ReadProcessMemory()对于静态地址返回0
[英]ReadProcessMemory() returns 0 for static addresses
问题描述
What I try to do is to read a static address that's pointing to a dynamic adress that holds some value. 
我试图做的是读取一个静态地址,该地址指向具有某种价值的动态地址。 But if I try to read the static address it always returns 0. The only way for it to be read is if I attach a debugger to the dynamic address in cheat engine. 但是,如果我尝试读取静态地址,则它总是返回0。唯一的读取方法是在作弊引擎中将调试器附加到动态地址。 However I have no problem reading it with only reading from the dynamic address. 但是我只从动态地址读取就没有问题。
DWORD address = 0x74EA46D8;
int value = 0;
int new_address = 0;
DWORD pid;
HWND hwnd;
hwnd = FindWindow(NULL,L"HackMe.exe");
if(!hwnd) {
cout <<"Window not found!\n";
cin.get();
} else {
GetWindowThreadProcessId(hwnd,&pid);
HANDLE phandle = OpenProcess(PROCESS_VM_READ,0,pid);
if(!phandle) {
cout <<"Could not get handle!\n";
cin.get();
} else {
while(1) {
ReadProcessMemory(phandle,(void*)address,&new_address,sizeof(new_address),0);
cout << new_address << "\n"; //Always print 0
//int new_address = 0x2ECA40B0; //This works if I uncomment this
ReadProcessMemory(phandle,(void*)new_address,&value,sizeof(value),0);
I even tried getting debug privelege, but that didn't do anything. 我什至尝试获取调试特权,但这没做任何事情。 I have no clue on what the problem is since I'm very new to C++. 我不知道问题出在哪里,因为我对C ++很陌生。 Any help is appreciated. 任何帮助表示赞赏。
Thank you. 谢谢。
Edit 编辑
GetLastError() returns 0 at first, then it returns 299 GetLastError()首先返回0,然后返回299
Edit 2 编辑2
BOOL x = ReadProcessMemory(phandle,(void*)address,&new_address,sizeof(new_address),0);
cout << x << " " << GetLastError() << "\n";
returns 退货
1 0
1 299
1 299
1 299
and so on 等等
Edit 3 Bytes read is 4. 编辑3字节读取为4。
Edit 4 编辑4
Just to clarify. 只是为了澄清。
Reading directly from 0x74EA46D8 with ReadProcessMemory() returns 0. 使用ReadProcessMemory()从0x74EA46D8直接读取将返回0。
If I open up cheat engine and add the address 0x74EA46D8 points to to the address list. 如果我打开作弊引擎并将地址0x74EA46D8添加到地址列表中。 Then right click on it and press "Find out what access this address" it can be read all of a sudden. 然后右键单击它,然后按“查找对该地址的访问权限”,即可突然读取它。 Enabling SeDebugPrivelege does nothing. 启用SeDebugPrivelege不会执行任何操作。
The dynamic address can be read as normal, without having debug privelege(as long as I manually type the address for it or cheat engine debugs the address so the static address can be read) 动态地址可以正常读取,而无需调试privelege(只要我手动为其输入地址或作弊引擎对地址进行调试,以便可以读取静态地址)
It's structured in this way: 它的结构是这样的:
static address pointing to the address I try to read, this return 0 as the "new address" unless see above. 静态地址指向我尝试读取的地址,除非见上文,否则返回0作为“新地址”。
dynamic address, containing the value I'm trying to read. 动态地址,其中包含我尝试读取的值。 This reads just fine if I define the dynamic address manually. 如果我手动定义动态地址,这看起来很好。 But if I don't it fails since new_address is 0, unless see above. 但是,如果我不这样做,则因为new_address为0,否则它将失败,除非见上文。
Edit 5 编辑5
Finally I found out the problem, the previous address was wrong. 最终我发现了问题,以前的地址是错误的。 That address was part of cheat engine and the real address was 0x013CD878 with an offset of 0x4B0. 该地址是作弊引擎的一部分,实际地址为0x013CD878,偏移量为0x4B0。 That was the reason why it didn't work unless I debugged it. 这就是为什么除非我对其进行调试,否则它不起作用的原因。
But I hope others will learn from my mistake :P 但我希望其他人能从我的错误中学到东西:P
1 个解决方案
解决方案1
1 2012-09-14 19:55:22
Aren't you reading from different addresses? 您不是从其他地址阅读吗? address != new_address . address != new_address 。 (void*)address - is the address where you start reading from. (void*)address是您开始读取的地址。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.