/* Preprocessor directives : */
#include <stdio.h>
#include <stdlib.h>
#include <windows.h>
#include <tlhelp32.h>
#include <tchar.h>
/* -------------------------------------------------------------------------------------------------- */
/* Contants : */
#define BASE_ADDRESS 0xFFFB0000
/* -------------------------------------------------------------------------------------------------- */
/* Struct for use in this small debugger */
typedef struct MEMORY_ADDRESSES
{
void * Addresses[10];
BYTE Storage[10];
} ProcessMem;
ProcessMem MyProcess[1] = {};
/* -------------------------------------------------------------------------------------------------- */
/* Function Prototypes : */
HANDLE GetProcess( char * ProcessName );
static void DebuggerInit( HANDLE MyProcess, ProcessMem * WriteToStruct, ProcessMem ReadStructInfo );
/* -------------------------------------------------------------------------------------------------- */
/* Main entry point */
int main( )
{
/* -------------------------------*/
/* Finds the minesweeper game */
HANDLE MineSweeper;
do
{
if ( ( MineSweeper = GetProcess( "MineSweeper.exe" ) ) != NULL ) { break; }
Sleep(1000);
} while (1);
/* -------------------------------*/
/* Initializes the information we need in our struct */
DebuggerInit( MineSweeper, &MyProcess[0], MyProcess[0] );
/* -------------------------------*/
/* Print out the information we gathered */
int offset = 0;
ProcessMem Referencer;
for(; offset < 10; offset++) { fprintf(stdout, "\t %p = %2X \n", &Referencer.Addresses[offset], Referencer.Storage[offset]); }
/* -------------------------------*/
/* Close the process handle to avoid nasty memory leaks */
CloseHandle( MineSweeper );
/* -------------------------------*/
/* Exit the proccess with 0, as required by the function declaration */
return 0;
}
/* -------------------------------------------------------------------------------------------------- */
HANDLE GetProcess( char * ProcessName )
{
HANDLE hProcessSnap;
HANDLE hProcess;
HANDLE DummyHandle = NULL;
PROCESSENTRY32 pe32;
/* Take a snapshot of all processes in the system. */
hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
if( hProcessSnap == INVALID_HANDLE_VALUE )
{
return DummyHandle;
}
/* Set the size of the structure before using it. */
pe32.dwSize = sizeof( PROCESSENTRY32 );
if( !Process32First( hProcessSnap, &pe32 ) )
{
CloseHandle( hProcessSnap );
exit(EXIT_FAILURE);
}
/* Walk through the snapshot, and return the process handle when
found. */
do
{
if (strcmp(pe32.szExeFile, ProcessName) == 0)
{
CloseHandle( hProcessSnap );
hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID );
return hProcess;
}
} while( Process32Next( hProcessSnap, &pe32 ) );
CloseHandle( hProcessSnap );
return DummyHandle;
}
/* -------------------------------------------------------------------------------------------------- */
static void DebuggerInit( HANDLE MyProcess, ProcessMem * WriteToStruct, ProcessMem ReadStructInfo )
{
/* -------------------------------*/
DWORD dwErr;
BYTE abErrMsg[128];
/* -------------------------------*/
/* Stores 10 bytes from the process in tempStorage */
if ( !ReadProcessMemory( MyProcess, (PCVOID)BASE_ADDRESS, WriteToStruct->Storage, 10, NULL ) )
{
dwErr = GetLastError();
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL,
dwErr, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
(LPTSTR) abErrMsg, sizeof(abErrMsg), NULL );
printf("\nError code %u : \n%s\n", (unsigned int)dwErr, abErrMsg);
exit(EXIT_FAILURE);
}
/* -------------------------------*/
/* Fills the structure with the starting addresses */
int offset = 0;
for (; offset < 10; offset++ ) { WriteToStruct->Addresses[offset] = (void *)BASE_ADDRESS + offset; }
/* -------------------------------*/
/* Return to main */
return;
}
/* -------------------------------------------------------------------------------------------------- */
上記のコードは機能するようになりましたが、メモリ内の特定のバイトを検索する方法を見つけたいと思っています。デバッガーでアドレスを定義し、( ReadProcessMemory を介して) 一致が見つかるまでステップスルーし続けない限り、この問題にどのようにアプローチするかはよくわかりません。これはこれを行う有効な方法ですか?それとももっと良い方法がありますか?これを迅速かつ効率的に行う方法を見つけるのを手伝ってください。