可以直接用ce进行雷总数修改,下面是通过c#直接修改雷总数内存地址
/// process_all_access -> (standard_rights_required | synchronize | 0xfff) public const int process_all_access = (standard_rights_required| (synchronize | 4095)); /// standard_rights_required -> (0x000f0000l) public const int standard_rights_required = 983040; /// synchronize -> (0x00100000l) public const int synchronize = 1048576; /// https://docs.microsoft.com/zh-cn/windows/win32/api/processthreadsapi/nf-processthreadsapi-openprocess /// return type: handle->void* ///dwdesiredaccess: dword->unsigned int ///binherithandle: bool->int ///dwprocessid: dword->unsigned int [system.runtime.interopservices.dllimportattribute("kernel32.dll", entrypoint = "openprocess")] public static extern system.intptr openprocess(uint dwdesiredaccess, [system.runtime.interopservices.marshalasattribute(system.runtime.interopservices.unmanagedtype.bool)] bool binherithandle, uint dwprocessid); /// https://docs.microsoft.com/en-us/windows/win32/api/memoryapi/nf-memoryapi-writeprocessmemory /// return type: bool->int ///hprocess: handle->void* ///lpbaseaddress: lpvoid->void* ///lpbuffer: lpcvoid->void* ///nsize: size_t->ulong_ptr->unsigned int ///lpnumberofbyteswritten: size_t* [system.runtime.interopservices.dllimportattribute("kernel32.dll", entrypoint = "writeprocessmemory")] [return: system.runtime.interopservices.marshalasattribute(system.runtime.interopservices.unmanagedtype.bool)] public static extern bool writeprocessmemory(system.intptr hprocess, system.intptr lpbaseaddress, system.intptr lpbuffer, uint nsize, ref uint lpnumberofbyteswritten);
private int getprocessid(string name) { var process = process.getprocesses().tolist().firstordefault(f => f.processname == name); return process.id; } private void button1_click(object sender, eventargs e) { var pid = getprocessid("minesweeper"); var hprocess = nativeapicall.openprocess(nativeapicall.process_all_access, false, (uint)pid); int address = 0x06241858;// 类总数内存地址 byte[] rbytes = new byte[] { 0x00, 0x00, 0x00, 0x00 }; uint lpnumberofbyteswrite = 0; var lpbuffer = marshal.unsafeaddrofpinnedarrayelement(rbytes, 0); nativeapicall.writeprocessmemory(hprocess, (intptr)address, lpbuffer, 4, ref lpnumberofbyteswrite); }
如对本文有疑问, 点击进行留言回复!!
SQLSERVER中RANK OVER(PARTITION BY)的用法
Kaspersky Endpoint Security 10 for Windows version 10.2.6.3733 is no longer supported
网友评论