如何在 C++ 中获取进程的起始/基地址?-C/C++问题

How to get the starting/base address of a process in C++?(如何在 C++ 中获取进程的起始/基地址?)

本文介绍了如何在 C++ 中获取进程的起始/基地址?的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我正在 Microsoft 的 Spider Solitaire 上使用它来测试整个基本/静态指针.所以我得到了玩家使用的移动"数量的基本指针，作弊引擎告诉我它是SpiderSolitaire.exe+B5F78".所以现在我被困在如何找出 SpiderSolitaire.exe 的起始地址(当然每次程序启动时都会改变).如何找到 SpiderSolitaire.exe 的起始地址，以便我可以添加偏移量并获得moves"值的真实地址(当然是在 C++ 中)?

I'm testing this whole base/static pointer thing by using it on Microsoft's Spider Solitaire. So I got the base pointer of the amount of "moves" the player has used, and cheat engine tells me it's "SpiderSolitaire.exe+B5F78". So now I'm stuck on how to figure out what the starting address is of SpiderSolitaire.exe (of course this changes every time the program starts). How do I find the starting address of SpiderSolitaire.exe so I can add the offsets and get the real address of the "moves" value (in c++ of course)?

推荐答案

这是另一种方法，用 Visual Studio 2015 编写，但应该向后兼容.

Here's another way, written in Visual Studio 2015 but should be backwards compatible.

#define PSAPI_VERSION 1
#include <windows.h>
#include <tchar.h>
#include <stdio.h>
#include <psapi.h>

// To ensure correct resolution of symbols, add Psapi.lib to TARGETLIBS
#pragma comment(lib, "psapi.lib")

void GetBaseAddressByName(DWORD processId, TCHAR *processName)
{
    TCHAR szProcessName[MAX_PATH] = TEXT("<unknown>");

    HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION |
        PROCESS_VM_READ,
        FALSE, processId);

    if (NULL != hProcess)
    {
        HMODULE hMod;
        DWORD cbNeeded;

        if (EnumProcessModulesEx(hProcess, &hMod, sizeof(hMod),
            &cbNeeded, LIST_MODULES_32BIT | LIST_MODULES_64BIT))
        {
            GetModuleBaseName(hProcess, hMod, szProcessName,
                sizeof(szProcessName) / sizeof(TCHAR));
            if (!_tcsicmp(processName, szProcessName)) {
                _tprintf(TEXT("0x%p
"), hMod);
            }
        }
    }

    CloseHandle(hProcess);
}

int main(void)
{
    DWORD aProcesses[1024];
    DWORD cbNeeded;
    DWORD cProcesses;

    // Get the list of process identifiers.
    if (!EnumProcesses(aProcesses, sizeof(aProcesses), &cbNeeded))
        return 1;

    // Calculate how many process identifiers were returned.
    cProcesses = cbNeeded / sizeof(DWORD);

    // Check the names of all the processess (Case insensitive)
    for (int i = 0; i < cProcesses; i++) {
        GetBaseAddressByName(aProcesses[i], TEXT("SpiderSolitaire.exe"));
    }

    return 0;
}

这篇关于如何在 C++ 中获取进程的起始/基地址?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持编程学习网！