I'm trying to get the name of a module loaded in another process with GetModuleFileNameA.
I've loaded a symbol using dbgHelp and got its module base address but 2 weird thing happen:
1. Sometimes GetModuleFileNameA returns system error codes 5: Access denied.
2. It returns the wrong module name. for a function I know to be in module A, I get the name of module B... :/
Can somebody help me?
thanks:)
On
If your process wants to access another process, it needs to have the rights to do so. That means your process needs elevated rights, or it must be the owner of the other process.
If you get the wrong name, you may have used the wrong handle. That might also explain why you get Access Denied sometimes. If you pass the handle to the wrong module, you may not have access to that, even if you do have access to the module you want to know the name of.
Please read the docs. Right on the page for GetModuleFileName it says
GetModuleFileName only makes sense for modules in your process. Even if both processes have loaded the module, it may be at a different base address. You're effectively feeding GetModuleFileName garbage. Just to reiterate, you need to use GetModuleFileNameEx