Try checking the VirtualProtectEx return. Also, you may need PAGE_EXECUTE_READWRITE depending on if you're reading bytes from the .code section, and the PROCESS_QUERY_INFORMATION flag in the handle.
Every time I try to read process memory it tells me I don't have access. I tried using GetLastError and it kept returning error 998, which tells me I don't have access. Am I using VirtualProtect wrong or what? Can someone help me out? Thanks.
Code:#include <iostream> #include <Windows.h> #include <TlHelp32.h> using namespace std; int main() { HANDLE openprocess; PROCESSENTRY32 pEntry; MODULEENTRY32 mEntry; HANDLE processes = CreateToolhelp32Snapshot(TH32CS_SNAPALL, NULL); Process32First(processes, &pEntry); while(Process32Next(processes, &pEntry)) { if(strcmp(pEntry.szExeFile, "test.exe")==0) { break; } } HANDLE process = CreateToolhelp32Snapshot(TH32CS_SNAPALL, pEntry.th32ProcessID); Module32First(process, &mEntry); int a = (int)mEntry.modBaseAddr; int s = (int)mEntry.modBaseSize; BYTE* b; b = new BYTE[s]; cout<< mEntry.szModule << " " << hex << a << endl; while(true) { bool a = Module32Next(process, &mEntry); if(a == false) { break; } cout<< mEntry.szModule << " " << hex << (int)mEntry.modBaseAddr << endl; } openprocess = OpenProcess(PROCESS_VM_READ|PROCESS_VM_OPERATION, 0, pEntry.th32ProcessID); DWORD old = 0; VirtualProtectEx(openprocess,(LPVOID)a, s, PAGE_READWRITE, &old); if(!ReadProcessMemory(openprocess, (LPCVOID)a, &b, s, 0)) { cout<< "fail"; } cout<< b[0]; cin.get(); }
Try checking the VirtualProtectEx return. Also, you may need PAGE_EXECUTE_READWRITE depending on if you're reading bytes from the .code section, and the PROCESS_QUERY_INFORMATION flag in the handle.
Your call to ReadProcessMemory is wrong (though it is probably not the problem). You supply the address of b as the buffer in which the data is to be written to instead of the allocated data (new BYTE[s]).
Make sure your process has the right privileges in order to perform reads and page access protection changes.
BlueSkittles (11-18-2012)
You can win the rat race,Originally Posted by Jeremy S. Anderson
But you're still nothing but a fucking RAT.
++Latest Projects++
[Open Source] Injection Library
Simple PE Cipher
FilthyHooker - Simple Hooking Class
CLR Injector - Inject .NET dlls with ease
Simple Injection - An in-depth look
MPGH's .NET SDK
eJect - Simple Injector
Basic PE Explorer (BETA)
Donate:
BTC: 1GEny3y5tsYfw8E8A45upK6PKVAEcUDNv9
Handy Tools/Hacks:
Extreme Injector v3.7.3
A powerful and advanced injector in a simple GUI.
Can scramble DLLs on injection making them harder to detect and even make detected hacks work again!
Minion Since: 13th January 2011
Moderator Since: 6th May 2011
Global Moderator Since: 29th April 2012
Super User/Unknown Since: 23rd July 2013
'Game Hacking' Team Since: 30th July 2013
--My Art--
[Roxas - Pixel Art, WIP]
[Natsu - Drawn]
[Natsu - Coloured]
All drawings are coloured using Photoshop.
--Gifts--
[Kyle]
You can win the rat race,Originally Posted by Jeremy S. Anderson
But you're still nothing but a fucking RAT.
++Latest Projects++
[Open Source] Injection Library
Simple PE Cipher
FilthyHooker - Simple Hooking Class
CLR Injector - Inject .NET dlls with ease
Simple Injection - An in-depth look
MPGH's .NET SDK
eJect - Simple Injector
Basic PE Explorer (BETA)
You're removing the execution rights from the entire module as well..
Ah we-a blaze the fyah, make it bun dem!
R3Dx666 DerpB0t
R3Dx666 Anti-Vote CoD4
R3Dx666 Runescape AutoBot
R3Dx666 Public Hack - CoD4
R3Dx666 Zion Hook CoD4
APB: Reloaded ~ R3Dx666 Macro
R3Dx666 External Hack v1.0
R3Dx666 External Hack v1.1
R3Dx666 Devils Children External Hack v1.0
R3Dx666 External Helper Works For Most Games
R3DxExternal Helper v1.04
R3DxHax External [Public] [Warframe]
R3DxHax External [Public] [APB Reloaded]
i only release my hacks on MPGH!!! i saw alot of reposts and no credits when i always work solo and its so fucking annoying
Click If I Helped You
Void (11-26-2012)
i know its old, but the problem is here:
b is already a pointer, you're passing the pointer to the pointer, that will fail.if(!ReadProcessMemory(openprocess, (LPCVOID)a, &b, s, 0))
this should do the trickif(!ReadProcessMemory(openprocess, (LPCVOID)a, b, s, 0))