Accessing Memory of other applications C++

Question

I am thinking about a problem I have been having for some time now.. I would like to write a C/C++ program (under windows first) that can access(read/change values) the memory(stack, heap, everything) of other running programs. (Not like shared memory but any memory the computer has..) Without having to start the application from my own application.. I have seen something like this before but I just can't figure out how it's done.. If I were to access the memory of any running program I would get errors from the OS right? Any help is appreciated!

Answer 1

As @sharptooth said, this requires support from the OS. Different OS does it differently. Since you are on Windows, there are a few steps you could follow:

1. Call OpenProcess, or CreateProcess to access, or launch a new process. In this call, you must request PROCESS_VM_READ access.
2. Call ReadProcessMemory to read a chunk of memory in that opened process.

If you want to change memory of another process, you then need PROCESS_VM_WRITE access and use WriteProcessMemory to achieve that.

In Linux, for example, you'd use ptrace to attach to a process and peek, poke its memory.

Answer 2

You can start a process (another program) from your own application, and access some of its information (especially shared memory). The contrary is very difficult, the CPU fakes the memory addresses so each process believes that it has the whole memory available...

Answer 3

You might be interested in taking a look at the Toolhelp32ReadProcessMemory function.