VirtualAllocEx

09/06/2008 10:10 12354#1
Code:
    Private Declare Function VirtualAllocEx Lib "KERNEL32" (ByVal hProcess As Long, ByVal lpAddr As Long, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Int32
(...)
        Process.EnterDebugMode() 'EDIT
        Dim n As Int32
        Dim myProcesses As Process() = Process.GetProcessesByName("calc")
        Const PROCESS_ALL_ACCESS = &H1F0FFF
        prHandle = OpenProcess(PROCESS_ALL_ACCESS, 0, myProcesses(0).Id)
        n = VirtualAllocEx(prhandle, 0, 8074, &H1000, &H4)
        MsgBox(n)
Das Problem ist nur , es kommt immer 0 raus : /

Was mach ich falsch?

Erledigt- > siehe letzter Post / EDIT4
09/06/2008 12:31 mr.rattlz#2
Did you obtain the needed privileges beforehand?
Quote:
Remarks

To open a handle to another local process and obtain full access rights, you must enable the SeDebugPrivilege privilege.
[Only registered and activated users can see links. Click Here To Register...]
09/06/2008 12:40 12354#3
Quote:
Originally Posted by mr.rattlz View Post
Did you obtain the needed privileges beforehand?


[Only registered and activated users can see links. Click Here To Register...]
Jup hab ich auch : (

EDIT: Ich editiers mal rein
EDIT2: Es liegt nicht am ProzessHandle. ReadProcessMemory funktioniert mit genau dem Handle
09/07/2008 01:39 mr.rattlz#4
You should try and see what GetLastError has to say: [Only registered and activated users can see links. Click Here To Register...]
09/07/2008 10:34 12354#5
Quote:
Originally Posted by mr.rattlz View Post
You should try and see what GetLastError has to say: [Only registered and activated users can see links. Click Here To Register...]
Err.LastDllError.ToString = 87 ' ERROR_INVALID_PARAMETER
Parameter incorrect :/

Quote:
Originally Posted by Itburnz View Post
If you use .net try System.Diagnostics.Process.GetProcessesByName("Cal c");
Im already using this : D
Code:
        Dim myProcesses As Process() = [B]Process.GetProcessesByName("calc")[/B]
The Handle is alright. I can use ReadProcessMemory with it.

EDIT:Warum schreibt ihr eigentlich Englisch in einem deutschen Topic °-°

EDIT2: Anscheinend hab ich den VirtualAllocEx falsch deklariert.
Hab gerade ein ähnliches Problem bei einem anderen ApiCall gehabt!

EDIT3(-.-): Isses normal dass als Adresse jetzt immer 600000000(Hex) bzw 25769803776(Dez) rauskommt?
EDIT4 = Profit
Code:
    <DllImport("kernel32.dll", SetLastError:=True, ExactSpelling:=True)> _
        Private Function VirtualAllocEx(ByVal hProcess As IntPtr, ByVal lpAddress As IntPtr, _
    ByVal dwSize As UInteger, ByVal flAllocationType As UInteger, _
    ByVal flProtect As UInteger) As IntPtr
    End Function