Announcement

**Shrek** · 01-13-2014, 04:49 AM

I dont mind having a go at this, what program are you trying to get the hProcess handle from so we are on the same page or testing?

**startup** · 01-13-2014, 05:16 AM

Originally posted by Shrek View Post

I dont mind having a go at this, what program are you trying to get the hProcess handle from so we are on the same page or testing?

thanks shrek for replay
i wil explane

the debugger name wil be taken from a table with a loop
i can got hProcess and handle

let us say that the address is 00485a3d
and this is a static address
and that address holds a string like "debugger x"

if i can read that string from this location (address)
i can do things like
exit program
or make registry values .... etc
or do any trik

**webultra** · 01-13-2014, 06:44 AM

I wouldn't spend too much time on it, as you should be reading all the processes on startup and while your app is been executed (maybe in another thread). But, there are also apps that can stop/freeze any process and then open a debugger to search for any string, etc. Maybe you can use protection apps like themida or armadillo, but they only worth if your app is not free. But, any app can be *****ed (ask to microsoft lol)

**startup** · 09-01-2018, 11:57 AM

Originally posted by webultra View Post

Iany app can be *****ed

yes
but it is not about it will be *****ed or not
it is about how difficult and how times it takes to be
i found other ways better than R.P.Mem method
so thanks
and sorry for so late replay

Announcement

ReadProcessMemory and software protection

ReadProcessMemory and software protection

Comment

Comment

Comment

Comment