Hey, I'm trying to write some bytes to the memory of a game but after that undo the changes, how could I go about that?
Currently doing

address = assembly.lpBaseOfDll + re.search(rb'\x80\xBB.....\x74\x09\x80\xBB.....', assemblyModule).start()
    game.write_bytes(address, b"\x90\x90\x90\x90\x90\x90\x90\x90\x90", 9)
    game.close_process()

Should I like

print(game.read_bytes(address, 9))

to get the original bytes and then just

game.write_bytes(address, b"\whatever the print above gave me", 9)

or is that the wrong way of approaching it

I've been using this great library extensively, however for some reason that I can't determine, i'm getting the wrong values.

It is a simply address + offset. Cheat engine shows a 0 1 or 2, pymem is giving me 1908365716 with no value change.

Any ideas?

i am trying to run the demo in https://pymem.readthedocs.io/en/latest/tutorials/inject_python_interpreter.html but it seems not run successfully by traceback:

2021-03-02 14:08:35,388 - pymem - DEBUG - Process 19392 is being debugged
2021-03-02 14:08:35,399 - pymem - WARNING - Got an error in start thread, code: 87
2021-03-02 14:08:35,913 - pymem - DEBUG - New thread_id: 0x00000284
2021-03-02 14:08:35,913 - pymem - DEBUG - Py_InitializeEx loc: 0x7ff84f148678
2021-03-02 14:08:35,913 - pymem - DEBUG - PyRun_SimpleString loc: 0x7ff84f256f60
2021-03-02 14:08:35,913 - pymem - DEBUG - shellcode_addr loc: 0x206981c0000
2021-03-02 14:08:35,913 - pymem - WARNING - Got an error in start thread, code: 5
Traceback (most recent call last):
File "D:/scripts/Test3.py", line 17, in
pm.inject_python_shellcode(shellcode)
File "D:\scripts\venv\lib\site-packages\pymem_init_.py", line 147, in inject_python_shellcode
self.start_thread(self.py_run_simple_string, shellcode_addr)
File "D:\scripts\venv\lib\site-packages\pymem_init_.py", line 180, in start_thread
pymem.logger.debug('New thread_id: 0x%08x' % thread_h)
TypeError: %x format: an integer is required, not NoneType

Can't find process_base_address API,

How to get the base address,
TypeError: Address must be int: <pymem.ressources.structure.MODULEINFO object at 0x000002D9DAA16B48>

Unable to open

Some of the print function does not include the format string right:

print("AdjustTokenPrivileges error: 0x%08x\n", ctypes.GetLastError())

vs

print("AdjustTokenPrivileges error: 0x%08x\n" % ctypes.GetLastError())

the function needs 3 arguments, I inform the 3 but the program says I put 4

from pymem import *
from pymem.process import *
import psutil, win32process, win32api, win32gui
import psutil, win32process, win32api, win32gui
import struct

def enderecoBase():
PROCESS_ALL_ACCESS = 0x1F0FFF
for proc in psutil.process_iter():
if proc.name() == 'gta_sa.exe':
pid = proc.pid
PROCESS_ALL_ACCESS = 0x1F0FFF
processHandle = win32api.OpenProcess(PROCESS_ALL_ACCESS, False, pid)
modules = win32process.EnumProcessModules(processHandle)
processHandle.close()
base_addr = modules[0]
return base_addr

def floatconvert(integer):
return struct.unpack('!f', struct.pack('!I', integer))[0]
def SomaLocalMaisOffsets(local, offsets):
endereco = pm.read_int(local)
print('endereco: ', endereco)
for i in offsets:
if i != offsets[-1]:
endereco = pm.read_int(endereco + 1)
return endereco + offsets[-1]
base = enderecoBase()

print('base:', base, type(base))
pm = pymem.Pymem('gta_sa.exe')
localPlayer = (0xB6F5F0)
offsets = [0x14, 0x30]
resultado = SomaLocalMaisOffsets(localPlayer, offsets)
print('resultado:', resultado, type(resultado))
pm.write_float(base, 0x11E424D0, 20)

i solve it for re.escape(raw_pattern).replace(b'\.',b'.') but i think the escape function should be build in or list in the doc that user should pay attention to this point

Describe the bug

Unsure if this is a bug or intended, but I am executing scan_pattern_page with a specific byte pattern and getting mixed results back. Here's an example of the code I'm running:

import pymem

indexPattern = bytes.fromhex("49 4E 44 58 10 00 00 00")

def process_scan(handle: int, pattern: bytes, end_address: int = 0x7fffffff):
  next_region = 0
  while next_region < end_address:
    next_region, found = pymem.pattern.scan_pattern_page(handle, next_region, pattern)
    if found:
      print(hex(found))

  return found

pm = pymem.Pymem('DQXGame.exe')
handle = pm.process_handle

process_scan(handle, indexPattern)

This returns 19 results every time, but I'm expecting 110~ results from this query.

Output:

0x306f79b0
0x313721f0
...
0x48ab50b0
0x49696da0

Searching for the same in Cheat Engine:

Your Environment

• Python Version: 3.9.5
• OS Version: 64-bit (working with 32-bit process)
• PyMem Version: 1.8.4

Expected behavior

Expecting to have every matching pattern of "49 4E 44 58 10 00 00 00", but am getting less than 20% of the results back.

Traceback

N/A

Additional context

N/A

Thanks for any help you can provide.

Hi, just wanted to suggest to add support for writing and reading a Vectors (2/3) and that's a 1 thing I sadly missing.

Thank you dear developer for your awesome work. You make my life much easier with this module.

OS: Windows 10 Pro (64 bit)
Python: 3.8.5 (64 bit)
Process: notepad.exe (64 bit)
Error #: 6

Based on code found here.

Script:

from pymem import Pymem
import os
import subprocess

notepad = subprocess.Popen(['notepad.exe'])

pm = Pymem('notepad.exe')

pm.inject_python_interpreter()
filepath = os.path.join(os.path.dirname(os.path.abspath(__file__)), 'pymem_injection.txt')
filepath = filepath.replace("\\", "\\\\")
shellcode = """
f = open("{}", "w+")
f.write("pymem_injection")
f.close()
""".format(filepath)

import ctypes
ctypes.windll.kernel32.SetLastError(0)
try:
    pm.inject_python_shellcode(shellcode)
except:
    pass
last_error = ctypes.windll.kernel32.GetLastError()
print(f"last_error={last_error}")

notepad.kill()

Describe the bug
Hello, I am using pymem to a Taiwanese game.Traditional Chinese can be read correctly in CheatEngine, but pymem cannot be read correctly.

If you select UTF16 as the text encoding in the memory browser of CE, you can see Traditional Chinese correctly.

I provide screenshots to illustrate the situation more clearly.

Sorry that the screenshot is displayed in Chinese, but I think the core of the problem is that pymem cannot convert UTF16 encoding correctly?

So now I need to convert the encoding myself to display it correctly, right? And maybe pymem can be updated and it would be even better! Anyway, pymem is already very easy to use. I have used pywin32 for a few days and it makes me very confused

thanks very much

Your Environment

1. python version
   Python 3.9.5 (default, May 18 2021, 14:42:02) [MSC v.1916 64 bit (AMD64)] :: Anaconda, Inc. on win32
2. os version (32/64) win10 x64
3. pymem version 1.8.4

Expected behavior
Display Unicode(UTF16) correctly

Traceback
If applicable, add tracebacks to help explain your problem.

Additional context
Add any other context about the problem here.

Describe the bug
The ressources package is wrongly named, it should be resources.

Your Environment

1. python version: any
2. os version: any
3. pymem version: <= 1.7

Expected behavior
N/A

Traceback
N/A

Additional context
The package should be renamed to resources.

Is it possible to use Pymem to inject this ASM script into MapleStory

//v153.1 Bypassless Character Movement Hook
[ENABLE]
alloc(Hook, 1024)
globalalloc(HookRet, 4)
label(Return)
label(ReturnHook)
Hook:
cmp dword ptr [esp], 01416491
jne Return
mov dword ptr [esp], ReturnHook
Return: jmp dword ptr [HookRet] ReturnHook:
mov [esp+1C], 0 //Up = #-1 or FFFFFFFF, Down = 1, Nothing = 0
mov [esp+20], FFFFFFFF //Left = #-1 or FFFFFFFF, Right = 1, Nothing = 0
jmp 01416930
HookRet:
readmem(01B77ED0, 4)
01B77ED0:
dd Hook

Just an example of a script. Is it possible?

When I read 4 bytes int, everything works fine, but when I try to read a string using read_string I get UnicodeDecodeError: 'utf-8' codec can't decode byte 0xb4 in position 1: invalid start byte. How can I fix it? I have Windows 10 x64 and Python 3.9. Perhaps I have an unsupported version of Python?

I left a message on Discord too.

I just need to figure out what changed and what I need to change in the code.

I am running a tkinter application that has a check every 100ms for which processes are open. After one of my users had the application open for a long time, suddenly this error occurred in the "process.list_processes()" method in pymem, for this line

217: p32 = pymem.ressources.kernel32.Process32First(hSnap, ctypes.byref(process_entry))

Describe the bug
I'm trying to run an 'SoD.read_int(0x9969BC)'.
It should give me the int value of that memory space, but it gives me this error : pymem.exception.MemoryReadError: Could not read memory at: 10054076, length: 4 - GetLastError: 299
My code is :

import pymem

SoD = pymem.Pymem("SoD.exe")

addr = {
    "x": 0x00C599F4,
    "y": 0x00C599F8,
    "map": 0x9969BC
}

x = SoD.read_int(addr["map"])
print(x)

What am I doing wrong ?

Your Environment

1. python version (3.7.9)
2. os version (64)
3. pymem version (1.8.4)

Expected behavior
Should return some value, here for example it should return int(504).

Traceback

Traceback (most recent call last):
  File "C:\Users\kurri\AppData\Local\Programs\Python\Python37-32\lib\site-packages\pymem\__init__.py", line 530, in read_int
    value = pymem.memory.read_int(self.process_handle, address)
  File "C:\Users\kurri\AppData\Local\Programs\Python\Python37-32\lib\site-packages\pymem\memory.py", line 304, in read_int
    bytes = read_bytes(handle, address, struct.calcsize('i'))
  File "C:\Users\kurri\AppData\Local\Programs\Python\Python37-32\lib\site-packages\pymem\memory.py", line 105, in read_bytes
    raise pymem.exception.WinAPIError(error_code)
pymem.exception.WinAPIError: Windows api error, error_code: 299

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "C:\Bordel sans nom\logiciels\SoD\app.py", line 15, in <module>
    x = SoD.read_int(addr["map"])
  File "C:\Users\kurri\AppData\Local\Programs\Python\Python37-32\lib\site-packages\pymem\__init__.py", line 532, in read_int
    raise pymem.exception.MemoryReadError(address, struct.calcsize('i'), e.error_code)
pymem.exception.MemoryReadError: Could not read memory at: 10054076, length: 4 - GetLastError: 299

I've found mentions of MEMORY_BASIC_INFORMATION in the documentation at readthedocs, but I can't find anything related to virtual_query() that uses it. This function could be useful in terms of narrowing down the address ranges that need to be scanned. Narrowing things down to a single module helps, but it can be improved further, for example, you might want to skip anything that has execution flag if you are looking for data.

As such, it'd be nice to have pymem.memory.virtual_query() documented as part of pymem's official API.

Im having a problem. I wrote a tool with pymem so i can do
inject.pyc <process> <python script file>
the problem is: i can only inject into python related processes: normal python files, pyc files, even auto-py-to-exe compiled python-exe files, but just not for example custom C++ programs by me.
Error messge:

Is it just a mistake my me?

Thanks!

Edit 1: I forgot to mention, i CAN inject into notepad, maybe other applets too but i didnt test

is there is a recomonded knowledge to be able to use adn understand how to work with pymem ?

Generating documentation that reflects the current version of the code should not be a pain in the ass.
There are things to automate that like the popular sphinx.

The numpy style seems to be a nice approach as it allows embedding code examples and method description within docstrings.
See sphinx napoleon plugin.

Python 3.7.2
Pymem==1.0
Windows 7 error
Windows 10 no error

Describe the bug
If I open the documentation on the web or using PyCharm, the example of it is strange because it converts the \x00 to null characters in the visualization.

>>> pm = pymem.Pymem("Notepad.exe")
# Here the "." means that the byte can be any byte; a "wildcard"
# also note that this pattern may be outdated
>>> character_count_pattern = b".�"     ...                           b"....d�"
>>> module = pymem.process.module_from_name(pm.process_handle, "Notepad.exe")
>>> character_count_address = pymem.pattern.pattern_scan_module(pm.process_handle, module, character_count_pattern)

Your Environment

1. Python 3.10.2
2. Windows 10 - 64 bits
3. pymem version 1.8.5

Expected behavior
Shows the example code ready for copy & paste.

>>> pm = pymem.Pymem("Notepad.exe")
# Here the "." means that the byte can be any byte; a "wildcard"
# also note that this pattern may be outdated
>>> character_count_pattern = b".\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00" \
                              b"\x00\x00\x00\x00\x00\x00..\x00\x00..\x00\x00\x64\x04"
>>> module = pymem.process.module_from_name(pm.process_handle, "Notepad.exe")
>>> character_count_address = pymem.pattern.pattern_scan_module(pm.process_handle, module, character_count_pattern)

Traceback
N/A

Additional context
It should be better to have an example for scan_pattern_page since it is the same behavior, but it needs more time to research the check that both are similar functions.

Thanks for this great tool! Any chance you could explain how to install the x64 version? Cheers!

Hey I am just trying to learn pymem by looking at some projects and I saw this no-flash cheat for CS:GO it seemed like a good training tried it (of course csgo is in -insecure mode). But I keep getting this error when I run it..

CODE: https://gist.github.com/GDman1616/f3179ef6fcfa564697dbc149585e8b13

Error: C:\Python27\python.exe C:/Users/Gürgün/Documents/PythonBible/untitled/noflash.py
Traceback (most recent call last):
File "C:/Users/G�rg�n/Documents/PythonBible/untitled/noflash.py", line 2, in
import pymem
File "C:\Python27\lib\site-packages\pymem_init_.py", line 7, in
import pymem.process
File "C:\Python27\lib\site-packages\pymem\process.py", line 5, in
from win32api import GetCurrentProcess
ImportError: DLL load failed: The specified module could not be found.

Process finished with exit code 1

want to add "read_pointer" and "write_pointer" and "read_uint64"

"read_string" & "write_string"
maybe there should be "xxxx_ansi_string" "xxxx_utf16_string" "xxxx_utf8_string"

if you don't mind, hope to have a similar with "AOBScan" function.

thank you very much
hope you have a good time 🍺

Hi, i started reading docs today and i try this tutorial: https://pymem.readthedocs.io/en/latest/tutorials/inject_python_interpreter.html

and i got this error:
pm.inject_python_interpreter()
File "C:\Users...\Python39\lib\site-packages\pymem_init_.py", line 95, in inject_python_interpreter
python_lib_h = pymem.process.inject_dll(self.process_handle, bytes(python_lib, 'ascii'))
UnicodeEncodeError: 'ascii' codec can't encode character '\u015f' in position 18: ordinal not in range(128)

This is my code
import pymem
from pymem import pattern

p=pymem.Pymem()
p.open_process_from_name("Main.exe")
pattern.pattern_scan_module(p.process_handle,pymem.process.module_from_name(p.process_handle,"Main.exe"),
                            "\x00 \x09 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x01 \x00 \x00 \x00 \x00 \x00 \x01 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x40 \xC0 \x00 \x00 \x40 \xC0 \x00 \x00 \x40 \xC0 \x00 \x00 \x40 \xC0 \x00 \x00 \x40 \xC0 \x00 \x00 \x40 \xC0",
                            "??xxxxxx????????xxxxxxxxxx????xx????xx??????????xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")

GetContext_pattern = b"\x00 \x09 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x01 \x00 \x00 \x00 \x00 \x00 \x01 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x40 \xC0 \x00 \x00 \x40 \xC0 \x00 \x00 \x40 \xC0 \x00 \x00 \x40 \xC0 \x00 \x00 \x40 \xC0 \x00 \x00 \x40 \xC0"
GetContext_mask = "??xxxxxx????????xxxxxxxxxx????xx????xx??????????xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
pymem.pattern.pattern_scan_module(p.)

i want to get the address from this pattern
?? 09 00 00 ?? ?? ?? ?? 00 00 00 00 01 ?? ?? 00 ?? ?? 01 ?? ?? ?? ?? ?? 00 00 40 C0 00 00 40 C0 00 00 40 C0 00 00 40 C0 00 00 40 C0 00 00 40 C0
can someone help me please

when I run the code an error show:

2020-05-12 17:01:13,174 - pymem - DEBUG - Process 25232 is being debugged
Traceback (most recent call last):
File "terbaru.py", line 6, in
module = pymem.process.module_from_name(p.process_handle, "Discord.exe")
File "C:\Python37\lib\site-packages\pymem\process.py", line 276, in module_from_name
for module in modules:
File "C:\Python37\lib\site-packages\pymem\process.py", line 323, in enum_process_module
pymem.ressources.structure.EnumProcessModuleEX.LIST_MODULES_ALL
ctypes.ArgumentError: argument 1: <class 'OverflowError'>: int too long to convert

It is common to use NullHandler as the default handler for libraries.

https://docs.python.org/3/howto/logging.html#configuring-logging-for-a-library

Use NullHandler as the default handler, and explain how to add handler trough documentation.

I can't seem to find out the method of combining offsets with an address to get the desired value.

If these are my offsets scanshopinventorynameoffset = [0x0, 0x30, 0x0]

shopinventory[i][0] = pm.read_int(0x0536258+ scanshopinventoryidoffset)

I'm guessing I'm doing this completely wrong.

Could you please just clear this up for me? It is taking longer than I expected to get this right.

Hi,

When i try to open an application for example "lea.exe", pymem open the wrong process because i have an other process with the name : "plolea.exe"

I found out that in the file pymem.process.py line 272 the code is :
if name in process.szExeFile.decode(locale.getpreferredencoding()).lower():

Is it possible to search for the exact process name and not if the name is contains?

Thank you

Describe the bug
Pymem is not searching with the function scan_pattern_page().

Your Environment

1. Python 3.10.2
2. Windows 10 - 64 bits
3. pymem version 1.8.5

Expected behavior
Given a byte string, find it in the memory.

Traceback
N/A

Additional context
Running this:

pattern = b'\x10\x8C\x24\x24\xFA\x7F\x00\x00'
found = pattern_scan_module(py_mem.process_handle, hackGU_vol1, pattern, return_multiple=False)
print(f'found: {found}')

it prints: found: None
but I am expecting: found: 123456789

I'm using this library in my project called TrickyTowersUtils.
Just before, some user of my project reported the following error message:

Traceback (most recent call last):
  File "observer.py", line 100, in <module>
  File "site-packages\pymem__init.py", line 45, in init
  File "site-packages\pymem__init.py", line 194, in open_process_from_name
  File "site-packages\pymem\process.py", line 243, in process_from_name
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xc7 in position 0: invalid continuation byte

Perhaps an error occurred while decoding the user's process name.

Getting No such file or directory: pymem\\requirements-doc.txt while trying to install using pip install pymem

I saw there was a recent commit related to requirements, can anyone look into it?

pm = pymem.Pymem("csgo.exe") client = pymem.process.module_from_name(pm.process_id, "client_panorama.dll").base_address

Gives me:

client = pymem.process.module_from_name(pm.process_id, "client_panorama.dll").base_address AttributeError: 'NoneType' object has no attribute 'base_address'

Hi i try this tutorial:
https://pymem.readthedocs.io/en/latest/tutorials/inject_python_interpreter.html

and i got this error:
RuntimeError: Could not allocate memory for shellcode

How can i fix this ?

I've made a few test's on linux and realized that a lot of code from Pymem can be used on linux aswell. Could be some nice feature for the future.

https://github.com/qb-0/PymemLinux

Will the x64 branch ever be merged onto master? It seems to be considerably more active and fleshed out, and would be extremely beneficial for users running on x64 machines who don't want to rely on FASM.

Using pip install pymem also installs the readthedocs etc. dependencies, which are quite heavy. For normal users, it would be great if only the necessary libraries were installed.

I'm trying to run this code:

import pymem
import subprocess

try:
    mem = pymem.Pymem("mspaint.exe") ### reads memory of mspaint.exe
except:
    subprocess.Popen("mspaint.exe")
    mem = pymem.Pymem("mspaint.exe")

mem.inject_python_interpreter() ### injects the python interpreter to be able to understand python code

### code which we will be injecting
code = """ 
import tkinter as tk
win = tk.Tk()
win.mainloop()
"""

mem.inject_python_shellcode(code) ### injecting the code

but when I run the app it shows:

  File "C:\Users\code1tech\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.9_qbz5n2kfra8p0\LocalCache\local-packages\Python39\site-packages\pymem\__init__.py", line 178, in start_thread
    pymem.logger.debug('New thread_id: 0x%08x' % thread_h)
TypeError: %x format: an integer is required, not NoneType

can anybody help?

Describe the bug

Traceback: scan_pattern_page -> pymem.ressources.kernel32.VirtualQueryEx
In my case, mbi.BaseAddress should be '0x78c30000', but it show me the '0x78c3000078c30000'

Your Environment

1. python version (3.7.2)
2. os version (64)
3. pymem version(1.7)

1. my python version is 3.9.1
2. os version 32 bit
3. pymem version 1.7

Expected behavior
I am getting this error when i am trying to run my program.

Traceback
C:\Users\odbie\Desktop\python>python main.py
2021-02-07 21:01:28,160 - pymem - DEBUG - Process 7780 is being debugged
Traceback (most recent call last):
File "C:\Users\odbie\Desktop\python\main.py", line 1, in
from Libary import *
File "C:\Users\odbie\Desktop\python\Libary.py", line 11, in
pm = pymem.Pymem("Vidgar.exe")
File "C:\Program Files\Python39-32\lib\site-packages\pymem_init_.py", line 47, in init
self.check_wow64()
File "C:\Program Files\Python39-32\lib\site-packages\pymem_init_.py", line 52, in check_wow64
verdict = pymem.process.is_64_bit(self.process_handle)
File "C:\Program Files\Python39-32\lib\site-packages\pymem\process.py", line 357, in is_64_bit
response = pymem.ressources.kernel32.IsWow64Process(handle, ctypes.byref(Wow64Process))
ctypes.ArgumentError: argument 1: <class 'OverflowError'>: int too long to convert

Additional context
Add any other context about the problem here.

Running py -m pytest --cov=pymem on python 3.8 results in a failed test for test_injection

    def test_inject_python_shellcode():
        notepad = subprocess.Popen(['notepad.exe'])

        pm = pymem.Pymem('notepad.exe')
        pm.inject_python_interpreter()

        # test already injected
        pm.inject_python_interpreter()

        assert pm.py_run_simple_string

        filepath = os.path.join(os.path.abspath('.'), 'pymem_injection.txt')
        filepath = filepath.replace("\\", "\\\\")

        shellcode = """
    f = open("{}", "w+")
    f.write("pymem_injection")
    f.close()
        """.format(filepath)
>       pm.inject_python_shellcode(shellcode)

tests\test_injection.py:38:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
pymem\__init__.py:144: in inject_python_shellcode
    self.start_thread(self.py_run_simple_string, shellcode_addr)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <pymem.Pymem object at 0x000002839324DFA0>, address = 1242510712, params = 1335612407808

    def start_thread(self, address, params=None):
        """Create a new thread within the current debugged process.

        Parameters
        ----------
        address: int
            An address from where the thread starts
        params: int
            An optional address with thread parameters

        Returns
        -------
        int
            The new thread identifier
        """
        thread_id = ctypes.c_ulong(0)
        thread_h = pymem.ressources.kernel32.CreateRemoteThread(
            self.process_handle,
            None,
            0,
            address,
            params,
            0,
            None
        )
        pymem.ressources.kernel32.WaitForSingleObject(thread_h, -1)
>       pymem.logger.debug('New thread_id: 0x%08x' % thread_h)
E       TypeError: %x format: an integer is required, not NoneType

pymem\__init__.py:172: TypeError

Exact commands I ran with output: https://hastebin.com/semopotume.php

Hello! I noticed that pymem.Pattern was missing from the documentation but is still documented in the source code, was this a mistake?

Can Python create a blank address and call remote assembly? I tried to use the createremotethread resumethread WaitForSingleObject functions and found that it took 10 calls to succeed once or twice. I don't know what the problem is. This is a very important assembly function

Nevermind sir, please delete.

Good Morning, and sorry for my eng.. i've tryed to understand how works this library, i've use it for make a game trainer, but if a try to write a variable i receive a error "windows api". The function write_int want a adress integer, with cheat engine, my adress is like a 1DBA7D66C30, how works this method?...
i've tryed to get the PID whit the constructor of the class Pymem, my PID is 7252,
so i've get the handle whit the function open() but when i try to get adress whit the function base_module() i receive a None Object.

Someone can tell me how works this library? TY

Describe the bug
I try to make a radar hack for cs go. My code is below.

Your Environment

1. python version (3.10)
2. os version (64)
3. pymem version 1.8.5

Expected behavior
I try to make a radar hack for cs go. My code is below

import pymem.process
import keyboard


dwEntityList = (0x4DD245C)
m_bSpotted = (0x93D)

def test_write_uchar():
    pm = pymem.Pymem('python.exe')
    address = pm.allocate(10)

    pm.write_uchar(address, 114)
    assert pm.read_uchar(address) == 114
    pm.free(address)

    with pytest.raises(TypeError):
        pm.write_uchar(0x111111, "114")

    pm = pymem.Pymem()
    with pytest.raises(pymem.exception.ProcessError):
        pm.write_uchar(0x111111, 114)
def main():
    pm = pymem.Pymem("csgo.exe")
    client = pymem.process.module_from_name(pm.process_handle, "client.dll").lpBaseOfDll

    while True:
        if keyboard.is_pressed("end"):
            exit(0)
        for i in range(1, 32):
            entity = pm.read_int(client + dwEntityList + i * 0x10)
            if entity:
                pm.write_bool(entity + m_bSpotted, True)


if __name__ == '__main__':
    main()

Traceback
I get this error

Traceback (most recent call last):
  File "C:\Users\kyriakidis\PycharmProjects\pythonProject1\main.py", line 23, in <module>
    main()
  File "C:\Users\kyriakidis\PycharmProjects\pythonProject1\main.py", line 19, in main
    pm.write_bool(entity + m_bSpotted, True)
  File "C:\Users\kyriakidis\PycharmProjects\pythonProject1\venv\lib\site-packages\pymem\__init__.py", line 895, in write_bool
    raise pymem.exception.MemoryWriteError(address, value, e.error_code)
pymem.exception.MemoryWriteError: Could not write memory at: -1884891523, length: True - GetLastError: 87

Additional context
The weird thing now is that 1 out of 10 times the code works, but the resr 9 i showa the above error

PS. i tried write_uchar, write_int but it gives the same error

You seem to be an experienced bot maker. If you remember me from my other posts, I have been making bots for a few years now.

I usually create bots for some really small niche community mmos that don't have a lot of anti-botting systems.

What I'd like to know is if you sell your bots too? And if so, how do you go about protecting the code from being stolen or the bot unlocked.

Right now, I simply lock my bots to the user's PC using a hardware lock and I create a custom license key.

I'm just looking to see what other bot makers do to prevent their bots being hacked and distributed for free?