WriteProcess memory Vb to PB

Just starting out? Need help? Post your questions and find answers here.
Post Reply
Mr52
User
User
Posts: 12
Joined: Tue Jun 21, 2011 3:59 pm

WriteProcess memory Vb to PB

Post by Mr52 »

VB Function

Code: Select all

Private Function GetDWORD(ByVal lAddr As Long) As Long
    Call NtWriteVirtualMemory(-1, GetDWORD, ByVal lAddr, 4, ByVal 0&)
End Function

h=App.hInstance
Debug GetDWORD(h+&H3C)
PB Function

Code: Select all

 
 Procedure.l GetDWORD(lAddr.l)
   pid.l = GetCurrentProcessId_()
   pHandle.l = OpenProcess_(#PROCESS_ALL_ACCESS, #False, pid)
    Debug pHandle
    Debug GetDWORD
    Debug lAddr
    
   WriteProcessMemory_(pHandle,GetDWORD,lAddr,4,0)
EndProcedure

h.l = GetModuleHandle_(0)

Debug GetDWORD(h+$3C)
if i debug the function in VB i get some Random value but when i ported the same function to PB i always get 0
Please correct me where i am going wrong

yea i m not using NtWriteVirtualMemory as it is not defined in PB yea i can use OpenLibrary but i want to see the point Why i always get 0 with PB where am i going wrong
Top
infratec
Always Here
Always Here
Posts: 7623
Joined: Sun Sep 07, 2008 12:45 pm
Location: Germany

Re: WriteProcess memory Vb to PB

Post by infratec »

Hi,

in PB you can not assign the return value to the name of the procedure.
You need something like this:

Code: Select all

Procedure.l GetDWORD(lAddr.l)
   pid.l = GetCurrentProcessId_()
   pHandle.l = OpenProcess_(#PROCESS_ALL_ACCESS, #False, pid)
   
   Define Help.l
   WriteProcessMemory_(pHandle, @GetDWORD(), lAddr, 4, #Null)
   
   ProcedureReturn PeekL(lAddr)
    
EndProcedure
Bernd

P.S.: But I think you can also use NtWriteVirtualMemory_()

P.S.S: I was wrong. I corrected my fault now.
Top
infratec
Always Here
Always Here
Posts: 7623
Joined: Sun Sep 07, 2008 12:45 pm
Location: Germany

Re: WriteProcess memory Vb to PB

Post by infratec »

Your procedure is called GetDWord()
so why you use WriteProcessMemory_() and not ReadProcessMemory_() :?:
Top
infratec
Always Here
Always Here
Posts: 7623
Joined: Sun Sep 07, 2008 12:45 pm
Location: Germany

Re: WriteProcess memory Vb to PB

Post by infratec »

I would use this:

Code: Select all

Procedure.l GetDWORD(*lAddr)
   NtReadVirtualMemory_(-1, @GetDWORD(), *lAddr, 4, #Null)
   ProcedureReturn PeekL(*lAddr)   
EndProcedure

hInstance = GetModuleHandle_(0)
Debug RSet(Hex(GetDWORD(hInstance + $3C)), 8, "0")
Bernd
Last edited by infratec on Fri Jun 24, 2011 3:20 pm, edited 1 time in total.
Top
Mr52
User
User
Posts: 12
Joined: Tue Jun 21, 2011 3:59 pm

Re: WriteProcess memory Vb to PB

Post by Mr52 »

Thank You Guys this works perfectly :d
Top
Thorium
Addict
Addict
Posts: 1305
Joined: Sat Aug 15, 2009 6:59 pm

Re: WriteProcess memory Vb to PB

Post by Thorium »

You dont need ReadProcessMemory at all.
Just use PeekL(*lAddr).
Or even better just use pointers.
Top
infratec
Always Here
Always Here
Posts: 7623
Joined: Sun Sep 07, 2008 12:45 pm
Location: Germany

Re: WriteProcess memory Vb to PB

Post by infratec »

Hi Trond,

of course you are wright.
So it looks like

Code: Select all

hInstance = GetModuleHandle_(0)
Debug RSet(Hex(PeekL(hInstance + $3C)), 8, "0")
Bernd
Top
Post Reply

Return to “Coding Questions”