16,472
社区成员
发帖
与我相关
我的任务
分享高分请教扫描“星际争霸”进程内存的问题
Single Player,然后作弊"show me the money",我的钱就变成10050了,暂停游戏,然后运行程序扫描星际进程,查找内存为10050的地址,但是老是出错,看看什么原因啊,谢!~
代码如下:
void CBroodWarMoneyDlg::OnButtonSearch()
{
// TODO: Add your control notification handler code here
HWND hBrood = NULL;
HANDLE hProcess = NULL;
DWORD pId; // process id
SYSTEM_INFO si;
MEMORY_BASIC_INFORMATION mbi;
DWORD dwLen;
DWORD dwRead;
DWORD dwRet;
UpdateData();
/* 首先查找play
*/
hBrood = ::FindWindow(NULL,_T("Brood War"));
if (hBrood == INVALID_HANDLE_VALUE)
{
AfxMessageBox(_T("没有找到Brood War!"));
return;
}
GetWindowThreadProcessId(hBrood,&pId);
hProcess = OpenProcess(PROCESS_ALL_ACCESS,FALSE,pId);
if (hProcess == INVALID_HANDLE_VALUE)
{
AfxMessageBox(_T("打开进程失败!"));
return ;
}
dwLen = sizeof(MEMORY_BASIC_INFORMATION);
GetSystemInfo(&si);
PVOID addr = si.lpMinimumApplicationAddress ;
//__try{
CFile f("iv.txt",CFile::modeCreate | CFile::modeWrite);
CString strInfo;
do
{
memset(&mbi,0,dwLen);
if((dwRet = VirtualQueryEx(hProcess,addr,&mbi,dwLen)) == dwRet)
{
strInfo.Format("Region Base Address: %p\tAllocation Address: %p\r\n",
mbi.BaseAddress,mbi.AllocationBase);
f.Write(strInfo.GetBuffer(strInfo.GetLength()),strInfo.GetLength());
f.Flush();
if (mbi.State == MEM_COMMIT) // 已提交,要访问的内存类型
{
BYTE *memBuffer = (BYTE*)malloc(sizeof(mbi.RegionSize)); //
BOOL fRead = ReadProcessMemory(hProcess,
mbi.BaseAddress ,
memBuffer,
mbi.RegionSize ,
&dwRead);
if (fRead) // 读取成功,查找MONEY
{
if (mbi.AllocationProtect & PAGE_GUARD)
AfxMessageBox(_T("PAGE_GUARD"));
if (mbi.AllocationProtect & PAGE_READWRITE)
{
for(unsigned int i = 0; i < mbi.RegionSize; i=i+4)
{
// 每次处理相邻的四个字节
BYTE tmpB[4] = {0x00,0x00,0x00,0x00};
CopyMemory(tmpB,memBuffer+i,4);
int iv = MAKELONG(MAKEWORD(tmpB[0],tmpB[1]),
MAKEWORD(tmpB[2],tmpB[3]));
CString ts;
ts.Format("%d:%d\t%p_%d\r\n",mbi.RegionSize ,i,
(DWORD)mbi.BaseAddress + i,iv);
f.Write(ts.GetBuffer(ts.GetLength()),ts.GetLength());
f.Flush();
if(iv == m_edtoldmoney)
{
AfxMessageBox("找到了一个相等的!!!");
ts.Format("%p",(DWORD)mbi.BaseAddress + i);
m_lst.AddString(ts);
}
}
}
}
AfxMessageBox(_T("Before Free memBuffer"));
free(memBuffer);
AfxMessageBox(_T("After Free memBuffer"));
}
addr = (PVOID)((PBYTE)addr + mbi.RegionSize );
}
}while(dwRet == dwLen);
f.Close ();
AfxMessageBox(_T("Search Money complete!"));
//}
//__except(GetExceptionCode() == EXCEPTION_ACCESS_VIOLATION)
//{
// AfxMessageBox(_T("异常发生了~~"));
//}
}
其中m_edtoldmoney是一个EDIT控件的值变量。
而且我有一点,就是金钱的数据类型是不是4个字节的,不敢肯定~~~
代码如下:
void CBroodWarMoneyDlg::OnButtonSearch()
{
// TODO: Add your control notification handler code here
HWND hBrood = NULL;
HANDLE hProcess = NULL;
DWORD pId; // process id
SYSTEM_INFO si;
MEMORY_BASIC_INFORMATION mbi;
DWORD dwLen;
DWORD dwRead;
DWORD dwRet;
UpdateData();
/* 首先查找play
*/
hBrood = ::FindWindow(NULL,_T("Brood War"));
if (hBrood == INVALID_HANDLE_VALUE)
{
AfxMessageBox(_T("没有找到Brood War!"));
return;
}
GetWindowThreadProcessId(hBrood,&pId);
hProcess = OpenProcess(PROCESS_ALL_ACCESS,FALSE,pId);
if (hProcess == INVALID_HANDLE_VALUE)
{
AfxMessageBox(_T("打开进程失败!"));
return ;
}
dwLen = sizeof(MEMORY_BASIC_INFORMATION);
GetSystemInfo(&si);
PVOID addr = si.lpMinimumApplicationAddress ;
//__try{
CFile f("iv.txt",CFile::modeCreate | CFile::modeWrite);
CString strInfo;
do
{
memset(&mbi,0,dwLen);
if((dwRet = VirtualQueryEx(hProcess,addr,&mbi,dwLen)) == dwRet)
{
strInfo.Format("Region Base Address: %p\tAllocation Address: %p\r\n",
mbi.BaseAddress,mbi.AllocationBase);
f.Write(strInfo.GetBuffer(strInfo.GetLength()),strInfo.GetLength());
f.Flush();
if (mbi.State == MEM_COMMIT) // 已提交,要访问的内存类型
{
BYTE *memBuffer = (BYTE*)malloc(sizeof(mbi.RegionSize)); //
BOOL fRead = ReadProcessMemory(hProcess,
mbi.BaseAddress ,
memBuffer,
mbi.RegionSize ,
&dwRead);
if (fRead) // 读取成功,查找MONEY
{
if (mbi.AllocationProtect & PAGE_GUARD)
AfxMessageBox(_T("PAGE_GUARD"));
if (mbi.AllocationProtect & PAGE_READWRITE)
{
for(unsigned int i = 0; i < mbi.RegionSize; i=i+4)
{
// 每次处理相邻的四个字节
BYTE tmpB[4] = {0x00,0x00,0x00,0x00};
CopyMemory(tmpB,memBuffer+i,4);
int iv = MAKELONG(MAKEWORD(tmpB[0],tmpB[1]),
MAKEWORD(tmpB[2],tmpB[3]));
CString ts;
ts.Format("%d:%d\t%p_%d\r\n",mbi.RegionSize ,i,
(DWORD)mbi.BaseAddress + i,iv);
f.Write(ts.GetBuffer(ts.GetLength()),ts.GetLength());
f.Flush();
if(iv == m_edtoldmoney)
{
AfxMessageBox("找到了一个相等的!!!");
ts.Format("%p",(DWORD)mbi.BaseAddress + i);
m_lst.AddString(ts);
}
}
}
}
AfxMessageBox(_T("Before Free memBuffer"));
free(memBuffer);
AfxMessageBox(_T("After Free memBuffer"));
}
addr = (PVOID)((PBYTE)addr + mbi.RegionSize );
}
}while(dwRet == dwLen);
f.Close ();
AfxMessageBox(_T("Search Money complete!"));
//}
//__except(GetExceptionCode() == EXCEPTION_ACCESS_VIOLATION)
//{
// AfxMessageBox(_T("异常发生了~~"));
//}
}
其中m_edtoldmoney是一个EDIT控件的值变量。
而且我有一点,就是金钱的数据类型是不是4个字节的,不敢肯定~~~
...全文
请发表友善的回复…
发表回复
mrh123 2004-04-09
- 打赏
- 举报
啊?
难道是我自己的系统问题吗?
~~~~
难道是我自己的系统问题吗?
~~~~
GoldenSword 2004-04-08
- 打赏
- 举报
我得程序就可以阿
mrh123 2004-04-08
- 打赏
- 举报
两位试运行一下代码就知,首先不是找到找不到的问题,而是出现程序运行错误,“... 内存不能为read",我想知道我的思路有没有问题
gieroland 2004-04-07
- 打赏
- 举报
暴雪加密的可能性也不小
比如我玩Diablo2改技能点数,升级到最新版本怎么都找不到技能点数了
比如我玩Diablo2改技能点数,升级到最新版本怎么都找不到技能点数了
simouse 2004-04-07
- 打赏
- 举报
应该是
