15,471
社区成员
发帖
与我相关
我的任务
分享请看看我的这个扫描内存的问题~~~~
#include<stdio.h>
#include<conio.h>
#include<windows.h>
void main(int argc,char **argv)
{
char wndName[128];
DWORD pID,tID; // Process ID,Thread ID
HWND hWnd; // window handle
SYSTEM_INFO si; // get min and max application address
MEMORY_BASIC_INFORMATION mbi; // get memory type
if (argc == 1)
strcpy(wndName,"命令提示符");
else
strcpy(wndName,argv[1]);
hWnd = FindWindow(NULL,wndName);
if (!hWnd)
{
MessageBox(NULL,TEXT("FindWidnow Error!"),TEXT("FindWindow Tip"),MB_OK);
return;
}
GetSystemInfo(&si);
tID = GetWindowThreadProcessId(hWnd,&pID);
HANDLE handle = OpenProcess(PROCESS_ALL_ACCESS,FALSE,pID);
if(!handle)
{
MessageBox(NULL,TEXT("OpenProcess Error!"),TEXT("OpenProcess Tip"),MB_OK);
return;
}
DWORD len = sizeof(MEMORY_BASIC_INFORMATION);
DWORD i = 0;
DWORD readBytes;
PVOID addr = si.lpMinimumApplicationAddress ;
DWORD ret;
do
{
memset(&mbi,len,0);
ret = VirtualQuery(addr ,&mbi,len);
if (mbi.State == MEM_COMMIT)
{
char *memBuffer = (char*)malloc(mbi.RegionSize);
BOOL readOk = ReadProcessMemory(handle,mbi.BaseAddress ,
memBuffer,mbi.RegionSize,&readBytes);
if (readOk)
{
printf("address: 0X%08X\t",mbi.BaseAddress );
for (unsigned int k = 1; k <= readBytes; k++)
{
if ((k % 16) == 0)
printf("\naddress: 0X%08X\t",(DWORD)mbi.BaseAddress + (k / 16) * 16 );
printf("%02X ",*memBuffer++);
}
printf("\n");
}
free(memBuffer);
getch();
}
addr = (PVOID)((PBYTE)addr + mbi.RegionSize );
}while(ret == len );
printf("\n");
}
在Windows2000,拥有管理员权限,命令提示符为一个CMD窗口.
问题出现在有的内容是一个字符竟然出现8个字节,如
00 0B 00 00 00 06 00 08 02 FFFFFF90 02 02 00 18 00 00
#include<conio.h>
#include<windows.h>
void main(int argc,char **argv)
{
char wndName[128];
DWORD pID,tID; // Process ID,Thread ID
HWND hWnd; // window handle
SYSTEM_INFO si; // get min and max application address
MEMORY_BASIC_INFORMATION mbi; // get memory type
if (argc == 1)
strcpy(wndName,"命令提示符");
else
strcpy(wndName,argv[1]);
hWnd = FindWindow(NULL,wndName);
if (!hWnd)
{
MessageBox(NULL,TEXT("FindWidnow Error!"),TEXT("FindWindow Tip"),MB_OK);
return;
}
GetSystemInfo(&si);
tID = GetWindowThreadProcessId(hWnd,&pID);
HANDLE handle = OpenProcess(PROCESS_ALL_ACCESS,FALSE,pID);
if(!handle)
{
MessageBox(NULL,TEXT("OpenProcess Error!"),TEXT("OpenProcess Tip"),MB_OK);
return;
}
DWORD len = sizeof(MEMORY_BASIC_INFORMATION);
DWORD i = 0;
DWORD readBytes;
PVOID addr = si.lpMinimumApplicationAddress ;
DWORD ret;
do
{
memset(&mbi,len,0);
ret = VirtualQuery(addr ,&mbi,len);
if (mbi.State == MEM_COMMIT)
{
char *memBuffer = (char*)malloc(mbi.RegionSize);
BOOL readOk = ReadProcessMemory(handle,mbi.BaseAddress ,
memBuffer,mbi.RegionSize,&readBytes);
if (readOk)
{
printf("address: 0X%08X\t",mbi.BaseAddress );
for (unsigned int k = 1; k <= readBytes; k++)
{
if ((k % 16) == 0)
printf("\naddress: 0X%08X\t",(DWORD)mbi.BaseAddress + (k / 16) * 16 );
printf("%02X ",*memBuffer++);
}
printf("\n");
}
free(memBuffer);
getch();
}
addr = (PVOID)((PBYTE)addr + mbi.RegionSize );
}while(ret == len );
printf("\n");
}
在Windows2000,拥有管理员权限,命令提示符为一个CMD窗口.
问题出现在有的内容是一个字符竟然出现8个字节,如
00 0B 00 00 00 06 00 08 02 FFFFFF90 02 02 00 18 00 00
...全文
请发表友善的回复…
发表回复
