• 【转】修改内存地址内容,可以修改游戏金币值

    实现修改内存内容核心代码: 

    C++代码

    //进程列表信息  
void CMemRepairDlg::InitProcessList()  
{  
    PROCESSENTRY32 pe32;  
    ZeroMemory(&pe32, 0);  
    pe32.dwSize = sizeof(PROCESSENTRY32);  
    //对系统进程进行拍照  
    HANDLE handle = ::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);  
    if ( INVALID_HANDLE_VALUE == handle  )  
    {  
        MessageBox("调用CreateToolhelp32Snapshot函数失败!");  
        return;  
    }  
      
    BOOL bRect = ::Process32First(handle, &pe32);  
  
    if ( m_map.size() > 0)  
        m_map.clear();//清除  
    CString cs;  
  
    while( bRect )  
    {  
        ((CComboBox*)GetDlgItem(IDC_PROCESSLIST_COBOX))->AddString(pe32.szExeFile);  
        m_map.insert(std::pair<DWORD, CString>(pe32.th32ProcessID, pe32.szExeFile));  
          
        bRect = ::Process32Next(handle, &pe32);  
    }  
    ((CComboBox*)GetDlgItem(IDC_PROCESSLIST_COBOX))->SetCurSel(3);  
  
    //GetModuleFileNameEX::检索当前进程路径  
    UpdateData(FALSE);  
    CloseHandle(handle);  
}  
  
//获取当前进程句柄  
void CMemRepairDlg::GetCurrentProcessHandle()  
{  
    int nIndex = ((CComboBox*)GetDlgItem(IDC_PROCESSLIST_COBOX))->GetCurSel();  
    CString processStr = "";  
    ((CComboBox*)GetDlgItem(IDC_PROCESSLIST_COBOX))->GetLBText(nIndex, processStr);  
      
    DWORD processId = 0;  
  
    if ( m_map.size() > 0 )  
    {  
        std::map<DWORD, CString>::iterator iterator;  
        for( iterator=m_map.begin();iterator != m_map.end();++iterator )  
        {  
            if ( !processStr.Compare(iterator->second) )  
            {  
                processId = iterator->first;  
                break;  
            }  
        }  
    }  
    if ( processId == 0 ) return;  
    m_handle = ::OpenProcess(PROCESS_ALL_ACCESS, FALSE, processId);  
  
    if ( m_handle == NULL )  
    {  
        CString errorInfo;  
        errorInfo.Format("error code:%d 调用函数失败!", GetLastError);  
        MessageBox(errorInfo);  
        return;  
    }  
      
}  
//读取一页内存  
void CMemRepairDlg::ReadOnePageMem(DWORD baseptr, const char* pStr)  
{  
    BYTE byte[4096] = {0};  
    //lpBaseptr:起始地址  
    BOOL bRect = ::ReadProcessMemory(m_handle, (LPCVOID)baseptr, byte, 4096, NULL);  
  
    LPDWORD ptr = NULL;  
    if ( bRect )  
    {  
        for( int i = 0;i < 4*1024-3;++i )  
        {  
            ptr = (DWORD*)&byte[i];  
            if ( *ptr == atoi(pStr) )  
            {  
                m_vector.push_back(baseptr+i);  
            }  
        }  
    }  
      
}  
  
//获取操作系统用于存储数据的地址  
void CMemRepairDlg::GetBasePtr(const char* pStr)  
{  
    OSVERSIONINFO osInfo;  
    ZeroMemory(&osInfo, sizeof(OSVERSIONINFO));  
    osInfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);  
    ::GetVersionEx(&osInfo);  
    DWORD baseAddr = 0;  
    if ( osInfo.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS )//98  
    {  
        baseAddr = 4*1024*1024;//98系统是采用的是4M  
    }  
    else  
    {  
        baseAddr = 64*1024;  
    }  
  
    if ( m_vector.size() > 0)  
        m_vector.clear();  
    //在开始地址到2G内存空间进行查找  
    for( ;baseAddr < 2*1024*1024*1024;baseAddr+=4*1024 )  
    {  
        ReadOnePageMem(baseAddr, pStr);  
    }  
}  
  
//通过输入值找到当前进程中内存地址  
void CMemRepairDlg::OnSearchBtn()   
{  
    // TODO: Add your control notification handler code here  
    GetCurrentProcessHandle();  
    ((CEdit*)GetDlgItem(IDC_VALUE_EDIT))->GetWindowText(m_value);  
    GetBasePtr(m_value.GetBuffer(m_value.GetLength()));  
    OperatorListBox();  
  
}  
  
//地址列表控件操作  
void CMemRepairDlg::OperatorListBox()  
{  
    CListBox* listBox = (CListBox*)GetDlgItem(IDC_PROCESS_LIST);  
    std::vector<DWORD>::iterator itrator;  
      
    listBox->ResetContent();  
    CString str;  
    for( itrator = m_vector.begin();itrator != m_vector.end();++itrator )  
    {  
        str.Format("%p", *itrator);  
        listBox->AddString(str);  
    }  
  
    UpdateData(FALSE);  
}  
  
void CMemRepairDlg::OnSelchangeProcessList()   
{  
    // TODO: Add your control notification handler code here  
    CListBox* listBox = (CListBox*)GetDlgItem(IDC_PROCESS_LIST);  
    int nIndex = ((CListBox*)GetDlgItem(IDC_PROCESS_LIST))->GetCurSel();  
    CString strItem;  
    listBox->GetText(nIndex, strItem);  
    ((CEdit*)GetDlgItem(IDC_ADDR_EDIT))->SetWindowText(strItem);  
    UpdateData(FALSE);  
}  
  
//从指定的内存范围内进行搜索  
void CMemRepairDlg::OnStartBtn()   
{  
    // TODO: Add your control notification handler code here  
    int nSize = m_vector.size();  
  
    DWORD dwValue;  
    if ( m_nextVector.size() > 0 )  
        m_nextVector.clear();  
    std::vector<DWORD>::iterator iterator;  
    for( iterator = m_vector.begin(); iterator != m_vector.end();++iterator )  
    {  
        BOOL bRect = ::ReadProcessMemory(m_handle, (LPCVOID)*iterator, &dwValue, sizeof(DWORD), NULL);  
        if (bRect)  
        {  
            if ( dwValue == atoi(m_value.GetBuffer(m_value.GetLength())) )//内存的内容与输入的值相等  
            {  
                m_nextVector.push_back(*iterator);  
            }  
        }  
    }  
  
    m_vector.clear();  
    m_vector = m_nextVector;  
  
    OperatorListBox();  
  
}  
  
//修改内存内容  
void CMemRepairDlg::OnModifyBtn()   
{  
    // TODO: Add your control notification handler code here  
    CString addrStr = "";  
    CString modifyStr = "";  
  
    ((CEdit*)GetDlgItem(IDC_ADDR_EDIT))->GetWindowText(addrStr);//需要修改的地址  
    ((CEdit*)GetDlgItem(IDC_MODIFY_EDIT))->GetWindowText(modifyStr);  
        MessageBox(addrStr);  
      
    DWORD dwValue = atoi(modifyStr.GetBuffer(modifyStr.GetLength()));  
    DWORD addr = HexToNum(addrStr);;  
      
    BOOL bRect = ::WriteProcessMemory(m_handle,(LPVOID)addr, &dwValue, sizeof(DWORD), NULL);  
    if ( bRect )  
        MessageBox("修改成功!");  
    else  
    {  
        int nCode = GetLastError();  
        CString errorInfo;  
        errorInfo.Format("%d   错语码:%d", addr, nCode);  
        MessageBox(errorInfo);  
    }  
}  
  
//十六进制转化为十进制  
DWORD CMemRepairDlg::HexToNum(CString str)  
{  
    int nSum = 0;  
    int nLength = str.GetLength();  
    int i = 0;  
    int nTemp = 0;  
      
    do   
    {  
        TCHAR cChar = str.GetAt(--nLength);  
        switch(cChar)  
        {  
            case 'A':  
            case 'a':  
                nTemp = 10;  
                break;  
            case 'B':  
            case 'b':  
                nTemp = 11;  
                break;  
            case 'C':  
            case 'c':  
                nTemp = 12;  
                break;  
            case 'D':  
            case 'd':  
                nTemp = 13;  
                break;  
            case 'E':  
            case 'e':  
                nTemp = 14;  
                break;  
            case 'F':  
            case 'f':  
                nTemp = 15;  
                break;  
            default:  
                nTemp = cChar - 48;  
                break;  
  
        }  
        nSum += nTemp*pow(16, i);  
  
        ++i;  
    } while (nLength  > 0);  
  
    return nSum;  
}
  • 相关阅读:
    import和include的区别
    $sformat用法
    如何快速理解DUT
    vim_basic
    UVM——寄存器模型相关的一些函数
    AMBA——总线仲裁
    Cache的写回策略(转)
    Cache直接映射、组相连映射以及全相连映射(转载)
    一起学IC验证:推荐资料合集,收藏专用(转载)
    VCS仿真流程
  • 原文地址:https://www.cnblogs.com/zsxfbj/p/2226951.html
Copyright © 2020-2023  润新知