本文整理汇总了C++中ReadProcessMemory函数的典型用法代码示例。如果您正苦于以下问题:C++ ReadProcessMemory函数的具体用法?C++ ReadProcessMemory怎么用?C++ ReadProcessMemory使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了ReadProcessMemory函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: DumpBtn
void DumpBtn( const char * filename )
{
if ( IsOk( ) && GetBtnAddr( ) > 1000 )
{
FILE *fp;
fopen_s( &fp , filename , "wb" );
if ( fp )
{
unsigned char buffer[ 520 ];
if ( ReadProcessMemory( GetCurrentProcess( ) , ( void * ) ( GetBtnAddr( ) ) , &buffer , 520 , 0 ) )
{
fwrite( buffer , 1 , 520 , fp );
}
fclose( fp );
}
}
}示例2: writeBreak
void CEException::dumpContext(HANDLE file, HANDLE hProcess, CONTEXT *context) {
char tempo[200];
unsigned char memoryDump[100];
DWORD size;
unsigned int i;
#ifdef ARM
writeBreak(file);
writeString(file, "Context dump");
sprintf(tempo, "R0=%.8x R1=%.8x R2=%.8x R3=%.8x R4=%.8x", context->R0, context->R1,
context->R2, context->R3, context->R4);
writeString(file, tempo);
sprintf(tempo, "R5=%.8x R6=%.8x R7=%.8x R8=%.8x R9=%.8x", context->R5, context->R6,
context->R7, context->R8, context->R9);
writeString(file, tempo);
sprintf(tempo, "R10=%.8x R11=%.8x R12=%.8x", context->R10, context->R11,
context->R12);
writeString(file, tempo);
sprintf(tempo, "Sp=%.8x Lr=%.8x Pc=%.8x Psr=%.8x", context->Sp, context->Lr,
context->Pc, context->Psr);
writeString(file, tempo);
writeBreak(file);
sprintf(tempo, "Memory dump at %.8x", context->Pc - (sizeof(memoryDump) / 2));
writeString(file, tempo);
if (ReadProcessMemory(hProcess, (LPCVOID)(context->Pc - (sizeof(memoryDump) / 2)), memoryDump, sizeof(memoryDump), &size)) {
for (i = 0; i < size; i += 8) {
int j;
char digit[4];
int max;
max = size - i;
if (max > 8)
max = 8;
tempo[0] = '\0';
for (j = 0; j < max; j++) {
sprintf(digit, "%.2x ", memoryDump[i + j]);
strcat(tempo, digit);
}
writeString(file, tempo);
}
}
#else
writeBreak(file);
writeString(file, "Context dump only available on ARM devices");
#endif
}示例3: CT_cbMagicValue
void CT_cbMagicValue()
{
DeleteHardwareBreakPoint(UE_DR1);
unsigned int retrieve_addr=GetContextData(UE_EBP)-magic_ebp_sub-4;
unsigned int magic_values[2]= {0};
if(!ReadProcessMemory(fdProcessInfo->hProcess, (void*)retrieve_addr, magic_values, 8, 0))
{
CT_FatalError(rpmerror());
return;
}
CT_cert_data->magic1=magic_values[0];
CT_cert_data->magic2=magic_values[1];
if(end_big_loop)
SetBPX(magic_byte, UE_BREAKPOINT, (void*)CT_cbMagicJump);
else
CT_RetrieveSaltValue();
}示例4: getProcessImageInformation
void ProcessLister::getProcessImageInformation( HANDLE hProcess, Process* process )
{
DWORD_PTR readImagebase = 0;
process->imageBase = 0;
process->imageSize = 0;
if (hProcess && process->pebAddress)
{
PEB_CURRENT * peb = (PEB_CURRENT *)process->pebAddress;
if (ReadProcessMemory(hProcess, &peb->ImageBaseAddress, &readImagebase, sizeof(DWORD_PTR), 0))
{
process->imageBase = readImagebase;
process->imageSize = (DWORD)ProcessAccessHelp::getSizeOfImageProcess(hProcess, process->imageBase);
}
}
}示例5: memset
char *getSourceName(HWND hwnd)
{
HANDLE hProcess;
DWORD processid;
char filename[MAX_PATH], *pname;
SIZE_T bread;
//HWND hdlgPE;
memset(filename, 0, MAX_PATH);
GetWindowThreadProcessId(hwnd, &processid);
hProcess = OpenProcess(PROCESS_VM_READ, FALSE, processid);
// hdlgPE=SendMessage(hwnd,WM_WA_IPC,IPC_GETWND_PE,IPC_GETWND);
pname=(char*)SendMessage(hwnd,WM_WA_IPC,SendMessage(hwnd,WM_WA_IPC,0,IPC_GETLISTPOS),IPC_GETPLAYLISTFILE);
ReadProcessMemory(hProcess, pname, filename, MAX_PATH, &bread);
CloseHandle(hProcess);
return strdup(filename);
}示例6: OpenProcess
void InspectMemory::OnInspectbut()
{
// TODO: Add your control notification handler code here
char address_str[9];
m_edit1.GetWindowText(address_str, 9);
if (address_str[0]==0) return;
char size_str[9];
m_edit_2.GetWindowText(size_str, 9);
if (size_str[0]==0) return;
unsigned int caddress = GenericPurposeMethods::ConvertHexStringToInt(address_str);
int size = GenericPurposeMethods::StringToNumber(size_str);
HANDLE hProcess = OpenProcess( PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
FALSE, processid);
if (hProcess==NULL)
return;
unsigned long dwTotalRead;
char* valuestr = new char[1];
valuestr[0] = 00;
unsigned char* valbytes = new unsigned char[size];
int isok = ReadProcessMemory(hProcess, (LPVOID)caddress, valbytes,
size, &dwTotalRead);
if (isok != 0) // if read didn't failed
{
valuestr = GenericPurposeMethods::BytesToString(valbytes, size, CString(_T("bytes")).GetBuffer(0), CString(_T("hexadecimal")).GetBuffer(0));
}
else
{
valuestr = _T("Read failed!!!");
}
m_result_edit.SetWindowText(valuestr);
}示例7: LLOG
bool Pdb::AddBp(adr_t address)
{
LLOG("AddBp: " << Hex(address));
if(bp_set.Find(address) >= 0)
return true;
byte prev;
if(!ReadProcessMemory(hProcess, (LPCVOID) address, &prev, 1, NULL))
return false;
LLOG("ReadProcessMemory OK");
byte int3 = 0xcc;
if(!WriteProcessMemory(hProcess, (LPVOID) address, &int3, 1, NULL))
return false;
LLOG("WriteProcessMemory OK");
// FlushInstructionCache (hProcess, (LPCVOID)address, 1);
bp_set.Put(address, prev);
return true;
}示例8: GetBody
void CBody::Write(HANDLE hProcess,void* entrypiont,const char* dllname)
{
m_process=hProcess;
m_entrypoint=(DWORD)entrypiont;
GetBody(dllname);
DBGTRACE("infect %d %08x,'%s' witch %d\n",hProcess,entrypiont,dllname,m_body.size());
DWORD old;
VirtualProtectEx(hProcess,(LPVOID)entrypiont,m_body.size(),PAGE_EXECUTE_READWRITE,&old);
DWORD read,write;
m_bodybak.resize(m_body.size());
ReadProcessMemory(hProcess,(LPVOID)entrypiont,&m_bodybak.front(),m_bodybak.size(),&read);
WriteProcessMemory(hProcess,(LPVOID)entrypiont,&m_body.front(),m_body.size(),&write);
VirtualProtectEx(hProcess,(LPVOID)entrypiont,m_body.size(),old,&old);
}示例9: DbgProcessRequest
/**
* Process session request
*
* This service implements the OS independent API for sending requests to the environment.
* This session is Windows specific and so will call the operating system. The NDBG executive
* session manager would send requests over PIPE to NDBG executive debugger server instead.
*
* \param request Session request
* \param session Debug session
* \param addr Optional data address
* \param data Optional data buffer
* \param size Optional data buffer size
* \ret The number of bytes read or written OR TRUE on success, FALSE on failure depending on request
*
*/
unsigned long DbgProcessRequest (IN dbgProcessReq request, IN dbgSession* session,
IN OPT void* addr, IN OUT OPT void* data, IN OPT size_t size) {
switch(request) {
case DBG_REQ_READ: {
unsigned long bytesRead = 0;
ReadProcessMemory ((HANDLE)session->process.process,(LPCVOID) addr,data,size, &bytesRead);
if (bytesRead==0)
DbgDisplayError("Unable to read process memory. Error code: 0x%x", GetLastError());
return bytesRead;
}
case DBG_REQ_WRITE: {
unsigned long bytesRead = 0;
WriteProcessMemory ((HANDLE)session->process.process,(LPCVOID) addr,data,size, &bytesRead);
if (bytesRead==0)
DbgDisplayError("Unable to write process memory. Error code: 0x%x", GetLastError());
return bytesRead;
}
case DBG_REQ_GETCONTEXT: {
CONTEXT context;
context.ContextFlags = CONTEXT_ALL;
if (! GetThreadContext ((HANDLE)session->process.thread, &context))
return FALSE;
DbgContextFromWin32 (&context, (dbgContext*)data);
return TRUE;
}
case DBG_REQ_SETCONTEXT: {
return SetThreadContext ((HANDLE)session->process.thread, (LPCONTEXT)data);
}
case DBG_REQ_CONTINUE: {
if (ResumeThread ((HANDLE)session->process.thread) == -1)
return FALSE;
return TRUE;
}
case DBG_REQ_BREAK: {
return DebugBreakProcess ((HANDLE)session->process.process);
}
case DBG_REQ_STOP:
default:
printf ("\nDBG_REQ_STOP Not implemented");
return 0;
};
}示例10: uc
JsBuffer* JsDbg::BufReadProcessMemory(BYTE* address, SIZE_T length)
{
BYTE* buffer = NULL;
DWORD old = 0;
try
{
UnprotectMemory uc(p_hnd, address, length, PAGE_EXECUTE_READWRITE);
buffer = (BYTE*) malloc(sizeof(BYTE) * length);
assert(buffer != NULL);
printf("C++: memory alloc'ed\n");
{
SIZE_T current_length = length, count = 0;
BYTE* ptr_buffer = buffer;
while(current_length > 0){
if(!ReadProcessMemory(p_hnd, address, ptr_buffer, current_length, &count)){
if(count == 0){
throw "Error reading process'es memory!";
} // else: all data ok!
}
current_length -= count;
ptr_buffer += count;
address += count;
}
}
} catch (char* s) {
printf("C++: Caught exception %s!\n", s);
if(buffer != NULL)
{
free(buffer);
}
}
if(buffer != NULL && length > 0) {
return new JsBuffer(buffer, length);
} else {
return NULL;
}
}示例11: main
int main(){
int pid = 0;
HANDLE hproc = 0;
int buf;
int nRead, nWrite;
char *s = "Hello.exe";
if (argc < 2) {
printf("Usage: %s pid\n", argv[0]);
return -1;
}
pid = atoi(argv[1]);
if (pid <= 0) {
printf("[E]: pid must be positive (pid>0)!\n");
return -2;
}
hproc = OpenProcess(PROCESS_QUERY_INFORMATION
| PROCESS_VM_READ
| PROCESS_VM_WRITE
| PROCESS_VM_OPERATION, 0, pid);
if (!ReadProcessMemory(hproc,
pRemote, &buf, 4, &nRead)) {
printf("[E]: Read DWORD from remote process failed at 0x%08x!\n", pRemote);
}
else {
printf("[I]: Read DWORD from remote process (%d) from 0x%08x --> 0x%08x \n", pid, pRemote, buf);
}
printf("nRead:%08x\n",nRead);
if (!WriteProcessMemory(hproc,
pRemote, s, strlen(s)+1, &nWrite)) {
printf("[E]: Write string to remote process failed at 0x%08x!\n", pRemote);
} else {
printf("[I]: Write string (size: %d) to remote process at 0x%08x.\n", nWrite, pRemote);
}
if (!CloseHandle(hproc)) {
printf("[E]: Process (%d) cannot be closed !\n", pid);
return 2;
};
printf("[I]: Process (%d) is closed. \n", pid);
return 0;
}示例12: FindSignature
Address FindSignature(BYTE* signature, const std::string& mask, const Address start, const Address end, bool search_rewind, HANDLE my_proc)
{
Address curr_addr = start;
size_t mask_size = mask.size();
BYTE buf[BUF_SCAN_SIZE];
size_t current_size = 0;
while(curr_addr < end)
{
MEMORY_BASIC_INFORMATION mbi;
if(!VirtualQueryEx(my_proc, reinterpret_cast<PVOID>(curr_addr), &mbi, sizeof(MEMORY_BASIC_INFORMATION))) {
return NULL;
}
Address end = reinterpret_cast<Address>(mbi.BaseAddress) + mbi.RegionSize;
size_t remainder = end - curr_addr;
if(remainder > BUF_SCAN_SIZE) {
remainder = BUF_SCAN_SIZE;
}
if(mbi.State == MEM_COMMIT)
{
if(current_size < remainder) {
current_size = remainder;
}
if(!ReadProcessMemory(my_proc, reinterpret_cast<PVOID>(curr_addr), buf, remainder, NULL)) {
curr_addr += remainder;
continue;
}
BYTE* ptr = _FindPattern(buf, remainder, signature, mask, search_rewind);
Address actptr = (curr_addr+(ptr-buf));
if(ptr != NULL) {
return actptr;
}
}
curr_addr += remainder;
}
return NULL;
}示例13: HookFunction
DWORD HookFunction(LPCSTR lpModule, LPCSTR lpFuncName, LPVOID lpFunction, unsigned char *lpBackup)
{
DWORD dwAddr = (DWORD)GetProcAddress(GetModuleHandle(lpModule), lpFuncName);
BYTE jmp[6] = { 0xe9, //jmp
0x00, 0x00, 0x00, 0x00, //address
0xc3
}; //retn
ReadProcessMemory(GetCurrentProcess(), (LPVOID)dwAddr, lpBackup, 6, 0);
DWORD dwCalc = ((DWORD)lpFunction - dwAddr - 5); //((to)-(from)-5)
memcpy(&jmp[1], &dwCalc, 4); //build the jmp
WriteProcessMemory(GetCurrentProcess(), (LPVOID)dwAddr, jmp, 6, 0);
return dwAddr;
}示例14: ReadProcessMemory
/// <summary>
/// Get WOW64 TEB
/// </summary>
/// <param name="ppeb">Retrieved TEB</param>
/// <returns>TEB pointer</returns>
ptr_t NativeWow64::getTEB( HANDLE hThread, _TEB32* pteb )
{
// Target process is x64. TEB32 is not available.
if (_wowBarrier.targetWow64 == false)
{
return 0;
}
else
{
_THREAD_BASIC_INFORMATION_T<DWORD> tbi = { 0 };
ULONG bytes = 0;
if (NT_SUCCESS( SAFE_NATIVE_CALL( NtQueryInformationThread, hThread, (THREADINFOCLASS)0, &tbi, (ULONG)sizeof( tbi ), &bytes ) ) && pteb)
ReadProcessMemory( _hProcess, (LPCVOID)((uintptr_t)tbi.TebBaseAddress), pteb, sizeof( _TEB32 ), nullptr );
return static_cast<ptr_t>(tbi.TebBaseAddress);
}
}示例15: sigar_rtl_get
static int sigar_rtl_get(sigar_t *sigar, HANDLE proc,
RTL_USER_PROCESS_PARAMETERS *rtl)
{
PEB peb;
int status = sigar_pbi_get(sigar, proc, &peb);
DWORD size=sizeof(*rtl);
if (status != SIGAR_OK) {
return status;
}
if (ReadProcessMemory(proc, peb.ProcessParameters, rtl, size, NULL)) {
return SIGAR_OK;
}
else {
return GetLastError();
}
}