#pragma once
#include <windows.h>
#include <TLHELP32.H>
class PROCESS
{
private:
HANDLE hProcess;
public:
//构造与解析
PROCESS();
~PROCESS();
//打开、关闭函数
BOOL OpenByName(char *szProcessName);
BOOL OpenByPID(DWORD PID);
BOOL Terminate();
//读取函数
BYTE ReadByte(DWORD address);
WORD ReadWord(DWORD address);
DWORD ReadDword(DWORD address);
float ReadFloat(DWORD address);
double ReadDouble(DWORD address);
void ReadStr(DWORD address,char *Str,int MaxSize);
void ReadArray(DWORD address,int TypeLength,LPVOID ArrayAddress,int MaxSize);
//查找函数
DWORD FindByte(DWORD StartAddr,DWORD EndAddr,BYTE FindByte);
DWORD FindWord(DWORD StartAddr,DWORD EndAddr,WORD FindWord);
DWORD FindDword(DWORD StartAddr,DWORD EndAddr,DWORD FindDword);
DWORD FindFloat(DWORD StartAddr,DWORD EndAddr,float FindFloat);
DWORD FindDouble(DWORD StartAddr,DWORD EndAddr,double FindDouble);
DWORD FindString(DWORD StartAddr,DWORD EndAddr,char *FindString);
//写入函数
void WriteByte(DWORD address,BYTE data);
void WriteWord(DWORD address,WORD data);
void WriteDword(DWORD address,DWORD data);
void WriteFloat(DWORD address,float data);
void WriteDouble(DWORD address,double data);
void WriteStr(DWORD address,char *String);
void WriteData(DWORD address,LPVOID DataAddr,int size);
//远程线程相关
HANDLE CreateThread(DWORD FuncAddr,LPVOID lpParameter,DWORD *PID);
DWORD AllocMemory(int SIZE);
void FreeMemory(DWORD address,int size);
void WaitThreadEnd(HANDLE hThread);
};
PROCESS::PROCESS()
{
this->hProcess=NULL;
}
PROCESS::~PROCESS()
{
CloseHandle(this->hProcess);
}
//根据进程名打开进程(进程名)
BOOL PROCESS::OpenByName(char *szProcessName)
{
PROCESSENTRY32 pe ={0x00};
char szProcName[255]={0};
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,NULL);
strcpy(szProcName,szProcessName);
pe.dwSize = sizeof(PROCESSENTRY32);
BOOL flag = Process32First(hSnap,&pe);
while (flag)
{
if (strcmp(strlwr(szProcName),strlwr(pe.szExeFile))==0)
{
this->hProcess=::OpenProcess(PROCESS_ALL_ACCESS,FALSE,pe.th32ProcessID);
return TRUE;
}
flag=Process32Next(hSnap,&pe);
}
return FALSE;
}
//根据PID打开进程(PID)
BOOL PROCESS::OpenByPID(DWORD PID)
{
this->hProcess=::OpenProcess(PROCESS_ALL_ACCESS,FALSE,PID);
if (this->hProcess)
return TRUE;
else
return FALSE;
}
//结束进程()
BOOL PROCESS::Terminate()
{
return ::TerminateProcess(this->hProcess,0);
}
//读取一个字节(地址)
BYTE PROCESS::ReadByte(DWORD address)
{
DWORD RB;
BYTE ret;
::ReadProcessMemory(this->hProcess,(LPVOID)address,&ret,1,&RB);
return ret;
}
//读取一个字(地址)
WORD PROCESS::ReadWord(DWORD address)
{
DWORD RB;
WORD ret;
::ReadProcessMemory(this->hProcess,(LPVOID)address,&ret,2,&RB);
return ret;
}
//读取一个双字(地址)
DWORD PROCESS::ReadDword(DWORD address)
{
DWORD RB,ret;
::ReadProcessMemory(this->hProcess,(LPVOID)address,&ret,4,&RB);
return ret;
}
//读取浮点数(地址)
float PROCESS::ReadFloat(DWORD address)
{
float ret;
DWORD RB;
::ReadProcessMemory(this->hProcess,(LPVOID)address,&ret,sizeof(float),&RB);
return ret;
}
//读取双精度(地址)
double PROCESS::ReadDouble(DWORD address)
{
double ret;
DWORD RB;
::ReadProcessMemory(this->hProcess,(LPVOID)address,&ret,sizeof(double),&RB);
return ret;
}
//读取字符串(地址,字符串,读取长度)
void PROCESS::ReadStr(DWORD address,char *Str,int MaxSize)
{
DWORD RB;
::ReadProcessMemory(this->hProcess,(LPVOID)address,Str,MaxSize,&RB);
}
//读取数组(地址,待读取数据类型大小,保存数组,读取数组长度)
void PROCESS::ReadArray(DWORD address,int TypeLength,LPVOID ArrayAddress,int MaxSize)
{
DWORD RB;
for (int i=0;i<MaxSize;i++)
{
::ReadProcessMemory(this->hProcess,(LPVOID)address,ArrayAddress,TypeLength,&RB);
ArrayAddress=(void *)((DWORD)ArrayAddress+TypeLength);
address+=TypeLength;
}
}
//查找字节(起始地址,结束地址,待查找字节)
DWORD PROCESS::FindByte(DWORD StartAddr,DWORD EndAddr,BYTE FindByte)
{
DWORD RB,nSize=255;
BYTE ByteRead[255];
while (StartAddr<EndAddr)
{
memset(ByteRead,0,255);
if (StartAddr+255>=EndAddr)
nSize=EndAddr-StartAddr;
::ReadProcessMemory(this->hProcess,(LPVOID)StartAddr,ByteRead,nSize,&RB);
for (UINT i=0;i<nSize;i++)
{
if (ByteRead[i]==FindByte)
return StartAddr+i;
}
StartAddr+=255;
}
return 0;
}
//查找字(起始地址,结束地址,待查找字)
DWORD PROCESS::FindWord(DWORD StartAddr,DWORD EndAddr,WORD FindWord)
{
DWORD RB,nSize=1024;
BYTE Read[1024];
while (StartAddr<EndAddr)
{
memset(Read,0,1024);
if (StartAddr+1024>=EndAddr)
nSize=EndAddr-StartAddr;
::ReadProcessMemory(this->hProcess,(LPVOID)StartAddr,Read,nSize,&RB);
for (UINT i=0;i<=nSize-2;i++)
{
if (*(WORD*)&Read[i]==FindWord)
return StartAddr+i;
}
StartAddr+=1024;
}
return 0;
}
//查找双字(起始地址,结束地址,待查找双字)
DWORD PROCESS::FindDword(DWORD StartAddr,DWORD EndAddr,DWORD FindDword)
{
DWORD RB,nSize=4096;
BYTE Read[4096];
while (StartAddr<EndAddr)
{
memset(Read,0,4096);
if (StartAddr+4096>=EndAddr)
nSize=EndAddr-StartAddr;
::ReadProcessMemory(this->hProcess,(LPVOID)StartAddr,Read,nSize,&RB);
for (UINT i=0;i<=nSize-4;i++)
{
if (*(DWORD *)&Read[i]==FindDword)
return StartAddr+i;
}
StartAddr+=4096;
}
return 0;
}
//查找单精度浮点数(起始地址,结束地址,待查找单精度浮点数)
DWORD PROCESS::FindFloat(DWORD StartAddr,DWORD EndAddr,float FindFloat)
{
DWORD RB,nSize=4096;
BYTE Read[4096];
while (StartAddr<EndAddr)
{
memset(Read,0,4096);
if (StartAddr+4096>=EndAddr)
nSize=EndAddr-StartAddr;
::ReadProcessMemory(this->hProcess,(LPVOID)StartAddr,Read,nSize,&RB);
for (UINT i=0;i<=nSize-4;i++)
{
if (*(float *)&Read[i]==FindFloat)
return StartAddr+i;
}
StartAddr+=4096;
}
return 0;
}
//查找双精度浮点数(起始地址,结束地址,待查找双精度浮点数)
DWORD PROCESS::FindDouble(DWORD StartAddr,DWORD EndAddr,double FindDouble)
{
DWORD RB,nSize=4096;
BYTE Read[4096];
while (StartAddr<EndAddr)
{
memset(Read,0,4096);
if (StartAddr+4096>=EndAddr)
nSize=EndAddr-StartAddr;
::ReadProcessMemory(this->hProcess,(LPVOID)StartAddr,Read,nSize,&RB);
for (UINT i=0;i<=nSize-8;i++)
{
if (*(double *)&Read[i]==FindDouble)
return StartAddr+i;
}
StartAddr+=4096;
}
return 0;
}
//查找字符串(起始地址,结束地址,字符串)
DWORD PROCESS::FindString(DWORD StartAddr,DWORD EndAddr,char *FindString)
{
DWORD RB,nSize=4096;
BYTE Read[4096];
while (StartAddr<EndAddr)
{
memset(Read,0,4096);
if (StartAddr+4096>=EndAddr)
nSize=EndAddr-StartAddr;
::ReadProcessMemory(this->hProcess,(LPVOID)StartAddr,Read,nSize,&RB);
for (UINT i=0;i<nSize;i++)
{
if(Read[i]==FindString[0])
{
for (UINT k=0;k<strlen(FindString);k++)
{
if (Read[i+k]!=FindString[k])
break;
}
if (k==strlen(FindString))
return StartAddr+i;
}
}
StartAddr=StartAddr+4096-strlen(FindString);
}
return 0;
}
//写入字节(地址,字节数据)
void PROCESS::WriteByte(DWORD address,BYTE data)
{
DWORD RB;
::WriteProcessMemory(this->hProcess,(LPVOID)address,&data,1,&RB);
}
//写入一个字(地址,字数据)
void PROCESS::WriteWord(DWORD address,WORD data)
{
DWORD RB;
::WriteProcessMemory(this->hProcess,(LPVOID)address,&data,2,&RB);
}
//写入一个双字(地址,双字数据)
void PROCESS::WriteDword(DWORD address,DWORD data)
{
DWORD RB;
::WriteProcessMemory(this->hProcess,(LPVOID)address,&data,4,&RB);
}
//写入单精度浮点数(地址,单精度浮点数据)
void PROCESS::WriteFloat(DWORD address,float data)
{
DWORD RB;
::WriteProcessMemory(this->hProcess,(LPVOID)address,&data,4,&RB);
}
//写入双精度浮点数(地址,双精度浮点数)
void PROCESS::WriteDouble(DWORD address,double data)
{
DWORD RB;
::WriteProcessMemory(this->hProcess,(LPVOID)address,&data,8,&RB);
}
//写入字符串
void PROCESS::WriteStr(DWORD address,char *String)
{
DWORD RB;
::WriteProcessMemory(this->hProcess,(LPVOID)address,(LPVOID)String,strlen(String),&RB);
}
//写入自定义数据(地址,数据起始地址,写入长度)
void PROCESS::WriteData(DWORD address,LPVOID DataAddr,int size)
{
DWORD RB;
::WriteProcessMemory(this->hProcess,(LPVOID)address,DataAddr,size,&RB);
}
//简单远程线程(函数地址,参数,返回PID)
HANDLE PROCESS::CreateThread(DWORD FuncAddr,LPVOID lpParameter=NULL,DWORD *PID=NULL)
{
return ::CreateRemoteThread(this->hProcess,NULL,0,(LPTHREAD_START_ROUTINE)FuncAddr,lpParameter,0,PID);
}
//分配内存空间(大小)
DWORD PROCESS::AllocMemory(int SIZE)
{
return (DWORD)::VirtualAllocEx(this->hProcess,NULL,SIZE,MEM_COMMIT|MEM_RESERVE,PAGE_EXECUTE_READWRITE);
}
//释放空间(地址,大小)
void PROCESS::FreeMemory(DWORD address,int size)
{
::VirtualFreeEx(this->hProcess,(LPVOID)address,size,MEM_DECOMMIT|MEM_RELEASE);
}
//等待线程执行完毕()
void PROCESS::WaitThreadEnd(HANDLE hThread)
{
::WaitForSingleObjectEx(hThread,INFINITE,FALSE);
}
浙公网安备 33010602011771号