Hooking Project

Github Page

Hooking Project

Functions for process memory manipulation

License
Boost License 1.0.
Authors
Denis Shelomovskij

struct  ProcessMemory;

This struct encapsulates process memory manipulation functionality.

static @property ProcessMemory  current();

Gets a ProcessMemory with associated with  current processes.

this(HANDLE processHandle);

Construct a ProcessMemory from a processHandle.

const pure nothrow @property @safe bool  associated();

Returns whether this is associated with a process handle. It is asserted that no member functions are called for an unassociated ProcessMemory struct.

Example:
	assert(ProcessMemory.current.associated);
	assert(!ProcessMemory.init.associated);
	auto h = ProcessMemory.init.processHandle; // assert violation

@property HANDLE  processHandle();

Gets the handle of the associated process.

DWORD  changeProtection(RemoteAddress address, size_t size, DWORD newProtection);

Set access protection of the specified memory region to newProtection. Returns previous protection of the first page in the specified region.

Preconditions:
newProtection is a valid memory protection.

void  read(RemoteAddress baseAddress, void[] buff);

Reads buff.length bytes of memory starting with baseAddress into buff.

Preconditions:
buff isn't empty.
Throws
Exception if requested memory region isn't available for reading.
Example:
	uint[1] buff;

	uint a = 7;
	current.read(cast(RemoteAddress) &a, buff);
	assert(buff[0] == 7);

	import std.exception: assertThrown;
	assertThrown(ProcessMemory.current.read(0, buff));

T  get(T)(RemoteAddress baseAddress);

Reads T.sizeof bytes of memory starting with baseAddress and returns it as T.

Throws
Exception if requested memory region isn't available for reading.
Example:
	uint a = 7;
	assert(current.get!uint(cast(RemoteAddress) &a) == 7);
	assert(current.get!(char[2])(cast(RemoteAddress) "ab".ptr) == "ab");

	import std.exception: assertThrown;
	assertThrown(current.get!ubyte(0));

void  write(RemoteAddress baseAddress, in void[] buff, bool flushInstructionCache = false);

Writes T.sizeof bytes of memory starting with baseAddress and returns it as T.

Preconditions:
buff isn't empty.
Throws
Exception if requested memory region isn't available for writing.
Example:
	uint[3] a = [7, 8, 9];
	current.write(cast(RemoteAddress) &a[1], [10]);
	assert(a == [7, 10, 9]);

	import std.exception: assertThrown;
	assertThrown(current.write(0, [0]));