-2

this is first program called hooktry.cpp

 #include <iostream>
 #include<stdio.h>
 using namespace std;

class c1{
int c=2;

public:

int * printadd()
{
    int *p=&c;
    printf("the address of c is %d\n",p);
    return p;

}
void printv()
{
    printf("the value is ===%d\n",c);
}



};

int main(int argc, const char * argv[]) {

int *p;
c1 mem;
char c;
p=mem.printadd();
mem.printv();
*p=12;
scanf("%c",&c);
mem.printv();
return 0;
}

OUTPUT: the address of c is 1606416304
the value is ===2

at the same time ran another code hooktry2.cpp

#include <iostream>
using namespace std;



int main(int argc, const char * argv[]) {
// insert code here...
int *p;

p=(int*)1606416304;
*p=23;

return 0;
}

i am getting segmentation error in this
hooktry2.cpp is not able to access the memory of the hooktry.cpp one
is there anyway to turnoff this protection by patching the Operating System
or this is just impossible.
i am working on malware and hook programs like gamecheat etc...
or this not hook i am doing ...

Killerbeans
  • 1,903
  • 2
  • 10
  • 7
  • 3
    Thats not how you read memory of other process. Generally you'd use [OS specific system calls](https://msdn.microsoft.com/en-us/library/windows/desktop/ms680553(v=vs.85).aspx) to do something like that – Kevin L Aug 25 '16 at 18:01
  • 1
    This could work on IBM PC with DOS 6.1 20 years ago. Welcome to the 21st century. – Slava Aug 25 '16 at 18:30
  • 6
    *"i am working on malware and hook programs like gamecheat"* - Glad to see that you are utterly incapable to do any of these. – IInspectable Aug 25 '16 at 18:43

1 Answers1

6

You can't access the memory like this (at-least in a complex system like your PC/Laptop). This is because the addresses you see in one program(process) aren't the real addresses. They are the Virtual Addresses and they are quite different from the Real Addresses.

Let me try to define three notions for you:

  • Physical Address: The address of where something is physically located in the RAM chip (Main Memory).
  • Logical/Virtual Address: The address that your program uses to reach its things. It's typically converted to a physical address later by a hardware chip(MMU) (mostly, not even the CPU is aware really of this conversion).
  • MMU: A memory management unit (MMU), sometimes called paged memory management unit (PMMU), is a computer hardware unit having all memory references passed through itself, primarily performing the translation of virtual memory addresses to physical addresses. Read more about it over here.

For a simple system(which doesn't have MMU), physical address = virtual address. Larger systems are generally demand-paged virtual memory systems, where the MMU translates a virtual address to a physical address, or alerts the OS to take action (to allocate a page, read a page from disk, or deny access to a page -> trap or fault). Typically, an operating system assigns each program its own virtual address space

In your case, both the programs have different virtual memory address space. You can't refer anything in one program belonging to another program(process). This is due to the fact that you wouldn't get the real address if you try to get the address of a variable in one of your program. The addresses you will get have validity in your current program and wouldn't make any sense if you try to use addresses of a program into another program(process).

So, what you were trying to do will result into UNDEFINED BEHAVIOR. In your case, it has resulted into Segmentation Fault as the address you were trying to deference, didn't exit in virtual address space of your program. Although there are several techniques which can be used to achieve what you want. Inter-process communication is the term used for communication techniques between two processes. Few are given below which can be used in a POSIX system for inter-process communication:

  • Pipe
  • Message Queue
  • Sockets
  • Memory-Mapped
  • Shared Memory

Read more about virtual and physical address over here.

Community
  • 1
  • 1
abhiarora
  • 9,743
  • 5
  • 32
  • 57