温馨提示×

温馨提示×

您好,登录后才能下订单哦!

密码登录×
登录注册×
其他方式登录
点击 登录注册 即表示同意《亿速云用户服务条款》

vb.net ReadProcessMemory使用方法

发布时间:2020-07-25 12:05:21 来源:网络 阅读:619 作者:wang5159029 栏目:编程语言

网上好多关于ReadprocessMemory、WriteprocessMemory使用方法的贴子都不能用,下面是本人亲自测过可用的,望对大家有用。

    ''' <summary>
    ''' 读取内存地址
    ''' </summary>
    ''' <param name="hProcess">进程句柄</param>
    ''' <param name="lpBaseAddress">内存地址</param>
    ''' <param name="lpBuffer">数据存储变量</param>
    ''' <param name="nSize">长度sizeof(lpBuffer)</param>
    ''' <param name="lpNumberOfBytesRead">读取长度</param>
    ''' <returns></returns>
    ''' <remarks></remarks>
    Declare Function ReadProcessMemory Lib "kernel32.dll" (ByVal hProcess As Integer, ByVal lpBaseAddress As IntPtr, ByVal lpBuffer As IntPtr, ByVal nSize As Integer, ByRef lpNumberOfBytesRead As Integer) As Boolean

    ''' <summary>
    ''' 写入内存地址
    ''' </summary>
    ''' <param name="hProcess">进程句柄</param>
    ''' <param name="lpBaseAddress">写入进程的内存地址</param>
    ''' <param name="lpBuffer">数据存储变量</param>
    ''' <param name="nSize">长度sizeof(lpBuffer)</param>
    ''' <param name="lpNumberOfBytesWritten">实际数据的长度</param>
    ''' <returns></returns>
    ''' <remarks></remarks>
    Declare Function WriteProcessMemory Lib "kernel32" Alias "WriteProcessMemory" _
        (ByVal hProcess As Integer, ByVal lpBaseAddress As IntPtr, _
         ByVal lpBuffer As Byte(), ByVal nSize As Integer, ByVal lpNumberOfBytesWritten As IntPtr) As Boolean

Declare Function OpenProcess Lib "kernel32.dll" (ByVal dwDesiredAccess As Integer, ByVal bInheritHandle As Integer, ByVal dwProcessId As Integer) As Integer


    Friend Const PROCESS_ALL_ACCESS = &H1F0FFF = 2035711
    Friend Const PROCESS_VM_READ = &H10
    Friend Const PROCESS_VM_WRITE = &H20


 Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        Dim hw As Integer = OpenProcess(PROCESS_VM_READ, False, 4304)
        Dim getstr(12) As Byte
        Dim GetStrIntptr = Marshal.UnsafeAddrOfPinnedArrayElement(getstr, 0)
        Button1.Text = "read结果:" & ReadProcessMemory(hw, CType(&H4D45A0, IntPtr), GetStrIntptr, 12, 0)
        TextBox1.Text = Marshal.PtrToStringUni(GetStrIntptr)
        TextBox3.Text = "GLE:" & GetLastError
        CloseHandle(hw)
    End Sub
‘需要注意:readprocessmemory的lpBuffer放的地数组地址的基址,需要用marshal转化一下。Marshal.PtrToStringUni(GetStrIntptr)输出内容。


    Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
        Dim hw As Integer = OpenProcess(&H1F0FFF, False, 4304)
        Dim Wrtstr(12) As Byte
        Wrtstr = System.Text.Encoding.Unicode.GetBytes("vbWrit")
        Button2.Text = "Write结果:" & WriteProcessMemory(hw, CType(&H4D45A0, IntPtr), Wrtstr, 12, 0)
        TextBox3.Text = "GLE:" & GetLastError
        CloseHandle(hw)
    End Sub

向AI问一下细节

免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。

AI