Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>To read memory of other application you need to open the process with respect of <a href="http://msdn.microsoft.com/en-us/library/ms684320.aspx" rel="nofollow noreferrer">OpenProcess</a> with at least <code>PROCESS_VM_READ</code> access rights and then use <a href="http://msdn.microsoft.com/en-us/library/ms680553.aspx" rel="nofollow noreferrer">ReadProcessMemory</a> to read any memory address from the process. If you are an administrator or have debug privilege you will be able to open any process with maximal access rights, you need only to enable <code>SeDebugPrivilege</code> before (see for example <a href="http://support.microsoft.com/kb/131065" rel="nofollow noreferrer">http://support.microsoft.com/kb/131065</a>).</p> <p>If you don't know a much about the memory of the destination process you can just enumerate the memory blocks with respect of <a href="http://msdn.microsoft.com/en-us/library/aa366907.aspx" rel="nofollow noreferrer">VirtualQueryEx</a> (see <a href="https://stackoverflow.com/questions/3010741/how-does-one-use-virtualallocex-do-make-room-for-a-code-cave/3010909#3010909">How does one use VirtualAllocEx do make room for a code cave?</a> as an example where I examine the program code. The program data you can examine in the same way).</p> <p>The most practical problem which I see is that you ask your question in <strong>too general</strong> way. If you explain more what kind of the data you are looking for I could probably suggest you a better way. For example if you could see the data somewhere you could examine the corresponding windows and controls with respect of Spy++ (a part of Visual Studio Tools). The most important are the class of windows (or controls) and the messages which will be send at the moment when the most interesting window are displayed. You can also use <a href="http://technet.microsoft.com/de-de/sysinternals/bb896645.aspx" rel="nofollow noreferrer">Process Monitor</a> to trace all file and registry access at the time when the windows with the interesting information will be displayed. At least at the beginning you should examine the memory of the process with <a href="http://msdn.microsoft.com/en-us/library/ms680553.aspx" rel="nofollow noreferrer">ReadProcessMemory</a> at the moment when the data which you are looking for are displayed on the window.</p> <p>If you will have no success in your investigations I'd recommend you to insert in your question more information. </p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload