iflow-mcp_bethington-cheat-engine-server-python 0.1.0__py3-none-any.whl

server/process/manager.py

@@ -0,0 +1,185 @@
+"""
+Process Manager Module
+Handles process enumeration, attachment, and management
+Cross-platform version supporting both Windows and Linux
+"""
+
+import psutil
+import logging
+import platform
+from typing import Dict, List, Optional, Any
+from dataclasses import dataclass
+
+logger = logging.getLogger(__name__)
+
+# Detect platform
+IS_WINDOWS = platform.system() == 'Windows'
+
+# Windows-specific imports
+if IS_WINDOWS:
+    import ctypes
+    import ctypes.wintypes
+    
+    # Windows API constants
+    PROCESS_QUERY_INFORMATION = 0x0400
+    PROCESS_VM_READ = 0x0010
+    PROCESS_VM_WRITE = 0x0020
+    PROCESS_VM_OPERATION = 0x0008
+    PROCESS_ALL_ACCESS = 0x1F0FFF
+
+@dataclass
+class ProcessInfo:
+    """Process information structure"""
+    pid: int
+    name: str
+    exe_path: str
+    architecture: str
+    memory_usage: int
+    handle: Optional[int] = None
+    access_level: str = "none"
+
+class ProcessManager:
+    """Manages process attachment and operations"""
+    
+    def __init__(self):
+        self.current_process: Optional[ProcessInfo] = None
+        if IS_WINDOWS:
+            self.kernel32 = ctypes.windll.kernel32
+        else:
+            self.kernel32 = None
+        
+    def list_processes(self) -> List[Dict[str, Any]]:
+        """Enumerate all running processes"""
+        processes = []
+        
+        try:
+            for proc in psutil.process_iter(['pid', 'name', 'exe', 'memory_info']):
+                try:
+                    info = proc.info
+                    if info['name'] and info['pid'] > 0:
+                        # Get architecture info
+                        arch = self._get_process_architecture(info['pid'])
+                        
+                        processes.append({
+                            'pid': info['pid'],
+                            'name': info['name'],
+                            'exe_path': info['exe'] or 'N/A',
+                            'architecture': arch,
+                            'memory_usage': info['memory_info'].rss if info['memory_info'] else 0
+                        })
+                except (psutil.NoSuchProcess, psutil.AccessDenied, psutil.ZombieProcess):
+                    continue
+                    
+        except Exception as e:
+            logger.error(f"Error enumerating processes: {e}")
+            
+        return sorted(processes, key=lambda x: x['name'].lower())
+    
+    def _get_process_architecture(self, pid: int) -> str:
+        """Determine process architecture (32-bit or 64-bit)"""
+        try:
+            if IS_WINDOWS:
+                handle = self.kernel32.OpenProcess(PROCESS_QUERY_INFORMATION, False, pid)
+                if not handle:
+                    return "Unknown"
+                
+                try:
+                    # Check if process is WOW64 (32-bit on 64-bit Windows)
+                    is_wow64 = ctypes.wintypes.BOOL()
+                    if self.kernel32.IsWow64Process(handle, ctypes.byref(is_wow64)):
+                        if is_wow64.value:
+                            return "x86"
+                        else:
+                            # Check system architecture
+                            if platform.machine().endswith('64'):
+                                return "x64"
+                            else:
+                                return "x86"
+                    return "Unknown"
+                finally:
+                    self.kernel32.CloseHandle(handle)
+            else:
+                # Linux: Use /proc filesystem
+                try:
+                    with open(f'/proc/{pid}/exe', 'rb') as f:
+                        exe_path = f.read()
+                    # Check if executable path contains 32-bit indicators
+                    if b'32' in exe_path or b'x86' in exe_path:
+                        return "x86"
+                    # Check system architecture
+                    if platform.machine().endswith('64'):
+                        return "x64"
+                    return "x86"
+                except (FileNotFoundError, PermissionError):
+                    return "Unknown"
+        except Exception as e:
+            logger.error(f"Error getting process architecture: {e}")
+            return "Unknown"
+    
+    def attach_process(self, pid: int) -> ProcessInfo:
+        """Attach to a process"""
+        try:
+            proc = psutil.Process(pid)
+            
+            process_info = ProcessInfo(
+                pid=pid,
+                name=proc.name(),
+                exe_path=proc.exe() or 'N/A',
+                architecture=self._get_process_architecture(pid),
+                memory_usage=proc.memory_info().rss,
+                handle=pid if not IS_WINDOWS else None,
+                access_level="full" if IS_WINDOWS else "limited"
+            )
+            
+            self.current_process = process_info
+            logger.info(f"Attached to process {pid} ({process_info.name})")
+            return process_info
+            
+        except psutil.NoSuchProcess:
+            raise Exception(f"Process {pid} not found")
+        except psutil.AccessDenied:
+            raise Exception(f"Access denied to process {pid}")
+        except Exception as e:
+            raise Exception(f"Failed to attach to process {pid}: {e}")
+    
+    def detach_process(self) -> bool:
+        """Detach from current process"""
+        try:
+            if self.current_process:
+                if IS_WINDOWS and self.current_process.handle:
+                    self.kernel32.CloseHandle(self.current_process.handle)
+                self.current_process = None
+                logger.info("Detached from process")
+                return True
+            return False
+        except Exception as e:
+            logger.error(f"Error detaching from process: {e}")
+            return False
+    
+    def get_process_info(self, pid: int) -> Dict[str, Any]:
+        """Get detailed information about a process"""
+        try:
+            proc = psutil.Process(pid)
+            
+            return {
+                'pid': pid,
+                'name': proc.name(),
+                'exe': proc.exe() or 'N/A',
+                'cwd': proc.cwd() or 'N/A',
+                'cmdline': proc.cmdline(),
+                'create_time': proc.create_time(),
+                'status': proc.status(),
+                'username': proc.username(),
+                'memory_info': {
+                    'rss': proc.memory_info().rss,
+                    'vms': proc.memory_info().vms
+                },
+                'cpu_percent': proc.cpu_percent(),
+                'num_threads': proc.num_threads(),
+                'architecture': self._get_process_architecture(pid),
+                'platform': platform.system()
+            }
+        except psutil.NoSuchProcess:
+            raise Exception(f"Process {pid} not found")
+        except Exception as e:
+            raise Exception(f"Failed to get process info: {e}")

server/process/monitors.py

@@ -0,0 +1,202 @@
+"""
+Process Monitors Module
+Handles process state monitoring and change detection
+"""
+
+import threading
+import time
+import psutil
+import logging
+from typing import Dict, List, Callable, Optional
+from dataclasses import dataclass
+from datetime import datetime
+
+logger = logging.getLogger(__name__)
+
+@dataclass
+class ProcessState:
+    """Process state snapshot"""
+    pid: int
+    name: str
+    status: str
+    memory_usage: int
+    cpu_percent: float
+    num_threads: int
+    timestamp: datetime
+
+class ProcessMonitor:
+    """Monitors process state changes"""
+    
+    def __init__(self):
+        self.monitored_processes: Dict[int, ProcessState] = {}
+        self.callbacks: List[Callable] = []
+        self.monitoring = False
+        self.monitor_thread: Optional[threading.Thread] = None
+        self.update_interval = 5.0  # seconds
+    
+    def add_process(self, pid: int):
+        """Add a process to monitoring"""
+        try:
+            proc = psutil.Process(pid)
+            state = ProcessState(
+                pid=pid,
+                name=proc.name(),
+                status=proc.status(),
+                memory_usage=proc.memory_info().rss,
+                cpu_percent=proc.cpu_percent(),
+                num_threads=proc.num_threads(),
+                timestamp=datetime.now()
+            )
+            self.monitored_processes[pid] = state
+            logger.info(f"Added process {pid} to monitoring")
+            
+        except (psutil.NoSuchProcess, psutil.AccessDenied) as e:
+            logger.error(f"Cannot monitor process {pid}: {e}")
+            raise
+    
+    def remove_process(self, pid: int):
+        """Remove a process from monitoring"""
+        if pid in self.monitored_processes:
+            del self.monitored_processes[pid]
+            logger.info(f"Removed process {pid} from monitoring")
+    
+    def add_callback(self, callback: Callable[[int, str, Dict], None]):
+        """Add a callback for process state changes
+        
+        Callback signature: callback(pid, event_type, data)
+        Event types: 'terminated', 'memory_change', 'status_change'
+        """
+        self.callbacks.append(callback)
+    
+    def start_monitoring(self):
+        """Start the monitoring thread"""
+        if self.monitoring:
+            return
+        
+        self.monitoring = True
+        self.monitor_thread = threading.Thread(target=self._monitor_loop, daemon=True)
+        self.monitor_thread.start()
+        logger.info("Process monitoring started")
+    
+    def stop_monitoring(self):
+        """Stop the monitoring thread"""
+        self.monitoring = False
+        if self.monitor_thread:
+            self.monitor_thread.join(timeout=2.0)
+        logger.info("Process monitoring stopped")
+    
+    def _monitor_loop(self):
+        """Main monitoring loop"""
+        while self.monitoring:
+            try:
+                self._check_processes()
+                time.sleep(self.update_interval)
+            except Exception as e:
+                logger.error(f"Error in monitoring loop: {e}")
+                time.sleep(1.0)
+    
+    def _check_processes(self):
+        """Check all monitored processes for changes"""
+        for pid in list(self.monitored_processes.keys()):
+            try:
+                self._check_single_process(pid)
+            except Exception as e:
+                logger.error(f"Error checking process {pid}: {e}")
+    
+    def _check_single_process(self, pid: int):
+        """Check a single process for changes"""
+        old_state = self.monitored_processes[pid]
+        
+        try:
+            proc = psutil.Process(pid)
+            
+            # Get current state
+            current_state = ProcessState(
+                pid=pid,
+                name=proc.name(),
+                status=proc.status(),
+                memory_usage=proc.memory_info().rss,
+                cpu_percent=proc.cpu_percent(),
+                num_threads=proc.num_threads(),
+                timestamp=datetime.now()
+            )
+            
+            # Check for changes
+            self._detect_changes(old_state, current_state)
+            
+            # Update stored state
+            self.monitored_processes[pid] = current_state
+            
+        except psutil.NoSuchProcess:
+            # Process terminated
+            self._notify_callbacks(pid, 'terminated', {'last_state': old_state})
+            self.remove_process(pid)
+            
+        except (psutil.AccessDenied, psutil.ZombieProcess) as e:
+            logger.warning(f"Cannot access process {pid}: {e}")
+    
+    def _detect_changes(self, old_state: ProcessState, new_state: ProcessState):
+        """Detect and report changes between states"""
+        
+        # Status change
+        if old_state.status != new_state.status:
+            self._notify_callbacks(
+                new_state.pid, 
+                'status_change', 
+                {
+                    'old_status': old_state.status,
+                    'new_status': new_state.status
+                }
+            )
+        
+        # Significant memory change (>10MB or >10%)
+        memory_diff = abs(new_state.memory_usage - old_state.memory_usage)
+        memory_percent_change = memory_diff / old_state.memory_usage if old_state.memory_usage > 0 else 0
+        
+        if memory_diff > 10 * 1024 * 1024 or memory_percent_change > 0.1:
+            self._notify_callbacks(
+                new_state.pid,
+                'memory_change',
+                {
+                    'old_memory': old_state.memory_usage,
+                    'new_memory': new_state.memory_usage,
+                    'change': memory_diff,
+                    'percent_change': memory_percent_change
+                }
+            )
+        
+        # Thread count change
+        if old_state.num_threads != new_state.num_threads:
+            self._notify_callbacks(
+                new_state.pid,
+                'thread_change',
+                {
+                    'old_threads': old_state.num_threads,
+                    'new_threads': new_state.num_threads
+                }
+            )
+    
+    def _notify_callbacks(self, pid: int, event_type: str, data: Dict):
+        """Notify all callbacks of an event"""
+        for callback in self.callbacks:
+            try:
+                callback(pid, event_type, data)
+            except Exception as e:
+                logger.error(f"Error in process monitor callback: {e}")
+    
+    def get_process_state(self, pid: int) -> Optional[ProcessState]:
+        """Get current state of a monitored process"""
+        return self.monitored_processes.get(pid)
+    
+    def get_all_states(self) -> Dict[int, ProcessState]:
+        """Get all current process states"""
+        return self.monitored_processes.copy()
+    
+    def set_update_interval(self, seconds: float):
+        """Set the monitoring update interval"""
+        if seconds > 0:
+            self.update_interval = seconds
+    
+    def __del__(self):
+        """Cleanup on destruction"""
+        self.stop_monitoring()

server/process/permissions.py

@@ -0,0 +1,131 @@
+"""
+Process Permissions Module
+Handles security and permission validation
+"""
+
+import ctypes
+import ctypes.wintypes
+import os
+import logging
+from typing import Set, List
+
+logger = logging.getLogger(__name__)
+
+class PermissionChecker:
+    """Handles permission and security checks"""
+    
+    def __init__(self):
+        self.kernel32 = ctypes.windll.kernel32
+        self.advapi32 = ctypes.windll.advapi32
+    
+    def has_debug_privileges(self) -> bool:
+        """Check if current process has debug privileges"""
+        try:
+            # Get current process token
+            token = ctypes.wintypes.HANDLE()
+            if not self.advapi32.OpenProcessToken(
+                self.kernel32.GetCurrentProcess(),
+                0x0020,  # TOKEN_ADJUST_PRIVILEGES
+                ctypes.byref(token)
+            ):
+                return False
+            
+            try:
+                # Check for SeDebugPrivilege
+                privilege_name = "SeDebugPrivilege"
+                luid = ctypes.wintypes.LUID()
+                
+                if not self.advapi32.LookupPrivilegeValueW(
+                    None,
+                    privilege_name,
+                    ctypes.byref(luid)
+                ):
+                    return False
+                
+                # Check if privilege is enabled
+                privilege_set = ctypes.create_string_buffer(16)  # PRIVILEGE_SET structure
+                privilege_length = ctypes.wintypes.DWORD(16)
+                result = ctypes.wintypes.BOOL()
+                
+                if self.advapi32.PrivilegeCheck(
+                    token,
+                    privilege_set,
+                    ctypes.byref(result)
+                ):
+                    return bool(result.value)
+                
+                return False
+                
+            finally:
+                self.kernel32.CloseHandle(token)
+                
+        except Exception as e:
+            logger.warning(f"Failed to check debug privileges: {e}")
+            return False
+    
+    def is_elevated(self) -> bool:
+        """Check if current process is running with elevated privileges"""
+        try:
+            return ctypes.windll.shell32.IsUserAnAdmin()
+        except Exception:
+            return False
+    
+    def can_access_process(self, pid: int, access_level: str = "read") -> tuple[bool, str]:
+        """Check if we can access a specific process with given access level"""
+        try:
+            if access_level == "read":
+                access_rights = 0x0400 | 0x0010  # PROCESS_QUERY_INFORMATION | PROCESS_VM_READ
+            elif access_level == "debug":
+                access_rights = 0x1F0FFF  # PROCESS_ALL_ACCESS
+            else:
+                return False, f"Invalid access level: {access_level}"
+            
+            handle = self.kernel32.OpenProcess(access_rights, False, pid)
+            if handle:
+                self.kernel32.CloseHandle(handle)
+                return True, "Access granted"
+            else:
+                error_code = ctypes.get_last_error()
+                return False, f"Access denied (Error {error_code})"
+                
+        except Exception as e:
+            return False, f"Exception checking access: {e}"
+    
+    def get_security_recommendations(self) -> List[str]:
+        """Get security recommendations for current environment"""
+        recommendations = []
+        
+        if not self.is_elevated():
+            recommendations.append("Consider running as administrator for full functionality")
+        
+        if not self.has_debug_privileges():
+            recommendations.append("Debug privileges not available - some features may be limited")
+        
+        return recommendations
+    
+    def validate_address(self, address: int) -> bool:
+        """Validate that an address is within reasonable bounds"""
+        # Basic sanity checks for memory addresses
+        if address < 0:
+            return False
+        
+        # Check for obviously invalid addresses
+        if address < 0x1000:  # Null page
+            return False
+        
+        # Check for addresses that are too high (basic check)
+        if address > 0x7FFFFFFFFFFF:  # Max user-mode address on x64
+            return False
+        
+        return True
+    
+    def validate_size(self, size: int) -> bool:
+        """Validate that a size parameter is reasonable"""
+        if size <= 0:
+            return False
+        
+        # Limit maximum read size to prevent abuse
+        if size > 1024 * 1024 * 100:  # 100MB max
+            return False
+        
+        return True

server/process_whitelist.json

@@ -0,0 +1,119 @@
+{
+  "enabled": true,
+  "description": "Process whitelist for MCP Cheat Engine Server",
+  "last_updated": "2025-07-31T01:58:10.838750",
+  "entries": [
+    {
+      "process_name": "notepad.exe",
+      "description": "Windows Notepad",
+      "category": "system",
+      "added_date": "2025-07-31T01:58:10.497479",
+      "enabled": true,
+      "exact_match": true
+    },
+    {
+      "process_name": "code.exe",
+      "description": "Visual Studio Code",
+      "category": "development",
+      "added_date": "2025-07-31T01:58:10.497487",
+      "enabled": true,
+      "exact_match": true
+    },
+    {
+      "process_name": "devenv.exe",
+      "description": "Visual Studio",
+      "category": "development",
+      "added_date": "2025-07-31T01:58:10.497490",
+      "enabled": true,
+      "exact_match": true
+    },
+    {
+      "process_name": "windbg.exe",
+      "description": "Windows Debugger",
+      "category": "development",
+      "added_date": "2025-07-31T01:58:10.497495",
+      "enabled": true,
+      "exact_match": true
+    },
+    {
+      "process_name": "x64dbg.exe",
+      "description": "x64dbg Debugger",
+      "category": "development",
+      "added_date": "2025-07-31T01:58:10.497497",
+      "enabled": true,
+      "exact_match": true
+    },
+    {
+      "process_name": "ollydbg.exe",
+      "description": "OllyDbg Debugger",
+      "category": "development",
+      "added_date": "2025-07-31T01:58:10.497498",
+      "enabled": true,
+      "exact_match": true
+    },
+    {
+      "process_name": "calc.exe",
+      "description": "Windows Calculator",
+      "category": "system",
+      "added_date": "2025-07-31T01:58:10.497500",
+      "enabled": true,
+      "exact_match": true
+    },
+    {
+      "process_name": "mspaint.exe",
+      "description": "Microsoft Paint",
+      "category": "system",
+      "added_date": "2025-07-31T01:58:10.497501",
+      "enabled": true,
+      "exact_match": true
+    },
+    {
+      "process_name": "wordpad.exe",
+      "description": "Windows WordPad",
+      "category": "system",
+      "added_date": "2025-07-31T01:58:10.497503",
+      "enabled": true,
+      "exact_match": true
+    },
+    {
+      "process_name": "minesweeper.exe",
+      "description": "Minesweeper",
+      "category": "game",
+      "added_date": "2025-07-31T01:58:10.497504",
+      "enabled": true,
+      "exact_match": true
+    },
+    {
+      "process_name": "solitaire.exe",
+      "description": "Solitaire",
+      "category": "game",
+      "added_date": "2025-07-31T01:58:10.497505",
+      "enabled": true,
+      "exact_match": true
+    },
+    {
+      "process_name": "test*.exe",
+      "description": "Test Applications",
+      "category": "test",
+      "added_date": "2025-07-31T01:58:10.497507",
+      "enabled": true,
+      "exact_match": false
+    },
+    {
+      "process_name": "demo*.exe",
+      "description": "Demo Applications",
+      "category": "test",
+      "added_date": "2025-07-31T01:58:10.497509",
+      "enabled": true,
+      "exact_match": false
+    },
+    {
+      "process_name": "dbengine-x86_64.exe",
+      "description": "Database Engine x64",
+      "category": "development",
+      "added_date": "2025-07-31T05:02:00.000000",
+      "enabled": true,
+      "exact_match": true
+    }
+  ]
+}

server/utils/__init__.py

@@ -0,0 +1,37 @@
+"""
+Utility Functions Module
+Provides validation, formatting, and data type utilities
+"""
+
+from .validators import (
+    validate_address, validate_size, validate_pattern, 
+    validate_process_identifier, validate_data_type,
+    sanitize_filename, validate_region_list
+)
+from .formatters import (
+    format_memory_data, format_raw_bytes, format_process_info,
+    format_size, format_timestamp, format_hex_dump, format_scan_results
+)
+from .data_types import (
+    DataType, Architecture, MemoryProtection,
+    ProcessSnapshot, MemoryBlock, ScanResult, PointerChain,
+    DataTypeConverter, PatternMatcher, AddressCalculator,
+    AnalysisContext, SimpleCache
+)
+
+__all__ = [
+    # Validators
+    'validate_address', 'validate_size', 'validate_pattern',
+    'validate_process_identifier', 'validate_data_type',
+    'sanitize_filename', 'validate_region_list',
+    
+    # Formatters
+    'format_memory_data', 'format_raw_bytes', 'format_process_info',
+    'format_size', 'format_timestamp', 'format_hex_dump', 'format_scan_results',
+    
+    # Data Types
+    'DataType', 'Architecture', 'MemoryProtection',
+    'ProcessSnapshot', 'MemoryBlock', 'ScanResult', 'PointerChain',
+    'DataTypeConverter', 'PatternMatcher', 'AddressCalculator',
+    'AnalysisContext', 'SimpleCache'
+]