Thread: Reading process memory

  1. #1
    Registered User
    Join Date
    Dec 2005
    Posts
    155

    Reading process memory

    Hi, I was trying to play around with some code and to see how it work, but didnt seem to get it to work right. Any ideas on how to use "ReadProcessMemory"? Also I have a question on it, when it does read the location of the memory, does it see whats there too? Like in my other programe it has a int set 50, can it see that 50 when it reads it?

    Code:
    //#include things and using namespace std;
    int main (){
    bool pQuit = false;
    DWORD process_id;
    HANDLE hProcess;
    HANDLE hToken;
    int hp = 0xXXXXX;
    int patch_int;
    while( false == pQuit )
     {
      Sleep(6000);
      hProcess=OpenProcess(PROCESS_ALL_ACCESS, FALSE, process_id);
      bool ReadProcessMemory(hProcess, hp, &patch_int, 4, NULL);
      cout<<" " <<patch_int<<endl;
     }
    }

  2. #2
    Registered User
    Join Date
    Jan 2005
    Posts
    847
    You're opening the process each time thru the loop and loosing the previous handle. You only need to open it once before the loop and close it with CloseHandle after you've finnished.

    And you're not setting process ID to anything.

  3. #3
    Registered User
    Join Date
    Dec 2005
    Posts
    155
    Ok, thats a start on it, i'll change some around.

  4. #4
    Registered User
    Join Date
    Dec 2005
    Posts
    155
    Ok I did something differnt but I get his error at the end of me code, not sure how to fixs it
    Code:
    #include "tt.h"
    using namespace std;
    int main (void){
    HANDLE hProcess = GetCurrentProcess ();
    bool pQuit = false;
    while( false == pQuit )
     {
      Sleep(6000);
      bool ReadProcessMemory  (hProcess,
                            0x3CE418,
                            512,
                            10,
                            NULL);
      cout<<" " <<ReadProcessMemory<<endl;
     }
    }
    error is : initializer expression list treated as compound expression

  5. #5
    Registered User
    Join Date
    Jan 2005
    Posts
    847
    Code:
    cout<<" " <<ReadProcessMemory<<endl;
    Perhaps what you wanted to do was
    Code:
    cout<<"ReadProcessMemory" <<endl;

  6. #6
    Registered User
    Join Date
    Dec 2005
    Posts
    155
    Will, they work either or, nothing wrong with that. Its that error I get whats wrong, lol, I dont get what it means mostly.

    Thanks for trying to help Quantum1024, still looking on how to use this code more, its always fun to try out new things
    Last edited by adr; 05-17-2006 at 04:52 AM.

  7. #7
    Registered User
    Join Date
    Jan 2005
    Posts
    847
    And remove the bool before ReadProcessMemory, that is what's causing the error.

  8. #8
    Registered User
    Join Date
    Dec 2005
    Posts
    155
    LOL, just got a few more eerors with that. invalid conversion from `int' to `const void*' and initializing argument 2 of `BOOL ReadProcessMemory(void*, const void*, void*, DWORD, DWORD*)' and initializing argument 3 of `BOOL ReadProcessMemory(void*, const void*, void*, DWORD, DWORD*)'

    I think I got what thes error mean, I got school now, i'll tell if the work when I get back.
    Last edited by adr; 05-17-2006 at 05:41 AM.

  9. #9
    Registered User
    Join Date
    Dec 2005
    Posts
    155
    oK, hmm, didnt seem to work. I get theses errors, not sure what they fully mean:

    *invalid conversion from `int' to `const void*'
    *initializing argument 2 of `BOOL ReadProcessMemory(void*, const void*, void*, DWORD, DWORD*)'
    *initializing argument 3 of `BOOL ReadProcessMemory(void*, const void*, void*, DWORD, DWORD*)'

    Any ideas?

  10. #10
    Registered User
    Join Date
    Jan 2005
    Posts
    847
    you need to look at each argument of ReadProcessMemory and make sure you are pasing the correct type
    Code:
    BOOL ReadProcessMemory(
      HANDLE hProcess,
      LPCVOID lpBaseAddress,
      LPVOID lpBuffer,
      SIZE_T nSize,
      SIZE_T* lpNumberOfBytesRead
    );
    The second argument is the addres so if you are using a number like 0x... then that must be cast to a pointer type (void *)0x.....

    The third argument is a pointer to a buffer that recieves the data, you've set it to 512 which is an int type not a pointer.

    The forth argument is the size, if you want to read 10 bytes then that's correct

    The fifth and final argument is a pointer to a SIZE_T type but this is ok to be NULL.

    So for example
    Code:
    unsigned char Buffer[10];
    ReadProcessMemory(hProcess, (void *)0x40100, Buffer, 10, NULL);

  11. #11
    Confused Magos's Avatar
    Join Date
    Sep 2001
    Location
    Sweden
    Posts
    3,145
    I'm a bit confused why you would need ReadProcessMemory if you can't even solve these relatively easy syntax errors.
    MagosX.com

    Give a man a fish and you feed him for a day.
    Teach a man to fish and you feed him for a lifetime.

  12. #12
    Registered User
    Join Date
    Dec 2005
    Posts
    155
    1st off, I never seen theses errors, kinda hard to say what they are telling me, and thats a kinda a good things, I can learn off new code and be a better programer. I got most of the code right at less, but not some, so I have to be getting it for the most part no? Sorry tho>< I do kinds suck at c++ lol /sigh forgive.

    Thanks Quantum1024, that help alot, I see what it means now. Sorrry for asking so much>< I just never seen the code befor, so I couldnt really go on much from my past work.

    And may I say somethingO.o; theres a error on this website I think, I not seening any new msg. after a few of them.
    Last edited by adr; 05-17-2006 at 06:24 PM.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. init adopts zombie process?
    By password636 in forum Linux Programming
    Replies: 4
    Last Post: 07-01-2009, 10:05 AM
  2. Replies: 4
    Last Post: 01-13-2008, 02:14 AM
  3. Question regarding Memory Leak
    By clegs in forum C++ Programming
    Replies: 29
    Last Post: 12-07-2007, 01:57 AM
  4. Pointer's
    By xlordt in forum C Programming
    Replies: 13
    Last Post: 10-14-2003, 02:15 PM
  5. Reading from file into memory
    By GaPe in forum C Programming
    Replies: 15
    Last Post: 12-17-2001, 04:19 PM