简体繁体 English

OpenProcess / ReadProcessMemory / WriteProcessMemory / CloseHandle等效

[英]OpenProcess/ReadProcessMemory/WriteProcessMemory/CloseHandle equivalent

原文 2014-05-10 03:18:32 5 2 c++/ c/ linux/ windows/ unix

What would be the equivalent api to these Windows functions? 这些Windows功能的等效API是什么？ In case you are not familiar with the windows functions, all they do is open a process, access(read and write) its memory and close its handle. 如果您不熟悉Windows函数，他们所做的只是打开一个进程，访问（读取和写入）其内存并关闭其句柄。

Can this be done with syscalls only as well? 这只能用系统调用来完成吗？

2 个解决方案

You're looking for ptrace . 你正在寻找ptrace 。 Despite the name, it will also target individual threads on Linux and possibly other systems. 尽管名称如此，它还将针对Linux和其他系统上的各个线程。 More info can be found with Google if that blog post doesn't help. 如果该博客文章没有帮助，可以在Google找到更多信息。

If you're on a more modern kernel, you might try process_vm_readv which seems to more closely simulate ReadProcessMemory, only it works slightly more cleanly than ptrace and even the Windows equivalents. 如果您使用的是更现代的内核，您可以尝试使用似乎更接近模拟ReadProcessMemory的process_vm_readv ，只是它比ptrace甚至Windows等效项更干净。

OpenProcess句柄对ReadProcessMemory无效 - OpenProcess handle invalid for ReadProcessMemory

ReadProcessMemory / WriteProcessMemory是否访问程序数据或代码？ - Does ReadProcessMemory/WriteProcessMemory access program data or code?

C ++-将ReadProcessMemory缓存到缓冲区，将WriteProcessMemory（同一缓冲区上有新值）将缓冲区还原为旧值 - C++ - ReadProcessMemory to buffer, WriteProcessMemory (with new value on same buffer) reverts buffer to old value

c ++与ReadProcessMemory等效的指针操作 - c++ Pointer operation equivalent with ReadProcessMemory

WriteProcessMemory 的问题 - Issue with WriteProcessMemory

WriteProcessMemory 到 memcpy - WriteProcessMemory to memcpy

ReadProcessMemory更快 - ReadProcessMemory faster

等待函数和 CloseHandle 依赖 - Wait Functions and CloseHandle Dependency

OpenProcess的内核模式版本 - kernel mode version of OpenProcess

OpenProcess 失败（SeDebugPrivilege？） - OpenProcess Failure (SeDebugPrivilege?)

暂无

暂无

声明:本站的技术帖子网页，遵循CC BY-SA 4.0协议，如果您需要转载，请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 OpenProcess句柄对ReadProcessMemory无效 - OpenProcess handle invalid for ReadProcessMemory ReadProcessMemory / WriteProcessMemory是否访问程序数据或代码？ - Does ReadProcessMemory/WriteProcessMemory access program data or code? C ++-将ReadProcessMemory缓存到缓冲区，将WriteProcessMemory（同一缓冲区上有新值）将缓冲区还原为旧值 - C++ - ReadProcessMemory to buffer, WriteProcessMemory (with new value on same buffer) reverts buffer to old value c ++与ReadProcessMemory等效的指针操作 - c++ Pointer operation equivalent with ReadProcessMemory WriteProcessMemory 的问题 - Issue with WriteProcessMemory WriteProcessMemory 到 memcpy - WriteProcessMemory to memcpy ReadProcessMemory更快 - ReadProcessMemory faster 等待函数和 CloseHandle 依赖 - Wait Functions and CloseHandle Dependency OpenProcess的内核模式版本 - kernel mode version of OpenProcess OpenProcess 失败（SeDebugPrivilege？） - OpenProcess Failure (SeDebugPrivilege?)

相关标签

粤ICP备18138465号 © 2020-2024 STACKOOM.COM