C++ memcpy Arrays ?

animelover94 · 12/04/2013, 09:59

Hi,
I'm trying to learn c++ by myself. but i didn't understand how to do it with those arrays. Like this :

WriteProcessMemory(OpenProcess(PROCESS_ALL_ACCESS, false,FindProcessId("notepad.exe")),(LPVOID)0x0040 CAE1,(PBYTE)"\xEB",1,0);

I don't understand the "\xEB" . Any helps please ?

Dr. Coxxy · 12/04/2013, 10:08

"\xEB" is a string, the "\x" is an escape sequence which tells the compiler to interpret the next 2 characters as a hex value and insert it into the string.
its actually the same as

Code:

BYTE Buf[] = { 0xEB, 0x00 }; // 0x00 because of the trailing zero character of the string. because only the first byte is accessed at Writeprocessmemory it doesnt really matter.

so it wrill wite one byte with 0xEB to 0x0040CAE1.

animelover94 · 12/04/2013, 10:29

Quote:
Originally Posted by Dr. Coxxy
"\xEB" is a string, the "\x" is an escape sequence which tells the compiler to interpret the next 2 characters as a hex value and insert it into the string.
its actually the same as
Code:
BYTE Buf[] = { 0xEB, 0x00 }; // 0x00 because of the trailing zero character of the string. because only the first byte is accessed at Writeprocessmemory it doesnt really matter.
so it wrill wite one byte with 0xEB to 0x0040CAE1.

Mhm. I'll prob. try to do it with VB or C#. But \xEB is not valid for VB and C#. How can i do it with 4 byte or float value instead of \xEB ?

Dr. Coxxy · 12/04/2013, 14:11

simply use a single byte:

Code:

BYTE Buf = 0xEB;
WriteProcessMemory(OpenProcess(PROCESS_ALL_ACCESS, false,FindProcessId("notepad.exe")), (LPVOID)0x0040CAE1, &Buf,1,0);

davydavekk · 12/05/2013, 21:15

With C# you do :

Code:

byte buffer = 0xEB; //The '0x' before EB shows that EB is an hexadecimal number

I'm not sure for the syntaxt in VB, but its something like that :

Code:

Dim buffer as Byte = &hEB //Here it's the '&h' that shows an  HEX number

Also, you should put your process handle in a variable, and then call CloseHandle when you are done with it.