Windows10下VirtualQueryEx无法扫描内存。 我该如何解决这个问题? 请大佬们告诉我谢谢
我的代码如下:
from ctypes import \*
from ctypes import wintypes as w
from my_debugger_defines import \*
kernel32 = windll.kernel32
VirtualQueryEx = kernel32.VirtualQueryEx
VirtualQueryEx.argtypes = \[w.HANDLE, w.LPCVOID, w.LPVOID, w.DWORD\]
VirtualQueryEx.restype = w.DWORD
class MyCheatEngine:
def __init__(self, pid):
self.pid = int(pid)
self.h_process = None
pass
def open_process(self,pid):
h_process = kernel32.OpenProcess(PROCESS_ALL_ACCESS, False, pid)
if not h_process:
print("open process error: %d" % kernel32.GetLastError())
return h_process
def attach(self):
self.h_process = self.open_process(self.pid)
print("Process handle is: %d" % self.h_process)
def query_mem(self, address):
mbi = MEMORY_BASIC_INFORMATION64()
mbis = []
while VirtualQueryEx(self.h_process, address, byref(mbi), sizeof(mbi)) > 0:
address += mbi.RegionSize
mbis.append(mbi)
return mbis
pid = input("Enter the PID of the process to attach to: ")
mce = MyCheatEngine(pid)
mce.attach()
mibs = mce.query_mem(0)
print("mibs length: %d" % len(mibs))
if len(mibs) \< 1:
print("Query mem error.")
exit
mask = PAGE_EXECUTE_READWRITE | PAGE_EXECUTE_WRITECOPY | PAGE_READWRITE | PAGE_WRITECOPY
print("%#08x" % mask)
filted_mibs = \[\]
for m in mibs:
if m.Protect & PAGE_NOACCESS:
filted_mibs.append(m)
print("the size of all page: %d" % sum(\[mib.RegionSize for mib in mibs\]))
print("the number of writable pages: %d" % len(filted_mibs))
我想有人告诉我该怎么做。 windows10是不是让hack越来越难了?