windows 如何更改另一个进程的内存空间中的值
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/960036/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to change a value in memory space of another process
提问by florin.bunau
If you could help me with this dilemma I have. Now, I know C \ C++, I know asm, I know about dll injection, I know about virtual memory addressing, but I just can't figure out how software like CheatEngine, and others, manage to change a variable's value in another process.
如果你能帮我解决这个困境,我有。现在,我知道 C \ C++,我知道 asm,我知道 dll 注入,我知道虚拟内存寻址,但我就是不知道像 CheatEngine 和其他软件这样的软件是如何设法在另一个进程中更改变量的值的.
For those who don't know, 3rd party cheat engine tools can scan for values in the memory space of a program and identify the location of a variable with a given value and change it.
对于那些不知道的人,3rd 方作弊引擎工具可以扫描程序内存空间中的值并识别具有给定值的变量的位置并更改它。
My question is, how do they do it?
我的问题是,他们是如何做到的?
Given an address, if I were to write C code, how could I change the value at that address belonging to another process without getting an invalid addressing error?
给定一个地址,如果我要编写 C 代码,如何更改属于另一个进程的该地址处的值而不会出现无效寻址错误?
Thanks.
谢谢。
采纳答案by i_am_jorf
I'm fairly certain those programs are pretending to be debuggers. On Windows, I would start with DebugActiveProcess()and go from there.
我相当肯定这些程序是假装是调试器。在 Windows 上,我会从DebugActiveProcess()开始,然后从那里开始。
Oh, and the very useful looking ReadProcessMemory()function (and WriteProcessMemory()).
哦,还有看起来非常有用的ReadProcessMemory()函数(和 WriteProcessMemory())。
回答by Thomas
On unix: ptrace()
在 unix 上:ptrace()
回答by Thomas
You can't do this with Standard C or C++ - you have to use operating system specific features. So you need to tell us which OS you are interested in.
使用标准 C 或 C++ 无法做到这一点 - 您必须使用操作系统特定的功能。所以你需要告诉我们你对哪个操作系统感兴趣。
