program nie chce odczytać mi zawartości pamięci innego programu:
// odczytwartosci.cpp : Defines the entry point for the console application.
//
#include "stdafx.h"
#include "iostream"
#include <fstream>
#include <windows.h>
using namespace std;
///////////////////
BOOL EnablePriv(HANDLE CurrentProcess);
////////////////////
typedef void (CALLBACK *BLOCKSENUMPROC) (
LPVOID lpBaseAddress,
SIZE_T nSize,
DWORD dwProtect,
DWORD dwType,
LPVOID pExtra);
BOOL EnumBlocks (HANDLE hProcess, CONST BLOCKSENUMPROC pEnumCallback, LPVOID pExtra);
void CALLBACK BlockEnumProc (LPVOID lpBaseAddress, SIZE_T nSize, DWORD dwProtect, DWORD dwType, LPVOID pExtra);
//////////////////////
UINT dodaj( LPVOID pParam );
UINT sprawdz( LPVOID pParam );
//////////////////////
void ScanMem(DWORD start, DWORD end, LPVOID value,HANDLE hackProcess);
//////////////////////
int _tmain(int argc, _TCHAR* argv[])
{
DWORD *pID = new DWORD();//4bytes
cout << "plik test1.exe ma byc w tym miejscu:"<<endl;
cout << " D:\\test1.exe !!!"<<endl;
system("pause");
//getchar();
HWND testWindow = FindWindow(_T("ConsoleWindowClass"),_T("D:\\test1.exe"));
//HWND testWindow = FindWindow(_L("ConsoleWindowClass"),_L("D:\\test1.exe")); //w UNICODE
if(testWindow == NULL)
{
cout << "nie znaleziono okna";
getchar();
return 0;
}
else
{
cout << "Znaleziono okno \n";
}
GetWindowThreadProcessId(testWindow, pID);
if(pID == 0)
{
cout << "Nie znaleziono id procesu ";
getchar();
return 0;
}
else
{
cout << "Znaleziono id procesu:" << pID << "\n";
}
// HANDLE pHandletestu = OpenProcess(PROCESS_ALL_ACCESS, false, *pID);
HANDLE pHandletestu = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, false, *pID);
if(pHandletestu == NULL)
{
cout << "nie można otworzyć procesu ";
getchar();
return 0;
}
else
{
cout << "Otworzono proces \n";
}
delete pID;
DWORD err = GetLastError();
cout << "\n" << err << "\n";
//cout<<"pHandletestu: "<<pHandletestu<<endl;
system("pause");
int wynik=0;
wynik=EnablePriv(pHandletestu);//przed VirtualQueryEx i ReadProcessMemory
EnumBlocks (pHandletestu, BlockEnumProc, NULL);
//CloseHandle(pHandletestu);
cout<<"wynik: "<<wynik<<endl;
system("pause");
////////////////////////////////////////////
// test na konwercje LPVOID //
int test=1;
cout<<"test:"<<test<<endl;
dodaj(&test);
sprawdz(&test);
cout<<"test:"<<test<<endl;
system("pause");
////////////////////////////////////////////
int r4=0;
unsigned addr5 = 0x01000000;
unsigned end_addr5 = 0x6fffffff;
SIZE_T rozmiar;
char *buf = new char[512];
do
{
ReadProcessMemory(pHandletestu, (LPVOID)addr5, (LPVOID)buf, sizeof(char), &rozmiar);
//printf("Ostatnia komenda w konsoli:%s\r", buf);
addr5=addr5+512;
r4++;if(r4%1000==0){cout << "r4 "<<r4<<endl;printf("Ostatnia komenda w konsoli: %s\r", buf); }
//Sleep(100);
}while(addr5 < end_addr5);
system("pause");
/////////////////////////////////////////////
MEMORY_BASIC_INFORMATION mbi;
DWORD fromAddress = 0x10000;//0x00000000;
DWORD Address = 0x10000;//0x00000000;
int start= 0x10000, end=0x7FFFFFFF;
int liczba=15849317;
cout<<"liczba: "<<liczba<<endl;
system("pause");
VirtualQueryEx(pHandletestu, (PVOID)Address, &mbi, sizeof(mbi));
do
{
if (mbi.State != MEM_FREE)
{
DWORD page_attr = PAGE_READWRITE | PAGE_WRITECOPY | PAGE_EXECUTE_READWRITE | PAGE_EXECUTE_WRITECOPY;
if (mbi.Protect & page_attr)
{
start = (unsigned)mbi.BaseAddress;
end = (unsigned)mbi.BaseAddress+mbi.RegionSize;
// do something here ...
ScanMem(start, end, &liczba,pHandletestu);
printf("start -> 0x%p \n\r", start );
printf("3end -> 0x%p \n\r", end );
printf("mbi.BaseAddress -> 0x%p \n\r", mbi.BaseAddress);
//printf("33ADDRESS -> 0x%p \n\r", fromAddress);
Sleep(100);
//system("pause");
};
};
Address += mbi.RegionSize;
fromAddress += mbi.RegionSize;
}while(VirtualQueryEx(pHandletestu, (PVOID)Address, &mbi, sizeof(mbi)));
//} while(fromAddress < toAddress);
system("pause");
////////////////////////////////////////////
#define B_SIZE (1024*1024*4)
unsigned addr2 = 0x01000000;
unsigned end_addr2 = 0x7fffffff;
char *b = (char*)malloc(B_SIZE);
const char *w = "sprawdzenie_A";
//const char *w = "Address";
int wlen = strlen(w);
int r=0;
while(addr2 < end_addr2) {
char *p;
ReadProcessMemory(pHandletestu, (LPVOID)addr2, b, B_SIZE, 0);
p = b;
while(1) { r++;if(r%1000==0){cout << "r "<<r<<endl;}
p = (char*)memchr(p, w[0], B_SIZE - (p-b)); // szukanie pierwszego znaku szukanej wartosci
if(!p)
break;
if(B_SIZE - (p-b) < wlen) { // czesc jest w nastepnej porcji
addr2 += (p-b);
ReadProcessMemory(pHandletestu, (LPVOID)addr2, b, B_SIZE, 0);
p = b;
}
if(!memcmp(p, w, wlen))
{
//* znalezione
cout <<p;
cout <<" r = "<<r<<endl;
system("pause");
break;
}
p++;
}
addr2 += B_SIZE;
}
system("pause");
//////////////////////////////
MEMORY_BASIC_INFORMATION mbi2;
char temp[1000];
unsigned addr = 0x01000000;
unsigned end_addr = 0x6fffffff;
int j=0;
VirtualQueryEx(pHandletestu, (LPVOID)addr, &mbi2, sizeof(mbi2));
do
{
j++;if(j%10000==0){cout << "j \n"<<j<<endl;}
ReadProcessMemory(pHandletestu, (LPVOID)addr, &temp,1000,0);
char *a = strstr(temp,"sprawdzenie_A");
if (a)
{
cout << temp;
cout <<" j = "<<j<<endl;
system("pause");
}
addr++;
}while(addr < end_addr);
//////////////////////////////
cout <<endl<<endl<< " koniec"<<endl;
Sleep(2000);
system("pause");
//////////////////////////////
return 0;
}
BOOL EnablePriv(HANDLE CurrentProcess) // by Napalm
{
//cout<<"CurrentProcess: "<<CurrentProcess<<endl;
HANDLE hToken;
LUID luid;
TOKEN_PRIVILEGES tkprivs;
ZeroMemory(&tkprivs, sizeof(tkprivs));
if(!OpenProcessToken(CurrentProcess, (TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY), &hToken))
return FALSE;
cout << GetLastError() << endl;//outputs 0, no error code set yet
if(!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid)){
CloseHandle(hToken); return FALSE;
}
cout << GetLastError() << endl;//outputs 0, no error code set yet
tkprivs.PrivilegeCount = 1;
tkprivs.Privileges[0].Luid = luid;
tkprivs.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
BOOL bRet = AdjustTokenPrivileges(hToken, FALSE, &tkprivs, sizeof(tkprivs), NULL, NULL);
CloseHandle(hToken);
return bRet;
}
// Called as: EnablePriv(SE_DEBUG_NAME);
////////////////////////////////////////////////////////////////////////////
BOOL EnumBlocks (HANDLE hProcess, CONST BLOCKSENUMPROC pEnumCallback, LPVOID pExtra)
{
SYSTEM_INFO SystemInfo;
MEMORY_BASIC_INFORMATION MemoryBasicInformation;
GetSystemInfo (&SystemInfo);
int i=0;
PSTR lpCurrentAddress = static_cast<PSTR>(SystemInfo.lpMinimumApplicationAddress);
while (lpCurrentAddress < SystemInfo.lpMaximumApplicationAddress)
{
if (!VirtualQueryEx (hProcess, lpCurrentAddress, &MemoryBasicInformation, sizeof (MemoryBasicInformation)))
return FALSE;
if (MemoryBasicInformation.State != MEM_FREE)
pEnumCallback (lpCurrentAddress,
MemoryBasicInformation.RegionSize,
MemoryBasicInformation.Protect,
MemoryBasicInformation.Type,
pExtra);
lpCurrentAddress += MemoryBasicInformation.RegionSize;
if(i%50==0)
{system("pause");}
i++;
};
return TRUE;
}
///////////////////////////////////////////////
void CALLBACK BlockEnumProc (LPVOID lpBaseAddress, SIZE_T nSize, DWORD dwProtect, DWORD dwType, LPVOID pExtra)
{
//Aby EnumBlocks przekazywał tylko obszary przydzielone wystarczy zmienić warunek w pętli na:
//if (MemoryBasicInformation.State & MEM_COMMIT)
static char const *psStrProtect [] =
{
"PAGE_NOACCESS", "PAGE_READONLY", "PAGE_READWRITE", "PAGE_WRITECOPY", "PAGE_EXECUTE",
"PAGE_EXECUTE_READ", "PAGE_EXECUTE_READWRITE", "PAGE_EXECUTE_WRITECOPY", "MEM_RESERVE"
};
UINT nProtect = 0;
if (!dwProtect)
nProtect = sizeof (psStrProtect) / sizeof (PSTR) - 1;
else
while (!(dwProtect & (1 << nProtect)))
++nProtect;
printf ("Base: %p\tSize: %p\tProtect: %s\n Type:\t%s\tModifiers: %s\n",
lpBaseAddress,
nSize,
psStrProtect[nProtect],
((dwType & 0x20000) ? "MEM_PRIVATE"
: (dwType & 0x40000) ? "MEM_MAPPED"
: (dwType & 0x1000000) ? "MEM_IMAGE"
: "None"),
((dwProtect & 0x100) ? "PAGE_GUARD"
: (dwProtect & 0x200) ? "PAGE_NOCACHE"
: (dwProtect & 0x400) ? "PAGE_WRITECOMBINE"
: "None"));
}
///////////////////////////////////////////////
UINT dodaj( LPVOID pParam )
{
int *w_i; // (*((int*)pParam))++;
//int* my_int = reinterpret_cast<int*>(param);
w_i=( int*)pParam; // przypisanie i konwersja
for(int i=1;i<20;i++)
{
Sleep(16);
*w_i+=1;
cout<<"wynik:w_i:"<<*w_i<<endl;
}
return 0;
}
///////////////////////////////////////////////
UINT sprawdz( LPVOID pParam )
{
int *w_i,temp;
// int* my_int = reinterpret_cast<int*>(param);
for(int i=1;i<10;i++)
{ w_i=( int*)pParam;
temp=*w_i;
Sleep(20);
cout<<"wynik:w_i:"<<*w_i<<endl;
if ((*w_i)%2==0) cout<<temp<<" jest parzyste "<<flush;
else cout<<temp<<" jest nieparzyste "<<flush;
cout<<endl;
}
return 0;
}
///////////////////////////////////////////////
void ScanMem(DWORD start, DWORD end, LPVOID value,HANDLE hackProcess)
{
DWORD read = 0;
//LPBYTE buffer = new BYTE[end-start]; //if((reinterpret_cast<int&>(buffer[i]))==*value_na_int) ?????????
int *buffer = new int[end-start];
TCHAR foundet[200];
int address=0;
LPCVOID addres = (LPCVOID)0x8DA018;
int *value_na_int; // (*((int*)value))++;
//int* value_na_int = reinterpret_cast<int*>(value);
value_na_int=( int*)value; // przypisanie i konwersja
cout<<"liczba w ScanMem-1:--> "<<value_na_int<<endl;
cout<<"liczba w ScanMem-2:--> "<<*value_na_int<<endl;
if(ReadProcessMemory(hackProcess, (void*)start, buffer, end - start, &read) == NULL)
{cout<<"=xxx= NULL value="<<value<<endl;
Sleep(200);}
else
{
// for(unsigned i = 0; i < (end - start - sizeof(value)); ++i)
for(unsigned i = 0; i < (end - start - sizeof(*value_na_int)); ++i)
{
//if((reinterpret_cast<int&>(buffer[i]))==*value_na_int) //LPBYTE buffer = new BYTE[end-start];?????????
if(buffer[i] == *value_na_int)
//if(*&buffer[i] == *value_na_int)
{
address = start + i;
//_stprintf(foundet, TEXT("Address: %.8X Value: %d"), address, *value_na_int);
printf("ADDRESS -> 0x%p ,%d\n\r", address,*value_na_int);
system("pause");
//SendMessage(GetDlgItem(hwndMainDlg, IDC_LIST2), LB_ADDSTRING, 0, (LPARAM)foundet);
//++zaehler;
}
}
}
delete[] buffer;
}
// test1.cpp : Defines the entry point for the console application.
//
#include "stdafx.h"
#include "iostream"
using namespace std;
int _tmain(int argc, _TCHAR* argv[])
{
int brtyefg=15849317;
const char *w = "sprawdzenie_A";
int wlen = strlen(w);
cout <<w<<endl;
cout <<brtyefg<<endl;
system("pause");
return 0;
}