Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


VirtualQueryEx error, general memory access in Win7

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
squirlhntr
How do I cheat?
Reputation: 0

Joined: 05 Dec 2009
Posts: 1
PostPosted: Sat Dec 05, 2009 4:06 pm    Post subject: VirtualQueryEx error, general memory access in Win7 Reply with quote
Hello all. I am trying to run some code that works in XP but not in Win7, presumably due to security issues. Right now my code is failing with:

Code:
VirtualQueryEx(handle, etc...)
Error: Access violation reading 0x0000001C


This is in the process of attempting to read a processes memory. I already sorted out the permissions via OpenProcess so I know I have full access but for some reason there are portions of memory that I cannot read (which is why I am using VirtualQueryEx, in theory to figure out the start address of the memory).

Any suggestions? Have had a hell of a time trying to find out the problem.


Example code (its in python, but you can get the idea... just follow the system calls):

Code:
        window = FindWindow(None, windowName)
        threadID, processID = GetWindowThreadProcessId(window.GetSafeHwnd())
        # set up security to get full access
        process = OpenProcess(0x00040000, 0, processID)
        info = GetSecurityInfo(GetCurrentProcess(), SE_KERNEL_OBJECT, 0)
        SetSecurityInfo(process, SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION | UNPROTECTED_DACL_SECURITY_INFORMATION, None, None, info.GetSecurityDescriptorDacl(), info.GetSecurityDescriptorGroup())
        process.close()
        # now that we have same security as this process, re-open with full rights
        p = OpenProcess(0x1FFFFF, 0, processID)


        meminfo = GetProcessMemoryInfo(p.handle)
        bytes_read = c_ulong(0)
        size = meminfo['WorkingSetSize']
        address = 0x00010000
        b = create_string_buffer(size)
        windll.kernel32.ReadProcessMemory(p.handle, address, b, size, byref(bytes_read))  # works, but doesn't get all memory as addres is incorrect
        print windll.kernel32.GetLastError()   # 299
        dunno = c_uint(0)
        # print windll.kernel32.VirtualProtectEx(p.handle, 0, size, 0x02, byref(dunno))
        print windll.kernel32.VirtualQueryEx(p.handle)
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 474

Joined: 09 May 2003
Posts: 25953
Location: The netherlands
PostPosted: Sun Dec 06, 2009 7:02 am    Post subject: Reply with quote
perhaps because you're not providing VirtualqueryEx with a pointer to a memory basic information object or the size of the object
or the address to query

and this code works in winxp ? Properly ?
_________________
Tools give you results. Knowledge gives you control.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites