Home/ Questions/Q 9013135
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-16T03:11:03+00:00

How can I write this in inline asm? I want to write the value

  • 0

How can I write this in inline asm? I want to write the value of packet into the memory location of cave in inline asm, how? I can do it with the WriteProcessMemory but I want to get rid of that and replace with asm

int SendToClient(BYTE *packet, int Length)
{
    int cave = (int)VirtualAllocEx(hProcess, NULL, Length, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE); 

    if (WriteProcessMemory(hProcess, (void*)cave, packet, Length, NULL))
    {

    }

    __asm
    {
        //how?
    }
}

for example, say I wanted to read from the address senderOffset I would do:

int GetSenderID()
{
    int value;

    __asm
    {
        mov eax, senderOffset
        mov value, eax
    }


    return *(int*)value;
}

this is doing what “ReadProcessMemory(GetCurrentProcess(), (VOID*)senderOffset, &value, 0) would do, I’m just looking for the same kinda method to “WriteProcessMemory” with inline asm.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    If what you want to do is essentially rewrite WriteProcessMemory() in inline assembly, forget it, it ain’t gonna happen. WriteProcessMemory() is an OS interface that allows you to change the content of another process’s virtual memory space, which you can’t do directly from a user-space process no matter what instructions you use. No amount of assembly, whether inline or in a separate assembly source file, will be able to cast the magic spells required to allow your process, operating within its virtual memory sandbox, from writing into another process’s virtual memory sandbox without going through the OS to do so. While operating within your user-mode program, the MMU is set up to give your process access to its own memory & nothing else. Even trying to access memory that’s not allocated to your process will give you some sort of access violation error (which is called SIGSEGV in Linux-land; I know you’re on Windows though).

    To access memory in another process’s address space, you have to call on the operating system to do so. Each system has a controlled way of making OS calls that switches the processor from user-mode to kernel-mode. In x86, these are termed “rings”, with the OS operating in the highest-privileged “ring 0” and user-mode code running in the least-privileged “ring 3”. Drivers operate in the other two rings. You cannot simply switch the CPU from ring 3 to ring 0; attempting to do so would trigger a privilege violation. And within ring 3, you cannot change the MMU to allow your process to access (read or write or execute) another process’s memory space.

    • 0