I am thinking about a problem I have been having for some time now.. I would like to write a C/C++ program (under windows first) that can access(read/change values) the memory(stack, heap, everything) of other running programs. (Not like shared memory but any memory the computer has..) Without having to start the application from my own application..
I have seen something like this before but I just can’t figure out how it’s done.. If I were to access the memory of any running program I would get errors from the OS right?
Any help is appreciated!
I am thinking about a problem I have been having for some time now..
Share
As @sharptooth said, this requires support from the OS. Different OS does it differently. Since you are on Windows, there are a few steps you could follow:
OpenProcess, orCreateProcessto access, or launch a new process. In this call, you must requestPROCESS_VM_READaccess.ReadProcessMemoryto read a chunk of memory in that opened process.If you want to change memory of another process, you then need
PROCESS_VM_WRITEaccess and useWriteProcessMemoryto achieve that.In Linux, for example, you’d use ptrace to attach to a process and peek, poke its memory.