Skip to content

The APIdocs for all the functions

Unlike other APIdocs, the implementations are not in this file but here.

openProcess

Signature:

process_t openProcess(pid_t pid);

Implementation

Comments:

Used to get a process_t type by checking if the pid exists

readMemoryByLength

Signature:

ssize_t readMemoryByLength(
    process_t process,
    uint64_t startAddress,
    uint64_t lengthToRead,
    void* buffer
    );

Implementation

Comments:

Reads <lengthToRead> bytes of memory starting at address <startAddress> from the process id <process> and stores it in <buffer>

readMemoryByStartAndEnd

Signature:

ssize_t readMemoryByStartAndEnd(
    process_t process,
    uint64_t startAddress,
    uint64_t endAddress,
    void* buffer
    );

Implementation

Comments:

Reads memory starting at address <startAddress> and ending at address <endAddress> from the process id <process> and stores it in <buffer>

writeMemory

Signature:

ssize_t writeMemory(
    process_t process,
    uint64_t startAddress,
    void* buffer,
    uint64_t bufferLength
    );

Implementation

Comments:

Writes memory into process id <process> starting at address <startAddress> from <buffer> of length <bufferLength>

fillMemoryWithByteByLength

Signature:

ssize_t fillMemoryWithByteByLength(
    process_t process,
    uint64_t startAddress,
    uint64_t lengthToWrite,
    unsigned char byteToFill
    );

Implementation

Comments:

Memset for other processes

Sets memory in process <process> starting at address <startAddress> going for <lengthToWrite> bytes to <byteToFill>

fillMemoryWithByteByStartAndEnd

Signature:

ssize_t fillMemoryWithByteByStartAndEnd(
    process_t process,
    uint64_t startAddress,
    uint64_t endAddress,
    unsigned char byteToFill
    );

Implementation

Comments:

Like fillMemoryWithByteByLength but 2 clock cycles slower :)

Sets memory in process <process> starting at address <startAddress> going to address <endAddress> bytes to <byteToFill>

searchForMemory

Signature:

uint64_t searchForMemory(
    process_t process,
    const void* needle,
    uint64_t needleLength,
    uint64_t startAddress,
    uint64_t endAddress
    );

Implementation

Comments:

Finds needle <needle> of length <needleLength> in process <process> memory starting at <startAddress> and ending at address <endAddress>

getProcessMaps

Signature:

struct ProcessMaps* getProcessMaps(const process_t process);

Implementation

Comments:

Gets the memory maps of process <process> and returns a ProcessMaps struct

freeMap

Signature:

void freeMap(struct ProcessMaps *map);

Implementation

Comments:

Frees ProcessMaps <map>