zoukankan      html  css  js  c++  java

  • MulPointer

    unit Unit1; 

    interface

    uses
      Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
      Dialogs, ExtCtrls, StdCtrls;

    type
      TForm1 = class(TForm)
        Label1: TLabel;
        Timer1: TTimer;
        procedure Timer1Timer(Sender: TObject);
      private
        { Private declarations }
      public
        { Public declarations }
      end;

    var
      Form1: TForm1;

    implementation

    {$R *.dfm}

    (*
    //用程序显示数据的6个步骤
    1->FindWindow(1,2):HWND; {查找窗口}
    2->GetWindowThreadProcessId(1,2):Dword; {获取窗口线程ID}
    3->OpenProcess(1,2,3):Thandle; {打开进程}
    4->ReadProcessMemory(1,2,3,4,5):BOOL; {读取进程内存}
    5->CloseHandle(1):BOOL; {关闭句柄}
    6->显示并输出结果

    //用程序显示数据的6个步骤
    //1 查找窗口
    FindWindow(1,2):HWND; {查找窗口}
    1->lpclassName {窗口的类名}
    2->lpWindowName:Pchar {窗口的标题}
    example:
    myHwnd:=FindWindow(nil,'Step 8'); {HWND失败返回 0}

    //2 获取窗口线程ID
    GetWindowThreadProcessId(1,2):Dword; {获取窗口线程ID}
    1->hwnd HWND {指定窗口句柄}
    2->lpdwProcessId Pointer {返回进程 ID 的指针}
    example:
      GetWindowThreadProcessId(MyHwnd,@myPid);

    //3 打开进程
    OpenProcess(1,2,3):Thandle; {打开进程} {成功会返回进程句柄; 失败返回 0}
    1->dwDesireAccess:DWORD {访问选项}
    2->bInheritHandle:BOOL {能否继承; True 表示能用 CreateProcess 继承句柄创建新进程}
    3->dwProcessId:Dword {指定进程 ID}
    example:
      myProcess:=OpenProcess(PROCESS_ALL_ACCESS,false,myPid);

    //4 读取进程内存
    ReadProcessMemory(1,2,3,4,5):BOOL; {读取进程内存}
    1->Handle:Hprocess {目标进程句柄}
    2->LPCVOID lpBaseAddress {读取数据的起始地址}
    3->LPvoid lpBuffer {存放数据的缓存区地址}
    4->DWord nSize {要读取的字节数}
    5->LPDWORD lpNumberOfBytesRead {实际读取数存放地址} {delphi xe: readByte:SIZE_T;}
    example:
      ReadProcessMemory(myProcess,Pointer(BaseAddress),@MyPointer,4,ReadByte);

    //5 关闭句柄
    CloseHandle(1):BOOL; {关闭句柄}
    1->hObject :HANDLE {代表一个已打开对象handle}
    example:
      CloseHandle(myProcess);

    //06 显示并输出结果
    label1.Caption:=inttostr(DsplyObjectValue);
    *)

    procedure TForm1.Timer1Timer(Sender: TObject);
    var
     myHwnd:HWND;
     myPid:dword;
     myProcess:Thandle;
     MyPointer:integer;
     readByte:dword;//readByte:SIZE_T;
     DsplyObjectValue:integer;
     const BaseAddress=$0057C3A0; // [[[[0057C3A0]+1c]+14]+0]+18 =>dsplyValue
     begin
       myHwnd:=FindWindow(nil,'Step 8');//01
       if myHwnd <> 0 then
       begin
         GetWindowThreadProcessID(myHwnd,@myPid); //02
         myProcess:=OpenProcess(PROCESS_ALL_ACCESS,false,myPid); //03
         ReadProcessMemory(myProcess,Pointer(BaseAddress),@MyPointer,4,ReadByte); //04
         ReadProcessMemory(myProcess,Pointer(MyPointer+$c),@MyPointer,4,ReadByte);
         ReadProcessMemory(myProcess,Pointer(MyPointer+$14),@MyPointer,4,ReadByte);
         ReadProcessMemory(myProcess,Pointer(MyPointer+$0),@MyPointer,4,ReadByte);
         ReadProcessMemory(myProcess,Pointer(MyPointer+$18),@DsplyObjectValue,4,ReadByte);
         CloseHandle(myProcess) ;//05
         label1.Caption:=inttostr(DsplyObjectValue); //06 显示并输出结果
         self.Caption :='Form1';
       end;
       if myHwnd = 0 then self.Caption :='no found object!';
    end;

    end.




    附件列表
    • 相关阅读:
      .NET: 如何在宿主中动态加载所有的服务
      SharePoint : 自定义权限设置中可能遇到的问题
      在javascript中进行cookie的读写操作
      .NET : 如何读取数据库中的bmp图片数据
      Microsoft Security Essential
      利用ashx和ajax实现表格的异步填充
      IPV6
      Windows 7 : 开发人员资源
      SQL Server : 使用SQL Express的User Instance特性
      .NET : 如何在Windows Forms中使用DataRepeater控件
    • 原文地址:https://www.cnblogs.com/xe2011/p/2518934.html
    Copyright © 2011-2022 走看看