ReadProcessMemory 不断返回 0
我目前正在开发一个小爱好项目,通过 VB.NET 在 G15 键盘上的游戏中显示健康信息。
当我通过 API 调用使用 ReadProcessMemory 时,它始终返回零。 MSDN 文档建议我使用 Marshal.GetLastWin32Error() 调用来找出问题所在,它返回 1400: INVALID WINDOW HANDLE。
我现在很困惑该函数的第一个参数是否需要窗口句柄或进程 ID。 无论如何,我已经尝试使用 FindWindow 并在应用程序运行时对进程 ID 进行硬编码(从任务管理器获取)。
我尝试了三种不同的游戏,Urban Terror、Grand Theft Auto: SA 和 Windows 版 3D pinball,从名为 Cheat Engine 的应用程序获取内存地址; 他们似乎都失败了。
这是我用来执行此操作的代码:
API 调用:
Private Declare Function ReadProcessMemory Lib "kernel32" ( _
ByVal hProcess As Integer, _
ByVal lpBaseAddress As Integer, _
ByRef lpBuffer As Single, _
ByVal nSize As Integer, _
ByRef lpNumberOfBytesWritten As Integer _
) As Integer
方法:
Dim address As Integer
address = &HA90C62&
Dim valueinmemory As Integer
Dim proc As Process = Process.GetCurrentProcess
For Each proc In Process.GetProcesses
If proc.MainWindowTitle = "3D Pinball for Windows - Space Cadet" Then
If ReadProcessMemory(proc.Handle.ToInt32, address, valueinmemory, 4, 0) = 0 Then
MsgBox("aww")
Else
MsgBox(CStr(valueinmemory))
End If
End If
Next
Dim lastError As Integer
lastError = Marshal.GetLastWin32Error()
MessageBox.Show(CStr(lastError))
有人可以向我解释为什么它不起作用吗? 提前致谢。
I'm currently developing a little hobby project to display health information in a game on my G15 keyboard through VB.NET.
When I use ReadProcessMemory via an API call, it keeps returning zero. The MSDN documentation referred me to use the Marshal.GetLastWin32Error() call to find out what is wrong and it returns 1400: INVALID WINDOW HANDLE.
I am now confused about whether the first argument of the function wants a window handle or a process id. Regardless, I have tried both with FindWindow and hardcoding the process id while the application is running (getting it from task manager).
I have tried three different games, Urban Terror, Grand Theft Auto: SA and 3D pinball for windows, getting the memory addresses from an application called Cheat Engine; they all seem to fail.
Here is the code I'm using to do it:
API Call:
Private Declare Function ReadProcessMemory Lib "kernel32" ( _
ByVal hProcess As Integer, _
ByVal lpBaseAddress As Integer, _
ByRef lpBuffer As Single, _
ByVal nSize As Integer, _
ByRef lpNumberOfBytesWritten As Integer _
) As Integer
Method:
Dim address As Integer
address = &HA90C62&
Dim valueinmemory As Integer
Dim proc As Process = Process.GetCurrentProcess
For Each proc In Process.GetProcesses
If proc.MainWindowTitle = "3D Pinball for Windows - Space Cadet" Then
If ReadProcessMemory(proc.Handle.ToInt32, address, valueinmemory, 4, 0) = 0 Then
MsgBox("aww")
Else
MsgBox(CStr(valueinmemory))
End If
End If
Next
Dim lastError As Integer
lastError = Marshal.GetLastWin32Error()
MessageBox.Show(CStr(lastError))
Could somebody please explain to me why it is not working? Thanks in advance.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
消息 299:仅完成了 ReadProcessMemory 或 WriteProcessMemory 请求的一部分,这意味着我尝试读取的内存受到保护。
感谢您的帮助,我将把阿鲁尔的答案标记为答案。
message 299 : Only part of a ReadProcessMemory or WriteProcessMemory request was completed meant the memory I was trying to read was protected.
Thanks for all your help, I'm going to mark arul's answer as the answer.
首先,你的方法签名是错误的,Single=Float,而原始参数是LPBUF类型。
使用此方法签名:
其次,我相信 hProcess 句柄需要 OpenProcess 函数打开的句柄,而不是窗口句柄。
First, your method signature is wrong, Single=Float while the original parameter is of the LPBUF type.
Use this method signature:
Second, I believe that the hProcess handle expects a handle opened by OpenProcess function, not the window handle.
谢谢你,arul,我已经解决了我的问题。
现在它认为句柄有效并尝试读取进程内存,但我收到错误消息 299:仅完成了 ReadProcessMemory 或 WriteProcessMemory 请求的一部分。
有人对我应该如何解决这个问题有任何想法吗?
Thank you arul, I have sort of fixed my problem.
Now it believes the handle is valid and attempts to read the processes memory, but I get the error message 299 : Only part of a ReadProcessMemory or WriteProcessMemory request was completed.
Does anyone have any ideas as to how I should proceed to fix this issue?