[][src]Crate process_memory

This crate provides tools for working with the raw memory of programs.

Some examples of use cases for this tool are:

  • Remote debugging tools
  • Game "trainers"
  • Rust clones of Cheat Engine

Examples

// We have a variable with some value
let x = 4_u32;
println!("Original x-value: {}", x);

// We need to make sure that we get a handle to a process, in this case, ourselves
let handle = (std::process::id() as Pid).try_into_process_handle().unwrap();
// We make a `DataMember` that has an offset referring to its location in memory
let member = DataMember::new_offset(handle, vec![&x as *const _ as usize]);
// The memory refered to is now the same
println!("Memory location: &x: {}, member: {}", &x as *const _ as usize,
    member.get_offset().unwrap());
assert_eq!(&x as *const _ as usize, member.get_offset().unwrap());
// The value of the member is the same as the variable
println!("Member value: {}", member.read().unwrap());
assert_eq!(x, member.read().unwrap());
// We can write to and modify the value of the variable using the member
member.write(&6_u32).unwrap();
println!("New x-value: {}", x);
assert_eq!(x, 6_u32);
// We have a variable with some value
let x = 4_u32;
println!("Original x-value: {}", x);

// We make a `LocalMember` that has an offset referring to its location in memory
let member = LocalMember::new_offset(vec![&x as *const _ as usize]);
// The memory refered to is now the same
println!("Memory location: &x: {}, member: {}", &x as *const _ as usize,
    member.get_offset().unwrap());
assert_eq!(&x as *const _ as usize, member.get_offset().unwrap());
// The value of the member is the same as the variable
println!("Member value: {}", member.read().unwrap());
assert_eq!(x, member.read().unwrap());
// We can write to and modify the value of the variable using the member
member.write(&6_u32).unwrap();
println!("New x-value: {}", x);
assert_eq!(x, 6_u32);
// We get a handle for a target process with a different architecture to ourselves
let handle = get_pid("32Bit.exe").try_into_process_handle().unwrap()
    .set_arch(Architecture::Arch32Bit);
// We make a `DataMember` that has a series of offsets refering to a known value in
// the target processes memory
let member = DataMember::new_offset(handle, vec![0x01_02_03_04, 0x04, 0x08, 0x10]);
// The memory offset can now be correctly calculated:
println!("Target memory location: {}", member.get_offset().unwrap());
// The memory offset can now be used to retrieve and modify values:
println!("Current value: {}", member.read().unwrap());
member.write(&123_u32).unwrap();

Structs

DataMember

Tools for working with memory of other programs

LocalMember

This struct provides functions for modifying the memory of a program from within the address space of that program. This may be helpful for debug functions, or for an injected DLL.

Enums

Architecture

Enum representing the architecture of a process

Traits

CopyAddress

A trait that defines that it is possible to copy some memory from something represented by a type into a buffer.

Memory

A trait that refers to and allows writing to a region of memory in a running program.

ProcessHandleExt

Additional functions on process handles

PutAddress

A trait that defines that it is possible to put a buffer into the memory of something represented by a type.

TryIntoProcessHandle

A trait that attempts to turn some type into a ProcessHandle so memory can be either copied or placed into it.

Functions

copy_address

Copy length bytes of memory at addr from source.

Type Definitions

Pid

On Linux a Pid is just a libc::pid_t.

ProcessHandle

On Linux a ProcessHandle is just a libc::pid_t.