获取进程的基地址 [英] Getting base address of a process

查看:704
本文介绍了获取进程的基地址的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试编写一个从Minesweeper读取计时器值的程序. (操作系统是Windows 7 64位)

I'm trying to make a program that read the timer value from Minesweeper. (OS is windows 7 64bit)

使用作弊引擎,我找到了变量的基地址,但是每次我运行Minesweeper时,它都会改变.

Using cheat engine I found the base address of the variable, but it changes every time I run Minesweeper.

我需要怎么做才能自动找出基址?

What do I need to do to find out the base address automatically?

它与可执行基址有关吗?

Does it have something to do with the executable base address?

这是我的代码:

#include <windows.h>
#include <iostream>
using namespace std;



int main()
{
    DWORD baseAddress = 0xFF1DAA38;//always changing
    DWORD offset1 = 0x18;
    DWORD offset2 = 0x20;
    DWORD pAddress1;
    DWORD pAddress2;

    float value = 0;
    DWORD pid;
    HWND hwnd;

    hwnd = FindWindow(NULL,"Minesweeper");
    if(!hwnd)//didn't find the window
    {
        cout <<"Window not found!\n";
        cin.get();
    }
    else
    {
        GetWindowThreadProcessId(hwnd,&pid);
        HANDLE phandle = OpenProcess(PROCESS_VM_READ,0,pid);//get permission to read
        if(!phandle)//failed to get permission
        {
            cout <<"Could not get handle!\n";
            cin.get();
        }
        else
        {
            ReadProcessMemory(phandle,(void*)(baseAddress),&pAddress1,sizeof(pAddress1),0);
            ReadProcessMemory(phandle,(void*)(pAddress1 + offset1),&pAddress2,sizeof(pAddress2),0);
            while(1)
            {
                ReadProcessMemory(phandle,(void*)(pAddress2 + offset2),&value,sizeof(value),0);
                cout << value << "\n";
                Sleep(1000);
            }
        }
    }
}

推荐答案

#pragma comment( lib, "psapi" )

DWORD GetModuleBase(HANDLE hProc, string &sModuleName) 
{ 
   HMODULE *hModules; 
   char szBuf[50]; 
   DWORD cModules; 
   DWORD dwBase = -1; 
   //------ 

   EnumProcessModules(hProc, hModules, 0, &cModules); 
   hModules = new HMODULE[cModules/sizeof(HMODULE)]; 

   if(EnumProcessModules(hProc, hModules, cModules/sizeof(HMODULE), &cModules)) { 
      for(int i = 0; i < cModules/sizeof(HMODULE); i++) { 
         if(GetModuleBaseName(hProc, hModules[i], szBuf, sizeof(szBuf))) { 
            if(sModuleName.compare(szBuf) == 0) { 
               dwBase = (DWORD)hModules[i]; 
               break; 
            } 
         } 
      } 
   } 

   delete[] hModules; 

   return dwBase; 
}

这篇关于获取进程的基地址的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
C/C++开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆