Okay Im wanting to take an ammount of hex strings from a program (lets say 5 bytes) and want to store them in a buffer. This buffers name is buffer1. This is the current code I have:


WndProc proc hWin:HWND,uMsg:UINT,wParam:WPARAM,lParam:LPARAM


mov eax,uMsg
.if eax==WM_INITDIALOG
push hWin
pop hWnd
.elseif eax==WM_COMMAND
mov eax,wParam
and eax,0FFFFh

.if eax==IDM_FILE_EXIT
invoke SendMessage,hWin,WM_CLOSE,0,0
.elseif wParam == 1003
invoke MessageBox,hWin,addr helptext,addr helpcap,MB_OK
.elseif wParam == 1001
invoke ReadProcessMemory,targetprocess,addr urnameaddy,buffer1,10,NULL
invoke SetDlgItemText,hWin,IDC_STC1,buffer1

At the end is what I want to work on. Whats its basically doing is detecting if the button is pushed and if it is, then it invokes ReadProcessMemory on the target program (targetprocess) and it reads what the hex string is at urnameaddy (which is something like 00c71256h). I want it to store 10 bytes in buffer1 then make it display that info in a dialog box (IDC_STC1). But for some reason it just displays a blank spot. Is this an error in my programming? Or is there nothing to read at that address ( i know there is because I checked it with a hex editor). Oh and one more thing this is my .data section as well. tell me if something is wrong here:



.data
urnameaddy dd 00C72248h

.data?
buffer1 dd ?
windhand dd ?
hInstance dd ?
CommandLine dd ?
hWnd dd ?
targetprocess dd ?
phandle dd ?
dwprocessid dd ?

Should buffer1 dd ? be listed under the .data as buffer1 dd 0?? Any help is greatly appreciated.
Posted on 2002-06-26 02:01:54 by resistance_is_futile


invoke ReadProcessMemory,targetprocess,addr urnameaddy,buffer1,10,NULL
; -- should be --
invoke ReadProcessMemory,targetprocess,addr urnameaddy,addr buffer1,10,NULL

Otherwise you would be passing the value of buffer1 as a DWORD rather than a pointer to it (so it would most likely be 0, and hence not crash horribly given that it is in the .data? section).

Also you should note that the result of calling this function is that the hex value is in numeric form, IT IS NOT A STRING!
At some point you'll need to convert it.

It is also important to remember that buffer1 is not really being used as a buffer at this point, it is holding an integer. Traditionally programmers think of buffers as arrays of characters.

You should declare your buffer as something like:
buffer db 64 dup(?) ; A buffer of 64 characters


You'll also need a conversion function to change your integer to a string... Try dwtoa, dwtohex (both from the masm32 lib), or wsprintf (from the API).

Mirno
Posted on 2002-06-26 03:52:44 by Mirno
okay Ive fixed all that. How do you think I would change the value in buffer1 to a string? Im kinda new to the conversion part..
Posted on 2002-06-27 19:34:52 by resistance_is_futile