analitics

Pages

Thursday, October 23, 2025

News : OneByteRadar - pymem python package.

Today, I found this GitHub project about how to write to exe files with python programming language
The author say:
CS:GO radar hack achieved by patching one byte of game memory. Written in Python 3.
I don't test it, but good to know how can use these python modules.
The pymem Python library that allows you to interact with the memory of running Windows processes.
  • Reading and writing memory values of other processes
  • Scanning memory for byte patterns
  • Allocating and freeing memory inside another process
  • Accessing modules (DLLs) loaded by a process
  • This is often used in game hacking, automation, or debugging tools.
NOTE: I used artificial intelligence to write this simple example, it is more productive in programs with more complex syntax, but the basics of programming must be known...
Let's see one example with edge browser open:
import pymem
import pymem.process
import re

# Open the Edge process (make sure it's running)
pm = pymem.Pymem("msedge.exe")

# Get the main module of the process
module = pymem.process.module_from_name(pm.process_handle, "msedge.exe")
base = module.lpBaseOfDll
size = module.SizeOfImage

# Read the module's memory
data = pm.read_bytes(base, size)

# Search for a test pattern (generic example)
pattern = re.search(rb'\x48\x89\x5C\x24\x08\x57\x48\x83', data)

if pattern:
    address = base + pattern.start()
    print(f"Pattern found at: {hex(address)}")

    # Read 8 bytes from the found address
    raw = pm.read_bytes(address, 8)
    print("Raw bytes:", raw)

    # Interpret the bytes as a little-endian integer
    value = int.from_bytes(raw, byteorder='little')
    print("Integer value:", value)

    # Write a new value (e.g., 12345678)
    new_value = (12345678).to_bytes(8, byteorder='little')
    pm.write_bytes(address, new_value, 8)
    print("Value overwritten with 12345678.")

else:
    print("Pattern not found.")

# Close the process handle
pm.close_process()
What is that patern:
pattern = re.search(rb'\x48\x89\x5C\x24\x08\x57\x48\x83', data)
These bytes correspond to x86-64 assembly instructions. For example:

48 89 5C 24 08 → mov [rsp+8], rbx
57 → push rdi
48 83 → the start of an instruction like add/sub/cmp with a 64-bit operand
This sequence is typical for the prologue of a function in compiled C++ code — saving registers to the stack.
This is a simple example, you don't see anything in edge because is just one search and one overwritten:
python pymem_exemple_002.py
Pattern found at: 0x7ff7180cb3d5
Raw bytes: b'H\x89\\$\x08WH\x83'
Integer value: 9459906709773125960
Value overwritten with 12345678.
You replaced those 8 bytes with the integer 12345678, encoded as: 4E 61 BC 00 00 00 00 00 (in hex)
This corrupts the original instruction, which may crash Edge or cause undefined behavior.
Not crash, maybe my edge browser use protections (ASLR, DEP, CFG) that can make modification unstable.
--------
1. ASLR (Address Space Layout Randomization)
2. DEP (Data Execution Prevention)
3. CFG (Control Flow Guard)

Wednesday, October 22, 2025

Tuesday, October 21, 2025

Python 3.12.12 : Google colab example - satellite sentinel-2-l2a.

Tested today, location my home, this is the result of satellite sentinel-2-l2a - octomber 2025.

Monday, October 20, 2025

Python Qt6 : tool for remove duplicate files ...

Today I created a Python script with PyQt6 that allows me to remove duplicate files based on three ways of selecting the type of duplicate.
The script also makes an estimate of the execution time...
Because the source code is relatively simple and can be very easily reconstructed with the help of artificial intelligence, I am not adding it to the posts.
Here is what the application looks like with PyQt6.

Saturday, October 18, 2025

Blender 3D : ... simple clothing addon.

Today, I created a simple clothing addon with a two-mesh coat. The addon adds everything needed for the simulation including material types for the clothes.

Python Qt6 : tool for cutting images ...

Today I made a script that allows adding custom horizontal and vertical sliders to an image and, depending on the custom distance between them, cuts the image into squares of different sizes.

Python Qt6 : tool for renaming files with creation date .

Since this hacking and the crashes... I've always taken screenshots... Today I created a small script that takes files from a folder and renames them with the creation date in this format...yyyyMMdd_HHmmss .
... obviously artificial intelligence helped me.
This is the source code :
import sys
import os
import shutil
from PyQt6.QtWidgets import QApplication, QWidget, QPushButton, QVBoxLayout, QFileDialog, QMessageBox
from PyQt6.QtCore import QDateTime

class FileRenamer(QWidget):
    def __init__(self):
        super().__init__()
        self.setWindowTitle("Redenumire fișiere cu dată și index")
        self.setGeometry(100, 100, 400, 150)

        layout = QVBoxLayout()

        self.button = QPushButton("Selectează folderul și redenumește fișierele")
        self.button.clicked.connect(self.rename_files)
        layout.addWidget(self.button)

        self.setLayout(layout)

    def rename_files(self):
        folder = QFileDialog.getExistingDirectory(self, "Selectează folderul")
        if not folder:
            return

        files = [f for f in os.listdir(folder) if os.path.isfile(os.path.join(folder, f))]
        files.sort()  # Sortează pentru consistență

        for index, filename in enumerate(files, start=1):
            old_path = os.path.join(folder, filename)
            try:
                creation_time = os.path.getctime(old_path)
                dt = QDateTime.fromSecsSinceEpoch(int(creation_time))
                date_str = dt.toString("yyyyMMdd_HHmmss")
                ext = os.path.splitext(filename)[1]
                new_name = f"{date_str}_{index:03d}{ext}"
                new_path = os.path.join(folder, new_name)

                # Evită suprascrierea fișierelor existente
                if not os.path.exists(new_path):
                    shutil.move(old_path, new_path)
            except Exception as e:
                QMessageBox.critical(self, "Eroare", f"Eroare la fișierul {filename}:\n{str(e)}")
                continue

        QMessageBox.information(self, "Succes", "Fișierele au fost redenumite cu succes!")

if __name__ == "__main__":
    app = QApplication(sys.argv)
    window = FileRenamer()
    window.show()
    sys.exit(app.exec())

Friday, October 17, 2025

Python 3.12.12 : Google colab example of satellite detecting edges .

Simple colab project with google satellite detecting ...
I used these python packages:
%pip install segment-geospatial
%pip install leafmap
%pip install samgeo
%pip install localtileserver
%pip install fiona
This is the result:

Thursday, October 16, 2025

News : Google DeepMind and Google Colab - part 001.

Today I tested Google DeepMind and Google Colab.
You can see my simple test on Suceava area ...

Monday, October 13, 2025

News : What’s new in Python 3.14.

... this news is old from five days ago .
Python 3.14 is the latest stable release of the Python programming language, with a mix of changes to the language, the implementation, and the standard library.

Saturday, October 11, 2025

Python 3.8.5 : ... online python tool

You can found this good online tool for simple python programming. See the result with version and python modules used into this online tool.
Versiunea de Python: 3.8.5 (default, Jul 20 2020, 23:11:29) 
[GCC 9.3.0]

Module instalate:
- webencodings (0.5.1)
- urllib3 (1.25.9)
- toml (0.10.1)
- six (1.15.0)
- setuptools (47.0.0)
- retrying (1.3.3)
- requests (2.23.0)
- pytz (2020.1)
- pytoml (0.1.21)
- python-dateutil (2.8.1)
- pyparsing (2.4.7)
- progress (1.5)
- pip (20.1.1)
- pep517 (0.8.2)
- pandas (1.1.0)
- packaging (20.4)
- ordered-set (4.0.1)
- numpy (1.19.1)
- msgpack (1.0.0)
- lockfile (0.12.2)
- idna (2.9)
- html5lib (1.0.1)
- distro (1.5.0)
- distlib (0.3.0)
- contextlib2 (0.6.0)
- colorama (0.4.3)
- chardet (3.0.4)
- certifi (2020.4.5.1)
- CacheControl (0.12.6)
- appdirs (1.4.4)


** Process exited - Return Code: 0 **

Tuesday, October 7, 2025

Python 3.15 : PEP 810 - Explicit lazy imports

Python’s import system could be in for its biggest change in years.
Lazy imports are controlled, in the sense that deferred loading is only triggered by the importing code itself.
This avoids shifting responsibility onto downstream users and prevents accidental surprises in library behavior.
The new explicit lazy import mechanism enhances security by deferring module initialization until runtime, thereby minimizing the attack surface and preventing premature execution of potentially vulnerable or malicious code during application startup.

Saturday, October 4, 2025