将十六进制地址传递给指针变量 [英] Pass a hex address to a Pointer Variable

问题描述

我知道如何使用指针.但我不知道该怎么做:

I know how to work with pointers. But I don't know how do this:

我有一个十六进制地址，它当然可以从任何应用程序获得任何值.

I have an hex address that's of course it has a any value from any app.

我知道要找到我想要的地址. 我想编写一个C代码将此地址传递给指针变量，然后可以从该地址捕获值，依此类推.

I know to find the address that I want. I want to write a C Code to pass this address to a pointer variable, and then I could capture the value from that address and so on.

例如:

hex 0x00010010
int *pointer;

如何将该地址传递给指针，其语法是什么?

How can I pass this address to the pointer, what's the syntax for that?

推荐答案

通过使用int*，您假设您指向的数据是int(在大多数操作系统中为4字节).

By using int* you are assuming the data you are point to is an int (4 bytes, on most OS's).

我们不是应该使用void*吗?以后，如果要使用特定类型访问其数据，则只需执行强制转换.

Shouldn't we use a void* instead? Later, if you want to access it's data using a particular type, all you need to do is cast.

void *addr = (void*)0x0023FF74; // valid memory address within my app

printf("Address: %p\n", addr);
getchar();

printf("Data (4bytes): %d\n", *(int*)addr); // print the first 4 bytes of data as int
getchar();

编辑:

请帮助我理解您要做什么，因为此声明使我感到困惑:

Help me understand what you are trying to do, because this statement confused me:

有一个使用该地址的应用程序，我知道其中的值，但是(int)指针无法访问该值.

There is app using that address, I know the value in it, but the (int)pointer don't access the value.

您是否要编写一个应用程序来修改正在运行系统的另一个应用程序的内存?您当前的方法将行不通，这就是原因:当操作系统将您的应用程序加载到进程中时，它会保留一个供进程使用的内存区域，并为此区域分配一定范围的虚拟地址.这些虚拟地址不会直接映射到内存地址在RAM中，因此OS必须为此保留一个内部表.

Are you trying to write an application that will modify the memory of another application that is running your system? Your current approach won't work, and this is why: When the Operating System loads your application into a process, it reserves a memory region to be used by the process and assigns a range of virtual addresses to this region. These virtual addresses do not map directly to memory addresses in RAM, so the OS has to keep an internal table for that.

在Windows上，每个加载的进程都接收相同范围的虚拟地址，但是此区域仅对内部运行的进程可见.例如，(在Windows上)进程被加载到内存地址0x00400000中，这意味着每个进程都有其自己的内存地址0x00400000 ，因此，您无法在应用程序中将X内存地址分配给指针，并且希望Windows神奇地知道您要引用另一个应用程序内部的X.

On Windows, each process loaded receives the same range of virtual addresses, but this area is only visible to the process that is running inside it. For instance, (on Windows) processes are loaded in memory address 0x00400000, which mean each process has it's own memory address 0x00400000, and therefore you can't assign X memory address to a pointer in your application and expect Windows to magically know that you are reffering to address X that is inside another application.

您要实现的目标称为代码注入，并且网络上有很多关于它的信息.

What you are trying to accomplish it's called Code Injection, and there's a lot of information on the web about it.

这篇关于将十六进制地址传递给指针变量的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！