|
In the results I recieve a pointer to void type as every1 know with bytes from memory. But they are reversed =\
How can I change it ?
I.e.:
bytes in memory: 00218040 // this is in memory
bytes in result: 00408021
I want them like they are in memory.
_________<br />
I'm made in C++... and I'm proud of it!
|
|
|
|
|
Don't know exactly how ReadProcessMemory works but you can make a casting on the result. For example, if you want to read an integer value, do something like this:
int Result = *(int*)lpResult;
lpResult is the void pointer you get from ReadProcessMemory(). The compiler will automatically handle all the work for you .
Hope this help.
|
|
|
|
|
to reverse u can use following code:
for (DWORD x=0x00408021, i=0, r=0; i<32; i+=4, r+=(((x << i) & 0xf0000000) >> (28 - i)));
|
|
|
|
|
Are you talking about big-endian vs. little endian?
"When I was born I was so surprised that I didn't talk for a year and a half." - Gracie Allen
|
|
|
|
|
Are you waiting for my reaction? I don't u'stand last solution made by 4apai. Could some1 make this with comments?
And what do u mean by big-endian and little-endian? I'm newb in C++ things, that's why I'm here.. where I can get answers for my questions
_________<br />
I'm made in C++... and I'm proud of it!
|
|
|
|
|
Micie wrote:
Are you waiting for my reaction?
Well, since I did ask for clarification, a reaction response would be nice.
Micie wrote:
I don't u'stand last solution made by 4apai. Could some1 make this with comments?
I assume the code snippet provided was to reverse the bytes of a 32-bit number. Isn't that what you requested?
Micie wrote:
And what do u mean by big-endian and little-endian?
Try these sites for a description of endianness:
http://www.webopedia.com/TERM/b/big_endian.html
http://whatis.techtarget.com/definition/0,,sid9_gci211659,00.html
http://www.netrino.com/Publications/Glossary/Endianness.html
http://support.microsoft.com/default.aspx?scid=kb;en-us;102025
"When I was born I was so surprised that I didn't talk for a year and a half." - Gracie Allen
|
|
|
|
|
Just for the info:
He wanted:
bytes in memory: 00218040
bytes in result: 40802100
4api suggested:
to reverse u can use following code:
for (DWORD x=0x00408021, i=0, r=0; i<32; i+=4, r+=(((x << i) & 0xf0000000) >> (28 - i)));
but this will reverse the whole order, not byte by byte.
inputing 00218040, will result in 12080400 which is not what was requested
Papa
while (TRUE)
Papa.WillLove ( Bebe ) ;
|
|
|
|
|
That's what I mean!
Thanks Papa for help - my system is working
in little-endian.
_________<br />
I'm made in C++... and I'm proud of it!
|
|
|
|
|
u'r the observant one)
i dont pretend to get the same result as he wrote. People can make mistakes. i'm too)
but he wrote: "In the results I recieve a pointer to void type as every1 know with bytes from memory. But they are reversed =\"
it was quaternion reversion...
bit-by-bit reversion has following syntaxis:
for (DWORD x=0x00408021, i=0, r=0; i<32; i++, r+=(((x << i) & 0x80000000) >> (31 - i)));
// r = 0x84010200
but it still dont get needed result. or i made some mistakes in algorythm. it'll be the hometask)
i think its not a kind a reversion.
maybe the truth is in the words of DavidCrow (about the endian).
|
|
|
|
|
Its not "bit by bit", but "byte by byte"
(try saying it 20 times )
00 40 80 21 (little end in)
would be
21 80 40 00 (big end in)
As suggested in the first post, the cast into the correct type give him the relevant result, and the compiler will handle it gladly
Papa
while (TRUE)
Papa.WillLove ( Bebe ) ;
|
|
|
|
|
))))
4apai.
p.s.
finally code sample:
for (DWORD x=0x00408021, i=0, r=0; i<32; i+=8, r+=(((x << i) & 0xff000000) >> (24 - i)));
// r = 0x21804000
i do it!!!)
|
|
|
|
|
Gratz and thanks
Could you translate now how u done it? I don't
u'stand everything starting from
r+= ... Just do as big comment as you can.
Thanks in advance ^^
_________<br />
I'm made in C++... and I'm proud of it!
|
|
|
|
|
for (DWORD x=0x00408021, i=0, r=0; i<32; i+=8, r+=(((x << i) & 0xff000000) >> (24 - i)));
(((x << i) & 0xff000000) >> (24 - i)));
<< - its left bitshift operation
for example:
0x00408021 << 8 = 0x40802100;
then we need to trim right side of value to leave only first byte:
0x40802100 & 0xff000000 = 0x40000000;
then we put this byte in reverse-order by specifiing bits for right bitshift operation
0x40000000 >> 16 = 0x00004000;
finally we add this temporary value to our result variable.
4apai.
|
|
|
|
|
Thank you very much for every post
written in this thread.
That's what I wanted and expected!
_________<br />
I'm made in C++... and I'm proud of it!
|
|
|
|
|
I did not test the code, which is why I qualified my statement with "I assume." Whether it worked as intended or not, I've no clue.
"When I was born I was so surprised that I didn't talk for a year and a half." - Gracie Allen
|
|
|
|
|
I totaly agree with you, just wanted to make it clear for the original poster that the code, as it was, wasn't of any help, thus this was corrected.
Thanks again, and regards,
Papa
while (TRUE)
Papa.WillLove ( Bebe ) ;
|
|
|
|
|
I want to find the windowhandle of a dialog application minimized to the system tray.
enumwindow does not find the window, since the window is not visible.
what should I do?
gtz,
Niko
|
|
|
|
|
u can use spy++ from visual studio tools to find any window handle. even minimized. if u know class and caption.
for example. i'be minimized icq. so it doesnot enumarated. but i can c it in this tool.
how to do it programatically. i think use FindWindow with known class and caption
|
|
|
|
|
The window is not minimized to the taskbar but to the systemtray. enumwindows finds minized windows to the taskbar but not when they are minimized to the tray.
I use enumwindows instead of findwindow since it is more stable. I guess both functions do the same thing.
yes, spy++ does find my window. How does spy++ finds its windows?
|
|
|
|
|
systemtray, taskbar - its not a big reason. in both cases main windows are hided.
i won't dispute about stability, but as i said: use findwindow to get handle.
u've caption and u've class, or u dont've? its quite complete info to use this function.
or i dont understand your question.
|
|
|
|
|
Yes, i have the caption.
with enumwindows:
- I find the window when its visible on screen.
- I don't find the window when it is minimized to the tray.
it is simply not listed when using the callback func.
|
|
|
|
|
u dont listen to me.
theme is closed.
|
|
|
|
|
I guess you don't understand the problem.
thank you for your help anyway
|
|
|
|
|
p.s.
// i had outlook in system tray.
HWND hwndOutlook = ::FindWindow(NULL, "Inbox - Microsoft Outlook");
// i got valid handle for this window.
|
|
|
|
|
Using spy++ and find a class of the program. This is safer in my view, 'coz the caption may be changed by a program behaviour or other program.
HWND hWindows = FindWindow("ProgClass", NULL)
_________<br />
I'm made in C++... and I'm proud of it!
|
|
|
|