|
DOS stack under Win2k
Hello,
i hope this post is right located in this Thread. I would like to access the stack of a DOS of program from a Win32 application. I've tried the DebugAPI's SetThreadContext/GetThreadContext. Changing the EIP work's great but accessing the stack with the returned ESP Pointer fails. Then i tried to give ESP value to ReadProcessMemory but the returned value by RPM isn't the value i pushed onto the stack. You can view my testing apps with source h**p://phalcon.net/masm32/ any suggestions?? Sincerly Nukacola :o |
try this:
invoke OpenProcess,PROCESS_ALL_ACCESS, 1, idproces........ then with de handle invoke VirtualProtectEx,handle, x1 , x2 ,PAGE_EXECUTE_READWRITE,.... Then use ReadProcessMemory |
ok,
thanks i tried that but it won't help. Same Probleme i can't get the stack-value of a running Process if it is in a loop. It's an old 16-bit DOS Process which is executed by NTVDM.EXE. I get 252 back every Time (if checking ESP), or 153632 (if checking [ESP]). I've tried to debug the application with OllyDbg but i can't find the way the stack is handled by NTVDM. Any other suggestions or reference material ??? Sincerly Nukacola |
| All times are GMT +8. The time now is 04:15. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX