Re: [python-win32] VirtualQueryEx/ReadProcessMemory

On Oct 16, 2017, at 4:39 PM, Michael C wrote: > > >>>Did you acquire the SeDebugPrivilege before calling? > > Eh, no. I don't know what that is! How do I get it? https://www.programcreek.com/python/example/80627/win32con.TOKEN_ADJUST_PRIVILEGES

Re: [python-win32] VirtualQueryEx/ReadProcessMemory

On Oct 16, 2017, at 5:06 PM, Michael C wrote: > > Supposed by using Openprocess and VirtualQueryEx, I have the locations of all > the memory the application is using, wouldn't this to be true? > > Say, a 8 byte data is somewhere in the region i am scanning. Ok, I know by > scanning it like thi

Re: [python-win32] VirtualQueryEx/ReadProcessMemory

I have a question Supposed by using Openprocess and VirtualQueryEx, I have the locations of all the memory the application is using, wouldn't this to be true? Say, a 8 byte data is somewhere in the region i am scanning. Ok, I know by scanning it like this for n in range(start,end,1) will read int

Re: [python-win32] VirtualQueryEx/ReadProcessMemory

>>>Did you acquire the SeDebugPrivilege before calling? Eh, no. I don't know what that is! How do I get it? >>>That's a screwed up way of doing it. If you want buffers of 8 bytes, then make a buffer of 8 bytes. So like this? ReadProcessMemory(Process, i, ctypes.byref(buffer), 8, ctypes.byref

Re: [python-win32] VirtualQueryEx/ReadProcessMemory

Michael C wrote: > > I am working on my own memory scanner. It uses Windows API, VirtualQueryEX > and ReadProcessMemory. I am not sure I put down the following properly: > > I am sure  > > Process = > Kernel32.OpenProcess(PROCESS_QUERY_INFORMATION|PROCESS_VM_READ, False, > PID) > > ran properly, be

[python-win32] VirtualQueryEx/ReadProcessMemory

Hi all, I am working on my own memory scanner. It uses Windows API, VirtualQueryEX and ReadProcessMemory. I am not sure I put down the following properly: I am sure Process = Kernel32.OpenProcess(PROCESS_QUERY_INFORMATION|PROCESS_VM_READ, False, PID) ran properly, because it didn't return a 0.