Hi,
I do try to write a function like this one:
This is only a sample - I don't post the whole code, because it will be useless info:
Code:
BYTE *bBuffer = 0;
bBuffer = (LPBYTE)GlobalAlloc(GMEM_FIXED, ModInfo.SizeOfImage+1);//allocating of memory
ReadProcessMemory(hProcess, ModInfo.lpBaseOfDll, bBuffer, ModInfo.SizeOfImage, &cbRead);
for( i = 0; i < ModInfo.SizeOfImage; i++)
if (!memcmp(&bBuffer[i], bPattern, 10))// we have a match
{
// we calculate lpBaseOfDll (beginning addr. of executable module + i)
DWORD dwPatchAddress = (DWORD)ModInfo.lpBaseOfDll + i;
// we replace
WriteProcessMemory(hProcess, (LPVOID)dwPatchAddress, LPVOID(szReplaceBytes), 10, &cbRead);
CloseHandle(hProcess);
MessageBox(NULL,"Done!","OK",MB_OK|MB_ICONINFORMATION);
break;
}
Normally I need to include a condition if there is no match with bPattern : MessageBox(something) -> break;
but when I write such - I get it always even if there is a match with bPattern and I don't understand why..
Does anyone of you have an idea how to make it work...?