K
kid
Unregistered / Unconfirmed
GUEST, unregistred user!
我先用游戏修改工具GM7查找到游戏中某一属性值的内存偏移地址。根据这个偏移地址,
我用自己编写的程序读写其中的值,但失败了,读出的值和游戏中的值不一样,总是为0,
下面了我的程序,请大家看看哪里有错,是不是用这个方法?
var
Form1: TForm1;
temp:array[0..254]of integer;
implementation
{$R *.DFM}
procedure TForm1.Button1Click(Sender: TObject);
var
FSnapshotHandle:THandle;
FProcessEntry32:TProcessEntry32;
Ret : BOOL;
ProcessID : integer;
i:integer;
s:string;
begin
memo1.Clear;
listbox1.Clear;
FSnapshotHandle:=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); //创建系统快照
FProcessEntry32.dwSize:=Sizeof(FProcessEntry32); //初始化 FProcessEntry32 的大小
Ret:=Process32First(FSnapshotHandle,FProcessEntry32); //得到第一个进程信息
i:=0;
while Ret do //循环枚举出系统开启的所有进程
begin
s:=ExtractFileName(FProcessEntry32.szExeFile);
ProcessID:=FProcessEntry32.th32ProcessID;
listbox1.Items.Add('FileName:'+s+' ProcessID:'+inttostr(ProcessID));
temp:=ProcessID; //把进程名和进程ID显示在listbox中,并将进程ID保存
i:=i+1;
FProcessEntry32.dwSize:=Sizeof(FProcessEntry32);
Ret:=Process32Next(FSnapshotHandle,FProcessEntry32);
end;
CloseHandle(FSnapshotHandle);
end;
procedure TForm1.Button2Click(Sender: TObject);
var
ProcessID:integer;
ProcessHndle : THandle;
lpBuffer
byte;
nSize: DWORD;
lpNumberOfBytesWrite: DWORD;
i:integer;
begin
ProcessID:=0;
nSize:=2;
lpBuffer:=AllocMem(nSize);
for i:=0 to listbox1.Items.Count-1 do
begin
if listbox1.Selected then ProcessID:=temp; //根据listbox中的选择项得到对应的进程ID
end;
ProcessHndle:=OpenProcess(PROCESS_VM_READ,false,ProcessID); //打开进程并设为可读
i:=$00515098; //i是要读取的内存偏移地址,下面是读内存的方法
ReadProcessMemory(
ProcessHndle,
Pointer(i),
lpBuffer,
nSize,
lpNumberOfBytesWRite
);
edit1.text:='ProcessID: '+inttostr(ProcessID)
+'offset: '+inttostr(i)+' value Is:'
+intTostr(lpBuffer^); //将进程ID,偏移地址,和读取的值显示出来
FreeMem(lpBuffer,nSize);
CloseHandle(ProcessHndle); //关闭句柄,释放内存}
end;
end.
我用自己编写的程序读写其中的值,但失败了,读出的值和游戏中的值不一样,总是为0,
下面了我的程序,请大家看看哪里有错,是不是用这个方法?
var
Form1: TForm1;
temp:array[0..254]of integer;
implementation
{$R *.DFM}
procedure TForm1.Button1Click(Sender: TObject);
var
FSnapshotHandle:THandle;
FProcessEntry32:TProcessEntry32;
Ret : BOOL;
ProcessID : integer;
i:integer;
s:string;
begin
memo1.Clear;
listbox1.Clear;
FSnapshotHandle:=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); //创建系统快照
FProcessEntry32.dwSize:=Sizeof(FProcessEntry32); //初始化 FProcessEntry32 的大小
Ret:=Process32First(FSnapshotHandle,FProcessEntry32); //得到第一个进程信息
i:=0;
while Ret do //循环枚举出系统开启的所有进程
begin
s:=ExtractFileName(FProcessEntry32.szExeFile);
ProcessID:=FProcessEntry32.th32ProcessID;
listbox1.Items.Add('FileName:'+s+' ProcessID:'+inttostr(ProcessID));
temp:=ProcessID; //把进程名和进程ID显示在listbox中,并将进程ID保存
i:=i+1;
FProcessEntry32.dwSize:=Sizeof(FProcessEntry32);
Ret:=Process32Next(FSnapshotHandle,FProcessEntry32);
end;
CloseHandle(FSnapshotHandle);
end;
procedure TForm1.Button2Click(Sender: TObject);
var
ProcessID:integer;
ProcessHndle : THandle;
lpBuffer
byte;nSize: DWORD;
lpNumberOfBytesWrite: DWORD;
i:integer;
begin
ProcessID:=0;
nSize:=2;
lpBuffer:=AllocMem(nSize);
for i:=0 to listbox1.Items.Count-1 do
begin
if listbox1.Selected then ProcessID:=temp; //根据listbox中的选择项得到对应的进程ID
end;
ProcessHndle:=OpenProcess(PROCESS_VM_READ,false,ProcessID); //打开进程并设为可读
i:=$00515098; //i是要读取的内存偏移地址,下面是读内存的方法
ReadProcessMemory(
ProcessHndle,
Pointer(i),
lpBuffer,
nSize,
lpNumberOfBytesWRite
);
edit1.text:='ProcessID: '+inttostr(ProcessID)
+'offset: '+inttostr(i)+' value Is:'
+intTostr(lpBuffer^); //将进程ID,偏移地址,和读取的值显示出来
FreeMem(lpBuffer,nSize);
CloseHandle(ProcessHndle); //关闭句柄,释放内存}
end;
end.