pub struct Process {
pub process_name: String,
pub process_id: u32,
pub process_base_address: usize,
pub process_handle: Handle,
pub iswow64: bool,
}
Expand description
contains name, pid and handle of a process
Fields§
§process_name: String
§process_id: u32
unique identifier if the process
process_base_address: usize
used when desired data is not inside a loaded module
process_handle: Handle
either PROCESS_ALL_ACCESS or PROCESS_VM_READ | PROCESS_VM_WRITE
iswow64: bool
is x32 or x64
Implementations§
source§impl Process
impl Process
sourcepub fn with_pid(pid: u32) -> Result<Self, ProcMemError>
pub fn with_pid(pid: u32) -> Result<Self, ProcMemError>
returns the desired process with the provided pid
use proc_mem::{Process, ProcMemError};
let process: Result<Process,ProcMemError> = Process::with_pid(12345);
sourcepub fn with_name(name: &str) -> Result<Self, ProcMemError>
pub fn with_name(name: &str) -> Result<Self, ProcMemError>
returns the desired process with the provided name
use proc_mem::{Process, ProcMemError};
let process: Result<Process,ProcMemError> = Process::with_name("process.exe");
sourcepub fn all_with_name(name: &str) -> Result<Vec<Process>, ProcMemError>
pub fn all_with_name(name: &str) -> Result<Vec<Process>, ProcMemError>
returns a Vec
use proc_mem::{Process, ProcMemError};
let processes: Result<Vec<Process>,ProcMemError> = Process::all_with_name("process.exe");
sourcepub fn module(&self, name: &str) -> Result<Module, ProcMemError>
pub fn module(&self, name: &str) -> Result<Module, ProcMemError>
returns an instance of module including its base address in memory
use proc_mem::{Process, Module, ProcMemError};
let process = Process::with_name("process.exe")?;
let module: Result<Module,ProcMemError> = process.module("module.dll");
sourcepub fn kill(&self) -> bool
pub fn kill(&self) -> bool
returns true if the process was terminated, otherwise will return false
use proc_mem::{Process};
let process = Process::with_name("process.exe")?;
let did_terminate: bool = process.kill();
sourcepub fn read_mem<T: Default>(&self, address: usize) -> Result<T, ProcMemError>
pub fn read_mem<T: Default>(&self, address: usize) -> Result<T, ProcMemError>
This function takes a type and the address to read. On success the read value will be returned.
use proc_mem::{Process, Module, ProcMemError};
let chrome = Process::with_name("chrome.exe")?;
let module = chrome.module("kernel32.dll")?;
let read_value: Result<T, ProcMemError> = chrome.read_mem::<T>(module.base_address() + 0x1337);
sourcepub fn read_mem_chain<T: Default>(
&self,
chain: Vec<usize>
) -> Result<T, ProcMemError>
pub fn read_mem_chain<T: Default>( &self, chain: Vec<usize> ) -> Result<T, ProcMemError>
This function takes a type and a Vec of addresses/offsets, the first entry being the base address to start from. On success the read value will be returned.
use proc_mem::{Process, Module, ProcMemError};
let chrome = Process::with_name("chrome.exe")?;
let module = chrome.module("kernel32.dll")?;
let chain: Vec<usize> = vec![module.base_address(), 0xDEA964, 0x100]
let read_value: Result<T, ProcMemError> = chrome.read_mem_chain::<T>(chain);
sourcepub fn read_ptr_chain(&self, chain: Vec<usize>) -> Result<usize, ProcMemError>
pub fn read_ptr_chain(&self, chain: Vec<usize>) -> Result<usize, ProcMemError>
This function takes a type and a Vec of addresses/offsets, the first entry being the base address to start from. On success the address at the end of the chain will be returned.
use proc_mem::{Process, Module, ProcMemError};
let some_game = Process::with_name("some_game.exe")?;
let module = some_game.module("client.dll")?;
let chain: Vec<usize> = vec![module.base_address(), 0xDEA964, 0x100]
let desired_address: Result<usize, ProcMemError> = chrome.read_ptr_chain(chain);
sourcepub fn write_mem<T: Default>(&self, address: usize, value: T) -> bool
pub fn write_mem<T: Default>(&self, address: usize, value: T) -> bool
This function takes a type and the address to write to. The returned boolean will be true on success and false on failure
use proc_mem::{Process, Module};
let chrome = Process::with_name("chrome.exe")?;
let module = chrome.module("kernel32.dll")?;
let mut value_to_write: i32 = 1337;
let write_result: bool = chrome.write_mem(module.base_address() + 0x1337, value_to_write);
sourcepub fn write_bytes(&self, address: usize, buf: *mut u8, size: usize) -> bool
pub fn write_bytes(&self, address: usize, buf: *mut u8, size: usize) -> bool
With this function someone can write multiple bytes to a specified address. The returned boolean will be true on success and false on failure
use proc_mem::{Process, Module};
let chrome = Process::with_name("chrome.exe")?;
let module = chrome.module("kernel32.dll")?;
let mut bytes_to_write: Vec<u8> = [ 0x48, 0xC7, 0xC0, 0x0A, 0x00, 0x00, 0x00 ].to_vec();
let write_result: bool = chrome.write_bytes(module.base_address() + 0x1337, bytes_to_write.as_mut_ptr(), bytes_to_write.len());
sourcepub fn read_ptr<T: Copy>(&self, buf: *mut T, address: usize) -> bool
pub fn read_ptr<T: Copy>(&self, buf: *mut T, address: usize) -> bool
C style method to read memory Third argument is the multiplicator of the Size of “T” for example if someone would want to read multiple bytes
use proc_mem::{Process, Module}
let chrome = Process::with_name("chrome.exe")?;
let module = chrome.module("kernel32.dll")?;
let mut value_buffer: i32 = 0;
if !chrome.read_ptr(&mut value_buffer, module.base_address() + 0x1337, None) {
println!("ReadMemory Failure");
} else {
println!("ReadMemory Success");
}
sourcepub fn read_bytes(&self, address: usize, buf: *mut u8, size: usize) -> bool
pub fn read_bytes(&self, address: usize, buf: *mut u8, size: usize) -> bool
C style method to read multiple bytes from memory
use proc_mem::{Process, Module}
let chrome = Process::with_name("chrome.exe")?;
let module = chrome.module("kernel32.dll")?;
let rsize = 10;
let mut bytes_buffer: Vec<u8> = vec![0u8;rsize];
if !chrome.read_bytes(module.base_address() + 0x1337, bytes_buffer.as_mut_ptr(), rsize) {
println!("ReadMemory Failure");
} else {
println!("ReadMemory Success");
}