Memory, is a complex module in Programing, especially on Windows.
This time, I use cpp with win windows api{
VirtualQueryEx(); //Get the available memory page(block)
ReadProcessMemory(); //Read the specific memory
LookupPrivilegeValue(); //Get the avalible Privileges in windows
AdjustTokenPrivileges();//Enable or disable privilege for specific process
}
Now, we skip the step of getting privilege, and directly talking about the detail of reading memories.
At first, we should understand that we cannot directly read memory at once by giving a big number of memory required.
Normally, we should make a loop to record the detail of every pages(blocks) of memory [VirtualQueryEx()] and Read them [ReadProcessMemory()].
1 while (true) 2 { 3 if (VirtualQueryEx(hProcess, (LPVOID)cur_addr, &meminf, dwInfoSize) == 0) 4 break; 5 if (!(meminf.State == MEM_COMMIT || meminf.State == MEM_IMAGE || meminf.State == MEM_MAPPED)) 6 { 7 cur_addr = (DWORD)meminf.BaseAddress + meminf.RegionSize; 8 continue; 9 } 10 if ((dbg = ReadProcessMemory(hProcess, (LPCVOID)meminf.BaseAddress, memget, meminf.RegionSize, &ReadSize)) == false) 11 cout << "Failed to read memory at address:" << meminf.BaseAddress << endl; 12 else 13 memget += meminf.RegionSize; 14 cur_addr = (DWORD)meminf.BaseAddress + eminf.RegionSize; 15 }