当前位置: 首页>>代码示例>>C++>>正文


C++ GetModuleInformation函数代码示例

本文整理汇总了C++中GetModuleInformation函数的典型用法代码示例。如果您正苦于以下问题:C++ GetModuleInformation函数的具体用法?C++ GetModuleInformation怎么用?C++ GetModuleInformation使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了GetModuleInformation函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。

示例1: gethandle

int CMemUtil::GetProcessBaseAddr(int processId)
{
	HANDLE dwHandle = gethandle(processId);
	if (processId == m_prevProcessIdBase && m_prevProcessIdBase != -1 && m_prevBaseAddr != NULL)
	{
		return m_prevBaseAddr;
	}
	else
	{
		m_prevProcessIdBase = -1;
		m_prevBaseAddr = NULL;
	}

	int ret = 0;
	int isNotFromNormalScan = 0;
	if (dwHandle)
	{
		unsigned long moduleCount = 0;
		EnumProcessModules(dwHandle, NULL, 0, &moduleCount);
		moduleCount = moduleCount / sizeof(HMODULE);

		HMODULE *modules = (HMODULE*)calloc(moduleCount, sizeof(HMODULE));
		char moduleName[64];
		EnumProcessModules(dwHandle, modules, moduleCount * sizeof(HMODULE), &moduleCount);
		for (unsigned long i = 0; i < moduleCount; i++)
		{
			GetModuleBaseName(dwHandle, modules[i], moduleName, sizeof(moduleName));
			if (_strcmpi(moduleName, "Tibia.exe") == 0)
			{
				MODULEINFO moduleInfo;
				GetModuleInformation(dwHandle, modules[i], &moduleInfo, sizeof(moduleInfo));
				//isNotFromNormalScan=0; // commented to see if Tibia.exe in sometimes not first
				ret = (int)moduleInfo.lpBaseOfDll;
				break;
			}
			if (i == 0) // catches first module in case Tibia.exe does not exist
			{
				MODULEINFO moduleInfo;
				GetModuleInformation(dwHandle, modules[i], &moduleInfo, sizeof(moduleInfo));
				isNotFromNormalScan = 1;
				ret = (int)moduleInfo.lpBaseOfDll;
			}
		}
		free(modules);
		modules = NULL;
	}
	if (isNotFromNormalScan)
		AfxMessageBox("While finding base address, main module was no first or was not named \"Tibia.exe\".");
	if (ret)
	{
		m_prevBaseAddr = ret;
		m_prevProcessIdBase = processId;
	}
	return ret;
}
开发者ID:Wisling,项目名称:tibiaauto,代码行数:55,代码来源:MemUtil.cpp

示例2: GetProcessBaseAddr

int GetProcessBaseAddr()
{
	static HANDLE dwHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, ::GetCurrentProcessId());
	if (dwHandle == NULL)
	{
		CloseHandle(dwHandle);
		AfxMessageBox("Unable to read Tibia memory!");
	}


	int ret = 0;
	int isNotFromNormalScan = 0;
	if (dwHandle)
	{
		unsigned long moduleCount = 0;
		EnumProcessModules(dwHandle, NULL, 0, &moduleCount);
		moduleCount = moduleCount / sizeof(HMODULE);

		HMODULE *modules = (HMODULE*)calloc(moduleCount, sizeof(HMODULE));
		char moduleName[64];
		unsigned long dummy;
		EnumProcessModules(dwHandle, modules, moduleCount * sizeof(HMODULE), &dummy);
		for (size_t i = 0; i < moduleCount; i++)
		{
			GetModuleBaseName(dwHandle, modules[i], moduleName, sizeof(moduleName));
			if (_strcmpi(moduleName, "Tibia.exe") == 0)
			{
				MODULEINFO moduleInfo;
				GetModuleInformation(dwHandle, modules[i], &moduleInfo, sizeof(moduleInfo));
				isNotFromNormalScan = 0; // commented to see if Tibia.exe in sometimes not first
				ret = (int)moduleInfo.lpBaseOfDll;
				break;
			}
			if (i == 0) // catches first module in case Tibia.exe does not exist
			{
				MODULEINFO moduleInfo;
				GetModuleInformation(dwHandle, modules[i], &moduleInfo, sizeof(moduleInfo));
				isNotFromNormalScan = 1;
				ret = (int)moduleInfo.lpBaseOfDll;
			}
		}
		free(modules);
		modules = NULL;
	}
	if (isNotFromNormalScan)
		AfxMessageBox("While finding base address, main module was no first or was not named \"Tibia.exe\".");
	return ret;
}
开发者ID:ArthurRTz,项目名称:tibiaauto,代码行数:48,代码来源:TibiaHooks.cpp

示例3: mainFunction

void mainFunction()
{

	MODULEINFO moduleInfo;
	bool bSuccess;
	MH_STATUS status;

	Log::Init();
	
	GetModuleInformation(GetCurrentProcess(), GetModuleHandle(NULL), &moduleInfo, sizeof(MODULEINFO));
	Log::Write(Log::Type::Debug, "Base address is at: %I64X", moduleInfo.lpBaseOfDll);

	funcToHookOn = Pattern::Scan(moduleInfo, "48 89 5C 24 ? 57 48 83 EC 20 44 0F B7 05 ? ? ? ? 33 D2");
	Log::Write(Log::Type::Debug, "The code is found at: %I64X", funcToHookOn);
	
	status = MH_Initialize();

	Log::Write(Log::Type::Debug, "MinHook intialization was: ", status != MH_STATUS::MH_OK ? "Not successful" : "Successful");

	status = MH_CreateHook((void*)funcToHookOn, hkRETURN_NUMBER_OF_RUNNING_SCRIPT, (void**)&oRETURN_NUMBER_OF_RUNNING_SCRIPT);

	Log::Write(Log::Type::Debug, "MinHook hook creation was: ", status != MH_STATUS::MH_OK ? "Not successful" : "Successful");
	
	status = MH_EnableHook((void*)funcToHookOn);

	Log::Write(Log::Type::Debug, "MinHook enable was: ", status != MH_STATUS::MH_OK ? "Not successful" : "Successful");
	
}
开发者ID:leftas,项目名称:hookNative,代码行数:28,代码来源:main.cpp

示例4: GetModuleHandle

ADDRESS HexSearcher::GetModuleEnd()
{
    MODULEINFO mi;
    HMODULE moduleHandle = GetModuleHandle(NULL);
    GetModuleInformation(GetCurrentProcess(), moduleHandle, &mi, sizeof(mi));
    return (ADDRESS)mi.SizeOfImage + (ADDRESS)moduleHandle;
}
开发者ID:DrEhsan,项目名称:Whiff,代码行数:7,代码来源:HexSearcher.cpp

示例5: genericPatternSearch

bool mod_memory::genericPatternSearch(PBYTE * thePtr, wchar_t * moduleName, BYTE pattern[], ULONG taillePattern, LONG offSetToPtr, char * startFunc, bool enAvant, bool noPtr)
{
    bool resultat = false;
    if(thePtr && pattern && taillePattern)
    {
        if(HMODULE monModule = GetModuleHandle(moduleName))
        {
            MODULEINFO mesInfos;
            if(GetModuleInformation(GetCurrentProcess(), monModule, &mesInfos, sizeof(MODULEINFO)))
            {
                PBYTE addrMonModule = reinterpret_cast<PBYTE>(mesInfos.lpBaseOfDll);

                if(PBYTE addrDebut = startFunc ? reinterpret_cast<PBYTE>(GetProcAddress(monModule, startFunc)) : addrMonModule)
                {
                    if(resultat = mod_memory::searchMemory(addrDebut, enAvant ? (addrMonModule + mesInfos.SizeOfImage) : reinterpret_cast<PBYTE>(mesInfos.lpBaseOfDll), pattern, thePtr, taillePattern, enAvant))
                    {
                        *thePtr += offSetToPtr;
                        if(!noPtr)
                        {
#ifdef _M_X64
                            *thePtr += sizeof(long) + *reinterpret_cast<long *>(*thePtr);
#elif defined _M_IX86
                            *thePtr = *reinterpret_cast<PBYTE *>(*thePtr);
#endif
                        }
                    }
                    else *thePtr = NULL;
                }
            }
        }
    }
    return resultat;
}
开发者ID:BaldyBadgersRunningRoundMyBrain,项目名称:meterpreter,代码行数:33,代码来源:mod_memory.cpp

示例6: DllMain

BOOL APIENTRY DllMain(HMODULE hModule, DWORD reason, LPVOID lpReserved )
{
	if (reason == DLL_PROCESS_ATTACH) {
		Log::Init(hModule);
		DEBUGOUT("FiveMP DLL loaded"); 

		if (!GetModuleInformation(GetCurrentProcess(), GetModuleHandle(0), &g_MainModuleInfo, sizeof(g_MainModuleInfo))) {
			Log::Fatal("Unable to get MODULEINFO from GTA5.exe");
		}

		DEBUGOUT("GTA5 [0x%I64X][0x%X]", g_MainModuleInfo.lpBaseOfDll, g_MainModuleInfo.SizeOfImage);

		hook.StartConsole();
		hook.NoIntro();
		
		hook.Initialize(hModule);
	}
	if (reason == DLL_PROCESS_DETACH) {
		printf("reach end");
		scriptUnregister(hModule);
		printf("reach end 2");
		hook.StopConsole();
	}
	return TRUE;
}
开发者ID:jmsimo-old,项目名称:FiveMP,代码行数:25,代码来源:dllmain.cpp

示例7: GetCurrentProcess

std::wstring Dll::FindConflictingModule() {
    HMODULE hMods[1024];
    DWORD cbNeeded;
    TCHAR moduleName[MAX_PATH];

    auto hProcess = GetCurrentProcess();

    std::wstring conflicting;

    const uint32_t templeImageSize = 0x01EB717E;
    const uint32_t templeDesiredStart = 0x10000000;
    const uint32_t templeDesiredEnd = templeDesiredStart + templeImageSize;

    if (EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbNeeded)) {
        for (uint32_t i = 0; i < (cbNeeded / sizeof(HMODULE)); i++) {
            GetModuleFileName(hMods[i], moduleName, MAX_PATH);
            MODULEINFO moduleInfo;
            GetModuleInformation(hProcess, hMods[i], &moduleInfo, cbNeeded);
            auto fromAddress = reinterpret_cast<uint32_t>(moduleInfo.lpBaseOfDll);
            auto toAddress = fromAddress + moduleInfo.SizeOfImage;
            logger->debug(" Module {}: 0x{:08x}-0x{:08x}", ucs2_to_utf8(moduleName), fromAddress, toAddress);

            if (fromAddress <= templeDesiredEnd && toAddress > templeDesiredStart) {
                conflicting = fmt::format(L"{} (0x{:08x}-0x{:08x})", moduleName, fromAddress, toAddress);
            }
        }
    }

    CloseHandle(hProcess);

    return conflicting;
}
开发者ID:ema29,项目名称:TemplePlus,代码行数:32,代码来源:dll.cpp

示例8: ZeroMemory

void AbstractBTGenerator::LoadSymbols()
{
    TModulesMap modules = m_process.GetModules();
    for (TModulesMap::iterator i = modules.begin(); i != modules.end(); i++)
    {
        MODULEINFO modInfo;
        ZeroMemory(&modInfo, sizeof(modInfo));

        QString strModule = i.key();

        GetModuleInformation(m_process.GetHandle(), i.value(), &modInfo, sizeof(modInfo));
        SymLoadModuleEx(
            m_process.GetHandle(),
            NULL,
            (CHAR*) i.key().toLatin1().constData(),
            (CHAR*) i.key().toLatin1().constData(),
            (DWORD64) modInfo.lpBaseOfDll,
            modInfo.SizeOfImage,
            NULL,
            0);

        LoadSymbol(strModule, (DWORD64) modInfo.lpBaseOfDll);

        if (!IsSymbolLoaded(strModule))
        {
            emit MissingSymbol(strModule);
        }
    }

    emit DebugLine(QString());
}
开发者ID:Kicer86,项目名称:photobroom,代码行数:31,代码来源:abstract_generator.cpp

示例9: sizeof

bool CallStack::loadAllModules()
{
#ifdef WIN32
    DWORD dwNeeded = 0;
    if (!EnumProcessModules(hProcess, hModule, sizeof(hModule), &dwNeeded)) return false;

    const int iCount = dwNeeded / sizeof(HMODULE);

    for (int i = 0; i < iCount; ++i)
    {
        MODULEINFO info;

        GetModuleInformation(hProcess, hModule[i], &info, sizeof(info));
        GetModuleFileNameEx(hProcess, hModule[i], szImageName, iMax);
        GetModuleBaseName(hProcess, hModule[i], szModuleName, iMax);

#ifdef X64
        SymLoadModule64(hProcess, hModule[i], szImageName, szModuleName, (DWORD64)info.lpBaseOfDll, info.SizeOfImage);
#else
        SymLoadModule(hProcess, hModule[i], szImageName, szModuleName, (DWORD)info.lpBaseOfDll, info.SizeOfImage);
#endif
    }
#endif
    return true;
}
开发者ID:lwch,项目名称:QLanguage,代码行数:25,代码来源:callstack.cpp

示例10: EngineGetModuleBaseRemote

ULONG_PTR EngineGetModuleBaseRemote(HANDLE hProcess, ULONG_PTR APIAddress)
{
    if(!hProcess) //no process specified
    {
        if(!dbgProcessInformation.hProcess)
            hProcess = GetCurrentProcess();
        else
            hProcess = dbgProcessInformation.hProcess;
    }
    DWORD cbNeeded = 0;
    if(EnumProcessModules(hProcess, 0, 0, &cbNeeded))
    {
        HMODULE* hMods = (HMODULE*)malloc(cbNeeded * sizeof(HMODULE));
        if(EnumProcessModules(hProcess, hMods, cbNeeded, &cbNeeded))
        {
            for(unsigned int i = 0; i < cbNeeded / sizeof(HMODULE); i++)
            {
                MODULEINFO modinfo;
                memset(&modinfo, 0, sizeof(MODULEINFO));
                if(GetModuleInformation(hProcess, hMods[i], &modinfo, sizeof(MODULEINFO)))
                {
                    ULONG_PTR start = (ULONG_PTR)hMods[i];
                    ULONG_PTR end = start + modinfo.SizeOfImage;
                    if(APIAddress >= start && APIAddress < end)
                        return start;
                }
            }
        }
        free(hMods);
    }
    return 0;
}
开发者ID:brock7,项目名称:TitanEngine,代码行数:32,代码来源:Global.Engine.Importer.cpp

示例11: GetKernelProcAddress

// ------------------------------------------------------------------
// GetKernelProcAddress()
// ------------------------------------------------------------------
 LPVOID 
GetKernelProcAddress(PCHAR KernelModule, PCHAR FunctionName)
{
  // Load the module
  HMODULE hModule = LoadLibraryExA(KernelModule, NULL, DONT_RESOLVE_DLL_REFERENCES);
  if(hModule == NULL)
    return NULL;

  // Get address
  LPVOID pFunction = (LPVOID)GetProcAddress(hModule, FunctionName);
  if(pFunction == NULL)
    return NULL;

  // Get base address in ring0
  MODULEINFO ModuleInfo;
  if(!GetModuleInformation(GetCurrentProcess(), hModule, &ModuleInfo, sizeof(ModuleInfo)))
    return NULL;

  // Caclc ring0 VA and return
 // printf("addrees of %p GetDriverImageBase is\r\n ",GetDriverImageBase(KernelModule));
  //  printf("addrees of %p hModule is \r\n",hModule);
	//  printf("addrees of %p pFunction is\r\n ",pFunction);

  return (LPVOID)((CHAR*)pFunction - (CHAR*)hModule + (CHAR*)GetDriverImageBase(KernelModule));
}
开发者ID:Strongc,项目名称:WinIo-Vidix,代码行数:28,代码来源:util.cpp

示例12: GetModuleInformation

// Thanks to kurta999 - YSF project
DWORD CUtils::FindPattern(char *szPattern, char *szMask)
{
#ifdef WIN32
	// Get the current process information
	MODULEINFO mInfo = {0};
	GetModuleInformation(GetCurrentProcess(), GetModuleHandle(NULL), &mInfo, sizeof(MODULEINFO));
	// Find the base address 
	DWORD dwBase = (DWORD)mInfo.lpBaseOfDll;
	DWORD dwSize =  (DWORD)mInfo.SizeOfImage;
#else
	DWORD dwBase = 0x804b480;
	DWORD dwSize = 0x8128B80 - dwBase;
#endif
	// Get the pattern length
	DWORD dwPatternLength = (DWORD)strlen(szMask);
	// Loop through all the process
	for(DWORD i = 0; i < dwSize - dwPatternLength; i++)
	{
		bool bFound = true;
		// Loop through the pattern caracters
		for (DWORD j = 0; j < dwPatternLength; j++)
			bFound &= szMask[j] == '?' || szPattern[j] == *(char*)(dwBase + i + j);

		// If found return the current address
		if(bFound) 
			return dwBase + i;
	}
	// Return null
	return NULL;
} 
开发者ID:OrMisicL,项目名称:FCNPC,代码行数:31,代码来源:Utils.cpp

示例13: searchLiveGlobalLogonSessionList

bool mod_mimikatz_sekurlsa_livessp::searchLiveGlobalLogonSessionList()
{
#ifdef _M_X64
	BYTE PTRN_WALL_LiveUpdatePasswordForLogonSessions[]	= {0x48, 0x83, 0x65, 0xdf, 0x00, 0x48, 0x83, 0x65, 0xef, 0x00, 0x48, 0x83, 0x65, 0xe7, 0x00};
#elif defined _M_IX86
	BYTE PTRN_WALL_LiveUpdatePasswordForLogonSessions[]	= {0x89, 0x5d, 0xdc, 0x89, 0x5d, 0xe4, 0x89, 0x5d, 0xe0};
#endif
	LONG OFFS_WALL_LiveUpdatePasswordForLogonSessions	= -(5 + 4);

	if(mod_mimikatz_sekurlsa::searchLSASSDatas() && pModLIVESSP && !LiveGlobalLogonSessionList)
	{
	
		PBYTE *pointeur = reinterpret_cast<PBYTE *>(&LiveGlobalLogonSessionList);
		if(HMODULE monModule = LoadLibrary(L"livessp"))
		{
			MODULEINFO mesInfos;
			if(GetModuleInformation(GetCurrentProcess(), monModule, &mesInfos, sizeof(MODULEINFO)))
			{
				mod_memory::genericPatternSearch(pointeur, L"livessp", PTRN_WALL_LiveUpdatePasswordForLogonSessions, sizeof(PTRN_WALL_LiveUpdatePasswordForLogonSessions), OFFS_WALL_LiveUpdatePasswordForLogonSessions);
				*pointeur += pModLIVESSP->modBaseAddr - reinterpret_cast<PBYTE>(mesInfos.lpBaseOfDll);
			}
			FreeLibrary(monModule);
		}
	}
	return (pModLIVESSP && LiveGlobalLogonSessionList);
}
开发者ID:S3ize,项目名称:meterpreter,代码行数:26,代码来源:livessp.cpp

示例14: GetModuleInformation

		uintptr_t MemoryAccess::FindPattern(const char *pattern, const char *mask)
		{
			MODULEINFO module = { };
			GetModuleInformation(GetCurrentProcess(), GetModuleHandle(nullptr), &module, sizeof(MODULEINFO));

			const char *address = reinterpret_cast<const char *>(module.lpBaseOfDll), *address_end = address + module.SizeOfImage;
			const size_t mask_length = static_cast<size_t>(strlen(mask) - 1);

			for (size_t i = 0; address < address_end; address++)
			{
				if (*address == pattern[i] || mask[i] == '?')
				{
					if (mask[i + 1] == '\0')
					{
						return reinterpret_cast<uintptr_t>(address) - mask_length;
					}

					i++;
				}
				else
				{
					i = 0;
				}
			}

			return 0;
		}
开发者ID:BlackCoyote,项目名称:scripthookvdotnet,代码行数:27,代码来源:NativeMemory.cpp

示例15: GetModuleSize

BOOL GetModuleSize(HMODULE hModule, LPVOID* lplpBase, LPDWORD lpdwSize) 
{
	if (hModule == GetModuleHandle(NULL)) 
	{
		PIMAGE_NT_HEADERS pImageNtHeaders = ImageNtHeader((PVOID)hModule);

		if (pImageNtHeaders == NULL)
		{
			return FALSE;
		}

		*lplpBase = (LPVOID)hModule;

		*lpdwSize = pImageNtHeaders->OptionalHeader.SizeOfImage;
	} 
	else 
	{
		MODULEINFO  ModuleInfo;

		if (!GetModuleInformation(GetCurrentProcess(), hModule, &ModuleInfo, sizeof(MODULEINFO)))
		{
			return FALSE;
		}

		*lplpBase = ModuleInfo.lpBaseOfDll;

		*lpdwSize = ModuleInfo.SizeOfImage;
	}
	return TRUE;
}
开发者ID:PrinceFroggy,项目名称:DDT,代码行数:30,代码来源:functions.cpp


注:本文中的GetModuleInformation函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。