Qing-Jie Zhou > Win32-Process-Memory-0.20 > Win32::Process::Memory

Download:
Win32-Process-Memory-0.20.tar.gz

Dependencies

Annotate this POD

View/Report Bugs
Module Version: 0.20   Source  

NAME ^

Win32::Process::Memory - read and write memory of other windows process

SYNOPSIS ^

  # open process
  my $proc = Win32::Process::Memory->new({ name=>'cmd.exe' });

  # do debug
  printf "\nTotal Memory = 0x%X\n", $proc->get_memtotal;
  print "\nMemory block list:\n";
  my %memlist = $proc->get_memlist;
  printf "  %08X -> %08X : Len=0x%X\n", $_, $_+$memlist{$_}, $memlist{$_}
      foreach (sort {$a <=> $b} keys %memlist);
  print "\nContent of 0x10004 -> 0x10103\n";
  print $proc->hexdump(0x10004, 0x100);

  # search a sequence of unsigned int16
  print "\nFind a sequence of unsinged int16:\n";
  my @results = $proc->search_u16(92, 87, 105, 110, 51, 50);
  print $proc->hexdump($_, 0x32)."\n" foreach @results;

  # read and change value
  printf "\n0x%X [unsigned int16] : %d\n", 0x10004, $proc->get_u16(0x10004);
  printf "0x%X [unsigned int32] : %d\n", 0x10004, $proc->get_u32(0x10004);
  #$proc->set_u32(0x10004, 55); # BE CAREFUL, MAY DAMAGE YOUR SYSTEM

  # close process
  undef $proc;

DESCRIPTION ^

read and write memory of other windows process.

new
  $proc = Win32::Process::Memory->new({ pid=num, name=>str, access=>'read/write/query/all' });
  $proc = Win32::Process::Memory->new({ pid  => 1522 });
  $proc = Win32::Process::Memory->new({ name => 'cmd.exe' });
  $proc = Win32::Process::Memory->new({ pid  => 1522, access => 'read' });
get_memlist
  my %memlist = $proc->get_memlist;
  printf "  %08X -> %08X : Len=0x%X\n", $_, $_+$memlist{$_}, $memlist{$_}
      foreach (sort {$a <=> $b} keys %memlist);
get_memtotal
  printf "Commited Memory = %X Bytes\n", $proc->get_memtotal;
hexdump
  print $proc->hexdump($from, $len);
get
  $getbytes = $proc->get_buf($from, $len, $buf);
               # return 0 if failed
  $getvalue = $proc->get_pack($packtype, $packunit_len, $from, $undef_val);
               # return $undef_val if failed
  $getvalue = $proc->get_packs($packtype, $packunit_len, $from, $pack_nums, $undef_val);
  $getvalue = $proc->get_i8($from, $undef_val);
  $getvalue = $proc->get_u8($from, $undef_val);
  $getvalue = $proc->get_i16($from, $undef_val);
  $getvalue = $proc->get_u16($from, $undef_val);
  $getvalue = $proc->get_i32($from, $undef_val);
  $getvalue = $proc->get_u32($from, $undef_val);
  $getvalue = $proc->get_float($from, $undef_val);
  $getvalue = $proc->get_double($from, $undef_val);
set
  $setbytes = $proc->set_buf($from, $buf);
               # return 0 if failed
  $setbytes = $proc->set_pack($packtype, $from, ...);
  $setbytes = $proc->set_packs($packtype, $from, ...);
  $setbytes = $proc->set_i8($from, $undef_val);
  $setbytes = $proc->set_u8($from, $undef_val);
  $setbytes = $proc->set_i16($from, $undef_val);
  $setbytes = $proc->set_u16($from, $undef_val);
  $setbytes = $proc->set_i32($from, $undef_val);
  $setbytes = $proc->set_u32($from, $undef_val);
  $setbytes = $proc->set_float($from, $undef_val);
  $setbytes = $proc->set_double($from, $undef_val);
search
  Search all commited area of given process.
  $proc->search_sub($pattern, sub {...});
               # call sub when founded, $_[0] is the starting address of match
  @results = $proc->search_string($pattern);
               # return starting addresses of every match as an array
  %hash    = $proc->search_string_hash($patttern);
               # return hash, which key is $1 of match, and which value is starting address
  @results = $proc->search_pack($packtype, ...);
               # ... is the arguments of pack function
  @results = $proc->search_packs($packtype, ...);
               # ... is a list of 1 arguments of pack function
  @results = $proc->search_i8(48);
  @results = $proc->search_u8(48, 56, ...);
  @results = $proc->search_i16(48, 56, ...);
  @results = $proc->search_u16(48, 56, ...);
  @results = $proc->search_i32(48, 56, ...);
  @results = $proc->search_u32(48, 56, ...);
  @results = $proc->search_float(48, 56, ...);
  @results = $proc->search_double(48, 56, ...);
search_range
  Search a specific range ($from, $len). The caller should ensure that the range is valid.
  $proc->search_range_sub($from, $len, $pattern, sub {...});
               # call sub when founded, $_[0] is the start address of match
  @results = $proc->search_range_string($from, $len, $pattern);
               # return starting addresses of every match as an array
  %hash    = $proc->search_range_string_hash($from, $len, $patttern);
               # return hash, which key is $1 of match, and which value is starting address
  @results = $proc->search_range_pack($packtype, ...);
               # ... is the arguments of pack function
  @results = $proc->search_range_packs($packtype, ...);
               # ... is a list of 1 arguments of pack function
  @results = $proc->search_range_i8(48);
  @results = $proc->search_range_u8(48, 56, ...);
  @results = $proc->search_range_i16(48, 56, ...);
  @results = $proc->search_range_u16(48, 56, ...);
  @results = $proc->search_range_i32(48, 56, ...);
  @results = $proc->search_range_u32(48, 56, ...);
  @results = $proc->search_range_float(48, 56, ...);
  @results = $proc->search_range_double(48, 56, ...);

BUGS, REQUESTS, COMMENTS ^

Please report any requests, suggestions or bugs via http://rt.cpan.org/NoAuth/ReportBug.html?Dist=Win32-Process-Memory

COPYRIGHT AND LICENSE ^

Copyright 2004 Qing-Jie Zhou <qjzhou@hotmail.com>

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

syntax highlighting: