'How to read into a running processus in c?
Hi how to read into a processus and how to use IMAGE_FILE_HEADER to read the pe header in this processus, thanks for replies:) sorry for my english i'm french . I try but i fail to code a program which made this so i search how to code this , by the way i don't know where extract the code in an other processus and use IMAGE_FILE_HEADER to read the pe header
thanks for replie search an help :)
image_file_header file;
//how to use this from a handle or a hmodule ?
Solution 1:[1]
Read the PEB from the remote process with NtQueryInformationProcess and 'ProcessBasicInformation'. Then you can read the 'lpImageBaseAddress' from the PEB. And from that address you can read the entire PE Header of the base executable (Usually the first 1024 bytes) from the process memory.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
Solution | Source |
---|---|
Solution 1 |