How to read a process memory address

Question

5.00/5 (1 vote)

See more:

Hi,
I'm trying to read a value in other application which is running in c++, how can I find the address of the variable of the other app in memory? because every time the app starts the address of the variable changes.
this is a sample code :

#include<iostream>
#include<Windows.h>
using namespace std;

int main()
{
	int address = 0x100579C; // this address is kind of problem
	int value=0;
	DWORD processid;
	HWND hwnd;

	hwnd = FindWindow(NULL,"appname");
	if(!hwnd)
		cout<<"Not found"<<endl;

	GetWindowThreadProcessId(hwnd,&processid);
	HANDLE processhandle = OpenProcess(PROCESS_ALL_ACCESS,0,processid);
	if(!processhandle)
		cout<<"Could not get handle"<<endl;

	ReadProcessMemory(processhandle,address,&value,sizeof(value),0);
	cout<<value;
	system("PAUSE");
	return 0;
}

Posted 31-May-13 2:03am

mehdi_k

Updated 31-May-13 2:04am

v2

Add a Solution

Comments

Santhosh G_ 1-Jun-13 12:51pm

Is it possible to use shared memory or other inter process mechanism to share the address from "appname".

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

pasztorpisti · Accepted Answer · 2013-05-31T02:48:00

In most cases programs allocate objects dynamically from the heap and these objects reference each other with pointers. Maybe what you are searching for is pointed by a pointer that is pointed by another pointer and so on. You have to find the root pointer in order to dereference the other pointers. Finding the root pointer can be tricky. If you are lucky then there is a global variable somewhere that contains the root pointer. in this case you should query the base address of the exe or dll for example with EnumProcessModules()[^] or a similar function and you will find the global variable relative to one of the loaded modules. In worst case the root pointer is for example on the stack of the main() function in which case you have to enumerate the threads of the process, you have to find the main thread somehow, you have to query the context of the main thread (GetThreadContext()[^]: registers, including esp the stack pointer ) and then somehow you have to find the pointer in the stack (for example by searchgin some kind of patterns around the stack). But such a pointer can be stored in a lot of places, for example TLS, or what if I "hide" my root pointer for example by passing the pointer to a system call like SetWindowLongPtr and later I query the pointer with GetWindowLongPtr??? In this case you may have to inject code into the app and extract the ptr there... This task can be quite complicated and sometimes the solution is very dirty.