flat assembler
Message board for the users of flat assembler.
Index
> Windows > [HELP] - Get Base Address of Running Process |
Author |
|
ctl3d32 28 Oct 2010, 03:02
Hi folks!
I'm trying to get base address of a runnig process, but can't make it work. I know that, most of the times, the base address of a running process is 0x00400000 I don't want to assume that, in case it is not 0x00400000 for a given .exe. I'm getting two erros in my attempt: 1. The base address is always returning 0x0 in VirtualQueryEX; 2. My .exe is not ending properly. Could someone please help me? P.S.: Edit constant "gamename" in .data section. It holds the name of the process i want the base address. Thanks a lot, ctl3d32
|
|||||||||||
28 Oct 2010, 03:02 |
|
b1528932 28 Oct 2010, 14:31
psapi can enum modules.
1. attach debugger 2. enum modules 3. do some work 4. detach debugger |
|||
28 Oct 2010, 14:31 |
|
baldr 28 Oct 2010, 16:31
edfed wrote: the VIRTUAL base adress of a process is 400000h. ----8<---- ctl3d32, If you won't mind some undocumented functions/structures, NtQueryInformationProcess() can be useful. |
|||
28 Oct 2010, 16:31 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.