Index
> Windows > Map memory from one process into another?Goto page 1, 2 Next |
| Is this easier on other OSs? | ||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||
| Total Votes : 5 |
| Author |
|
|
Azu
Hi
I want to do something like this Code: HowManyBytesToMap equ 4;Just for the example. For my real usage I want to map a few hundred megabytes. invoke functionGoesHere,RemoteProcessID,StartingAddressInRemoteProcess,UnusedAddressSpaceInCurrentAddress,HowManyBytesToMap add dword[UnusedAddressSpaceInCurrentAddress],123 And have it be the same as the below, but without having to make a function call for each read and write Code: HowManyBytes equ 4; invoke ReadProcessMemory,RemoteProcessID,StartingAddressInRemoteProcess,HowManyBytes,tmp add dword[tmp],123 invoke WriteProcessMemory,RemoteProcessID,StartingAddressInRemoteProcess,HowManyBytes,tmp tmp rb HowManyBytes Is there a function that will do this? I thought this was what I was looking for but it needs code ran in the remote process.. which defeats the purpose (if I had no problem running my code in that process, why would I waste resources by having my own process at all?). |
|||
20 Aug 2009, 09:04 |
|
|
revolution
You can use the debug functions to control the other process and it's memory space
You can use MapViewOfFile in each process to view and alter the same values. |
|||
|
20 Aug 2009, 09:16 |
|
|
Azu
Thanks.. how do I use MapViewOfFile without injecting code into the remote process and running it?
|
|||
|
20 Aug 2009, 09:20 |
|
|
Azu
Azu wrote: Is there a function that will do this? I thought this was what I was looking for but it needs code ran in the remote process.. which defeats the purpose (if I had no problem running my code in that process, why would I waste resources by having my own process at all?).  |
|||
|
20 Aug 2009, 09:27 |
|
|
revolution
So debug then.
|
|||
|
20 Aug 2009, 09:31 |
|
|
Azu
I can't find any DLLs that export that function.. is it a syscall?
|
|||
|
20 Aug 2009, 09:44 |
|
|
revolution
Win32 manual (TFM) wrote: The following functions are used with debugging. |
|||
|
20 Aug 2009, 09:45 |
|
|
Azu
I read the MSDN descriptions of them all.. but none of them do what I described..
 |
|||
|
20 Aug 2009, 09:58 |
|
|
revolution
You have to look for other ways. AFAIK Windows only uses MapViewOfFile to map user memory to more than one process.
|
|||
|
20 Aug 2009, 10:02 |
|
|
Azu
So it's impossible in user-mode unless my code is already running in that process?
|
|||
|
20 Aug 2009, 10:05 |
|
|
revolution
Azu wrote: So it's impossible in user-mode unless my code is already running in that process? |
|||
|
20 Aug 2009, 10:08 |
|
|
Azu
Azu wrote: in user-mode
Ah well, thanks anyways. Saved me a lot of time hunting through the API looking for stuff. |
|||
|
20 Aug 2009, 10:23 |
|
|
revolution
Actually there is no need to go through the API for things like this, just browse the articles in the Win32 help manual (it is also online at MSDN but might be harder to find there). There is an article that specifically deals with shared memory and it is (strangely
 ) called shared memory. |
|||
|
20 Aug 2009, 10:38 |
|
|
Azu
Azu wrote:
|
|||
|
20 Aug 2009, 11:23 |
|
|
revolution
I never bothered to visit the unlinked URL. I take your word for it that it is what you say.
|
|||
|
20 Aug 2009, 11:45 |
|
|
Azu
By unlinked you mean the one I put in [url][/url] link tags in the first post and quoted twice?
Anyways it was a question, not a statement. |
|||
|
20 Aug 2009, 11:49 |
|
|
revolution
Azu wrote: By unlinked you mean the one I put in [url][/url] link tags in the first post and quoted twice? |
|||
|
20 Aug 2009, 11:52 |
|
|
Azu
Okay.. and your answer?
|
|||
|
20 Aug 2009, 12:01 |
|
|
revolution
That MSDN article looks to be a new version of the older page that I have. Nicer and slightly more comprehensive. And yes, I doubt there is any other function that could do exactly what you want. The MSDN article is not hiding anything.
|
|||
|
20 Aug 2009, 12:27 |
|
| Goto page 1, 2 Next < Last Thread | Next Thread > |
Forum Rules:
|