C# 写入内存
还有一些方便的库:
-
Memory.dll
https://newagesoldier.com/memory.dll/
https://github.com/erfg12/memory.dll -
EasyHook
https://easyhook.github.io/
https://github.com/EasyHook/EasyHook -
Vanara.PInvoke
https://github.com/dahall/Vanara -
通过 kernel32.dll 写入或读取其他进程内存
public class Helper { /// <summary> /// 从指定进程中读取内存数据 /// </summary> [DllImport("kernel32.dll", EntryPoint = "ReadProcessMemory")] public static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, IntPtr lpBuffer, int nSize, IntPtr lpNumberOfBytesRead); /// <summary> /// 打开一个已存在的进程对象,并返回进程的句柄 /// </summary> [DllImport("kernel32.dll", EntryPoint = "OpenProcess")] public static extern IntPtr OpenProcess(int dwDesiredAccess, bool bInheritHandle, int dwProcessId); /// <summary> /// 关闭一个内核对象。其中包括文件、文件映射、进程、线程、安全和同步对象等 /// </summary> [DllImport("kernel32.dll")] private static extern void CloseHandle(IntPtr hObject); /// <summary> /// 将数据写入指定进程的内存中 /// </summary> [DllImport("kernel32.dll", EntryPoint = "WriteProcessMemory")] public static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, int[] lpBuffer, int nSize, IntPtr lpNumberOfBytesWritten); /// <summary> /// 读取指定进程指定内存地址的值 /// </summary> /// <param name="baseAddress">内存地址</param> /// <param name="processName">进程名称</param> /// <returns>读取到的内存值</returns> public static int ReadMemoryValue(int baseAddress, string processName) { try { byte[] buffer = new byte[4]; IntPtr byteAddress = Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0); //获取缓冲区地址 IntPtr hProcess = OpenProcess(0x1f0fff, false, GetPidByProcessName(processName)); ReadProcessMemory(hProcess, (IntPtr)baseAddress, byteAddress, 4, IntPtr.Zero); //将制定内存中的值读入缓冲 CloseHandle(hProcess); return Marshal.ReadInt32(byteAddress); } catch { return 0; } } /// <summary> /// 写入数据到指定进程的内存地址 /// </summary> /// <param name="baseAddress">内存地址</param> /// <param name="processName">进程名称</param> /// <param name="value">要写入的值</param> public static void WriteMemory(int baseAddress, string processName, int value) { var hProcess = OpenProcess(0x1f0fff, false, GetPidByProcessName(processName)); WriteProcessMemory(hProcess, (IntPtr)baseAddress, new int[] { value }, 4, IntPtr.Zero); CloseHandle(hProcess); } /// <summary> /// 通过进程ID结束进程 /// </summary> /// <param name="pid">进程ID</param> public static void KillProcessByPid(int pid) { var process = Process.GetProcessById(pid); process?.Kill(); } /// <summary> /// 通过窗口标题结束进程 /// </summary> /// <param name="winTitle">窗口标题</param> public static void KillProcessByWinTitle(string winTitle) { var processes = Process.GetProcesses(); var process = processes.FirstOrDefault(z => z.MainWindowTitle.Contains(winTitle)); process?.Kill(); } /// <summary> /// 通过进程名称结束进程 /// </summary> /// <param name="processName">进程名称</param> public static void KillProcessByProcessName(string processName) { var processes = Process.GetProcessesByName(processName); processes.FirstOrDefault()?.Kill(); } /// <summary> /// 通过窗口标题获取进程ID /// </summary> /// <param name="winTitle">窗口标题</param> /// <returns>进程ID</returns> public static int GetPidByWinTitle(string winTitle) { var processes = Process.GetProcesses(); return processes.FirstOrDefault(z => z.MainWindowTitle.Contains(winTitle))?.Id ?? 0; } /// <summary> /// 通过进程名称获取进程ID /// </summary> /// <param name="processName">进程名称</param> /// <returns>进程ID</returns> public static int GetPidByProcessName(string processName) { var processes = Process.GetProcessesByName(processName); return processes.FirstOrDefault()?.Id ?? 0; } }
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步