Difference between revisions of "Process Hook and Read From Memory VB6"

Revision as of 09:24, 3 June 2007

needs spellchecked

To learn how to hook a running program in Windows we will use calc.exe, the windows calculator, as a guinea pig. So, we create a Visual BASIC program that attaches itself to calc.exe and monitors for the calculator value to change from zero.

Direct Memory Access Class for NT/2000/XP

Already found four key addresses to use for testing with a debugger:

calc.exe+14D55          01014D55
calc.exe+14D56          01014D56
calc.exe+14D57          01014D57
calc.exe+14D58          01014D58

Get the Process ID of calc.exe
Hook the Process
Read the Memory

The GetWindowThreadProcessId function retrieves the identifier of the thread that created the specified window and, optionally, the identifier of the process that created the window.

@@ Line 2: / Line 2: @@
 To learn how to hook a running program in Windows we will use calc.exe, the windows calculator, as a guinea pig.  So, we create a Visual BASIC program that attaches itself to calc.exe and monitors for the calculator value to change from zero.
+== Direct Memory Access Class for NT/2000/XP ==
 Already found four key addresses to use for testing with a debugger:
@@ Line 10: / Line 12: @@
   calc.exe+14D58          01014D58
+#Get the Process ID of calc.exe
+#Hook the Process
+#Read the Memory
+The '''GetWindowThreadProcessId''' function retrieves the identifier of the thread that created the specified window and, optionally, the identifier of the process that created the window.
 [[Category:Computer Technology]]
 [[Category:Programming]]
 [[Category:VB6]]

Difference between revisions of "Process Hook and Read From Memory VB6"

Revision as of 09:24, 3 June 2007

Direct Memory Access Class for NT/2000/XP

Navigation menu

Views

Personal tools

Navigation

Popular Categories

comprehensive

Search

D.U.C.K. Toolbox