The MemoryTool is a C++ tool that provides functionality for reading and writing memory in a target process. It allows you to search for specific values in memory, modify memory addresses, freeze and unfreeze memory values, and perform various system-related operations. This documentation provides an overview of the tool's functionality, along with code snippets to demonstrate how to use each feature.
I don't know who initially wrote this memory tool. I have put in a lot of effort to correct non-working functions, fix errors, optimize the code, add proper documentation, and implement proper object-oriented programming structures to ensure the smooth running of the script. I have also added new functions.
Please note that this tool only works for rooted devices as the non-rooted (virtual environment) functionality has not been implemented yet.
If you encounter any non-working functions, please open an issue and report it.
- Date : 2023/06/02
- Author : Abdul Moez
- Version : 0.1 (Bug Fixed version)
- Study : UnderGraduate in GCU Lahore, Pakistan
- Repository : https://github.com/Anonym0usWork1221/C-Android-Memory-Tool
- Documentation: Starts From Below
main.cpp
is the sample file to run the MemoryTool
The sample code provided demonstrates the usage of the memory tool. Let's go through it step by step:
#include <iostream>
#include "MemoryTools.h"
int main(int arc, char argv[]) {
/* 1. Package Name of the game
2. ROOT_MODE (tells you are using rooted device (not reooted device not implimented yet))
*/
char game_package[] = "com.tencent.ig";
MemoryTool memory_tool;
memory_tool.initXMemoryTools(game_package, MODE_ROOT);
The code includes necessary headers and initializes the memory tool by calling initXMemoryTools(). It takes two parameters: the process name (in this case, "com.tencent.ig") and the mode ("MODE_ROOT" for rooted devices).
memory_tool.SetSearchRange(ALL);
The SetSearchRange() function sets the search range for memory operations. In this case, it is set to "ALL," which means searching in all memory ranges.
memory_tool.MemorySearch("1", TYPE_BYTE);
The MemorySearch() function is used to search for a specific value in memory. In this example, it searches for the value "1" of type TYPE_BYTE.
memory_tool.MemoryOffset("2", 2, /*offset*/ TYPE_BYTE);
The MemoryOffset() function is used to search for a specific value at an offset from a base address. It searches for the value "2" of type TYPE_BYTE with an offset of 2.
memory_tool.MemoryWrite("0", 2, /*offset*/ TYPE_BYTE);
The MemoryWrite() function is used to write a value to a specific memory address. In this example, it writes the value "0" of type TYPE_BYTE with an offset of 2.
memory_tool.ClearResults();
The ClearResults() function clears the linked list of results and frees up memory.
return 0;
}
The program ends and returns 0.
- Data Structures
- Initialization
- Reading Memory
- Searching Memory
- Writing Memory
- Freezing Memory
- System Operations
- Utility Functions
The MemoryTool tool uses the following data structures:
struct MAPS {
long int addr;
long int taddr;
int type;
struct MAPS *next;
};
- addr: The memory address.
- taddr: The target address.
- type: The type of memory.
- next: Pointer to the next MAPS structure.
struct RESULT {
long int addr;
struct RESULT *next;
};
- addr: The memory address.
- next: Pointer to the next RESULT structure.
struct FREEZE {
long int addr; // address
char *value; // value
int type; // type
struct FREEZE *next; // pointer to the next node
};
- addr: The memory address.
- value: The value at the memory address.
- type: The type of memory.
- next: Pointer to the next FREEZE structure.
To use the MemoryTool, you need to create an instance of the MemoryTool class. Here's how to initialize the tool:
MemoryTool memTool;
The MemoryTool provides functions to read memory from the target process. The following functions are available:
PMAPS readmaps(int pid);
- pid: The process ID of the target process.
- Returns a linked list of MAPS structures containing information about the memory mappings in the target process.
PMAPS readmaps_all();
- Returns a linked list of MAPS structures for all memory mappings in the target process.
PMAPS readmaps_bad();
PMAPS readmaps_c_alloc();
PMAPS readmaps_c_bss();
PMAPS readmaps_c_data();
PMAPS readmaps_c_heap();
PMAPS readmaps_java_heap();
PMAPS readmaps_a_anonmyous();
PMAPS readmaps_code_system();
PMAPS readmaps_stack();
PMAPS readmaps_ashmem();
- Returns a linked list of MAPS structures for specific memory mappings in the target process. Each function corresponds to a specific memory range or type.
The MemoryTool allows you to search for specific values in the memory of the target process. You can search for values within a specific range or across the entire memory. The following functions are available for memory search:
void BaseAddressSearch(char* value, int type, long int address);
- value: The value to search for.
- type: The type of memory to search for (see type enum for options).
- address: The base address to start the search from.
void RangeMemorySearch(char* value, char* range, int type);
- value: The value to search for.
- range: The memory range to search in (see Range enum for options).
- type: The type of memory to search for (see type enum for options).
void MemorySearch(char* value, int type);
- value: The value to search for.
- type: The type of memory to search for (see type enum for options).
void MemoryOffset(char* value, long int offset, int type);
- value: The value to search for.
- offset: The offset from the base address to search.
- type: The type of memory to search for (see type enum for options).
void RangeMemoryOffset(char* value, char* range, long int offset, int type);
- value: The value to search for.
- range: The memory range to search in (see Range enum for options).
- offset: The offset from the base address to search.
- type: The type of memory to search for (see type enum for options).
The MemoryTool allows you to write values to memory addresses in the target process. The following functions are available for memory write:
void MemoryWrite(char* value, long int address, int type);
- value: The value to write to memory.
- address: The memory address to write the value to.
- type: The type of memory to write to (see type enum for options).
int WriteAddress(long int address, char* value, int type);
- address: The memory address to write the value to.
- value: The value to write to memory.
- type: The type of memory to write to (see type enum for options).
- Returns 1 if the write operation is successful, 0 otherwise.
The MemoryTool allows you to freeze and unfreeze memory values in the target process. The freezing feature allows you to keep a memory value constant while the target process is running. The following functions are available for freezing memory:
int StartFreeze();
- Starts the freezing process.
int StopFreeze();
- Stops the freezing process.
int SetFreezeDelay(long int delay);
- delay: The delay in microseconds between each freeze operation.
- Sets the delay between each freeze operation.
int AddFreezeItem(long int address, char* value, int type, long int offset = 0);
- address: The memory address to freeze.
- value: The value to freeze.
- type: The type of memory to freeze (see type enum for options).
- offset: The offset from the base address to freeze (optional, default is 0).
- Adds a memory address and its frozen value to the freeze list.
int RemoveFreezeItem(long int address);
- address: The memory address to remove from the freeze list.
- Removes a memory address from the freeze list.
int RemoveFreezeItem_All();
- Removes all memory addresses from the freeze list.
int PrintFreezeItems();
- Prints the current freeze list.
The MemoryTool allows you to retrieve the values from memory addresses in the target process. The following functions are available for getting memory values:
char* GetAddressValue(ADDRESS address, int type);
- address: The memory address to retrieve the value from.
- type: The type of memory value to retrieve (see type enum for options).
- Returns a character pointer containing the retrieved memory value.
DWORD GetAddressValue_DWORD(ADDRESS address);
- address: The memory address to retrieve the DWORD value from.
- Returns the retrieved DWORD value.
FLOAT GetAddressValue_FLOAT(ADDRESS address);
- address: The memory address to retrieve the FLOAT value from.
- Returns the retrieved FLOAT value.
DOUBLE GetAddressValue_DOUBLE(ADDRESS address);
- address: The memory address to retrieve the DOUBLE value from.
- Returns the retrieved DOUBLE value.
WORD GetAddressValue_WORD(ADDRESS address);
- address: The memory address to retrieve the WORD value from.
- Returns the retrieved WORD value.
BYTE GetAddressValue_BYTE(ADDRESS address);
- address: The memory address to retrieve the BYTE value from.
- Returns the retrieved BYTE value.
QWORD GetAddressValue_QWORD(ADDRESS address);
- address: The memory address to retrieve the QWORD value from.
- Returns the retrieved QWORD value.
The MemoryTool provides additional miscellaneous functions for interacting with the target process:
int GetResultCount();
- Returns the number of search results found.
void PrintResults();
- Prints the contents of the search results.
void ClearResults();
- Clears the search results and frees up memory.
void ClearMaps(PMAPS maps);
- maps: The pointer to the maps data structure to be cleared.
- Clears the maps data structure and frees up memory.
PMAPS GetResults();
- Returns the pointer to the head of the search results.
int getPID(char package[64]);
- package: The package name of the target process.
- Returns the process ID (PID) of the target process.
char GetProcessState(char* package);
- package: The package name of the target process.
- Returns the state of the target process.
int isapkinstalled(char* package);
- package: The package name of the app.
- Checks if the specified app is installed.
int isapkrunning(char* package);
- package: The package name of the app.
- Checks if the specified app is running.
int killprocess(char* package);
- package: The package name of the process to kill.
- Kills the specified process.
If you need assistance, you can ask for help on my mailing list:
- Email : [email protected]
I also created a Discord group:
- Server : https://discord.gg/RMNcqzmt9f