Advanced Game Hacking Library (C/C++/Rust/Python) (Windows/Linux/FreeBSD)

Made by rdbo

Discord Server

https://discord.com/invite/Qw8jsPD99X

License

This project is licensed under the GNU AGPLv3.0 Read LICENSE for more information

Features

• Cross Platform (Windows/Linux/FreeBSD)
• Cross Architecture (x86/x64/ARM/ARM64)

libmem can:

• Find Processes
• Find Modules
• Find Symbols
• Read/Write/Set Memory
• Allocate/Protect Memory
• Scan Memory by Pattern/Signature
• Hook/Unhook Functions
• Assemble/Dissassemble Code (JIT)
• Do VMT Hooking/Unhooking
• Load/Unload Modules
• Get Page Information
• Enumerate Process Threads

And much more!

Examples

For more examples and API manual, access the documentation

C/C++

#include <libmem/libmem.h>

int main()
{
	lm_module_t mod;
	lm_address_t main_sym;

	LM_FindModule("mygamemodule.so", &mod);
	main_sym = LM_FindSymbolAddress(&mod, "main");
	printf("[*] Module Name: %s\n", mod.name);
	printf("[*] Module Path: %s\n", mod.path);
	printf("[*] Module Base: %p\n", mod.base);
	printf("[*] Module Size: %p\n", mod.size);
	printf("[*] Module End:  %p\n", mod.end);
	printf("[*] Main Addr:   %p\n"), main_sym);

    return 0;
}

Rust

use libmem::*;

fn some_function() {
    // ...
}

fn hk_some_function() {
    // ...
}

unsafe fn test() {
    // reading/writing memory
    let number : i32 = 0;
    let number_addr = &number as *const i32 as lm_address_t;
    let value : i32 = 1337;
    LM_WriteMemory(number_addr, &value).unwrap(); // write 1337 to number
    let read_number : i32 = LM_ReadMemory(number_addr).unwrap();
    println!("[*] Number Value: {}", read_number); // it will show 1337

    // hooking/detouring functions
    let func_addr = some_function as *const () as lm_address_t;
    let hk_addr = hk_some_function as *const () as lm_address_t;
    println!("[*] Hooking 'some_function'");
    println!("[*] Original Address: {:#x}", func_addr);

    let trampoline = LM_HookCode(func_addr, hk_addr).unwrap();
    println!("[*] Trampoline: {:#x?}", trampoline);

    some_function(); // this will call 'hk_some_function'

    // restore the original code from 'some_function'
    LM_UnhookCode(some_function_addr, trampoline).unwrap();

    println!("[*] Unhooked 'some_function'");
    some_function(); // call 'some_function' to see if it has been unhooked
}

fn main() {
    unsafe {
        test();
    }
}

Python

from libmem import *

# Assemble/Disassemble code
print("[*] Assembly")
inst = LM_Assemble("mov eax, ebx")
print(f"{code} : {inst.bytes}")

print("[*] Disassembly:")
inst = LM_Disassemble(bytearray(b"\x55"))
print(f"{inst.bytes} : {inst.mnemonic} {inst.op_str}")

Installing

Windows

Note: If you download a binary version of libmem in the GitHub releases, you only need to install the Windows SDK. Building is not necessary, just add libmem/include to your project's include directories and link it against the binary you downloaded.

1. Install the Windows SDK: Windows 7 - Windows 10/11

2. Install Python 3 (Check the option to add Python to PATH) (Use Python 3.8.9 for Windows 7)

3. Install Visual Studio 2022 or newer (with C++ support and CMake) (older versions might work, but they were not tested)

4. Install CMake

5. Install Git Bash

6. Run a Visual Studio Developer Command Prompt as Administrator

7. Run the following command to append libmem's destination directory to your %PATH% user variable:

    setx PATH "%PATH%;%ProgramFiles%\libmem\include;%ProgramFiles%\libmem\lib"
   

8. Continue reading at Build and Install

Linux

Note: The following commands are for Debian/Ubuntu based distributions. Make sure to find the appropriate commands for your Linux distribution.

1. Open a terminal

2. Install GCC, G++, Git, CMake, Make, Python 3, and the Linux headers:

    sudo apt install gcc g++ git cmake make python3 linux-headers
   

3. Continue reading at Build and Install

FreeBSD

1. Add a mountpoint for the procfs filesystem in your /etc/fstab by appending the following line:

    proc		/proc		procfs	rw	0	0
   

2. Manually mount the procfs. This will only be necessary if you don't reboot. If you reboot, it will be automatically mounted because of the line at /etc/fstab. Run the following command (as root):

    mount -t procfs proc /proc
   

3. Install Git, CMake and Python3 (run as root) (clang, clang++ and make should already be installed):

    pkg install git cmake python3
   

4. Continue reading at Build and Install

Build and Install

Note: Run the following commands on Git Bash (Windows) or a terminal (Linux/FreeBSD).

Clone the repository:

git clone https://github.com/rdbo/libmem

Initialize and update the submodules:

git submodule init
git submodule update

Generate the CMake cache:

mkdir build
cd build
cmake .. -DCMAKE_BUILD_TYPE=Release

Compile libmem:

Windows: nmake

Unix-like: make -j 4

Install libmem (run as root or as Administrator):

Windows: nmake install

Unix-like: make install

After installing, follow the the proper Usage section for your programming language

Usage (C/C++)

Add #include <libmem/libmem.h> (C/C++) or #include <libmem/libmem.hpp> (C++) to your source code. Link the generated libmem library against your binary (libmem.so for Unix-like or libmem.dll for Windows). For GCC-like compilers: add the flag -llibmem to your compiler and it should link it.

#include <libmem/libmem.h> /* C/C++ */
#include <libmem/libmem.hpp> /* Force C++ */

Usage (Rust)

Add the following line to your Cargo.toml under [dependencies]:

libmem = "4.1"

Import libmem in your Rust source code:

use libmem::*;

Usage (Python)

Make sure to have Python >= 3.6 active
Either install the libmem package from PyPi by running the following command:

pip install --upgrade libmem

Or build and install it yourself by running the following commands:

cd libmem-py
python configure.py
python setup.py install

Now to import libmem, just do the following in your Python code:

from libmem import *

Dependencies

All:

• capstone (included in root project)
• keystone (included in root project)
• LIEF (included in root project)
• libstdc++ (used in keystone and LIEF)
• libmath (used in keystone)

Windows:

• Windows SDK (-luser32, -lpsapi)

Linux/Android:

• libdl (-ldl)

BSD:

• libdl (-ldl)
• libkvm (-lkvm)
• libprocstat (-lprocstat)
• libelf (-lelf)

API Overview

LM_EnumProcesses
LM_GetProcess
LM_GetProcessEx
LM_FindProcess
LM_IsProcessAlive
LM_GetSystemBits

LM_EnumThreads
LM_EnumThreadsEx
LM_GetThread
LM_GetThreadEx
LM_GetThreadProcess

LM_EnumModules
LM_EnumModulesEx
LM_FindModule
LM_FindModuleEx
LM_LoadModule
LM_LoadModuleEx
LM_UnloadModule
LM_UnloadModuleEx

LM_EnumSymbols
LM_FindSymbolAddress

LM_EnumPages
LM_EnumPagesEx
LM_GetPage
LM_GetPageEx

LM_ReadMemory
LM_ReadMemoryEx
LM_WriteMemory
LM_WriteMemoryEx
LM_SetMemory
LM_SetMemoryEx
LM_ProtMemory
LM_ProtMemoryEx
LM_AllocMemory
LM_AllocMemoryEx
LM_FreeMemory
LM_FreeMemoryEx

LM_DataScan
LM_DataScanEx
LM_PatternScan
LM_PatternScanEx
LM_SigScan
LM_SigScanEx

LM_HookCode
LM_HookCodeEx
LM_UnhookCode
LM_UnhookCodeEx

LM_Assemble
LM_AssembleEx
LM_FreeCodeBuffer
LM_Disassemble
LM_DisassembleEx
LM_FreeInstructions
LM_CodeLength
LM_CodeLengthEx

LM_VmtNew
LM_VmtHook
LM_VmtUnhook
LM_VmtGetOriginal
LM_VmtReset
LM_VmtFree

Projects

Made with libmem: