有关内存写入问题...
看了两个经典源码还是不大懂,编译没法通过
比如我现在知道XX程序的内存地址中00452BD4中存放的数据是4,我想改成8我得怎么办??如:
function SetProcessMemoryForID(ProcessID: THandle; Address: LongWord; Buf: Pointer; Len: LongWord): boolean;
var
lpNumberOfBytes: LongWord;
hProcessHandle: THandle;
begin
Result := false;
if ProcessID = 0 then exit;
hProcessHandle := OpenProcess(PROCESS_VM_READ or PROCESS_VM_WRITE or PROCESS_VM_OPERATION, false, ProcessID);
if hProcessHandle = 0 then exit;
try
是不是得在这里操作?写上代码,具体应该怎么做!?
WriteProcessMemory(hProcessHandle, Pointer(Address), buf, len, lpNumberOfBytes);
finally
CloseHandle(hProcessHandle);
end;
Result := True;
end;
问题点数:80、回复次数:13Top
1 楼ksaiy(阳光总在风雨后)回复于 2004-11-01 09:10:52 得分 20
自己看看吧:
http://www.delphibox.com/article.asp?articleid=992Top
2 楼beyondtkl(大龙驹<*好久没来了,兄弟们好吧。*>)回复于 2004-11-01 09:16:48 得分 30
不能直接操作 绝对地址的。。。
WriteProcessMemory(hProcessHandle, Pointer(Address), buf, len, lpNumberOfBytes);
// 这样 可能是可以的。。。
WriteProcessMemory(
hProcessHandle, // 你所要写入进程的handle<IN>
Pointer(Address),// 写入的首地址 <IN>
buf, // 所要写入的内容的首地址<IN>
len, // 所要写入的长度 <IN>
lpNumberOfBytes);// 实际写入的长度 <OUT>Top
3 楼jiangmenghen(江梦痕)回复于 2004-11-01 23:47:33 得分 0
真惨,看了源码我更不明为什么我不行了,大侠们帮看看啊,源码里是这样的.
WriteMemory(hProc,pointer(strtoint(edit2.text)),strtoint(Edit4.Text));
edit4.Text=''//这是源码接收输入的
edit2.Text:='0x'+Listbox1.Items.Strings[listbox1.itemindex];
我的写法是下面
WriteProcessMemory(hProcessHandle,pointer(strtoint('0x00452BD4')),strtoint('40'));
但老是说我整形给指针型 请问是哪出问题了~~Top
4 楼快乐老猫(高亚男 无米下炊)回复于 2004-11-02 10:59:30 得分 30
利用我的函数
http://community.csdn.net/Expert/topic/3427/3427876.xml?temp=.8115045
例子代码如下:
const
CProcessName = 'abc.exe'; //要修改的进程文件名称,你可以改成自己的,也可以用变量
var
mProcessID: THandle; //用于保存进程标识的变量
mAddress: LongWord; //用于保存要修改的进程地址
byBuf: Byte; //用于修改进程的数据空间,可以是任何有效类型,包括结构
begin
mAddress := $00452BD4; //这里是一个固定地址,你可以使用表达式计算出一个地址,比如基准地址加一个偏移量(偏移量一般是一个结构大小与结构编号的乘积)
byBuf := 8; //设置写入缓冲区
mProcessID := GetProcessID(PCHAR(CProcessName)); //获得进程标识
if not SetProcessMemoryForID(mProcessID, mAddress, @byBuf, SizeOf(byBuf)) then //对目标进程也能够写入新的信息,若出错,则提示。
application.Messagebox(........);
end;
//@byBuf 用于获得 byBuf 的地址指针
//SizeOf(byBuf) 用于获得 byBuf 的空间大小
楼主需要看一些基本教程了,函数都提供给你了,还没看明白。ft
说个题外话,原来玩网游的时候,有个网友跟楼主同名。Top
5 楼beyondtkl(大龙驹<*好久没来了,兄弟们好吧。*>)回复于 2004-11-02 12:55:59 得分 0
WriteProcessMemory(hProcessHandle,pointer(strtoint('0x00452BD4')),strtoint('40'));
0x**** 这是 C/C++对十六进制的定义方法 而DELPHI是 $00452BD4....Top
6 楼jiangmenghen(江梦痕)回复于 2004-11-02 13:01:09 得分 0
同名的应该就是我了....本来用VC的,后来搞影视,去年以来从VC转过D真不习惯,而又没什么时间学习了!!Top
7 楼jiangmenghen(江梦痕)回复于 2004-11-02 13:09:11 得分 0
原来又都是在搞些数据库开发...对基本的知识不牢固!Top
8 楼jiangmenghen(江梦痕)回复于 2004-11-02 13:16:34 得分 0
对了,还有 0x 同 $ 我都有试过的....我搞不明的是..
WriteProcessMemory(
hProcessHandle, // 你所要写入进程的handle<IN>
Pointer(Address),// 写入的首地址 <IN>
buf, // 所要写入的内容的首地址<IN>
len, // 所要写入的长度 <IN>
lpNumberOfBytes);// 实际写入的长度 <OUT>
buf, // 所要写入的内容的首地址??这不是要写入的数据吗!?看来我真的得恶补一下了!Top
9 楼beyondtkl(大龙驹<*好久没来了,兄弟们好吧。*>)回复于 2004-11-02 13:16:39 得分 0
呵呵 偶以前也是搞VC呀。。搞DELPHI开始是不太习惯 慢慢就没问题的啦。。。
相对VC来说 还是1Z很多的。。Top
10 楼beyondtkl(大龙驹<*好久没来了,兄弟们好吧。*>)回复于 2004-11-02 13:18:49 得分 0
比如
chr buf[255];
memset(buf, 0, 255);
buf, // 所要写入的内容的首地址??这不是要写入的数据吗!?看来我真的得恶补一下了!
buf就是你要写入的内容的首地址呀。。。 这是C++的基本语法哦。。
而且是以 LPVOID lpBuffer, // pointer to buffer to write data to
所以还需要传入后面的len 不然不知道写多少。。。Top
11 楼快乐老猫(高亚男 无米下炊)回复于 2004-11-02 14:37:09 得分 0
LPVOID lpBuffer,这里说明他是个地址指针,你学过VC应该对指针有一定的了解阿。
楼主就是那个当年给幻灵游侠写宠物成长计算器的江梦痕么?
参考 Win32s Programmer's Reference
The WriteProcessMemory function writes memory in a specified process. The entire area to be written to must be accessible, or the operation fails.
BOOL WriteProcessMemory(
HANDLE hProcess, // handle to process whose memory is written to
LPVOID lpBaseAddress, // address to start writing to
LPVOID lpBuffer, // pointer to buffer to write data to
DWORD nSize, // number of bytes to write
LPDWORD lpNumberOfBytesWritten // actual number of bytes written
);
Parameters
hProcess
Identifies an open handle to a process whose memory is to be written to. The handle must have PROCESS_VM_WRITE and PROCESS_VM_OPERATION access to the process.
lpBaseAddress
Points to the base address in the specified process to be written to. Before any data transfer occurs, the system verifies that all data in the base address and memory of the specified size is accessible for write access. If this is the case, the function proceeds; otherwise, the function fails.
lpBuffer
Points to the buffer that supplies data to be written into the address space of the specified process.
nSize
Specifies the requested number of bytes to write into the specified process.
lpNumberOfBytesWritten
Points to the actual number of bytes transferred into the specified process. This parameter is optional. If lpNumberOfBytesWritten is NULL, the parameter is ignored.
Return Values
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error information, call GetLastError. The function will fail if the requested write operation crosses into an area of the process that is inaccessible.
Remarks
WriteProcessMemory copies the data from the specified buffer in the current process to the address range of the specified process. Any process that has a handle with PROCESS_VM_WRITE and PROCESS_VM_OPERATION access to the process to be written to can call the function. The process whose address space is being written to is typically, but not necessarily, being debugged.
The entire area to be written to must be accessible. If it is not, the function fails as noted previously.
Top
12 楼extcsdn(Studing VB now)回复于 2004-11-02 16:38:06 得分 0
upTop
13 楼jiangmenghen(江梦痕)回复于 2004-11-02 19:41:37 得分 0
懂了..谢谢!!就是当年那个咯.好怀念当年的...天晴数码--幻灵游侠 :)Top
相关问题
关键词
得分解答快速导航
相关链接
广告也精彩
反馈
