Results 1 to 6 of 6
  1. #1
    elshabory
    elshabory is offline
    New member
    Join Date
    2011 Mar
    Posts
    7
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    2
    Thanked in
    1 Post
    Rep Power
    0

    Question reading text value with readprocessmemory

    I search google for example code and never found working one
    so lets start
    cheat engine directory contains a file named tutorial.exe
    after a simple text scan WITH CE we found a green value AT address 40124c
    it contains a text
    that text is "welcome"
    now my request is a source code to display this address value (welcome) in tlable or tedit or any other control
    i mean read it as text not numbers
    is this posable ??
    can this dreem becomes a true ??
    Please help me with a FULL example in delphi with the pervius condetions

    ---------- Post added 2011-06-04 at 05:07 AM ---------- Previous post was 2011-06-01 at 05:47 AM ----------

    can any one tel me if this is imposable or posable ??
    Last edited by elshabory; 2011-06-01 at 06:55 AM.

  2. #2
    Dwar
    Dwar is offline
    Veteran Dwar's Avatar
    Join Date
    2010 Mar
    Posts
    2,222
    Thanks Thanks Given 
    211
    Thanks Thanks Received 
    2,230
    Thanked in
    292 Posts
    Rep Power
    10
    It's very easy... just use something like this
    Code:
    function getSTRING(Hdl, aPointer: Cardinal; length: integer): WideString;
    var
      BytesRead: DWORD;
      buf: array of AnsiChar;
    begin
      setlength(buf, length);
      ReadProcessMemory(Hdl, Pointer(aPointer), @buf, length, BytesRead);
      Result := string(buf);
    end;
    also, check another thread with Bot framework, coz my source contain a list of useful delphi function for memory read/write

    https://progamercity.net/delphi/448-...framework.html
    Please, post your questions on forum, not by PM or mail

    I spend my time, so please pay a little bit of your time to keep world in equilibrium

  3. The Following User Says Thank You to Dwar For This Useful Post:


  4. #3
    kofmaster
    kofmaster is offline
    New member
    Join Date
    2011 Jun
    Posts
    4
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0
    or array of char.

  5. #4
    JonRamzes
    JonRamzes is offline
    New member
    Join Date
    2011 Oct
    Posts
    5
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0
    Try this code:

    Code:
    var
      Form1: TForm1;
      wnd1, wnd2: HWND;
      WindowName: Integer;
      ProcessId: Integer;
      ThreadId: Integer;
      Buf: PChar;
      HandleWindow: Integer;
      Write: Cardinal;
      WindowTitle: String= 'This_name_of_your_window';
      PokeValue: Cardinal= $FFFFFFFF;
      NumberOfBytes: Integer = 4;
    Code:
    function FindWindowByText (var WindowT: String): HWND;
    var
      Wnd: hWnd;
      buff: array[0..127] of Char;
    begin
      Result := 0;
      Wnd := GetWindow(fmMain.Handle, gw_HWndFirst);
      while Wnd <> 0 do
      begin
        if (Wnd <> Application.Handle) and
          IsWindowVisible(Wnd) and
          (GetWindow(Wnd, gw_Owner) = 0) and
          (GetWindowText(Wnd, buff, sizeof(buff)) <> 0) then
        begin
          GetWindowText(Wnd, buff, sizeof(buff));
          if pos(WindowT, StrPas(buff)) > 0 then
          begin
            Result := Wnd;
            WindowT := buff;
            Break;
          end;
        end;
        Wnd := GetWindow(Wnd, gw_hWndNext);
      end;
    end;
    Code:
    function read_value3 (Address: Pointer; ASize: Cardinal; var AOut: Pointer): Cardinal;
    var
      WindowH: DWORD;
      ThreadId: DWORD;
      ProcessId: DWORD;
      ProcessH: DWORD;
      s: String;
    begin
      s := 'This_Name_of_your_window_program';
      WindowH := Find (s);
      ThreadId := GetWindowThreadProcessId (WindowH, ProcessId);
      ProcessH := OpenProcess (PROCESS_VM_READ, False, ProcessId);
      ReadProcessMemory(ProcessH, Address, AOut, ASize, Result);
      CloseHandle (ProcessH);
    end;
    Code:
    function Read_String3 (Address: Pointer; ASize: Cardinal): String;
    var
      buf: String;
    begin
      SetLength (buf, ASize);
      if read_value3 (Address, ASize, Pointer(buf)) = ASize
      then
        Result := buf
      else
        Result := 'Where is window???';
    end;
    Code:
    procedure TForm1.Button1Button(Sender: TObject);
    var
    res:int64;
    s:string;
    begin
    res:=0;
    s:= PAnsiChar(Read_String3(Pointer($000000), 200));
    Edti1.Text:='>>' +s;
    end;
    P.S. I used this code on Delphi 2009.
    Last edited by JonRamzes; 2011-10-19 at 04:34 AM.

  6. #5
    h4x0r
    h4x0r is offline
    h4x0r's Avatar
    Join Date
    2011 Aug
    Location
    ..\root\home\pgc
    Posts
    826
    Thanks Thanks Given 
    64
    Thanks Thanks Received 
    525
    Thanked in
    205 Posts
    Rep Power
    14
    So. How read string from strack (EBP) or register ECX like this (dynamic addresses) ?

  7. #6
    lightoflife
    lightoflife is offline
    New member
    Join Date
    2013 Jan
    Posts
    20
    Thanks Thanks Given 
    2
    Thanks Thanks Received 
    3
    Thanked in
    2 Posts
    Rep Power
    0
    take care, some string are unicode.
    unicode strings are code on 16 bits like ABCD is 41 42 43 44 and 41 00 42 00 43 00 44 00 in unicode
    so with readprocessmemory u have to consider each char as a word, not as a byte.

Similar Threads

  1. C#...ReadProcessMemory. ( Need Help)
    By pohkak in forum VB, .NET Framework
    Replies: 5
    Last Post: 2012-09-23, 02:36 PM
  2. [C++] [Help] Reading Pointer
    By jonyboy in forum C/C++
    Replies: 0
    Last Post: 2012-07-31, 05:23 PM
  3. [C++] ReadProcessMemory in C# Quick Example
    By Grooguz in forum C/C++
    Replies: 0
    Last Post: 2011-09-30, 04:26 PM
  4. looking to hire someone to teach me memory reading
    By valdemir in forum General Game Research
    Replies: 2
    Last Post: 2011-05-29, 09:08 AM
  5. Replies: 0
    Last Post: 2010-11-29, 04:04 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •