读取进程内存 [英] Reading a process memory
本文介绍了读取进程内存的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试从进程 (calc.exe) 中读取内存.但我正在点击无法读取内存"消息.我的错误在哪里?
I'm trying to read memory from a process (calc.exe). But I'm hitting "Could not read memory" message. Where is my mistake?
int main() {
HWND handle = FindWindow(0, TEXT("Calculadora"));
if (!handle) {
msg("Could not find window");
return 0;
}
DWORD id;
GetWindowThreadProcessId(handle, &id);
HANDLE proc = OpenProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION, FALSE, id);
if (!proc) {
msg("Could not open process");
return 0;
}
char buffer[128];
if (ReadProcessMemory(proc, 0, &buffer, 128, NULL)) {
msg("yes!!");
}
else {
msg("Could not read memory");
}
CloseHandle(proc);
}
推荐答案
您正试图读取目标进程中的地址 0.那总会失败的.您需要从目标进程的虚拟地址空间中有意义的地址读取.
You are attempting to read address 0 in the target process. That will always fail. You need to read from an address which is meaningful in the virtual address space of the target process.
请注意,为了调用 ReadProcessMemory,您只需要 PROCESS_VM_READ.这不是这里的问题,但为了完整起见,我想我会指出这一点.
Note that in order to call ReadProcessMemory you only need PROCESS_VM_READ. That's not the problem here, but I thought I would point it out for sake of completeness.
这篇关于读取进程内存的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
