c_cpp Windows C ++代码扫描另一个进程
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了c_cpp Windows C ++代码扫描另一个进程相关的知识,希望对你有一定的参考价值。
#include <windows.h>
#include <iostream>
#include <iomanip>
#include <vector>
#include <cstdint>
#pragma comment( lib, "user32.lib" )
constexpr unsigned CHUNK = 1048576;
constexpr unsigned MAXSIZE = 0x7fffffff;
DWORD pid;
int main()
{
std::vector<uint8_t> buffer(CHUNK);
HWND hWnd = FindWindowA(0, "x.cpp (C:\\tmp) - GVIM");
GetWindowThreadProcessId(hWnd, &pid);
HANDLE pHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid);
for( unsigned i = 0; i < MAXSIZE; i += CHUNK )
{
size_t actual = 0;
ReadProcessMemory(pHandle, (LPVOID)i,
buffer.data(), buffer.size(), &actual );
if( actual )
{
std::cout << " Read " << std::dec << actual << " bytes at 0x"
<< std::hex << i << "\n";
for( unsigned j = 0; j < actual-4; j++ )
{
if( (*(uint32_t*)&buffer[j] & 0xffffff) == 'ppc' )
{
std::cout << "Found at 0x" << std::hex << (i+j) << "\n";
}
}
}
}
}
以上是关于c_cpp Windows C ++代码扫描另一个进程的主要内容,如果未能解决你的问题,请参考以下文章