#include<stdio.h>
#include<conio.h>
#include<windows.h>void main(int argc,char **argv)
{
char wndName[128];
DWORD pID,tID; // Process ID,Thread ID
HWND hWnd; // window handle
SYSTEM_INFO si; // get min and max application address
MEMORY_BASIC_INFORMATION mbi; // get memory type if (argc == 1)
strcpy(wndName,"命令提示符");
else
strcpy(wndName,argv[1]); hWnd = FindWindow(NULL,wndName);
if (!hWnd)
{
MessageBox(NULL,TEXT("FindWidnow Error!"),TEXT("FindWindow Tip"),MB_OK);
return;
} GetSystemInfo(&si);
tID = GetWindowThreadProcessId(hWnd,&pID); HANDLE handle = OpenProcess(PROCESS_ALL_ACCESS,FALSE,pID);
if(!handle)
{
MessageBox(NULL,TEXT("OpenProcess Error!"),TEXT("OpenProcess Tip"),MB_OK);
return;
} DWORD len = sizeof(MEMORY_BASIC_INFORMATION);
DWORD i = 0;
DWORD readBytes;
PVOID addr = si.lpMinimumApplicationAddress ;
DWORD ret;
do
{
memset(&mbi,len,0);
ret = VirtualQuery(addr ,&mbi,len);
if (mbi.State == MEM_COMMIT)
{
char *memBuffer = (char*)malloc(mbi.RegionSize);
BOOL readOk = ReadProcessMemory(handle,mbi.BaseAddress ,
memBuffer,mbi.RegionSize,&readBytes); if (readOk)
{
printf("address: 0X%08X\t",mbi.BaseAddress );
for (unsigned int k = 1; k <= readBytes; k++)
{
if ((k % 16) == 0)
printf("\naddress: 0X%08X\t",(DWORD)mbi.BaseAddress + (k / 16) * 16 ); printf("%02X ",*memBuffer++);
}
printf("\n");
} free(memBuffer);
getch();
}
addr = (PVOID)((PBYTE)addr + mbi.RegionSize ); }while(ret == len );
printf("\n");
}在Windows2000,拥有管理员权限,命令提示符为一个CMD窗口.
问题出现在有的内容是一个字符竟然出现8个字节,如00 0B 00 00 00 06 00 08 02 FFFFFF90 02 02 00 18 00 00
#include<conio.h>
#include<windows.h>void main(int argc,char **argv)
{
char wndName[128];
DWORD pID,tID; // Process ID,Thread ID
HWND hWnd; // window handle
SYSTEM_INFO si; // get min and max application address
MEMORY_BASIC_INFORMATION mbi; // get memory type if (argc == 1)
strcpy(wndName,"命令提示符");
else
strcpy(wndName,argv[1]); hWnd = FindWindow(NULL,wndName);
if (!hWnd)
{
MessageBox(NULL,TEXT("FindWidnow Error!"),TEXT("FindWindow Tip"),MB_OK);
return;
} GetSystemInfo(&si);
tID = GetWindowThreadProcessId(hWnd,&pID); HANDLE handle = OpenProcess(PROCESS_ALL_ACCESS,FALSE,pID);
if(!handle)
{
MessageBox(NULL,TEXT("OpenProcess Error!"),TEXT("OpenProcess Tip"),MB_OK);
return;
} DWORD len = sizeof(MEMORY_BASIC_INFORMATION);
DWORD i = 0;
DWORD readBytes;
PVOID addr = si.lpMinimumApplicationAddress ;
DWORD ret;
do
{
memset(&mbi,len,0);
ret = VirtualQuery(addr ,&mbi,len);
if (mbi.State == MEM_COMMIT)
{
char *memBuffer = (char*)malloc(mbi.RegionSize);
BOOL readOk = ReadProcessMemory(handle,mbi.BaseAddress ,
memBuffer,mbi.RegionSize,&readBytes); if (readOk)
{
printf("address: 0X%08X\t",mbi.BaseAddress );
for (unsigned int k = 1; k <= readBytes; k++)
{
if ((k % 16) == 0)
printf("\naddress: 0X%08X\t",(DWORD)mbi.BaseAddress + (k / 16) * 16 ); printf("%02X ",*memBuffer++);
}
printf("\n");
} free(memBuffer);
getch();
}
addr = (PVOID)((PBYTE)addr + mbi.RegionSize ); }while(ret == len );
printf("\n");
}在Windows2000,拥有管理员权限,命令提示符为一个CMD窗口.
问题出现在有的内容是一个字符竟然出现8个字节,如00 0B 00 00 00 06 00 08 02 FFFFFF90 02 02 00 18 00 00
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货