64,637
社区成员
发帖
与我相关
我的任务
分享
//开始循环搜索
while(searchedLength==sizeof(MEMORY_BASIC_INFORMATION)&&(int)BaseAddress < 0x7FFFFFFF) {
System.Console.Write("当前第"+ y +"个 ");
searchedLength = (int)ProcessMemoryWorokApi.VirtualQueryEx(PinballHandle, BaseAddress, out inf,
sizeof(MEMORY_BASIC_INFORMATION));
Console.WriteLine(inf.State+" "+inf.Protect+" "+inf.State+" "+inf.RegionSize);
System.Console.Write(Convert.ToString(inf.BaseAddress, 16));
if (inf.State == MEMMessage.MEM_COMMIT &&
(inf.Protect == PAGEinfo.PAGE_READWRITE || inf.Protect == PAGEinfo.PAGE_WRITECOPY||
inf.Protect == PAGEinfo.PAGE_EXECUTE_READWRITE || inf.Protect == PAGEinfo.PAGE_EXECUTE_WRITECOPY))
{
y++;
ProcessMemoryWorokApi.ReadProcessMemory(PinballHandle,
(IntPtr)inf.BaseAddress, ReadByte, 16, (IntPtr)0);
ReadString = ProcessMemoryWorokApi.ConvertByte(ReadByte);
System.Console.WriteLine(" "+Convert.ToString(inf.BaseAddress,16)+"=" + ReadString);
if (UserInputString.Trim().Equals(ReadString.Trim()))
{
MessageBox(new IntPtr(0), "查到了,恭喜你!", "提示", 0);
//修改游戏分数
ProcessMemoryWorokApi.WriteProcessMemory(PinballHandle,
(IntPtr)inf.BaseAddress, ProcessMemoryWorokApi.ConvertToBytes(inputByteStr), 16, (IntPtr)0);
break;
}
else
{
BaseAddress = (IntPtr)(inf.BaseAddress + inf.RegionSize);
}
}
else if (inf.State == MEMMessage.MEM_FREE && inf.RegionSize > 0x08000000)
{
break;
}
else if (inf.Protect == PAGEinfo.PAGE_NOACCESS)
{
// || inf.Protect == PAGEinfo.PAGE_GUARD
Console.WriteLine("是不能访问的!");
ProcessMemoryWorokApi.VirtualProtectEx(PinballHandle,
(IntPtr)inf.BaseAddress, inf.RegionSize, PAGEinfo.PAGE_READWRITE, PAGEinfo.PAGE_NOACCESS);
ProcessMemoryWorokApi.ReadProcessMemory(PinballHandle,
(IntPtr)inf.BaseAddress, ReadByte, 16, (IntPtr)0);
ReadString = ProcessMemoryWorokApi.ConvertByte(ReadByte);
System.Console.WriteLine(" " + Convert.ToString(inf.BaseAddress, 16) + "=" + ReadString);
y++;
BaseAddress = (IntPtr)(inf.BaseAddress + inf.RegionSize);
}
else if (inf.Protect == PAGEinfo.PAGE_GUARD||inf.Protect == PAGEinfo.PAGE_READONLY ||
inf.Protect == 0 || inf.Protect == PAGEinfo.PAGE_EXECUTE_READ)
{
// || inf.Protect == PAGEinfo.PAGE_GUARD
Console.WriteLine("是不能访问的!");
ProcessMemoryWorokApi.VirtualProtectEx(PinballHandle,
(IntPtr)inf.BaseAddress, inf.RegionSize, PAGEinfo.PAGE_READWRITE, inf.Protect);
ProcessMemoryWorokApi.ReadProcessMemory(PinballHandle,
(IntPtr)inf.BaseAddress, ReadByte, 16, (IntPtr)0);
ReadString = ProcessMemoryWorokApi.ConvertByte(ReadByte);
System.Console.WriteLine(" " + Convert.ToString(inf.BaseAddress, 16) + "=" + ReadString);
y++;
BaseAddress = (IntPtr)(inf.BaseAddress + inf.RegionSize);
}
else
{
System.Console.WriteLine("xxxxxxxxxxxxxxxxxxxxx"+inf.Protect);
BaseAddress = (IntPtr)(inf.BaseAddress + inf.RegionSize);
}
}