다른 EXE 메모리 읽기
7636 단어 exe
procedure TfrmMain.tmrChangeServerNameTimer(Sender: TObject);
function GetProcessID(FileName: string = ''): TProcessEntry32;
var
Ret: BOOL;
s: string;
FSnapshotHandle: THandle;
FProcessEntry32: TProcessEntry32;
begin
FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
FProcessEntry32.dwSize := Sizeof(FProcessEntry32);
Ret := Process32First(FSnapshotHandle, FProcessEntry32);
while Ret do
begin
s := ExtractFileName(FProcessEntry32.szExeFile);
if (AnsiCompareText(Trim(s),Trim(FileName))=0) and (FileName <> '') then begin
result := FProcessEntry32;
break;
end;
Ret := Process32Next(FSnapshotHandle, FProcessEntry32);
end;
CloseHandle(FSnapshotHandle);
end;
var
FProcessEntry32: TProcessEntry32;
ProcessID: integer;
ProcessHandle: THandle;
lpBuffer: PChar;
nSize: DWORD;
lpNumberOfBytes: DWORD;
mbi_thunk:TMemoryBasicInformation;
dwOldProtect:dword;
const
LeftAddress = $02370C68;
RightAddress1 = $02370C74;
RightAddress2 = $02370C84;
// ServerName = ' ';
begin
FProcessEntry32 := GetProcessID('aLogin.exe');
if FProcessEntry32.th32ProcessID =0 then exit;
ProcessID := FProcessEntry32.th32ProcessID;
ProcessHandle := OpenProcess(PROCESS_ALL_ACCESS, false, ProcessID);
//--------------- left
lpBuffer := PChar(GB2Big5('01.' + ServerName));
nSize:= 12; //N
// LeftAddress
VirtualQueryEx(ProcessHandle,Pointer(LeftAddress),mbi_thunk, sizeof(TMemoryBasicInformation));
VirtualProtectEx(ProcessHandle,Pointer(LeftAddress),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect);
WriteProcessMemory(ProcessHandle, Pointer(LeftAddress), lpBuffer, nSize, lpNumberOfBytes);
VirtualProtectEx(ProcessHandle,Pointer(LeftAddress), nSize, mbi_thunk.Protect,dwOldProtect);
//--------------- right
lpBuffer := PChar(GB2Big5(ServerName)); //
nSize:= 8; //
// RightAddress1
VirtualQueryEx(ProcessHandle,Pointer(RightAddress1),mbi_thunk, sizeof(TMemoryBasicInformation));
VirtualProtectEx(ProcessHandle,Pointer(RightAddress1),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect);
WriteProcessMemory(ProcessHandle, Pointer(RightAddress1), lpBuffer, nSize, lpNumberOfBytes);
VirtualProtectEx(ProcessHandle,Pointer(RightAddress1), nSize, mbi_thunk.Protect,dwOldProtect);
// RightAddress2
VirtualQueryEx(ProcessHandle,Pointer(RightAddress2),mbi_thunk, sizeof(TMemoryBasicInformation));
VirtualProtectEx(ProcessHandle,Pointer(RightAddress2),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect);
WriteProcessMemory(ProcessHandle, Pointer(RightAddress2), lpBuffer, nSize, lpNumberOfBytes);
VirtualProtectEx(ProcessHandle,Pointer(RightAddress2), nSize, mbi_thunk.Protect,dwOldProtect);
// ,
lpBuffer := AllocMem(nSize);
ReadProcessMemory(ProcessHandle, Pointer(RightAddress2), lpBuffer, nSize, lpNumberOfBytes);
if ServerName = Big52GB(lpBuffer) then begin
Caption := ' :' + Big52GB(lpBuffer);
tmrChangeServerName.Enabled := False;
end;
CloseHandle(ProcessHandle);
// Memo1.Lines.Add(Big52GB(lpBuffer));
//MEMO
// Memo1.Lines.Clear;
// memo1.lines.add('Process ID ' + IntToHex(FProcessEntry32.th32ProcessID, 8));
// memo1.lines.Add('File name ' + FProcessEntry32.szExeFile);
// memo1.Lines.Add('Process Handle ' + intTohex(ProcessHandle, 8));
// Memo1.Lines.Add(' :');
end;
이 내용에 흥미가 있습니까?
현재 기사가 여러분의 문제를 해결하지 못하는 경우 AI 엔진은 머신러닝 분석(스마트 모델이 방금 만들어져 부정확한 경우가 있을 수 있음)을 통해 가장 유사한 기사를 추천합니다:
다른 EXE 메모리 읽기텍스트를 자유롭게 공유하거나 복사할 수 있습니다.하지만 이 문서의 URL은 참조 URL로 남겨 두십시오.
CC BY-SA 2.5, CC BY-SA 3.0 및 CC BY-SA 4.0에 따라 라이센스가 부여됩니다.