Re: To get memory from another process.
I've tried this on 64 bit, it works. But when I start VirtualBox with Windows 10 32-bit on it, it doesnt works.
Re: To get memory from another process.
On 10/04/2020 7:42 AM, Dennis wrote: On Thursday, 9 April 2020 at 19:27:16 UTC, Quantium wrote: I see this code imports drivers and does it depend on processor architecture? Would it work only on 64-bit or 32-bit or some special architechtures? kernel32.dll and psapi.dll should be present on any normal Windows 10 installation. Windows only runs on x86 and ARM processors as far as I know. I have never used Windows with an ARM processor, but I assume such a Windows installation has the full WinAPI implemented, in which case it should work. As for 32-bit/64-bit on x86: - 32-bit OMF: might work, but I often get errors because the Digital Mars import libraries for Windows dll's are outdated so I don't recommend this target - 32-bit COFF: pretty sure it works - 64-bit COFF: definitely works, I use this regularly. In any case, I suggest you just try these out to see yourself. These API's are old and well used. They will work no problem on all targets.
Re: To get memory from another process.
On Thursday, 9 April 2020 at 19:27:16 UTC, Quantium wrote: I see this code imports drivers and does it depend on processor architecture? Would it work only on 64-bit or 32-bit or some special architechtures? kernel32.dll and psapi.dll should be present on any normal Windows 10 installation. Windows only runs on x86 and ARM processors as far as I know. I have never used Windows with an ARM processor, but I assume such a Windows installation has the full WinAPI implemented, in which case it should work. As for 32-bit/64-bit on x86: - 32-bit OMF: might work, but I often get errors because the Digital Mars import libraries for Windows dll's are outdated so I don't recommend this target - 32-bit COFF: pretty sure it works - 64-bit COFF: definitely works, I use this regularly. In any case, I suggest you just try these out to see yourself.
Re: To get memory from another process.
I see this code imports drivers and does it depend on processor architecture? Would it work only on 64-bit or 32-bit or some special architechtures?
Re: To get memory from another process.
On Thursday, 9 April 2020 at 17:23:19 UTC, Quantium wrote:
Ok. For training example, we're using Windows 10 Por. We can
use WinAPI. Are there any D libs to use WinAPI?
I have used the Windows API to read/write into a different
process before. Here is some example code in case it's useful: (I
removed some stuff without recompiling so it may have some errors)
```
version(Windows):
pragma(lib, "Kernel32.lib");
pragma(lib, "Psapi.lib");
struct WinProcess
{
import core.sys.windows.winbase: OpenProcess,
ReadProcessMemory, WriteProcessMemory, CloseHandle;
import core.sys.windows.windows : PROCESS_VM_READ,
PROCESS_VM_WRITE,
PROCESS_QUERY_INFORMATION, PROCESS_VM_OPERATION, HANDLE;
import std.bitmanip;
import std.exception: enforce;
int processId = -1; /// Id of the process this is attached to
HANDLE processHandle = null; /// Windows handle of the process
this(int processId) {
this.processId = processId;
const access = PROCESS_VM_READ | PROCESS_QUERY_INFORMATION
| PROCESS_VM_WRITE | PROCESS_VM_OPERATION;
this.processHandle = OpenProcess(access, false,
processId);
enforce(processHandle, "could not open process");
}
import std.traits: isNumeric;
void write(T)(void* address, T value) if (isNumeric!T) {
enforce(processHandle != null, "not attached to a process
yet");
size_t bytesWritten = 0;
ubyte[T.sizeof] buffer;
auto b = buffer[];
b.write(value, 0);
WriteProcessMemory(processHandle, address, cast(void*)
buffer, buffer.sizeof, );
enforce(bytesWritten == T.sizeof, "could not write all
bytes");
}
T read(T)(void* address) if (isNumeric!T) {
enforce(processHandle != null, "not attached to a process
yet");
size_t bytesRead = 0;
ubyte[T.sizeof] buffer;
ReadProcessMemory(processHandle, address, cast(void*)
buffer, buffer.sizeof, );
enforce(bytesRead == T.sizeof, "could not read all
bytes");
auto b = buffer[]; // lvalue
return b.read!T;
}
}
```
Re: To get memory from another process.
On Thursday, 9 April 2020 at 17:23:19 UTC, Quantium wrote: We can use WinAPI. Are there any D libs to use WinAPI? import core.sys.windows.windows; it is all built in.
Re: To get memory from another process.
On Thursday, 9 April 2020 at 17:23:19 UTC, Quantium wrote: Anyway, messing with another, isolated processes is stuff that is highly specific to each operating system. Anyway, there are no generic answers to your question. This is hardcore systems programming. You should rather look at your OS documentation to see what is provided there. Ok. For training example, we're using Windows 10 Por. We can use WinAPI. Are there any D libs to use WinAPI? I mean Win 10 Pro, misprint :)
Re: To get memory from another process.
Anyway, messing with another, isolated processes is stuff that is highly specific to each operating system. Anyway, there are no generic answers to your question. This is hardcore systems programming. You should rather look at your OS documentation to see what is provided there. Ok. For training example, we're using Windows 10 Por. We can use WinAPI. Are there any D libs to use WinAPI?
Re: To get memory from another process.
On Wednesday, 8 April 2020 at 21:04:42 UTC, Quantium wrote: I'm trying to do this because I have very special programm that makes some calculations and on every calculation there is a hash in RAM. I need to get a one of hash values from a .bin file, and replace them. I mean hash in RAM of the programm is added to end of .bin file, and one of hashes from that file (I set up sorting algorithm by myself) is in RAM of programm. This sounds very similar to how one would try to circumvent a file integrity check in a Windows program. Anyway, messing with another, isolated processes is stuff that is highly specific to each operating system. Anyway, there are no generic answers to your question. This is hardcore systems programming. You should rather look at your OS documentation to see what is provided there.
Re: To get memory from another process.
On Wednesday, 8 April 2020 at 20:46:48 UTC, H. S. Teoh wrote: On Wed, Apr 08, 2020 at 08:16:27PM +, Quantium via Digitalmars-d-learn wrote: On Wednesday, 8 April 2020 at 16:25:01 UTC, Net wrote: [...] > As far I know, you can't access other's program memory in > any modern operating system. That's managed and protected > by the OS through virtual addressing. On Linux, you can access process memory using the virtual file /proc/$pid/mem, where $pid is the process ID. But you need root access for this to work, and you also need to know how the memory is mapped in the process (reading from an unmapped offset will return I/O error). > What are you trying to do? Now I know that programm even at Administrator mode cannot do this. Only system permission can do that. Or a driver on a kernel-level (zero level). So now the question is how to code driver, which gets other process' memory on D. This question has nothing to do with D. You need to know how your OS works, and whether it has an interface that provides the access you want. The programming language cannot give you this, and is also irrelevant as far as performing this operation is concerned; if you have an API that can do this, you can do it in any language. Also, I know antiviruses will try to block this driver so I'll test it with no antiviruses and Microsoft Defender off. Or if I'm mistaking anywhere and this is impossible on Windows, is it possible on Linux? You didn't answer the question. Why are you trying to access another process's memory? Without knowing what you're trying to do, it's hard to give you a more specific answer. T I'm trying to do this because I have very special programm that makes some calculations and on every calculation there is a hash in RAM. I need to get a one of hash values from a .bin file, and replace them. I mean hash in RAM of the programm is added to end of .bin file, and one of hashes from that file (I set up sorting algorithm by myself) is in RAM of programm.
Re: To get memory from another process.
On Wed, Apr 08, 2020 at 08:16:27PM +, Quantium via Digitalmars-d-learn wrote: > On Wednesday, 8 April 2020 at 16:25:01 UTC, Net wrote: [...] > > As far I know, you can't access other's program memory in any modern > > operating system. That's managed and protected by the OS through > > virtual addressing. On Linux, you can access process memory using the virtual file /proc/$pid/mem, where $pid is the process ID. But you need root access for this to work, and you also need to know how the memory is mapped in the process (reading from an unmapped offset will return I/O error). > > What are you trying to do? > > Now I know that programm even at Administrator mode cannot do this. > Only system permission can do that. Or a driver on a kernel-level > (zero level). So now the question is how to code driver, which gets > other process' memory on D. This question has nothing to do with D. You need to know how your OS works, and whether it has an interface that provides the access you want. The programming language cannot give you this, and is also irrelevant as far as performing this operation is concerned; if you have an API that can do this, you can do it in any language. > Also, I know antiviruses will try to block this driver so I'll test it > with no antiviruses and Microsoft Defender off. Or if I'm mistaking > anywhere and this is impossible on Windows, is it possible on Linux? You didn't answer the question. Why are you trying to access another process's memory? Without knowing what you're trying to do, it's hard to give you a more specific answer. T -- Music critic: "That's an imitation fugue!"
Re: To get memory from another process.
On Wednesday, 8 April 2020 at 16:25:01 UTC, Net wrote: On Tuesday, 7 April 2020 at 21:20:28 UTC, Quantium wrote: Could you advise me how to do these steps on D? Which libs should I import? 1. My programm gets a path to exe file 2. My programm starts that exe file and writes into it 2 commands 3. Programm gets access to exe file memory 4. Programm gets data from process memory and writes it into data.bin file which is in the same directory. As I said, which libs do I need and how to get access to other process memory. Also, can I make this as a driver, but if yes, how to code driver on D? As far I know, you can't access other's program memory in any modern operating system. That's managed and protected by the OS through virtual addressing. What are you trying to do? Now I know that programm even at Administrator mode cannot do this. Only system permission can do that. Or a driver on a kernel-level (zero level). So now the question is how to code driver, which gets other process' memory on D. Also, I know antiviruses will try to block this driver so I'll test it with no antiviruses and Microsoft Defender off. Or if I'm mistaking anywhere and this is impossible on Windows, is it possible on Linux?
Re: To get memory from another process.
On 09/04/2020 4:25 AM, Net wrote: On Tuesday, 7 April 2020 at 21:20:28 UTC, Quantium wrote: Could you advise me how to do these steps on D? Which libs should I import? 1. My programm gets a path to exe file 2. My programm starts that exe file and writes into it 2 commands 3. Programm gets access to exe file memory 4. Programm gets data from process memory and writes it into data.bin file which is in the same directory. As I said, which libs do I need and how to get access to other process memory. Also, can I make this as a driver, but if yes, how to code driver on D? As far I know, you can't access other's program memory in any modern operating system. That's managed and protected by the OS through virtual addressing. Yes you can, in all modern operating systems. It is used for debugging.
Re: To get memory from another process.
On Tuesday, 7 April 2020 at 21:20:28 UTC, Quantium wrote: Could you advise me how to do these steps on D? Which libs should I import? 1. My programm gets a path to exe file 2. My programm starts that exe file and writes into it 2 commands 3. Programm gets access to exe file memory 4. Programm gets data from process memory and writes it into data.bin file which is in the same directory. As I said, which libs do I need and how to get access to other process memory. Also, can I make this as a driver, but if yes, how to code driver on D? As far I know, you can't access other's program memory in any modern operating system. That's managed and protected by the OS through virtual addressing. What are you trying to do?
To get memory from another process.
Could you advise me how to do these steps on D? Which libs should I import? 1. My programm gets a path to exe file 2. My programm starts that exe file and writes into it 2 commands 3. Programm gets access to exe file memory 4. Programm gets data from process memory and writes it into data.bin file which is in the same directory. As I said, which libs do I need and how to get access to other process memory. Also, can I make this as a driver, but if yes, how to code driver on D?
