我正在尝试使用FP例程,但它不起作用......为什么? 这是我的代码:
int output = FindPattern(0x0042A000, 0x2000, "\x68\x00\x00\x00\x00\xFF\x76\x08\x89\x46\x44", "x????xxxxxx");
if (output > -1) {
ReadProcessMemory(hProcHandle, (PVOID)address, &value2, sizeof(value2), NULL);
}
Function:
int FindPattern(int start_offset, int size, const char * pattern, const char * mask)
{
int pos = 0;
for (int retAddress = start_offset; retAddress < start_offset + size; retAddress++)
{
if (*(const char*)retAddress == pattern[pos] || mask[pos] == '?')
{
if (mask[pos+1] == '\0')
return retAddress+1;
pos++;
}
else
pos = 0;
}
return -1;
}
我也尝试过:
DWORD output = FindPattern(hProcHandle, "\x68\x00\x00\x00\x00\xFF\x76\x08\x89\x46\x44", "x????xxxxxx");
bool VerifyAddress(HANDLE hwnd, DWORD dwAddress, char *bMask, char *szMask )
{
PBYTE *pTemp = { 0 };
for ( int i = 0; *szMask; ++szMask, ++bMask, ++i )
{
if ( !ReadProcessMemory( hwnd, reinterpret_cast<LPCVOID>(dwAddress + i), &pTemp, sizeof(pTemp), 0 ) ){
return false;
}
if ( *szMask == 'x' && (char)pTemp != *bMask){
return false;
}
}
return true;
}
DWORD FindPattern(HANDLE hwnd, char* bMask, char *szMask )
{
for ( DWORD dwCurrentAddress = 0x4FFFFFF; dwCurrentAddress < 0x7FFFFFF; dwCurrentAddress++ ){
if ( VerifyAddress( hwnd, dwCurrentAddress, bMask, szMask )) {
return dwCurrentAddress;
}
}
但是使用这些代码我总是
Program.exe中0x01034BB1处的未处理异常:0xC0000005:Access 违规阅读地点0x02343DA2。
答案 0 :(得分:0)
此代码:
int output = FindPattern(0x0042A000, 0x2000,
表示您正在使用进程的本地地址0x0042A000,因此您将迭代进程中的一些随机地址,即未定义行为,并以异常结束。
ReadProcessMemory将指定的内存从其他进程复制到您的进程并存储在您在此函数调用中提供的内存缓冲区中作为lpBuffer参数。