pymem | Python module for read/write to process memory | Hacking library

 by   samsonpianofingers Python Version: Current License: No License

kandi X-RAY | pymem Summary

kandi X-RAY | pymem Summary

pymem is a Python library typically used in Security, Hacking applications. pymem has no bugs, it has no vulnerabilities and it has low support. However pymem build file is not available. You can download it from GitHub.

Proof of concept python module for read/write to process memory Abstracts and simplifies the use of win32 api in order to read and write memory of processes Only supports windows currently - working on linux version. Support for other OS's will have to wait for a while.
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              pymem has a low active ecosystem.
              It has 9 star(s) with 3 fork(s). There are 1 watchers for this library.
              OutlinedDot
              It had no major release in the last 6 months.
              There are 2 open issues and 2 have been closed. On average issues are closed in 2 days. There are no pull requests.
              It has a neutral sentiment in the developer community.
              The latest version of pymem is current.

            kandi-Quality Quality

              pymem has no bugs reported.

            kandi-Security Security

              pymem has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

            kandi-License License

              pymem does not have a standard license declared.
              Check the repository for any license declaration and review the terms closely.
              OutlinedDot
              Without a license, all rights are reserved, and you cannot use the library in your applications.

            kandi-Reuse Reuse

              pymem releases are not available. You will need to build from source code and install.
              pymem has no build file. You will be need to create the build yourself to build the component from source.
              Installation instructions are not available. Examples and code snippets are available.

            Top functions reviewed by kandi - BETA

            kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
            Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of pymem
            Get all kandi verified functions for this library.

            pymem Key Features

            No Key Features are available at this moment for pymem.

            pymem Examples and Code Snippets

            No Code Snippets are available at this moment for pymem.

            Community Discussions

            QUESTION

            Python Pymem MemoryReadError GetLastError: 299
            Asked 2022-Apr-10 at 15:24

            Since 2 day i try to read docs of pymem and search an error on forums but all solution i've seen failed

            I can't just read the int in the memory address and i don't know if it's a probleme of code or my pc

            ...

            ANSWER

            Answered 2022-Apr-09 at 13:14

            I wonder why you add the return value from pm.readint() with your offset. It seems that base is a valid address you can access, while addr + some offset isn't.

            I read from the documentation that read_int reads 4 byte from an area of memory in a specified process. Is the return value addr the address you want to use?

            FYI, I found that the error code is thrown by kernel32, and it means ERROR_PARTIAL_COPY.

            Source https://stackoverflow.com/questions/71807738

            QUESTION

            Unable to read value from memory using offsets
            Asked 2021-Oct-13 at 01:14

            I'm trying to extract the value from a memory address using the base address of a .dll + offsets.

            I used Cheat Engine to find the base address, and pymem to get the base address as hex.

            Here's the code I used to find the base address:

            ...

            ANSWER

            Answered 2021-Oct-13 at 01:13

            I was getting it all wrong from the start. The pointer offsets showed in Cheat Engine are hex values, so the offsets should be offsets=[0x40, 0x464, 0x38, 0x58, 0x18].

            Source https://stackoverflow.com/questions/69545822

            QUESTION

            PyObject_CallMethod sometimes seg fault when calling python method
            Asked 2020-Sep-18 at 05:30

            I'm testing a scenario that when C++ set a function pointer to a python class variable, and then use PyObject_CallMethod to run another python method, which contain that class variable.

            whole process would like this.

            (1). PyCFunction_NewEx() make a py function -> (2). PyDict_SetItemString() assign to class variable under __dict__ -> (3). PyObject_CallMethod() call python method witch contain (1).

            When I put all the code inside main() function (whitout void setCallback() and all code inside void setCallback() were placed in main()), It runs perfectly fine. However, after I put some code into a function, sometimes get seg fault, sometimes doesn't call function pointer in python and sometimes get correct answer.

            How do I resolve this problem?

            C++ Code: main.cpp

            ...

            ANSWER

            Answered 2020-Sep-18 at 05:30

            It could be because the PyMethodDef is created on the stack of the setCallback

            You can verify it in the source code of cpython here.

            the PyMethodDef is not copied, it is referenced instead.

            Source https://stackoverflow.com/questions/63948447

            QUESTION

            How to make an on/off switch for a function in a python program?
            Asked 2020-Sep-17 at 15:06

            So I have this python program for CSGO hacks that has esp, aimbot, wallhacks and more! Lets take the triggerbot code for example...

            ...

            ANSWER

            Answered 2020-Sep-17 at 15:06

            Take a look at this example:

            Source https://stackoverflow.com/questions/63935385

            QUESTION

            Python3 Search the virtual memory of a running windows process
            Asked 2020-Jun-18 at 04:18

            begin TLDR;

            I want to write a python3 script to scan through the memory of a running windows process and find strings.

            end TLDR;

            This is for a CTF binary. It's a typical Windows x86 PE file. The goal is simply to get a flag from the processes memory as it runs. This is easy with ProcessHacker you can search through the strings in the memory of the running application and find the flag with a regex. Now because I'm a masochistic geek I strive to script out solutions for CTFs (for everything really). Specifically I want to use python3, C# is also an option but would really like to keep all of the solution scripts in python.

            Thought this would be a very simple task. You know... pip install some library written by someone that's already solved the problem and use it. Couldn't find anything that would let me do what I need for this task. Here are the libraries I tried out already.

            • ctypes - This was the first one I used, specifically ReadProcessMemory. Kept getting 299 errors which was because the buffer I was passing in was larger than that section of memory so I made a recursive function that would catch that exception, divide the buffer length by 2 until it got something THEN would read one byte at a time until it hit a 299 error. May have been on the right track there but I wasn't able to get the flag. I WAS able to find the flag only if I knew the exact address of the flag (which I'd get from process hacker). I may make a separate question on SO to address that, this one is really just me asking the community if something already exists before diving into this.

            • pymem - A nice wrapper for ctypes but had the same issues as above.

            • winappdbg - python2.x only. I don't want to use python 2.x.

            • haystack - Looks like this depends on winappdbg which depends on python 2.x.

            • angr - This is a possibility, Only scratched the surface with it so far. Looks complicated and it's on the to learn list but don't want to dive into something right now that's not going to solve the issue.

            • volatility - Looks like this is meant for working with full RAM dumps not for hooking into currently running processes and reading the memory.

            My plan at the moment is to dive a bit more into angr to see if that will work, go back to pymem/ctypes and try more things. If all else fails ProcessHacker IS opensource. I'm not fluent in C so it'll take time to figure out how they're doing it. Really hoping there's some python3 library I'm missing or maybe I'm going about this the wrong way.

            ...

            ANSWER

            Answered 2020-Jun-18 at 04:18

            Ended up writing the script using the frida library. Also have to give soutz to rootbsd because his or her code in the fridump3 project helped greatly.

            Source https://stackoverflow.com/questions/62417063

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install pymem

            You can download it from GitHub.
            You can use pymem like any standard Python library. You will need to make sure that you have a development environment consisting of a Python distribution including header files, a compiler, pip, and git installed. Make sure that your pip, setuptools, and wheel are up to date. When using pip it is generally recommended to install packages in a virtual environment to avoid changes to the system.

            Support

            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            CLONE
          • HTTPS

            https://github.com/samsonpianofingers/pymem.git

          • CLI

            gh repo clone samsonpianofingers/pymem

          • sshUrl

            git@github.com:samsonpianofingers/pymem.git

          • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            Consider Popular Hacking Libraries

            wifiphisher

            by wifiphisher

            routersploit

            by threat9

            XSStrike

            by s0md3v

            pwntools

            by Gallopsled

            Atmosphere

            by Atmosphere-NX

            Try Top Libraries by samsonpianofingers

            RTTIDumper

            by samsonpianofingersC++

            ClassDumper

            by samsonpianofingersC++

            BadTooth

            by samsonpianofingersPython

            ClassDumper2

            by samsonpianofingersC++

            InjectedDLLTemplate

            by samsonpianofingersC++