请问ReadProcessMemory这个函数该怎样读取指定内存地址中的值呢。在网上找了N久,头都大了,特来请教。目标程序01是我自己编写的一个窗体程序,然后我在空白地址 &H401E46 写入了一些字符串,用内存写入没问题,读取的却不一样。
觉得奇怪的是为什么进程id会一直变动的pHandle。读出的&H401E46的内存也是一直变动的,鼠标移动到窗体不同地方也会变化(不正确)。
请问怎样才能读取到的内容和写入的时候一样呢。
窗体中的
00401E46的十六进制数据是 DC D9 06 0B 7C 7B
用下面方法读取到的却是一些变动的数字。下面是读取的代码Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As LongPrivate Const PROCESS_ALL_ACCESS = &H1F0FFFDim hwnd1 As Long
Dim pid As Long
Dim pHandle As LongPrivate Function ncnr(lpADDress As Long) As Integer
hwnd1 = FindWindow(vbNullString, "01")
GetWindowThreadProcessId hwnd1, pid
pHandle = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
ReadProcessMemory pHandle, lpADDress, ByVal VarPtr(ncnr), 6, 0&
CloseHandle pHandle
End Function
Private Sub Timer1_Timer()
hwnd1 = FindWindow(vbNullString, "01")
If hwnd1 = 0 Then
Label1.Caption = "程序未运行"
Text1.Text=""
Else
Label1.Caption = "程序已运行"
Text1.Text = ncnr(&H401E46)
End If
End Sub
觉得奇怪的是为什么进程id会一直变动的pHandle。读出的&H401E46的内存也是一直变动的,鼠标移动到窗体不同地方也会变化(不正确)。
请问怎样才能读取到的内容和写入的时候一样呢。
窗体中的
00401E46的十六进制数据是 DC D9 06 0B 7C 7B
用下面方法读取到的却是一些变动的数字。下面是读取的代码Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As LongPrivate Const PROCESS_ALL_ACCESS = &H1F0FFFDim hwnd1 As Long
Dim pid As Long
Dim pHandle As LongPrivate Function ncnr(lpADDress As Long) As Integer
hwnd1 = FindWindow(vbNullString, "01")
GetWindowThreadProcessId hwnd1, pid
pHandle = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
ReadProcessMemory pHandle, lpADDress, ByVal VarPtr(ncnr), 6, 0&
CloseHandle pHandle
End Function
Private Sub Timer1_Timer()
hwnd1 = FindWindow(vbNullString, "01")
If hwnd1 = 0 Then
Label1.Caption = "程序未运行"
Text1.Text=""
Else
Label1.Caption = "程序已运行"
Text1.Text = ncnr(&H401E46)
End If
End Sub
Call GetWindowThreadProcessId(hMine, MineID) '返回 扫雷 进程的ID,为mineId
yOffset = 60
xOffset = 20
pMine = OpenProcess(PROCESS_VM_READ, True, MineID) '打开 扫雷 进程
If pMine = 0 Then
Call MsgBox("你还没有打开扫雷吧:)", vbInformation, "找不到哦")
RunMine
Exit Sub
End If
nSize = 1
'ReDim lpBuffer(nSize - 1)
If ReadProcessMemory(pMine, miBegin, lpBuffer, nSize, lpNumberOfBytesRead) Then '进程句柄,内存区基址,数据缓冲区,要读的字节数,已读字节数
Me.Caption = "共有雷数 " + CStr(lpBuffer) + " 个"
MineNum = lpBuffer
End If
If ReadProcessMemory(pMine, miWidth, lpBuffer, nSize, lpNumberOfBytesRead) Then
mWidth = lpBuffer '雷区宽度,即 扫雷 的列数
End If
If ReadProcessMemory(pMine, miHeight, lpBuffer, nSize, lpNumberOfBytesRead) Then
mHeight = lpBuffer '雷区高度,即 扫雷 的行数
End If
这个地址记录着我写入的内容,如果是,那么数据缓冲区地址该是多少?