I want to call WriteProcessMemory in my c++ application (msvc visual studio) using __asm block.
#include <windows.h>
#include <stdio.h>
#include <iostream>
#include <memory>
const char* TextVar = "loon";
int main(){
auto addrof = std::addressof(TextVar);
unsigned int address = (unsigned int)addrof;
HANDLE ProcessHandle = GetCurrentProcess();
//WriteProcessMemory( HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesWritten );
__asm
{
xor eax, eax // clear eax
push 0x74736554 // push "Test"
mov eax, esp // mov "Test" to eax
push 0x0 // lpNumberOfBytesWritten
push 0x4 // nSize [strlen("Test") = 4]
push eax // lpBuffer - "Test"
push [address] // lpBaseAddress - address of TextVar
push ProcessHandle // hProcess - Handle of current process
call WriteProcessMemory
push DWORD PTR[TextVar]
call printf //Print TextVar
}
return 0;
}
But i get this:
An exception was thrown at the address 0x753F288E (ucrtbase.dll) in Test.exe: 0xC0000005: read access violation at 0x74736554.
//0x753F288E - printf address
//0x74736554 - my text - [Test]
What am I doing wrong? As I understand it, WPM writes the text as an address in TextVar. But how to fix that?
P.S - I do not want to use local variables in c++ as a buffer for WPM.
I believe Windows APIs use Pascal calling conventions, pushing parameters to the stack from left to right. You seem to be doing the opposite, using C calling conventions.
User contributions licensed under CC BY-SA 3.0