访问其他应用程序的存储器C ++ [英] Accessing Memory of other applications C++

问题描述

我在想一个问题，我已经有一段时间了现在..我想编写一个C / C ++程序（在windows下）可以访问（读取/更改值）内存（堆栈，堆，一切）其他正在运行的程序。 （不像共享内存，但计算机的任何内存..）无需从我自己的应用程序启动应用程序..
我看到类似这样的事情，但我只是不知道如何做。如果我是访问任何正在运行的程序的内存，我会从操作系统的错误？
任何帮助是感谢！

I am thinking about a problem I have been having for some time now.. I would like to write a C/C++ program (under windows first) that can access(read/change values) the memory(stack, heap, everything) of other running programs. (Not like shared memory but any memory the computer has..) Without having to start the application from my own application.. I have seen something like this before but I just can't figure out how it's done.. If I were to access the memory of any running program I would get errors from the OS right? Any help is appreciated!

推荐答案

正如@sharptooth所说，这需要操作系统的支持。不同的操作系统有所不同。由于您使用的是Windows操作系统，因此您可以执行以下几个步骤：

As @sharptooth said, this requires support from the OS. Different OS does it differently. Since you are on Windows, there are a few steps you could follow:

1. 调用 OpenProcess 或 CreateProcess 以访问或启动新进程。在此调用中，您必须请求 PROCESS_VM_READ 访问。


2. 调用 ReadProcessMemory 在打开的进程中读取一块内存。

1. Call OpenProcess, or CreateProcess to access, or launch a new process. In this call, you must request PROCESS_VM_READ access.
2. Call ReadProcessMemory to read a chunk of memory in that opened process.

如果要更改另一个进程的内存，则需要 PROCESS_VM_WRITE 访问并使用 WriteProcessMemory 实现。

If you want to change memory of another process, you then need PROCESS_VM_WRITE access and use WriteProcessMemory to achieve that.

例如，你可以使用ptrace来附加到一个进程和偷看，戳它的内存。

In Linux, for example, you'd use ptrace to attach to a process and peek, poke its memory.

这篇关于访问其他应用程序的存储器C ++的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！