Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <Windows.h>
- #include <iostream>
- // Function to scan the process's memory for a specific pattern with a mask
- void ScanMemoryWithMask(HANDLE processHandle, uintptr_t startAddress, const char* pattern, const char* mask) {
- MEMORY_BASIC_INFORMATION memInfo;
- SIZE_T bytesRead;
- char buffer[1024];
- while (VirtualQueryEx(processHandle, reinterpret_cast<LPCVOID>(startAddress), &memInfo, sizeof(memInfo))) {
- if (memInfo.State == MEM_COMMIT && (memInfo.Protect == PAGE_READWRITE || memInfo.Protect == PAGE_EXECUTE_READWRITE)) {
- ReadProcessMemory(processHandle, memInfo.BaseAddress, buffer, memInfo.RegionSize, &bytesRead);
- for (SIZE_T i = 0; i < bytesRead; i++) {
- bool found = true;
- for (SIZE_T j = 0; mask[j]; j++) {
- if (mask[j] != '?' && pattern[j] != buffer[i + j]) {
- found = false;
- break;
- }
- }
- if (found) {
- uintptr_t address = reinterpret_cast<uintptr_t>(memInfo.BaseAddress) + i;
- std::cout << "Found pattern at address: 0x" << std::hex << address << std::endl;
- // You can do further processing with the found address here
- }
- }
- }
- startAddress += memInfo.RegionSize;
- }
- }
- int main() {
- // Adjust these values according to your needs
- const int targetProcessId = YOUR_TARGET_PROCESS_ID;
- const char* pattern = "your_pattern_here";
- const char* mask = "your_mask_here";
- HANDLE processHandle = OpenProcess(PROCESS_VM_READ, FALSE, targetProcessId);
- if (processHandle == NULL) {
- std::cout << "Failed to open the process." << std::endl;
- return 1;
- }
- // Call the function to scan the process's memory with the provided pattern and mask
- ScanMemoryWithMask(processHandle, 0, pattern, mask);
- CloseHandle(processHandle);
- return 0;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
