-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmemorylib.cpp
299 lines (211 loc) · 6.5 KB
/
memorylib.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
#define PROLOG_MODULE "memorylib"
#include "SWI-cpp.h"
#include <iostream>
#include <windows.h>
#include <TlHelp32.h>
#include <tchar.h>
using namespace std;
/**
* Predicate used to get the handle to a process
*/
PREDICATE (get_process_handle, 2) {
// Get the proccess name from prolog
const char * proc = A1;
// Get the process id handle
HANDLE hProcessId = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
// Create handle
HANDLE handle;
DWORD process;
// Process entry
PROCESSENTRY32 pEntry;
// Set the size to the size
pEntry.dwSize = sizeof(pEntry);
do
{
// Compare the name of the exe to the process name given by prolog
if (!strcmp(pEntry.szExeFile, proc))
{
// Set the process id
process = pEntry.th32ProcessID;
// Close the handle we opened earlier
CloseHandle(hProcessId);
// Set the handle
handle = OpenProcess(PROCESS_ALL_ACCESS, false, process);
}
} while (Process32Next(hProcessId, &pEntry)); // Loop through all processes
// Return the handle to prolog
return A2 = handle;
}
/**
* Predicate used to get the id of a process
*/
PREDICATE (get_process_id, 2) {
// Get the proccess name from prolog
const char * proc = A1;
// Get the process id handle
HANDLE hProcessId = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
// Create process id
DWORD process;
// Process entry
PROCESSENTRY32 pEntry;
// Set the size to the size
pEntry.dwSize = sizeof(pEntry);
do
{
// Compare the name of the exe to the process name given by prolog
if (!strcmp(pEntry.szExeFile, proc))
{
// Close the handle we opened earlier
CloseHandle(hProcessId);
// Set the process id
process = pEntry.th32ProcessID;
return A2 = (int) process;
}
} while (Process32Next(hProcessId, &pEntry)); // Loop through all processes
// Return the process id to prolog
return A2 = (int) process;
}
/**
* Predicate used to get the address of a module in a process
*/
PREDICATE (get_module, 3) {
const char* modName = (const char *) A1;
DWORD procId = (DWORD) (int) A2;
// Get the module handle for the process id
HANDLE hModule = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, procId);
// Create module entry and set the size
MODULEENTRY32 mEntry;
mEntry.dwSize = sizeof(mEntry);
do
{
// Compare the module name to the given name by prolog
if (!strcmp(mEntry.szModule, modName))
{
// Close the module handle
CloseHandle(hModule);
// Return the module address to prolog
return A3 = (int) (DWORD) mEntry.hModule;
}
} while (Module32Next(hModule, &mEntry)); // Loop through all modules in the process
// Didn't find a matching module, return 0
return A3 = 0;
}
template <class value>
value readMemoryValue (HANDLE handle, DWORD dwAddr) {
// Create the value
value val;
// Read the memory into the value
ReadProcessMemory(handle, (LPBYTE*)dwAddr, &val, sizeof(val), NULL);
// Return the value
return val;
}
PREDICATE (read_byte, 3) {
// Get the process handle from prolog
HANDLE handle = A1;
// Get the address of the memory we want to overwrite
DWORD dwAddr = (DWORD) (int) A2;
// Read the memory
BYTE value = readMemoryValue<BYTE>(handle, dwAddr);
// Return the memory to prolog
return A3 = value;
}
PREDICATE (read_int, 3) {
// Get the process handle from prolog
HANDLE handle = A1;
// Get the address of the memory we want to overwrite
DWORD dwAddr = (DWORD) (int) A2;
// Read the memory
int value = readMemoryValue<int>(handle, dwAddr);
// Return the memory to prolog
return A3 = value;
}
PREDICATE (write_int, 3) {
// Get the process handle from prolog
HANDLE handle = A1;
// Get the address of the memory we want to overwrite
DWORD dwAddr = (DWORD) (int) A2;
int value = (int) A3;
// Write the process memory
WriteProcessMemory(handle, (LPBYTE*)dwAddr, &value, sizeof(value), NULL);
// Return true
return TRUE;
}
PREDICATE (read_float, 3) {
// Get the process handle from prolog
HANDLE handle = A1;
// Get the address of the memory we want to overwrite
DWORD dwAddr = (DWORD) (int) A2;
// Read the memory
float value = readMemoryValue<float>(handle, dwAddr);
// Return the memory to prolog
return A3 = (double) value;
}
PREDICATE (write_float, 3) {
// Get the process handle from prolog
HANDLE handle = A1;
// Get the address of the memory we want to overwrite
DWORD dwAddr = (DWORD) (int) A2;
float value = (double) A3;
// Write the process memory
WriteProcessMemory(handle, (LPBYTE*)dwAddr, &value, sizeof(value), NULL);
// Return true
return TRUE;
}
PREDICATE (read_bool, 3) {
// Get the process handle from prolog
HANDLE handle = A1;
// Get the address of the memory we want to overwrite
DWORD dwAddr = (DWORD) (int) A2;
// Read the memory
bool value = readMemoryValue<bool>(handle, dwAddr);
if(value) {
return A3 = 1;
}
return A3 = 0;
}
PREDICATE (write_bool, 3) {
// Get the process handle from prolog
HANDLE handle = A1;
// Get the address of the memory we want to overwrite
DWORD dwAddr = (DWORD) (int) A2;
bool value;
if((int) A3 == 1) {
value = true;
}
else {
value = false;
}
// Write the process memory
WriteProcessMemory(handle, (LPBYTE*)dwAddr, &value, sizeof(value), NULL);
// Return true
return TRUE;
}
PREDICATE (read_dword, 3) {
// Get the process handle from prolog
HANDLE handle = A1;
// Get the address of the memory we want to overwrite
DWORD dwAddr = (DWORD) (int) A2;
// Read the memory
DWORD value = readMemoryValue<DWORD>(handle, dwAddr);
// Return the memory to prolog
return A3 = (int) value;
}
PREDICATE (write_dword, 3) {
// Get the process handle from prolog
HANDLE handle = A1;
// Get the address of the memory we want to overwrite
DWORD dwAddr = (DWORD) (int) A2;
DWORD value = (DWORD) (int) A3;
// Write the process memory
WriteProcessMemory(handle, (LPBYTE*)dwAddr, &value, sizeof(value), NULL);
// Return true
return TRUE;
}
// This shouldn't be in a "memory lib", but I cba to create another DLL
// Just to get keyboard input
PREDICATE(get_async_key_state, 2) {
if(GetAsyncKeyState((int)A1)){
return A2 = 1;
}
return A2 = 0;
}