[英]C++ reading string from memory
I wrote a dll application that is hooked into a process. 我写了一个连接到进程的dll应用程序。 It works but it ONLY shows the FIRST letter.
它有效,但它只显示第一封信。
I wanted to get the whole string. 我想得到整个字符串。 The string could vary from 2 letters to 32 letters.
字符串可以从2个字母到32个字母不等。
//READING MEMORY
HANDLE ExeBaseAddress = GetModuleHandleA(0);
char uNameAddr = *(char*)((char*)ExeBaseAddress + 0x34F01C);
printf("%c \n", uNameAddr);
I also wanted to understand the parts: 我也想了解这些部分:
*(char*)((char*) //<-- what this is for.
And if it is possible to use this if using multilevel pointers: 如果使用多级指针可以使用它:
char multipoint = *(char*)((char*)ExeBaseAddress + 0x34F01C + 0x123 + 0x321 + 0x20);
UPDATE UPDATE
I guess something is wrong here: 我想这里有问题:
if(uNameAddr == "omnicient")
cout << "YOU ARE OMNI" << endl;
I used the username name omnicient
but it did not cout YOU ARE OMNI
. 我使用了用户名
omnicient
但它没有cout YOU ARE OMNI
。 I guess my compare is wrong? 我想我的比较是错的?
char uNameAddr is a character, you need a list of chars (or char*) char uNameAddr是一个字符,你需要一个字符列表(或char *)
try this instead: 试试这个:
char* name= (char*)((char*)ExeBaseAddress + 0x34F01C);
printf("%s \n", name);
What does *(char*)((char*)
mean? *(char*)((char*)
是什么意思?
(char*)ExeBaseAddress
treat ExeBaseAddress as a pointer to some data of type char (char*)ExeBaseAddress
将ExeBaseAddress视为指向char类型的一些数据的指针
((char*)ExeBaseAddress + 0x34F01C)
means add 0x34F01C to the above pointer to offset it by 0x34F01C chars ((char*)ExeBaseAddress + 0x34F01C)
表示将0x34F01C添加到上面的指针,将其偏移0x34F01C字符
(char*)((char*)ExeBaseAddress + 0x34F01C)
means treat this new address as pointer to some chars (char*)((char*)ExeBaseAddress + 0x34F01C)
表示将此新地址视为指向某些字符的指针
*(char*)((char*)ExeBaseAddress + 0x34F01C)
take the contents of the first char at that location *(char*)((char*)ExeBaseAddress + 0x34F01C)
获取该位置的第一个char的内容
char uNameAddr = *(char*)((char*)ExeBaseAddress + 0x34F01C);
means put that character into the char sized variable called uNameAddr. 意味着将该字符放入名为uNameAddr的char大小的变量中。
So basically you had a pointer, you offset it, and then took the first character and printed it. 所以基本上你有一个指针,你偏移它,然后拿出第一个字符并打印出来。
In the example I gave note how I don't take the firat character, and I put it a pointer variable. 在这个例子中,我给出了如何不接受firat字符的注意事项,并将其作为指针变量。
Then I used %s in the printf to make it print out all the chars potnted to by name. 然后我在printf中使用了%s来打印出所有按名称填充的字符。
%c
displays char
s (single characters), %s
displays NULL-terminated char*
s (strings): %c
显示char
s(单个字符), %s
显示以NULL结尾的char*
s(字符串):
HANDLE ExeBaseAddress = GetModuleHandleA(0);
char *uNameAddr = (char*) ExeBaseAddress + 0x34F01C;
printf("%s \n", uNameAddr);
Notice that I also tidied up the pointer casting, but the important thing is I got rid of the final dereference ( *
at the front) and assigned it to a char*
(pointer) instead of a char
. 请注意,我还整理了指针转换,但重要的是我摆脱了最后的解引用(前面的
*
)并将其分配给char*
(指针)而不是char
。
If your string isn't NULL-terminated (unlikely), you will need to use %.*s
and pass the length of your string too. 如果你的字符串不是以NULL结尾(不太可能),你将需要使用
%.*s
并传递字符串的长度。
As for the second part of your question: 至于你问题的第二部分:
*(char*)((char*) ExeBaseAddress + 0x34F01C)
let's break it down. 让我们分解吧。 Inside the brackets (therefore the first thing to be evaluated) is this:
在括号内(因此首先要评估的是):
(char *) ExeBaseAddress + 0x34F01C
Well that's a C cast (casting the HANDLE
to a char*
) followed by an addition. 好吧,这是一个C演员(将
HANDLE
转换为char*
),然后添加。 In other words, it says "Treat this thing as if it is a pointer to some memory, then look ahead by 0x34F01C bytes of memory" ( char
is always 1 byte). 换句话说,它说“将这个东西视为指向某个内存的指针,然后向前看0x34F01C字节的内存”(
char
总是1个字节)。 It is now a pointer to a new position in memory. 它现在是指向内存中新位置的指针。
Then we get out of the brackets and cast to char*
again... needlessly. 然后我们走出括号并再次投入
char*
......不必要。 It could have been: 它可能是:
*((char*) ExeBaseAddress + 0x34F01C)
and finally we dereference (the *
at the front), which says "Now tell me what the bit of memory you're pointing to is". 最后我们取消引用(前面的
*
),它说“现在告诉我你指的是什么记忆”。 But in this case you don't want that, because you want the whole string, not just the first letter (inside printf
, it loops along the memory you send it printing each character until it finds a 0
, aka \\0
aka NULL
). 但是在这种情况下你不需要那个,因为你想要整个字符串,而不仅仅是第一个字母(在
printf
内部,它沿着你发送的内存循环打印每个字符,直到它找到0
,又名\\0
也称为NULL
) 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.