Allocating Memory

[darkjohn20]

$MemoryOpen = _MemoryOpen(ProcessExists("process.exe"))
$Allocated = DllCall("kernel32.dll", "ptr", "VirtualAllocEx", "int", $MemoryOpen[1], "ptr", "0040001B", "int", 12, "int", $MEM_COMMIT, "int", $PAGE_EXECUTE_READWRITE)
MsgBox(0, "", $Allocated & @CRLF & @error)
_MemoryWrite("0x0040001B", $MemoryOpen, 0x03108383)
_MemoryWrite("0x0040001F", $MemoryOpen, 0xE9020000)
_MemoryWrite("0x00400023", $MemoryOpen, 0x0005A042)

So this is the code that wont work. The MsgBox has absolutely no data in it, so I can't figure out what's wrong. I took the VirtualAllocEx line from another script that seemed to work, but I guess it could be a wrong parameter/type?

Without allocating, the _MemoryWrite's don't write anything. The value of the bytes in the code cave is still 00.

Is there something obvious I'm doing wrong?

Edit: I've tried allocating where the value was 00, and I've tried allocation where there was nothing. Neither worked.

Edited August 26, 2010 by darkjohn20

[AdmiralAlkex]

DllCall returns an array so that obviously wont work with a MsgBox. See helpfile.

[darkjohn20]

Alright, I changed it and now it shows an address, and an error of 0. But why can't I write to certain addresses? On top of that, if I try then the program throws errors with access violation...

Access Violation at address ..... in module ... Write of 00000000. This isn't trying to write it, this is after it fails and I press a button.

I wonder if there's a command line opcode <-> instruction converter somewhere... If this allocated address is different, I need to turn jmp address into the correct bytes...

Edited August 26, 2010 by darkjohn20