Thread: Read registers in memory
View Single Post
  #2  
Old 09-19-2014, 14:43
Sir.V65j Sir.V65j is offline
Friend
  
Join Date: Oct 2010
Posts: 66
Rept. Given: 35
Rept. Rcvd 32 Times in 15 Posts
Thanks Given: 70
Thanks Rcvd at 54 Times in 21 Posts
Sir.V65j Reputation: 32
set bp(eb fe) on that offset
then use this function:
Quote:
function SniffSerial(PI: PROCESS_INFORMATION; Ctx: _Context): string;
var
X: Cardinal;
Buff: PChar;
begin
GetMem(Buff,50);

SuspendThread(PI.hThread);
GetThreadContext(PI.hThread,Ctx);
ReadProcessMemory(PI.hProcess,Pointer(Ctx.Edx),Buff,50,X);

Result:=trim(Buff) ;
FreeMem(Buff);
end;
thanks NimaSubZero & anorganix
you can use this source
Attached Files
File Type: rar Coding a Serial Sniffer_anorganix.rar (313.1 KB, 59 views)
Last edited by Sir.V65j; 09-19-2014 at 15:04. Reason: add a source code
Reply With Quote
The Following 3 Users Gave Reputation+1 to Sir.V65j For This Useful Post:
anon_c (09-20-2014), chessgod101 (09-20-2014), Mahmoudnia (09-27-2014)
The Following User Says Thank You to Sir.V65j For This Useful Post:
anon_c (09-15-2015)