-1

I am attempting to make a program that will iterate through a list of actively running processes, find one that is from a certain executable, and then write to that processes memory. I have been following along with the msdn tutorial, modifying it more to suit my needs. I want to be able to view both 32 bit and 64 bit processes. In order to do this, I want to use EnumProcessModulesEx. I am able to import EnumProcessModules fine from psapi.h, but EnumProcessModulesEx does not appear to exist? Does anyone know how I can link to it?

Code:

#include <stdio.h>
#include <windef.h>
#include <Windows.h>
#include <psapi.h>

int main() {
    DWORD processes[1024], size, amount;
    if (!EnumProcesses(processes, sizeof(processes), &size)){
        return 1;
    }
    amount = size / sizeof(DWORD);
    for (int i = 0 ; i < amount ; i++){
        if (processes[i] != 0){
            HANDLE proc = OpenProcess(PROCESS_QUERY_INFORMATION | 
    PROCESS_VM_READ | PROCESS_VM_WRITE, FALSE, processes[i]);
            if (proc != NULL){
                TCHAR name[MAX_PATH] = TEXT("<unknown>");
                HMODULE mod;
                DWORD modSize;
                if (EnumProcessModules(proc, &mod, sizeof(mod), &modSize)){
                    GetModuleFileNameEx(proc, mod, name, 
    sizeof(name)/sizeof(TCHAR));
                }
                else {
                    printf("%i\n", GetLastError());
                    //ERROR_PARTIAL_COPY 64 Bit
                 }
                printf("%s\n", name);
            }
        }
    }
    return 0;
}

I am using Clion as my ide, which uses cmake to build. Cmake script:

cmake_minimum_required(VERSION 3.6)
project(Proc)

set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS}")
find_library (PSAPI Psapi)

set(SOURCE_FILES main.c)
add_executable(Proc ${SOURCE_FILES})
target_link_libraries(Proc PSAPI)
Curious Cube
  • 35
  • 2
  • 8
  • Did you include Windows.h? I wouldn't have to ask if your example was complete. – Retired Ninja Jan 23 '18 at 01:02
  • @RetiredNinja Sorry, yes I do have it included. I edited the post to include all the code. – Curious Cube Jan 23 '18 at 01:22
  • Are you targeting Windows XP? The MSDN page says it was added for 7. – Dave S Jan 23 '18 at 01:37
  • @DaveS No, this is windows 10, 64 bit. – Curious Cube Jan 23 '18 at 01:47
  • The code you've posted does not have `EnumProcessModulesEx` in it. Chances are you just don't have the proper version defined for the SDK. Read this and define the proper SDK versions >= Windows 7. https://msdn.microsoft.com/en-us/library/6sehtctf.aspx – Retired Ninja Jan 23 '18 at 02:36
  • @RetiredNinja I tried setting the macros, it did not work. Yes, the above code works, I am attempting to use EnumProcessModulesEx instead of EnumProcessModules as in the code above. – Curious Cube Jan 23 '18 at 21:00
  • I managed to fix it by completely uninstalling mingw and reinstalling it from scratch, I must have used a bad source in the first place or something. – Curious Cube Jan 23 '18 at 21:55

1 Answers1

0

I managed to fix this by uninstalling mingw, and installing a 64 bit version of it. I think I must have had a very old version installed before.

Curious Cube
  • 35
  • 2
  • 8