Fastest Way to Read Process Memory C#

13th June 2018, 08:28 AM

I see this way too often, people using ReadProcessMemory wrong. People get used to bad C# methods, and never fix their inefficient ways.

Apologies for the depression sound.

The thought is, since you've already spent all that time in reclass, and yous're certainly non pasting, you might too utilize the internal-intended lawmaking generation tool. Simply alter every pointer to a DWORD_PTR, and read it with ReadProcessMemory.

C++:

template <class C> C read(DWORD_PTR(Address)) { 	C c; 	ReadProcessMemory(hProcess, reinterpret_cast<LPCVOID>(Address), &c, sizeof(c), nullptr); 	render c; }

Don't go using some stupid-ass class for readprocessmemory in C++, this is the most fancy matter you'll need.

BTW, I came up with this for reading Char*'s

C++:

#pragma warning(disable:4996) std::wstring readpChar(DWORD64 accost) { 		endeavour { 			if (address != 0) { 				const size_t namesize = 500; 				char x[namesize]; 				ReadProcessMemory(this->hProcess, reinterpret_cast<LPCVOID>(address), &ten, namesize, nullptr); 				std::wstring tmpname = std::wstring(&x[0], &10[namesize]); 				wchar_t* czech = wcstok(&tmpname[0], L"\0"); 				if (czech != nullptr) return czech; 			} 		} 		catch (const std::exception &exc) {} 		render std::wstring(L"\0"); 	}

It'd be squeamish to have something tho that doesn't crave you to disable a warning

13th June 2018, 09:52 AM

Tbh, not really a fan of your method of reading char*. At that place's some cases where what you might exist reading is actually \0.

I've washed real quick. Basically information technology returns the number of characters read. If the string has more than 1024 characters it will perform twice the RPM(might be faster than realloc'ng).
Those c++ constructs don't actually help, imo they make code harder to read.

C++:

uint32 readpChar(DWORD64 accost, char **res){          static char buffer[1024];         if(!address)                 return 0;          bool hasRead = false;         uint32 totalBytes = 0;          while(!hasRead){                  RPM(process, address+totalBytes, buffer, 1024, nullptr);                 for(uint32 i = 0; i<1024; i++){                         if(!isPrintableChar(buffer[i]))                                 interruption;                          totalBytes++;                 }          }          if(!totalBytes)                 render 0;          *res = malloc(totalBytes);         if(!res)                 return 0;          uint32 bytesToWrite = totalBytes;          if(bytesToWrite <= 1024){                 memcpy(*res, buffer, bytesToWrite);                 return totalBytes;         }          while(bytesToWrite){                  uint32 write = (bytesToWrite >= 1024) ? 1024 : 1024 - bytesToWrite;                 RPM(process, address+totalBytes-bytesToWrite, buffer, write, nullptr);                 memcpy(*res, buffer, write);                  bytesToWrite -= write;         }          return totalBytes; }

EDIT: Just noticed the last loop can be optimized to 2N-1 RPMs, by writting from the end to the start.

13th June 2018, 10:37 AM

No just no. Like what the fuck. It's not that hard to read a c string isn't it?

C++:

template<course CharT = char> std::basic_string<CharT> read_chars(std::uintptr_t address, std::size_t max_length = 256) {     std::basic_string<Nautical chart> str(max_length, Chart());     // I'll assume this throws on failed read.     // If y'all are using c++17 you lot can call str.information() instead of &str[0]     read(accost, &str[0], sizeof(CharT) * max_length);     // get the position of zero terminator     auto information technology = str.notice(CharT());     // don't want to waste an allocation and volition render the existing cord to be reused     if(information technology == str.npos)         str.articulate();     else         str.resize(it);      return str; }

Quote:

Originally Posted by krystalgamer View Post

Those c++ constructs don't really help, imo they make code harder to read.

Coltonons code wasn't the all-time only at least was readable and didn't actually take whatsoever bugs. On the other mitt you literally turned a few lines of simple code to a buggy mess.

Your first loop alone is already cleaved. Y'all don't check what rpm returns and have a possibly space loop because of that. The buffer is as well static which means you can't use this with multiple threads.

Next yous dereference res and use fucking malloc. And then y'all check if res is not null which will get optimized out because the beginning dereference would cause crash otherwise so continue to non check if malloc returned null.

Actually thought that this is just some bad C code until I noticed the nullptr.

13th June 2018, 10:54 AM

Quote:

Originally Posted by MagicM8 View Post

On the other hand you literally turned a few lines of simple code to a buggy mess.

Weird, unremarkably when I write code in notepad and don't even compile it is perfect.

Quote:

Originally Posted by MagicM8 View Post

Your starting time loop solitary is already broken. You lot don't check what rpm returns and have a maybe space loop because of that.

Geez, I guess forgot to write a quick cheque on a 5 minute snippet.

Quote:

Originally Posted by MagicM8 View Post

The buffer is besides static which means you can't use this with multiple threads.

Y'all're right. Didn't had that in mind. Usually write my externals has a big read and then process data.

Quote:

Originally Posted past MagicM8 View Post

Side by side you dereference res and use fucking malloc. And so y'all check if res is not cipher which will get optimized out considering the first dereference would cause crash otherwise and then keep to not check if malloc returned null.

Note that res is arrow to a pointer?
Also you're correct in checking res, information technology should've been if(!*res).

Quote:

Originally Posted by MagicM8 View Post

Really thought that this is only some bad C code until I noticed the nullptr.

It is C code, just wrote nullptr, due to being lazy.

13th June 2018, 12:24 PM

Quote:

Originally Posted by krystalgamer View Post

Weird, usually when I write code in notepad and don't fifty-fifty compile it is perfect.

I wrote my code in the UC reply box, does that arrive fine for it to be broken?
You likewise missed the whole bespeak. The code that contonon and I wrote are around x lines of unproblematic C++ that are easy to read and whose logic is extremely simple. Your code is 30 lines of C with a much more than complicated logic that you cannot empathize at a glance and a lot of mistake handling that you tin can miss.

13th June 2018, 04:53 PM

Quote:

Originally Posted by MagicM8 View Post

I wrote my code in the UC answer box, does that make information technology fine for it to be broken?

Yes, it does.

Quote:

Originally Posted by MagicM8 View Post

You also missed the whole point. The lawmaking that contonon and I wrote are effectually 10 lines of simple C++ that are easy to read and whose logic is extremely simple (...) Your code is 30 lines of C

I don't know why you're and then mad. The and so called "master signal" is just a line, the residual of your postal service was nitpicking a poorly written C snippet.

Y'all missed that res is a pointer of a pointer, and so that whole talk about crash and malloc doesn't make sense.

What i discover more amusing is that your code has the same RPM/read flaw every bit mine.

Quote:

Originally Posted by MagicM8 View Post

with a much more complicated logic that you cannot empathise at a glance

Much more complicated?
Reading an array of chars and neither of you lot check if you're reading valid characters(+2 if statement and while loop)
Both of you are limited to a number of characters to read, mine allows as many as the memory can handle(+ane while statement)
Since I'm using C i'1000 using malloc, but new would've sufficed too(+ane null bank check, which is trivial when working with C)
If the local buffer tin't concur all the characters then information technology goes on a loop(+ii, if statement and while loop).

Existence this said it's normal I take more lines.

Quote:

Originally Posted by MagicM8 View Post

a lot of error treatment that you lot tin miss.

Oh, please tell me more.

13th June 2018, 09:33 PM

Quote:

Originally Posted by krystalgamer View Post

I don't know why you're and so mad.

Mad would be the wrong word. Disappointed would fit better.

Quote:

Originally Posted by krystalgamer View Post

Y'all missed that res is a pointer of a pointer, so that whole talk well-nigh crash and malloc doesn't brand sense.

It doesn't make sense to me how you managed to come to such a conclusion either.

Quote:

Originally Posted by krystalgamer View Post

What i find more amusing is that your code has the same RPM/read flaw as mine.

What flaw? No error checking? Annotate above notes that I presume the read throws on failure.

Quote:

Originally Posted by krystalgamer View Post

Much more complicated?

11 command flow statements (if we add together all the missing mistake handling) versus 1/2 (depends on whether you lot count the else which you lot can get rid of easily). I'd say a difference by a whole order of magnitude can exist called "much more".

Quote:

Originally Posted by krystalgamer View Post

Reading an array of chars and neither of yous check if you're reading valid characters (+2 if statement and while loop)

If your lawmaking reads reads unprintable garbage you already have a problem somewhere. It also isn't +2 if statements and a while loop.

C++:

template<class CharT = char> std::basic_string<CharT> read_chars(std::uintptr_t address, std::size_t max_length = 256) {     std::basic_string<Chart> str(max_length, Chart());     read(address, &str[0], sizeof(CharT) * max_length);     auto it = str.notice(CharT());     // the only changed line. As y'all tin can see no while loop or ii ifs     if(it == str.npos || !std::all_of(str.begin(), str.begin() + it, isprint))         str.articulate();     else         str.resize(information technology);       render str; }

Quote:

Originally Posted by krystalgamer View Post

Both of you are limited to a number of characters to read, mine allows equally many as the retentivity can handle
...

Sure. Would demand a few while loops as well, however the c++ code would still be more than expressive and a bit shorter.

Quote:

Originally Posted past krystalgamer View Post

Oh, please tell me more than.

Non sure what practice you expect me to reply with. Your "quick 5 minute code" has 3 error checks missing?

13th June 2018, x:53 PM

Quote:

Originally Posted by MagicM8 View Post

Mad would be the wrong give-and-take. Disappointed would fit better.

Geez, dad. I promise I won't go benched anymore.

Quote:

Originally Posted by MagicM8 View Post

It doesn't make sense to me how yous managed to come to such a conclusion either.

"Adjacent you dereference res and use fucking malloc." <- I'm dereferencing a pointer to a arrow and at that place's nothing wrong with malloc.
"the first dereference would cause crash" <- no it wouldn't, res is non cipher.

Quote:

Originally Posted by MagicM8 View Post

Comment higher up notes that I assume the read throws on failure.

Then what? RPM could've as well been a macro. That comment was but retarded.

Quote:

Originally Posted by MagicM8 View Post

11 control flow statements (if we add all the missing error treatment) versus 1/2 (depends on whether you count the else which you can become rid of hands). I'd say a difference by a whole order of magnitude tin be called "much more".

I don't know if you realized but that'due south C not C++. Deplorable for non using the large bois C++ data types.

Quote:

Originally Posted by MagicM8 View Post

If your code reads reads unprintable garbage you already take a problem somewhere. It also isn't +2 if statements and a while loop.

So you want to read a char assortment from memory but know the length earlier paw? Mine doesn't know the length and calculates information technology, is it actually hard to understand? Coltonon's code does the aforementioned but with find().

Quote:

Originally Posted by MagicM8 View Post

~ insert large boi code ~

wow, amazing.

Quote:

Originally Posted by MagicM8 View Post

Certain. Would demand a few while loops too, all the same the c++ code would nonetheless be more expressive and a bit shorter.

Pssst, here's a underground. Mine is C not C++.
"But you used nullptr... Bwaaaaaaaaa", sorry dad for letting it slip.
Y'all're reading a char array so I render one, I dislike the version with C++ strings, deal with information technology. Not forcing information technology on anyone, just provided an alternative.

Quote:

Originally Posted by MagicM8 View Post

Not certain what do you expect me to reply with. Your "quick v infinitesimal code" has 3 error checks missing?

Oh, no! A slice of code meant to be taken equally an idea just to share my point of view on the thing has errors?!

Being this said I'll end this pissing contest right here.

14th June 2018, 10:18 AM

Quote:

Originally Posted by krystalgamer View Post

Beingness this said I'll terminate this pissing contest right hither.

If that's that for you, nosotros tin can end this. However I will first come back to the pointer part that you seem to accept been unable to translate correctly for the past 3 replies.

Quote:

Originally Posted by krystalgamer View Post

"Next you dereference res and utilize fucking malloc." <- I'grand dereferencing a pointer to a pointer and there's nothing wrong with malloc.

In first reply I was under assumption you used c++ so the "fucking malloc" office doesn't apply anymore and I'm not sure how logical would this be if it were a simple pointer to char. Casting a void* to char implicitly?

Quote:

Originally Posted by krystalgamer View Post

"the commencement dereference would cause crash" <- no it wouldn't, res is not cypher.

That's a really nice example of taking words out of context. Lets look at the actual judgement.

Quote:

Originally Posted by MagicM8 View Post

And then you bank check if res is non null which will become optimized out because the first dereference would crusade crash otherwise then continue to non check if malloc returned null.

Let me rephrase this more clearly so y'all can sympathize:
if res is zero and yous dereference it yous crash. Because the check if res is null is only after the dereference it will get optimized out. The next part about not checking what malloc returned would be nonsense too if it were a simple char*.

16th June 2018, 04:02 AM

Quote:

Originally Posted by Soreeros View Post

Have you lot lost your domestic dog or something?

Who was that directed to..?

16th June 2018, 04:50 AM

Quote:

Originally Posted by coltonon View Post

Who was that directed to..?

I don't know,maybe both of them have lost something of import in their life recently.

lol shit joke aside squeamish release btw
The video is easy to follow.
+rep

Similar Threads
Thread	Thread Starter	Forum	Replies	Final Post
[Question] Pointer usage	deve	C and C++	22	20th Nov 2011 07:50 PM
[Question] Miniumum data usage	General 747	Battlefield Heroes	20	7th October 2010 05:58 AM
[Release] Best AIMBOT Unproblematic Usage	Decimated	Call of Duty six: Modern Warfare 2	2	fifth March 2010 04:00 AM
BatchFile Usage (Speed Modern, etc)	UberMOUSE	America's Army Operations 2.x	38	12th January 2005 07:05 AM
lsass.exe taking up mem usage	[n0th1ng]	PC Software	15	9th June 2004 09:27 AM

Garner Gint1999

Fastest Way to Read Process Memory C#

Enviar um comentário for "Fastest Way to Read Process Memory C#"