让我说这是我第一次尝试正确的内存读写应用程序。写作功能还没有实现,但它会及时到来。只是不要激怒我的代码。
首先是完整的程序,所以每个人都可以看到(不要评论我的"错误的编码选择",事情是有效的,我得到了流程句柄和ID就好了)
import ctypes
from ctypes import wintypes
from time import *
import win32ui, win32process ,win32api
PROCESS_ALL_ACCESS = 0x1F0FFF
ReadProcessMemory = ctypes.WinDLL('kernel32',use_last_error=True).ReadProcessMemory
ReadProcessMemory.argtypes = [wintypes.HANDLE,wintypes.LPCVOID,wintypes.LPVOID,ctypes.c_size_t,ctypes.POINTER(ctypes.c_size_t)]
ReadProcessMemory.restype = wintypes.BOOL
WriteProcessMemory = ctypes.WinDLL('kernel32',use_last_error=True).WriteProcessMemory
WriteProcessMemory.argtypes = [wintypes.HANDLE,wintypes.LPVOID,wintypes.LPCVOID,ctypes.c_size_t,ctypes.POINTER(ctypes.c_size_t)]
WriteProcessMemory.restype = wintypes.BOOL
def main():
WindowName = input("Enter the window name: ")
if (len(WindowName) > 0):
Process, pID = attach(WindowName)
Choice = input("Read or Write?").lower()
if (Choice == "write"):
#DoWriteMethod
pass
if (Choice == "read"):
Read(Process)
else:
print("Invalid Window Name!\n\n")
sleep(2)
return 0
def attach(WindowName):
try:
hWnd = win32ui.FindWindow(None,WindowName).GetSafeHwnd()
except:
print("Window not found!\n\n")
sleep(2)
return 0,0
pID = win32process.GetWindowThreadProcessId(hWnd)[1]
Process = win32api.OpenProcess(PROCESS_ALL_ACCESS,0,pID).handle
print("\nProcess = ", Process)
print("ProcessID = ", pID)
return Process,pID
def Write():
return 0
def Read(Process):
Address = input("Enter the address in hexadecial (0x form) \n")
if (Address[0] == "0" and Address[1] == "x"):
BufferAddress = ctypes.create_string_buffer(64)
ptr = ctypes.pointer(BufferAddress)
ReadProcessMemory(Process,Address,BufferAddress,64,None)
print("Pointer contains: ", BufferAddress, "\n\n")
main()
else:
print("Invalid address!\n\n")
sleep(2)
Read(Process)
return 0
if (main() == 0):
main()
if (main() == 1):
exit(0)
在第54行,我创建了一个' ctype.create_string_buffer(64)'
然后我在ReadProcessMemory中使用它,其中应该存储值,但每当我在第57行打印它时它只返回以下内容:
Enter the window name: New Tab - Google Chrome
Process = 608
ProcessID = 2844
Read or Write?Read
Enter the address in hexadecial (0x form)
0x1A6606BE380
Pointer contains: <ctypes.c_char_Array_64 object at 0x000001A0101D78C8>
我知道这个值应该是90(在作弊引擎中找到一个随机地址)所以它必须包含值90?我怎么能找到这个值。
我正在使用Python 3.5.0以及
中相应的win32模块包&#39; pip install pypiwin32&#39;
答案 0 :(得分:0)
您正在打印该对象。打印内容:
>>> import ctypes
>>> BufferAddress = ctypes.create_string_buffer(64)
>>> print(BufferAddress)
<ctypes.c_char_Array_64 object at 0x0000000003124248>
>>> dir(BufferAddress)
['__class__', '__ctypes_from_outparam__', '__delattr__', '__delitem__', '__dict__', '__dir__', '__doc__', '__eq__', '__f
ormat__', '__ge__', '__getattribute__', '__getitem__', '__gt__', '__hash__', '__init__', '__le__', '__len__', '__lt__',
'__module__', '__ne__', '__new__', '__reduce__', '__reduce_ex__', '__repr__', '__setattr__', '__setitem__', '__setstate_
_', '__sizeof__', '__str__', '__subclasshook__', '__weakref__', '_b_base_', '_b_needsfree_', '_length_', '_objects', '_t
ype_', 'raw', 'value']
>>> BufferAddress.raw
b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x
00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x
00\x00\x00\x00\x00'
>>> BufferAddress.raw[0]
0