如何在 Windows 中读取 Python 中另一个进程的内存?
[英]How can I read the memory of another process in Python in Windows?
问题描述
I'm trying to write a Python script that reads a series of memory locations of a particular process.
我正在尝试编写一个 Python 脚本来读取特定进程的一系列内存位置。
How can I do this in Python?我怎样才能在 Python 中做到这一点?
I'll be using Windows if it matters.如果重要的话,我会使用 Windows。 I have the processes PID that I'm attempting to read/edit.我有我试图读取/编辑的进程 PID。
Am I going to have to revert to calling ReadProcessMemory() and using ctypes?我将不得不恢复调用 ReadProcessMemory() 并使用 ctypes 吗?
3 个解决方案
解决方案1
28 2009-11-25 04:44:59
I didn't see anything in the standard python libraries but I found an example using ctypes like you suggested on another site:我在标准 python 库中没有看到任何东西,但我发现了一个使用 ctypes 的例子,就像你在另一个网站上建议的那样:
from ctypes import *
from ctypes.wintypes import *
OpenProcess = windll.kernel32.OpenProcess
ReadProcessMemory = windll.kernel32.ReadProcessMemory
CloseHandle = windll.kernel32.CloseHandle
PROCESS_ALL_ACCESS = 0x1F0FFF
pid = 4044 # I assume you have this from somewhere.
address = 0x1000000 # Likewise; for illustration I'll get the .exe header.
buffer = c_char_p("The data goes here")
bufferSize = len(buffer.value)
bytesRead = c_ulong(0)
processHandle = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
if ReadProcessMemory(processHandle, address, buffer, bufferSize, byref(bytesRead)):
print "Success:", buffer
else:
print "Failed."
CloseHandle(processHandle)
解决方案2
0 2009-11-25 04:45:20
解决方案3
-5 2009-11-25 05:50:34
See http://www.windowsreference.com/windows-xp/dos-commands-and-equivalent-linux-commands/请参阅http://www.windowsreference.com/windows-xp/dos-commands-and-equivalent-linux-commands/
You can use tasklist.exe to list processes, then scrape the results.您可以使用 tasklist.exe 列出进程,然后抓取结果。 Then use taskkill.exe (or tstskill.exe) to end them.然后使用 taskkill.exe(或 tstskill.exe)来结束它们。
But ctypes and kernal32 is probably safer.但是 ctypes 和 kernal32 可能更安全。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.