ntmemoryapi 2.0.1__tar.gz → 2.0.3__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {ntmemoryapi-2.0.1 → ntmemoryapi-2.0.3}/PKG-INFO +1 -1
- {ntmemoryapi-2.0.1 → ntmemoryapi-2.0.3}/pyproject.toml +1 -1
- {ntmemoryapi-2.0.1 → ntmemoryapi-2.0.3}/src/ntmemoryapi/__init__.py +27 -27
- {ntmemoryapi-2.0.1 → ntmemoryapi-2.0.3}/README.md +0 -0
- {ntmemoryapi-2.0.1 → ntmemoryapi-2.0.3}/src/ntmemoryapi/embed.py +0 -0
- {ntmemoryapi-2.0.1 → ntmemoryapi-2.0.3}/src/ntmemoryapi/misc.py +0 -0
|
@@ -76,7 +76,7 @@ class CLIENT_ID(ctypes.Structure):
|
|
|
76
76
|
|
|
77
77
|
_fields_ = [
|
|
78
78
|
("unique_process", ctypes.c_void_p),
|
|
79
|
-
("unique_thread", ctypes.c_void_p)
|
|
79
|
+
("unique_thread", ctypes.c_void_p),
|
|
80
80
|
]
|
|
81
81
|
|
|
82
82
|
|
|
@@ -89,7 +89,7 @@ class OBJECT_ATTRIBUTES(ctypes.Structure):
|
|
|
89
89
|
("object_name", ctypes.c_void_p),
|
|
90
90
|
("attributes", ctypes.c_ulong),
|
|
91
91
|
("security_descriptor", ctypes.c_void_p),
|
|
92
|
-
("security_quality_of_service", ctypes.c_void_p)
|
|
92
|
+
("security_quality_of_service", ctypes.c_void_p),
|
|
93
93
|
]
|
|
94
94
|
|
|
95
95
|
|
|
@@ -106,7 +106,7 @@ class MODULEENTRY32(ctypes.Structure):
|
|
|
106
106
|
("mod_base_size", ctypes.c_ulong),
|
|
107
107
|
("h_module", ctypes.c_void_p),
|
|
108
108
|
("sz_module", ctypes.c_char * 256),
|
|
109
|
-
("sz_exe_path", ctypes.c_char * 260)
|
|
109
|
+
("sz_exe_path", ctypes.c_char * 260),
|
|
110
110
|
]
|
|
111
111
|
|
|
112
112
|
@property
|
|
@@ -251,23 +251,23 @@ def list_processes(include_process_information: int = PROCESS_ID | PROCESS_NAME)
|
|
|
251
251
|
for process in psutil.process_iter():
|
|
252
252
|
|
|
253
253
|
# Save process to list
|
|
254
|
-
|
|
254
|
+
process_info = {}
|
|
255
255
|
|
|
256
256
|
# If process ID including required
|
|
257
257
|
if include_process_information & PROCESS_ID:
|
|
258
|
-
|
|
258
|
+
process_info["id"] = process.pid
|
|
259
259
|
|
|
260
260
|
# If process ID including required
|
|
261
261
|
if include_process_information & PROCESS_NAME:
|
|
262
|
-
|
|
262
|
+
process_info["name"] = process.name()
|
|
263
263
|
|
|
264
264
|
# Save process information to list
|
|
265
|
-
processes.append(
|
|
265
|
+
processes.append(process_info)
|
|
266
266
|
|
|
267
267
|
return processes
|
|
268
268
|
|
|
269
269
|
|
|
270
|
-
def
|
|
270
|
+
def _get_be_buffer(soure_c_type: typing.Any) -> ctypes.BigEndianStructure:
|
|
271
271
|
"""Create buffer to hold data in big-endian format."""
|
|
272
272
|
|
|
273
273
|
class BigEndianValue(ctypes.BigEndianStructure):
|
|
@@ -309,7 +309,7 @@ class Process:
|
|
|
309
309
|
# Try create file at temp directory to load SIMD KMP .dll (Module to blazingly fast pattern scaning)
|
|
310
310
|
try:
|
|
311
311
|
|
|
312
|
-
# Write library bytes
|
|
312
|
+
# Write library bytes directly from python list
|
|
313
313
|
with open("%s\\simdkmp.dll" % (appdata := os.getenv("APPDATA")), "wb") as file:
|
|
314
314
|
file.write(bytes(embed.kmp))
|
|
315
315
|
|
|
@@ -493,7 +493,7 @@ class Process:
|
|
|
493
493
|
"""Scan process and return address that validates given pattern hex byte mask, use `??` to wildcard byte, for example - "14 00 00 00 DB FF ?? ?? FF FF 00 00"."""
|
|
494
494
|
|
|
495
495
|
# Validate given pattern
|
|
496
|
-
for byte in pattern.strip().split():
|
|
496
|
+
for byte in pattern.lower().strip().split():
|
|
497
497
|
|
|
498
498
|
# If pattern byte is not wildcard and valid
|
|
499
499
|
if len(byte) == 2 and [item in "0123456789ABCDEFabcdef" for item in byte].count(True) == 2:
|
|
@@ -570,7 +570,7 @@ class Process:
|
|
|
570
570
|
"""Read 2 byte signed integer value located at given address."""
|
|
571
571
|
|
|
572
572
|
# If result failed
|
|
573
|
-
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
573
|
+
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_int16)() if big_endian else ctypes.c_int16()), ctypes.sizeof(buffer), None)):
|
|
574
574
|
raise Exception("NtReadVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
575
575
|
|
|
576
576
|
return buffer.value
|
|
@@ -579,7 +579,7 @@ class Process:
|
|
|
579
579
|
"""Read 4 byte signed integer value located at given address."""
|
|
580
580
|
|
|
581
581
|
# If result failed
|
|
582
|
-
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
582
|
+
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_int32)() if big_endian else ctypes.c_int32()), ctypes.sizeof(buffer), None)):
|
|
583
583
|
raise Exception("NtReadVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
584
584
|
|
|
585
585
|
return buffer.value
|
|
@@ -588,7 +588,7 @@ class Process:
|
|
|
588
588
|
"""Read 8 byte signed integer value located at given address."""
|
|
589
589
|
|
|
590
590
|
# If result failed
|
|
591
|
-
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
591
|
+
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_int64)() if big_endian else ctypes.c_int64()), ctypes.sizeof(buffer), None)):
|
|
592
592
|
raise Exception("NtReadVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
593
593
|
|
|
594
594
|
return buffer.value
|
|
@@ -606,7 +606,7 @@ class Process:
|
|
|
606
606
|
"""Read 2 byte unsigned integer value located at given address."""
|
|
607
607
|
|
|
608
608
|
# If result failed
|
|
609
|
-
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
609
|
+
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_uint16)() if big_endian else ctypes.c_uint16()), ctypes.sizeof(buffer), None)):
|
|
610
610
|
raise Exception("NtReadVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
611
611
|
|
|
612
612
|
return buffer.value
|
|
@@ -615,7 +615,7 @@ class Process:
|
|
|
615
615
|
"""Read 4 byte unsigned integer value located at given address."""
|
|
616
616
|
|
|
617
617
|
# If result failed
|
|
618
|
-
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
618
|
+
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_uint32)() if big_endian else ctypes.c_uint32()), ctypes.sizeof(buffer), None)):
|
|
619
619
|
raise Exception("NtReadVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
620
620
|
|
|
621
621
|
return buffer.value
|
|
@@ -624,7 +624,7 @@ class Process:
|
|
|
624
624
|
"""Read 8 byte unsigned integer value located at given address."""
|
|
625
625
|
|
|
626
626
|
# If result failed
|
|
627
|
-
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
627
|
+
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_uint64)() if big_endian else ctypes.c_uint64()), ctypes.sizeof(buffer), None)):
|
|
628
628
|
raise Exception("NtReadVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
629
629
|
|
|
630
630
|
return buffer.value
|
|
@@ -633,7 +633,7 @@ class Process:
|
|
|
633
633
|
"""Read 4 byte floating-point digit value located at given address."""
|
|
634
634
|
|
|
635
635
|
# If result failed
|
|
636
|
-
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
636
|
+
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_float)() if big_endian else ctypes.c_float()), ctypes.sizeof(buffer), None)):
|
|
637
637
|
raise Exception("NtReadVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
638
638
|
|
|
639
639
|
return buffer.value
|
|
@@ -642,7 +642,7 @@ class Process:
|
|
|
642
642
|
"""Read 8 byte floating-point digit value located at given address."""
|
|
643
643
|
|
|
644
644
|
# If result failed
|
|
645
|
-
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
645
|
+
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_double)() if big_endian else ctypes.c_double()), ctypes.sizeof(buffer), None)):
|
|
646
646
|
raise Exception("NtReadVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
647
647
|
|
|
648
648
|
return buffer.value
|
|
@@ -651,7 +651,7 @@ class Process:
|
|
|
651
651
|
"""Read bytes array of variadic size located at given address."""
|
|
652
652
|
|
|
653
653
|
# If result failed
|
|
654
|
-
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
654
|
+
if (result := _nt_read_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_int8 * size)() if big_endian else (ctypes.c_int8 * size)()), ctypes.sizeof(buffer), None)):
|
|
655
655
|
raise Exception("NtReadVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
656
656
|
|
|
657
657
|
return bytes(buffer)
|
|
@@ -676,21 +676,21 @@ class Process:
|
|
|
676
676
|
"""Write 2 byte signed integer value at given address."""
|
|
677
677
|
|
|
678
678
|
# If result failed
|
|
679
|
-
if (result := _nt_write_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
679
|
+
if (result := _nt_write_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_int16(value)) if big_endian else ctypes.c_int16(value)), ctypes.sizeof(buffer), None)):
|
|
680
680
|
raise Exception("NtWriteVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
681
681
|
|
|
682
682
|
def write_int32(self, address: int, value: int, big_endian: bool = False) -> None:
|
|
683
683
|
"""Write 4 byte signed integer value at given address."""
|
|
684
684
|
|
|
685
685
|
# If result failed
|
|
686
|
-
if (result := _nt_write_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
686
|
+
if (result := _nt_write_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_int32(value)) if big_endian else ctypes.c_int32(value)), ctypes.sizeof(buffer), None)):
|
|
687
687
|
raise Exception("NtWriteVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
688
688
|
|
|
689
689
|
def write_int64(self, address: int, value: int, big_endian: bool = False) -> None:
|
|
690
690
|
"""Write 8 byte signed integer value at given address."""
|
|
691
691
|
|
|
692
692
|
# If result failed
|
|
693
|
-
if (result := _nt_write_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
693
|
+
if (result := _nt_write_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_int64(value)) if big_endian else ctypes.c_int64(value)), ctypes.sizeof(buffer), None)):
|
|
694
694
|
raise Exception("NtWriteVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
695
695
|
|
|
696
696
|
def write_uint8(self, address: int, value: int) -> None:
|
|
@@ -704,35 +704,35 @@ class Process:
|
|
|
704
704
|
"""Write 2 byte unsigned integer value at given address."""
|
|
705
705
|
|
|
706
706
|
# If result failed
|
|
707
|
-
if (result := _nt_write_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
707
|
+
if (result := _nt_write_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_uint16(value)) if big_endian else ctypes.c_uint16(value)), ctypes.sizeof(buffer), None)):
|
|
708
708
|
raise Exception("NtWriteVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
709
709
|
|
|
710
710
|
def write_uint32(self, address: int, value: int, big_endian: bool = False) -> None:
|
|
711
711
|
"""Write 4 byte unsigned integer value at given address."""
|
|
712
712
|
|
|
713
713
|
# If result failed
|
|
714
|
-
if (result := _nt_write_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
714
|
+
if (result := _nt_write_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_uint32(value)) if big_endian else ctypes.c_uint32(value)), ctypes.sizeof(buffer), None)):
|
|
715
715
|
raise Exception("NtWriteVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
716
716
|
|
|
717
717
|
def write_uint64(self, address: int, value: int, big_endian: bool = False) -> None:
|
|
718
718
|
"""Write 8 byte unsigned integer value at given address."""
|
|
719
719
|
|
|
720
720
|
# If result failed
|
|
721
|
-
if (result := _nt_write_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
721
|
+
if (result := _nt_write_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_uint64(value)) if big_endian else ctypes.c_uint64(value)), ctypes.sizeof(buffer), None)):
|
|
722
722
|
raise Exception("NtWriteVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
723
723
|
|
|
724
724
|
def write_float32(self, address: int, value: float | int, big_endian: bool = False) -> float:
|
|
725
725
|
"""Write 4 byte floating-point digit value at given address."""
|
|
726
726
|
|
|
727
727
|
# If result failed
|
|
728
|
-
if (result := _nt_write_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
728
|
+
if (result := _nt_write_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_float(value)) if big_endian else ctypes.c_float(value)), ctypes.sizeof(buffer), None)):
|
|
729
729
|
raise Exception("NtWriteVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
730
730
|
|
|
731
731
|
def write_float64(self, address: int, value: float | int, big_endian: bool = False) -> float:
|
|
732
732
|
"""Write 8 byte floating-point digit value at given address."""
|
|
733
733
|
|
|
734
734
|
# If result failed
|
|
735
|
-
if (result := _nt_write_virtual_memory(self.handle, address, ctypes.byref(buffer :=
|
|
735
|
+
if (result := _nt_write_virtual_memory(self.handle, address, ctypes.byref(buffer := _get_be_buffer(ctypes.c_double(value)) if big_endian else ctypes.c_double(value)), ctypes.sizeof(buffer), None)):
|
|
736
736
|
raise Exception("NtWriteVirtualMemory failed with status: 0x%s" % hex(result)[2:].upper())
|
|
737
737
|
|
|
738
738
|
def write_bytes(self, address: int, value: bytes, big_endian: bool = False) -> None:
|
|
File without changes
|
|
File without changes
|
|
File without changes
|