patching memory in another process

**44ffcc** · 02-06-2006

I am writing a program to patch a memory location in another running process. Unfortunately it doesn't work as ReadProcessMemory gets an error 6 ("The handle is invalid."), even though the process ID passed on the command line is valid.

Has anyone here done this sort of thing before, and if so d'you know what I may be doing wrong?

Code is below:

Code:

#define PATCH_LOCATION 0x0013A142

void error(char *msg)
{
    printf("Error (%s) [0x%08x]\n", msg, GetLastError());
    ExitProcess(0);
};

void main(int argc, char* argv[])
{
    int patch_int;
    HANDLE process_id;
    HANDLE hToken;

    // get process id from command line
    if (argc<2)
        error ("args");
    sscanf(argv[1],"%u",&process_id);
    printf("process_id = %u\n", process_id);

    // attach to process as debugger
    if (DebugActiveProcess((DWORD)process_id)==FALSE)
        error ("DebugActiveProcess()");

    // read patch location
    if (ReadProcessMemory(process_id, (LPVOID)PATCH_LOCATION, &patch_int, 4, NULL)==FALSE)
        error ("ReadProcessMemory()");

    printf("patch_int = 0x%08x\n", patch_int);

    // check if patch location contains expected value
    if (patch_int==250)
    {
        // if so, overwrite with patch value
        patch_int=0xFFFFFFFF;
        if(WriteProcessMemory (process_id, (LPVOID)PATCH_LOCATION, &patch_int, 4, NULL)==FALSE)
            error ("WriteProcessMemory()");
    }
    else
    {
        // or fail
        error("patch_int");
    }

    printf("success!\n");
};

Thanks

**Quantum1024** · 02-06-2006

I hope this is nothing evil.

A process handle and a process ID are too different things. Have a look at the OpenProcess function. I don't think you need to use any debugging functions but maybe you'll need to use VirtualProtectEx.

**44ffcc** · 02-06-2006

Thanks for your help! I used OpenProcess to acquire a handle and it worked fine.

(Fixed code below)

Code:

#define PATCH_LOCATION 0x0013A142

DWORD process_id;

void error(char *msg)
{
    printf("Error (%s) [0x%08x]\n", msg, GetLastError());
    DebugActiveProcessStop((DWORD)process_id);
    ExitProcess (0);
};

void main(int argc, char* argv[])
{
    int patch_int;
    HANDLE hProcess;
    HANDLE hToken;

    // get process id from command line
    if (argc<2)
        error ("args");
    sscanf(argv[1],"%u",&process_id);
    printf("process_id = %u\n", process_id);

    // attach to process as debugger
    if (DebugActiveProcess((DWORD)process_id)==FALSE)
        error ("DebugActiveProcess()");

    // get a process handle
    hProcess=OpenProcess(PROCESS_ALL_ACCESS, FALSE, process_id);
    if (hProcess==NULL)
        problem("OpenProcess()");

    // read patch location
    if (ReadProcessMemory(hProcess, (LPVOID)PATCH_LOCATION, &patch_int, 4, NULL)==FALSE)
        error ("ReadProcessMemory()");

    printf("patch_int = 0x%08x\n", patch_int);

    // check if patch location contains expected value
    if (patch_int==250)
    {
        // if so, overwrite with patch value
        patch_int=0xFFFFFFFF;
        if(WriteProcessMemory (hProcess, (LPVOID)PATCH_LOCATION, &patch_int, 4, NULL)==FALSE)
            error ("WriteProcessMemory()");
    }
    else
    {
        // or fail
        error("patch_int");
    }

    // detach from process
    DebugActiveProcessStop((DWORD)process_id);
    printf("success!\n");
};

Thread: patching memory in another process

Thread Tools

Search Thread

Display

patching memory in another process

Similar Threads

tools for finding memory leaks

Process manipulation questions

To find the memory leaks without using any tools

Reading process memory

how do you in c++ access memory that not in the current process