溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊(cè)×
其他方式登錄
點(diǎn)擊 登錄注冊(cè) 即表示同意《億速云用戶(hù)服務(wù)條款》

vb.net ReadProcessMemory使用方法

發(fā)布時(shí)間:2020-07-25 12:05:21 來(lái)源:網(wǎng)絡(luò) 閱讀:646 作者:wang5159029 欄目:編程語(yǔ)言

網(wǎng)上好多關(guān)于ReadprocessMemory、WriteprocessMemory使用方法的貼子都不能用,下面是本人親自測(cè)過(guò)可用的,望對(duì)大家有用。

    ''' <summary>
    ''' 讀取內(nèi)存地址
    ''' </summary>
    ''' <param name="hProcess">進(jìn)程句柄</param>
    ''' <param name="lpBaseAddress">內(nèi)存地址</param>
    ''' <param name="lpBuffer">數(shù)據(jù)存儲(chǔ)變量</param>
    ''' <param name="nSize">長(zhǎng)度sizeof(lpBuffer)</param>
    ''' <param name="lpNumberOfBytesRead">讀取長(zhǎng)度</param>
    ''' <returns></returns>
    ''' <remarks></remarks>
    Declare Function ReadProcessMemory Lib "kernel32.dll" (ByVal hProcess As Integer, ByVal lpBaseAddress As IntPtr, ByVal lpBuffer As IntPtr, ByVal nSize As Integer, ByRef lpNumberOfBytesRead As Integer) As Boolean

    ''' <summary>
    ''' 寫(xiě)入內(nèi)存地址
    ''' </summary>
    ''' <param name="hProcess">進(jìn)程句柄</param>
    ''' <param name="lpBaseAddress">寫(xiě)入進(jìn)程的內(nèi)存地址</param>
    ''' <param name="lpBuffer">數(shù)據(jù)存儲(chǔ)變量</param>
    ''' <param name="nSize">長(zhǎng)度sizeof(lpBuffer)</param>
    ''' <param name="lpNumberOfBytesWritten">實(shí)際數(shù)據(jù)的長(zhǎng)度</param>
    ''' <returns></returns>
    ''' <remarks></remarks>
    Declare Function WriteProcessMemory Lib "kernel32" Alias "WriteProcessMemory" _
        (ByVal hProcess As Integer, ByVal lpBaseAddress As IntPtr, _
         ByVal lpBuffer As Byte(), ByVal nSize As Integer, ByVal lpNumberOfBytesWritten As IntPtr) As Boolean

Declare Function OpenProcess Lib "kernel32.dll" (ByVal dwDesiredAccess As Integer, ByVal bInheritHandle As Integer, ByVal dwProcessId As Integer) As Integer


    Friend Const PROCESS_ALL_ACCESS = &H1F0FFF = 2035711
    Friend Const PROCESS_VM_READ = &H10
    Friend Const PROCESS_VM_WRITE = &H20


 Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        Dim hw As Integer = OpenProcess(PROCESS_VM_READ, False, 4304)
        Dim getstr(12) As Byte
        Dim GetStrIntptr = Marshal.UnsafeAddrOfPinnedArrayElement(getstr, 0)
        Button1.Text = "read結(jié)果:" & ReadProcessMemory(hw, CType(&H4D45A0, IntPtr), GetStrIntptr, 12, 0)
        TextBox1.Text = Marshal.PtrToStringUni(GetStrIntptr)
        TextBox3.Text = "GLE:" & GetLastError
        CloseHandle(hw)
    End Sub
‘需要注意:readprocessmemory的lpBuffer放的地?cái)?shù)組地址的基址,需要用marshal轉(zhuǎn)化一下。Marshal.PtrToStringUni(GetStrIntptr)輸出內(nèi)容。


    Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
        Dim hw As Integer = OpenProcess(&H1F0FFF, False, 4304)
        Dim Wrtstr(12) As Byte
        Wrtstr = System.Text.Encoding.Unicode.GetBytes("vbWrit")
        Button2.Text = "Write結(jié)果:" & WriteProcessMemory(hw, CType(&H4D45A0, IntPtr), Wrtstr, 12, 0)
        TextBox3.Text = "GLE:" & GetLastError
        CloseHandle(hw)
    End Sub

向AI問(wèn)一下細(xì)節(jié)

免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如果涉及侵權(quán)請(qǐng)聯(lián)系站長(zhǎng)郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI