I have 2 questions about the WriteProcessMemory function.
If i want to write 6 adjacent bytes all to the value of 0x90, do i just do this:
WriteProcessMemory(HProcess, (LPVOID)ADDRESS, &Patch, 6, NULL)
Where Patch = 0x90.
My second question: is the base address param in WriteProcessMemory relative to the beginning address of the program or is it relative to the entire computers memory?
Thanks for any help.
I have never used the function, but looking at the help, would guess that it would copy 6 bytes starting at the address of Patch, hence to copy 6 0x90, &Patch should point to an, at least, 6 element buffer.
Your second question, it must be the address within the process. You do not have access to the absolute addresses, and since the module could be loaded at almost any physical address, the call must have the current within process address as a start point.
Sounds like a nasty thing to be doing.
cheers adrian :)
but what type of cast should i use to just put 0x90 into the function instead of putting in a variable pointer? im talking about the buffer param.
I would probably declare a 6 element array of char, fill each element with 0x90, and use the base address of the array. No cast.
Remember, I'm guessing, but that is where I would start after reading the help page.