-
-
[求助]编写简单内存补丁程序中WriteProcessMemory出错
-
发表于: 2006-11-24 21:02
-
最近搞了内存补丁,主要是这句:
szZhiLing db '**h,**h',0
invoke WriteProcessMemory,stProcInfo.hProcess,\
00401000h,addr szZhiLing,2,NULL
编写成一个程序后就这样形式:
invoke WriteProcessMemory,stProcInfo.hProcess,\
addr szNeiCun,addr szZhiLing,2,NULL
其中szNeiCun从EDITTEXT控件接收并且保存着内存地址,szZhiLing从EDITTEXT控件接收并且保存着指令的机器码,这样一来内存补丁就不管用了.
完整代码:
.386
.model flat, stdcall
option casemap :none
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
include windows.inc
include user32.inc
include kernel32.inc
include wininet.inc
include comctl32.inc
include comdlg32.inc
includelib user32.lib
includelib kernel32.lib
includelib wininet.lib
includelib comctl32.lib
includelib comdlg32.lib
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
include data.asm
.code
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_ShowInfo proc lpText
invoke SetDlgItemText,hWinMain,IDC_INFO,lpText
ret
_ShowInfo endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;选择打开文件,文件名保存在szUrl
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_OpenFile proc
local @stOF:OPENFILENAME
local @stES:EDITSTREAM
;********************************************************************
; 显示“打开文件”对话框
;********************************************************************
invoke RtlZeroMemory,addr @stOF,sizeof @stOF
mov @stOF.lStructSize,sizeof @stOF
push hWinMain
pop @stOF.hwndOwner
mov @stOF.lpstrFilter,offset szFilter
mov @stOF.lpstrFile,offset szUrl
mov @stOF.nMaxFile,MAX_PATH
mov @stOF.Flags,OFN_FILEMUSTEXIST or OFN_PATHMUSTEXIST
mov @stOF.lpstrDefExt,offset szMessageTitle
invoke GetOpenFileName,addr @stOF
ret
_OpenFile endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_NewProc proc uses ebx ecx edx esi edi,lParam
local @szBuffer[MAX_PATH]:byte
pushad
and dwFlag,not F_ABORT
invoke GetDlgItem,hWinMain,IDOK
invoke EnableWindow,eax,FALSE
invoke GetDlgItem,hWinMain,IDC_URL
invoke EnableWindow,eax,FALSE
invoke _ShowInfo,addr szNull
;********************************************************************
invoke lstrcat,addr szUrl,addr szBuffer
invoke SetDlgItemText,hWinMain,IDC_URL,addr szUrl
;********************************************************************
call _test
invoke _ShowInfo,addr szBuffer
invoke GetDlgItem,hWinMain,IDOK
invoke EnableWindow,eax,TRUE
invoke GetDlgItem,hWinMain,IDC_URL
invoke EnableWindow,eax,TRUE
invoke CloseHandle,hThread
mov hThread,0
popad
ret
_NewProc endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;保存内存地址在 szNeiCun
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_NewProc1 proc uses ebx ecx edx esi edi,lParam
local @szBuffer[MAX_PATH]:byte
pushad
and dwFlag,not F_ABORT
invoke GetDlgItem,hWinMain,IDOK
invoke EnableWindow,eax,FALSE
invoke GetDlgItem,hWinMain,IDC_URL1
invoke EnableWindow,eax,FALSE
invoke _ShowInfo,addr szNull
;********************************************************************
invoke lstrcat,addr szNeiCun,addr szBuffer
invoke SetDlgItemText,hWinMain,IDC_URL1,addr szNeiCun
;********************************************************************
invoke _ShowInfo,addr szBuffer
invoke GetDlgItem,hWinMain,IDOK
invoke EnableWindow,eax,TRUE
invoke GetDlgItem,hWinMain,IDC_URL1
invoke EnableWindow,eax,TRUE
invoke CloseHandle,hThread
mov hThread,0
popad
ret
_NewProc1 endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;保存指令的机器码在 szZhiLing
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_NewProc2 proc uses ebx ecx edx esi edi,lParam
local @szBuffer[MAX_PATH]:byte
pushad
and dwFlag,not F_ABORT
invoke GetDlgItem,hWinMain,IDOK
invoke EnableWindow,eax,FALSE
invoke GetDlgItem,hWinMain,IDC_URL2
invoke EnableWindow,eax,FALSE
invoke _ShowInfo,addr szNull
;********************************************************************
invoke lstrcat,addr szZhiLing,addr szBuffer
invoke SetDlgItemText,hWinMain,IDC_URL2,addr szZhiLing
;********************************************************************
invoke _ShowInfo,addr szBuffer
invoke GetDlgItem,hWinMain,IDOK
invoke EnableWindow,eax,TRUE
invoke GetDlgItem,hWinMain,IDC_URL2
invoke EnableWindow,eax,TRUE
invoke CloseHandle,hThread
mov hThread,0
popad
ret
_NewProc2 endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;开始执行补丁操作
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_test proc
invoke GetStartupInfo,addr stStartUp
invoke CreateProcess,addr szUrl,NULL,NULL,NULL,NULL,\
NORMAL_PRIORITY_CLASS or CREATE_SUSPENDED,NULL,NULL,\
offset stStartUp,offset stProcInfo ;利用CreateProcess打开拥有父进程的权限
invoke WriteProcessMemory,stProcInfo.hProcess,\
addr szNeiCun,addr szZhiLing,2,NULL;开始写入补丁指令
invoke ResumeThread,stProcInfo.hThread;创建线程执行补丁
invoke CloseHandle,stProcInfo.hProcess;关闭句柄
invoke CloseHandle,stProcInfo.hThread;关闭句柄
ret
_test endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>;主程序代码
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_MainDialogProc proc uses ebx edi esi hWnd,wMsg,wParam,lParam
local @szBuffer[256]:byte
mov eax,wMsg
.if eax == WM_CLOSE
.if hThread
invoke TerminateThread,hThread,-1
.endif
invoke EndDialog,hWinMain,NULL
;********************************************************************
.elseif eax == WM_INITDIALOG ;初始化
mov eax,hWnd
mov hWinMain,eax
invoke SendDlgItemMessage,hWnd,IDC_URL,EM_SETLIMITTEXT,MAX_PATH,0
invoke SetDlgItemText, hWnd,IDC_URL,addr sz1
invoke SetDlgItemText, hWnd,IDC_URL1,addr sz2
invoke SetDlgItemText, hWnd,IDC_URL2,addr sz3
;********************************************************************
.elseif eax == WM_COMMAND
mov eax,wParam
movzx eax,ax
.if eax == IDC_URL
invoke GetDlgItemText,hWnd,IDC_URL,addr @szBuffer,sizeof @szBuffer
mov ebx,eax
invoke GetDlgItem,hWnd,IDOK
invoke EnableWindow,eax,ebx
.elseif eax == IDOK
invoke CreateThread,NULL,0,offset _NewProc,NULL,\
NULL,addr hThread
.elseif eax == IDC_Open
call _OpenFile
invoke SetDlgItemText,hWnd,IDC_URL,addr szUrl
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.elseif eax == IDC_URL1
invoke GetDlgItemText,hWnd,IDC_URL1,addr szNeiCun,sizeof szNeiCun
mov ebx,eax
invoke EnableWindow,eax,ebx
.elseif eax == IDC_URL2
invoke GetDlgItemText,hWnd,IDC_URL2,addr szZhiLing,sizeof szZhiLing mov ebx,eax
invoke EnableWindow,eax,ebx
.endif
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.else
mov eax,FALSE
ret
.endif
mov eax,TRUE
ret
_MainDialogProc endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
start:
invoke GetModuleHandle,NULL
mov hInstance,eax
invoke DialogBoxParam,hInstance,DLG_MAIN,NULL,offset _MainDialogProc,NULL
invoke ExitProcess,NULL
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
end start
data.asm :
ICO_MAIN equ 1000 ;图标
DLG_MAIN equ 1000
IDC_URL equ 1001
IDC_Open equ 1002
IDC_INFO equ 1003
IDC_URL1 equ 1004
IDC_URL2 equ 1005
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.data?
hInstance dd ?
hWinMain dd ?
hThread dd ?
szBuffer db 512 dup (?)
szUrl db 512 dup (?)
szZhiLing db 512 dup (?)
szNeiCun db 512 dup (?)
dwFlag dd ?
F_ABORT equ 0001h
stStartUp STARTUPINFO <?>
stProcInfo PROCESS_INFORMATION <?>
stProcess PROCESSENTRY32 <?>
.data
szNull db 0
szFilter db '选择你要打开的文件(*.*)',0,'*.*',0
szMyTitle db '选择你要打开的文件',0
szMessageTitle db '文件',0
sz1 db 'http://n00000000000000p.blog.sohu.com/',0
sz2 db '00401000h',0
sz3 db '00h,00h',0
RC资源脚本:
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
#include <resource.h>
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
#define ICO_MAIN 1000 //图标
#define DLG_MAIN 1000
#define IDC_URL 1001
#define IDC_Open 1002
#define IDC_INFO 1003
#define IDC_URL1 1004
#define IDC_URL2 1005
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
ICO_MAIN ICON "test.ico"
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
DLG_MAIN DIALOG 0, 0, 267, 126
STYLE DS_MODALFRAME | WS_POPUP | WS_VISIBLE | WS_CAPTION | WS_SYSMENU | WS_THICKFRAME
CAPTION "内存补丁测试程序 ----- By:Winker "
FONT 9, "system"
STYLE 0x14CA0000
EXSTYLE 0x00000001
{
LTEXT "选择要补丁的程序:", -1, 15,13,73,14
PUSHBUTTON "浏览",IDC_Open,236,14,22,14
EDITTEXT IDC_URL, 89,13,142,14, ES_AUTOHSCROLL | WS_BORDER | WS_TABSTOP
LTEXT "内存地址:",-1,13,31,46,14
EDITTEXT IDC_URL1, 66,30,69,14, ES_AUTOHSCROLL | WS_BORDER | WS_TABSTOP
LTEXT "指令机器码:",-1,140,31,50,15
EDITTEXT IDC_URL2, 195,31,62,14, ES_AUTOHSCROLL | WS_BORDER | WS_TABSTOP
PUSHBUTTON "开始内存补丁",IDOK, 13,47,65,16
}
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
额...我猜想可能是在控件那边出现问题,但是我找不出来...
请朋友指教
szZhiLing db '**h,**h',0
invoke WriteProcessMemory,stProcInfo.hProcess,\
00401000h,addr szZhiLing,2,NULL
编写成一个程序后就这样形式:
invoke WriteProcessMemory,stProcInfo.hProcess,\
addr szNeiCun,addr szZhiLing,2,NULL
其中szNeiCun从EDITTEXT控件接收并且保存着内存地址,szZhiLing从EDITTEXT控件接收并且保存着指令的机器码,这样一来内存补丁就不管用了.
完整代码:
.386
.model flat, stdcall
option casemap :none
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
include windows.inc
include user32.inc
include kernel32.inc
include wininet.inc
include comctl32.inc
include comdlg32.inc
includelib user32.lib
includelib kernel32.lib
includelib wininet.lib
includelib comctl32.lib
includelib comdlg32.lib
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
include data.asm
.code
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_ShowInfo proc lpText
invoke SetDlgItemText,hWinMain,IDC_INFO,lpText
ret
_ShowInfo endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;选择打开文件,文件名保存在szUrl
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_OpenFile proc
local @stOF:OPENFILENAME
local @stES:EDITSTREAM
;********************************************************************
; 显示“打开文件”对话框
;********************************************************************
invoke RtlZeroMemory,addr @stOF,sizeof @stOF
mov @stOF.lStructSize,sizeof @stOF
push hWinMain
pop @stOF.hwndOwner
mov @stOF.lpstrFilter,offset szFilter
mov @stOF.lpstrFile,offset szUrl
mov @stOF.nMaxFile,MAX_PATH
mov @stOF.Flags,OFN_FILEMUSTEXIST or OFN_PATHMUSTEXIST
mov @stOF.lpstrDefExt,offset szMessageTitle
invoke GetOpenFileName,addr @stOF
ret
_OpenFile endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_NewProc proc uses ebx ecx edx esi edi,lParam
local @szBuffer[MAX_PATH]:byte
pushad
and dwFlag,not F_ABORT
invoke GetDlgItem,hWinMain,IDOK
invoke EnableWindow,eax,FALSE
invoke GetDlgItem,hWinMain,IDC_URL
invoke EnableWindow,eax,FALSE
invoke _ShowInfo,addr szNull
;********************************************************************
invoke lstrcat,addr szUrl,addr szBuffer
invoke SetDlgItemText,hWinMain,IDC_URL,addr szUrl
;********************************************************************
call _test
invoke _ShowInfo,addr szBuffer
invoke GetDlgItem,hWinMain,IDOK
invoke EnableWindow,eax,TRUE
invoke GetDlgItem,hWinMain,IDC_URL
invoke EnableWindow,eax,TRUE
invoke CloseHandle,hThread
mov hThread,0
popad
ret
_NewProc endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;保存内存地址在 szNeiCun
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_NewProc1 proc uses ebx ecx edx esi edi,lParam
local @szBuffer[MAX_PATH]:byte
pushad
and dwFlag,not F_ABORT
invoke GetDlgItem,hWinMain,IDOK
invoke EnableWindow,eax,FALSE
invoke GetDlgItem,hWinMain,IDC_URL1
invoke EnableWindow,eax,FALSE
invoke _ShowInfo,addr szNull
;********************************************************************
invoke lstrcat,addr szNeiCun,addr szBuffer
invoke SetDlgItemText,hWinMain,IDC_URL1,addr szNeiCun
;********************************************************************
invoke _ShowInfo,addr szBuffer
invoke GetDlgItem,hWinMain,IDOK
invoke EnableWindow,eax,TRUE
invoke GetDlgItem,hWinMain,IDC_URL1
invoke EnableWindow,eax,TRUE
invoke CloseHandle,hThread
mov hThread,0
popad
ret
_NewProc1 endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;保存指令的机器码在 szZhiLing
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_NewProc2 proc uses ebx ecx edx esi edi,lParam
local @szBuffer[MAX_PATH]:byte
pushad
and dwFlag,not F_ABORT
invoke GetDlgItem,hWinMain,IDOK
invoke EnableWindow,eax,FALSE
invoke GetDlgItem,hWinMain,IDC_URL2
invoke EnableWindow,eax,FALSE
invoke _ShowInfo,addr szNull
;********************************************************************
invoke lstrcat,addr szZhiLing,addr szBuffer
invoke SetDlgItemText,hWinMain,IDC_URL2,addr szZhiLing
;********************************************************************
invoke _ShowInfo,addr szBuffer
invoke GetDlgItem,hWinMain,IDOK
invoke EnableWindow,eax,TRUE
invoke GetDlgItem,hWinMain,IDC_URL2
invoke EnableWindow,eax,TRUE
invoke CloseHandle,hThread
mov hThread,0
popad
ret
_NewProc2 endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;开始执行补丁操作
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_test proc
invoke GetStartupInfo,addr stStartUp
invoke CreateProcess,addr szUrl,NULL,NULL,NULL,NULL,\
NORMAL_PRIORITY_CLASS or CREATE_SUSPENDED,NULL,NULL,\
offset stStartUp,offset stProcInfo ;利用CreateProcess打开拥有父进程的权限
invoke WriteProcessMemory,stProcInfo.hProcess,\
addr szNeiCun,addr szZhiLing,2,NULL;开始写入补丁指令
invoke ResumeThread,stProcInfo.hThread;创建线程执行补丁
invoke CloseHandle,stProcInfo.hProcess;关闭句柄
invoke CloseHandle,stProcInfo.hThread;关闭句柄
ret
_test endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>;主程序代码
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_MainDialogProc proc uses ebx edi esi hWnd,wMsg,wParam,lParam
local @szBuffer[256]:byte
mov eax,wMsg
.if eax == WM_CLOSE
.if hThread
invoke TerminateThread,hThread,-1
.endif
invoke EndDialog,hWinMain,NULL
;********************************************************************
.elseif eax == WM_INITDIALOG ;初始化
mov eax,hWnd
mov hWinMain,eax
invoke SendDlgItemMessage,hWnd,IDC_URL,EM_SETLIMITTEXT,MAX_PATH,0
invoke SetDlgItemText, hWnd,IDC_URL,addr sz1
invoke SetDlgItemText, hWnd,IDC_URL1,addr sz2
invoke SetDlgItemText, hWnd,IDC_URL2,addr sz3
;********************************************************************
.elseif eax == WM_COMMAND
mov eax,wParam
movzx eax,ax
.if eax == IDC_URL
invoke GetDlgItemText,hWnd,IDC_URL,addr @szBuffer,sizeof @szBuffer
mov ebx,eax
invoke GetDlgItem,hWnd,IDOK
invoke EnableWindow,eax,ebx
.elseif eax == IDOK
invoke CreateThread,NULL,0,offset _NewProc,NULL,\
NULL,addr hThread
.elseif eax == IDC_Open
call _OpenFile
invoke SetDlgItemText,hWnd,IDC_URL,addr szUrl
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.elseif eax == IDC_URL1
invoke GetDlgItemText,hWnd,IDC_URL1,addr szNeiCun,sizeof szNeiCun
mov ebx,eax
invoke EnableWindow,eax,ebx
.elseif eax == IDC_URL2
invoke GetDlgItemText,hWnd,IDC_URL2,addr szZhiLing,sizeof szZhiLing mov ebx,eax
invoke EnableWindow,eax,ebx
.endif
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.else
mov eax,FALSE
ret
.endif
mov eax,TRUE
ret
_MainDialogProc endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
start:
invoke GetModuleHandle,NULL
mov hInstance,eax
invoke DialogBoxParam,hInstance,DLG_MAIN,NULL,offset _MainDialogProc,NULL
invoke ExitProcess,NULL
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
end start
data.asm :
ICO_MAIN equ 1000 ;图标
DLG_MAIN equ 1000
IDC_URL equ 1001
IDC_Open equ 1002
IDC_INFO equ 1003
IDC_URL1 equ 1004
IDC_URL2 equ 1005
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.data?
hInstance dd ?
hWinMain dd ?
hThread dd ?
szBuffer db 512 dup (?)
szUrl db 512 dup (?)
szZhiLing db 512 dup (?)
szNeiCun db 512 dup (?)
dwFlag dd ?
F_ABORT equ 0001h
stStartUp STARTUPINFO <?>
stProcInfo PROCESS_INFORMATION <?>
stProcess PROCESSENTRY32 <?>
.data
szNull db 0
szFilter db '选择你要打开的文件(*.*)',0,'*.*',0
szMyTitle db '选择你要打开的文件',0
szMessageTitle db '文件',0
sz1 db 'http://n00000000000000p.blog.sohu.com/',0
sz2 db '00401000h',0
sz3 db '00h,00h',0
RC资源脚本:
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
#include <resource.h>
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
#define ICO_MAIN 1000 //图标
#define DLG_MAIN 1000
#define IDC_URL 1001
#define IDC_Open 1002
#define IDC_INFO 1003
#define IDC_URL1 1004
#define IDC_URL2 1005
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
ICO_MAIN ICON "test.ico"
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
DLG_MAIN DIALOG 0, 0, 267, 126
STYLE DS_MODALFRAME | WS_POPUP | WS_VISIBLE | WS_CAPTION | WS_SYSMENU | WS_THICKFRAME
CAPTION "内存补丁测试程序 ----- By:Winker "
FONT 9, "system"
STYLE 0x14CA0000
EXSTYLE 0x00000001
{
LTEXT "选择要补丁的程序:", -1, 15,13,73,14
PUSHBUTTON "浏览",IDC_Open,236,14,22,14
EDITTEXT IDC_URL, 89,13,142,14, ES_AUTOHSCROLL | WS_BORDER | WS_TABSTOP
LTEXT "内存地址:",-1,13,31,46,14
EDITTEXT IDC_URL1, 66,30,69,14, ES_AUTOHSCROLL | WS_BORDER | WS_TABSTOP
LTEXT "指令机器码:",-1,140,31,50,15
EDITTEXT IDC_URL2, 195,31,62,14, ES_AUTOHSCROLL | WS_BORDER | WS_TABSTOP
PUSHBUTTON "开始内存补丁",IDOK, 13,47,65,16
}
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
额...我猜想可能是在控件那边出现问题,但是我找不出来...
请朋友指教
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
|
|
|---|---|
|
|
随便问一下,内存共享映射和进程读写有无联系?感觉蒙蒙的..
|
|
|
invoke WriteProcessMemory,stProcInfo.hProcess,\
addr szNeiCun,addr szZhiLing,2,NULL;开始写入补丁指令 上面的 addr szNeiCun参数传递有问题,你调试一下这个程序,到这句就看出来了. 
|
|
|
调式了,但是我看不出错误拉..
|
