subject:"ReadProcessMemory \+ address from ollydbg"

ReadProcessMemory + address from ollydbg

2017-06-30 Thread bauss via Digitalmars-d-learn

I'm currently getting garbage data when using ReadProcessMemory to read from another process. This is my definition: BOOL ReadProcessMemory(HANDLE hProcess, LPCVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesRead); And I'm reading it like this: if (!ReadProcessMemory

Re: ReadProcessMemory + address from ollydbg

2017-06-30 Thread ag0aep6g via Digitalmars-d-learn

On Friday, 30 June 2017 at 20:14:15 UTC, bauss wrote: This is my definition: BOOL ReadProcessMemory(HANDLE hProcess, LPCVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesRead); And I'm reading it like this: if (!ReadProcessMemory(process, cast(PCVOID)address, cast

Re: ReadProcessMemory + address from ollydbg

2017-06-30 Thread bauss via Digitalmars-d-learn

On Friday, 30 June 2017 at 21:36:25 UTC, ag0aep6g wrote: On Friday, 30 June 2017 at 20:14:15 UTC, bauss wrote: This is my definition: BOOL ReadProcessMemory(HANDLE hProcess, LPCVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesRead); And I'm reading it like this: if (!

Re: ReadProcessMemory + address from ollydbg

2017-06-30 Thread bauss via Digitalmars-d-learn

On Friday, 30 June 2017 at 23:41:19 UTC, bauss wrote: On Friday, 30 June 2017 at 21:36:25 UTC, ag0aep6g wrote: On Friday, 30 June 2017 at 20:14:15 UTC, bauss wrote: [...] I guess the first cast is necessary when `address` isn't typed as a pointer yet. But the other casts shouldn't be nee

Re: ReadProcessMemory + address from ollydbg

2017-06-30 Thread Stefan Koch via Digitalmars-d-learn

On Friday, 30 June 2017 at 23:53:19 UTC, bauss wrote: I suspect the address is wrong, but it's the static address I picked up from ollydbg, so I'm kinda lost as for how ollydbg can get the correct string and I get the wrong one using same address. You are aware that processes life in differ

Re: ReadProcessMemory + address from ollydbg

2017-06-30 Thread bauss via Digitalmars-d-learn

On Friday, 30 June 2017 at 23:56:10 UTC, Stefan Koch wrote: On Friday, 30 June 2017 at 23:53:19 UTC, bauss wrote: I suspect the address is wrong, but it's the static address I picked up from ollydbg, so I'm kinda lost as for how ollydbg can get the correct string and I get the wrong one using

Re: ReadProcessMemory + address from ollydbg

2017-06-30 Thread ag0aep6g via Digitalmars-d-learn

On 07/01/2017 01:41 AM, bauss wrote: string ReadWinString(HANDLE process, DWORD address, size_t stringSize, string defaultValue = "") { if (!process || !address) { return defaultValue; } SIZE_T bytesRead; char[1024] data; if (!ReadProcessMemory(process, cast(PCVOID)add

Re: ReadProcessMemory + address from ollydbg

2017-06-30 Thread H. S. Teoh via Digitalmars-d-learn

On Sat, Jul 01, 2017 at 02:23:36AM +0200, ag0aep6g via Digitalmars-d-learn wrote: > On 07/01/2017 01:41 AM, bauss wrote: [...] > > stringSize, &bytesRead)) { > > return defaultValue; > >} > > > >auto s = cast(string)data[0 .. stringSize]; > > > >return s ? s : defaultValue;

Re: ReadProcessMemory + address from ollydbg

2017-06-30 Thread bauss via Digitalmars-d-learn

On Saturday, 1 July 2017 at 00:23:36 UTC, ag0aep6g wrote: On 07/01/2017 01:41 AM, bauss wrote: string ReadWinString(HANDLE process, DWORD address, size_t stringSize, string defaultValue = "") { if (!process || !address) { return defaultValue; } SIZE_T bytesRead; char[1024] dat

Re: ReadProcessMemory + address from ollydbg

2017-06-30 Thread ag0aep6g via Digitalmars-d-learn

On 07/01/2017 02:30 AM, bauss wrote: On Saturday, 1 July 2017 at 00:23:36 UTC, ag0aep6g wrote: On 07/01/2017 01:41 AM, bauss wrote: [...] if (!ReadProcessMemory(process, cast(PCVOID)address, cast(PVOID)&data, The second cast still looks suspicious. PVOID is void*, right? Then any mu

Re: ReadProcessMemory + address from ollydbg

2017-06-30 Thread bauss via Digitalmars-d-learn

On Saturday, 1 July 2017 at 00:40:11 UTC, ag0aep6g wrote: On 07/01/2017 02:30 AM, bauss wrote: On Saturday, 1 July 2017 at 00:23:36 UTC, ag0aep6g wrote: On 07/01/2017 01:41 AM, bauss wrote: [...] if (!ReadProcessMemory(process, cast(PCVOID)address, cast(PVOID)&data, The second cast

Re: ReadProcessMemory + address from ollydbg

2017-07-01 Thread bauss via Digitalmars-d-learn

On Saturday, 1 July 2017 at 00:48:01 UTC, bauss wrote: On Saturday, 1 July 2017 at 00:40:11 UTC, ag0aep6g wrote: [...] Yeah, the cast was unnecessary. So this is my code after the changes: string ReadWinString(HANDLE process, DWORD address, size_t stringSize, string defaultValue = "") { i

ReadProcessMemory + address from ollydbg

Re: ReadProcessMemory + address from ollydbg

Re: ReadProcessMemory + address from ollydbg

Re: ReadProcessMemory + address from ollydbg

Re: ReadProcessMemory + address from ollydbg

Re: ReadProcessMemory + address from ollydbg

Re: ReadProcessMemory + address from ollydbg

Re: ReadProcessMemory + address from ollydbg

Re: ReadProcessMemory + address from ollydbg

Re: ReadProcessMemory + address from ollydbg

Re: ReadProcessMemory + address from ollydbg

Re: ReadProcessMemory + address from ollydbg

12 matches

Site Navigation

Mail list logo

Footer information