问题:
Traceback(最近一次调用最后一次):文件“C:\ Users \ Nutzer \ Google Drive \ Code \ Code \ memory_read.py“,第26行,in byref(bytesRead))ctypes.ArgumentError:参数2 :: long int转换太久
代码:
from ctypes import *
from ctypes.wintypes import *
PID = 4016
address = 0x6C532407C
OpenProcess = windll.kernel32.OpenProcess
ReadProcessMemory = windll.kernel32.ReadProcessMemory
CloseHandle = windll.kernel32.CloseHandle
PROCESS_ALL_ACCESS = 0x1F0FFF
datadummy = b'.'*200
buffer = c_char_p(datadummy)
bufferSize = len(buffer.value)
bytesRead = c_ulong(0)
processHandle = OpenProcess(PROCESS_ALL_ACCESS, False, int(PID))
ReadProcessMemory(processHandle,
address,
buffer,
bufferSize,
byref(bytesRead))
CloseHandle(processHandle)
我尝试将bytesRead = c_ulong(0)更改为其他一些ctypes,但没有成功。我在Windows 8.1系统64位。经过数小时的搜索,我无法找到任何解决方案或类似的问题。有人知道这里有什么不对吗?
答案 0 :(得分:0)
经过长时间的失败和错误后,我终于得到了答案。
from ctypes import *
from ctypes.wintypes import *
import ctypes
OpenProcess = windll.kernel32.OpenProcess
ReadProcessMemory = windll.kernel32.ReadProcessMemory
CloseHandle = windll.kernel32.CloseHandle
PROCESS_ALL_ACCESS = 0x1F0FFF
pid = 2320
address = 0x00C98FCC
buffer = c_char_p(b"The data goes here")
val = c_int()
bufferSize = len(buffer.value)
bytesRead = c_ulong(0)
processHandle = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
if ReadProcessMemory(processHandle, address, buffer, bufferSize, byref(bytesRead)):
memmove(ctypes.byref(val), buffer, ctypes.sizeof(val))
print("Success: " + str(val.value))
else:
print("Failed.")
CloseHandle(processHandle)