Programs for editing memory in user space

Question

Programs for editing memory in user space

How do programs that change the memory of other processes, such as the Cheat Engine and iHaxGamez, work? My understanding is that the process of reading (not to mention writing) the memory of another process is the direct basis for the segmentation error.

+4

linux memory operating-system

Delan azabani Nov 02 '10 at 22:50

source share

4 answers

The abstraction layer of the operating system hardware system usually offers functions for managing the memory of other processes. On Windows, the corresponding functions are ReadProcessMemory and WriteProcessMemory .

+2

Jim brissom Nov 02 '10 at 23:04

source share

He has no reason for segfault; OS (kernel, ...) API is used for writing. Segfault occurs (receives a signal) from the OS when a process tries to access its own memory in bad mode (char [] overflow).

About games: well, if the value is stored at the address and is sometimes read, then it can be changed until the next reading.

+2

kagali-san Nov 02 '10 at 23:13

source share

You can use WinAPI WriteProcessMemory to write to the memory space of another process.

Also read the PE / COFF documentation and use VirtualQueryEx and ReadProcessMemory to find out what and where to write.

0

ruslik Nov 02 '10 at 23:08

source share

Andrew Edgecombe · Accepted Answer · 2010-11-02T23:08:18+0000

Gaining access to other process memory under Linux is fairly simple (assuming you have sufficient user privileges).

For example, the file /dev/mem will provide access to the entire processor memory. Details of the mappings for a particular process can be found in /proc/<pid>/maps .

Another example is given here below.

Programs for editing memory in user space

More articles: