• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 251
  • Last Modified:

vb to delphi allocatememory

I've never used virtualallocex before so I'm understanding how this should work.  Can somebody help translate this from vb?

'Allocates Memory, useful for code caves.
Public Function AllocateMemory(lngSize As Long) As Long
Dim hwnd, processHandle, processId As Long

    hwnd = FindWindow(vbNullString, CurrentProcess)
    If (hwnd = 0) Then Exit Function
   
    GetWindowThreadProcessId hwnd, processId
    processHandle = OpenProcess(PROCESS_ALL_ACCESS, False, processId)
    AllocateMemory = VirtualAllocEx(processHandle, 0, lngSize, MEM_COMMIT, PAGE_READWRITE)
    CloseHandle processHandle
End Function
0
Grant Fullen
Asked:
Grant Fullen
2 Solutions
 
MerijnBSr. Software EngineerCommented:

function AllocateMemory(lngSize: longint): longint;
var hwnd, processHandle, processID: longint;
begin
 hwnd := FindWindow(nil, CurrentProcess);
 if (hwnd = 0) then
  exit;
 
 GetWindowThreadProcessID(hwnd, processID);
 ProcessHandle := OpenProcess(PROCESS_ALL_ACCESS, false, processID);
 result := VirtualAllocEx(processhandle, 0, lngSize, MEM_COMMIT, PAGE_READWRITE);
 CloseHandle(processHandle);
end;

Open in new window

0
 
Grant FullenAuthor Commented:
Doesn't work.  I was looking and I'm sure the var types have to change.  All I want is to be able to allocate memory and return the address offset that it allocated.
0
 
Grant FullenAuthor Commented:
For example.

memoryOffset := AllocateMemory($FF)
0
[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

 
ThievingSixCommented:

function AllocateMemory(lngSize: Cardinal): Cardinal;
var
  Wnd,
  ProcessHandle,
  ProcessID : Integer;
begin
  Wnd := FindWindow(nil,CurrentProcess);
  GetWindowThreadProcessID(Wnd,ProcessID);
  //Just skip right to the ProcessID if it's for the 
  //calling process. Uncomment the below if needed.
  //ProcessID := GetCurrentProcessID;
  ProcessHandle := OpenProcess(PROCESS_ALL_ACCESS,False,ProcessID);
  If ProcessHandle > 0 Then
    begin
    Result := VirtualAllocEX(ProcessHandle,0,lngSize,MEM_COMMIT,PAGE_READWRITE);
  end;
  CloseHandle(ProcessHandle);
end;

Open in new window

0
 
ThievingSixCommented:
Just tested to be sure, changed a type def and it works fine.
function AllocateMemory(lngSize: Cardinal): Cardinal;
var
  //Wnd,
  ProcessHandle,
  ProcessID : Integer;
begin
  //Wnd := FindWindow(nil,CurrentProcess);
  //GetWindowThreadProcessID(Wnd,ProcessID);
  //Just skip right to the ProcessID if it's for the 
  //calling process. Uncomment the below if needed.
  ProcessID := GetCurrentProcessID;
  ProcessHandle := OpenProcess(PROCESS_ALL_ACCESS,False,ProcessID);
  If ProcessHandle > 0 Then
    begin
    Result := Cardinal(VirtualAllocEX(ProcessHandle,0,lngSize,MEM_COMMIT,PAGE_READWRITE));
  end;
  CloseHandle(ProcessHandle);
end;
 
procedure TForm1.Button1Click(Sender: TObject);
begin
  ShowMessage(IntToStr(AllocateMemory($FF)));
end;

Open in new window

0
 
Russell LibbySoftware Engineer, Advisory Commented:
You may want to download the ProcessMemory source from my site, as this is exactly what it was written to do.

http://users.adelphia.net/~rllibby/downloads/processmemory.zip

I only mention this because you are most likely going to need to read / write the memory after allocated (why else would you be allocating it?). The class I wrote greatly simplifies this for you. example below.

Regards,
Russell

---

var  objMemMgr:     TProcessMemory;
     dwIndex:       Integer;
     lpszTest:      Array [0..254] of Char;
begin

  // Create memory allocator for external process
  objMemMgr:=TProcessMemory.CreateFromHwnd(FindWindow(nil, CurrentProcess));

  // Resource protection
  try
     // Add a memory block in the process (255 bytes)
     dwIndex:=objMemMgr.Add($FF);

     // Set string to write
     StrPCopy(lpszTest, 'Hello world');

     // Write the string (plus null) to other process
     objMemMgr[dwIndex].Write(lpszTest, Succ(StrLen(lpszTest)));

     // Clear the memory block
     FillChar(lpszTest, SizeOf(lpszTest), 0);

     // Read back memory from other process
     objMemMgr[dwIndex].Read(lpszTest, SizeOf(lpszTest));

     // Copy on read is also supported through the access of the LocalMemory property
     MessageBox(0, PChar(objMemMgr[dwIndex].LocalMemory), nil, MB_OK);

  finally
     // Free memory allocator
     objMemMgr.Free;
  end;

end;

0
 
Grant FullenAuthor Commented:
Thanks you all for helping.  Two great examples.
0
 
Grant FullenAuthor Commented:
ThievingSix, what about if I wanted to pick another process?
0
 
ThievingSixCommented:

function AllocateMemory(lngSize: Cardinal): Cardinal;
var
  //Wnd,
  ProcessHandle,
  ProcessID : Integer;
begin
  Wnd := FindWindow(nil,<<INPUT WINDOW TITLE HERE>>);
  GetWindowThreadProcessID(Wnd,ProcessID);
  //Just skip right to the ProcessID if it's for the 
  //calling process. Uncomment the below if needed.
  //ProcessID := GetCurrentProcessID;
  ProcessHandle := OpenProcess(PROCESS_ALL_ACCESS,False,ProcessID);
  If ProcessHandle > 0 Then
    begin
    Result := Cardinal(VirtualAllocEX(ProcessHandle,0,lngSize,MEM_COMMIT,PAGE_READWRITE));
  end;
  CloseHandle(ProcessHandle);
end;
 
procedure TForm1.Button1Click(Sender: TObject);
begin
  ShowMessage(IntToStr(AllocateMemory($FF)));
end;

Open in new window

0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now