从另一个控制台读取进程内存 [英] Read Process Memory From another Console
问题描述
好的,所以我试图从另一个进程的变量中读取内存。更具体地说,我正在尝试读取一个进程中的字符串。
Okay, so I'm trying to read the memory from a variable in another process. More specifically I'm trying to read a string that's in one process.
这是创建字符串的过程。
Here is the process creating the string.
#include <iostream>
#include <chrono>
#include <thread>
#include <fstream>
using namespace std;
int main() {
std::ofstream memoryFile("C:\\Users\\Josh\\Desktop\\memoryProcess.txt", std::ofstream::out);
if (!memoryFile) {
cout << "Error\n"; return EXIT_FAILURE;
}
const size_t charSize = 6;
const char* memory = new const char[charSize]{ "HELLO" };
memoryFile << charSize << endl << (void*)memory << endl;
cout << (void*)memory << '\n';
cout << "Original Value: " << memory << "\n\n";
while (true) {
std::cin.get();
cout << "Value contains: " << memory << '\n';
//cin.ignore(std::numeric_limits<std::streamsize>::max(), '\n');
}
memoryFile.close();
delete[] memory;
cin.get();
return 0;
}
现在这里是尝试从该应用程序读取内存的应用程序。
Now here is the application trying to read memory from that application.
#include <iostream>
#include <fstream>
#include <Windows.h>
using namespace std;
int main() {
std::ifstream memoryAddress("C:\\Users\\Josh\\Desktop\\memoryProcess.txt", std::ifstream::in);
if (!memoryAddress) {
cerr << "Error, file not found.\n";
return EXIT_FAILURE;
}
size_t address;
size_t charCount;
char* membuff;
memoryAddress >> charCount;
memoryAddress >> std::hex >> address;
membuff = new char[charCount];
HWND window = FindWindow(NULL, "c:\\users\\josh\\documents\\visual studio 2015\\Projects\\Read Adress\\Debug\\Read Adress.exe");
DWORD procID = GetWindowThreadProcessId(window, &procID);
HANDLE process = OpenProcess(PROCESS_ALL_ACCESS, NULL, procID);
LPCVOID pAddress = (const void*)address;
if (ReadProcessMemory(process, pAddress, membuff, charCount, NULL)) {
cout << "Success! The memory was processed correctly.\n\n";
}
else {
cout << "Memory wasn't processed correctly...\n";
std::cin.get();
return EXIT_FAILURE;
}
cout << "The memory address contains the value: " << membuff << '\n';
memoryAddress.close();
delete[] membuff;
std::cin.get();
return 0;
}值得注意的是我将字符串大小和内存地址存储在一个文件中。
Something worth noting is that I'm storing the string size and memory address in a file.
无论如何,我不完全确定我做错了什么,因为处理内存的程序在ReadProcessMemory部分失败了?
Anyways, I'm not entirely sure what I'm doing wrong because the program that is processing the memory fails on the ReadProcessMemory part?
推荐答案
这根本不会起作用。任何一个程序的内存地址都是虚拟地址。这个虚拟地址被操作系统映射到一个物理地址,并且是动态的....也就是说,当程序在内存中混乱时,运行的
系统可以改变映射,但是对于程序,它仍然使用相同的虚拟地址。
This is simply never going to work. The memory address of any one program is a virtual address. This virtual address is mapped to a physical address by the operating system and is dynamic.... that is, as the program is shuffled around in memory, the operating system can change the mapping, but to the program, it is still using the same virutal address.
然而,这个映射对于该特定程序是唯一的。不同程序中的相同虚拟地址将映射到不同的物理地址。
However this mapping is unique to that particular program. The very same virtual address in a different program will be mapped to a different physical address.
这是故意的,因为它可以防止程序互相踩踏。
This is deliberate, since it protects programs from stomping over each other.
这篇关于从另一个控制台读取进程内存的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
