Das deutsche Python-Forum

Code: Alles auswählen

import psutil

from ctypes import *
from ctypes.wintypes import *


def listProcesses():
    for proc in psutil.process_iter():
        try:
            pinfo = proc.as_dict(attrs=['pid', 'name'])
        except psutil.NoSuchProcess:
            pass
        else:
            print(pinfo)

listProcesses()

# Get dll functions
OpenProcess = windll.kernel32.OpenProcess
ReadProcessMemory = windll.kernel32.ReadProcessMemory
CloseHandle = windll.kernel32.CloseHandle

# flags
PROCESS_ALL_ACCESS = 0x1F0FFF
PROCESS_QUERY_INFORMATION = 0x0400
PROCESS_VM_READ = 0x0010

pid = 6040   # the pid to read
address = 0x0008C900 # the address to read

bufferSize = 255 # buffer size of 255 bytes
buffer = ctypes.create_string_buffer(bufferSize) # buffer of size bufferSize


processHandle = OpenProcess(PROCESS_VM_READ, False, pid)
if processHandle:
    if ReadProcessMemory(processHandle, address, buffer, bufferSize, 0):
        print("Success:", buffer)
    else:
        print("Failed.")
else:
    print("Unable to open process")

CloseHandle(processHandle)

Code: Alles auswählen

import psutil

import ctypes as c
from ctypes import wintypes as w


def listProcesses():
    for proc in psutil.process_iter():
        try:
            pinfo = proc.as_dict(attrs=['pid', 'name'])
        except psutil.NoSuchProcess:
            pass
        else:
            print(pinfo)

listProcesses()

k32 = c.windll.kernel32

# Get dll functions
OpenProcess = k32.OpenProcess
OpenProcess.argtypes = [w.DWORD, w.BOOL, w.DWORD]
OpenProcess.restype = w.HANDLE

ReadProcessMemory = k32.ReadProcessMemory
ReadProcessMemory.argtypes = [w.HANDLE, w.LPCVOID, w.LPVOID, c.c_size_t, c.POINTER(c.c_size_t)]
ReadProcessMemory.restype = w.BOOL

CloseHandle = k32.CloseHandle
CloseHandle.argtypes = [w.HANDLE]
CloseHandle.restype = w.BOOL

GetLastError = k32.GetLastError
GetLastError.argtypes = None
GetLastError.restype = w.DWORD

# flags
PROCESS_ALL_ACCESS = 0x1F0FFF
PROCESS_QUERY_INFORMATION = 0x0400
PROCESS_VM_READ = 0x0010

pid = 8128   # the pid to read
address = 0x31CE6590 # the address to read (HEALTH: 0x31CE6590)

bufferSize = 4 # buffer size of 4 bytes
buffer = c.c_ulonglong(bufferSize) # buffer of size bufferSize
bytesRead = c.c_ulonglong()


processHandle = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
if processHandle:
    if ReadProcessMemory(processHandle, address, c.byref(buffer), bufferSize, None):
        print('buffer: {}'.format(buffer.value))
    else:
        print("Failed.")
        print(GetLastError())
else:
    print("Unable to open process")

CloseHandle(processHandle)