Fatal编程技术网
  • cplusplus/
  • 使用ReadProcessMemory获取字符串值的访问冲突 我对逆向工程很陌生,对C++也很陌生。我试图使用Win32 API中的ReadProcessMemory()在游戏中收集玩家的角色名,但每当我尝试读取时,它都会引发异常: if (procId != NULL) { hprocess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, procId); ModuleBase = getModuleBaseAddr(procId, "ac_client.exe"); localPlayerptr = ModuleBase + 0x10f4f4; healthaddr = findDMAaddy(hprocess, localPlayerptr, { 0xf8 }); //load to entitylist Array ReadProcessMemory(hprocess, (BYTE*)localPlayerptr, &Entitylist[0], sizeof(Entitylist[0]), 0); for (int i = 1; i < 10; ++i) { ReadProcessMemory(hprocess, (BYTE*)ModuleBase + 0x10f4f8, &Entitylist[i], sizeof(Entitylist[i]), 0); ReadProcessMemory(hprocess,(BYTE*) Entitylist[i]+(i*4), &Entitylist[i], sizeof(Entitylist[i]), 0); std::cout << std::hex << Entitylist[i] << std::endl; uintptr_t nameaddres; std::string name; nameaddres = Entitylist[i] + 0x225; //ReadProcessMemory(hprocess, (BYTE*)nameaddres, &name, sizeof(name), 0); /*--> ** This is where I have a problem. ***/ std::cout << name << std::endl; } if(procId!=NULL){ hprocess=OpenProcess(PROCESS\u ALL\u ACCESS,FALSE,procId); ModuleBase=getModuleBaseAddr(procId,“ac_client.exe”); localPlayerptr=ModuleBase+0x10f4f4; healthaddr=findDMAaddy(hprocess,localPlayerptr,{0xf8}); //加载到entitylist数组 ReadProcessMemory(hprocess,(BYTE*)localPlayerptr,&Entitylist[0],sizeof(Entitylist[0]),0); 对于(int i=1;i

使用ReadProcessMemory获取字符串值的访问冲突 我对逆向工程很陌生,对C++也很陌生。我试图使用Win32 API中的ReadProcessMemory()在游戏中收集玩家的角色名,但每当我尝试读取时,它都会引发异常: if (procId != NULL) { hprocess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, procId); ModuleBase = getModuleBaseAddr(procId, "ac_client.exe"); localPlayerptr = ModuleBase + 0x10f4f4; healthaddr = findDMAaddy(hprocess, localPlayerptr, { 0xf8 }); //load to entitylist Array ReadProcessMemory(hprocess, (BYTE*)localPlayerptr, &Entitylist[0], sizeof(Entitylist[0]), 0); for (int i = 1; i < 10; ++i) { ReadProcessMemory(hprocess, (BYTE*)ModuleBase + 0x10f4f8, &Entitylist[i], sizeof(Entitylist[i]), 0); ReadProcessMemory(hprocess,(BYTE*) Entitylist[i]+(i*4), &Entitylist[i], sizeof(Entitylist[i]), 0); std::cout << std::hex << Entitylist[i] << std::endl; uintptr_t nameaddres; std::string name; nameaddres = Entitylist[i] + 0x225; //ReadProcessMemory(hprocess, (BYTE*)nameaddres, &name, sizeof(name), 0); /*--> ** This is where I have a problem. ***/ std::cout << name << std::endl; } if(procId!=NULL){ hprocess=OpenProcess(PROCESS\u ALL\u ACCESS,FALSE,procId); ModuleBase=getModuleBaseAddr(procId,“ac_client.exe”); localPlayerptr=ModuleBase+0x10f4f4; healthaddr=findDMAaddy(hprocess,localPlayerptr,{0xf8}); //加载到entitylist数组 ReadProcessMemory(hprocess,(BYTE*)localPlayerptr,&Entitylist[0],sizeof(Entitylist[0]),0); 对于(int i=1;i

c++ winapi

使用ReadProcessMemory获取字符串值的访问冲突 我对逆向工程很陌生,对C++也很陌生。我试图使用Win32 API中的ReadProcessMemory()在游戏中收集玩家的角色名,但每当我尝试读取时,它都会引发异常: if (procId != NULL) { hprocess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, procId); ModuleBase = getModuleBaseAddr(procId, "ac_client.exe"); localPlayerptr = ModuleBase + 0x10f4f4; healthaddr = findDMAaddy(hprocess, localPlayerptr, { 0xf8 }); //load to entitylist Array ReadProcessMemory(hprocess, (BYTE*)localPlayerptr, &Entitylist[0], sizeof(Entitylist[0]), 0); for (int i = 1; i < 10; ++i) { ReadProcessMemory(hprocess, (BYTE*)ModuleBase + 0x10f4f8, &Entitylist[i], sizeof(Entitylist[i]), 0); ReadProcessMemory(hprocess,(BYTE*) Entitylist[i]+(i*4), &Entitylist[i], sizeof(Entitylist[i]), 0); std::cout << std::hex << Entitylist[i] << std::endl; uintptr_t nameaddres; std::string name; nameaddres = Entitylist[i] + 0x225; //ReadProcessMemory(hprocess, (BYTE*)nameaddres, &name, sizeof(name), 0); /*--> ** This is where I have a problem. ***/ std::cout << name << std::endl; } if(procId!=NULL){ hprocess=OpenProcess(PROCESS\u ALL\u ACCESS,FALSE,procId); ModuleBase=getModuleBaseAddr(procId,“ac_client.exe”); localPlayerptr=ModuleBase+0x10f4f4; healthaddr=findDMAaddy(hprocess,localPlayerptr,{0xf8}); //加载到entitylist数组 ReadProcessMemory(hprocess,(BYTE*)localPlayerptr,&Entitylist[0],sizeof(Entitylist[0]),0); 对于(int i=1;i,c++,winapi,reverse-engineering,C++,Winapi,Reverse Engineering,首先,需要确定要读取的字符串是宽字节(wchar)还是多字节(char)版本,然后可以使用std::string/char*或std::wstring/wchar\t* 其次,不要使用sizeof(std::string),您需要确定要读取的字符串的长度。 对于宽字节: &(std::string)name不是可写地址,正如评论所指出的,您可以使用wchat\t数组: wchat_t name[100]; BOOL ret = ReadProcessMemory(hprocess, (BYTE*

首先,需要确定要读取的字符串是宽字节(wchar)还是多字节(char)版本,然后可以使用
std::string/char*
std::wstring/wchar\t*

其次,不要使用sizeof(std::string),您需要确定要读取的字符串的长度。 对于宽字节:

&(std::string)name
不是可写地址,正如评论所指出的,您可以使用wchat\t数组:

wchat_t name[100];
BOOL ret = ReadProcessMemory(hprocess, (BYTE*)nameaddres, name, sizeof(name), 0);
或者您可以使用
&name[0]
(来自@Remy):

std::wstring名称;
名称.储备(100);
BOOL-ret=ReadProcessMemory(hprocess,(BYTE*)nameaddres,&name[0],100*sizeof(wchar\u t),0);

std::wcout您无法将内存读入
std::string
并期望它工作。您需要一个普通缓冲区(例如
wchar\u buf[100]
)。除了完全没有错误处理之外,您没有为
ReadProcessMemory()的
std::string
字符数据分配内存
读取。不能直接读取
std::string
,这将覆盖其内部数据成员。需要读取
std::string
的字符缓冲区,其地址由
std::string::data()返回
方法。但首先,您需要确定从另一个进程中读取多少字节,不能使用
sizeof(std::string)
为此。在读取字符串之前,此代码不会尝试确定目标字符串的长度。仅在一旁,您应该只指定调用
OpenProcess
时实际需要的访问权限。这将增加调用成功的机会。在这种情况下,
PROCESS\u VM\u READ
应该足够了。wcha我有一个工作,但我知道如何转换它们,因为它们从每个实体收集相同的结果,是的,我使用process all access for the one use
std::wcout”此外,
std::string::data()
现在也是
const char*
类型,因此不建议使用它来恢复字符串”-在C++17中添加了一个非常量版本的
data()
。在C++11..14中,您可以使用
&name[0]
(通常,这在早期版本中也适用)。谢谢,我已经修改了答案。您不是
resize()
“在读取字符数据之前,使用
std::wstring
为字符数据分配内存在第二个示例中,为什么要保留100个16位元素,然后只读取50个元素?

std::wstring name;
name.reserve(100);
BOOL ret = ReadProcessMemory(hprocess, (BYTE*)nameaddres, &name[0], 100*sizeof(wchar_t), 0);
std::wcout << name << std::endl;