- Data Types
- process.open()
- process.close()
- process.read()
- process.readPtr()
- process.readBatch()
- process.readChunk()
- process.write()
- process.writePtr()
- process.findPattern()
- process.findByWindow()
- process.findByExe()
- process.getModuleAddress()
- process.getModules()
- process.attachInput()
- process.detachInput()
- process.is32bit()
- process.is64bit()
- process.terminate()
- process.getWindows()
Several process functions operate on a variety of data types. The below table lists the accepted data types and their respective sizes.
Type | Description | Value range |
"byte" | A single byte | -127 to 127 |
"ubyte" | A single unsigned byte | 0 to 255 |
"short" | Two bytes | -32,767 to 32,767 |
"ushort" | Two unsigned bytes | 0 to 65,535 |
"int" | Four bytes | -2,147,483,647 to 2,147,483,647 |
"uint" | Four unsigned bytes | 0 to 4,294,967,295 |
"int64" | Eight bytes | -9,223,372,036,854,775,807 to 9,223,372,036,854,775,807 |
"uint64" | Eight unsigned bytes | 0 to 18,446,744,073,709,551,615 |
"float" | Four bytes | ~7 digits precision |
"double" | Eight bytes | ~15 digits precision |
"string" | Character string | NULL-terminated |
"ustring" | Unicode character string | NULL-terminated |
Attempt to open and return a
Closes an opened handle. If you set an open handle to
Attempt to read memory from process 'procHandle' at the given address.
'type' should be
The type of data returned depends on the type requested. That is, requesting a byte, short, int, int64,
float, or double returns a
See Data Types for a list of available types.
Exactly like process.read(), except it reads from a pointer.
'offsets' can be a
Exactly like process.read(), except it reads from a pointer.
Attempt to read concurrent memory from process 'proc' at the given address. 'mask' dictates what type(s)
and how many variables should be read. Each character in 'mask' specifies the type to read or skip.
A number prefixing the type can dictate the number to read (
Each character in 'mask' should be one of the below (to specify types), or a number (to specify how many or length)
Character | Type |
---|---|
b | byte |
B | unsigned byte |
s | short |
S | unsigned short |
i | int |
I | unsigned int |
h | int64 |
H | unsigned int64 |
f | float |
F | double |
c | string |
_ (underscore) | (skip ahead x bytes; do not return this) |
For example, a mask of "3i" means "read 3 integers" while "3c" means "read a string of length 3." You may also chain multiple reads together, such as "3i4f16_bs" to mean "read 3 integers, then 4 floats, then skip 16 bytes, read a byte, then read a short."
Reads a chunk of memory of a given size from a location. 'length' represents the number of bytes to read.
The
Attempt to write memory to process 'procHandle' at the given address. 'type' does not need to indicate signedness; do not includes 'u' prefix when writing. Strings also do not require length to be given.
Returns
See Data Types for a list of available types.
Exactly like process.write(), except it is for writing to pointers.
'offsets' can be a
Returns
Attempt to find a pattern within a process, beginning at memory address 'address', with a max scan length of 'length' (in bytes). 'bitmask' should contain an 'x' for a match, and '?' for wildcard. i.e. "xxxx?xx". 'szmask' should contain the actual data we are checking against for a match. i.e. "ABCD?FG"
Returns the process ID that a window with handle 'hwnd' is owned by. If the function fails, it
returns
Look up a process ID by checking for its running executable. i.e. "explorer.exe"
If the process you are looking for is 64-bit, then you must use a 64-bit copy of MicroMacro, otherwise the process cannot be found.
If this process fails, it returns
Look up the address of a module within a process and return its origin address. Often this is used
to lookup the location where a DLL is loaded or the beginning address of the main executable.
'moduleName' should be the full name. i.e. "whatever.dll" If the function fails or it could not
locate the module, it returns
Returns the fully qualified path of the main executable of an opened (see process.open()) process.
Returns a
Attach our input thread to the target window. Returns
Attaching input to a target window may allow synthetic input (see Keyboard Module) to be better received if it is otherwise not working.
Detach our input thread to the target window. Returns
Returns
Returns
Attempts to terminate the target process. Returns
Returns a list of tables containing the 'hwnd' (handle to window), 'name' (window title), and 'class' of each window that belongs to the process specified by the process ID.
For more information on the return value, see window.findList().
Page last updated at 2018-09-25 20:48:20