ULONG_PTR SkipJmpAddress(ULONG_PTR uAddress) { ULONG_PTR TrueAddress = 0; PBYTE pFn = (PBYTE)uAddress; if (pFn[0] == 0xE9) { TrueAddress = (ULONG_PTR)pFn + *(ULONG_PTR*)(pFn + 1) + 5; return TrueAddress; }
int pid = getpid(); bool shd = ReadProcessMemory(OpenProcess(PROCESS_VM_READ, true, pid), (LPVOID)uAddress, pFn, 2, &dwBytesReturned); printf("%d\n", shd);
DWORD dwOLD; MEMORY_BASIC_INFORMATION MemInfo; VirtualQuery((LPCVOID)uAddress, &MemInfo, sizeof(MEMORY_BASIC_INFORMATION)); if (VirtualProtect(MemInfo.BaseAddress, MemInfo.RegionSize, PAGE_READWRITE, &dwOLD)) { PBYTE pFn = (PBYTE)uAddress; printf("fff:%x\n", pFn[0]); }
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)