本文整理汇总了C++中GetModuleInformation函数的典型用法代码示例。如果您正苦于以下问题:C++ GetModuleInformation函数的具体用法?C++ GetModuleInformation怎么用?C++ GetModuleInformation使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了GetModuleInformation函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: gethandle
int CMemUtil::GetProcessBaseAddr(int processId)
{
HANDLE dwHandle = gethandle(processId);
if (processId == m_prevProcessIdBase && m_prevProcessIdBase != -1 && m_prevBaseAddr != NULL)
{
return m_prevBaseAddr;
}
else
{
m_prevProcessIdBase = -1;
m_prevBaseAddr = NULL;
}
int ret = 0;
int isNotFromNormalScan = 0;
if (dwHandle)
{
unsigned long moduleCount = 0;
EnumProcessModules(dwHandle, NULL, 0, &moduleCount);
moduleCount = moduleCount / sizeof(HMODULE);
HMODULE *modules = (HMODULE*)calloc(moduleCount, sizeof(HMODULE));
char moduleName[64];
EnumProcessModules(dwHandle, modules, moduleCount * sizeof(HMODULE), &moduleCount);
for (unsigned long i = 0; i < moduleCount; i++)
{
GetModuleBaseName(dwHandle, modules[i], moduleName, sizeof(moduleName));
if (_strcmpi(moduleName, "Tibia.exe") == 0)
{
MODULEINFO moduleInfo;
GetModuleInformation(dwHandle, modules[i], &moduleInfo, sizeof(moduleInfo));
//isNotFromNormalScan=0; // commented to see if Tibia.exe in sometimes not first
ret = (int)moduleInfo.lpBaseOfDll;
break;
}
if (i == 0) // catches first module in case Tibia.exe does not exist
{
MODULEINFO moduleInfo;
GetModuleInformation(dwHandle, modules[i], &moduleInfo, sizeof(moduleInfo));
isNotFromNormalScan = 1;
ret = (int)moduleInfo.lpBaseOfDll;
}
}
free(modules);
modules = NULL;
}
if (isNotFromNormalScan)
AfxMessageBox("While finding base address, main module was no first or was not named \"Tibia.exe\".");
if (ret)
{
m_prevBaseAddr = ret;
m_prevProcessIdBase = processId;
}
return ret;
}
示例2: GetProcessBaseAddr
int GetProcessBaseAddr()
{
static HANDLE dwHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, ::GetCurrentProcessId());
if (dwHandle == NULL)
{
CloseHandle(dwHandle);
AfxMessageBox("Unable to read Tibia memory!");
}
int ret = 0;
int isNotFromNormalScan = 0;
if (dwHandle)
{
unsigned long moduleCount = 0;
EnumProcessModules(dwHandle, NULL, 0, &moduleCount);
moduleCount = moduleCount / sizeof(HMODULE);
HMODULE *modules = (HMODULE*)calloc(moduleCount, sizeof(HMODULE));
char moduleName[64];
unsigned long dummy;
EnumProcessModules(dwHandle, modules, moduleCount * sizeof(HMODULE), &dummy);
for (size_t i = 0; i < moduleCount; i++)
{
GetModuleBaseName(dwHandle, modules[i], moduleName, sizeof(moduleName));
if (_strcmpi(moduleName, "Tibia.exe") == 0)
{
MODULEINFO moduleInfo;
GetModuleInformation(dwHandle, modules[i], &moduleInfo, sizeof(moduleInfo));
isNotFromNormalScan = 0; // commented to see if Tibia.exe in sometimes not first
ret = (int)moduleInfo.lpBaseOfDll;
break;
}
if (i == 0) // catches first module in case Tibia.exe does not exist
{
MODULEINFO moduleInfo;
GetModuleInformation(dwHandle, modules[i], &moduleInfo, sizeof(moduleInfo));
isNotFromNormalScan = 1;
ret = (int)moduleInfo.lpBaseOfDll;
}
}
free(modules);
modules = NULL;
}
if (isNotFromNormalScan)
AfxMessageBox("While finding base address, main module was no first or was not named \"Tibia.exe\".");
return ret;
}
示例3: mainFunction
void mainFunction()
{
MODULEINFO moduleInfo;
bool bSuccess;
MH_STATUS status;
Log::Init();
GetModuleInformation(GetCurrentProcess(), GetModuleHandle(NULL), &moduleInfo, sizeof(MODULEINFO));
Log::Write(Log::Type::Debug, "Base address is at: %I64X", moduleInfo.lpBaseOfDll);
funcToHookOn = Pattern::Scan(moduleInfo, "48 89 5C 24 ? 57 48 83 EC 20 44 0F B7 05 ? ? ? ? 33 D2");
Log::Write(Log::Type::Debug, "The code is found at: %I64X", funcToHookOn);
status = MH_Initialize();
Log::Write(Log::Type::Debug, "MinHook intialization was: ", status != MH_STATUS::MH_OK ? "Not successful" : "Successful");
status = MH_CreateHook((void*)funcToHookOn, hkRETURN_NUMBER_OF_RUNNING_SCRIPT, (void**)&oRETURN_NUMBER_OF_RUNNING_SCRIPT);
Log::Write(Log::Type::Debug, "MinHook hook creation was: ", status != MH_STATUS::MH_OK ? "Not successful" : "Successful");
status = MH_EnableHook((void*)funcToHookOn);
Log::Write(Log::Type::Debug, "MinHook enable was: ", status != MH_STATUS::MH_OK ? "Not successful" : "Successful");
}
示例4: GetModuleHandle
ADDRESS HexSearcher::GetModuleEnd()
{
MODULEINFO mi;
HMODULE moduleHandle = GetModuleHandle(NULL);
GetModuleInformation(GetCurrentProcess(), moduleHandle, &mi, sizeof(mi));
return (ADDRESS)mi.SizeOfImage + (ADDRESS)moduleHandle;
}
示例5: genericPatternSearch
bool mod_memory::genericPatternSearch(PBYTE * thePtr, wchar_t * moduleName, BYTE pattern[], ULONG taillePattern, LONG offSetToPtr, char * startFunc, bool enAvant, bool noPtr)
{
bool resultat = false;
if(thePtr && pattern && taillePattern)
{
if(HMODULE monModule = GetModuleHandle(moduleName))
{
MODULEINFO mesInfos;
if(GetModuleInformation(GetCurrentProcess(), monModule, &mesInfos, sizeof(MODULEINFO)))
{
PBYTE addrMonModule = reinterpret_cast<PBYTE>(mesInfos.lpBaseOfDll);
if(PBYTE addrDebut = startFunc ? reinterpret_cast<PBYTE>(GetProcAddress(monModule, startFunc)) : addrMonModule)
{
if(resultat = mod_memory::searchMemory(addrDebut, enAvant ? (addrMonModule + mesInfos.SizeOfImage) : reinterpret_cast<PBYTE>(mesInfos.lpBaseOfDll), pattern, thePtr, taillePattern, enAvant))
{
*thePtr += offSetToPtr;
if(!noPtr)
{
#ifdef _M_X64
*thePtr += sizeof(long) + *reinterpret_cast<long *>(*thePtr);
#elif defined _M_IX86
*thePtr = *reinterpret_cast<PBYTE *>(*thePtr);
#endif
}
}
else *thePtr = NULL;
}
}
}
}
return resultat;
}
示例6: DllMain
BOOL APIENTRY DllMain(HMODULE hModule, DWORD reason, LPVOID lpReserved )
{
if (reason == DLL_PROCESS_ATTACH) {
Log::Init(hModule);
DEBUGOUT("FiveMP DLL loaded");
if (!GetModuleInformation(GetCurrentProcess(), GetModuleHandle(0), &g_MainModuleInfo, sizeof(g_MainModuleInfo))) {
Log::Fatal("Unable to get MODULEINFO from GTA5.exe");
}
DEBUGOUT("GTA5 [0x%I64X][0x%X]", g_MainModuleInfo.lpBaseOfDll, g_MainModuleInfo.SizeOfImage);
hook.StartConsole();
hook.NoIntro();
hook.Initialize(hModule);
}
if (reason == DLL_PROCESS_DETACH) {
printf("reach end");
scriptUnregister(hModule);
printf("reach end 2");
hook.StopConsole();
}
return TRUE;
}
示例7: GetCurrentProcess
std::wstring Dll::FindConflictingModule() {
HMODULE hMods[1024];
DWORD cbNeeded;
TCHAR moduleName[MAX_PATH];
auto hProcess = GetCurrentProcess();
std::wstring conflicting;
const uint32_t templeImageSize = 0x01EB717E;
const uint32_t templeDesiredStart = 0x10000000;
const uint32_t templeDesiredEnd = templeDesiredStart + templeImageSize;
if (EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbNeeded)) {
for (uint32_t i = 0; i < (cbNeeded / sizeof(HMODULE)); i++) {
GetModuleFileName(hMods[i], moduleName, MAX_PATH);
MODULEINFO moduleInfo;
GetModuleInformation(hProcess, hMods[i], &moduleInfo, cbNeeded);
auto fromAddress = reinterpret_cast<uint32_t>(moduleInfo.lpBaseOfDll);
auto toAddress = fromAddress + moduleInfo.SizeOfImage;
logger->debug(" Module {}: 0x{:08x}-0x{:08x}", ucs2_to_utf8(moduleName), fromAddress, toAddress);
if (fromAddress <= templeDesiredEnd && toAddress > templeDesiredStart) {
conflicting = fmt::format(L"{} (0x{:08x}-0x{:08x})", moduleName, fromAddress, toAddress);
}
}
}
CloseHandle(hProcess);
return conflicting;
}
示例8: ZeroMemory
void AbstractBTGenerator::LoadSymbols()
{
TModulesMap modules = m_process.GetModules();
for (TModulesMap::iterator i = modules.begin(); i != modules.end(); i++)
{
MODULEINFO modInfo;
ZeroMemory(&modInfo, sizeof(modInfo));
QString strModule = i.key();
GetModuleInformation(m_process.GetHandle(), i.value(), &modInfo, sizeof(modInfo));
SymLoadModuleEx(
m_process.GetHandle(),
NULL,
(CHAR*) i.key().toLatin1().constData(),
(CHAR*) i.key().toLatin1().constData(),
(DWORD64) modInfo.lpBaseOfDll,
modInfo.SizeOfImage,
NULL,
0);
LoadSymbol(strModule, (DWORD64) modInfo.lpBaseOfDll);
if (!IsSymbolLoaded(strModule))
{
emit MissingSymbol(strModule);
}
}
emit DebugLine(QString());
}
示例9: sizeof
bool CallStack::loadAllModules()
{
#ifdef WIN32
DWORD dwNeeded = 0;
if (!EnumProcessModules(hProcess, hModule, sizeof(hModule), &dwNeeded)) return false;
const int iCount = dwNeeded / sizeof(HMODULE);
for (int i = 0; i < iCount; ++i)
{
MODULEINFO info;
GetModuleInformation(hProcess, hModule[i], &info, sizeof(info));
GetModuleFileNameEx(hProcess, hModule[i], szImageName, iMax);
GetModuleBaseName(hProcess, hModule[i], szModuleName, iMax);
#ifdef X64
SymLoadModule64(hProcess, hModule[i], szImageName, szModuleName, (DWORD64)info.lpBaseOfDll, info.SizeOfImage);
#else
SymLoadModule(hProcess, hModule[i], szImageName, szModuleName, (DWORD)info.lpBaseOfDll, info.SizeOfImage);
#endif
}
#endif
return true;
}
示例10: EngineGetModuleBaseRemote
ULONG_PTR EngineGetModuleBaseRemote(HANDLE hProcess, ULONG_PTR APIAddress)
{
if(!hProcess) //no process specified
{
if(!dbgProcessInformation.hProcess)
hProcess = GetCurrentProcess();
else
hProcess = dbgProcessInformation.hProcess;
}
DWORD cbNeeded = 0;
if(EnumProcessModules(hProcess, 0, 0, &cbNeeded))
{
HMODULE* hMods = (HMODULE*)malloc(cbNeeded * sizeof(HMODULE));
if(EnumProcessModules(hProcess, hMods, cbNeeded, &cbNeeded))
{
for(unsigned int i = 0; i < cbNeeded / sizeof(HMODULE); i++)
{
MODULEINFO modinfo;
memset(&modinfo, 0, sizeof(MODULEINFO));
if(GetModuleInformation(hProcess, hMods[i], &modinfo, sizeof(MODULEINFO)))
{
ULONG_PTR start = (ULONG_PTR)hMods[i];
ULONG_PTR end = start + modinfo.SizeOfImage;
if(APIAddress >= start && APIAddress < end)
return start;
}
}
}
free(hMods);
}
return 0;
}
示例11: GetKernelProcAddress
// ------------------------------------------------------------------
// GetKernelProcAddress()
// ------------------------------------------------------------------
LPVOID
GetKernelProcAddress(PCHAR KernelModule, PCHAR FunctionName)
{
// Load the module
HMODULE hModule = LoadLibraryExA(KernelModule, NULL, DONT_RESOLVE_DLL_REFERENCES);
if(hModule == NULL)
return NULL;
// Get address
LPVOID pFunction = (LPVOID)GetProcAddress(hModule, FunctionName);
if(pFunction == NULL)
return NULL;
// Get base address in ring0
MODULEINFO ModuleInfo;
if(!GetModuleInformation(GetCurrentProcess(), hModule, &ModuleInfo, sizeof(ModuleInfo)))
return NULL;
// Caclc ring0 VA and return
// printf("addrees of %p GetDriverImageBase is\r\n ",GetDriverImageBase(KernelModule));
// printf("addrees of %p hModule is \r\n",hModule);
// printf("addrees of %p pFunction is\r\n ",pFunction);
return (LPVOID)((CHAR*)pFunction - (CHAR*)hModule + (CHAR*)GetDriverImageBase(KernelModule));
}
示例12: GetModuleInformation
// Thanks to kurta999 - YSF project
DWORD CUtils::FindPattern(char *szPattern, char *szMask)
{
#ifdef WIN32
// Get the current process information
MODULEINFO mInfo = {0};
GetModuleInformation(GetCurrentProcess(), GetModuleHandle(NULL), &mInfo, sizeof(MODULEINFO));
// Find the base address
DWORD dwBase = (DWORD)mInfo.lpBaseOfDll;
DWORD dwSize = (DWORD)mInfo.SizeOfImage;
#else
DWORD dwBase = 0x804b480;
DWORD dwSize = 0x8128B80 - dwBase;
#endif
// Get the pattern length
DWORD dwPatternLength = (DWORD)strlen(szMask);
// Loop through all the process
for(DWORD i = 0; i < dwSize - dwPatternLength; i++)
{
bool bFound = true;
// Loop through the pattern caracters
for (DWORD j = 0; j < dwPatternLength; j++)
bFound &= szMask[j] == '?' || szPattern[j] == *(char*)(dwBase + i + j);
// If found return the current address
if(bFound)
return dwBase + i;
}
// Return null
return NULL;
}
示例13: searchLiveGlobalLogonSessionList
bool mod_mimikatz_sekurlsa_livessp::searchLiveGlobalLogonSessionList()
{
#ifdef _M_X64
BYTE PTRN_WALL_LiveUpdatePasswordForLogonSessions[] = {0x48, 0x83, 0x65, 0xdf, 0x00, 0x48, 0x83, 0x65, 0xef, 0x00, 0x48, 0x83, 0x65, 0xe7, 0x00};
#elif defined _M_IX86
BYTE PTRN_WALL_LiveUpdatePasswordForLogonSessions[] = {0x89, 0x5d, 0xdc, 0x89, 0x5d, 0xe4, 0x89, 0x5d, 0xe0};
#endif
LONG OFFS_WALL_LiveUpdatePasswordForLogonSessions = -(5 + 4);
if(mod_mimikatz_sekurlsa::searchLSASSDatas() && pModLIVESSP && !LiveGlobalLogonSessionList)
{
PBYTE *pointeur = reinterpret_cast<PBYTE *>(&LiveGlobalLogonSessionList);
if(HMODULE monModule = LoadLibrary(L"livessp"))
{
MODULEINFO mesInfos;
if(GetModuleInformation(GetCurrentProcess(), monModule, &mesInfos, sizeof(MODULEINFO)))
{
mod_memory::genericPatternSearch(pointeur, L"livessp", PTRN_WALL_LiveUpdatePasswordForLogonSessions, sizeof(PTRN_WALL_LiveUpdatePasswordForLogonSessions), OFFS_WALL_LiveUpdatePasswordForLogonSessions);
*pointeur += pModLIVESSP->modBaseAddr - reinterpret_cast<PBYTE>(mesInfos.lpBaseOfDll);
}
FreeLibrary(monModule);
}
}
return (pModLIVESSP && LiveGlobalLogonSessionList);
}
示例14: GetModuleInformation
uintptr_t MemoryAccess::FindPattern(const char *pattern, const char *mask)
{
MODULEINFO module = { };
GetModuleInformation(GetCurrentProcess(), GetModuleHandle(nullptr), &module, sizeof(MODULEINFO));
const char *address = reinterpret_cast<const char *>(module.lpBaseOfDll), *address_end = address + module.SizeOfImage;
const size_t mask_length = static_cast<size_t>(strlen(mask) - 1);
for (size_t i = 0; address < address_end; address++)
{
if (*address == pattern[i] || mask[i] == '?')
{
if (mask[i + 1] == '\0')
{
return reinterpret_cast<uintptr_t>(address) - mask_length;
}
i++;
}
else
{
i = 0;
}
}
return 0;
}
示例15: GetModuleSize
BOOL GetModuleSize(HMODULE hModule, LPVOID* lplpBase, LPDWORD lpdwSize)
{
if (hModule == GetModuleHandle(NULL))
{
PIMAGE_NT_HEADERS pImageNtHeaders = ImageNtHeader((PVOID)hModule);
if (pImageNtHeaders == NULL)
{
return FALSE;
}
*lplpBase = (LPVOID)hModule;
*lpdwSize = pImageNtHeaders->OptionalHeader.SizeOfImage;
}
else
{
MODULEINFO ModuleInfo;
if (!GetModuleInformation(GetCurrentProcess(), hModule, &ModuleInfo, sizeof(MODULEINFO)))
{
return FALSE;
}
*lplpBase = ModuleInfo.lpBaseOfDll;
*lpdwSize = ModuleInfo.SizeOfImage;
}
return TRUE;
}