PyMem - Python process memory editing

[nopz]

Hello,

I'm here to present my current memory editing project.
This project is a python library for windows, providing the needed functions to start working on your own with memory editing.

This project is released under THE BEER-WARE LICENSE 6):.

Bitbucket repository HERE : srounet / PyMem / source — bitbucket.org

What's have be done :

[+] Listing any process and map each process to the windows structure
[+] Open a Process and enter into debug mod
[+] Read memory from a debugged process
[+] Write memory to a debugged process ( need to work more on that part )
[+] List process Thread
[+] Get main thread from a process
[+] Api Hooking

Next step :

[-] Inject asm into main thread
[-] List process Modules

I will soon publish an online documentation ( with python sphinx ), actually it's documented, but may contains mistakes as I'm french and tried to comment in English.

Code example :

Code:

if __name__ == '__main__':
	from process import Process
	from memory import Memory

	p = Process()
	e = p.process_from_name("Wow")
	p.open_process_debug(e[0].th32ProcessID)

	# at this step we can read and write to the process

	m = Memory(p.h_process)
	playerBase = m.ReadOffset([0xCF8C50, 0x34, 0x24], 'uint')
	hp = m.ReadOffset([playerBase + 0x08, (0x17 * 4)], 'uint')
	player_x = m.ReadOffset(playerBase + 0x798, 'float')

Hook exemple: ' OpenProcess '

Code:

def OpenProcess_in(dbg, args):
  print "OpenProcess_in"
  return 0x00010002

h = Hook()
if h.attach(6412):# process id
  if h.address_dll("OpenProcess", "kernel32.dll"):
    if h.register('OpenProcess', h.get_address('OpenProcess'), 2, OpenProcess_in):
      print "[+] Hooks set, continuing process"
h.run()

As you can see it's soooo simple.

I will update this thread as soon as i get more time to implement new functionalities.
Feel free to flame, comment, troll :=)

This project is currently in a development process so any suggestion is available.

[nopz]

.reserved for changelog

- 05/03/2010: Moved project to HG repos : http://bitbucket.org/srounet/pymem/src/
- 07/03/2010: Added Threading functionalities

[Sednogmah]

Even though I have no use for it because I'm not using Windows, a Python library is always nice to see. The language is a good choice for implementing higher level logic too, because of its relaxed semantics. I bet an elegant object manager can be easily designed, thanks to Python's functional programming idioms and of course duck typing.

You should consider asking a mod to move this thread to the memory editing section because it doesn't quite fit in the "Server-side programming" section.

Anyhow, good luck with your project!

[wancharle]

Congratulations initiative
It's just so annoying to program in C, now because of your initiative will be much easier to make my project (wow translated into Portuguese).

[daphtpunk]

C programming is so complex.

[nopz]

It's just so annoying to program in C, now because of your initiative will be much easier to make my project (wow translated into Portuguese).

Just answering here to your Bitbucket question:
I'm going to release a way to interact with memory strings, but for the strings research part, i think for your needs, it has to be pattern oriented, in order to work across releases. What you want to do is quite complicated and requires a lot of work in my opinion. ( Ie : translating the game client into an other language ). And i wish you good luck in that project.

Well, I'm going to work on the project this week-end, maybe tonight if I'm not too tired.
Just going to clean the PyDbg code part a bit, and add new public accessors for the Hooking part.

I need to work on the Memory writing part, and make some test in order to provide a full functional library.

If you have any suggestions, it will be a pleasure to implements new functionalities.