使用指针的方式进行进程间通讯,可以做到32位->32位,64位->64位,32位->64位的: 原因是调用了两套函数:ReadProcessMemory/Wow64Read
//进程间通讯的指针形式的内存访问
#include<windows.h>
#include<ntstatus.h>
#include<iostream>
using namespace std;
BOOL EnableSeDebugPrivilege(IN const CHAR * PriviledgeName, BOOL IsEnable);
typedef NTSTATUS(NTAPI *LPFN_NTWOW64READVIRTUALMEMORY64)(
IN HANDLE ProcessHandle,
IN ULONG64 BaseAddress,
OUT PVOID BufferData,
IN ULONG64 BufferLength,
OUT PULONG64 ReturnLength OPTIONAL);
typedef NTSTATUS(NTAPI *LPFN_NTWOW64WRITEVIRTUALMEMORY64)(
IN HANDLE ProcessHandle,
IN ULONG64 BaseAddress,
OUT PVOID BufferData,
IN ULONG64 BufferLength,
OUT PULONG64 ReturnLength OPTIONAL);
LPFN_NTWOW64READVIRTUALMEMORY64 __NtWow64ReadVirtualMemory64 = NULL;
LPFN_NTWOW64WRITEVIRTUALMEMORY64 __NtWow64WriteVirtualMemory64 = NULL;
BOO