Index
> Windows > Map memory from one process into another?Goto page 1, 2 Next |
| Is this easier on other OSs? | ||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||
| Total Votes : 5 |
| Author |
|
|
Azu 20 Aug 2009, 09:04
Hi
I want to do something like this Code: HowManyBytesToMap equ 4;Just for the example. For my real usage I want to map a few hundred megabytes. invoke functionGoesHere,RemoteProcessID,StartingAddressInRemoteProcess,UnusedAddressSpaceInCurrentAddress,HowManyBytesToMap add dword[UnusedAddressSpaceInCurrentAddress],123 And have it be the same as the below, but without having to make a function call for each read and write Code: HowManyBytes equ 4; invoke ReadProcessMemory,RemoteProcessID,StartingAddressInRemoteProcess,HowManyBytes,tmp add dword[tmp],123 invoke WriteProcessMemory,RemoteProcessID,StartingAddressInRemoteProcess,HowManyBytes,tmp tmp rb HowManyBytes Is there a function that will do this? I thought this was what I was looking for but it needs code ran in the remote process.. which defeats the purpose (if I had no problem running my code in that process, why would I waste resources by having my own process at all?). |
|||
20 Aug 2009, 09:04 |
|
|
Azu 20 Aug 2009, 09:20
Thanks.. how do I use MapViewOfFile without injecting code into the remote process and running it?
|
|||
|
20 Aug 2009, 09:20 |
|
|
revolution 20 Aug 2009, 09:25
Azu wrote: how do I use MapViewOfFile without injecting code into the remote process and running it? |
|||
|
20 Aug 2009, 09:25 |
|
|
Azu 20 Aug 2009, 09:27
Azu wrote: Is there a function that will do this? I thought this was what I was looking for but it needs code ran in the remote process.. which defeats the purpose (if I had no problem running my code in that process, why would I waste resources by having my own process at all?).  |
|||
|
20 Aug 2009, 09:27 |
|
|
revolution 20 Aug 2009, 09:31
So debug then.
|
|||
|
20 Aug 2009, 09:31 |
|
|
Azu 20 Aug 2009, 09:44
I can't find any DLLs that export that function.. is it a syscall?
|
|||
|
20 Aug 2009, 09:44 |
|
|
revolution 20 Aug 2009, 09:45
Win32 manual (TFM) wrote: The following functions are used with debugging. |
|||
|
20 Aug 2009, 09:45 |
|
|
Azu 20 Aug 2009, 09:58
I read the MSDN descriptions of them all.. but none of them do what I described..
 |
|||
|
20 Aug 2009, 09:58 |
|
|
revolution 20 Aug 2009, 10:02
You have to look for other ways. AFAIK Windows only uses MapViewOfFile to map user memory to more than one process.
|
|||
|
20 Aug 2009, 10:02 |
|
|
Azu 20 Aug 2009, 10:05
So it's impossible in user-mode unless my code is already running in that process?
|
|||
|
20 Aug 2009, 10:05 |
|
|
revolution 20 Aug 2009, 10:08
Azu wrote: So it's impossible in user-mode unless my code is already running in that process? |
|||
|
20 Aug 2009, 10:08 |
|
|
Azu 20 Aug 2009, 10:23
Azu wrote: in user-mode
Ah well, thanks anyways. Saved me a lot of time hunting through the API looking for stuff. |
|||
|
20 Aug 2009, 10:23 |
|
|
revolution 20 Aug 2009, 10:38
Actually there is no need to go through the API for things like this, just browse the articles in the Win32 help manual (it is also online at MSDN but might be harder to find there). There is an article that specifically deals with shared memory and it is (strangely
 ) called shared memory. |
|||
|
20 Aug 2009, 10:38 |
|
|
Azu 20 Aug 2009, 11:23
Azu wrote:
|
|||
|
20 Aug 2009, 11:23 |
|
|
revolution 20 Aug 2009, 11:45
I never bothered to visit the unlinked URL. I take your word for it that it is what you say.
|
|||
|
20 Aug 2009, 11:45 |
|
|
Azu 20 Aug 2009, 11:49
By unlinked you mean the one I put in [url][/url] link tags in the first post and quoted twice?
Anyways it was a question, not a statement. |
|||
|
20 Aug 2009, 11:49 |
|
|
revolution 20 Aug 2009, 11:52
Azu wrote: By unlinked you mean the one I put in [url][/url] link tags in the first post and quoted twice? |
|||
|
20 Aug 2009, 11:52 |
|
|
Azu 20 Aug 2009, 12:01
Okay.. and your answer?
|
|||
|
20 Aug 2009, 12:01 |
|
|
revolution 20 Aug 2009, 12:27
That MSDN article looks to be a new version of the older page that I have. Nicer and slightly more comprehensive. And yes, I doubt there is any other function that could do exactly what you want. The MSDN article is not hiding anything.
|
|||
|
20 Aug 2009, 12:27 |
|
| Goto page 1, 2 Next < Last Thread | Next Thread > |
Forum Rules:
|