Ok, so it's my understanding that each process has an address range available that's designated as the stack.  How then, can a program see the stack of another process & glean any info from it?  The examples I've seen (and that I don't understand) seem to primarily deal with kernel32.dll.  While I don't have any interest in that particular PE file, I'm curious as to how it works.
Posted on 2010-07-16 15:54:37 by SyWiles
In short: You ask the OS to let you see another process' memory.
Posted on 2010-07-16 18:10:38 by ti_mo_n
You should be aware that the kinds of API functions you'll need will require Administrator user rights - or they are pretty much guaranteed to fail.
The reasons for that should be pretty obvious.
Posted on 2010-07-16 22:13:19 by Homer