Saturday, November 8, 2014

Read Prozess Memory

Read Protess Memory in Python


import ctypes
from ctypes import *
from ctypes.wintypes import *
#import win32api
import psutil
import sys

numeprocess= "chrome.exe"
adresahexmem = 0x01012964
nrbcititi = 147

def getpid():
  for proc in psutil.process_iter():
    print(proc.name)
    if str(numeprocess) in str(proc.name):
      print(proc.pid)
      return proc.pid

PROCESS_VM_READ = 0x0010

if getpid() == None:
  print("numr:",numeprocess)
  sys.exit()
else:
  PID = getpid()

process = windll.kernel32.OpenProcess(PROCESS_VM_READ,0,PID)
readprocmem = windll.kernel32.ReadProcessMemory
bufferbcititi = ctypes.create_string_buffer(nrbcititi)

for i in range(1,1000):
  try:
    if readprocmem(process,hex(i),bufferbcititi,nrbcititi,0):
      print(bufferbcititi.raw)
  except:None

Posted by at
Labels: ,
Location: Zürich, Schweiz

1 comment:

Subscribe to: Post Comments (Atom)