Hi dude, quick question.

[ghost]

You seem to be an experienced bot maker. If you remember me from my other posts, I have been making bots for a few years now.

I usually create bots for some really small niche community mmos that don't have a lot of anti-botting systems.

What I'd like to know is if you sell your bots too? And if so, how do you go about protecting the code from being stolen or the bot unlocked.

Right now, I simply lock my bots to the user's PC using a hardware lock and I create a custom license key.

I'm just looking to see what other bot makers do to prevent their bots being hacked and distributed for free?

[ghost]

Also, while I'm here, for some reason the compiled exe with pyinstaller won't read the memory. pm.read_int gives a generic error or being unable to read from an address.

I'm not sure what to do with that as the code is fine and it seems like py2installer has detected pymem fine.

[ghost]

I've downgraded my Python form 3,6 to 3,5 to see if it made a difference to pyinstaller but no dice.

For some reason, the compiled version of my script isn't able to read memory. I'm able to open the process for sure, but the first pm.read_int ends in an error of being unable to read from the address.

[ghost]

Here is an image of the error, it seems like a basic error but I have no idea what could be going wrong as the code is right and it seems like pyfasm and pymem are detected properly in pyinstaller. http://imgur.com/a/K00d5

[srounet]

I don't sell my bots, generally I use pymem to write bot that do simple tasks like mining or fishing and thus used them for myself and a couple of friends, I can't really help you on protecting python code.

As for py2installer, I never used it, I've always installed python on my different hosting machine and used as a raw python application (without packaging).

I'm sorry to say I can't help you on those points, you're going a bit further than I did.

For which game are you developing bots actually? (I did for wow, gw2 and runes of magic).

[srounet]

On google it says something about Access denied, I'm sure you did, but did you tried in Privilege elevation (a.k.a admin access) ?

[ghost]

It is for this mmo http://imgur.com/a/SlTjb

I've played it since 2002 but it is really difficult and grindy, so botting is a huge asset.

I've run the program as administrator but I think you're talking about something inside the code? I didn't use the privilege settings no, how do I properly give the code admin access?

[ghost]

When I run my bot from Python IDLE, I get "The token does not have the specified privilege. "

However, set_debug_privilege is not recognised when I try to use it.

[srounet]

It looks like a pretty old game :)

Yes, it seems like that it is something about getting access to the process in debug mode. I've already seen this message when writing the library and it was always around set_debug_privilege. You should try to put a breakpoint (import pdb; pdb.set_trace()) there and step until it raises the exception and debug the return code.

After each Windows api call you should check the get_last_error (win32api.GetLastError()).

[ghost]

I don't think I'm advanced enough to understand what I'm doing with that yet. I wouldn't know how to fix it even if I found what I needed to find.

Is there no easy way to elevate the rights of the program?

[ghost]

It seems that set_debug_privilege is not recognised too, which is odd.

NameError: name 'set_debug_privilege' is not defined AttributeError: 'Pymem' object has no attribute 'set_debug_privilege'

[srounet]

To have the ability to change the access token your program should run as administrator (right click run as ... ect...). and that's it. Nothing more is required (also run your Python IDLE as administrator).

[ghost]

Hey would it be too much trouble if you could see if your pymem works with pyinstaller? I've been at this for hours(actually, days), it seems like compiling exes in python is an incredible amount of trouble.

[ghost]

@jimmycorkhill did you try cx_freeze, nuitka?

[ghost]

I'm currently on Nuitka, spent hours trying to get this thing working first. I'll try freeze next, I'm using python 3.5 though. I did take a look at freeze but couldn't find any clear instructions on what to do.

Have you managed to compile a pymem script?

[ghost]

I managed to compile with Nuika and i'm getting the same unable to read memory error. I think pymem might not work with compiling or I don't understand something.

Are there any other ways to compile scripts so they are standalone and can maybe be secured a tiny bit to protect the code? Maybe not a windows exe but something else?

[ghost]

It definitely seems like this is a privilege error. Running the exe as admin doesn't work, I think I need to set the privilege inside the code but 'set_debug_privilege' is not recognised at all.

[ghost]

pymem.process.set_debug_privilege(pm,SE_ASSIGNPRIMARYTOKEN_NAME,True)

I seem to have made progress, however now I need to know which tokens I need to access the memory etc

https://msdn.microsoft.com/en-us/library/windows/desktop/bb530716(v=vs.85).aspx

[ghost]

I believe this should be correct pymem.process.set_debug_privilege(pm,SE_DEBUG_NAME,True)

However I'm getting this result:

Traceback (most recent call last): File "C:\Users\xxx\AppData\Local\Programs\Python\Python35-32\Cookingbreadtyt.py", line 34, in pymem.process.set_debug_privilege(pm,SE_DEBUG_NAME,True) File "C:\Users\xxx\AppData\Local\Programs\Python\Python35-32\lib\site-packages\pymem\process.py", line 41, in set_debug_privilege if not ctypes.windll.advapi32.AdjustTokenPrivileges( hToken, False, ctypes.byref(tp), ctypes.sizeof(pymem.ressources.structure.TOKEN_PRIVILEGES), None, None): ctypes.ArgumentError: argument 1: <class 'TypeError'>: Don't know how to convert parameter 1

[ghost]

realised it wasn't getting the right handle.

However now I get this and I can't see this errorcode anywhere.

AdjustTokenPrivileges error: 0x%08x 6

[ghost]

Sigh, its right here.

if not ctypes.windll.advapi32.AdjustTokenPrivileges( hToken, False, ctypes.byref(tp), ctypes.sizeof(pymem.ressources.structure.TOKEN_PRIVILEGES), None, None):
    print("AdjustTokenPrivileges error: 0x%08x\n", ctypes.GetLastError())
    return False

Not sure what the problem is though.

[srounet]

Ho here is my fault, the format string is not right, it should be: Referenced in issue: https://github.com/srounet/Pymem/issues/6 Fixed in: https://github.com/srounet/Pymem/pull/7

print("AdjustTokenPrivileges error: 0x%08x\n" % ctypes.GetLastError())

So basically AdjustTokenPrivileges failed, with an error code within ctypes.GetLastError(). If you want to get the list of error codes and their meanings you can find that here: https://msdn.microsoft.com/en-us/library/windows/desktop/ms681381(v=vs.85).aspx

[ghost]

No problem, I'm just thankful for your replies and pymem.

It seems the process handle is invalid.

ERROR_INVALID_HANDLE 6 (0x6) The handle is invalid.

[srounet]

You should check the return of this function:

ctypes.windll.advapi32.OpenProcessToken(hCurrentProcess, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ctypes.byref(hToken))

If you can just edit the file, and either put a print(ctypes.GetLastError()) after the call or if you prefer pdb just insert import pdb; pdb.set_trace().

Basically, after this call hToken should contains the new token with desired accesses (Query && Adjust Privileges). Pymem need to do this to later swap the process into debug mode.

[ghost]

    print(ctypes.GetLastError()) comes back as 0 just after the line you specified. 

[ghost]

If it is worth mentioning, this is how I open the process and pymem.

pm = pymem.Pymem("SomaWindow.exe")

[srounet]

Can you specify your version of windows (xp/7/10) and the kind of cpu you are using (x86/x64) just for reference (to check if there is specific to a windows version).

[ghost]

windows 10, up to date, 3750k, 64bit, IDLE is 32bit

I'm doing a simple open() right now and the process handle/pid/name keeps returning OSError: [WinError 6] The handle is invalid

I must be doing something wrong here.

[srounet]

What is 3750k ?

Can you test:

pm = pymem.Pymem()
pm.open_process_from_id(SOMA_PID_FROM_TASK_MANAGER)

[ghost]

Oh, I'm getting no errors, I think that just worked.

pm = pymem.Pymem() pm.open_process_from_id(336)

I was using 336 with open() but it wasn't working earlier.

Will this have set the debug token privilege too? I'll get testing.

[srounet]

Yes it should.

[ghost]

Well I can't believe it, after three days I finally have a compiled executable that seems to be working.

Thank you for spending the time to help me.

I am new to github, but this thread could help a lot of people if they use a compiled version of pymem, maybe you should leave it here?

Thank you again, I'm very greatful.

[srounet]

I'll leave it there for some time i suppose :)

I ll have to look the code twice to understand the difference between open_process_from_name and open_process_from_id but i guess it's something stupid and simple :)

[srounet]

Closing issue, Discord is a better place to have this kind of exchange.

https://discord.gg/xaWNac8