WriteProcessMemory()错误998

时间:2016-09-27 19:32:38

标签: c++

我在error 998 (access denied)中使用writeprocessmemory获取C++。 我不知道自己做错了什么。

这是我的一些代码:

DWORD ProcessId;
        GetWindowThreadProcessId(WindowHandle, &ProcessId); //pID
        if (ProcessId) {}
        else {
            cout << "ERROR! Process ID Could not be received." << endl;
            return 0;
        }

        //Get the Process Handle
        HANDLE ProcessHandle = OpenProcess(PROCESS_ALL_ACCESS, false, ProcessId);
        if (ProcessId) {}
        else {
            cout << "ERROR! Process Handle could not be received." << endl;
            return 0;
        }

        //Get it done with.
        bool MemWritten = WriteProcessMemory(ProcessHandle, Address, &NewValue, sizeof(NewValue), NULL);

        //Close the process handle to prevent memory leak.
        CloseHandle(ProcessHandle);

2 个答案:

答案 0 :(得分:0)

在写入进程内存之前,应该使用VirtualAllocEx保留一些内存页面。

样品:

LPVOID lpRemoteAddress = VirtualAllocEx( hProcess, 0, 4096, MEM_RESERVE|MEM_COMMIT, PAGE_EXECUTE_READWRITE );
if( !lpRemoteAddress )
{
  return;
}
WriteProcessMemory( hProcess, lpRemoteAddress, .... /*your params here*/ )

答案 1 :(得分:0)

您无权修改可执行内存。您必须通过以管理员身份运行程序并将对WriteProcessMemory()的调用与对VirtualProtectEx()的调用包装在一起来修改权限。

void PatchEx(BYTE* dst, BYTE* src, unsigned int size, HANDLE hProcess)
{
    DWORD oldprotect;
    VirtualProtectEx(hProcess, dst, size, PAGE_EXECUTE_READWRITE, &oldprotect);
    WriteProcessMemory(hProcess, dst, src, size, nullptr);
    VirtualProtectEx(hProcess, dst, size, oldprotect, &oldprotect);
}

使用这样的功能可确保您始终将其更改为具有写权限。

相关问题
最新问题