读写另一EXE的内存

procedure TfrmMain.tmrChangeServerNameTimer(Sender: TObject);
function GetProcessID(FileName: string = ''): TProcessEntry32;
var
  Ret: BOOL;
  s: string;
  FSnapshotHandle: THandle;
  FProcessEntry32: TProcessEntry32;
begin
  FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
  FProcessEntry32.dwSize := Sizeof(FProcessEntry32);
  Ret := Process32First(FSnapshotHandle, FProcessEntry32);
  while Ret do
  begin
    s := ExtractFileName(FProcessEntry32.szExeFile);
    if (AnsiCompareText(Trim(s),Trim(FileName))=0) and (FileName <> '') then begin
      result := FProcessEntry32;
      break;
    end;
    Ret := Process32Next(FSnapshotHandle, FProcessEntry32);
  end;
  CloseHandle(FSnapshotHandle);
end;
var
  FProcessEntry32: TProcessEntry32;
  ProcessID: integer;
  ProcessHandle: THandle;
  lpBuffer: PChar;
  nSize: DWORD;
  lpNumberOfBytes: DWORD;
  mbi_thunk:TMemoryBasicInformation;
  dwOldProtect:dword;
const
  LeftAddress = $02370C68;
  RightAddress1 = $02370C74;
  RightAddress2 = $02370C84;
//  ServerName = '京信三国';
begin
  FProcessEntry32 := GetProcessID('aLogin.exe');
  if FProcessEntry32.th32ProcessID =0 then exit;
  ProcessID := FProcessEntry32.th32ProcessID;
  ProcessHandle := OpenProcess(PROCESS_ALL_ACCESS, false, ProcessID);
  //---------------写left
  lpBuffer := PChar(GB2Big5('01.' + ServerName));
  nSize:= 12;                               //N是数据长度
  //写LeftAddress数据
  VirtualQueryEx(ProcessHandle,Pointer(LeftAddress),mbi_thunk, sizeof(TMemoryBasicInformation));
  VirtualProtectEx(ProcessHandle,Pointer(LeftAddress),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect);
  WriteProcessMemory(ProcessHandle, Pointer(LeftAddress), lpBuffer, nSize, lpNumberOfBytes);
  VirtualProtectEx(ProcessHandle,Pointer(LeftAddress), nSize, mbi_thunk.Protect,dwOldProtect);
  //---------------写right
  lpBuffer := PChar(GB2Big5(ServerName));   //要写的内容
  nSize:= 8;                                //数据长度
  //写RightAddress1数据
  VirtualQueryEx(ProcessHandle,Pointer(RightAddress1),mbi_thunk, sizeof(TMemoryBasicInformation));
  VirtualProtectEx(ProcessHandle,Pointer(RightAddress1),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect);
  WriteProcessMemory(ProcessHandle, Pointer(RightAddress1), lpBuffer, nSize, lpNumberOfBytes);
  VirtualProtectEx(ProcessHandle,Pointer(RightAddress1), nSize, mbi_thunk.Protect,dwOldProtect);
  //写RightAddress2数据
  VirtualQueryEx(ProcessHandle,Pointer(RightAddress2),mbi_thunk, sizeof(TMemoryBasicInformation));
  VirtualProtectEx(ProcessHandle,Pointer(RightAddress2),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect);
  WriteProcessMemory(ProcessHandle, Pointer(RightAddress2), lpBuffer, nSize, lpNumberOfBytes);
  VirtualProtectEx(ProcessHandle,Pointer(RightAddress2), nSize, mbi_thunk.Protect,dwOldProtect);
  //读内容,确定是否修改成功
  lpBuffer := AllocMem(nSize);
  ReadProcessMemory(ProcessHandle, Pointer(RightAddress2), lpBuffer, nSize, lpNumberOfBytes);
  if ServerName = Big52GB(lpBuffer) then begin
    Caption := '内存内容为:' + Big52GB(lpBuffer);
    tmrChangeServerName.Enabled := False;
  end;
  CloseHandle(ProcessHandle);  
//   Memo1.Lines.Add(Big52GB(lpBuffer));
  //MEMO显示信息  
//  Memo1.Lines.Clear;
//  memo1.lines.add('Process ID ' + IntToHex(FProcessEntry32.th32ProcessID, 8));
//  memo1.lines.Add('File name ' + FProcessEntry32.szExeFile);
//  memo1.Lines.Add('Process Handle ' + intTohex(ProcessHandle, 8));
//  Memo1.Lines.Add('虚拟内存中的数据:');
end;

 

posted @ 2013-10-29 21:12  无悔的勇气  阅读(404)  评论(0编辑  收藏  举报