stackoom
  简体   繁体   中英

RPM does work and i can't figure out why

 原文  2014-04-15 22:05:00       c#

Question

Keep Searching the internet and can't figure this out, ReadProcessMemory is returning just fine so its executing. But the output is always empty. Lenght of the array is 0 as well. 

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Runtime.InteropServices;
using System.Diagnostics;

namespace MemEd
{
    class Program
    {
        static void Main(string[] args)
        {
            Process proc = Process.GetProcessesByName("client")[0];
            byte[] buff = new byte[]{};
            IntPtr bread;
            IntPtr pHandle = OpenProcess(0x0010, false, proc.Id);
            bool check = ReadProcessMemory(pHandle, (IntPtr)0x5EFF75B8, buff, 10, out bread);
            if (!check)
                Console.WriteLine("RPM Fail");

            Console.WriteLine(buff.Length); //ALWAYS returns 0, Even the value is a string "xyle"
            Console.WriteLine(Encoding.Unicode.GetString(buff));//Always empty, tryed most of Encoding types to check still a blank result.
            Console.ReadKey();
        }


        [DllImport("kernel32.dll")]
        public static extern IntPtr OpenProcess(int dwDesiredAccess, bool bInheritHandle, int dwProcessId);

        [DllImport("kernel32.dll", SetLastError = true)]
        static extern bool ReadProcessMemory(
            IntPtr hProcess,
            IntPtr lpBaseAddress,
            [Out] byte[] lpBuffer,
            int dwSize,
            out IntPtr lpNumberOfBytesRead);
    }
}

2 answers

solution1
 1 ACCPTED  2014-04-15 22:07:34

It's probably because the buffer you give it to fill has a length of 0 since you initialized it completely empty ( new byte[] {} ). Try giving it some room: 

byte[] buff = new byte[1024];

Change the number based on how much memory you want to read, and then use the length as your dwSize parameter: 

ReadProcessMemory(pHandle, (IntPtr)0x5EFF75B8, buff, (UInt32)buff.Length, out bread);

Also, make sure you've got the correct permissions via this answer . You'll likely need to run the app with elevated permissions.

solution2
 0  2014-04-15 22:07:57

Try to specify the size of the buff array while creating. 

byte[] buff = new byte[some_size];

And also. I believe that the last argument of the ReadProcessMemory method declaration should be replaced with 

out int lpNumberOfBytesRead

because of out and ref arguments are passed by reference. Then you should be able to use int bread to cut off excessive bytes from the data in the buffer.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Can't figure out why counter doesn't work with tags I can't figure out why my data counting doesn't work right? index was out of range. I can't figure out why I can't figure out why my image will not repaint Selection is null on post. I can't figure out why Bool variable changing value, but I can't figure out why Why can't GC figure it out? Can't figure out why this is not allowed Why can't the compiler figure this out? (Properties) Can't figure out why this MVC2 route doesn't work
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM