C#读取进程内存 - 未知错误

时间:2016-11-16 22:42:50

标签: c# memory readprocessmemory

我试图从游戏中读取内存,这样我就能获得一些价值并成为一个好的机器人。 但我总是返回int 0,我没有发现任何错误。 这是我第一次尝试用C#编写这些东西,希望我们能找到解决方案,感谢您的回答。

PS:如果我尝试读取内存的软件是“以管理员权限运行”,则会出现错误:“UInt32 Base =(UInt32)game.MainModule.BaseAddress.ToInt32();”。

这是代码:

public partial class Form1 : Form
{
    public Form1()
    {
        InitializeComponent();
    }


    [DllImport("kernel32.dll")]
    public static extern Int32 ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress,
    [In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesRead);

    public static byte[] ReadBytes(IntPtr Handle, Int64 Address, uint BytesToRead)
    {
        IntPtr ptrBytesRead;
        byte[] buffer = new byte[BytesToRead];
        ReadProcessMemory(Handle, new IntPtr(Address), buffer, BytesToRead, out ptrBytesRead);
        return buffer;
    }

    public static int ReadInt32(long Address, uint length = 4, IntPtr? Handle = null)
    {
        return BitConverter.ToInt32(ReadBytes((IntPtr)Handle, Address, length), 0);
    }

    public static string ReadString(long Address, uint length = 32, IntPtr? Handle = null)
    {
        string temp3 = ASCIIEncoding.Default.GetString(ReadBytes((IntPtr)Handle, Address, length));
        string[] temp3str = temp3.Split('\0');
        return temp3str[0];
    }




    private void btnLeggi_Click(object sender, EventArgs e)
    {
        UInt32 Address = 0x00075140;
        // get process
        Process game = Process.GetProcessesByName("Prison Architect")[0];
        // dump base

        UInt32 Base = (UInt32)game.MainModule.BaseAddress.ToInt32();
        // read pointer

        UInt32 Ptr1 = (UInt32)ReadInt32(Address + Base, 4, game.Handle);

        UInt32 Ptr2 = (UInt32)ReadInt32(Ptr1 + 0x300, 4, game.Handle);

        UInt32 Ptr3 = (UInt32)ReadInt32(Ptr2 + 0x88, 4, game.Handle);

        UInt32 Ptr4 = (UInt32)ReadInt32(Ptr3 + 0x26c, 4, game.Handle);

        UInt32 Ptr5 = (UInt32)ReadInt32(Ptr4 + 0x70, 4, game.Handle);

        UInt32 Ptr6 = (UInt32)ReadInt32(Ptr5 + 0x328, 4, game.Handle);

        // read memory pointer points to
        int PtrRead = ReadInt32(Ptr6, 255, game.Handle);


        txtDato.Text = Convert.ToString( PtrRead);









    }
}

1 个答案:

答案 0 :(得分:0)

如果我尝试读取内存的软件“正在以管理员权限运行”,则我在UInt32 Base = (UInt32)game.MainModule.BaseAddress.ToInt32();上出错。

如果目标进程以管理员身份运行,则您还必须以管理员身份运行。要使您的应用程序需要管理员权限,请右键单击您的项目,然后选择添加新项并选择清单文件,它将使用默认项(默认值为“ asInvoker”作为requestedExecutionLevel)。

将其更改为以下形式:

<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />

以管理员身份运行后,Process.MainModule.BaseAddress将具有正确的地址。

相关问题
最新问题