读写另一EXE的内存
procedure TfrmMain.tmrChangeServerNameTimer(Sender: TObject);
function GetProcessID(FileName: string = ''): TProcessEntry32;
var
Ret: BOOL;
s: string;
FSnapshotHandle: THandle;
FProcessEntry32: TProcessEntry32;
begin
FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
FProcessEntry32.dwSize := Sizeof(FProcessEntry32);
Ret := Process32First(FSnapshotHandle, FProcessEntry32);
while Ret do
begin
s := ExtractFileName(FProcessEntry32.szExeFile);
if (AnsiCompareText(Trim(s),Trim(FileName))=0) and (FileName <> '') then begin
result := FProcessEntry32;
break;
end;
Ret := Process32Next(FSnapshotHandle, FProcessEntry32);
end;
CloseHandle(FSnapshotHandle);
end;
var
FProcessEntry32: TProcessEntry32;
ProcessID: integer;
ProcessHandle: THandle;
lpBuffer: PChar;
nSize: DWORD;
lpNumberOfBytes: DWORD;
mbi_thunk:TMemoryBasicInformation;
dwOldProtect:dword;
const
LeftAddress = $02370C68;
RightAddress1 = $02370C74;
RightAddress2 = $02370C84;
// ServerName = '京信三国';
begin
FProcessEntry32 := GetProcessID('aLogin.exe');
if FProcessEntry32.th32ProcessID =0 then exit;
ProcessID := FProcessEntry32.th32ProcessID;
ProcessHandle := OpenProcess(PROCESS_ALL_ACCESS, false, ProcessID);
//---------------写left
lpBuffer := PChar(GB2Big5('01.' + ServerName));
nSize:= 12; //N是数据长度
//写LeftAddress数据
VirtualQueryEx(ProcessHandle,Pointer(LeftAddress),mbi_thunk, sizeof(TMemoryBasicInformation));
VirtualProtectEx(ProcessHandle,Pointer(LeftAddress),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect);
WriteProcessMemory(ProcessHandle, Pointer(LeftAddress), lpBuffer, nSize, lpNumberOfBytes);
VirtualProtectEx(ProcessHandle,Pointer(LeftAddress), nSize, mbi_thunk.Protect,dwOldProtect);
//---------------写right
lpBuffer := PChar(GB2Big5(ServerName)); //要写的内容
nSize:= 8; //数据长度
//写RightAddress1数据
VirtualQueryEx(ProcessHandle,Pointer(RightAddress1),mbi_thunk, sizeof(TMemoryBasicInformation));
VirtualProtectEx(ProcessHandle,Pointer(RightAddress1),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect);
WriteProcessMemory(ProcessHandle, Pointer(RightAddress1), lpBuffer, nSize, lpNumberOfBytes);
VirtualProtectEx(ProcessHandle,Pointer(RightAddress1), nSize, mbi_thunk.Protect,dwOldProtect);
//写RightAddress2数据
VirtualQueryEx(ProcessHandle,Pointer(RightAddress2),mbi_thunk, sizeof(TMemoryBasicInformation));
VirtualProtectEx(ProcessHandle,Pointer(RightAddress2),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect);
WriteProcessMemory(ProcessHandle, Pointer(RightAddress2), lpBuffer, nSize, lpNumberOfBytes);
VirtualProtectEx(ProcessHandle,Pointer(RightAddress2), nSize, mbi_thunk.Protect,dwOldProtect);
//读内容,确定是否修改成功
lpBuffer := AllocMem(nSize);
ReadProcessMemory(ProcessHandle, Pointer(RightAddress2), lpBuffer, nSize, lpNumberOfBytes);
if ServerName = Big52GB(lpBuffer) then begin
Caption := '内存内容为:' + Big52GB(lpBuffer);
tmrChangeServerName.Enabled := False;
end;
CloseHandle(ProcessHandle);
// Memo1.Lines.Add(Big52GB(lpBuffer));
//MEMO显示信息
// Memo1.Lines.Clear;
// memo1.lines.add('Process ID ' + IntToHex(FProcessEntry32.th32ProcessID, 8));
// memo1.lines.Add('File name ' + FProcessEntry32.szExeFile);
// memo1.Lines.Add('Process Handle ' + intTohex(ProcessHandle, 8));
// Memo1.Lines.Add('虚拟内存中的数据:');
end;
function GetProcessID(FileName: string = ''): TProcessEntry32;
var
Ret: BOOL;
s: string;
FSnapshotHandle: THandle;
FProcessEntry32: TProcessEntry32;
begin
FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
FProcessEntry32.dwSize := Sizeof(FProcessEntry32);
Ret := Process32First(FSnapshotHandle, FProcessEntry32);
while Ret do
begin
s := ExtractFileName(FProcessEntry32.szExeFile);
if (AnsiCompareText(Trim(s),Trim(FileName))=0) and (FileName <> '') then begin
result := FProcessEntry32;
break;
end;
Ret := Process32Next(FSnapshotHandle, FProcessEntry32);
end;
CloseHandle(FSnapshotHandle);
end;
var
FProcessEntry32: TProcessEntry32;
ProcessID: integer;
ProcessHandle: THandle;
lpBuffer: PChar;
nSize: DWORD;
lpNumberOfBytes: DWORD;
mbi_thunk:TMemoryBasicInformation;
dwOldProtect:dword;
const
LeftAddress = $02370C68;
RightAddress1 = $02370C74;
RightAddress2 = $02370C84;
// ServerName = '京信三国';
begin
FProcessEntry32 := GetProcessID('aLogin.exe');
if FProcessEntry32.th32ProcessID =0 then exit;
ProcessID := FProcessEntry32.th32ProcessID;
ProcessHandle := OpenProcess(PROCESS_ALL_ACCESS, false, ProcessID);
//---------------写left
lpBuffer := PChar(GB2Big5('01.' + ServerName));
nSize:= 12; //N是数据长度
//写LeftAddress数据
VirtualQueryEx(ProcessHandle,Pointer(LeftAddress),mbi_thunk, sizeof(TMemoryBasicInformation));
VirtualProtectEx(ProcessHandle,Pointer(LeftAddress),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect);
WriteProcessMemory(ProcessHandle, Pointer(LeftAddress), lpBuffer, nSize, lpNumberOfBytes);
VirtualProtectEx(ProcessHandle,Pointer(LeftAddress), nSize, mbi_thunk.Protect,dwOldProtect);
//---------------写right
lpBuffer := PChar(GB2Big5(ServerName)); //要写的内容
nSize:= 8; //数据长度
//写RightAddress1数据
VirtualQueryEx(ProcessHandle,Pointer(RightAddress1),mbi_thunk, sizeof(TMemoryBasicInformation));
VirtualProtectEx(ProcessHandle,Pointer(RightAddress1),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect);
WriteProcessMemory(ProcessHandle, Pointer(RightAddress1), lpBuffer, nSize, lpNumberOfBytes);
VirtualProtectEx(ProcessHandle,Pointer(RightAddress1), nSize, mbi_thunk.Protect,dwOldProtect);
//写RightAddress2数据
VirtualQueryEx(ProcessHandle,Pointer(RightAddress2),mbi_thunk, sizeof(TMemoryBasicInformation));
VirtualProtectEx(ProcessHandle,Pointer(RightAddress2),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect);
WriteProcessMemory(ProcessHandle, Pointer(RightAddress2), lpBuffer, nSize, lpNumberOfBytes);
VirtualProtectEx(ProcessHandle,Pointer(RightAddress2), nSize, mbi_thunk.Protect,dwOldProtect);
//读内容,确定是否修改成功
lpBuffer := AllocMem(nSize);
ReadProcessMemory(ProcessHandle, Pointer(RightAddress2), lpBuffer, nSize, lpNumberOfBytes);
if ServerName = Big52GB(lpBuffer) then begin
Caption := '内存内容为:' + Big52GB(lpBuffer);
tmrChangeServerName.Enabled := False;
end;
CloseHandle(ProcessHandle);
// Memo1.Lines.Add(Big52GB(lpBuffer));
//MEMO显示信息
// Memo1.Lines.Clear;
// memo1.lines.add('Process ID ' + IntToHex(FProcessEntry32.th32ProcessID, 8));
// memo1.lines.Add('File name ' + FProcessEntry32.szExeFile);
// memo1.Lines.Add('Process Handle ' + intTohex(ProcessHandle, 8));
// Memo1.Lines.Add('虚拟内存中的数据:');
end;
