ReadProcessMemory 跨模块边界
恶霸Wii广场
我正在使用ReadProcessMemory读取进程的内存。似乎当我读取模块的末尾时,其余字节未成功读取。我还收到以下内核错误:
299: Only part of a ReadProcessMemory or WriteProcessMemory request was completed.
如果我用 列出所有模块EnumProcessModules,它们都不包含我试图读取的地址,但Cheat Engine可以很好地显示所有内存内容。Cheat Engine说模块的大小是0xE000,这正是我在它停止之前可以读取的字节数,并且只将0x00字节放入缓冲区,这是不正确的,并不代表实际的内存内容。
以下代码是否不适合跨模块边界读取(即使它们是连续的)?
static Memory getOutputMemory(Pointer openedProcess, long baseAddress, int length)
{
val outputMemory = new Memory(length);
val intByReference = new IntByReference();
if (!MY_KERNEL_32.ReadProcessMemory(openedProcess, baseAddress,
outputMemory, (int) outputMemory.size(), intByReference))
{
checkForKernelError();
}
return outputMemory;
}
恶霸Wii广场
事实证明,单独读取内存页面是如何做到的,例如像下面的代码:
public byte[] readBytes(long address, int length)
{
val byteBuffer = allocate(length);
var totalRemainingLength = length;
var currentAddress = address;
while (totalRemainingLength > 0)
{
val memoryBasicInformation = new MEMORY_BASIC_INFORMATION();
val process = new HANDLE(processHandle);
val pointer = new Pointer(currentAddress);
val memoryPageQueryResult = KERNEL_32.VirtualQueryEx(process, pointer, memoryBasicInformation,
new BaseTSD.SIZE_T(memoryBasicInformation.size()));
if (memoryPageQueryResult.equals(new SIZE_T(0)))
{
throw new IllegalStateException("Memory not contiguous");
}
val memoryPageBaseAddress = nativeValue(memoryBasicInformation.baseAddress);
val memoryPageSize = memoryBasicInformation.regionSize.longValue();
val memoryPageEndAddress = memoryPageBaseAddress + memoryPageSize;
val remainingMemoryPageBytes = memoryPageEndAddress - address;
val currentLength = (int) min(totalRemainingLength, remainingMemoryPageBytes);
val outputMemory = getOutputMemory(processHandle, currentAddress, currentLength);
val byteArray = outputMemory.getByteArray(0, currentLength);
byteBuffer.put(byteArray);
currentAddress += currentLength;
totalRemainingLength -= currentLength;
}
return byteBuffer.array();
}
static Memory getOutputMemory(Pointer openedProcess, long baseAddress, int length)
{
val outputMemory = new Memory(length);
val intByReference = new IntByReference();
if (!MY_KERNEL_32.ReadProcessMemory(openedProcess, baseAddress,
outputMemory, (int) outputMemory.size(), intByReference))
{
checkForKernelError();
}
return outputMemory;
}
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
编辑于
相关文章
Related 相关文章
- 1
ReadProcessMemory无法正常工作
- 2
C++ WinAPI ReadProcessMemory
- 3
球拍:跨模块边界的“ syntax-local-introduce”
- 4
与ReadProcessMemory等效的c ++指针操作
- 5
用于ReadProcessMemory函数的ByRef与ByVal
- 6
拒绝64位ReadProcessMemory访问
- 7
拒绝64位ReadProcessMemory访问
- 8
OpenProcess / ReadProcessMemory / WriteProcessMemory / CloseHandle等效项
- 9
WCHAR_T的地址以传递给ReadProcessMemory
- 10
使用ReadProcessMemory编辑的代码存在问题
- 11
跨多个元素的连续边界
- 12
64位过程上的ReadProcessMemory始终返回错误299
- 13
C#ReadProcessMemory:如何读取64位内存地址?
- 14
确定外部进程的主线程ID(ReadProcessMemory-Err 299)
- 15
与ReadProcessMemory C ++的数据不一致
- 16
内部模块的跨模块内联
- 17
跨模块共享事件
- 18
跨模块的Python枚举
- 19
跨模块转发参考
- 20
跨DLL边界的构造方法抛出异常
- 21
跨DLL边界的向量的内存重定位
- 22
跨多个模块的TypeScript模块扩充
- 23
跨模块的全局变量
- 24
GAE Eclipse:跨模块引用
- 25
跨模块重用类对象
- 26
跨python文件的全局模块
- 27
Python-将字节地址(从ReadProcessMemory)转换为字符串?
- 28
使用单个 HANDLE 和两次 ReadProcessMemory 调用时的无效句柄
- 29
跨不安全的传输边界验证消息源
我来说两句