A log about Reading the memroy of Other Process in C++/WIN API--ReadProcessMemory()

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了A log about Reading the memroy of Other Process in C++/WIN API--ReadProcessMemory()相关的知识,希望对你有一定的参考价值。

  Memory, is a complex module in Programing, especially on Windows.

  This time, I use cpp with win windows api{

    VirtualQueryEx();         //Get the available memory page(block)

    ReadProcessMemory();  //Read the specific memory

    LookupPrivilegeValue(); //Get the avalible Privileges in windows

    AdjustTokenPrivileges();//Enable or disable privilege for specific process

  }

  

  Now, we skip the step of getting privilege, and directly talking about the detail of reading memories.

  At first, we should understand that we cannot directly read memory at once by giving a big number of memory required.

  Normally, we should make a loop to record the detail of every pages(blocks) of memory [VirtualQueryEx()] and Read them [ReadProcessMemory()].

  

 1 while (true)
 2 {
 3     if (VirtualQueryEx(hProcess, (LPVOID)cur_addr, &meminf, dwInfoSize) == 0)
 4         break;
 5     if (!(meminf.State == MEM_COMMIT || meminf.State == MEM_IMAGE || meminf.State == MEM_MAPPED))
 6     {
 7         cur_addr = (DWORD)meminf.BaseAddress + meminf.RegionSize;
 8         continue;
 9     }
10     if ((dbg = ReadProcessMemory(hProcess, (LPCVOID)meminf.BaseAddress, memget, meminf.RegionSize, &ReadSize)) == false)
11         cout << "Failed to read memory at address:" << meminf.BaseAddress << endl;
12     else
13         memget += meminf.RegionSize;
14     cur_addr = (DWORD)meminf.BaseAddress + eminf.RegionSize;
15 }

 

以上是关于A log about Reading the memroy of Other Process in C++/WIN API--ReadProcessMemory()的主要内容,如果未能解决你的问题,请参考以下文章

Something about the microsoft HttpContext domain design

What Didi’s Blackout Exposed About the Ride-Hailing Industry

The road to learning English-Reading

2Learn about images & containers

redis报错 Bad file format reading the append only file: make a backup of your AOF file, then use ./

Bad file format reading the append only file: make a backup of your AOF file, then use ./redis-check