将第二个程序的进程号写入第一个的ID中,同时将&i地址写在WriteProcessMemory中,调试可以发现,改变了第二个程序的i的值
#include<windows.h>#include<tchar.h>#include<Tlhelp32.h>#define ID 4368int _tmain(){HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPHEAPLIST,ID);if (hSnapshot == INVALID_HANDLE_VALUE){_tprintf(L"%d\n", GetLastError());return 0;}HEAPLIST32 hl = {0};hl.dwSize = sizeof(hl);Heap32ListFirst(hSnapshot,&hl);do{_tprintf(L"------------------------------------------------\n");_tprintf(TEXT("ProcessID=%d,HeapID=%d\n"),hl.th32ProcessID,hl.th32HeapID);HEAPENTRY32 he = {0};he.dwSize = sizeof(he);Heap32First(&he,hl.th32ProcessID,hl.th32HeapID);do{_tprintf(TEXT("Address=%0x\tSize=%0x\tflages=%0x\n"),he.dwAddress,he.dwBlockSize,he.dwFlags);} while (Heap32Next(&he));} while (Heap32ListNext(hSnapshot, &hl));HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS,FALSE,ID);int i = 0;ReadProcessMemory(hProcess,(LPCVOID)(0x13b0818),&i,4,NULL);i = 0;WriteProcessMemory(hProcess, (LPVOID)(0x13b0818), &i, 4, NULL);//往内存中写数据,将i=0赋给它CloseHandle(hSnapshot);CloseHandle(hProcess);_gettchar();return 0;}/*这种列举方法,只能列举其他进程中堆内存的信息线程栈的内存信息,没法列出来我们可以获得其他进程中内存数据,也可以修改其他进程中的数据*/
#include<windows.h>#include<tchar.h>int _tmain(){int i = 2000;while (1){_tprintf(L"%d\n", i);}_gettchar();return 0;}
若有收获,就点个赞吧
0 人点赞
