|
#2
xinling9982013-04-17 23:19
|
源程序如下:
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
type
TForm1 = class(TForm)
Button1: TButton;
Label1: TLabel;
procedure Button1Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
var
NewData : array[0..1] of byte = ($90,$90);
Bytesread : DWORD;
procedure TForm1.Button1Click(Sender: TObject);
var
hwin, pid: DWORD;
hprocess: DWORD;
begin
hwin := FindWindow(nil,'CM Test');
GetWindowThreadProcessId(hwin, pid);
hprocess := OpenProcess(PROCESS_ALL_ACCESS, False, pid);
if WriteProcessMemory(hProcess ,Pointer($004566EE),@newdata,2 ,BytesRead ) then //指定地址004566EE
begin
CloseHandle(hProcess);
label1.Caption:=' 指定目标已经K.O了 ';
end
else
begin
CloseHandle(hProcess);
label1.Caption:=' 指定目标不知道为啥失败了 ';
end;
end;
end.
按照上面的方法只能写固定的内存补丁,请问下有哪位大牛知道怎么取模块地址写偏移补丁吗
