Memory, DLL Injection C++

[Netskyes]

Hi, I'm quite new to reverse engineering and C++. I've made an injector and I have a couple of questions regarding DLL operations. (I'm quite confused, so please be kind incase I ask something that makes no sense)

Can I directly just access memory addresse's? (Or might require to execute VirtualProtect?)

Lets say this address 0x140050D9E contains some data or a function, how could I read it? (Things I've heard that confuses me... base address, offset?)

 

Appreciate it, thanks!

 

[atom0s]

Yes you can directly access memory. But also yes, it may require you to use VirtualProtect if the memory is protected. 

As for reading addresses directly, you can cast the data to various types for example:

auto dword_SomeValue = *(DWORD*)0x140050D9E;
auto short_SomeValue = *(short*)0x140050D9E;

struct some_data
{
    unsigned int Value1;
    unsigned int Value2;
    LPVOID       Value3;
};

auto struct_Value = *(some_data*)0x140050D9E;

You can write to the address in the same manner like:

*(DWORD*)0x140050D9E = 0; // writes a dword
*(float*)0x140050D9E = 1.0f; // writes a float

 

[Netskyes]

1 hour ago, atom0s said:

Yes you can directly access memory. But also yes, it may require you to use VirtualProtect if the memory is protected. 

As for reading addresses directly, you can cast the data to various types for example:

auto dword_SomeValue = *(DWORD*)0x140050D9E;
auto short_SomeValue = *(short*)0x140050D9E;

struct some_data
{
    unsigned int Value1;
    unsigned int Value2;
    LPVOID       Value3;
};

auto struct_Value = *(some_data*)0x140050D9E;

You can write to the address in the same manner like:

*(DWORD*)0x140050D9E = 0; // writes a dword
*(float*)0x140050D9E = 1.0f; // writes a float

 

Thank you so much! Makes more sense now  

[portbinder]

Use ReadProcessMemory bro.

[atom0s]

2 hours ago, portbinder said:

Use ReadProcessMemory bro.

If you are injected, ReadProcessMemory is not needed and is nothing but overhead.