读取内存

转载 于 2012-04-06 21:43:05 发布 · 785 阅读 · 0
文章标签:

#delphi #access #integer #c #button #string 

如何在DELPHI中实现读出基址数据
寻找血值在OD中是这样的 ~2HlAU))<&  
dd [[[95ad3c]+1c]+24]+25c 1" k_l.\,0  
u!]g^r  
DELPHI中这样 rAv)k&l  
<6!;mb ;cX  
GameBase =$95E800;//[95ad3c] 55%j$f  
  ReadProcessMemory(GamehProcess,Pointer(GameBase+$1C),@ptmp,4,readByte); ' F,.y6QU  
   ReadProcessMemory(GamehProcess,Pointer(Ptmp+$24),@ptmp,4,readByte); M/d6I$~7z  
ReadProcessMemory(GamehProcess,Pointer(base+$25c),@ptmp,4,readByte); Ad:}i9-x  
   ? "+g6II  
Y<ZaW{%  
Vf V|fuW  
寻找血值在OD中是这样的 @5=2+ M  
?D\6@G:,#@  
dd [[[[[95E800+1c]+24]+918]+14]+1c]+25c U!TSAg21P  
   .Fl5b}C(  
DELPHI中这样 B-.QGf8K.  
-W\1 n#J  
GameBase =$95E800;//[95ad3c] p]]*H2UD  
   4b@ Awtk  
o9JZ -biH  
    ReadProcessMemory(GamehProcess,Pointer(GameBase+$1C),@ptmp,4,readByte); [ U`})  
    ReadProcessMemory(GamehProcess,Pointer(Ptmp+$24),@ptmp,4,readByte); V."qxKsz  
    ReadProcessMemory(GamehProcess,Pointer(Ptmp+$918),@ptmp,4,readByte); !uxma~ZH-  
    ReadProcessMemory(GamehProcess,Pointer(Ptmp+$14),@ptmp,4,readByte); M&h`uO/[  
    ReadProcessMemory(GamehProcess,Pointer(Ptmp+$1C),@ptmp,4,readByte); tB<2mjg  
ReadProcessMemory(GamehProcess,Pointer(base+$25c),@ptmp,4,readByte); P-LdzVt(^  
从这两个例子中,你会发现一些规律的。 C%ZSsp u  
  以上摘自阿冲笔记。




var  
Num:Cardinal;  
a,b:Integer;  
ParamAdd: THandle;  
lpNumberOfBytes:Cardinal;  
begin  
a:= 1234567;  
b:= 11111;  
//GetWindowThreadProcessId(Ghwnd,PID);   
PID:= FindProcessID('project2.exe');  
ProcessID:=OpenProcess(PROCESS_ALL_ACCESS,False,PID);   // 打开进程   
  
ParamAdd:= VirtualAllocEx(ProcessID,nil,20,MEM_COMMIT,PAGE_READWRITE);    //开辟一个空间   
WriteProcessMemory(ProcessID, @a, @b, SizeOf(b), lpNumberOfBytes);   // 将地址b内容写到地址a中   
ReadProcessMemory(ProcessID,Pointer(@a),@sBase,6,Num);   // 读取地址a内容放进地址sBase中   
ShowMessage(IntToStr(sBase));  
  
end; 




Button1Click(Sender: TObject);
var
hwnd:cardinal;
pid:Dword;
hProcess:cardinal;
x:string;
Num: cardinal;


begin
setlength(X,$10);
hwnd := FindWindow(nil, 'Cheat Engine 5.3');
GetWindowThreadProcessId (hwnd, @pid);
hProcess := OpenProcess(PROCESS_ALL_ACCESS, false, pid);
If hProcess <> 0 Then
begin
if ReadProcessMemory(hprocess,Pointer($1005334),@x,$10,num) then
label1.Caption := string(x)
else
showmessage('读数失败~!');
end
else
showmessage('未启动游戏');
CloseHandle(hProcess);

end; 





var
  h : HWND;
  PId : hwnd;
  hProcess : Cardinal;
  num : Cardinal;
  x : pinteger;
  dwErr : dword;
begin
  h := FindWindow(nil,'testMem');
  if h = 0 then
    exit;
  GetWindowThreadProcessId (h, @pid);
  hProcess := OpenProcess(PROCESS_ALL_ACCESS, false, pid);
  if hProcess = 0 then
    exit;
  getmem(x,4);
  if ReadProcessMemory(hprocess,Pointer($00D43810),x,4,num) then
  begin
    messagebox(0,pchar(inttostr(x^)),'d',0);

  end
  else
  begin
        dwErr := getLastError;
    messagebox(0,pchar(inttostr(dwerr)),'d',0);
  end;
  freemem(x);
  closehandle(hProcess);

upc100
关注
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值