UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
Sponsored Links
Latest Postings
by Gremelin
10/05/15 06:01 PM
Latest Reviews
Topic Options
Rate This Topic
#17858 - 01/12/03 09:23 AM Crash Course in VB memory hacks and strings
SilentRage Offline
DollarDNS Owner

Registered: 03/04/02
Posts: 1273
Loc: OH, USA
I've written a previous tutorial on memory hacking with CopyMemory, but it wasn't entirely accurate or thorough. This crash course will give you the totally accurate and thorough situation on VB strings and string arrays.

A reminder:
StrPtr function returns the pointer to the string associated with a string variable.

VarPtr function returns the pointer to the actual variable.


Memory Commentary:
A string variable stores a 4 byte pointer to the first byte of the actual string. However, before the string is a 4 byte length descripter OF the string in number of bytes. In VB strings are UNICODE and are terminated by a 2-byte null character. However, make sure to only pass strings as ByVal VarPtr for the source - cause VB has a tendancy to pass the UNICODE strings as ASCII which totally screws things up.

'The returned address is identical to StrPtr(MyString)
CopyMemory Address, ByVal VarPtr(MyString), 4

'Store the length of MyString
CopyMemory Length, ByVal StrPtr(MyString) - 4, 4

'Copy the string from MyString to the Buffer
CopyMemory Buffer, ByVal StrPtr(MyString), Length

String Arrays

Memory Commentary:
A array variable stores a 4 byte pointer to the first element of the actual array. String arrays are actually an array of 4 byte pointers which point to the actual string in each element. Before the actual array is a 4 byte length descripter of the array. So like, if an array has 3 elements, the length will be 12. Each individual element being a pointer to the string associated with that element. That string holds true to strings pointed to by normal string vars. It is preceded by a 4 byte length of the actual string.

'Store the memory location of the array
CopyMemory Address, ByVal VarPtr(MyStringArray(0)), 4

'The 4 bytes before the array is the length of the array in bytes
CopyMemory Length, ByVal Address - 4, 4

'Retrieve the address to the string in the first element
CopyMemory Address, ByVal StrPtr(MyStringArray(0)), 4

'Retrieve the length of the string in the first element
CopyMemory Length, ByVal StrPtr(MyStringArray(0)) - 4, 4

'Copy the string in the first element to a string variable
CopyMemory MyString, ByVal StrPtr(MyStringArray(0)), Length
Domain Registration, Hosting, Management

Sponsored Links
#17859 - 01/23/03 11:37 PM Re: Crash Course in VB memory hacks and strings
ninjaneo Offline
UGN Security Staff

Registered: 03/06/02
Posts: 256
Loc: CA, USA
thanks SR, what I was looking for

btw.. this was posted using meh port forwarde :>

#17860 - 02/19/03 05:58 AM Re: Crash Course in VB memory hacks and strings
psychogen Offline

Registered: 03/02/02
Posts: 257
Loc: UK
nice nice :-P
The use of "hacker" to mean "security breaker" is a confusion on the part of the mass media. We hackers refuse to recognize that meaning, and continue using the word to mean, "Someone who loves to program and enjoys being clever about it."
"Its not a bug, its a feature" (Epic Games)


Featured Member
Registered: 04/29/15
Posts: 2
Forum Stats
2158 Members
46 Forums
41594 Topics
76769 Posts

Max Online: 1567 @ 04/25/10 02:20 AM
Top Posters
UGN Security 34756
Gremelin 7194
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
Jan Havelles, Herbert_Sherbert, codemauve, Lillysdragon1984, Brewwit
2158 Registered Users
Who's Online
0 registered (), 241 Guests and 293 Spiders online.
Key: Admin, Global Mod, Mod
Latest News

  Get Firefox!
Get FireFox!