[转]C#获取窗口进程ID与句柄还有读写内存类

  1. using System;
  2. using System.Text;

  3. using System.Diagnostics;
  4. using System.Runtime.InteropServices;

  5. namespace PlantsVsZombiesTool
  6. {
  7.     
  8.     public abstract class Helper
  9.     {
  10.         [DllImportAttribute("kernel32.dll", EntryPoint = "ReadProcessMemory")]
  11.         public static extern bool ReadProcessMemory
  12.             (
  13.                 IntPtr hProcess,
  14.                 IntPtr lpBaseAddress,
  15.                 IntPtr lpBuffer,
  16.                 int nSize,
  17.                 IntPtr lpNumberOfBytesRead
  18.             );

  19.         [DllImportAttribute("kernel32.dll", EntryPoint = "OpenProcess")]
  20.         public static extern IntPtr OpenProcess
  21.             (
  22.                 int dwDesiredAccess,
  23.                 bool bInheritHandle,
  24.                 int dwProcessId
  25.             );

  26.         [DllImport("kernel32.dll")]
  27.         private static extern void CloseHandle
  28.             (
  29.                 IntPtr hObject
  30.             );

  31.         //写内存
  32.         [DllImportAttribute("kernel32.dll", EntryPoint = "WriteProcessMemory")]
  33.         public static extern bool WriteProcessMemory
  34.             (
  35.                 IntPtr hProcess,
  36.                 IntPtr lpBaseAddress,
  37.                 int[] lpBuffer,
  38.                 int nSize,
  39.                 IntPtr lpNumberOfBytesWritten
  40.             );

  41.         //获取窗体的进程标识ID
  42.         public static int GetPid(string windowTitle)
  43.         {
  44.             int rs = 0;
  45.             Process[] arrayProcess = Process.GetProcesses();
  46.             foreach (Process p in arrayProcess)
  47.             {
  48.                 if (p.MainWindowTitle.IndexOf(windowTitle) != -1)
  49.                 {
  50.                     rs = p.Id;
  51.                     break;
  52.                 }
  53.             }

  54.             return rs;
  55.         }

  56.         //根据进程名获取PID
  57.         public static int GetPidByProcessName(string processName)
  58.         {
  59.             Process[] arrayProcess = Process.GetProcessesByName(processName);

  60.             foreach (Process p in arrayProcess)
  61.             {
  62.                 return p.Id;
  63.             }
  64.             return 0;
  65.         }

  66.         //根据窗体标题查找窗口句柄(支持模糊匹配)
  67.         public static IntPtr FindWindow(string title)
  68.         {
  69.             Process[] ps = Process.GetProcesses();
  70.             foreach (Process p in ps)
  71.             {
  72.                 if (p.MainWindowTitle.IndexOf(title) != -1)
  73.                 {
  74.                     return p.MainWindowHandle;
  75.                 }
  76.             }
  77.             return IntPtr.Zero;
  78.         }

  79.         //读取内存中的值
  80.         public static int ReadMemoryValue(int baseAddress,string processName)
  81.         {
  82.             try
  83.             {
  84.                 byte[] buffer = new byte[4];
  85.                 IntPtr byteAddress = Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0); //获取缓冲区地址
  86.                 IntPtr hProcess = OpenProcess(0x1F0FFF, false, GetPidByProcessName(processName));
  87.                 ReadProcessMemory(hProcess, (IntPtr)baseAddress, byteAddress, 4, IntPtr.Zero); //将制定内存中的值读入缓冲区
  88.                 CloseHandle(hProcess);
  89.                 return Marshal.ReadInt32(byteAddress);
  90.             }
  91.             catch
  92.             {
  93.                 return 0;
  94.             }
  95.         }

  96.         //将值写入指定内存地址中
  97.         public static void WriteMemoryValue(int baseAddress, string processName, int value)
  98.         {
  99.             IntPtr hProcess = OpenProcess(0x1F0FFF, false, GetPidByProcessName(processName)); //0x1F0FFF 最高权限
  100.             WriteProcessMemory(hProcess, (IntPtr)baseAddress, new int[] { value }, 4, IntPtr.Zero);
  101.             CloseHandle(hProcess);
  102.         }
  103.     }
  104. }

你可能感兴趣的:([转]C#获取窗口进程ID与句柄还有读写内存类)