堆栈内存溢出
  简体   繁体   English

Java用JNA读取其他进程的内存

[英]Java read memory of other process with JNA

 原文  2019-12-26 13:42:55       java/ winapi/ jna/ readprocessmemory

问题描述

I'm trying to read a part from the memory of a Notepad instance, but I'm always getting system error 299 when calling kernel32's ReadProcessMemory() .我正在尝试从记事本实例的内存中读取一部分,但在调用 kernel32 的ReadProcessMemory()时总是出现系统错误 299。

This is the code I have so far:这是我到目前为止的代码:

package memreadtest;

import com.sun.jna.Memory;
import com.sun.jna.Native;
import com.sun.jna.platform.win32.Kernel32;
import com.sun.jna.platform.win32.User32;
import com.sun.jna.platform.win32.WinNT.HANDLE;
import com.sun.jna.ptr.IntByReference;
import com.sun.jna.win32.W32APIOptions;

public class MemReader {

    private final static Kernel32 kernel32 = Native.load("kernel32", Kernel32.class, W32APIOptions.DEFAULT_OPTIONS);
    private final static User32 user32 = Native.load("user32", User32.class, W32APIOptions.DEFAULT_OPTIONS);

    private final static int PROCESS_VM_READ = 0x0010;

    public static void main(String[] args) {
        int bytesToRead = 1024;

        Memory notepadDump = readProcessMemory("*Untitled - Notepad", bytesToRead);

        Memory.disposeAll();
    }

    private static Memory readProcessMemory(String winTitle, int bytesToRead) {
        Memory output = new Memory(bytesToRead);

        IntByReference pid = new IntByReference(0);

        user32.GetWindowThreadProcessId(user32.FindWindow(null, winTitle), pid);

        HANDLE handle = kernel32.OpenProcess(PROCESS_VM_READ, true, pid.getValue());

        if (!kernel32.ReadProcessMemory(handle, handle.getPointer(), output, bytesToRead, null)) {
            System.err.println("Failed to read memory of process " + pid.getValue() + ". System Error Code: " + kernel32.GetLastError());
            return null;
        }

        return output;
    }
}

What am I doing wrong?我究竟做错了什么?

1 个解决方案

解决方案1
 0  2019-12-26 13:48:38

You are reading an address that there is no reason to expect is valid in the external process.您正在阅读一个没有理由期望在外部进程中有效的地址。 A process handle is not expected to be a valid address in the process.进程句柄不应是进程中的有效地址。

I'm not sure what you are trying to read from this process, but l whatever it is you will need to somehow find an appropriate address.我不确定你想从这个过程中读取什么,但是无论是什么,你都需要以某种方式找到合适的地址。

You clarify in comments that you want to read from the module base address.您在注释中阐明要从模块基址读取的内容。 For instance see: Get base address of process例如参见:获取进程的基地址

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Java JNA编写内存布尔值 - Java JNA writing memory boolean Java JNA无效的内存访问 - Java JNA Invalid Memory Access Java JNA包装器和内存消耗 - Java JNA wrapper and memory consumption 从Java中读取自己进程的内存 - Read memory from own process in Java 如何使用JNA确定Java中Windows进程的位数? - How to determine Windows process bitness in Java with JNA? 使用Java(JNA)检测进程是否空闲 - Detecting whether a process is idle with Java (JNA) 在Java JNA调用的dll中分配内存错误 - Allocate memory error in dll called by Java JNA 如何在 Windows 上使用 JNA 从 Java 操作内存 - How to manipulate memory from Java with JNA on Windows Java JNA 无法将浮点数写入内存 - Java JNA can't write float to memory JNA-C内存错误使Java程序崩溃 - JNA - C memory error crashes Java Program
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM