我想写一个内存基址遍历工具。以自身内存为样本来读写。我是这样写的。
var LPDW:DWORD;
jz1,jz2,jz3,jz4,jz5,jz6,rwdz:integer;
i:integer;
fristjz,lastjz,sz:integer;
begin
fristjz :=strtoint('$'+sedit2.Text);
lastjz:= strtoint('$'+sedit9.Text);
sz:=lastjz-fristjz;
for i:=0 to sz do
begin
jz1:=strtoint('$'+sedit2.Text); ReadProcessMemory(GetCurrentProcess,pointer(jz1),(@rwdz),4,LPDW);
jz2:= strtoint('$'+inttohex(rwdz,4))+strtoint('$'+sedit3.Text);
ReadProcessMemory(GetCurrentProcess,pointer(jz2),(@rwdz),4,LPDW);
jz3:= strtoint('$'+inttohex(rwdz,4))+strtoint('$'+sedit4.Text); ReadProcessMemory(GetCurrentProcess,pointer(jz3),(@rwdz),4,LPDW);
jz4:= strtoint('$'+inttohex(rwdz,4))+strtoint('$'+sedit5.Text); ReadProcessMemory(GetCurrentProcess,pointer(jz4),(@rwdz),4,LPDW);
jz5:= strtoint('$'+inttohex(rwdz,4))+strtoint('$'+sedit6.Text); ReadProcessMemory(GetCurrentProcess,pointer(jz5),(@rwdz),4,LPDW);
//sedit8.Text:= inttohex(rwdz+strtoint('$'+sedit7.Text),4); if (sedit8.Text)= (inttohex(rwdz+strtoint('$'+sedit7.Text),4)) then begin
smemo1.Lines.Add(inttohex(jz1,4));
end;
sedit2.text:=inttohex((strtoint('$'+sedit2.Text)+strtoint('$'+inttostr(i))),4);
end;fristjz,lastjz 为起始内存地址和终止内存地址。sedit3-sedit7 为偏移地址。 但是我感觉这样写太复杂了。听人家说。如果只是读取自身内存。不需要用ReadProcessMemory 请问下该怎么写?而且我这个循环也有问题。 请大家帮忙看下。
var LPDW:DWORD;
jz1,jz2,jz3,jz4,jz5,jz6,rwdz:integer;
i:integer;
fristjz,lastjz,sz:integer;
begin
fristjz :=strtoint('$'+sedit2.Text);
lastjz:= strtoint('$'+sedit9.Text);
sz:=lastjz-fristjz;
for i:=0 to sz do
begin
jz1:=strtoint('$'+sedit2.Text); ReadProcessMemory(GetCurrentProcess,pointer(jz1),(@rwdz),4,LPDW);
jz2:= strtoint('$'+inttohex(rwdz,4))+strtoint('$'+sedit3.Text);
ReadProcessMemory(GetCurrentProcess,pointer(jz2),(@rwdz),4,LPDW);
jz3:= strtoint('$'+inttohex(rwdz,4))+strtoint('$'+sedit4.Text); ReadProcessMemory(GetCurrentProcess,pointer(jz3),(@rwdz),4,LPDW);
jz4:= strtoint('$'+inttohex(rwdz,4))+strtoint('$'+sedit5.Text); ReadProcessMemory(GetCurrentProcess,pointer(jz4),(@rwdz),4,LPDW);
jz5:= strtoint('$'+inttohex(rwdz,4))+strtoint('$'+sedit6.Text); ReadProcessMemory(GetCurrentProcess,pointer(jz5),(@rwdz),4,LPDW);
//sedit8.Text:= inttohex(rwdz+strtoint('$'+sedit7.Text),4); if (sedit8.Text)= (inttohex(rwdz+strtoint('$'+sedit7.Text),4)) then begin
smemo1.Lines.Add(inttohex(jz1,4));
end;
sedit2.text:=inttohex((strtoint('$'+sedit2.Text)+strtoint('$'+inttostr(i))),4);
end;fristjz,lastjz 为起始内存地址和终止内存地址。sedit3-sedit7 为偏移地址。 但是我感觉这样写太复杂了。听人家说。如果只是读取自身内存。不需要用ReadProcessMemory 请问下该怎么写?而且我这个循环也有问题。 请大家帮忙看下。
……谁教的这种代码?这不是纯粹的脱裤子放屁么至于怎么写……就那么写呗,只要进程内的虚拟地址的页面属性是已提交就能直接读