Process Module Base Address not Being Obtained about memory-hacking-class HOT 10 OPEN

I think I saw another C++ library that was similar to this one, but I can't find it anymore.

Did you run your program with admin privileges?
You mention you used example2. Did you ensure that there is a process that is called notepad.exe?

from memory-hacking-class.

Yes, I have tried running as admin, and yes I have a process called notepad.exe

from memory-hacking-class.

You should check GetLastError after every function call and post the results here.
Also, can you make sure that Memory.GetProcessId returns a valid process id and that OpenProcess retuirns a valid process handle?
Also, please check if Memory.GetDebugPrivileges successfully enables SeDebugPrivilege on your process. This can be done using https://github.com/processhacker/processhacker

from memory-hacking-class.

SeDebugPrivelege gets enabled successfully. Memory.GetProcessId also functions correctly and returns a valid process ID, same goes for OpenProcess. When I run GetLastError it returns 0 up through Memory.GetModuleBase, upon which it starts to return 299.

from memory-hacking-class.

I think the error comes from EnumProcessModules. You could try replacing all occurrences of EnumProcessModules with EnumProcessModulesEx which has an additional parameter (the 5th parameter) which can be used to specify what kinds of modules to enumerate. Possible values for this parameter are:

• LIST_MODULES_32BIT
• LIST_MODULES_64BIT
• LIST_MODULES_ALL
• LIST_MODULES_DEFAULT

Try if one of these fix the issue.

More info on EnumProcessModulesEx can be found here: https://docs.microsoft.com/en-us/windows/win32/api/psapi/nf-psapi-enumprocessmodulesex

I think it's possible that notepad.exe used to be 32-bit at the time I tested this and that it's now 64-bit and thus doesn't work anymore by simply using EnumProcessModules, but I don't know for sure.

from memory-hacking-class.

I tried doing this, but it kept yelling at me about EnumProcessModulesEx not being defined. I looked into it, but I couldn't figure out how to fix this issue. Stranger still is that Windows.h is still being included in the file.

from memory-hacking-class.

That's weird. You might have to install a newer version of the Windows SDK and then maybe also tell GCC to use that newer version if that doesn't happen automatically.

from memory-hacking-class.

I tried looking into doing that, but I couldn't quite figure out how. Is there a guide for that that you could point me to by any chance?

from memory-hacking-class.

I think you just need to download an SDK installer and then install it.
https://developer.microsoft.com/en-us/windows/downloads/sdk-archive/

But it might depend on what version of Windows you use and how you have installed GCC.

from memory-hacking-class.

So I've been tinkering with stuff trying to get this to work for a while, and I decided to have it output the current debug privelege value to the console, and apparently it's failing to set the proper priveleges. I also went in and uncomment the line std::cout << "Failed to enable privilege, error:\n>> " << GetLastError() << std::endl;, and sure enough it's throwing an error 1300.

from memory-hacking-class.