int","GetLastError")
| |
| 272 | EndIf | |
| 273 | $NEWTOKEN_PRIVILEGES=0 | |
| 274 | $TOKEN_PRIVILEGES=0 | |
| 275 | $LUID=0 | |
| 276 | If $SP_auxret[0] = 0 Then Return 0 | |
| 277 | $SP_auxret = DLLCall("kernel32.dll","int","CloseHandle","hwnd",$hToken)
| |
| 278 | If Not $ret[0] And Not $SP_auxret[0] Then Return 0 | |
| 279 | return $ret[0] | |
| 280 | EndFunc ;==>SetPrivilege | |
| 281 | ||
| 282 | #endregion | |
| 283 | ||
| 284 | ||
| 285 |
