Windows内存修改初篇
生活随笔
收集整理的這篇文章主要介紹了
Windows内存修改初篇
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
?
#define _CRT_SECURE_NO_WARNINGS
#include <stdio.h>
#include <windows.h>BOOL FindFirst(DWORD dwValue);//對目標進程空間進行查找
BOOL FindNext(DWORD dwValue);//對目標空間進行2,3,4。。查找//查找數據的地址列表
DWORD g_arList[1024];
int g_nListCnt;//有效的地址個數
HANDLE g_hProcess;// 目標進程的句柄void ShowList();//用來進行交互顯示的//我們用來進行修改目標進程的值
BOOL WriteMemory(DWORD dwAddr, DWORD dwValue);
int main(void) {//首先,我們可以通過CreatePorcess把我們的目標進程Testor.exe拉起來//進而,我就可以訪問Testor進程空間了char szFileName[] = "02Testor.exe";STARTUPINFO si;memset(&si, 0, sizeof(si));PROCESS_INFORMATION pi;BOOL bRet = ::CreateProcess(NULL,szFileName,NULL,NULL,FALSE,CREATE_NEW_CONSOLE,NULL,NULL,&si,&pi);g_hProcess = pi.hProcess;//首先,我們需要將當前的memchange程序接收一個目標值,//并將這個目標值進行搜索比對int iVal;printf("請輸入您要修改的變量數值\n");scanf("%d", &iVal);//進行第一次查找FindFirst(iVal);//進行交互顯示ShowList();while (g_nListCnt > 1) {printf("請再一次輸入您要修改的變量數值\n");scanf("%d", &iVal);//進行下一次搜索FindNext(iVal);ShowList();}//希望用戶將修改的新數值輸入,我們進行修改替換printf("目標地址是%p\n", g_arList[0]);printf("請輸入新數據\n");scanf("%d", &iVal);//寫入新數值,修改完畢if (WriteMemory(g_arList[0], iVal)) {printf("修改成功");}system("pause");return 0;
}BOOL CompareAPage(DWORD dwBaseAddr, DWORD dwValue) {BYTE arBytes[4096];if (!::ReadProcessMemory(g_hProcess, (LPVOID)dwBaseAddr, arBytes, 4096, NULL))return FALSE;//當前頁面可以讀DWORD* pdw;for (int i = 0; i < (int)4 * 1024 - 3; i++) {pdw = (DWORD*)&arBytes[i];if (pdw[0] == dwValue) {if (g_nListCnt >= 1024)return FALSE;g_arList[g_nListCnt++] = dwBaseAddr + i;}}return TRUE;
}
BOOL FindFirst(DWORD dwValue) {const DWORD dwOneGB = 1024 * 1024 * 1024;const DWORD dwOnePage = 4 * 1024;if (g_hProcess == NULL)return FALSE;DWORD dwBase = 640 * 1024;BOOL bRet = FALSE;for (; dwBase < 2 * dwOneGB; dwBase += dwOnePage) {CompareAPage(dwBase, dwValue);}return TRUE;
}BOOL FindNext(DWORD dwValue) {//保存一下有效地址個數int nOrgCnt = g_nListCnt;g_nListCnt = 0;BOOL bRet = FALSE;//假定查找失敗DWORD dwReadValue;for (int i = 0; i < nOrgCnt; i++) {if (::ReadProcessMemory(g_hProcess, (LPVOID)g_arList[i],&dwReadValue, sizeof(DWORD), NULL)) {if (dwReadValue == dwValue) {g_arList[g_nListCnt++] = g_arList[i];bRet = TRUE;}}}return bRet;
}void ShowList() {for (int i = 0; i < g_nListCnt; i++) {printf("%p\n", g_arList[i]);}
}BOOL WriteMemory(DWORD dwAddr, DWORD dwValue) {return ::WriteProcessMemory(g_hProcess, (LPVOID)dwAddr, &dwValue, sizeof(DWORD), NULL);
}?
?
總結
以上是生活随笔為你收集整理的Windows内存修改初篇的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 好听的闺蜜网名143个
- 下一篇: 【WebRTC---入门篇】(十七)实现