将十六进制地址传递给指针变量
[英]Pass a hex address to a Pointer Variable
问题描述
I know how to work with pointers.
我知道如何使用指针。 But I don't know how do this:但我不知道如何做到这一点:
I have an hex address that's of course it has a any value from any app.我有一个十六进制地址,当然它具有来自任何应用程序的任何值。
I know to find the address that I want.我知道找到我想要的地址。 I want to write a C Code to pass this address to a pointer variable, and then I could capture the value from that address and so on.我想编写一个 C 代码将此地址传递给指针变量,然后我可以从该地址捕获值等等。
For example:例如:
hex 0x00010010
int *pointer;
How can I pass this address to the pointer, what's the syntax for that?如何将此地址传递给指针,它的语法是什么?
2 个解决方案
解决方案1
6 已采纳 2011-04-28 13:54:15
By using int* you are assuming the data you are point to is an int (4 bytes, on most OS's).通过使用int*您假设您指向的数据是一个int (在大多数操作系统上为 4 个字节)。
Shouldn't we use a void* instead?我们不应该使用void*来代替吗? Later, if you want to access it's data using a particular type, all you need to do is cast.稍后,如果您想使用特定类型访问它的数据,您需要做的就是强制转换。
void *addr = (void*)0x0023FF74; // valid memory address within my app
printf("Address: %p\n", addr);
getchar();
printf("Data (4bytes): %d\n", *(int*)addr); // print the first 4 bytes of data as int
getchar();
EDIT :编辑:
Help me understand what you are trying to do, because this statement confused me:帮助我理解你想要做什么,因为这句话让我很困惑:
There is app using that address, I know the value in it, but the (int)pointer don't access the value.
Are you trying to write an application that will modify the memory of another application that is running your system?您是否正在尝试编写一个应用程序来修改运行您系统的另一个应用程序的 memory? Your current approach won't work, and this is why: When the Operating System loads your application into a process, it reserves a memory region to be used by the process and assigns a range of virtual addresses to this region.您当前的方法不起作用,这就是原因:当操作系统将您的应用程序加载到进程中时,它会保留一个 memory 区域供该进程使用,并为该区域分配一系列虚拟地址。 These virtual addresses do not map directly to memory addresses in RAM, so the OS has to keep an internal table for that.这些虚拟地址不会 map 直接到 RAM 中的 memory 地址,因此操作系统必须为此保留一个内部表。
On Windows, each process loaded receives the same range of virtual addresses, but this area is only visible to the process that is running inside it.在 Windows 上,加载的每个进程都接收相同范围的虚拟地址,但该区域仅对在其中运行的进程可见。 For instance, (on Windows) processes are loaded in memory address 0x00400000, which mean each process has it's own memory address 0x00400000 , and therefore you can't assign X memory address to a pointer in your application and expect Windows to magically know that you are reffering to address X that is inside another application. For instance, (on Windows) processes are loaded in memory address 0x00400000, which mean each process has it's own memory address 0x00400000 , and therefore you can't assign X memory address to a pointer in your application and expect Windows to magically know that you正在引用另一个应用程序内部的地址 X。
What you are trying to accomplish it's called Code Injection , and there's a lot of information on the web about it.您尝试完成的操作称为代码注入,并且在 web 上有很多关于它的信息。
解决方案2
4 2011-04-28 13:46:24
In typical modern operating systems, you cannot access another process' (app's) address space.在典型的现代操作系统中,您无法访问另一个进程(应用程序)的地址空间。 The addresses are virtual , so the same numerical value means different things to different processes.地址是虚拟的,所以相同的数值对不同的进程意味着不同的东西。
If you are on a system with a true "flat" address space (where processes directly work with actual physical memory addresses) such as Amiga OS on the 680x0, you can do something like:如果您在具有真正“平坦”地址空间的系统上(其中进程直接使用实际物理 memory 地址),例如 680x0 上的 Amiga OS,您可以执行以下操作:
int *pointer = (int *) 0x00010010;
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.