读写另一EXE的内存
procedure TfrmMain.tmrChangeServerNameTimer(Sender: TObject); function GetProcessID(FileName: string = ''): TProcessEntry32; var Ret: BOOL; s: string; FSnapshotHandle: THandle; FProcessEntry32: TProcessEntry32; begin FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); FProcessEntry32.dwSize := Sizeof(FProcessEntry32); Ret := Process32First(FSnapshotHandle, FProcessEntry32); while Ret do begin s := ExtractFileName(FProcessEntry32.szExeFile); if (AnsiCompareText(Trim(s),Trim(FileName))=0) and (FileName <> '') then begin result := FProcessEntry32; break; end; Ret := Process32Next(FSnapshotHandle, FProcessEntry32); end; CloseHandle(FSnapshotHandle); end; var FProcessEntry32: TProcessEntry32; ProcessID: integer; ProcessHandle: THandle; lpBuffer: PChar; nSize: DWORD; lpNumberOfBytes: DWORD; mbi_thunk:TMemoryBasicInformation; dwOldProtect:dword; const LeftAddress = $02370C68; RightAddress1 = $02370C74; RightAddress2 = $02370C84; // ServerName = '京信三国'; begin FProcessEntry32 := GetProcessID('aLogin.exe'); if FProcessEntry32.th32ProcessID =0 then exit; ProcessID := FProcessEntry32.th32ProcessID; ProcessHandle := OpenProcess(PROCESS_ALL_ACCESS, false, ProcessID); //---------------写left lpBuffer := PChar(GB2Big5('01.' + ServerName)); nSize:= 12; //N是数据长度 //写LeftAddress数据 VirtualQueryEx(ProcessHandle,Pointer(LeftAddress),mbi_thunk, sizeof(TMemoryBasicInformation)); VirtualProtectEx(ProcessHandle,Pointer(LeftAddress),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect); WriteProcessMemory(ProcessHandle, Pointer(LeftAddress), lpBuffer, nSize, lpNumberOfBytes); VirtualProtectEx(ProcessHandle,Pointer(LeftAddress), nSize, mbi_thunk.Protect,dwOldProtect); //---------------写right lpBuffer := PChar(GB2Big5(ServerName)); //要写的内容 nSize:= 8; //数据长度 //写RightAddress1数据 VirtualQueryEx(ProcessHandle,Pointer(RightAddress1),mbi_thunk, sizeof(TMemoryBasicInformation)); VirtualProtectEx(ProcessHandle,Pointer(RightAddress1),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect); WriteProcessMemory(ProcessHandle, Pointer(RightAddress1), lpBuffer, nSize, lpNumberOfBytes); VirtualProtectEx(ProcessHandle,Pointer(RightAddress1), nSize, mbi_thunk.Protect,dwOldProtect); //写RightAddress2数据 VirtualQueryEx(ProcessHandle,Pointer(RightAddress2),mbi_thunk, sizeof(TMemoryBasicInformation)); VirtualProtectEx(ProcessHandle,Pointer(RightAddress2),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect); WriteProcessMemory(ProcessHandle, Pointer(RightAddress2), lpBuffer, nSize, lpNumberOfBytes); VirtualProtectEx(ProcessHandle,Pointer(RightAddress2), nSize, mbi_thunk.Protect,dwOldProtect); //读内容,确定是否修改成功 lpBuffer := AllocMem(nSize); ReadProcessMemory(ProcessHandle, Pointer(RightAddress2), lpBuffer, nSize, lpNumberOfBytes); if ServerName = Big52GB(lpBuffer) then begin Caption := '内存内容为:' + Big52GB(lpBuffer); tmrChangeServerName.Enabled := False; end; CloseHandle(ProcessHandle); // Memo1.Lines.Add(Big52GB(lpBuffer)); //MEMO显示信息 // Memo1.Lines.Clear; // memo1.lines.add('Process ID ' + IntToHex(FProcessEntry32.th32ProcessID, 8)); // memo1.lines.Add('File name ' + FProcessEntry32.szExeFile); // memo1.Lines.Add('Process Handle ' + intTohex(ProcessHandle, 8)); // Memo1.Lines.Add('虚拟内存中的数据:'); end;