windows - How does one use VirtualAllocEx do make room for a code cave?

Question

Welcome To Ask or Share your Answers For Others

windows - How does one use VirtualAllocEx do make room for a code cave?

asked Oct 24, 2021 in Technique[技术] by 深蓝 (71.8m points)

How does one use VirtualAllocEx do make room for a code cave? I am currently in possession of a piece of software with very little "free space" and I read that VirtualAllocEx is used for making this space..

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1.1k views

1 Answer

深蓝 · Answer 1 · 2021-10-23T21:38:11+0000

#include <stdio.h>
#include <windows.h>
#include <commctrl.h>   

unsigned long pid;
HANDLE process;
GetWindowThreadProcessId(listview, &pid);
process = OpenProcess(PROCESS_VM_OPERATION|PROCESS_VM_READ | PROCESS_VM_WRITE|PROCESS_QUERY_INFORMATION, FALSE, pid);

int *vptr = (int *)VirtualAllocEx(process, NULL, sizeof(int), MEM_COMMIT, PAGE_READWRITE);

References
- MSDN VirtualAllocEx Function
- CodeProject Stealing Program's Memory
- StackOver What is a code cave... ?

HTH,

Categories

windows - How does one use VirtualAllocEx do make room for a code cave?

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags