我正在尝试从另一个进程读取指针。我可以读取指针的内容,并且实际上收到了一个地址,但是我想做的是再往外走一步,并在接收到的地址内获取值。我认为我做错了,否则我想这是不可能的?
这是我的代码:
#include <iostream>
#include <windows.h>
using namespace std;
int main() {
DWORD pid;
int **buffer = NULL;
cout << "Current PID: " << GetCurrentProcessId();
cout << "\nTarget PID: ";
cin >> pid;
HANDLE handle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid);
if (handle == NULL) {
cout << "\nCant open process. Error Code: " << GetLastError();
return EXIT_FAILURE;
}
else {
ReadProcessMemory(handle, (LPCVOID)0x5BF9A4, &buffer, sizeof(buffer), NULL); // &*buffer maybe?
if (ReadProcessMemory == 0) {
cout << "\nRPM failed, ERROR_CODE: " << GetLastError();
return EXIT_FAILURE;
}
}
cout << "\nBuffer: " << buffer << endl;
//cout << "Buffer 1st hop: " << *buffer << endl; // Wont execute. Crashed maybe?
//cout << "Buffer 2nd hop: " << **buffer << endl;
CloseHandle(handle);
if (CloseHandle != 0){
cout << "Handle to process destroyed successfully.\n";
}
system("pause");
return 0;
}
您必须保留空间以放置阅读内容:
char buffer[1024];
ReadProcessMemory(handle, (LPCVOID)0x5BF9A4, buffer, sizeof(buffer), NULL);
并且您应该在最后一个参数中获得读取计数:
int r = 0;
char buffer[1024];
ReadProcessMemory(handle, (LPCVOID)0x5BF9A4, buffer, sizeof(buffer), &r);
这样您就知道读取了多少数据。
而且您必须从通话中得到结果:
int r = 0;
char buffer[1024];
int ok = ReadProcessMemory(handle, (LPCVOID)0x5BF9A4, buffer, sizeof(buffer), &r);
if (! ok)
// do something
此后,您可以读取内容buffer[0]是第一个字符。