| View previous topic :: View next topic |
| Author |
Message |
Corruptor
Advanced Cheater
![]() Reputation: 3
Joined: 10 Aug 2011
Posts: 82
|
 Posted: Fri Dec 07, 2012 12:43 pm Post subject: How does Cheat Engine read/write into the Process? |
 |
|
| I lately found the "Use [...] Read/Write Process Memory (Will cause slower scans)" option in the cheat engine settings, and as i dont actually know a way to access an other programms memory besides using these functions, i really became curios about how cheat engine actually does that. How is it done? Why is it so much faster?
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25788
Location: The netherlands
|
| Posted: Fri Dec 07, 2012 1:42 pm Post subject: |
 |
|
There are multiple different methods to access the memory of another process.
In this case it just uses KeStackAttachProcess to access the memory, but I could also have used direct memory mapping using the CR3 of the process, or hijack a thread of the target process to open the destination process and copy it to there, etc..
And it's slower because for debugging reasons I do a very simple byte by byte copy memory from target process memory to kernelmode memory, and then from kernelmode memory to the destination process memory. While I could have just mapped the memory of the target to kernelmode physical memory, and then copy that to the destination process. (Or even map the memory to the virtual memory of the destination process and return a pointer to that, but it's not compatible with the rpm emulation I use)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
