Home/ Questions/Q 6865279
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T03:01:24+00:00

okay i give up on strings , i dont know i dont get any

  • 0

okay i give up on strings , i dont know i dont get any value but thats ok for now.

i want to read a simple 4byte int value. i searched in the memory for an exact value of 42 i took the first address.

i already know that the array size has to be 4. but i get realy crazy values.

like -12732139

so i wrote a for loop that tells me the values which are stored inside the byte array

for (int j = 0; j < bytes.Length; ++j ) {
                 svalue += "+" + bytes[j];
           }

i get realy strange numbers out of it 

216 184 93 255 // these are stored inside the bytearray which should be 42 dec.

i guess something went really wrong ?

i read those values with

ReadProcessMemory(readHandle, ((IntPtr)baseAddress + 0x000D3A10), bytes, (UIntPtr)4, ref rw);


int test = BitConverter.ToInt32(new_bytes,0);

any ideas ?

// OLD
My full code:

private void button1_Click(object sender, EventArgs e) {

    Process[] iexp = Process.GetProcessesByName("iexplore");
    if (iexp.Length == 0) {
        listBox1.Items.Add("NOT FOUND");
    }
    Process internet = iexp[0];
    uint baseAddress = (uint)internet.MainModule.BaseAddress.ToInt32();
    IntPtr readHandle = OpenProcess(0x0010, false, (uint)internet.Id);
    byte[] bytes = new byte[24];
    uint rw = 0;
    uint size=sizeof(int);

    ReadProcessMemory(readHandle, ((IntPtr)baseAddress + 0x00581CCE), bytes, 
        (UIntPtr)24, ref rw);
    string sname= Encoding.ASCII.GetString(bytes);
    ReadProcessMemory(readHandle, (IntPtr)baseAddress + 0x00528744, bytes, 
        (UIntPtr)size, ref rw);
    int someNumber = BitConverter.ToInt32(bytes, 0);

    listBox1.Items.Add(sname);
    listBox1.Items.Add(someNumber);

}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    This function is just to read plain memory. It does not have the concept of types and therefore does not know what strings are or even that they have a length. If you reach into a process’ memory to read things you are on your own. You need to know exactly what you want to read and what to make of the data.

    Although as you are trying to read a string: You could try and read the bytes in a loop and stop when you encounter a 0 byte which is what is used by C to denoted the end of a string (NULL terminated strings).

    • 0