Reputation: 670
Hacking the memory of another library
I'm trying to launch or access a minesweeper instance to hook and call it's functions on demand to play a bit and to create a solver. I've tried two ways: launching a process with it, and injecting a dll of mine in it with a method found online. Both ended up in the same problem: I get error 998 when I access the memory of the library of minesweeper from my program or my injected library. What do you recommend me to do? I don't know much of the Windows API so I don't know if the problem is on the methods I'm using or if I have to do some extra function calling or changing some settings.
Upvotes: 1
Views: 1029
Answers (1)
Reputation: 24457
Your problem is most likely that you are trying to write to the memory of the target without changing the page protection. Executable pages are typically read-only (and executable). You need to use VirtualProtect to change this protection. Usually, this sort of code would be executed:
DWORD flOldProtect;
VirtualProtect((LPVOID)from, 5, PAGE_EXECUTE_READWRITE, &flOldProtect);
...
VirtualProtect((LPVOID)from, 5, flOldProtect, &flOldProtect);
This code changes the protection so you can write to it. You would perform your hooking code, etc. within ... and then restore the page protection. Here is a really basic trainer I wrote for someone a while ago which works via DLL injection.
Upvotes: 2
Related Questions
- C++ read all memory from process within modulesize
- C++: reading memory of another process
- How can I run an executable from RAM using C++?
- Converting "application's" memory address
- Getting access to any process's memory
- Windows: Read another process' memory directly
- Intercepting WinAPI calls and modifying return values
- Advanced Memory Editing/Function Calling
- C++: Dump RAM contents
- Reading a process memory