Reading/Writing in other process memory

Posted on 2004-12-01
Last Modified: 2012-05-05
1. i have this code that shows a chunk of memory in delphi. This was just a test before i can use it on a game but i ran into some problems. earlier i was able to read from it and after restarting i get an error about access violation. what could have caused this. im using windows xp sp2

2. Also looking at r:='gg';, when i just put r:=''; it wont show the read memory. why?

3. currently i can only access proccesses that have names like "delphi 7" on application but not the processes in ctrl+alt+del. how can i also read memory from proccess list in windows process manager

any help would be great. thank you. a sample code of reading and writing in other process memory would be really great that will work on windows xp sp2

unit Unit1;


  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, StdCtrls;

  TForm1 = class(TForm)
    Label1: TLabel;
    Label2: TLabel;
    Label3: TLabel;
    Label4: TLabel;
    Button1: TButton;
    Button2: TButton;
    Label5: TLabel;
    Label6: TLabel;
    procedure Button1Click(Sender: TObject);
    procedure Button2Click(Sender: TObject);
    { Private declarations }
  r: String;
  HandleWindow, mez, len, c2: cardinal;
  ThreadId, ProcessId,WindowName : integer;
    { Public declarations }

  Form1: TForm1;

{$R *.dfm}

procedure TForm1.Button1Click(Sender: TObject);

WindowName := FindWindow(nil,'Delphi 7');
If WindowName = 0 then
Label3.Caption := 'not found'
ThreadId := GetWindowThreadProcessId(WindowName,@ProcessId);
Label3.Caption := '' + InttoStr(ThreadId);
HandleWindow := OpenProcess(PROCESS_ALL_ACCESS,False,ProcessId);
Label4.Caption := '' + InttoStr(HandleWindow);
Label6.Caption := '' + InttoStr(HandleWindow);

procedure TForm1.Button2Click(Sender: TObject);
result: boolean;
addr: pointer;
result := false;
len := 50;
addr := ptr($00400050);
result := ReadProcessMemory(HandleWindow,addr,pointer(r),len,len);
Label6.Caption := r;
Question by:pogimez
    1 Comment
    LVL 20

    Accepted Solution

    You're reading in 50 bytes. But where to? You're giving in "pointer(r)" as the address where to write to. That's ok, but there must be enough space so that you don't overwrite other important variables. Use SetLength(r, 50) before calling ReadProcessMemory, that should solve the problem.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Have you ever had your Delphi form/application just hanging while waiting for data to load? This is the article to read if you want to learn some things about adding threads for data loading in the background. First, I'll setup a general applica…
    In my programming career I have only very rarely run into situations where operator overloading would be of any use in my work.  Normally those situations involved math with either overly large numbers (hundreds of thousands of digits or accuracy re…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now