版主或各位大侠:我参考《加密与解密(第三版)》内存补丁一节内容,编制如下程序段,可无论如何也没看见被调试的程序被启动并出现其窗口(该程序无论破解与否都应有一窗口出现),想请各位帮助分析下,看问题出在何处?才开始涉及这方面内容,所以有些不知如何入手!
#define PATCH_DRESS1 0x05BB01F
#define PATCH_DRESS2 0x05BB3E4
char szFileName[40] = {"c:\\gmg\\Mesa 12.00\\Mesa.exe"};
BYTE TarGetData1[] = {0x74,0x37};
BYTE TarGetData2[] = {0x0f,0x84,0xb2};
BYTE WriteData1[] = {0x90,0x90};
BYTE WriteData2[] = {0xe9,0xb3,0x00};
BYTE ReadBuffer[128] = {0};
DWORD Oldpp;
STARTUPINFOA si;
PROCESS_INFORMATION pi;
BOOL bContinueRun = TRUE;
//创建一个挂起的进程
if(!CreateProcess(szFileName,0,0,0,0,CREATE_SUSPENDED,0,0,&si,&pi))
{
::MessageBoxA(NULL,"CreateProcess Failed.","error",MB_OK);
return;
}
while(bContinueRun)
{
ResumeThread(pi.hThread);
Sleep(10);
SuspendThread(pi.hThread);
ReadProcessMemory(pi.hProcess,(LPVOID)PATCH_DRESS1,&ReadBuffer,2,NULL);
if(!memcmp(TarGetData1,ReadBuffer,2))
{
VirtualProtectEx(pi.hProcess,(LPVOID)PATCH_DRESS1,2,0x40,&Oldpp);
WriteProcessMemory(pi.hProcess,(LPVOID)PATCH_DRESS1,&WriteData1,2,0);
VirtualProtectEx(pi.hProcess,(LPVOID)PATCH_DRESS2,3,0x40,&Oldpp);
WriteProcessMemory(pi.hProcess,(LPVOID)PATCH_DRESS2,&WriteData2,3,0);
ResumeThread(pi.hThread);
bContinueRun = FALSE;
}
}
CloseHandle(pi.hProcess);
CloseHandle(pi.hThread);
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)