已知一基地址$010EA0CC,偏移量为$2A4,先在用ReadProcessMemory函数连读取内存数据,为什么我用其他工具(例如:CE)可以读取到正常的数据,但
ReadProcessMemory(h,Pointer(addr+$2A4),@buf,nSize,lpNumberOfBytes);
却为0?是不是$010EA0CC是一个指针地址.请大家赐教procedure TForm1.Button1Click(Sender: TObject);
var gameHwnd:Hwnd;
pid: dword;
h: THandle;
lpNumberOfBytes: DWord;
buf:DWord;
buf2:Pointer;
Buffer : Array[0..3] Of DWord;
addr:DWORD;
nSize: DWORD;
s:WideString;
i:Integer;
begin
gameHwnd:=FindWindow(nil,'Element Client');
if gameHwnd<>0 then
begin
GetWindowThreadProcessId(gameHwnd, @pid);
h:=OpenProcess(PROCESS_ALL_ACCESS, false, pid);
if h<>0 then
begin
addr:=$010EA0CC;
edit2.Text:=Inttostr(gameHwnd);
edit3.Text:=Inttostr(h);
nSize:=4;
ReadProcessMemory(h,Pointer(addr+$2A4),@buf,nSize,lpNumberOfBytes);
s:=inttoStr(buf);
edit1.Text:=s;
showmessage(s);
end;
closeHandle(h);
end else begin
showmessage('游戏未运行!');
end;
end;
ReadProcessMemory(h,Pointer(addr+$2A4),@buf,nSize,lpNumberOfBytes);
却为0?是不是$010EA0CC是一个指针地址.请大家赐教procedure TForm1.Button1Click(Sender: TObject);
var gameHwnd:Hwnd;
pid: dword;
h: THandle;
lpNumberOfBytes: DWord;
buf:DWord;
buf2:Pointer;
Buffer : Array[0..3] Of DWord;
addr:DWORD;
nSize: DWORD;
s:WideString;
i:Integer;
begin
gameHwnd:=FindWindow(nil,'Element Client');
if gameHwnd<>0 then
begin
GetWindowThreadProcessId(gameHwnd, @pid);
h:=OpenProcess(PROCESS_ALL_ACCESS, false, pid);
if h<>0 then
begin
addr:=$010EA0CC;
edit2.Text:=Inttostr(gameHwnd);
edit3.Text:=Inttostr(h);
nSize:=4;
ReadProcessMemory(h,Pointer(addr+$2A4),@buf,nSize,lpNumberOfBytes);
s:=inttoStr(buf);
edit1.Text:=s;
showmessage(s);
end;
closeHandle(h);
end else begin
showmessage('游戏未运行!');
end;
end;
If the function fails, the return value is zero. To get extended error information, call GetLastError.
The function fails if the requested read operation crosses into an area of the process that is inaccessible. 看帮助 第一句话 函数成功的时候 这个值是非0
===========================================
addr:=GetAddyfrmpointer($010EA0CC,$2A4,h);
===========================================function GetAddyfrmpointer(baseaddress, offset: dword;
hID: THandle): Dword;
var a: dword;
x: dword;
i: integer;
offsetcount: integer;
offsets:array of dword;
b:integer;
maxid:integer;
begin
offsetcount:=1;
b:=0;
setlength(offsets,1);
offsets[b]:=offset;
a:=baseaddress;
i:=0;
while (i<offsetcount) do
begin
if not readprocessmemory(hID,pointer(a),@a,4,x) then exit;
inc(a,offsets[i]);
inc(i);
result:=a
end;
end;