Fatal编程技术网
  • java/
  • 使用内核32 VirtualQueryEx的Java JNA返回零(无成功错误代码)

使用内核32 VirtualQueryEx的Java JNA返回零(无成功错误代码)

java

使用内核32 VirtualQueryEx的Java JNA返回零(无成功错误代码),java,jna,windows-api-code-pack,Java,Jna,Windows Api Code Pack,我正在尝试从kernal32.dll windows API函数中使用VirtualQueryEx 在调用此函数之前,我得到的所有指针/地址都是正确的 对VirtualQueryEx的调用返回0,这意味着没有成功 另外,GetLastError()返回错误代码5,这意味着访问被拒绝): 请问我做错了什么 Windows 8,管理员权限 JNA映射: public class Test { static Kernel32 kernel32 = (Kernel32) Native.l

我正在尝试从kernal32.dll windows API函数中使用VirtualQueryEx

在调用此函数之前,我得到的所有指针/地址都是正确的

对VirtualQueryEx的调用返回0,这意味着没有成功

另外,GetLastError()返回错误代码5,这意味着访问被拒绝):

请问我做错了什么

  • Windows 8,管理员权限
JNA映射:

public class Test
{
    static Kernel32   kernel32 = (Kernel32) Native.loadLibrary("kernel32", Kernel32.class);
    static User32     user32 = (User32)   Native.loadLibrary("user32"  , User32.class);

    public static  void main(String[] args)
    {
        int pid = getProcessId("someWindowName"); // get our process ID

        Pointer readprocess = kernel32.OpenProcess(0x0010, false,pid); // open the process ID with read priviledges.

        MEMORY_BASIC_INFORMATION l = new MEMORY_BASIC_INFORMATION();

        SYSTEM_INFO info =  new SYSTEM_INFO();

        kernel32.GetSystemInfo(info);          

        System.out.println(kernel32.VirtualQueryEx(readprocess, info.lpMinimumApplicationAddress, l, l.size()));
        System.out.println(kernel32.GetLastError());

    }

    public static int getProcessId(String window)
    {
        IntByReference pid = new IntByReference(0);
        user32.GetWindowThreadProcessId(user32.FindWindowA(null,window), pid);

        return pid.getValue();
    }

    public static Pointer openProcess(int permissions, int pid)
    {
        Pointer process = kernel32.OpenProcess(permissions,true, pid);
        return process;
    }

    public static Memory readMemory(Pointer process, int address, int bytesToRead)
    {
        IntByReference read = new IntByReference(0);
        Memory output = new Memory(bytesToRead);

        kernel32.ReadProcessMemory(process, address, output, bytesToRead, read);
        return output;
    }
}
内核内部32

    int VirtualQueryEx(Pointer readprocess, Pointer lpMinimumApplicationAddress,MEMORY_BASIC_INFORMATION lpBuffer, int dwLength);
内存基本结构:

public  class MEMORY_BASIC_INFORMATION extends Structure {


    public Pointer baseAddress;

    public Pointer allocationBase;

    public NativeLong allocationProtect;

    public SIZE_T regionSize;

    public NativeLong state;

    public NativeLong protect;

    public NativeLong type;

}
谢谢

从中,必须获取值为0x0400的进程句柄。您正在使用0x0010打开进程,因此出现“拒绝访问”错误

句柄必须已打开,并带有进程\u查询\u信息 访问权限,允许使用句柄从中读取信息 进程对象