【转】修改内存地址内容,可以修改游戏金币值
实现修改内存内容核心代码:
C++代码
//进程列表信息
void CMemRepairDlg::InitProcessList()
{
PROCESSENTRY32 pe32;
ZeroMemory(&pe32, 0);
pe32.dwSize = sizeof(PROCESSENTRY32);
//对系统进程进行拍照
HANDLE handle = ::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if ( INVALID_HANDLE_VALUE == handle )
{
MessageBox("调用CreateToolhelp32Snapshot函数失败!");
return;
}
BOOL bRect = ::Process32First(handle, &pe32);
if ( m_map.size() > 0)
m_map.clear();//清除
CString cs;
while( bRect )
{
((CComboBox*)GetDlgItem(IDC_PROCESSLIST_COBOX))->AddString(pe32.szExeFile);
m_map.insert(std::pair<DWORD, CString>(pe32.th32ProcessID, pe32.szExeFile));
bRect = ::Process32Next(handle, &pe32);
}
((CComboBox*)GetDlgItem(IDC_PROCESSLIST_COBOX))->SetCurSel(3);
//GetModuleFileNameEX::检索当前进程路径
UpdateData(FALSE);
CloseHandle(handle);
}
//获取当前进程句柄
void CMemRepairDlg::GetCurrentProcessHandle()
{
int nIndex = ((CComboBox*)GetDlgItem(IDC_PROCESSLIST_COBOX))->GetCurSel();
CString processStr = "";
((CComboBox*)GetDlgItem(IDC_PROCESSLIST_COBOX))->GetLBText(nIndex, processStr);
DWORD processId = 0;
if ( m_map.size() > 0 )
{
std::map<DWORD, CString>::iterator iterator;
for( iterator=m_map.begin();iterator != m_map.end();++iterator )
{
if ( !processStr.Compare(iterator->second) )
{
processId = iterator->first;
break;
}
}
}
if ( processId == 0 ) return;
m_handle = ::OpenProcess(PROCESS_ALL_ACCESS, FALSE, processId);
if ( m_handle == NULL )
{
CString errorInfo;
errorInfo.Format("error code:%d 调用函数失败!", GetLastError);
MessageBox(errorInfo);
return;
}
}
//读取一页内存
void CMemRepairDlg::ReadOnePageMem(DWORD baseptr, const char* pStr)
{
BYTE byte[4096] = {0};
//lpBaseptr:起始地址
BOOL bRect = ::ReadProcessMemory(m_handle, (LPCVOID)baseptr, byte, 4096, NULL);
LPDWORD ptr = NULL;
if ( bRect )
{
for( int i = 0;i < 4*1024-3;++i )
{
ptr = (DWORD*)&byte[i];
if ( *ptr == atoi(pStr) )
{
m_vector.push_back(baseptr+i);
}
}
}
}
//获取操作系统用于存储数据的地址
void CMemRepairDlg::GetBasePtr(const char* pStr)
{
OSVERSIONINFO osInfo;
ZeroMemory(&osInfo, sizeof(OSVERSIONINFO));
osInfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
::GetVersionEx(&osInfo);
DWORD baseAddr = 0;
if ( osInfo.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS )//98
{
baseAddr = 4*1024*1024;//98系统是采用的是4M
}
else
{
baseAddr = 64*1024;
}
if ( m_vector.size() > 0)
m_vector.clear();
//在开始地址到2G内存空间进行查找
for( ;baseAddr < 2*1024*1024*1024;baseAddr+=4*1024 )
{
ReadOnePageMem(baseAddr, pStr);
}
}
//通过输入值找到当前进程中内存地址
void CMemRepairDlg::OnSearchBtn()
{
// TODO: Add your control notification handler code here
GetCurrentProcessHandle();
((CEdit*)GetDlgItem(IDC_VALUE_EDIT))->GetWindowText(m_value);
GetBasePtr(m_value.GetBuffer(m_value.GetLength()));
OperatorListBox();
}
//地址列表控件操作
void CMemRepairDlg::OperatorListBox()
{
CListBox* listBox = (CListBox*)GetDlgItem(IDC_PROCESS_LIST);
std::vector<DWORD>::iterator itrator;
listBox->ResetContent();
CString str;
for( itrator = m_vector.begin();itrator != m_vector.end();++itrator )
{
str.Format("%p", *itrator);
listBox->AddString(str);
}
UpdateData(FALSE);
}
void CMemRepairDlg::OnSelchangeProcessList()
{
// TODO: Add your control notification handler code here
CListBox* listBox = (CListBox*)GetDlgItem(IDC_PROCESS_LIST);
int nIndex = ((CListBox*)GetDlgItem(IDC_PROCESS_LIST))->GetCurSel();
CString strItem;
listBox->GetText(nIndex, strItem);
((CEdit*)GetDlgItem(IDC_ADDR_EDIT))->SetWindowText(strItem);
UpdateData(FALSE);
}
//从指定的内存范围内进行搜索
void CMemRepairDlg::OnStartBtn()
{
// TODO: Add your control notification handler code here
int nSize = m_vector.size();
DWORD dwValue;
if ( m_nextVector.size() > 0 )
m_nextVector.clear();
std::vector<DWORD>::iterator iterator;
for( iterator = m_vector.begin(); iterator != m_vector.end();++iterator )
{
BOOL bRect = ::ReadProcessMemory(m_handle, (LPCVOID)*iterator, &dwValue, sizeof(DWORD), NULL);
if (bRect)
{
if ( dwValue == atoi(m_value.GetBuffer(m_value.GetLength())) )//内存的内容与输入的值相等
{
m_nextVector.push_back(*iterator);
}
}
}
m_vector.clear();
m_vector = m_nextVector;
OperatorListBox();
}
//修改内存内容
void CMemRepairDlg::OnModifyBtn()
{
// TODO: Add your control notification handler code here
CString addrStr = "";
CString modifyStr = "";
((CEdit*)GetDlgItem(IDC_ADDR_EDIT))->GetWindowText(addrStr);//需要修改的地址
((CEdit*)GetDlgItem(IDC_MODIFY_EDIT))->GetWindowText(modifyStr);
MessageBox(addrStr);
DWORD dwValue = atoi(modifyStr.GetBuffer(modifyStr.GetLength()));
DWORD addr = HexToNum(addrStr);;
BOOL bRect = ::WriteProcessMemory(m_handle,(LPVOID)addr, &dwValue, sizeof(DWORD), NULL);
if ( bRect )
MessageBox("修改成功!");
else
{
int nCode = GetLastError();
CString errorInfo;
errorInfo.Format("%d 错语码:%d", addr, nCode);
MessageBox(errorInfo);
}
}
//十六进制转化为十进制
DWORD CMemRepairDlg::HexToNum(CString str)
{
int nSum = 0;
int nLength = str.GetLength();
int i = 0;
int nTemp = 0;
do
{
TCHAR cChar = str.GetAt(--nLength);
switch(cChar)
{
case 'A':
case 'a':
nTemp = 10;
break;
case 'B':
case 'b':
nTemp = 11;
break;
case 'C':
case 'c':
nTemp = 12;
break;
case 'D':
case 'd':
nTemp = 13;
break;
case 'E':
case 'e':
nTemp = 14;
break;
case 'F':
case 'f':
nTemp = 15;
break;
default:
nTemp = cChar - 48;
break;
}
nSum += nTemp*pow(16, i);
++i;
} while (nLength > 0);
return nSum;
}
