读取进程内存上的错误 299
Error 299 on ReadProcessMemory
尝试从游戏内存中读取实体名称,指针 100% 正确,因为使用 ce 进行检查。
读取/写入浮点/整数值没有问题
32 位进程,游戏以及 - 尝试在 x64 中编译代码,没有帮助。
GetLastError()
返回 nr 299
ERROR_PARTIAL_COPY
299 (0x12B)
Only part of a ReadProcessMemory or WriteProcessMemory request was completed.
任何想法什么可以成为原因?下面的代码
#include <windows.h>
#include <TlHelp32.h>
#include <iostream>
#include <string>
#include <time.h>
#include <tchar.h>
using namespace std;
DWORD dwGetModuleBaseAddress(DWORD dwProcessIdentifier, TCHAR *lpszModuleName);
string readName(HANDLE handlez, DWORD base, DWORD bp, DWORD ofset1, DWORD ofset2, DWORD ofsetInc);
int main()
{
DWORD baseOfset = 0x60DE90;
DWORD ofset1 = 0x4c4;
DWORD ofset2 = 0x6a0;
DWORD ofset3 = 0x18;
HWND window = NULL;//FindWindow(0, _TEXT("Gothic II - 2.6 (pol)"));
DWORD pID = 0;
DWORD dwBP = NULL;
HANDLE handle = NULL;// OpenProcess(PROCESS_ALL_ACCESS, FALSE, pID);
string gameStatus;
int refresher = clock();
gameStatus = "Waiting for game";
window = FindWindow(0, _TEXT("Gothic II - 2.6 (pol)")); // window title
if (window)
{
GetWindowThreadProcessId(window, &pID);
if (pID != 0)
{
handle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pID);
dwBP = dwGetModuleBaseAddress(pID, _T("Gothic2.exe")); // proc name
if (handle == INVALID_HANDLE_VALUE || handle == NULL || dwBP == NULL)
{
gameStatus = "No handle";
}
else
{
gameStatus = "OK";
}
}
else
{
gameStatus = "No access";
}
}
else
{
gameStatus = "No window";
}
while (!GetAsyncKeyState(VK_DELETE))
{
if (clock() - refresher > 1000)
{
refresher = clock();
cout << gameStatus << endl;
string elo="a";
elo = readName(handle, dwBP, baseOfset, ofset1, ofset2, ofset3);
if (elo == "a")
{
cout << ":(n";
}
cout << "Name: " << elo <<".n";
cout << "Name: " << &elo << ".n" << endl;
system("pause");
}
}
CloseHandle(handle);
}
string readName(HANDLE handlez, DWORD base, DWORD bp, DWORD ofset1, DWORD ofset2, DWORD ofsetInc)
{
DWORD adresik;
ReadProcessMemory(handlez, (LPCVOID)(base + bp), &adresik, sizeof(DWORD), NULL); // base adress + base pointer
adresik += ofset1; //1st lvl pointer
ReadProcessMemory(handlez, (LPCVOID)adresik, &adresik, sizeof(DWORD), NULL);
adresik += ofset2; // 2nd lvl pointer
ReadProcessMemory(handlez, (LPCVOID)adresik, &adresik, sizeof(DWORD), NULL);
adresik += ofsetInc; // 3rd lvl pointer this goes up +=20
ReadProcessMemory(handlez, (LPCVOID)adresik, &adresik, sizeof(DWORD), NULL);
adresik += 0x12c; // 4th static pointer
ReadProcessMemory(handlez, (LPCVOID)adresik, &adresik, sizeof(DWORD), NULL);
adresik += 0x0; // 5th static pointer
ReadProcessMemory(handlez, (LPCVOID)adresik, &adresik, sizeof(DWORD), NULL);
string papa;
ReadProcessMemory(handlez, (LPCVOID)adresik, &papa, sizeof(string), NULL); // get name
DWORD ero = GetLastError();
cout << ero << endl;
return papa; // return name
}
DWORD dwGetModuleBaseAddress(DWORD dwProcessIdentifier, TCHAR *lpszModuleName)
{
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessIdentifier);
DWORD dwModuleBaseAddress = 0;
if (hSnapshot != INVALID_HANDLE_VALUE)
{
MODULEENTRY32 ModuleEntry32 = { 0 };
ModuleEntry32.dwSize = sizeof(MODULEENTRY32);
if (Module32First(hSnapshot, &ModuleEntry32))
{
do
{
if (_tcscmp(ModuleEntry32.szModule, lpszModuleName) == 0)
{
dwModuleBaseAddress = (DWORD)ModuleEntry32.modBaseAddr;
break;
}
} while (Module32Next(hSnapshot, &ModuleEntry32));
}
CloseHandle(hSnapshot);
}
return dwModuleBaseAddress;
}
你不能只将 c 字符串复制到 std::string 的内存位置。
你想要的大概是这样的东西(假设这实际上有一个你正在读取的以 null 结尾的字符串):
const int MAX_SIZE = 512;
const char buffer[MAX_SIZE];
string papa;
ReadProcessMemory(handlez, (LPCVOID)adresik, buffer, MAX_SIZE, NULL); // get name
papa = buffer;
此外,如果字符串正好在页面边界附近,则可能需要逐字节或小块读取它,直到找到终止的 null 字符。因此,如果您能找到存储在任何地方的字符串长度,我建议您阅读并使用它。
干杯哥们,这帮助了我!
她的固定 readName 代码,以防万一;)
将最大大小更改为 15,因为游戏中没有 NPC/怪物的名称超过 15 个符号。
string readName(HANDLE handlez, DWORD base, DWORD bp, DWORD ofset1, DWORD ofset2, DWORD ofsetInc)
{
DWORD adresik;
ReadProcessMemory(handlez, (LPCVOID)(base + bp), &adresik, sizeof(DWORD), NULL); // base adress + base pointer
adresik += ofset1; //1st lvl pointer
ReadProcessMemory(handlez, (LPCVOID)adresik, &adresik, sizeof(DWORD), NULL);
adresik += ofset2; // 2nd lvl pointer
ReadProcessMemory(handlez, (LPCVOID)adresik, &adresik, sizeof(DWORD), NULL);
adresik += ofsetInc; // 3rd lvl pointer this goes up +=20
ReadProcessMemory(handlez, (LPCVOID)adresik, &adresik, sizeof(DWORD), NULL);
adresik += 0x12c; // 4th static pointer
ReadProcessMemory(handlez, (LPCVOID)adresik, &adresik, sizeof(DWORD), NULL);
adresik += 0x0; // 5th static pointer
string papa;
const int max_size = 15;
const char buffer[max_size] = { 'b' };
ReadProcessMemory(handlez, (LPCVOID)adresik, (void*)&buffer, sizeof(buffer), NULL); // get name
papa = buffer;
DWORD ero = GetLastError();
cout << ero << endl;
return papa; // return name
}
相关文章:
- boost::进程间消息队列引发错误
- 进程返回 -1073741819 (0xC0000005) 错误
- gcc 找不到 -lgcc, g++.exe: 错误: 创建进程: 没有这样的文件或目录
- 创建进程 API 失败,在窗口 122 上出现错误代码 10
- 64 位进程中的 AnyCPU C# DLL 无法引用 64 位C++ DLL(给出错误:无法加载文件或程序集)
- Boost进程"系统"功能中的错误处理
- 获取进程内存信息失败,错误 6 句柄无效
- 通过服务启动进程后,从SHGetKnownFolderPath 0x80070005错误
- 提升进程间named_mutex导致分段错误
- 加速进程间:管理共享内存错误
- 创建进程失败,意外错误
- 多线程中的 std::basicstring 的运行时分段错误C++点燃进程
- 提升 1.58.0 窗口进程.h 错误
- 创建进程使用路径时出现错误事件:类型 "char *" 的 E0167 参数与类型 "LPWSTR" 的参数不兼容
- Ubuntu E:子进程 /usr/bin/dpkg 返回错误代码 (1)
- 提升 vs2010 上的进程错误
- C++ Mingw32 创建进程() 失败,错误代码 2:系统找不到指定的文件
- MPI_GROUP_EXCL试图排除进程等级0时致命错误.C
- 数组大小错误 x64 进程
- Informix 错误后进程崩溃