Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <windows.h>
- #include <stdio.h>
- int main()
- {
- // I manually enter pid at this time for this experimental code.
- int pid = 5428;
- HANDLE process_handle = OpenProcess(
- PROCESS_ALL_ACCESS,
- FALSE,
- pid);
- // the values whose address are to be found by this code.
- int Val = 12345;
- char* p = NULL;
- int* q;
- int v;
- DWORD dwStart = 0, i;
- SIZE_T lpRead;
- SYSTEM_INFO si;
- MEMORY_BASIC_INFORMATION mbi;
- DWORD MinAddr, MaxAddr;
- DWORD lpBase;
- DWORD Size = sizeof(int);
- // Get Application Min And Max Value
- GetSystemInfo(&si);
- MinAddr = (DWORD)si.lpMinimumApplicationAddress;
- MaxAddr = (DWORD)si.lpMaximumApplicationAddress;
- // printf("MinAddr : %p\n", MinAddr);
- // printf("MaxAddr : %p\n", MaxAddr);
- dwStart = MinAddr;
- puts("Begin");
- while(1){
- if (VirtualQueryEx( process_handle,(void *)dwStart,&mbi,sizeof(MEMORY_BASIC_INFORMATION) == 0))
- {
- printf("VirtualQueryEx failed.");
- }
- if(dwStart + mbi.RegionSize < dwStart)
- {
- //printf("Break. \n");
- break;
- }
- //printf("This region has the size of: %p \n", (int)mbi.RegionSize);
- if(mbi.State != MEM_COMMIT) {
- dwStart+=mbi.RegionSize;
- //printf("Continue. \n");
- continue;
- }
- for(i=dwStart; i<dwStart+mbi.RegionSize; i+= Size) // i+= Size
- {
- //printf("It got to readprocess memory. \n");
- if(ReadProcessMemory(process_handle, (LPVOID)i, &v, Size, NULL) != 0) // &lpRead
- {
- printf("Val = %d \n", Val);
- if (v==Val)
- {
- //Address[AddCnt++] = i;
- //printf("Found one: %p\n",i);
- printf("Found one.");
- }
- }
- else
- {
- printf("ReadProcessMemory has an error. \n");
- }
- }
- dwStart+=mbi.RegionSize;
- }
- puts("End");
- system("pause");
- return 0;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
