Struct proc_mem::Process

source · 
pub struct Process {
    pub process_name: String,
    pub process_id: u32,
    pub process_base_address: usize,
    pub process_handle: Handle,
    pub iswow64: bool,
}
Expand description

contains name, pid and handle of a process

Fields§

§process_name: String§process_id: u32

unique identifier if the process

§process_base_address: usize

used when desired data is not inside a loaded module

§process_handle: Handle

either PROCESS_ALL_ACCESS or PROCESS_VM_READ | PROCESS_VM_WRITE

§iswow64: bool

is x32 or x64

Implementations§

source§

impl Process

source

pub fn with_pid(pid: u32) -> Result<Self, ProcMemError>

returns the desired process with the provided pid

use proc_mem::{Process, ProcMemError};
let process: Result<Process,ProcMemError> = Process::with_pid(12345);
source

pub fn with_name(name: &str) -> Result<Self, ProcMemError>

returns the desired process with the provided name

use proc_mem::{Process, ProcMemError};
let process: Result<Process,ProcMemError> = Process::with_name("process.exe");
source

pub fn all_with_name(name: &str) -> Result<Vec<Process>, ProcMemError>

returns a Vec where all processes share the provided name

use proc_mem::{Process, ProcMemError};
let processes: Result<Vec<Process>,ProcMemError> = Process::all_with_name("process.exe");
source

pub fn module(&self, name: &str) -> Result<Module, ProcMemError>

returns an instance of module including its base address in memory

use proc_mem::{Process, Module, ProcMemError};
let process = Process::with_name("process.exe")?;
let module: Result<Module,ProcMemError> = process.module("module.dll");
source

pub fn kill(&self) -> bool

returns true if the process was terminated, otherwise will return false

use proc_mem::{Process};
let process = Process::with_name("process.exe")?;
let did_terminate: bool = process.kill();
source

pub fn read_mem<T: Default>(&self, address: usize) -> Result<T, ProcMemError>

This function takes a type and the address to read. On success the read value will be returned.

use proc_mem::{Process, Module, ProcMemError};
let chrome = Process::with_name("chrome.exe")?;
let module = chrome.module("kernel32.dll")?;
let read_value: Result<T, ProcMemError> = chrome.read_mem::<T>(module.base_address() + 0x1337);
source

pub fn read_mem_chain<T: Default>( &self, chain: Vec<usize> ) -> Result<T, ProcMemError>

This function takes a type and a Vec of addresses/offsets, the first entry being the base address to start from. On success the read value will be returned.

use proc_mem::{Process, Module, ProcMemError};
let chrome = Process::with_name("chrome.exe")?;
let module = chrome.module("kernel32.dll")?;
let chain: Vec<usize> = vec![module.base_address(), 0xDEA964, 0x100]
let read_value: Result<T, ProcMemError> = chrome.read_mem_chain::<T>(chain);
source

pub fn read_ptr_chain(&self, chain: Vec<usize>) -> Result<usize, ProcMemError>

This function takes a type and a Vec of addresses/offsets, the first entry being the base address to start from. On success the address at the end of the chain will be returned.

use proc_mem::{Process, Module, ProcMemError};
let some_game = Process::with_name("some_game.exe")?;
let module = some_game.module("client.dll")?;
let chain: Vec<usize> = vec![module.base_address(), 0xDEA964, 0x100]
let desired_address: Result<usize, ProcMemError> = chrome.read_ptr_chain(chain);
source

pub fn write_mem<T: Default>(&self, address: usize, value: T) -> bool

This function takes a type and the address to write to. The returned boolean will be true on success and false on failure

use proc_mem::{Process, Module};
let chrome = Process::with_name("chrome.exe")?;
let module = chrome.module("kernel32.dll")?;
let mut value_to_write: i32 = 1337;
let write_result: bool = chrome.write_mem(module.base_address() + 0x1337, value_to_write);
source

pub fn write_bytes(&self, address: usize, buf: *mut u8, size: usize) -> bool

With this function someone can write multiple bytes to a specified address. The returned boolean will be true on success and false on failure

use proc_mem::{Process, Module};
let chrome = Process::with_name("chrome.exe")?;
let module = chrome.module("kernel32.dll")?;
let mut bytes_to_write: Vec<u8> = [ 0x48, 0xC7, 0xC0, 0x0A, 0x00, 0x00, 0x00 ].to_vec();
let write_result: bool = chrome.write_bytes(module.base_address() + 0x1337, bytes_to_write.as_mut_ptr(), bytes_to_write.len());
source

pub fn read_ptr<T: Copy>(&self, buf: *mut T, address: usize) -> bool

C style method to read memory Third argument is the multiplicator of the Size of “T” for example if someone would want to read multiple bytes

use proc_mem::{Process, Module}
let chrome = Process::with_name("chrome.exe")?;
let module = chrome.module("kernel32.dll")?;
let mut value_buffer: i32 = 0;
if !chrome.read_ptr(&mut value_buffer, module.base_address() + 0x1337, None) {
    println!("ReadMemory Failure");
} else {
    println!("ReadMemory Success");
}
source

pub fn read_bytes(&self, address: usize, buf: *mut u8, size: usize) -> bool

C style method to read multiple bytes from memory

use proc_mem::{Process, Module}
let chrome = Process::with_name("chrome.exe")?;
let module = chrome.module("kernel32.dll")?;
 
let rsize = 10;
let mut bytes_buffer: Vec<u8> = vec![0u8;rsize];
if !chrome.read_bytes(module.base_address() + 0x1337, bytes_buffer.as_mut_ptr(), rsize) {
    println!("ReadMemory Failure");
} else {
    println!("ReadMemory Success");
}
source

pub fn name(&self) -> &str

Returns a string slice of the process name

source

pub fn pid(&self) -> &u32

Returns the unique identifier aka. process id of the process

source

pub fn iswow64(&self) -> bool

source

pub fn protect_mem( &self, address: usize, size: usize, new_protect: u32, old_protect: *mut u32 ) -> bool

Returns “TRUE” specified Memory Protection was changed successfully

Trait Implementations§

source§

impl Clone for Process

source§

fn clone(&self) -> Process

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for Process

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Send for Process

source§

impl Sync for Process

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.