ReadProcess Memory 299 on Windows 8
ReadProcess Memory 299 on Windows 8
我有这个程序,它在windows 7中运行得很好,但在windows 8上,当我输出它时,readprocessmemory似乎是空白的。获取最后一个错误代码299。我没有为读取过程创建程序的这一部分,但我使用它是因为它适用于Windows7。windows 8机器上的游戏手柄和咏叹调位置相同,我仔细检查了一下。找到游戏手柄。这个地址在windows7中运行良好。
hGameWindow = FindWindow(L"WFElementClient Window",NULL);
if(hGameWindow) {
GetWindowThreadProcessId( hGameWindow, &dwProcId );
if( dwProcId != 0 ) {
hProcHandle = OpenProcess( PROCESS_ALL_ACCESS, FALSE, dwProcId );
if( hProcHandle == INVALID_HANDLE_VALUE || hProcHandle == NULL ) {
GameStatus = "Failed to open process for valid handle";
}else{
GameStatus = "Game Found";
myaddr = FindPointerAddr(hProcHandle, ariaBase, aOffset);
// IsGameAvail = true;
}
}
else GameStatus = "Failed to obtain process id";
}
else GameStatus = "game handle not found";
ReadProcessMemory(hProcHandle, (LPCVOID)myaddr, &buffer, sizeof(buffer), NULL);
int FindPointerAddr(HANDLE pHandle,int baseaddr, DWORD offsets[])
{
int Address = baseaddr;
int offset = 0;
int offsetCount = 5;
for (int i = 0; i < offsetCount; i++)
{
ReadProcessMemory(pHandle, (LPCVOID)Address, &Address , 4, NULL);
Address+=offsets[i];
}
return Address;
}
安全权限已从Windows 7更改为Windows 8。
您可能需要以管理员身份运行并立即设置SeDebugPrivelage,而以前版本的Windows不需要这样做。例如使用PROCESS_ALL_ACCESS调用OpenProcess()时,因为PROCESS_VM_READ需要SeDebugPrivelage
以下是如何设置SeDebugPrivelage:
bool SetDebugPrivilege(bool Enable)
{
HANDLE hToken{ nullptr };
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, &hToken))
return false;
TOKEN_PRIVILEGES TokenPrivileges{};
TokenPrivileges.PrivilegeCount = 1;
TokenPrivileges.Privileges[0].Attributes = Enable ? SE_PRIVILEGE_ENABLED : 0;
if (!LookupPrivilegeValueA(nullptr, "SeDebugPrivilege", &TokenPrivileges.Privileges[0].Luid))
{
CloseHandle(hToken);
return false;
}
if (!AdjustTokenPrivileges(hToken, FALSE, &TokenPrivileges, sizeof(TOKEN_PRIVILEGES), nullptr, nullptr))
{
CloseHandle(hToken);
return false;
}
CloseHandle(hToken);
return true;
}
相关文章:
- SFML 交叉编译 for Windows on Linux.
- Cmake with Flex/Bison on windows
- Boost::process on Windows - with MinGW?
- anaconda cythonize C++ on windows 10
- CMake & MinGW Compileilation on Windows,无需 -G "MinGW Makefiles"标志
- Windows Machine Learning (winML) on ARM
- 用于Clang on Windows的CMake生成器
- boost::stacktrace on Windows MSVS 2017
- TLS with http_listener in Microsoft cpprestsdk on Windows
- DirectX 11 on Windows 10
- CppFlow on windows 10
- OpenMP 4.5 on Windows with Clang, CMake & Ninja
- SDL 2.0.7 touch on Windows
- C++ on Jupyter Notebook for Windows
- WinHttpSendRequest and HTTPS on Windows XP
- OpenSSL on Windows and Visual Studio 2010
- 在 Windows for Linux on Intel 上编译C++库
- OpenCV on eclipse on windows
- C++ [[gnu::visibility( "default" )]] vs __declspec(dllexport) on Windows 和 Linux
- endian.h on Windows
