15,471
社区成员
发帖
与我相关
我的任务
分享ReadProcessMemory的问题
本人在学写垃圾挂,写了一个简单的小程序,步骤如下:
1. 用FindWindow根据窗口标题得到窗口句柄
2. 根据窗口句柄,用GetWindowThreadProcessId获取窗口对应的进程的PID
3. 根据进程的PID,用OpenProcess取得进程的控制权-----PROCESS_ALL_ACCESS
以上三步都成功了。
4. 最后用ReadProcessMemory读取指定地址的内存。这一步失败了。用GetLastError得到错误代码为1400, 最后查到错误原因为Invalid window handle。我肯定获取到的进程PID是正确的,而且OpenProcess这一步也是成功的。
请问谁知道是什么问题吗。
代码如下(为了方便阅读我精简一下):
HWND pWnd;
DWORD pid, err;
HANDLE hand;
long hp = 0;
DWORD ret = 0;
//find window
pWnd = (HWND)::FindWindow(NULL, "ProgramName");
//get process pid
ret = ::GetWindowThreadProcessId(pWnd, &pid);
//Open Process
hand = ::OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid);
//Read Process Memory
if(ReadProcessMemory(hand, (const void *)(0x01a17c58+0x14), &hp, 4, 0))
m_static4.SetWindowText("successed to read memory");
else
m_static4.SetWindowText("failed to read memory");
err = GetLastError();
CloseHandle(hand);
1. 用FindWindow根据窗口标题得到窗口句柄
2. 根据窗口句柄,用GetWindowThreadProcessId获取窗口对应的进程的PID
3. 根据进程的PID,用OpenProcess取得进程的控制权-----PROCESS_ALL_ACCESS
以上三步都成功了。
4. 最后用ReadProcessMemory读取指定地址的内存。这一步失败了。用GetLastError得到错误代码为1400, 最后查到错误原因为Invalid window handle。我肯定获取到的进程PID是正确的,而且OpenProcess这一步也是成功的。
请问谁知道是什么问题吗。
代码如下(为了方便阅读我精简一下):
HWND pWnd;
DWORD pid, err;
HANDLE hand;
long hp = 0;
DWORD ret = 0;
//find window
pWnd = (HWND)::FindWindow(NULL, "ProgramName");
//get process pid
ret = ::GetWindowThreadProcessId(pWnd, &pid);
//Open Process
hand = ::OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid);
//Read Process Memory
if(ReadProcessMemory(hand, (const void *)(0x01a17c58+0x14), &hp, 4, 0))
m_static4.SetWindowText("successed to read memory");
else
m_static4.SetWindowText("failed to read memory");
err = GetLastError();
CloseHandle(hand);
...全文
请发表友善的回复…
发表回复
snow_wolf_lake 2009-04-24
- 打赏
- 举报
没人知道吗?自己顶上去。
lijinfenghust 2009-04-24
- 打赏
- 举报
hProcess
[in] A handle to the process with memory that is being read. The handle must have PROCESS_VM_READ access to the process.
Return Values
If the function succeeds, the return value is nonzero.
If the function fails, the return value is 0 (zero). To get extended error information, call GetLastError.
The function fails if the requested read operation crosses into an area of the process that is inaccessible.
[in] A handle to the process with memory that is being read. The handle must have PROCESS_VM_READ access to the process.
Return Values
If the function succeeds, the return value is nonzero.
If the function fails, the return value is 0 (zero). To get extended error information, call GetLastError.
The function fails if the requested read operation crosses into an area of the process that is inaccessible.
txdog 2009-04-24
- 打赏
- 举报
如果是这样的话,这样试试
这句
ReadProcessMemory(hand, (const void *)(0x01a17c58+0x14), &hp, 4, 0))
改为
DWORD a;
ReadProcessMemory(hand,LPVOID(0x01a17c58),&a,4,0);
ReadProcessMemory(hand,LPVOID(a+0x14),&hp,4,0);
这句
ReadProcessMemory(hand, (const void *)(0x01a17c58+0x14), &hp, 4, 0))
改为
DWORD a;
ReadProcessMemory(hand,LPVOID(0x01a17c58),&a,4,0);
ReadProcessMemory(hand,LPVOID(a+0x14),&hp,4,0);
txdog 2009-04-24
- 打赏
- 举报
0x01a17c58是基址?
0x14是偏移?
0x14是偏移?
snow_wolf_lake 2009-04-23
- 打赏
- 举报
??
Thanks all the same.
Thanks all the same.
顶顶通-FreeSWITCH二次开发接口 2009-04-23
- 打赏
- 举报
回复有误,sorry
顶顶通-FreeSWITCH二次开发接口 2009-04-23
- 打赏
- 举报
hp 的内存,有 VirtualAllocEx 分配,试一下
