进程内存读取工具-ReadProcessMemory
[i=s] 本帖最后由 老刘1号 于 2020-4-12 12:20 编辑 [/i][quote]老刘制作——进程内存读取工具
用法:
ReadProcessMemory <ProcessID> <BaseAddress> <Long>
ProcessID 指定需读取进程的PID
BaseAddress 指定需读取进程内读取数据的起始地址
Long 指定需读取进程内读取数据的长度(Byte)
[/quote]
相关作品:[url=http://www.bathome.net/thread-45155-1-1.html]http://www.bathome.net/thread-45155-1-1.html[/url][code]Option Explicit
Imports System
Module ReadProcessMemory
Public Class ReadProcessMemory_Main
Public Shared Sub Main(ByVal cmdArgs() As String)
Const PROCESS_ALL_ACCESS As Long = &H1F0FFF
If CmdArgs.Length = 3 Then
If IsNumeric(cmdArgs(0)) And IsNumeric(cmdArgs(1)) And IsNumeric(cmdArgs(2)) Then
Dim ProcessHandle,BytesLong,ReturnValue,Conter As Long
Dim Bytes(Clng(cmdArgs(2))) As Byte
ProcessHandle = WinAPI.OpenProcess(PROCESS_ALL_ACCESS,False,Clng(CmdArgs(0)))
ReturnValue = WinAPI.ReadProcessMemory(ProcessHandle,Clng(CmdArgs(1)),Bytes,Clng(CmdArgs(2)),BytesLong)
If ReturnValue = 1 Then
For Conter = 0 To BytesLong - 1
Console.Write(Right("0" & Hex(Bytes(Conter)),2)&Chr(&H20))
Next
Console.WriteLine()
Else
Console.WriteLine("读取失败!")
End If
Else
Console.WriteLine("输入的值不合法!")
End If
Else
Console.WriteLine("老刘制作——进程内存读取工具")
Console.WriteLine("用法:")
Console.WriteLine(" ReadProcessMemory <ProcessID> <BaseAddress> <Long>")
Console.WriteLine(" ProcessID 指定需读取进程的PID")
Console.WriteLine(" BaseAddress 指定需读取进程内读取数据的起始地址")
Console.WriteLine(" Long 指定需读取进程内读取数据的长度(Byte)")
End If
End Sub
End Class
Public Class WinAPI
Declare Function OpenProcess Lib "KERNEL32" ( _
ByVal dwDesiredAccess As Long, _
ByVal bInheritHandle As Long, _
ByVal dwProcessId As Long ) _
As Long
Declare Function ReadProcessMemory Lib "KERNEL32" ( _
ByVal hProcess As Long, _
ByVal lpBaseAddress As Long, _
lpBuffer As Byte(), _
ByVal nSize As Long, _
ByRef lpNumberOfBytesRead As Long) _
As Long
End Class
End Module[/code] 开源顶一个 牛逼啊===========
页:
[1]