Memory hacking library for windows

Related tags

Memory management SarOum
Overview

SarOum

Memory hacking library for windows.

Instalation

# Latest version
[dependencies]
saroum = "0.5.0"

# Development version
[dependencies.faithe]
git = "https://github.com/sarawahibdev/SarOum"

Opening processes

use faithe::types::access_rights::PROCESS_ALL_ACCESS;
use faithe::process as ps;

let process = ps::Processes::new()?
    .find(|p| p.sz_exe_file == "Process name.exe")
    .unwrap()
    .open(false, PROCESS_ALL_ACCESS)?;

Modules iterating

let process = get_process();
process
    .modules()?
    .for_each(|m| dbg!(m));

Reading / Writing memory

let process = get_process();
let mut value = process.read_process_memory::<u32>(0xFF)?;
value += 100;

process.write_process_memory(0xFF, value)?;

Allocating / Freeing / Protecting / Querying memory

use saroum::types::protection_flags::{PAGE_EXECUTE_READWRITE, PAGE_READONLY};
use saroum::types::allocation_types::{MEM_COMMIT, MEM_RESERVE};
use saroum::types::free_types::MEM_RELEASE;

let process = get_process();
let mut chunk = process.virtual_allocate(
    0,
    1000,
    MEM_COMMIT | MEM_RESERVE,
    PAGE_EXECUTE_READWRITE
)?;
let info = process.virtual_query(chunk)?;

process.virtual_protect(chunk, 1000, PAGE_READONLY)?;
process.virtual_free(chunk, 0, MEM_RELEASE)?;

Searching for patterns

use saroum::pattern::Pattern;

let process = get_process();
let address = process.find_pattern(
    "Something.exe",
    // Available styles: IDA, Code, PiDB
    Pattern::from_ida_style("48 89 85 F0 00 00 00 4C 8B ? ? ? ? ? 48 8D")
)?;

Macros

i32 = 0; extern "C" fn set_health(new: i32) = 1; } } /* class CPlayer { virtual int get_health() = 0; virtual void set_health(int new_value) = 0; }; */ // Creates struct with explicitly defined offsets. xstruct! { // STRUCT HAS SIZE OF ZERO. struct Foo { 0x0 @ a: u32, 0x16 @ b: bool } // STRUCT HAS SIZE 20. struct Bar(20) { 0x0 @ a: u32, 0x16 @ b: bool } } // Creates a function with explicitly defined RVA relative to some module. function! { // Explicitly defined RVA offset relative to `01-hello` module. extern FUNC: extern "C" fn(a: i32) = "01-hello.exe"@0x1900; } FUNC.call(5);"> 
use saroum::{interface, xstruct};

// Creates a trait that will emulate behavior of virtual functions in C++.
struct CPlayer;
interface! {
    trait IEntity(CPlayer) {
        extern "C" fn get_health() -> i32 = 0;
        extern "C" fn set_health(new: i32) = 1;
    }
}
/*
class CPlayer {
    virtual int get_health() = 0;
    virtual void set_health(int new_value) = 0;
};
*/

// Creates struct with explicitly defined offsets.
xstruct! {
    // STRUCT HAS SIZE OF ZERO.
    struct Foo {
        0x0 @ a: u32,
        0x16 @ b: bool
    }

    // STRUCT HAS SIZE 20.
    struct Bar(20) {
        0x0 @ a: u32,
        0x16 @ b: bool
    }
}

// Creates a function with explicitly defined RVA relative to some module.
function! {
    // Explicitly defined RVA offset relative to `01-hello` module.
    extern FUNC: extern "C" fn(a: i32) = "01-hello.exe"@0x1900;
}
FUNC.call(5);

forthebadge forthebadge

You might also like...
Easy c̵̰͠r̵̛̠ö̴̪s̶̩̒s̵̭̀-t̶̲͝h̶̯̚r̵̺͐e̷̖̽ḁ̴̍d̶̖̔ ȓ̵͙ė̶͎ḟ̴͙e̸̖͛r̶̖͗ë̶̱́ṉ̵̒ĉ̷̥e̷͚̍ s̷̹͌h̷̲̉a̵̭͋r̷̫̊ḭ̵̊n̷̬͂g̵̦̃ f̶̻̊ơ̵̜ṟ̸̈́ R̵̞̋ù̵̺s̷̖̅ţ̸͗!̸̼͋

Rust S̵̓i̸̓n̵̉ I̴n̴f̶e̸r̵n̷a̴l mutability! Howdy, friendly Rust developer! Ever had a value get m̵̯̅ð̶͊v̴̮̾ê̴̼͘d away right under your nose just when

null 294 Dec 23, 2022
MimiRust - Hacking the Windows operating system to hand us the keys to the kingdom with Rust.
MimiRust - Hacking the Windows operating system to hand us the keys to the kingdom with Rust.

MimiRust - Hacking the Windows operating system to hand us the keys to the kingdom with Rust. MimiRust is a program based on the wdigest attack vector

Thotty 0 Nov 29, 2022
MimiRust - Hacking the Windows operating system to hand us the keys to the kingdom with Rust
MimiRust - Hacking the Windows operating system to hand us the keys to the kingdom with Rust

MimiRust - Hacking the Windows operating system to hand us the keys to the kingdom with Rust

null 160 Dec 29, 2022
🧪 The versatile and intuitive memory hacking framework.

🧪 hax 🤔 About hax is a Rust crate designed to make memory hacking, game hacking, cheat development, and any other low level memory based development

null 16 Dec 18, 2022
Use Git installed in Bash on Windows/Windows Subsystem for Linux (WSL) from Windows and Visual Studio Code (VSCode)

WSLGit This project provides a small executable that forwards all arguments to git running inside Bash on Windows/Windows Subsystem for Linux (WSL). T

A. R. S. 1.1k Jan 3, 2023
Shared memory - A Rust wrapper around native shared memory for Linux and Windows

shared_memory A crate that allows you to share memory between processes. This crate provides lightweight wrappers around shared memory APIs in an OS a

elast0ny 274 Dec 29, 2022
sblade or switchblade it's a multitool in one capable of doing simple analysis with any type of data, attempting to speed up ethical hacking activities

sblade or switchblade it's a multitool in one capable of doing simple analysis with any type of data, attempting to speed up ethical hacking activities

Gabriel Correia 1 Dec 27, 2022
A fresh FRAME-based Substrate node, ready for hacking

A substrate-based chain that runs in a single node, but simulates the existence of a large set of validators and nominators.

Kian Paimani 3 Aug 24, 2022
A fresh FRAME-based Substrate node, ready for hacking

Substrate Node Template A fresh FRAME-based Substrate node, ready for hacking 🚀 Getting Started Follow the steps below to get started with the Node T

Worlddev5007 13 Aug 26, 2022
Really useful hacking tools.
Really useful hacking tools.

A Remake of Hax in Rust™ - Port-scanner(Powered by nmap) ✅ - URL-Masker ✅ - Phisher(Powered by ZPhisher) ☑️ (WIP 🚧 ) For Linux Enthusiasts: You need

skyline 4 May 13, 2023
A fresh FRAME-based Substrate node, ready for hacking

Substrate Node Template A fresh FRAME-based Substrate node, ready for hacking 🚀 Getting Started Follow the steps below to get started with the Node T

Web 3 | Mobile | Blockchain Full Stack Engineer 6 Jun 23, 2023
A comprehensive and FREE Online Rust hacking tutorial utilizing the x64, ARM64 and ARM32 architectures going step-by-step into the world of reverse engineering Rust from scratch.
A comprehensive and FREE Online Rust hacking tutorial utilizing the x64, ARM64 and ARM32 architectures going step-by-step into the world of reverse engineering Rust from scratch.

FREE Reverse Engineering Self-Study Course HERE Hacking Rust A comprehensive and FREE Online Rust hacking tutorial utilizing the x64, ARM64 and ARM32

Kevin Thomas 98 Jun 21, 2023
Command line tool for hacking! 😬☠

rerup Command line tool for hacking! 😬 ☠ This program is a command-line tool for simulating URL brute-forcing. It utilizes an input file containing a

null 2 Jul 4, 2023
Send Windows 10 styled notifications on Windows 7.

win7-notifications Send Windows 10 styled notifications on Windows 7. Note: This crate requires a win32 event loop to be running, otherwise the notifi

Tauri 9 Aug 29, 2022
Windows-rs - Rust for Windows

Rust for Windows The windows crate lets you call any Windows API past, present, and future using code generated on the fly directly from the metadata

Microsoft 7.7k Dec 30, 2022
Switch windows of same app with alt + ` on windows pc.

Windows Switcher Switch windows of same app with alt + ` on windows pc. 250k single file executable downloaded from Github Release. No installation re

null 172 Dec 10, 2022
Check if the process is running inside Windows Subsystem for Linux (Bash on Windows)

is-wsl Check if the process is running inside Windows Subsystem for Linux (Bash on Windows) Inspired by sindresorhus/is-wsl and made for Rust lang. Ca

Sean Larkin 6 Jan 31, 2023
Use Thunk to build your Rust program that runs on old Windows platforms, support Windows XP and more!

Use Thunk to build your Rust program that runs on old platforms. Thunk uses VC-LTL5 and YY-Thunks to build programs that support old platforms. So, ho

null 6 May 21, 2023
Windows Capture Simple Screen Capture for Windows 🔥

Windows Capture   Windows Capture is a highly efficient Rust library that enables you to effortlessly capture the screen using the Graphics Capture AP

null 3 Sep 24, 2023
Releases(source)
Owner
Sara Wahib
senior cyber security engineer at @capgemini
Sara Wahib
GitHub
Cross-platform library for reading/writing memory in other processes for Rust

vmemory Rust library for reading/writing memory in other processes for Windows, macOS, Linux, and in the future potentially, BSD variants. Rationale A

Jason Johnson 26 Nov 7, 2022
Rust library to interract with memory written in rust

memory-rs Rust library to interract with memory written in rust It comes with: Pattern scanner (Return address for a pattern given). A pattern example

Alex 1 Jan 13, 2022
bevy_datasize is a library for tracking memory usage in Bevy apps.

bevy_datasize bevy_datasize is a library for tracking memory usage in Bevy apps. bevy_datasize uses the DataSize trait from the datasize crate to esti

Ben Reeves 4 Mar 8, 2022
memory-mapped registers for x86_64 systems

regmap some well-known and known-to-be-good computer architectures, such as the Microchip PIC product line, or many of the AVR processor family, were

iximeow 31 Dec 6, 2022
MiniDump a process in memory with rust

safetydump Rust in-memory MiniDump implementation. Features ntdll!NtGetNextProcess to obtain a handle for the desired ProcessId as opposed to kernel32

null 26 Oct 11, 2022
In-memory, non stateful and session based code sharing application.

interviewer In-memory, non stateful and session based code sharing application. Test it here: interviewer.taras.lol Note: it's deployed to render auto

2pac 7 Aug 16, 2021
A cross-platform and safe Rust API to create and manage memory mappings in the virtual address space of the calling process.

mmap-rs A cross-platform and safe Rust API to create and manage memory mappings in the virtual address space of the calling process. This crate can be

S.J.R. van Schaik 19 Oct 23, 2022
A memory efficient syntax tree for language developers

This crate provides a tree structure which always is contiguously stored and manipulated in memory. It provides similar APIs as rowan and is intended to be an efficient replacement for it (read more below).

John-John Tedro 21 Dec 15, 2022
Compile-time checked Builder pattern derive macro with zero-memory overhead

Compile-time checked Builder pattern derive macro with zero-memory overhead This is very much a work-in-progress. PRs welcome to bring this to product

Esteban Kuber 214 Dec 29, 2022
Memory hacking library for windows

Memory hacking library for windows

Sara Wahib 4 Apr 11, 2022