I am try to get address of any string (I know there is so much example for that but Its not for me). I can get all address(or pointer) MEM_MAPPED and MEM_IMAGE type of pages in the region but I cant get MEM_PRIVATE page region, my char or string in MEM_RESERVE and MEM_PRIVATE
(I am trying to get 0x2b6f000)
std::string const& pattern = "d3dtext_chat";
DWORD procid = 8292;
unsigned char* addr = 0;
HANDLE hProc = OpenProcess(PROCESS_ALL_ACCESS, FALSE, procid);
MEMORY_BASIC_INFORMATION mbi;
while (VirtualQueryEx(hProc, addr, &mbi, sizeof(mbi)))
{
if (mbi.State == MEM_RESERVE && mbi.Type == MEM_PRIVATE)
{
std::cout << "base : 0x" << std::hex << mbi.BaseAddress << "\n";
}
addr += mbi.RegionSize;
}
I can get the memory region (private and reserve) with this code and then I use RPM(readprocessmemory) and I use memcmp to find my char or string. It is for to get mapped and image region but I cant get private region, what should be I do?