sonkite
August 8th, 2004, 21:06
Anyone know howto get TEB/PEB address of another process? I want to use it to patch aspr dbg check without hooking. TIA.
View Full Version : PEB of another process?
sna
August 9th, 2004, 05:58
Hi.
You could use GetThreadContext w/ CONTEXT_SEGMENTS to obtain the value of FS in your target thread;
Then use GetThreadSelectorEntry specifying the value of FS.
LDT_ENTRY.HighWord.Bytes.BaseHi, LDT_ENTRY.HighWord.Bytes.BaseMid and LDT_ENTRY.BaseLow.
Shift the values in place, do a bit of OR'ing and voila!
Regards, sna
(OMFG the formatting came out wrong)
You could use GetThreadContext w/ CONTEXT_SEGMENTS to obtain the value of FS in your target thread;
Then use GetThreadSelectorEntry specifying the value of FS.
LDT_ENTRY.HighWord.Bytes.BaseHi, LDT_ENTRY.HighWord.Bytes.BaseMid and LDT_ENTRY.BaseLow.
Shift the values in place, do a bit of OR'ing and voila!
Regards, sna
(OMFG the formatting came out wrong)
sonkite
August 9th, 2004, 11:25
Great thanks, worked like a charm =)
Powered by vBulletin® Version 4.2.2 Copyright © 2018 vBulletin Solutions, Inc. All rights reserved.