C/C++ 内存读写Lib库简单封装
这是我在上学初中的时候封装的一个简单的偏移读写lib库,看起来很简单,当时很菜。
/*************************************************************
// 声明头文件
#ifndef LyShark__h
#define LyShark__h
#pragma comment(lib,"LyShark.lib");
extern "C"__declspec(dllexport) int GetProcessID(char *Name);
extern "C"__declspec(dllexport) int GetIntMemory_One(int Pid,long Base,int One);
extern "C"__declspec(dllexport) int GetIntMemory_Two(int Pid,long Base,int One,int Two);
extern "C"__declspec(dllexport) int GetIntMemory_Three(int Pid,long Base,int One,int Two,int Three);
extern "C"__declspec(dllexport) int GetIntMemory_Four(int Pid,long Base,int One,int Two,int Three,int Four);
extern "C"__declspec(dllexport) int GetIntMemory_Five(int Pid,long Base,int One,int Two,int Three,int Four,int Five);
extern "C"__declspec(dllexport) int GetIntMemory_Six(int Pid,long Base,int One,int Two,int Three,int Four,int Five,int Six);
extern "C"__declspec(dllexport) int SetIntMemory_One(int Pid,long Base,int One,int WriteValue);
extern "C"__declspec(dllexport) int SetIntMemory_Two(int Pid,long Base,int One,int Two,int WriteValue);
extern "C"__declspec(dllexport) int SetIntMemory_Three(int Pid,long Base,int One,int Two,int Three,int WriteValue);
extern "C"__declspec(dllexport) int SetIntMemory_Four(int Pid,long Base,int One,int Two,int Three,int Four,int WriteValue);
extern "C"__declspec(dllexport) int SetIntMemory_Five(int Pid,long Base,int One,int Two,int Three,int Four,int Five,int WriteValue);
extern "C"__declspec(dllexport) int SetIntMemory_Six(int Pid,long Base,int One,int Two,int Three,int Four,int Five,int Six,int WriteValue);
#endif LyShark__h
*/
//*************************************************************
#include <windows.h>
bool APIENTRY DllMain(HANDLE handle,DWORD dword,LPVOID lpvoid)
{
return true;
}
//*************************************************************
// 打开进程,取进程PID
extern "C"__declspec(dllexport) int GetProcessID(char *Name)
{
HWND Pid=::FindWindow(NULL,Name);
DWORD Retn;
::GetWindowThreadProcessId(Pid,&Retn);
return Retn;
}
//*************************************************************
// 读取内存偏移整数型
extern "C"__declspec(dllexport) int GetIntMemory_One(int Pid,long Base,int One)
{
DWORD byread;
int Value=0;
HANDLE proce=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
LPCVOID pbase=(LPCVOID)Base;
LPVOID rbuffer=(LPVOID)&Value;
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + One);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
return Value;
}
extern "C"__declspec(dllexport) int GetIntMemory_Two(int Pid,long Base,int One,int Two)
{
DWORD byread;
int Value=0;
HANDLE proce=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
LPCVOID pbase=(LPCVOID)Base;
LPVOID rbuffer=(LPVOID)&Value;
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Two);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + One);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
return Value;
}
extern "C"__declspec(dllexport) int GetIntMemory_Three(int Pid,long Base,int One,int Two,int Three)
{
DWORD byread;
int Value=0;
HANDLE proce=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
LPCVOID pbase=(LPCVOID)Base;
LPVOID rbuffer=(LPVOID)&Value;
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Three);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Two);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + One);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
return Value;
}
extern "C"__declspec(dllexport) int GetIntMemory_Four(int Pid,long Base,int One,int Two,int Three,int Four)
{
DWORD byread;
int Value=0;
HANDLE proce=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
LPCVOID pbase=(LPCVOID)Base;
LPVOID rbuffer=(LPVOID)&Value;
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Four);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Three);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Two);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + One);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
return Value;
}
extern "C"__declspec(dllexport) int GetIntMemory_Five(int Pid,long Base,int One,int Two,int Three,int Four,int Five)
{
DWORD byread;
int Value=0;
HANDLE proce=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
LPCVOID pbase=(LPCVOID)Base;
LPVOID rbuffer=(LPVOID)&Value;
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Five);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Four);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Three);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Two);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + One);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
return Value;
}
extern "C"__declspec(dllexport) int GetIntMemory_Six(int Pid,long Base,int One,int Two,int Three,int Four,int Five,int Six)
{
DWORD byread;
int Value=0;
HANDLE proce=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
LPCVOID pbase=(LPCVOID)Base;
LPVOID rbuffer=(LPVOID)&Value;
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Six);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Five);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Four);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Three);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Two);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + One);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
return Value;
}
//*************************************************************
// 写入内存偏移整数型
extern "C"__declspec(dllexport) int SetIntMemory_One(int Pid,long Base,int One,int WriteValue)
{
DWORD byread;
int Value=0;
HANDLE proce=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
LPCVOID pbase=(LPCVOID)Base;
LPVOID rbuffer=(LPVOID)&Value;
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + One);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
DWORD bywrite;
LPVOID wbuffer = (LPVOID)&WriteValue;
WriteProcessMemory(proce,(LPVOID)pbase,wbuffer,4,&bywrite);
return 1;
}
extern "C"__declspec(dllexport) int SetIntMemory_Two(int Pid,long Base,int One,int Two,int WriteValue)
{
DWORD byread;
int Value=0;
HANDLE proce=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
LPCVOID pbase=(LPCVOID)Base;
LPVOID rbuffer=(LPVOID)&Value;
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Two);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + One);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
DWORD bywrite;
LPVOID wbuffer = (LPVOID)&WriteValue;
WriteProcessMemory(proce,(LPVOID)pbase,wbuffer,4,&bywrite);
return 1;
}
extern "C"__declspec(dllexport) int SetIntMemory_Three(int Pid,long Base,int One,int Two,int Three,int WriteValue)
{
DWORD byread;
int Value=0;
HANDLE proce=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
LPCVOID pbase=(LPCVOID)Base;
LPVOID rbuffer=(LPVOID)&Value;
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Three);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Two);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + One);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
DWORD bywrite;
LPVOID wbuffer = (LPVOID)&WriteValue;
WriteProcessMemory(proce,(LPVOID)pbase,wbuffer,4,&bywrite);
return 1;
}
extern "C"__declspec(dllexport) int SetIntMemory_Four(int Pid,long Base,int One,int Two,int Three,int Four,int WriteValue)
{
DWORD byread;
int Value=0;
HANDLE proce=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
LPCVOID pbase=(LPCVOID)Base;
LPVOID rbuffer=(LPVOID)&Value;
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Four);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Three);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Two);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + One);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
DWORD bywrite;
LPVOID wbuffer = (LPVOID)&WriteValue;
WriteProcessMemory(proce,(LPVOID)pbase,wbuffer,4,&bywrite);
return 1;
}
extern "C"__declspec(dllexport) int SetIntMemory_Five(int Pid,long Base,int One,int Two,int Three,int Four,int Five,int WriteValue)
{
DWORD byread;
int Value=0;
HANDLE proce=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
LPCVOID pbase=(LPCVOID)Base;
LPVOID rbuffer=(LPVOID)&Value;
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Five);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Four);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Three);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Two);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + One);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
DWORD bywrite;
LPVOID wbuffer = (LPVOID)&WriteValue;
WriteProcessMemory(proce,(LPVOID)pbase,wbuffer,4,&bywrite);
return 1;
}
extern "C"__declspec(dllexport) int SetIntMemory_Six(int Pid,long Base,int One,int Two,int Three,int Four,int Five,int Six,int WriteValue)
{
DWORD byread;
int Value=0;
HANDLE proce=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
LPCVOID pbase=(LPCVOID)Base;
LPVOID rbuffer=(LPVOID)&Value;
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Six);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Five);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Four);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Three);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + Two);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
pbase = (LPCVOID)(Value + One);
::ReadProcessMemory(proce,pbase,rbuffer,4,&byread);
DWORD bywrite;
LPVOID wbuffer = (LPVOID)&WriteValue;
WriteProcessMemory(proce,(LPVOID)pbase,wbuffer,4,&bywrite);
return 1;
}
多级读写提取
#include <iostream>
#include <Windows.h>
#include <TlHelp32.h>
#include <tchar.h>
// 根据进程窗体取PID
int GetProcessID(char* Name)
{
HWND Pid = ::FindWindowA(NULL, Name);
DWORD Retn;
::GetWindowThreadProcessId(Pid, &Retn);
return Retn;
}
// 根据进程名取PID
DWORD FindProcessID(LPCTSTR szProcessName)
{
DWORD dwPID = 0xFFFFFFFF;
HANDLE hSnapShot = INVALID_HANDLE_VALUE;
PROCESSENTRY32 pe;
pe.dwSize = sizeof(PROCESSENTRY32);
hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPALL, NULL);
Process32First(hSnapShot, &pe);
do
{
if (!_tcsicmp(szProcessName, (LPCTSTR)pe.szExeFile))
{
dwPID = pe.th32ProcessID;
break;
}
} while (Process32Next(hSnapShot, &pe));
CloseHandle(hSnapShot);
return dwPID;
}
// 读取内存偏移整数型
int GetIntMemory(int Pid, long Base, int One, int Two, int Three, int Four, int Five, int Six)
{
DWORD byread;
int Value = 0;
HANDLE proce = ::OpenProcess(PROCESS_ALL_ACCESS, false, Pid);
LPCVOID pbase = (LPCVOID)Base;
LPVOID rbuffer = (LPVOID)&Value;
ReadProcessMemory(proce, pbase, rbuffer, 4, &byread);
pbase = (LPCVOID)(Value + Six);
ReadProcessMemory(proce, pbase, rbuffer, 4, &byread);
pbase = (LPCVOID)(Value + Five);
ReadProcessMemory(proce, pbase, rbuffer, 4, &byread);
pbase = (LPCVOID)(Value + Four);
ReadProcessMemory(proce, pbase, rbuffer, 4, &byread);
pbase = (LPCVOID)(Value + Three);
ReadProcessMemory(proce, pbase, rbuffer, 4, &byread);
pbase = (LPCVOID)(Value + Two);
ReadProcessMemory(proce, pbase, rbuffer, 4, &byread);
pbase = (LPCVOID)(Value + One);
ReadProcessMemory(proce, pbase, rbuffer, 4, &byread);
return Value;
}
// 写入内存偏移整数型
int SetIntMemory(int Pid, long Base, int One, int Two, int Three, int Four, int Five, int Six, int WriteValue)
{
DWORD byread;
int Value = 0;
HANDLE proce = ::OpenProcess(PROCESS_ALL_ACCESS, false, Pid);
LPCVOID pbase = (LPCVOID)Base;
LPVOID rbuffer = (LPVOID)&Value;
ReadProcessMemory(proce, pbase, rbuffer, 4, &byread);
pbase = (LPCVOID)(Value + Six);
ReadProcessMemory(proce, pbase, rbuffer, 4, &byread);
pbase = (LPCVOID)(Value + Five);
ReadProcessMemory(proce, pbase, rbuffer, 4, &byread);
pbase = (LPCVOID)(Value + Four);
ReadProcessMemory(proce, pbase, rbuffer, 4, &byread);
pbase = (LPCVOID)(Value + Three);
ReadProcessMemory(proce, pbase, rbuffer, 4, &byread);
pbase = (LPCVOID)(Value + Two);
ReadProcessMemory(proce, pbase, rbuffer, 4, &byread);
pbase = (LPCVOID)(Value + One);
ReadProcessMemory(proce, pbase, rbuffer, 4, &byread);
DWORD bywrite;
LPVOID wbuffer = (LPVOID)&WriteValue;
WriteProcessMemory(proce, (LPVOID)pbase, wbuffer, 4, &bywrite);
return 1;
}
int main(int argc, char *argv[])
{
DWORD pid = FindProcessID(TEXT("test.exe"));
std::cout << "进程PID: " << pid << std::endl;
return 0;
}
文章出处:https://www.cnblogs.com/LyShark/p/10775440.html
本博客所有文章除特别声明外,均采用 BY-NC-SA 许可协议。转载请注明出处!
本博客所有文章除特别声明外,均采用 BY-NC-SA 许可协议。转载请注明出处!
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
· 记一次.NET内存居高不下排查解决与启示
· 探究高空视频全景AR技术的实现原理
· 理解Rust引用及其生命周期标识(上)
· DeepSeek 开源周回顾「GitHub 热点速览」
· 物流快递公司核心技术能力-地址解析分单基础技术分享
· .NET 10首个预览版发布:重大改进与新特性概览!
· AI与.NET技术实操系列(二):开始使用ML.NET
· 单线程的Redis速度为什么快?