how do i find out where other processes get their dynamic memory allocated, and how much they have been allocated?
how do i find out where other processes get their dynamic memory allocated, and how much they have been allocated?
hiya,
probabably to get how much is allocated, you can do this,
sizeof(//data type)
if it's an array you made, just multiply the result of the sizeof, by the number of element you specified ie,
dummy = new char[10];
sizeof(char) * 10;
no i meant i want to find out where other processes have their dynamic memory allocated.
Memory could be allocated in most of the 4GB address space that a process has access to...........There isnt 1 single, easily accessable place that programs store dynamic data.....it would depend on the programmer
If you want to find out ways of scanning other another process's address space then look for Advanced Windows by J Richter as this has some really good stuff on memory management..
What are you trying to do anyway?
Unless you are co-operating with the other task, you will not be able to find this out. The reason, simply, is that the address space of the other task is virtual, and parts of it are mapped into and out of physical memory as required.
When you want to see "process x's" linked list for example, it may not be in memory.
Wave upon wave of demented avengers march cheerfully out of obscurity unto the dream.
i am making a memory scanner to scan a games memory for values so that they can be changed to cheat in the game. i think i will use the VirtualQueryEx and scan all areas with COMMIT status.
LOL....good luck!!!
can anyone find anything wrong with this?
Code:SYSTEM_INFO si; GetSystemInfo(&si); HANDLE hgame = OpenProcess(PROCESS_QUERY_INFORMATION, false, GamePID); MEMORY_BASIC_INFORMATION mbi; ListBox_ResetContent(GetDlgItem(hwndMain, LB_MEMORYMAP)); for(DWORD p = 0; p < 0xFFFFFFFF; p += si.dwPageSize) { VirtualQueryEx(hgame, (LPLONG)p, &mbi, sizeof(mbi)); sprintf(str, "%.8x", mbi.BaseAddress); ListBox_AddString(GetDlgItem(hwndMain, LB_MEMORYMAP), strupr(str)); } CloseHandle(hgame);
ListBox_AddString works properly but the program hangs. i checked getlasterror and its 0
I think you should give up to be perfectly honest!
There are already a heap of other tools like GameHack out there that'll do this kind of thing for you.
From what you've posted so far, I can tell you don't really know what it is you're looking for anyway! Your approach to the problem is completely wrong. Save yourself a lot of heartache and do something else.
Quidquid latine dictum sit, altum sonatur.
Whatever is said in Latin sounds profound.
no way
besides i figured out the problem and i do know what i am doing. You wont be the one laughing when i release my mem scanner
Sure....Isn't that what they told Einstein in math class.Originally posted by Uraldor
I think you should give up to be perfectly honest!
There are already a heap of other tools like GameHack out there that'll do this kind of thing for you.
From what you've posted so far, I can tell you don't really know what it is you're looking for anyway! Your approach to the problem is completely wrong. Save yourself a lot of heartache and do something else.
NEVER tell someone to give up...NEVER
I don't know how to find the memory used by a process.
I'm thinking that if you can get a handle to the process then you could work up from there. But then again I have no clue.
You'll problem have to do alit asm programming. Don't let that detour you.
Sorry I can't help.
Uraldor please keep your derogatory post to yourself.
If you know that cppDude's approach is wrong then please offer information which could be useful in his quest.
Try to help all less knowledgeable than yourself, within
the limits provided by time, complexity and tolerance.
- Nor
BTW-
Gamehack(shareware) has limited uses.
Go for Tsearch(freeware).
http://www.fly.to/mtc
It is a good way to learn asm.
You can inject asm directly into any running process.
Try to help all less knowledgeable than yourself, within
the limits provided by time, complexity and tolerance.
- Nor
LOL...It seems whenever people see anything close to low-level they instantly brand it "ASM-Territory". ASM is no real benefit for this kind of stuff.....To do what cppdude is doing will require API calls, and I cant see any speed incentive in using ASM to do this.....
Uraldor may seem negative, but I have to agree with him......simply scanning a process's address space will not reveal the secrets to the program......only a bunch of numbers!......
It is quite interesting to see where images such as dlls are mapped in an address space, and to see where stacks and heaps are.....but this wont instantly provide answers......
Your right.
If your scan the process's stack then it won't give you what you want.
BUT it will lead you to it.
I've developed the bad habit of ripping games apart to see whats inside.
"bad habit" Only b/c its the only way I've found to learn my debugger.
You find all sorts of things.
The reason i've branded it "ASM-Territory" is that asm is what you have to read, to find what your looking for.
When I rip apart a game I use tool like tsearch to find something basic. Then a "bpm" the offset and start reading the asm code.
I see how the programmer organizes his/her data and uses their methods. To me it's more fun than playing the game.
I like knowing what the game does in the code level. It just adds to the excitement of playing.
And how can you agree with Uraldor, when he openly try's demoralizing an idea which another is turning into reality?
Try to help all less knowledgeable than yourself, within
the limits provided by time, complexity and tolerance.
- Nor
And how can you agree with Uraldor, when he openly try's demoralizing an idea which another is turning into reality?
HAHA! is that what i'm doing is it?! Nor, who's using the family brain cell at the moment??
I may seem negative to you, but i'm not being negative at all. Look at what he's trying to achieve, and look at the question he asked:
how do i find out where other processes get their dynamic memory allocated, and how much they have been allocated?
it's a simple memory scan.. that's all it is! That's why i said he doesn't really have a clue.
You wont be the one laughing when i release my mem scanner
hehe! well, you may think so but i can tell you that's definitely not the case! I tell you what though, i'm definitely laughing now!
You can inject asm directly into any running process.
oh WOW! that's amazing!!! (ever heard of WriteProcessMemory()??)
BTW-Gamehack(shareware) has limited uses.
I see your field of expertise is "stating the obvious". The point i was making was that there are already a heap of tools out there that do this kind of thing... GameHack was an example. Thanks for giving another.
Now you all have a very nice day
U.
Quidquid latine dictum sit, altum sonatur.
Whatever is said in Latin sounds profound.
