Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Write Multiple Bytes To Memory [delphi]

Departure
Departure
in Programming and Coding

Featured Replies

Posted

Hey people I just need a little help from someone with some delphi experiance, Im new to delphi coming over from Vb6 and I have no problem writting to memory in Vb6

But I want to do it in delphi, I have used something similar that I would have used in vb6. But I would like to know how I would write multiple bytes to a single address

implementation
   const
	 Address1=$0054B28B;  //These will be the address's im going to write to
	 Address2=$0054B297;
	 Address3=$0054B29C;
{$R *.dfm}procedure TForm1.Button1Click(Sender: TObject);
  var
  Path : string;
  StartInfo  : TStartupInfo;
  ProcInfo   : TProcessInformation;
  CreateOK   : Boolean;
  Write: Cardinal;
  NumberOfBytes : Cardinal;
  BytesToWrite :  Byte;   // Im not sure if I declared the correct variable, Proberly need to put it into an array??????
begin
  Path :='C:\\Program Files\\My Program\\MyProgram.exe';
	  { fill with known state }
  FillChar(StartInfo,SizeOf(TStartupInfo),#0);
  FillChar(ProcInfo,SizeOf(TProcessInformation),#0);
  StartInfo.cb := SizeOf(TStartupInfo);  CreateOK := CreateProcess(PChar(Path),nil, nil, nil,False,CREATE_SUSPENDED,nil, nil, StartInfo, ProcInfo);   //check to see if successful
   if CreateOK then
  begin
   NumberOfBytes := 2;   //No problem writing 1 byte "08" or "EB" but I want to write both bytes to adress Nr.1
   BytesToWrite := $08EB; 
  //If i was to change numberofbytes to = 1 and have BytesToWrite = $08 (single byte) it would work fine   WriteProcessMemory(ProcInfo.hProcess,ptr(Address1),BytesToWrite,NumberOfBytes,Write);
   ResumeThread(ProcInfo.hThread);
   CloseHandle(ProcInfo.hProcess);
  end;
end;
end.

Im thinnking I need to make byte array but then I just need to know how to implement the array, Writting 1 byte is no problems to the address but I need to write 2 or more bytes to a single address. Any help I would be very thankful

const 
 Patch_Memory_String1 : array[1..6] of byte = ($E9,$7B,$01,$00,$00,$90);....WriteProcessMemory(G_P,$0040000,@Patch_Memory_String1,length(Patch_Memory_String1),C);....

maybe this one can help u

Edited by IMPosTOR

  • Author

yes look like the exact thing I wanted to do, ill try it out, I did find a solution but your way looks better :o )

This is my way I found that seems to work also

implementation const
	 Address1=$0054B28B;
	 Address2=$0054B297;
	 Address3=$0054B29C;
	 Value1 = $08EB;
	 Value2 = $BB00;
	 Value3 = $90;
{$R *.dfm}procedure TForm1.Button1Click(Sender: TObject);
  var
  Path : string;
  StartInfo  : TStartupInfo;
  ProcInfo   : TProcessInformation;
  CreateOK   : Boolean;
  Write: Cardinal;
  NumberOfBytes : Cardinal;
  WriteByte :  Byte;
  buf: PChar;
begin
  Path :='C:\\Program Files\\My Program\\MyProgram.exe';
	  //Fill with state
  FillChar(StartInfo,SizeOf(TStartupInfo),#0);
  FillChar(ProcInfo,SizeOf(TProcessInformation),#0);
  StartInfo.cb := SizeOf(TStartupInfo);  CreateOK := CreateProcess(PChar(Path),nil, nil, nil,False,CREATE_SUSPENDED,nil, nil, StartInfo, ProcInfo);  //Checking
   if CreateOK then
  begin
   NumberOfBytes := 2;
   GetMem(buf, 2);
   buf^ := Chr(Value1);
   WriteProcessMemory(ProcInfo.hProcess,ptr(Address1),buf,NumberOfBytes,Write);
   FreeMem(buf);   NumberOfBytes := 2;
   GetMem(buf, 2);
   buf^ := Chr(Value2);
   WriteProcessMemory(ProcInfo.hProcess,ptr(Address2),buf,NumberOfBytes,Write);
   FreeMem(buf);   NumberOfBytes := 1;
   GetMem(buf, 1);
   buf^ := Chr(Value3);
   WriteProcessMemory(ProcInfo.hProcess,ptr(Address3),buf,NumberOfBytes,Write);
   FreeMem(buf);   ResumeThread(ProcInfo.hThread);
   CloseHandle(ProcInfo.hProcess);
  end;
end;end.

But after seeing your way it looks better implemented So im going to go and try it now

Edited by Departure

my src is small and u can replace my src

Edited by IMPosTOR

  • Author

Thanks IMPoster, I used your method and it works perfectly with a lot less code, I did'nt know i could use MyArray : array[1..8] of byte ($1b,$2b,$3b,$4b,$5b,$6b,$7b,$8b);

These are the small thing that make it alot easyer than with vb6, btw those arn'nt real bytes they are just example of how you told me...

Thanks again :o )

  • 1 month later...
Thanks IMPoster, I used your method and it works perfectly with a lot less code, I did'nt know i could use MyArray : array[1..8] of byte ($1b,$2b,$3b,$4b,$5b,$6b,$7b,$8b);

These are the small thing that make it alot easyer than with vb6, btw those arn'nt real bytes they are just example of how you told me...

Thanks again :o )

I know you already got your answer out, but i thought i'd be giving you another way.

ar: array[0..500] of char;

begin

str := 'I can replace Strings in Memory';

FillChar(ar, SizeOf(ar), 0);

Move(str[1], ar, Length(str));

Then just WriteProcessMemory using @ar

  • 10 years later...

I have a question a little similar to this. In ollydbg there's a command I see called Fill with nops where it fills an address with 90s . I was trying to implement that also in delphi. I know I can do a loop but not so sure how to do it

Any help? or a better approach?

make a buffer of the size required (or a fraction and do the write in a loop), fill it with 0x90, write x bytes from that to the process using WriteProcessMemory, hardly rocket science

Edited by evlncrn8

    • Like 2

    procedure WriteNOP(Address : DWORD; Size : Integer; hProcess : THandle);
    var
      i : Integer;
      nop : byte;
      bytesread : DWORD;
    begin
      nop = $90;
      for i := 0 to Size - 1 do
      begin
        WriteProcessMemory(hProcess, Pointer(Address), @nop, 1, bytesread);
        inc(Address);
      end;
    end;

     

    Here is small example. Maybe it helps

    Edited by GautamGreat

    • Like 2

    that is one horrible example.. writing one byte at the time... wow... that code should be taken out the back of the shed and shot

    • Haha 2

    Its a terrible way but it works :D

    On 2/22/2018 at 5:36 PM, evlncrn8 said:

    that is one horrible example.. writing one byte at the time... wow... that code should be taken out the back of the shed and shot

    Can you show us, how you can do it in a better way?

    Edited by idrcelab

    i already said, allocate a buffer of the size, fill it with nops, write it in one go...

    • Thanks 1

    procedure WriteNOP(Address : DWORD; Size : Integer; hProcess : THandle);
    var
      NopBytes : array of Bytes;
      bytesread : DWORD;
    begin
      SetLength(NopBytes, Size);
      FillMemory(@NopBytes[0], Size, $90);
      WriteProcessMemory(hProcess, Pointer(Address), @NopBytes, Size, bytesread); 
    end;

     

    something like this ?

    • Like 1

    something like that yep, i think you can already see how much better is than one byte at a time.. no ?

    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.