writing a driver to be used as a alternative to ReadProcessMemory/WriteProcessMemory?

NTDEV
1

Greetings, i have converted from delphi to c++ quite recently since i found the need of writing a kernel driver to read/write memory of a process.

i did succeed in writing a simple readprocessmemory driver in delphi, with a fair amount of hacking i succeeded in compiling a valid .sys which didnt cause bsods.

however, this was quite some time ago and ive taken the project up again.

if anyone knows of anything related to KiAttachProcess & RtlCopyMemory on it, please reply.

Thanks // Christopher

Ladda ner hela Windows Live gratis och uppt?ck f?rdelarna!
http://get.live.com/

2

Hi Christopher,

Welcome to the MSDN and Windows Driver Kit documentation
Here you’ll find description of KeAttachProcess and other
routines.

http://www.microsoft.com/whdc/devtools/wdk/
http://www.microsoft.com/whdc/driver/foundation/DrvDev_Intro.mspx
http://msdn.microsoft.com/en-us/library/aa972908.aspx

Regards,
–PA

christopher bengtsson wrote:

Greetings, i have converted from delphi to c++ quite recently since i
found the need of writing a kernel driver to read/write memory of a process.

i did succeed in writing a simple readprocessmemory driver in delphi,
with a fair amount of hacking i succeeded in compiling a valid .sys
which didnt cause bsods.

however, this was quite some time ago and ive taken the project up again.

if anyone knows of anything related to KiAttachProcess & RtlCopyMemory
on it, please reply.

Thanks // Christopher

V?rk?nslor? Hitta n?gon att dela dem med! MSN Dejting

3

Why do you think that you need a driver to do this?

  • S

From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of christopher bengtsson
Sent: Friday, August 22, 2008 6:02 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] writing a driver to be used as a alternative to ReadProcessMemory/WriteProcessMemory?

Greetings, i have converted from delphi to c++ quite recently since i found the need of writing a kernel driver to read/write memory of a process.

i did succeed in writing a simple readprocessmemory driver in delphi, with a fair amount of hacking i succeeded in compiling a valid .sys which didnt cause bsods.

however, this was quite some time ago and ive taken the project up again.

if anyone knows of anything related to KiAttachProcess & RtlCopyMemory on it, please reply.

Thanks // Christopher

V?rk?nslor? Hitta n?gon att dela dem med! MSN Dejtinghttp:

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer</http:>