in reply to Running in circles trying to find helpful documentation (Win32::process::memory)

Since no one else has responded, I'll try. First, I use linux, so I may be offbase when it comes to windows memory management.

First you should clarify what your ultimate goal is. Your requirement to monitor certain memory addresses for certain text is vague. Are you talking about within a single process, or one process watching another, or an absolute address in system RAM? Modern OS's use relative addressing ro run executables, so it is very unlikely you will find a program storing a variable at an absolute memory address.

Second, there are many docs for Perl, just check out the tutorials section, and the perldocs. If you need an introduction to Perl, read some books. If you find that Python /Ruby has better documentation (which makes sense to you), then use those languages. Also, most of these scripting languages were developed with unix/linux type systems in mind, so if you are stuck on win32, you will find yourself at a slight disadvantage.

Third, by your description of the problem "need to match text at a memory location" hints of an easy solution, for a problem which you havn't well formulated. Can you state what the ultimate problem is..... are you trying to hack passwords stored in binary files? :-)

On linux anyways, you can read an image of the ram contents by using the dd utility to read /dev/ram (requires root priviledges). Google and groups.google can be searched for examples. You can find text strings in a binary with the "strings" utility.

I'm not really a human, but I play one on earth. Cogito ergo sum a bum
  • Comment on Re: Running in circles trying to find helpful documentation (Win32::process::memory)

Replies are listed 'Best First'.
Re^2: Running in circles trying to find helpful documentation (Win32::process::memory)
by lou.cal (Initiate) on Jan 08, 2007 at 01:59 UTC
    Thank you for your response. I wish that I could be doing this on linux, but the program I am monitoring is a poker program that only runs on windows. I am trying to use data on the fly, although the program will log the data for me after each hand is done, I would like to have access as these things happen, because if you miss them, there is no way in the program to see that info until the hand is over, and the info is (for the purposes of playing that hand) useless.

    I will agree that I have not formulated the problem very well, and I appreciate your input because I needed some insight in certain areas especially because I do not know much about how programs use memory, and after all I am a linux user so this win32 stuff makes little sense to me, making win32 related reading (possibly) harder to digest.

    Now, I do have more experience in some other languages, but I did not want it to sound like I was discouraged from using perl. The truth is that although sometimes I feel like I am making no progress and trying to learn too much for my young mind, I do believe that learning perl here will payoff in spades due to my real home being on linux and other unix related/based systems. I could of course be wrong at this too since the win32 part of learning perl could be a completely different 'monster' and only time or possibly someone with more experience could let me in on that.

    Thank you again for your input and I hope this helps clarify my problem.

    I only want to monitor any memory of a specific pid and print in real time to the screen any lines that start with Dealer:

    I know that memory is not in a line by line format which makes this harder, but hopefully they are ended with newlines or something.

    I might be in over my head but I am willing to learn, the documentation on win32::process::memory just seems really difficult and I am still constantly reading the books I have plus oreilly's learning perl (I think it is win32 based but I am not completely sure)

[reply]
      I hope they don't make online gambling illegal, just after your year-long effort to reveal the dealer's hand is perfected. :-)
      I'm not really a human, but I play one on earth. Cogito ergo sum a bum
[reply]
        Well, you play against other people, and I should hope the security is way too good to see their hands. My project is much more noble than that :)
[reply]

In Section Seekers of Perl Wisdom