Home

Awesome

C-Android-Memory-Tool

GitHub stars GitHub forks GitHub issues GitHub watchers Python GPT_LICENSE code size


The MemoryTool is a C++ tool that provides functionality for reading and writing memory in a target process. It allows you to search for specific values in memory, modify memory addresses, freeze and unfreeze memory values, and perform various system-related operations. This documentation provides an overview of the tool's functionality, along with code snippets to demonstrate how to use each feature.

Introduction

I don't know who initially wrote this memory tool. I have put in a lot of effort to correct non-working functions, fix errors, optimize the code, add proper documentation, and implement proper object-oriented programming structures to ensure the smooth running of the script. I have also added new functions.

Please note that this tool only works for rooted devices as the non-rooted (virtual environment) functionality has not been implemented yet.

If you encounter any non-working functions, please open an issue and report it.

Samples

main.cpp is the sample file to run the MemoryTool

main.cpp File Explanation

The sample code provided demonstrates the usage of the memory tool. Let's go through it step by step:

#include <iostream>
#include "MemoryTools.h"

int main(int arc, char argv[]) {
	/* 1. Package Name of the game
	2. ROOT_MODE (tells you are using rooted device (not reooted device not implimented yet))
	*/
	char game_package[] = "com.tencent.ig";
	MemoryTool memory_tool;
	memory_tool.initXMemoryTools(game_package, MODE_ROOT);

The code includes necessary headers and initializes the memory tool by calling initXMemoryTools(). It takes two parameters: the process name (in this case, "com.tencent.ig") and the mode ("MODE_ROOT" for rooted devices).

   memory_tool.SetSearchRange(ALL);

The SetSearchRange() function sets the search range for memory operations. In this case, it is set to "ALL," which means searching in all memory ranges.

   memory_tool.MemorySearch("1", TYPE_BYTE);

The MemorySearch() function is used to search for a specific value in memory. In this example, it searches for the value "1" of type TYPE_BYTE.

    memory_tool.MemoryOffset("2", 2, /*offset*/ TYPE_BYTE);

The MemoryOffset() function is used to search for a specific value at an offset from a base address. It searches for the value "2" of type TYPE_BYTE with an offset of 2.

    memory_tool.MemoryWrite("0", 2, /*offset*/ TYPE_BYTE);

The MemoryWrite() function is used to write a value to a specific memory address. In this example, it writes the value "0" of type TYPE_BYTE with an offset of 2.

    memory_tool.ClearResults();

The ClearResults() function clears the linked list of results and frees up memory.

    return 0;
}

The program ends and returns 0.


Start of Memory Tool Documentation

Table of Contents

  1. Data Structures
  2. Initialization
  3. Reading Memory
  4. Searching Memory
  5. Writing Memory
  6. Freezing Memory
  7. System Operations
  8. Utility Functions

1. Data Structures

The MemoryTool tool uses the following data structures:

MAPS

struct MAPS {
    long int addr;
    long int taddr;
    int type;
    struct MAPS *next;
};

RESULT

struct RESULT {
    long int addr;
    struct RESULT *next;
};

FREEZE

struct FREEZE {
    long int addr; // address
    char *value; // value
    int type; // type
    struct FREEZE *next; // pointer to the next node
};

2. Initialization

To use the MemoryTool, you need to create an instance of the MemoryTool class. Here's how to initialize the tool:

MemoryTool memTool;

3. Reading Memory

The MemoryTool provides functions to read memory from the target process. The following functions are available:

Read Maps File

PMAPS readmaps(int pid);

Read All Memory Maps

PMAPS readmaps_all();

Read Specific Memory Maps

PMAPS readmaps_bad();
PMAPS readmaps_c_alloc();
PMAPS readmaps_c_bss();
PMAPS readmaps_c_data();
PMAPS readmaps_c_heap();
PMAPS readmaps_java_heap();
PMAPS readmaps_a_anonmyous();
PMAPS readmaps_code_system();
PMAPS readmaps_stack();
PMAPS readmaps_ashmem();

4. Searching Memory

The MemoryTool allows you to search for specific values in the memory of the target process. You can search for values within a specific range or across the entire memory. The following functions are available for memory search:

Base Address Search

void BaseAddressSearch(char* value, int type, long int address);

Range Memory Search

void RangeMemorySearch(char* value, char* range, int type);

Memory Search

void MemorySearch(char* value, int type);

Memory Offset Search

void MemoryOffset(char* value, long int offset, int type);

Range Memory Offset Search

void RangeMemoryOffset(char* value, char* range, long int offset, int type);

5. Writing Memory

The MemoryTool allows you to write values to memory addresses in the target process. The following functions are available for memory write:

Memory Write

void MemoryWrite(char* value, long int address, int type);

Write Address

int WriteAddress(long int address, char* value, int type);

6. Freezing Memory

The MemoryTool allows you to freeze and unfreeze memory values in the target process. The freezing feature allows you to keep a memory value constant while the target process is running. The following functions are available for freezing memory:

Start Freezing

int StartFreeze();

Stop Freezing

int StopFreeze();

Set Freeze Delay

int SetFreezeDelay(long int delay);

Add Freeze Item

int AddFreezeItem(long int address, char* value, int type, long int offset = 0);

Remove Freeze Item

int RemoveFreezeItem(long int address);

Remove All Freeze Items

int RemoveFreezeItem_All();

Print Freeze Items

int PrintFreezeItems();

7. Getting Memory Values

The MemoryTool allows you to retrieve the values from memory addresses in the target process. The following functions are available for getting memory values:

Get Address Value

char* GetAddressValue(ADDRESS address, int type);

Get Address Value DWORD

DWORD GetAddressValue_DWORD(ADDRESS address);

Get Address Value FLOAT

FLOAT GetAddressValue_FLOAT(ADDRESS address);

Get Address Value DOUBLE

DOUBLE GetAddressValue_DOUBLE(ADDRESS address);

Get Address Value WORD

WORD GetAddressValue_WORD(ADDRESS address);

Get Address Value BYTE

BYTE GetAddressValue_BYTE(ADDRESS address);

Get Address Value QWORD

QWORD GetAddressValue_QWORD(ADDRESS address);

8. Miscellaneous Functions

The MemoryTool provides additional miscellaneous functions for interacting with the target process:

Get Result Count

int GetResultCount();

Print Results

void PrintResults();

Clear Results

void ClearResults();

Clear Maps

void ClearMaps(PMAPS maps);

Get Results

PMAPS GetResults();

Get PID

int getPID(char package[64]);

Get Process State

char GetProcessState(char* package);

isapkinstalled

int isapkinstalled(char* package);

isapkrunning

int isapkrunning(char* package);

killprocess

int killprocess(char* package);

Contributor

<a href = "https://github.com/Anonym0usWork1221/android-memorytool/graphs/contributors"> <img src = "https://contrib.rocks/image?repo=Anonym0usWork1221/C-Android-Memory-Tool"/> </a>

Assistance

If you need assistance, you can ask for help on my mailing list:

I also created a Discord group: