From e4f8d87d5d628818a24a79de6314dec5acbacd08 Mon Sep 17 00:00:00 2001
From: Amrani <x544d3v@gmail.com>
Date: Wed, 23 Sep 2020 14:00:05 -0700
Subject: [PATCH] Python win32 api Wrapper

---
 src/PythonicBlackBone/BlackBone.py            | 108 ++++++++++++++++++
 .../__pycache__/BlackBone.cpython-38.pyc      | Bin 0 -> 3086 bytes
 .../test/ReadWriteProcMem.py                  |  32 ++++++
 3 files changed, 140 insertions(+)
 create mode 100644 src/PythonicBlackBone/BlackBone.py
 create mode 100644 src/PythonicBlackBone/__pycache__/BlackBone.cpython-38.pyc
 create mode 100644 src/PythonicBlackBone/test/ReadWriteProcMem.py

diff --git a/src/PythonicBlackBone/BlackBone.py b/src/PythonicBlackBone/BlackBone.py
new file mode 100644
index 00000000..c5a5f8ad
--- /dev/null
+++ b/src/PythonicBlackBone/BlackBone.py
@@ -0,0 +1,108 @@
+import ctypes as c
+from ctypes import wintypes as w
+import enum
+
+# Github : x544D
+
+class PythonicBlackBone():
+    
+    class DataTypes(enum.Enum):
+        BOOL    = 0
+        INT16   = 1
+        INT32   = 2
+        INT64   = 3
+        FLOAT   = 4
+        DOUBLE  = 5
+        LONG    = 6
+        ULONG   = 7
+        LLONG   = 8
+        ULLONG  = 9
+        SIZE_T  = 10
+        CHAR    = 11
+        BYTE    = 12
+        WCHAR   = 13
+        VOIDP   = 14
+
+
+    def ParseType(self, i , value=None):
+        _ = {
+            0:c.c_bool,
+            1:c.c_int16,
+            2:c.c_int32,
+            3:c.c_int64,
+            4:c.c_float,
+            5:c.c_double,
+            6:c.c_long,
+            7:c.c_ulong,
+            8:c.c_longlong,
+            9:c.c_ulonglong,
+            10:c.c_size_t,
+            11:c.c_char,
+            12:c.c_byte,
+            13:c.c_wchar,
+            14:c.c_void_p,
+        }
+        F=_[i]
+        if value:return F(value=value)
+        else: return F()
+
+
+
+    def __init__(self, ProcessId , DesiredAccess=0x000F0000|0x00100000|0xFFF):
+        if ProcessId is None:
+            print("+ Please Give a valid PID .")
+            exit(0)
+
+        print("\t[ AN EASY WIN32API PYTHON WRAPPER CTYPE BASED ]\n\t- This is still under Dev .. !")
+        self.pid    = ProcessId
+        self.access = DesiredAccess
+
+        self.k32    = c.windll.kernel32
+        self.OpenProcess = self.k32.OpenProcess
+        self.OpenProcess.argtypes = [w.DWORD,w.BOOL,w.DWORD]
+        self.OpenProcess.restype = w.HANDLE
+
+        self.ReadProcessMemory = self.k32.ReadProcessMemory
+        self.ReadProcessMemory.argtypes = [w.HANDLE,w.LPCVOID,w.LPVOID,c.c_size_t,c.POINTER(c.c_size_t)]
+        self.ReadProcessMemory.restype = w.BOOL
+
+        self.WriteProcessMemory = self.k32.WriteProcessMemory
+        self.WriteProcessMemory.argtypes = [w.HANDLE,w.LPCVOID,w.LPVOID,c.c_size_t,c.POINTER(c.c_size_t)]
+        self.WriteProcessMemory.restype = w.BOOL
+
+        self.GetLastError = self.k32.GetLastError
+        self.GetLastError.argtypes = None
+        self.GetLastError.restype = w.DWORD
+
+        self.CloseHandle = self.k32.CloseHandle
+        self.CloseHandle.argtypes = [w.HANDLE]
+        self.CloseHandle.restype = w.BOOL
+
+        self.hProc = self.OpenProcess(self.access , False, self.pid)
+        if not self.hProc:
+            print('+ Failed To open a handle to the Target Process .')
+            exit(0)
+
+    def CheckLastError(self):
+        return self.GetLastError()
+
+    def DestroyHandle(self):
+        self.CloseHandle(self.hProc)
+        del self
+
+    def RPM(self, address, data):
+        ''' ReadProcessMemory'''
+        return self.ReadProcessMemory(self.hProc, address, c.byref(data) , c.sizeof(data), None)
+
+    def WPM(self, address, data):
+        ''' WriteProcessMemory '''
+        return self.WriteProcessMemory(self.hProc, address, c.byref(data) , c.sizeof(data), None)
+
+    def __del__(self):
+        print(f"+ Instance {type(self).__name__} Destroyed .")
+
+
+
+if __name__ == "__main__":
+    print('+ Please Intanciate the Class first .')
+    exit(0)
\ No newline at end of file
diff --git a/src/PythonicBlackBone/__pycache__/BlackBone.cpython-38.pyc b/src/PythonicBlackBone/__pycache__/BlackBone.cpython-38.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..9dd04d6e8b1737734e52cb47fea4365bc82ab8ea
GIT binary patch
literal 3086
zcmbtWOK;pp5@z!?oR>zDM}EY+8^(D~oJ`hv7zq#rv0k<SSu>EOIB5i6sOgqOi5hB~
zlpPHwxyZ)^*n6^ob@Y9I4X=CBaj&@~Uo}Uv>@l1}NYq!w?ym0Ys_JU4*XtDn&rko|
z4Xm1B{Et4)KNdc|1f`1rVF(r*oPnFMv1f9N6>T=RZyUlA_9H{sM<#cqE1X?Z&B~H+
zj~FwgCk*0(-7{LH6U=3-v{>#vjQZK(zD#@6a{jUL@g*qb0IApHCe~oW#2TiwcI+dI
zJK}<{h4YAUS2RUQc#uk>EGmx-?un|XftN*HOn_HJLrj8K#gv!^uL%pb%;Zzu!)!b0
zN4?oN?Cs7beK}?fJ2mFcIb#IlmN2<3$P60>I9S@nvL!6(VYxDvs$iKauZtR=5Ov-V
z6MRxM_>`E$(o=)0V@tQ^!z^4Qk0@I7M1x5Z1>%Ifa^euU1SJBGpiDrKJgE{OlEz7$
zU;?nxn$Eo-=!bhU2=Yo0>?PtLCb<>_|2hccQI9>_=`3?+X=UxkP0c>~P_vsKb7yh6
zb89Vk=R51O%M09I?yTJA&U(R?HFMWT{N55@2-dhgcjwkBw`aduTj0)p{o#DoS(@)Y
zG1MhkrQx?myZ!B%<J<d(dHKu(w5RkR0FT)(dDRu#VvqcD`jCevL35yV1CSXz3}k{V
zkPUJ`E~o_ZKxI$`R0Y*Qb<hN;A=s~tAFQD@WLJzI?4hZ?9s-5=Gg5hI9~t*>1Q1PY
zrPa_eQxqgcCMXJ$q97>>lA;YM3X-BADGHLJASnuxY7mgsY6^hE;XDZA1KFC)S&zHD
zU?WLlUg`xnF$hl~AV7tH5JA|ClQ836FA&MWMl4AyPWoHab)bbx(V*q(sF6N$=%mp=
z1{vw}wnL>?Jj^8NKGY2u@*s&su-|fWJC*Tf&LZ^+OwC!4v&E+|RhOx;+znMKDV49{
zGkphOm@kW?{eO1~kv1yqMd#vdwv*o*uNu!pn<7t6*3oX`#0*iOc0F}DL%E=$lc8u3
zAF`nlm_rk2W%iD<<3cJ8kpnv(Brhu?1Iow%@GT4NUQmNv*V2R@*TA?2wSgu<Q<!Hu
zvmaj|e$2KUjB04Ds+J0^CbXJ=qSZXpY6gYY476s1fq7<hUqwqr-$nFYq#3ucr=5#u
zx)(|JF?O?K3EF{q3=A$oy7X_Bz6+1o=RKk`*I5}{z3z8o8K%;|9X*hK=p*$a;dhtj
z{kBf(#lem1{$d!#Quu3$pX|#%Ms0_E5lcTy{A^qLYoXebncr1OPo}BgZe7lueT8(*
zZTWqaace&kxf}MVS5Z=M7v*2XG52<*>dP3}Z0!Q79ZWx(CT9=1Gk?FcI<IC(#ls@{
z#^COqTPyRZMI|LuYRRWoWhh2!cjaE94tZ(0J4ZE#yUShT>TfhhsoOz~TUgDf@2e=2
z&#2_J+cH}Y(`-ShMCH}FI7#Ilz0cg)rlBoM{hekhkMx!Vug}XgQc~P1_I6g?ij#oS
z8}*|s2tI;Z`XRtz9=)c^T(iO|tjQ|i*Uq7*<r=W5#|~Z@zba0r?a?K1`jAZbg+2^a
zb&w9mF$&ZZh6`7<(DH=o4LpBfC+4<gZ})8L>lm5ROa>eH<BLB#c+3O~dfJ3(2xI~>
zkR9U;{-~>^dLPX#Q@snOt`oEgo^u?zHB-r9;r_2NBBk1Duo@e@I&RW4qsJ-)`9fRd
zLpZf)$TIV>H8hWjqpBY>!HykNb8|55kEPQ}%TaGbyReutICnM<mE6o-DxS&alTm7v
zLLrcqX>JQ#=g)7;TJ7Hb7RrTp&B4t0Rxsi(Z=mUqXSYvVpi=yF3+e`aQdTO;&oN`~
zckh0O_Lmro5o7VEIB9Rw1wnN<L!CNeJLWI=dHav0e+7$Mb5OnRFZI(b?DwQUsQIHP
zqRzB&(q4ypZqxBrlu0j4lTr`}83QojG-I!f`*bv_rO&}NjBVA6IWN$}O#tdt|6q^X
z3qbu>p<bh|_Xs{9_$R?91UCsjC3u>%TB5s8Spd3`Qo7DPb9%aRxpK|3JeywKOaEhg
zVbl+T!JB8bcd1Wah{6md74>v34pBxoBb8?GMHx4;E_}LlDmt0!ErQPoXvJbT<T3RI
d!3!+Qz0Zq(zb~jxr1S^k;WT;n#0FKQKLD18u=@Z2

literal 0
HcmV?d00001

diff --git a/src/PythonicBlackBone/test/ReadWriteProcMem.py b/src/PythonicBlackBone/test/ReadWriteProcMem.py
new file mode 100644
index 00000000..890e490e
--- /dev/null
+++ b/src/PythonicBlackBone/test/ReadWriteProcMem.py
@@ -0,0 +1,32 @@
+import sys
+sys.path.append("..")
+from BlackBone import PythonicBlackBone
+
+
+# Intance of BlackBone python Classs
+# Constructor Takes 2 Params ProcId and dwDesiredAccess (default = PROCESS_ALL_ACCESS )
+bb=PythonicBlackBone(4284)
+
+# Address to read From
+addr = 0x0063DE0C
+
+# data is the Variable that will end up holding the Read Value from that address 
+# Tho, we need to Parse it to a C_TYPE in this case 'Double' you can find more on DataTypes 
+data = bb.ParseType(bb.DataTypes.DOUBLE.value)
+
+# Result of ReadProcessMemory (Bool)
+res = bb.RPM(addr , data)
+
+print('+ RPM result: {} - err code: {}'.format(res,bb.CheckLastError()))
+print('data: {}\n'.format(data.value))
+
+# in Case of WriteProcessMemory we can directly parse our value as a C_Type , simply pass it as the second param 
+# in this case we want to write 1.5
+_wdata = bb.ParseType(bb.DataTypes.FLOAT.value, 1.5)
+res = bb.WPM(addr, _wdata)
+
+print('+WPM result: {} - err code: {}'.format(res,bb.CheckLastError()))
+print('data: {}'.format(_wdata.value))
+
+# This will CloseHandle , and Invoke the built in __del__ function .
+bb.DestroyHandle()
\ No newline at end of file