odczyt wartości ReadProcessMemory()

0

program nie chce odczytać mi zawartości pamięci innego programu:

 

// odczytwartosci.cpp : Defines the entry point for the console application.
//


#include "stdafx.h"
#include "iostream"
#include <fstream>
#include <windows.h>

using namespace std;
///////////////////
BOOL EnablePriv(HANDLE CurrentProcess);
////////////////////
typedef void (CALLBACK *BLOCKSENUMPROC) (
   LPVOID lpBaseAddress,
   SIZE_T nSize,
   DWORD dwProtect,
   DWORD dwType,
   LPVOID pExtra);
BOOL EnumBlocks (HANDLE hProcess, CONST BLOCKSENUMPROC pEnumCallback, LPVOID pExtra);
void CALLBACK BlockEnumProc (LPVOID lpBaseAddress, SIZE_T nSize, DWORD dwProtect, DWORD dwType, LPVOID pExtra);
//////////////////////
UINT dodaj( LPVOID pParam );
UINT sprawdz( LPVOID pParam );
//////////////////////
void ScanMem(DWORD start, DWORD end, LPVOID value,HANDLE hackProcess);
//////////////////////




int _tmain(int argc, _TCHAR* argv[])
{
	
		DWORD *pID = new DWORD();//4bytes
        cout << "plik test1.exe ma byc w tym miejscu:"<<endl;
        cout << "		D:\\test1.exe		!!!"<<endl;
		system("pause");
        //getchar();
        HWND testWindow = FindWindow(_T("ConsoleWindowClass"),_T("D:\\test1.exe"));
        //HWND testWindow = FindWindow(_L("ConsoleWindowClass"),_L("D:\\test1.exe")); //w UNICODE
       
        if(testWindow == NULL)
        {
           cout << "nie znaleziono okna";
           getchar();
           return 0;
        }
        else
        {
           cout << "Znaleziono okno \n";
        }
        GetWindowThreadProcessId(testWindow, pID);
        if(pID == 0)
        {
           cout << "Nie znaleziono id procesu ";
           getchar();
           return 0;
        }
        else
        {
           cout << "Znaleziono id procesu:" << pID << "\n";
        }

       // HANDLE pHandletestu = OpenProcess(PROCESS_ALL_ACCESS, false, *pID);
        HANDLE pHandletestu = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, false, *pID);
        if(pHandletestu == NULL)
        {
           cout << "nie można otworzyć procesu ";
           getchar();
           return 0;
        }
        else
        {
           cout << "Otworzono proces \n";
        }
        delete pID;
        DWORD err = GetLastError();
        cout << "\n" << err << "\n";
		//cout<<"pHandletestu: "<<pHandletestu<<endl;
		system("pause");
		int wynik=0;
		wynik=EnablePriv(pHandletestu);//przed VirtualQueryEx i ReadProcessMemory
		EnumBlocks (pHandletestu, BlockEnumProc, NULL);
        //CloseHandle(pHandletestu);	
		cout<<"wynik: "<<wynik<<endl;
		system("pause");
////////////////////////////////////////////
		// test na konwercje LPVOID //
		int test=1;
		cout<<"test:"<<test<<endl;
		dodaj(&test);
		sprawdz(&test);
		cout<<"test:"<<test<<endl;
		system("pause");
////////////////////////////////////////////
		int r4=0;
		unsigned addr5 = 0x01000000;
		unsigned end_addr5 = 0x6fffffff;
		SIZE_T rozmiar;
		char *buf = new char[512];
		do
	{
		ReadProcessMemory(pHandletestu, (LPVOID)addr5, (LPVOID)buf, sizeof(char), &rozmiar);
		//printf("Ostatnia komenda w konsoli:%s\r", buf);
		addr5=addr5+512;
		r4++;if(r4%1000==0){cout << "r4 "<<r4<<endl;printf("Ostatnia komenda w konsoli:  %s\r", buf); }
		//Sleep(100);
	 }while(addr5 < end_addr5);
		
		system("pause");
/////////////////////////////////////////////

		MEMORY_BASIC_INFORMATION mbi;
		DWORD fromAddress = 0x10000;//0x00000000;  
		DWORD Address = 0x10000;//0x00000000;     
		int start= 0x10000, end=0x7FFFFFFF;
		int liczba=15849317;
		cout<<"liczba: "<<liczba<<endl;
		system("pause");
		VirtualQueryEx(pHandletestu, (PVOID)Address, &mbi, sizeof(mbi));
        do
        {
		    if (mbi.State != MEM_FREE)
                { 
					  
                        DWORD page_attr = PAGE_READWRITE | PAGE_WRITECOPY | PAGE_EXECUTE_READWRITE | PAGE_EXECUTE_WRITECOPY;
                        if (mbi.Protect & page_attr)
                        {
							    start = (unsigned)mbi.BaseAddress; 
								end = (unsigned)mbi.BaseAddress+mbi.RegionSize;
								// do something here ...
							ScanMem(start, end, &liczba,pHandletestu); 
                                printf("start -> 0x%p \n\r", start );
								printf("3end  -> 0x%p \n\r", end );
                                printf("mbi.BaseAddress -> 0x%p \n\r", mbi.BaseAddress);
								//printf("33ADDRESS -> 0x%p \n\r", fromAddress);
								Sleep(100);
								//system("pause");
                        };
                };
                Address += mbi.RegionSize;
				fromAddress += mbi.RegionSize;
        }while(VirtualQueryEx(pHandletestu, (PVOID)Address, &mbi, sizeof(mbi)));
		//} while(fromAddress < toAddress); 

		system("pause");
////////////////////////////////////////////
	#define B_SIZE (1024*1024*4)
    unsigned addr2 = 0x01000000;
    unsigned end_addr2 = 0x7fffffff;
    char *b = (char*)malloc(B_SIZE);
	const char *w = "sprawdzenie_A";
    //const char *w = "Address";
    int wlen = strlen(w);
	int r=0;
    while(addr2 < end_addr2) {
        char *p;
        ReadProcessMemory(pHandletestu, (LPVOID)addr2, b, B_SIZE, 0);
        p = b;
        while(1) {  r++;if(r%1000==0){cout << "r "<<r<<endl;}
            p = (char*)memchr(p, w[0], B_SIZE - (p-b)); // szukanie pierwszego znaku szukanej wartosci
            if(!p)
                break;

            if(B_SIZE - (p-b) < wlen) { // czesc jest w nastepnej porcji
                addr2 += (p-b);
                ReadProcessMemory(pHandletestu, (LPVOID)addr2, b, B_SIZE, 0);
                p = b;
            }
            if(!memcmp(p, w, wlen)) 
			{
               //* znalezione 
				cout <<p;
				cout <<"   r = "<<r<<endl;
				system("pause");
                break;
            }
            p++;
        }
        addr2 += B_SIZE;
    }
	system("pause");
//////////////////////////////
		
        MEMORY_BASIC_INFORMATION mbi2;
		char temp[1000];
		unsigned addr = 0x01000000;
		unsigned end_addr = 0x6fffffff;
	int j=0;
	VirtualQueryEx(pHandletestu, (LPVOID)addr, &mbi2, sizeof(mbi2));
do
{
j++;if(j%10000==0){cout << "j \n"<<j<<endl;}
ReadProcessMemory(pHandletestu, (LPVOID)addr, &temp,1000,0);

    char *a = strstr(temp,"sprawdzenie_A");
    if (a)
    {
        cout << temp;
        cout <<" j = "<<j<<endl;
		system("pause");
    }
    addr++;
	 }while(addr < end_addr); 
		
	
//////////////////////////////
		cout <<endl<<endl<< "			koniec"<<endl;
		Sleep(2000);
		system("pause");
  
//////////////////////////////
	return 0;
}

BOOL EnablePriv(HANDLE CurrentProcess) // by Napalm
	{
		//cout<<"CurrentProcess: "<<CurrentProcess<<endl;
	    HANDLE hToken;
	    LUID luid;
	    TOKEN_PRIVILEGES tkprivs;
	    ZeroMemory(&tkprivs, sizeof(tkprivs));
	     
	    if(!OpenProcessToken(CurrentProcess, (TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY), &hToken))
	        return FALSE;
	     cout << GetLastError() << endl;//outputs 0, no error code set yet
	    if(!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid)){
	        CloseHandle(hToken); return FALSE;
	    }
	    cout << GetLastError() << endl;//outputs 0, no error code set yet
	    tkprivs.PrivilegeCount = 1;
	    tkprivs.Privileges[0].Luid = luid;
	    tkprivs.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
	     
	    BOOL bRet = AdjustTokenPrivileges(hToken, FALSE, &tkprivs, sizeof(tkprivs), NULL, NULL);
	    CloseHandle(hToken);
	    return bRet;


	}
	// Called as: EnablePriv(SE_DEBUG_NAME);
////////////////////////////////////////////////////////////////////////////
BOOL EnumBlocks (HANDLE hProcess, CONST BLOCKSENUMPROC pEnumCallback, LPVOID pExtra)
{
   SYSTEM_INFO SystemInfo;
   MEMORY_BASIC_INFORMATION MemoryBasicInformation;
   GetSystemInfo (&SystemInfo);
   int i=0;
   PSTR lpCurrentAddress = static_cast<PSTR>(SystemInfo.lpMinimumApplicationAddress);

   while (lpCurrentAddress < SystemInfo.lpMaximumApplicationAddress)
   {
      if (!VirtualQueryEx (hProcess, lpCurrentAddress, &MemoryBasicInformation, sizeof (MemoryBasicInformation)))
         return FALSE;

      if (MemoryBasicInformation.State != MEM_FREE)
         pEnumCallback (lpCurrentAddress,
                     MemoryBasicInformation.RegionSize,
                     MemoryBasicInformation.Protect,
                     MemoryBasicInformation.Type,
                     pExtra);

      lpCurrentAddress += MemoryBasicInformation.RegionSize;
	  if(i%50==0)
	  {system("pause");}
	  i++;
   };

   return TRUE;
}
///////////////////////////////////////////////
void CALLBACK BlockEnumProc (LPVOID lpBaseAddress, SIZE_T nSize, DWORD dwProtect, DWORD dwType, LPVOID pExtra)
{

	//Aby EnumBlocks przekazywał tylko obszary przydzielone wystarczy zmienić warunek w pętli na:
	//if (MemoryBasicInformation.State & MEM_COMMIT)
   static char const *psStrProtect [] =
   {
      "PAGE_NOACCESS", "PAGE_READONLY", "PAGE_READWRITE", "PAGE_WRITECOPY", "PAGE_EXECUTE",
      "PAGE_EXECUTE_READ", "PAGE_EXECUTE_READWRITE", "PAGE_EXECUTE_WRITECOPY", "MEM_RESERVE"
   };
   UINT nProtect = 0;

   if (!dwProtect)
      nProtect = sizeof (psStrProtect) / sizeof (PSTR) - 1;
   else
      while (!(dwProtect & (1 << nProtect)))
         ++nProtect;
   
   printf ("Base: %p\tSize: %p\tProtect:   %s\n      Type:\t%s\tModifiers: %s\n",
      lpBaseAddress,
      nSize,
      psStrProtect[nProtect],
       ((dwType & 0x20000) ? "MEM_PRIVATE"
      : (dwType & 0x40000) ? "MEM_MAPPED"
      : (dwType & 0x1000000) ? "MEM_IMAGE"
      : "None"),
       ((dwProtect & 0x100) ? "PAGE_GUARD"
      : (dwProtect & 0x200) ? "PAGE_NOCACHE"
      : (dwProtect & 0x400) ? "PAGE_WRITECOMBINE"
      : "None"));
}
///////////////////////////////////////////////
UINT dodaj( LPVOID pParam )
{
  int *w_i;  // (*((int*)pParam))++;
  //int* my_int = reinterpret_cast<int*>(param);
  w_i=( int*)pParam; // przypisanie i konwersja
  for(int i=1;i<20;i++)
  { 
	Sleep(16);
	*w_i+=1; 
		cout<<"wynik:w_i:"<<*w_i<<endl;
  }   
  return 0; 
}  
///////////////////////////////////////////////
UINT sprawdz( LPVOID pParam )
{
 int *w_i,temp; 
// int* my_int = reinterpret_cast<int*>(param);
 for(int i=1;i<10;i++)
 {	w_i=( int*)pParam;
	temp=*w_i;
	Sleep(20);
	
		cout<<"wynik:w_i:"<<*w_i<<endl;
	if ((*w_i)%2==0) cout<<temp<<" jest parzyste  "<<flush; 
		else  cout<<temp<<" jest nieparzyste  "<<flush;
		cout<<endl;
 }
 return 0; 
}  
///////////////////////////////////////////////
void ScanMem(DWORD start, DWORD end, LPVOID value,HANDLE hackProcess) 
{
	
	DWORD read = 0; 
    //LPBYTE buffer = new BYTE[end-start]; //if((reinterpret_cast<int&>(buffer[i]))==*value_na_int) ?????????
    int *buffer = new int[end-start]; 
    TCHAR foundet[200]; 
    int address=0; 	
    LPCVOID addres = (LPCVOID)0x8DA018;
	int *value_na_int;  // (*((int*)value))++;
    //int* value_na_int = reinterpret_cast<int*>(value);
    value_na_int=( int*)value; // przypisanie i konwersja
	cout<<"liczba w ScanMem-1:--> "<<value_na_int<<endl;
	cout<<"liczba w ScanMem-2:--> "<<*value_na_int<<endl;
	
   if(ReadProcessMemory(hackProcess, (void*)start, buffer, end - start, &read) == NULL) 
		{cout<<"=xxx= NULL value="<<value<<endl;
		Sleep(200);}
    else 
    { 
		
   // for(unsigned i = 0; i  < (end - start - sizeof(value)); ++i) 
	  for(unsigned i = 0; i  < (end - start - sizeof(*value_na_int)); ++i) 
		{
		
		
        //if((reinterpret_cast<int&>(buffer[i]))==*value_na_int) //LPBYTE buffer = new BYTE[end-start];?????????
		if(buffer[i] == *value_na_int)
        //if(*&buffer[i] == *value_na_int)
        { 
            address = start + i; 
            //_stprintf(foundet, TEXT("Address: %.8X Value: %d"), address, *value_na_int); 
			printf("ADDRESS -> 0x%p ,%d\n\r", address,*value_na_int);
			system("pause");
            //SendMessage(GetDlgItem(hwndMainDlg, IDC_LIST2), LB_ADDSTRING, 0, (LPARAM)foundet); 
            //++zaehler; 
        } 
    } 
    } 
    delete[] buffer; 
} 



 


// test1.cpp : Defines the entry point for the console application.
//

#include "stdafx.h"
#include "iostream"

using namespace std;

int _tmain(int argc, _TCHAR* argv[])
{
	int brtyefg=15849317;
	const char *w = "sprawdzenie_A";	
    int wlen = strlen(w);
	
	cout <<w<<endl;
	cout <<brtyefg<<endl;
	system("pause");
	return 0;
}

0

Jedno zdanie i kod źródłowy na jakieś 150 linijek...
Może powiesz coś więcej?

0

program ma odczytać z podprogramu te wartości:
int brtyefg=15849317;
const char *w = "sprawdzenie_A";
odczytanie zrobiłem na kilka sposobów jednak żaden sposób nie odczytuje tych danych jakies 150 linijek nie jest poczebnych do odczytywania danych tylko pokazuje tylko dany obszar jest prywatny czy nie

0

No i dalej nie zadałeś pytania ani nie wskazałeś na konkretny błąd w tym kodzie.

0

błędu nie ma nie chce się wczytywać pamięć według mnie wszystko jest dobrze napisane jednak nie działa

mam już działający program może ktoś podpowie co by jeszcze wypadało dopisać:



#include "stdafx.h"
#include "iostream"
#include <fstream>
#include <windows.h>

using namespace std;


int _tmain(int argc, _TCHAR* argv[])
{
	    //pID mozemy znalesc w cmd za pomoca polecenia --> tasklist
		DWORD *pID = new DWORD();//4bytes
        cout << "plik test1.exe ma byc w tym miejscu:"<<endl;
        cout << "		D:\\test1.exe		!!!"<<endl;
		system("pause");
        //getchar();
        HWND testWindow = FindWindow(_T("ConsoleWindowClass"),_T("C:\\test1.exe"));
        //HWND testWindow = FindWindow(_L("ConsoleWindowClass"),_L("D:\\test1.exe")); //w UNICODE
       
        if(testWindow == NULL)
        {
           cout << "nie znaleziono okna";
           getchar();
           return 0;
        }
        else
        {
           cout << "Znaleziono oknoa \n";
        }
        GetWindowThreadProcessId(testWindow, pID);
        if(pID == 0)
        {
           cout << "Nie znaleziono id procesu ";
           getchar();
           return 0;
        }
        else
        {
           cout << "Znaleziono id procesu:" << pID << "\n";
           cout << "Znaleziono id procesu:" << (unsigned int)pID << "\n";
           cout << "Znaleziono id procesu:" << (unsigned int)GetWindowThreadProcessId << "\n";
           cout << "Znaleziono id procesu:" << GetWindowThreadProcessId << "\n";
        }

        //HANDLE pHandletestu = OpenProcess(PROCESS_ALL_ACCESS, false, *pID);
        //HANDLE pHandletestu = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, false, *pID);
        HANDLE pHandletestu = OpenProcess(PROCESS_VM_READ, false, *pID);
        if(pHandletestu == NULL)
        {
           cout << "nie można otworzyć procesu ";
           getchar();
           return 0;
        }
        else
        {
           cout << "Otworzono proces \n";
        }
        
  system("pause");
  char DumpName[256]="C:\\test1.exe";
  char DumpName2[256]="C:\\test1.exe";
  sprintf(DumpName, "pdump_%u.bin", (unsigned int)pID);
  sprintf(DumpName2, "pdump_%u.bin", (unsigned int)pID+1);

  FILE *f,*f2;

  f = fopen(DumpName, "wb");
  f2 = fopen(DumpName2, "wb");
  if(!f)
  {
    puts("Could not open dump file1!");
    return 4;
  }
  if(!f2)
  {
    puts("Could not open dump file2!");
    return 4;
  }
  delete pID;
  
		system("pause");
/////////////////////////////		

  DWORD i, Accessed = 0, Total = 0;
  SIZE_T DataRead;
  const char *w = "sprawdzenie_A";
  int wlen = strlen(w);
  
  for(i = 0; i < 0x80000000; i+= 0x1000, Total++)
  {
    static unsigned char Data[0x1000];
    if(Total % 256 == 0)
	{ printf("Accessing page %.8x... (Accessed pages / Total Pages: %i / %i)\r", i, Accessed, Total);}

    memset(Data, 0, sizeof(Data));
    DataRead = 0;
    if(ReadProcessMemory(pHandletestu, (PVOID)i, Data, sizeof(Data), &DataRead) != 0 && DataRead > 0)
    {
      fwrite(Data, 1, sizeof(Data), f);
	  unsigned char *p;
	  p=Data;
	  while(1) {
		  p = (unsigned char*)memchr(p, w[0], sizeof(Data) - (p-Data)); // szukanie pierwszego znaku szukanej wartosci
		  if(!p)
		  break;

		   //if(sizeof(Data) - (p-Data) < wlen) { // czesc jest w nastepnej porcji  //prawdopodobienstwo na to 0,025% ??
           //     i += (p-Data);
			//	cout<<" czesc jest w nastepnej porcji  "<<i<<endl;
			//	system("pause");
            //    ReadProcessMemory(pHandletestu, (PVOID)i, Data, sizeof(Data), &DataRead) ;
            //    p = Data;
           // }
		  
		  if(!memcmp(p, w, wlen)) 
			{
               //* znalezione 
				cout<<endl<<endl<<p;
				cout<<" dla  i = "<< hex <<i<<dec<<"  "<<i<<endl;
				fwrite(p, 1, wlen, f2);
				system("pause");
                break;
            }
		  p++;
	  }
      Accessed++;
    }
  }

		cout<<endl;
		system("pause");
////////////////////////////////////////////


  fclose(f);
  CloseHandle(pHandletestu);
  printf("\nDone!\n");
	return 0;
}





 

1 użytkowników online, w tym zalogowanych: 0, gości: 1