作者在 2009-07-28 15:31:28 发布以下内容
共三个文件,vc6.0下测试通过
ProcessInfo.h
#ifndef PROCESSINFO_H
#define PROCESSINFO_H
#include <windows.h>
#include <tlhelp32.h>
#include <vector>
#include <iostream>
#define PROCESSINFO_H
#include <windows.h>
#include <tlhelp32.h>
#include <vector>
#include <iostream>
using namespace std ;
class ProcessInfo{
public:
BOOL ShowProcess () ;
DWORD GetProcessId(int ID) {return processArry[ID-1] ;}
private:
vector<DWORD> processArry ;
} ;
public:
BOOL ShowProcess () ;
DWORD GetProcessId(int ID) {return processArry[ID-1] ;}
private:
vector<DWORD> processArry ;
} ;
BOOL ProcessInfo::ShowProcess(){
int total(0) ;
processArry.clear () ;
PROCESSENTRY32 pe32;
pe32.dwSize = sizeof (pe32) ;
HANDLE hProcessSnap = ::CreateToolhelp32Snapshot (TH32CS_SNAPPROCESS,0) ;
if (hProcessSnap == INVALID_HANDLE_VALUE){
cout<<"调用CreateToolhelp32Snapshot失败" ;
return FALSE ;
}
BOOL bMore = ::Process32First (hProcessSnap,&pe32) ;
while (bMore){
++total ;
processArry.push_back (pe32.th32ProcessID) ;
cout<<"NUM:"<<total<<'\t'
<<"ID:"<<pe32.th32ProcessID<<'\t'<<'\t'
<<"名称:"<<pe32.szExeFile<<'\t'
<<endl ;
bMore = ::Process32Next (hProcessSnap,&pe32) ;
}
::CloseHandle (hProcessSnap) ;
return TRUE ;
}
int total(0) ;
processArry.clear () ;
PROCESSENTRY32 pe32;
pe32.dwSize = sizeof (pe32) ;
HANDLE hProcessSnap = ::CreateToolhelp32Snapshot (TH32CS_SNAPPROCESS,0) ;
if (hProcessSnap == INVALID_HANDLE_VALUE){
cout<<"调用CreateToolhelp32Snapshot失败" ;
return FALSE ;
}
BOOL bMore = ::Process32First (hProcessSnap,&pe32) ;
while (bMore){
++total ;
processArry.push_back (pe32.th32ProcessID) ;
cout<<"NUM:"<<total<<'\t'
<<"ID:"<<pe32.th32ProcessID<<'\t'<<'\t'
<<"名称:"<<pe32.szExeFile<<'\t'
<<endl ;
bMore = ::Process32Next (hProcessSnap,&pe32) ;
}
::CloseHandle (hProcessSnap) ;
return TRUE ;
}
#endif
MemRepair.h
#ifndef MEMREPAIR_H
#define MEMREPAIR_H
#define MEMREPAIR_H
#include <windows.h>
#include <vector>
#include <vector>
using namespace std ;
class MemRepair{
public:
MemRepair(HANDLE Process):m_nListNum (0),m_hProcess (Process){}
BOOL FirstScan () ;
BOOL NextScan () ;
BOOL WriteMem (DWORD) ;
void SetScanNum (int m_nScanNum) {this->m_nScanNum=m_nScanNum ; }
long GetListNum () {return m_nListNum ; }
// void GetList () ;
private:
BOOL ScanPage (DWORD) ;
public:
MemRepair(HANDLE Process):m_nListNum (0),m_hProcess (Process){}
BOOL FirstScan () ;
BOOL NextScan () ;
BOOL WriteMem (DWORD) ;
void SetScanNum (int m_nScanNum) {this->m_nScanNum=m_nScanNum ; }
long GetListNum () {return m_nListNum ; }
// void GetList () ;
private:
BOOL ScanPage (DWORD) ;
vector<DWORD> m_lpBaseAddr ;
int m_nScanNum ;
HANDLE m_hProcess ;
long m_nListNum ;
} ;
int m_nScanNum ;
HANDLE m_hProcess ;
long m_nListNum ;
} ;
BOOL MemRepair::FirstScan (){
const DWORD oneG=1024*1024*1024 ;
const DWORD onePage=4*1024 ;
DWORD baseAddr ;
OSVERSIONINFO vi = {sizeof(vi)} ;
::GetVersionEx (&vi) ;
if (vi.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS){
baseAddr=4*1024*1024 ;
}else{
baseAddr=640*1024 ;
}
for ( ; baseAddr != 2*oneG ; baseAddr+=onePage){
ScanPage (baseAddr);
}
return TRUE ;
}
const DWORD oneG=1024*1024*1024 ;
const DWORD onePage=4*1024 ;
DWORD baseAddr ;
OSVERSIONINFO vi = {sizeof(vi)} ;
::GetVersionEx (&vi) ;
if (vi.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS){
baseAddr=4*1024*1024 ;
}else{
baseAddr=640*1024 ;
}
for ( ; baseAddr != 2*oneG ; baseAddr+=onePage){
ScanPage (baseAddr);
}
return TRUE ;
}
BOOL MemRepair::NextScan (){
m_nListNum = 0 ;
vector<DWORD> baseAddr(m_lpBaseAddr) ;
m_lpBaseAddr.clear () ;
for (int i = 0 ;i != baseAddr.size () ;++i){
DWORD buf ;
if (!::ReadProcessMemory (m_hProcess,(LPVOID)baseAddr[i],&buf,sizeof(DWORD),NULL)){
return FALSE ;
}
if (buf == m_nScanNum){
m_lpBaseAddr.push_back (baseAddr[i]) ;
++m_nListNum ;
}
}
return TRUE ;
}
m_nListNum = 0 ;
vector<DWORD> baseAddr(m_lpBaseAddr) ;
m_lpBaseAddr.clear () ;
for (int i = 0 ;i != baseAddr.size () ;++i){
DWORD buf ;
if (!::ReadProcessMemory (m_hProcess,(LPVOID)baseAddr[i],&buf,sizeof(DWORD),NULL)){
return FALSE ;
}
if (buf == m_nScanNum){
m_lpBaseAddr.push_back (baseAddr[i]) ;
++m_nListNum ;
}
}
return TRUE ;
}
BOOL MemRepair::ScanPage (DWORD lpBaseAddr){
BYTE bufArry[4096] ;
if (!::ReadProcessMemory (m_hProcess,(LPVOID)lpBaseAddr,bufArry,4096,NULL)){
return FALSE ;
}
DWORD* bufNum ;
for (int i = 0 ;i != 4096-3 ;++i){
bufNum = (DWORD*)&bufArry[i] ;
if (bufNum[0] == m_nScanNum){
m_lpBaseAddr.push_back (lpBaseAddr+i) ;
++m_nListNum ;
}
}
return TRUE ;
}
BYTE bufArry[4096] ;
if (!::ReadProcessMemory (m_hProcess,(LPVOID)lpBaseAddr,bufArry,4096,NULL)){
return FALSE ;
}
DWORD* bufNum ;
for (int i = 0 ;i != 4096-3 ;++i){
bufNum = (DWORD*)&bufArry[i] ;
if (bufNum[0] == m_nScanNum){
m_lpBaseAddr.push_back (lpBaseAddr+i) ;
++m_nListNum ;
}
}
return TRUE ;
}
BOOL MemRepair::WriteMem (DWORD n){
return ::WriteProcessMemory (m_hProcess,(LPVOID)m_lpBaseAddr[0],&n,sizeof(DWORD),NULL) ;
}
//void MemRepair::GetList (){
// for (int i = m_nListNum ; i != 0 ;--i){
// cout<<m_lpBaseAddr[m_nListNum-i]<<endl;
// }
//}
return ::WriteProcessMemory (m_hProcess,(LPVOID)m_lpBaseAddr[0],&n,sizeof(DWORD),NULL) ;
}
//void MemRepair::GetList (){
// for (int i = m_nListNum ; i != 0 ;--i){
// cout<<m_lpBaseAddr[m_nListNum-i]<<endl;
// }
//}
#endif
MemRepair.cpp
#include <dos.h>
#include <iostream>
#include <string>
#include "MemRepair.h"
#include "ProcessInfo.h"
#include <iostream>
#include <string>
#include "MemRepair.h"
#include "ProcessInfo.h"
using namespace std;
vector<DWORD> processArry ;
int main(){
ProcessInfo process ;
int processID,ScanNum;
HANDLE hProcess ;
process.ShowProcess () ;
cout<<"请选择要修改进程序号"<<endl ;
cin>>processID ;
hProcess=::OpenProcess (PROCESS_ALL_ACCESS,FALSE,process.GetProcessId (processID)) ;
MemRepair memReapir (hProcess) ;
system ("cls") ;
cout<<"请输入要查询的数值"<<endl;
cin>>ScanNum ;
memReapir.SetScanNum (ScanNum) ;
memReapir.FirstScan () ;
while (memReapir.GetListNum ()>1){
string s ;
cout<<"查到"<<memReapir.GetListNum ()<<"个,是否继续?(Y/N)"<<endl ;
cin>>s ;
if (s.compare ("Y") == 0||s.compare ("y") == 0){
cout<<"请输入要查询的数值"<<endl ;
cin>>ScanNum ;
memReapir.SetScanNum (ScanNum) ;
memReapir.NextScan () ;
}else if (s.compare ("N") == 0||s.compare ("n") == 0){
cout<<"您选择退出"<<endl ;
break ;
}else{
continue ;
}
}
if (memReapir.GetListNum () == 1){
cout<<"地址唯一..."<<endl ;
cout<<"请输入要修改的值.."<<endl ;
cin>>ScanNum ;
memReapir.WriteMem (ScanNum) ;
cout<<"修改成功.."<<endl ;
}else{
cout<<"查找失败..."<<endl ;
}
return 0 ;
}
ProcessInfo process ;
int processID,ScanNum;
HANDLE hProcess ;
process.ShowProcess () ;
cout<<"请选择要修改进程序号"<<endl ;
cin>>processID ;
hProcess=::OpenProcess (PROCESS_ALL_ACCESS,FALSE,process.GetProcessId (processID)) ;
MemRepair memReapir (hProcess) ;
system ("cls") ;
cout<<"请输入要查询的数值"<<endl;
cin>>ScanNum ;
memReapir.SetScanNum (ScanNum) ;
memReapir.FirstScan () ;
while (memReapir.GetListNum ()>1){
string s ;
cout<<"查到"<<memReapir.GetListNum ()<<"个,是否继续?(Y/N)"<<endl ;
cin>>s ;
if (s.compare ("Y") == 0||s.compare ("y") == 0){
cout<<"请输入要查询的数值"<<endl ;
cin>>ScanNum ;
memReapir.SetScanNum (ScanNum) ;
memReapir.NextScan () ;
}else if (s.compare ("N") == 0||s.compare ("n") == 0){
cout<<"您选择退出"<<endl ;
break ;
}else{
continue ;
}
}
if (memReapir.GetListNum () == 1){
cout<<"地址唯一..."<<endl ;
cout<<"请输入要修改的值.."<<endl ;
cin>>ScanNum ;
memReapir.WriteMem (ScanNum) ;
cout<<"修改成功.."<<endl ;
}else{
cout<<"查找失败..."<<endl ;
}
return 0 ;
}