Author Topic: Random Access Memory (Read 2120 times)

relax · « **on:** August 22, 2012, 07:58:54 AM »

Sorry if i am posting in wrong category feel free to move me.

The question:
Can you reading content from RAM and if so How?
in linux you can type [hexedit /dev/mem] as i understand after googling it.
But how to do it in windows?

BO:
a topic that is close tho this one is Buffert Overflow.
don't know much about it maybe it can be done somehow in that way.
Should i read into BO? don't really understand it

RedBullAddicted · « **Reply #1 on:** August 22, 2012, 08:03:46 AM »

Hi Relax,

I can only provide a link for you. In my opinion this is one of the best description for stack based overflows I have ever found on the web. It will take some time and I am sure reading it once will not be enough.

https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/

Cheers

relax · « **Reply #2 on:** August 22, 2012, 08:13:49 AM »

wonderful

I read it as soon as I wake up tomorrow, I'm tired of all the studying and tests.

techb · « **Reply #3 on:** August 22, 2012, 08:14:40 AM »

If I understand C correctly, couldn't you use pointers to read random addresses in memory?

Kulverstukas · « **Reply #4 on:** August 22, 2012, 09:07:21 AM »

Moved it to Hardware. Kinda seems more appropriate in here.

relax · « **Reply #5 on:** August 22, 2012, 06:16:52 PM »

Quote from: techb on August 22, 2012, 08:14:40 AM

If I understand C correctly, couldn't you use pointers to read random addresses in memory?

as I understand it, a c / c + + programs can only read from its own memory, not other programs memory.

I know that cheat engine program can read from other application's memory. the only question is how

frog · « **Reply #6 on:** August 23, 2012, 12:58:02 AM »

You have to create your own debugger. This can be done a few different ways depending on the programming language and the operating system. If you like python, somewhere in the gray hat python book it shows you how to do this. There isn't a simple answer, unfortunately.

EDIT:
More specifically, the ram is read through functions provided by the operating system. Cheat-engine demonstrates this concept of attaching to a process and reading/modifying the memory. Usually administrative/root access is all you need to be granted permission to other programs' memory.

Here's reference to a few key functions built-in to windows for doing this:
http://msdn.microsoft.com/en-us/library/ms680553%28VS.85%29.aspx
http://msdn.microsoft.com/en-us/library/windows/desktop/ms684175%28v=vs.85%29.aspx
http://msdn.microsoft.com/en-us/library/windows/desktop/ms683212%28v=vs.85%29.aspx

namespace7 · « **Reply #7 on:** August 23, 2012, 06:08:09 PM »

Quote from: Kulverstukas on August 22, 2012, 09:07:21 AM

Moved it to Hardware. Kinda seems more appropriate in here.

How is this hardware?
If this is hardware, then a discussion about reading data from a hard disk is also a hardware discussion....

Reading RAM is a very common activity in cracking and reverse engineering.

Author Topic: Random Access Memory (Read 2120 times)

relax

Random Access Memory

RedBullAddicted

Re: Random Access Memory

relax

Re: Random Access Memory

techb

Re: Random Access Memory

Kulverstukas

Re: Random Access Memory

relax

Re: Random Access Memory

frog

Re: Random Access Memory

namespace7

Re: Random Access Memory