Closed JIUYUE521 closed 1 year ago
ufrisk
commented
1 year ago 1) Do you mean that you're unable to analyze 32-bit processes on the target computer (the computer with the driver or PCILeech FPGA board inside it?)
2) Or do you mean that your 32-bit process on the analysis computer is unable to use MemProcFS at all?
Is your issue 1 or 2?
JIUYUE521
commented
1 year ago 1
JIUYUE521
commented
1 year ago 5.5 version can be very strange. I have tried 5.6-5.7-5.8 multiple times, but it's not possible
ufrisk
commented
1 year ago I tested this on my test memory dumps just now. It works for me to access it at least in the mounted file system.
I tested this both on 32-bit processes on 64-bit Windows and on 32-bit Windows.
Are you able to share a memory dump with this error and a problematic process? Please contact me at pcileech@frizk.net or send me a DM at twitter.
I trust that this is a normal 32-bit process and not some specific game that is protected by Easy Anti-Cheat (EAC). If that is the case I'd prefer to stay away and not get involved. There are plenty of people using my tools to bypass their new "protections" though, google for it in that case.
Hello! 32 bit process PID cannot read data
64 bit processes are possible
32-bit processes can only be supported in versions 5.5 and below!