c++ readIntger writeIntger
类似CE的read/writeIntger函数(外部)
#include <iostream>
#include <Windows.h>
#include <TlHelp32.h>
#include <vector>
#include <regex>
#include <sstream>
#include <string>
// global
DWORD pid = 0;
HANDLE hProcess = 0;
// 获取进程名的pid
DWORD getPID(const wchar_t* name)
{
DWORD pid = 0;
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hSnap != INVALID_HANDLE_VALUE)
{
PROCESSENTRY32 pe;
pe.dwSize = sizeof(pe);
if (Process32First(hSnap, &pe))
{
do {
if (!_wcsicmp(pe.szExeFile, name)) {
pid = pe.th32ProcessID;
break;
}
} while (Process32Next(hSnap, &pe));
}
}
CloseHandle(hSnap);
return pid;
}
// 获取模块基址
uintptr_t getModuleBaseAddress(DWORD pid, const wchar_t* modName)
{
uintptr_t modBaseAddr = 0;
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, pid);
if (hSnap != INVALID_HANDLE_VALUE)
{
MODULEENTRY32 me;
me.dwSize = sizeof(me);
if (Module32First(hSnap, &me))
{
do {
if (!_wcsicmp(me.szModule, modName)) {
modBaseAddr = (uintptr_t)me.modBaseAddr;
break;
}
} while (Module32Next(hSnap, &me));
}
}
CloseHandle(hSnap);
return modBaseAddr;
}
std::string replaceString(std::string origenString, std::string replaceString, std::string newValue)
{
int startIndex = origenString.find(replaceString);
int endIndex = replaceString.size();
return origenString.replace(startIndex - 1, endIndex + 2, newValue);
}
uintptr_t hexStr2Hex(std::string hexStr)
{
uintptr_t r;
std::stringstream(hexStr) >> std::hex >> r;
return r;
}
struct SplitListItem
{
std::string key;
std::string value;
};
std::vector<SplitListItem> splitString(std::string origenString, std::regex pattern)
{
std::smatch result;
std::string::const_iterator iterStart = origenString.begin();
std::string::const_iterator iterEnd = origenString.end();
std::vector<std::string> splitList = {};
std::vector<std::string> splitKeys = {};
std::vector<SplitListItem> resultSplitList = {};
while (regex_search(iterStart, iterEnd, result, pattern))
{
splitList.emplace_back(iterStart, result[0].first);
splitKeys.push_back(result[0].str());
iterStart = result[0].second;
}
splitList.emplace_back(iterStart, iterEnd);
for (size_t i = 0; i < splitList.size(); i++)
{
resultSplitList.push_back(SplitListItem{ i > 0 ? splitKeys[i - 1] : "", splitList[i] });
}
return resultSplitList;
}
uintptr_t getOffsetsAddress(std::string address, uintptr_t nextValue = 0)
{
std::string str = std::regex_replace(address, (std::regex)"\\s", "") ;
std::smatch result;
std::regex pattern(".*\\[([^\\[\\]]+)\\].*");
std::regex_match(str, result, pattern);
if (result.size() == 0)
{
if (str.size() == 0) {
return nextValue;
}
std::vector<SplitListItem> r = splitString(str, (std::regex)"[+-]");
uintptr_t a = hexStr2Hex(r[0].value);
if (a == 0 && r[0].value != "0")
{
// 符号
a = getModuleBaseAddress(
pid,
std::wstring(r[0].value.begin(), r[0].value.end()).c_str()
);
}
uintptr_t b = hexStr2Hex(r[1].value);
if (r[1].key == "+") a += b;
if (r[1].key == "-") a -= b;
return a;
}
std::vector<SplitListItem> r = splitString(result[1], (std::regex)"[+-]");
uintptr_t data = 0;
for (size_t i = 0; i < r.size(); i++)
{
uintptr_t v = hexStr2Hex(r[i].value);
if (v == 0 && r[i].value != "0")
{
// 符号
data += getModuleBaseAddress(
pid,
std::wstring(r[i].value.begin(), r[i].value.end()).c_str()
);
}
else
{
if (r[i].key == "+") data += v;
if (r[i].key == "-") data -= v;
ReadProcessMemory(hProcess, (LPCVOID)data, &data, 4, 0);
}
}
std::stringstream hexData;
hexData << std::hex << data;
std::string newOrigenString = replaceString(str, result[1], hexData.str());
return getOffsetsAddress(newOrigenString, data);
}
uintptr_t readIntger(std::string address)
{
uintptr_t r = getOffsetsAddress(address);
if (r == 0) return 0;
ReadProcessMemory(hProcess, (LPCVOID)r, &r, 4, 0);
return r;
}
uintptr_t writeIntger(std::string address, uintptr_t newInt)
{
uintptr_t r = getOffsetsAddress(address);
if (r == 0) return 0;
WriteProcessMemory(hProcess, (LPVOID)r, (LPCVOID)&newInt, 4, 0);
return r;
}
int main()
{
// 地址: [game.exe+009E820C]+338
std::string mainname = "game.exe";
pid = getPID(std::wstring(mainname.begin(), mainname.end()).c_str());
hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid);
if (hProcess == NULL) return 0;
std::cout << readIntger("game.exe+009E820C") << std::endl;
std::cout << readIntger("[game.exe + 009E820C] + 338") << std::endl;
writeIntger("[game.exe+ 009E820C] + 338", 20);
CloseHandle(hProcess);
return 0;
}
c++ readIntger writeIntger的更多相关文章
随机推荐
- copy,集合
一.基础数据类型补充: 1种方法:删除列表里面的元素时,一定不能循环列表,会出错.可以循环索引,然后循环删除开头或结尾这个位置的元素(原开头结尾的元素被删除之后,会有新的元素顶上来). 2种方法:把要 ...
- tarjan复习笔记 双连通分量,强连通分量
声明:图自行参考割点和桥QVQ 双连通分量 如果一个无向连通图\(G=(V,E)\)中不存在割点(相对于这个图),则称它为点双连通图 如果一个无向连通图\(G=(V,E)\)中不存在割边(相对于这个图 ...
- Calendar 日期判断 等于 。小于。大于
public static void main(String[] args) throws Exception { String startTime = "2012-12-12 12:45: ...
- MariaDB数据库 ----数据库简介,用户管理,数据库创建,数据类型、数据增删改(实例演示)
数据库简介 数据库--即电子文件柜,用户可以对文件中的数据进行增,删,改,查等操作. 数据库分类 关系型数据库 关系型数据库管理系统(Relational Database Management Sy ...
- 用到的API整理
时间 淘宝 http://api.m.taobao.com/rest/api3.do?api=mtop.common.getTimestamp 获取时间戳,调用效果 { "api" ...
- Codeforces Round #655 (Div. 2) C. Omkar and Baseball
题目链接:https://codeforces.com/contest/1372/problem/C 题意 给出一个大小为 $n$ 的排列,每次操作可以选取一个连续子数组任意排列其中的元素,要求每个元 ...
- Codeforces Round #649 (Div. 2) B. Most socially-distanced subsequence
题目链接:https://codeforces.com/contest/1364/problem/B 题意 给出大小为 $n$ 的一个排列 $p$,找出子序列 $s$,使得 $|s_1-s_2|+|s ...
- 【noi 2.2_1751】分解因数(递归)
题意:问一个给定正整数的分解因数的方式数.N=a1*a2*...*ak(a1<=a2<=...<=ak). 解法:一步步分解该数,总方式数为一个个因数被分解的方案数之和. 可用大括号 ...
- hdu 6832 A Very Easy Graph Problem 构造树+dfs
题意: 给你一个n个点m条边的图,对于第i条边,它的长度是2i,对于每一个顶点,它不是0类型,就是1类型.你需要找出来对于所有的"两个不同类型的点之间最短距离"的和 题解(参考:h ...
- python实现通过指定浏览器免费观看vip视频
程序是先通过一个解析视频的网站,然后我们提取其接口,然后实现观看vip视频的目的 所以说免费观看视频python程序很容易,但是下载视频就有些许麻烦了,下载视频请见我另一篇博客:python+fidd ...