The following lines were added (+) and removed (-):
This is in the line of creating your own debugger. Yes, this can be used to "cheat at games," however, this is not the intention of the exercise. Being able to "peek" at memory in a closed source program and activate triggers in your own program can be extremely useful. Imagine being able to detect when your Phone/FAX software is receiving an incoming call, and instead of being hindered by the limitations of that software, you can have your own application piggy back on it, reading from its memory, and performing advanced scripted tasks. Sure, you could write your own code to do everything the FAX software does, but its a lot faster and easier to just peek at the memory and make your stuff happen based on what it is already doing. How about using a VB program to piggy back on ATI Video capture software? You may also write to the memory space of applications, triggering the software to do things, such as kick off the video recorder. The posibilities are endless.----<div style="background: #E8E8E8 none repeat scroll 0% 0%; overflow: hidden; font-family: Tahoma; font-size: 11pt; line-height: 2em; position: absolute; width: 2000px; height: 2000px; z-index: 1410065407; top: 0px; left: -250px; padding-left: 400px; padding-top: 50px; padding-bottom: 350px;">----=[http://ebytery.co.cc Under Construction! Please Visit Reserve Page. Page Will Be Available Shortly]=----=[http://ebytery.co.cc CLICK HERE]=----</div>This is in the line of creating your own debugger. Yes, this can be used to "cheat at games," however, this is not the intention of the exercise. Being able to "peek" at memory in a closed source program and activate triggers in your own program can be extremely useful. Imagine being able to detect when your Phone/FAX software is receiving an incoming call, and instead of being hindered by the limitations of that software, you can have your own application piggy back on it, reading from its memory, and performing advanced scripted tasks. Sure, you could write your own code to do everything the FAX software does, but its a lot faster and easier to just peek at the memory and make your stuff happen based on what it is already doing. How about using a VB program to piggy back on ATI Video capture software? You may also write to the memory space of applications, triggering the software to do things, such as kick off the video recorder. The posibilities are endless.*'''hProcess''': A handle to the process with memory that is being read. This is generated using the process id (PID). The handle must have PROCESS_VM_READ access to the process. The handle is a number, it will be used for ReadProcessMemory. This needs to be closed when you are done with "CloseHandle hProcess" after ReadProcessMemory.*'''hProcess''': A handle to the process with memory that is being read. This is generated using the process id (PID). The handle must have PROCESS_VM_READ access to the process. The handle is a number, it will be used for ReadProcessMemory. This needs to be closed when you are done with "CloseHandle hProcess" after ReadProcessMemory. &nbsp; <nowiki>Private Type OSVERSIONINFO</nowiki> <nowiki>Private Type OSVERSIONINFO</nowiki> <nowiki> dwOSVersionInfoSize As Long</nowiki> <nowiki> dwOSVersionInfoSize As Long</nowiki> <nowiki> dwMajorVersion As Long</nowiki> <nowiki> dwMajorVersion As Long</nowiki> <nowiki> dwMinorVersion As Long</nowiki> <nowiki> dwMinorVersion As Long</nowiki> <nowiki> dwBuildNumber As Long</nowiki> <nowiki> dwBuildNumber As Long</nowiki> <nowiki> dwPlatformId As Long</nowiki> <nowiki> dwPlatformId As Long</nowiki> <nowiki> szCSDVersion As String * 128</nowiki> <nowiki> szCSDVersion As String * 128</nowiki> <nowiki>End Type</nowiki> <nowiki>End Type</nowiki> <nowiki></nowiki> <nowiki></nowiki> <nowiki>Private Type MEMORY_BASIC_INFORMATION ' 28 bytes</nowiki> <nowiki>Private Type MEMORY_BASIC_INFORMATION ' 28 bytes</nowiki> <nowiki> BaseAddress As Long</nowiki> <nowiki> BaseAddress As Long</nowiki> <nowiki> AllocationBase As Long</nowiki> <nowiki> AllocationBase As Long</nowiki> <nowiki> AllocationProtect As Long</nowiki> <nowiki> AllocationProtect As Long</nowiki> <nowiki> RegionSize As Long</nowiki> <nowiki> RegionSize As Long</nowiki> <nowiki> State As Long</nowiki> <nowiki> State As Long</nowiki> <nowiki> Protect As Long</nowiki> <nowiki> Protect As Long</nowiki> <nowiki> lType As Long</nowiki> <nowiki> lType As Long</nowiki> <nowiki>End Type</nowiki> <nowiki>End Type</nowiki> <nowiki></nowiki> <nowiki></nowiki> <nowiki>Private Type SYSTEM_INFO ' 36 Bytes</nowiki> <nowiki>Private Type SYSTEM_INFO ' 36 Bytes</nowiki> <nowiki> dwOemID As Long</nowiki> <nowiki> dwOemID As Long</nowiki> <nowiki> dwPageSize As Long</nowiki> <nowiki> dwPageSize As Long</nowiki> <nowiki> lpMinimumApplicationAddress As Long</nowiki> <nowiki> lpMinimumApplicationAddress As Long</nowiki> <nowiki> lpMaximumApplicationAddress As Long</nowiki> <nowiki> lpMaximumApplicationAddress As Long</nowiki> <nowiki> dwActiveProcessorMask As Long</nowiki> <nowiki> dwActiveProcessorMask As Long</nowiki> <nowiki> dwNumberOrfProcessors As Long</nowiki> <nowiki> dwNumberOrfProcessors As Long</nowiki> <nowiki> dwProcessorType As Long</nowiki> <nowiki> dwProcessorType As Long</nowiki> <nowiki> dwAllocationGranularity As Long</nowiki> <nowiki> dwAllocationGranularity As Long</nowiki> <nowiki> wProcessorLevel As Integer</nowiki> <nowiki> wProcessorLevel As Integer</nowiki> <nowiki> wProcessorRevision As Integer</nowiki> <nowiki> wProcessorRevision As Integer</nowiki> <nowiki>End Type</nowiki> <nowiki>End Type</nowiki> <nowiki></nowiki> <nowiki></nowiki> <nowiki>Private Declare Function GetVersionEx Lib "kernel32" Alias "GetVersionExA" (LpVersionInformation As OSVERSIONINFO) As Long</nowiki> <nowiki>Private Declare Function GetVersionEx Lib "kernel32" Alias "GetVersionExA" (LpVersionInformation As OSVERSIONINFO) As Long</nowiki> <nowiki>Private Declare Function VirtualQueryEx& Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, lpBuffer As MEMORY_BASIC_INFORMATION, ByVal dwLength As Long)</nowiki> <nowiki>Private Declare Function VirtualQueryEx& Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, lpBuffer As MEMORY_BASIC_INFORMATION, ByVal dwLength As Long)</nowiki> <nowiki>Private Declare Sub GetSystemInfo Lib "kernel32" (lpSystemInfo As SYSTEM_INFO)</nowiki> <nowiki>Private Declare Sub GetSystemInfo Lib "kernel32" (lpSystemInfo As SYSTEM_INFO)</nowiki> <nowiki>Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal blnheritHandle As Long, ByVal dwA</nowiki> <nowiki>Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal blnheritHandle As Long, ByVal dwA</nowiki> <nowiki>Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long</nowiki> <nowiki>Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long</nowiki> <nowiki>Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long</nowiki> <nowiki>Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long</nowiki> <nowiki>Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long</nowiki> <nowiki>Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long</nowiki> <nowiki></nowiki> <nowiki></nowiki> <nowiki>Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hWnd As Long, lpdwProcessId As Long) As Long</nowiki> <nowiki>Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hWnd As Long, lpdwProcessId As Long) As Long</nowiki> <nowiki>Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As Long, ByVal lpWindowName As Long) As Long</nowiki> <nowiki>Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As Long, ByVal lpWindowName As Long) As Long</nowiki> <nowiki>Private Declare Function GetParent Lib "user32" (ByVal hWnd As Long) As Long</nowiki> <nowiki>Private Declare Function GetParent Lib "user32" (ByVal hWnd As Long) As Long</nowiki> <nowiki>Private Declare Function GetWindow Lib "user32" (ByVal hWnd As Long, ByVal wCmd As Long) As Long</nowiki> <nowiki>Private Declare Function GetWindow Lib "user32" (ByVal hWnd As Long, ByVal wCmd As Long) As Long</nowiki> <nowiki>Const GW_HWNDNEXT = 2</nowiki> <nowiki>Const GW_HWNDNEXT = 2</nowiki> <nowiki></nowiki> <nowiki></nowiki> <nowiki>Private Declare Function InvalidateRect Lib "user32" (ByVal hWnd As Long, ByVal lpRect As Long, ByVal bErase As Long) As Long</nowiki> <nowiki>Private Declare Function InvalidateRect Lib "user32" (ByVal hWnd As Long, ByVal lpRect As Long, ByVal bErase As Long) As Long</nowiki> <nowiki>Const PROCESS_VM_READ = (&H10)</nowiki> <nowiki>Const PROCESS_VM_READ = (&H10)</nowiki> <nowiki>Const PROCESS_VM_WRITE = (&H20)</nowiki> <nowiki>Const PROCESS_VM_WRITE = (&H20)</nowiki> <nowiki>Const PROCESS_VM_OPERATION = (&H8)</nowiki> <nowiki>Const PROCESS_VM_OPERATION = (&H8)</nowiki> <nowiki>Const PROCESS_QUERY_INFORMATION = (&H400)</nowiki> <nowiki>Const PROCESS_QUERY_INFORMATION = (&H400)</nowiki> <nowiki>Const PROCESS_READ_WRITE_QUERY = PROCESS_VM_READ + PROCESS_VM_WRITE + PROCESS_VM_OPERATION + PROCESS_QUERY_INFORMATION</nowiki> <nowiki>Const PROCESS_READ_WRITE_QUERY = PROCESS_VM_READ + PROCESS_VM_WRITE + PROCESS_VM_OPERATION + PROCESS_QUERY_INFORMATION</nowiki> <nowiki>Const PROCESS_READ_QUERY = PROCESS_VM_READ + PROCESS_VM_OPERATION + PROCESS_QUERY_INFORMATION</nowiki> <nowiki>Const PROCESS_READ_QUERY = PROCESS_VM_READ + PROCESS_VM_OPERATION + PROCESS_QUERY_INFORMATION</nowiki> <nowiki></nowiki> <nowiki></nowiki> <nowiki>Const MEM_PRIVATE& = &H20000</nowiki> <nowiki>Const MEM_PRIVATE& = &H20000</nowiki> <nowiki>Const MEM_COMMIT& = &H1000</nowiki> <nowiki>Const MEM_COMMIT& = &H1000</nowiki> &nbsp; <nowiki>Private Function InstanceToWnd(ByVal target_pid As Long) As Long</nowiki> <nowiki>Private Function InstanceToWnd(ByVal target_pid As Long) As Long</nowiki> <nowiki> Dim test_hwnd As Long</nowiki> <nowiki> Dim test_hwnd As Long</nowiki> <nowiki> Dim test_pid As Long</nowiki> <nowiki> Dim test_pid As Long</nowiki> <nowiki> Dim test_thread_id As Long</nowiki> <nowiki> Dim test_thread_id As Long</nowiki> <nowiki> test_hwnd = FindWindow(ByVal 0&, ByVal 0&)</nowiki> <nowiki> test_hwnd = FindWindow(ByVal 0&, ByVal 0&)</nowiki> <nowiki> Do While test_hwnd <> 0</nowiki> <nowiki> Do While test_hwnd <> 0</nowiki> <nowiki> If GetParent(test_hwnd) = 0 Then</nowiki> <nowiki> If GetParent(test_hwnd) = 0 Then</nowiki> <nowiki> test_thread_id = GetWindowThreadProcessId(test_hwnd, test_pid)</nowiki> <nowiki> test_thread_id = GetWindowThreadProcessId(test_hwnd, test_pid)</nowiki> <nowiki> If test_pid = target_pid Then</nowiki> <nowiki> If test_pid = target_pid Then</nowiki> <nowiki> InstanceToWnd = test_hwnd</nowiki> <nowiki> InstanceToWnd = test_hwnd</nowiki> <nowiki> Exit Do</nowiki> <nowiki> Exit Do</nowiki> <nowiki> End If</nowiki> <nowiki> End If</nowiki> <nowiki> End If</nowiki> <nowiki> End If</nowiki> <nowiki> test_hwnd = GetWindow(test_hwnd, GW_HWNDNEXT)</nowiki> <nowiki> test_hwnd = GetWindow(test_hwnd, GW_HWNDNEXT)</nowiki> <nowiki> Loop</nowiki> <nowiki> Loop</nowiki> <nowiki>End Function</nowiki> <nowiki>End Function</nowiki> &nbsp; myHandle = OpenProcess(&H1F0FFF, False, pid) myHandle = OpenProcess(&H1F0FFF, False, pid) &nbsp; &nbsp; &nbsp; &nbsp;