Sardith Posted June 26, 2008 Share Posted June 26, 2008 (edited) I'm having a lot of problems with ReadProcessMemory, if someone could lend a hand that would be great. I'm not sure what I should declare 'Value' as. Right now I have it declared as int. The address I'm trying to read is 4 bytes. I also don't know if I have the ReadPRocessMemory function variables set properly for what I'm doing. What is right. I'm getting the Process handle and process ID successfully. OpenProcess is also not returning a error code. So I've tried to narrow it down to what I'm declaring 'Value' to, or the ReadProcessMemory variables. The address that I'm trying to find a value from: 0x01005194 The value it should return: 40 I'm not sure if it's Vista's DEP or what I'm over looking here. Edited June 27, 2008 by Sardith [font="Verdana"]Valik:Get it straight - I'm not here to say please, I'm here to help - if my help's not appreciated then lotsa luck, gentlemen.[/font] Link to comment Share on other sites More sharing options...
Valik Posted June 26, 2008 Share Posted June 26, 2008 And GetLastError() called after ReadProcessMemory() reports what error? Might be helpful to SetLastError(0) before calling ReadProcessMemory(), too, just to avoid false results. Link to comment Share on other sites More sharing options...
Sardith Posted June 26, 2008 Author Share Posted June 26, 2008 (edited) I'm returning Error code: 299. Vista doesn't like PROCESS_ALL_ACCESS. What would you recommend Valik, or anyone else. Thank you very much for your help so far Valik. Jeff PROCESS_ALL_ACCESS #define _WIN32_WINNT _WIN32_WINNT_WINXP I'm just at a lost as to what to do with Vista. Is DEP causing this or? Is it possible to readmemory of a protected process like minesweeper with vista? Edited June 26, 2008 by Sardith [font="Verdana"]Valik:Get it straight - I'm not here to say please, I'm here to help - if my help's not appreciated then lotsa luck, gentlemen.[/font] Link to comment Share on other sites More sharing options...
Valik Posted June 26, 2008 Share Posted June 26, 2008 That's because PROCESS_ALL_ACCESS is for lazy people who don't want to bother figuring out the correct access rights. I can not stress this enough, only request as much access rights as you need. Fix that first, then go from there. Link to comment Share on other sites More sharing options...
Sardith Posted June 27, 2008 Author Share Posted June 27, 2008 Well, not to come off as more of a idiot... How do I determine what access rights are required? I've taken a look at open process/access rights via MSDN. Any pointers for determining the minimum access rights required? Thank you very much, Jeff [font="Verdana"]Valik:Get it straight - I'm not here to say please, I'm here to help - if my help's not appreciated then lotsa luck, gentlemen.[/font] Link to comment Share on other sites More sharing options...
Valik Posted June 27, 2008 Share Posted June 27, 2008 Read the documentation for the function(s) you're trying to use. Link to comment Share on other sites More sharing options...
Sardith Posted June 27, 2008 Author Share Posted June 27, 2008 (edited) I'll take a re-read. Thanks for all your time thus far Valik. Sorry for my stupid questions. Stupid me: The handle must have PROCESS_VM_READ access to the process. Edit2: Still receiving a Error code: 299 Only part of a ReadProcessMemory or WriteProcessMemory request was completed. int Value; LPVOID Address = (LPVOID) 0x01005194; ReadProcessMemory(Process, &Address, (LPVOID)&Value, 4, NULL); Does it have to do with how I have my parameters set for Readprocess memory? I've yet to master understanding MSDN. Edit3: Valik is this even possible with Vista within reason? Edited June 27, 2008 by Sardith [font="Verdana"]Valik:Get it straight - I'm not here to say please, I'm here to help - if my help's not appreciated then lotsa luck, gentlemen.[/font] Link to comment Share on other sites More sharing options...
Sardith Posted June 27, 2008 Author Share Posted June 27, 2008 Is it possible to get around vista's Vista Address Space Load Randomization? Is this even causing the problem? [font="Verdana"]Valik:Get it straight - I'm not here to say please, I'm here to help - if my help's not appreciated then lotsa luck, gentlemen.[/font] Link to comment Share on other sites More sharing options...
Administrators Jon Posted June 29, 2008 Administrators Share Posted June 29, 2008 Something has to be explictly compiled with the address randomizer stuff (it doesn't automatically happen just because it's run on Vista). Some of the built in programs may have it turned on I guess... Deployment Blog: https://www.autoitconsulting.com/site/blog/ SCCM SDK Programming: https://www.autoitconsulting.com/site/sccm-sdk/ Link to comment Share on other sites More sharing options...
Sardith Posted July 1, 2008 Author Share Posted July 1, 2008 Thanks Jon. I fixed the issue(s) a while ago. [font="Verdana"]Valik:Get it straight - I'm not here to say please, I'm here to help - if my help's not appreciated then lotsa luck, gentlemen.[/font] Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now