Code:
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#define BUFFSIZE 10
BOOL EnablePriv(LPCSTR lpszPriv) // by Napalm
{
HANDLE hToken;
LUID luid;
TOKEN_PRIVILEGES tkprivs;
ZeroMemory(&tkprivs, sizeof(tkprivs));
if(!OpenProcessToken(GetCurrentProcess(), (TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY), &hToken))
return FALSE;
if(!LookupPrivilegeValue(NULL, lpszPriv, &luid)){
CloseHandle(hToken); return FALSE;
}
tkprivs.PrivilegeCount = 1;
tkprivs.Privileges[0].Luid = luid;
tkprivs.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
BOOL bRet = AdjustTokenPrivileges(hToken, FALSE, &tkprivs, sizeof(tkprivs), NULL, NULL);
CloseHandle(hToken);
return bRet;
}
int StartUp(HWND hwnd)
{
LPVOID adder = (LPVOID)NULL;
DWORD pid = (DWORD)NULL;
HWND wnd = NULL;
HANDLE hProc = NULL;
char szError[MAX_PATH];
char szBuff[BUFFSIZE];
ZeroMemory(szBuff, BUFFSIZE);
wnd = FindWindow("Notepad", 0);
if(!wnd)
{
MessageBox(hwnd, "A Notepad window must be opened.", "rpm", MB_ICONWARNING);
return 1;
}
GetWindowThreadProcessId(wnd, &pid);
hProc = OpenProcess(PROCESS_VM_READ | PROCESS_VM_OPERATION, FALSE, pid);
if(!hProc)
{
wsprintf(szError, "Could not get a handle on the process.\nError code: %d.", GetLastError());
MessageBox(hwnd, szError, "rpm", MB_ICONWARNING);
return 1;
}
if(!EnablePriv(SE_DEBUG_NAME))
{
wsprintf(szError, "Could not get debugging rights.\nError code: %d.", GetLastError());
MessageBox(hwnd, szError, "rpm", MB_ICONWARNING);
return 1;
}
// adder = // Here is my problem!!!
if(!ReadProcessMemory(hProc, &adder, szBuff, BUFFSIZE, NULL))
{
wsprintf(szError, "Could not read the process' memory.\nError code: %d.\nRead so far: %s.", GetLastError(), szBuff);
MessageBox(hwnd, szError, "rpm", MB_ICONWARNING);
return 1;
}
MessageBox(hwnd, szBuff, "rpm", MB_ICONINFORMATION);
CloseHandle(hProc);
return 0;
}
int WINAPI WinMain (HINSTANCE hThisInstance,
HINSTANCE hPrevInstance,
LPSTR lpszArgument,
int nFunsterStil)
{
return StartUp(NULL);
}
I am trying to get the text currently typed in, in the notepad window. How do I get the address to it? (I know that I can get it by capturing the edit box and using GetWindowText(), but this is for other use as well.) I seen script using VirtualAllocEx(), but I have not been able to figure out how to use it myself.