Good afternoon, I encountered the following problem. There is an executable application ( Application ) and I need to read the value at the address I know in memory ( 08307AD8 ) occupied by this application. For my program, I get debugger privileges:
OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES, &th); LookupPrivilegeValue(NULL, "SeDebugPrivilege", &seid); tp.PrivilegeCount = 1; tp.Privileges[0].Luid = seid; tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; a = rl; AdjustTokenPrivileges(th, False, &tp, sizeof(tp), &tp, &a); And actually trying to read this address:
HWND hWnd = FindWindow(0, "Application"); if (!hWnd) { MessageBox(0, "Error cannot find window!", "Error!", MB_OK + MB_ICONERROR); } else { DWORD proc_id; GetWindowThreadProcessId(hWnd, &proc_id); HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, proc_id); if (!hProcess) { MessageBox(NULL, "Cannot open process!", "Error!", MB_OK + MB_ICONERROR); } else { BYTE newdata[] = { 0x72, 0x65, 0x64, 0x70 }; DWORD newdatasize = sizeof(newdata); if (WriteProcessMemory(hProcess, (LPVOID) 0x08307AD8, &newdata, newdatasize, NULL)) { MessageBox(NULL, "WriteProcessMemory is a success!", "Success!", MB_OK + MB_ICONINFORMATION); } else { MessageBox(NULL, "Error cannot WriteProcessMemory!", "Error!", MB_OK + MB_ICONERROR); } CloseHandle(hProcess); } } Pops up MessageBox "Error cannot WriteProcessMemory!" , that is, as I understand it, everything is normally done until the moment of addressing. I beg you to help me figure out what is wrong here, well, or suggest another more rational solution.
Here is the scope of the variables:
TOKEN_PRIVILEGES tp; LUID seid; Cardinal rl; unsigned long a; HANDLE th; 
AdjustTokenPrivileges. - karmadro4