typedef
NTSTATUS(NTAPI*Ptr_NtReadVirtualMemory)(
IN HANDLE ProcessHandle,
IN PVOID BaseAddress,
OUT PVOID Buffer,
IN ULONG NumberOfBytesToRead,
OUT PULONG NumberOfBytesReaded OPTIONAL);
int main()
{
//和ReadProcessMemory用法一致
HMODULE hModule = LoadLibrary(TEXT("Ntdll.dll "));
Ptr_NtReadVirtualMemory NtReadVirtualMemory = (Ptr_NtReadVirtualMemory)GetProcAddress(hModule, “NtReadVirtualMemory”);
int adrnum = 0;
HANDLE id = OpenProcess(PROCESS_ALL_ACCESS,0,3100);
NtReadVirtualMemory(id,(PVOID)0x001DA59C, (LPVOID)&adrnum,4,0);
CloseHandle(id);
printf("%d",adrnum);
system("pause");
return 0;
}