读写另一EXE的内存

procedure TfrmMain.tmrChangeServerNameTimer(Sender: TObject);

function GetProcessID(FileName: string = ''): TProcessEntry32;

var

  Ret: BOOL;

  s: string;

  FSnapshotHandle: THandle;

  FProcessEntry32: TProcessEntry32;

begin

  FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);

  FProcessEntry32.dwSize := Sizeof(FProcessEntry32);

  Ret := Process32First(FSnapshotHandle, FProcessEntry32);

  while Ret do

  begin

    s := ExtractFileName(FProcessEntry32.szExeFile);

    if (AnsiCompareText(Trim(s),Trim(FileName))=0) and (FileName <> '') then begin

      result := FProcessEntry32;

      break;

    end;

    Ret := Process32Next(FSnapshotHandle, FProcessEntry32);

  end;

  CloseHandle(FSnapshotHandle);

end;

var

  FProcessEntry32: TProcessEntry32;

  ProcessID: integer;

  ProcessHandle: THandle;

  lpBuffer: PChar;

  nSize: DWORD;

  lpNumberOfBytes: DWORD;

  mbi_thunk:TMemoryBasicInformation;

  dwOldProtect:dword;

const

  LeftAddress = $02370C68;

  RightAddress1 = $02370C74;

  RightAddress2 = $02370C84;

//  ServerName = '京信三国';

begin

  FProcessEntry32 := GetProcessID('aLogin.exe');

  if FProcessEntry32.th32ProcessID =0 then exit;

  ProcessID := FProcessEntry32.th32ProcessID;

  ProcessHandle := OpenProcess(PROCESS_ALL_ACCESS, false, ProcessID);

  //---------------写left

  lpBuffer := PChar(GB2Big5('01.' + ServerName));

  nSize:= 12;                               //N是数据长度

  //写LeftAddress数据

  VirtualQueryEx(ProcessHandle,Pointer(LeftAddress),mbi_thunk, sizeof(TMemoryBasicInformation));

  VirtualProtectEx(ProcessHandle,Pointer(LeftAddress),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect);

  WriteProcessMemory(ProcessHandle, Pointer(LeftAddress), lpBuffer, nSize, lpNumberOfBytes);

  VirtualProtectEx(ProcessHandle,Pointer(LeftAddress), nSize, mbi_thunk.Protect,dwOldProtect);

  //---------------写right

  lpBuffer := PChar(GB2Big5(ServerName));   //要写的内容

  nSize:= 8;                                //数据长度

  //写RightAddress1数据

  VirtualQueryEx(ProcessHandle,Pointer(RightAddress1),mbi_thunk, sizeof(TMemoryBasicInformation));

  VirtualProtectEx(ProcessHandle,Pointer(RightAddress1),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect);

  WriteProcessMemory(ProcessHandle, Pointer(RightAddress1), lpBuffer, nSize, lpNumberOfBytes);

  VirtualProtectEx(ProcessHandle,Pointer(RightAddress1), nSize, mbi_thunk.Protect,dwOldProtect);

  //写RightAddress2数据

  VirtualQueryEx(ProcessHandle,Pointer(RightAddress2),mbi_thunk, sizeof(TMemoryBasicInformation));

  VirtualProtectEx(ProcessHandle,Pointer(RightAddress2),nSize,PAGE_EXECUTE_READWRITE,mbi_thunk.Protect);

  WriteProcessMemory(ProcessHandle, Pointer(RightAddress2), lpBuffer, nSize, lpNumberOfBytes);

  VirtualProtectEx(ProcessHandle,Pointer(RightAddress2), nSize, mbi_thunk.Protect,dwOldProtect);

  //读内容,确定是否修改成功

  lpBuffer := AllocMem(nSize);

  ReadProcessMemory(ProcessHandle, Pointer(RightAddress2), lpBuffer, nSize, lpNumberOfBytes);

  if ServerName = Big52GB(lpBuffer) then begin

    Caption := '内存内容为:' + Big52GB(lpBuffer);

    tmrChangeServerName.Enabled := False;

  end;

  CloseHandle(ProcessHandle);  

//   Memo1.Lines.Add(Big52GB(lpBuffer));

  //MEMO显示信息  

//  Memo1.Lines.Clear;

//  memo1.lines.add('Process ID ' + IntToHex(FProcessEntry32.th32ProcessID, 8));

//  memo1.lines.Add('File name ' + FProcessEntry32.szExeFile);

//  memo1.Lines.Add('Process Handle ' + intTohex(ProcessHandle, 8));

//  Memo1.Lines.Add('虚拟内存中的数据:');

end;

 

你可能感兴趣的:(exe)