64等同于“ getModulehandlea”需要
我需要将应用程序兼容为64位EXE。
__int64 GetGameFunctionAddress(std::string GameFileExe, std::string Address)
{
// Get integer value address of the original function hook
#if defined(_WIN64)
/// code to emulate GetModuleHandleA on 64 executible
#else
return (__int64)GetModuleHandleA(GameFileExe.c_str()) + std::strtoul(Address.c_str(), NULL, 16);
#end if
}
此功能获取地址传递给IDA以获取游戏的函数。
我使用此行调用此功能:
Output.MainFunctHookAddressInt = GetGameFunctionAddress(Output.ExeFile, GameInfo.MainFunctHookAddressInt);
AddressOfHookSoundFunction = Output.MainFunctHookAddressInt;
第二次将其传递给绕道:
DetourAttach(&(LPVOID&)AddressOfHookSoundFunction, HookMainFunction);
不幸的是,“ GetModulehandlea”仅在32个位游戏上使用,但是我也需要将兼容性扩展到64个位游戏。
因此,我需要修复“ GetGameFunctionAddress”功能以添加64位兼容性。
你能帮我吗?
更新:
一个用户告诉我:
根据此getModulehandlea,如果该过程为64位,则无法获得基本地址。 为什么使用GetModulehandle工作?
I need to extent the compatibility of my application to 64 bit exe.
__int64 GetGameFunctionAddress(std::string GameFileExe, std::string Address)
{
// Get integer value address of the original function hook
#if defined(_WIN64)
/// code to emulate GetModuleHandleA on 64 executible
#else
return (__int64)GetModuleHandleA(GameFileExe.c_str()) + std::strtoul(Address.c_str(), NULL, 16);
#end if
}
this function get Address to pass to IDA for hook a function of a game.
I call this function with this line:
Output.MainFunctHookAddressInt = GetGameFunctionAddress(Output.ExeFile, GameInfo.MainFunctHookAddressInt);
AddressOfHookSoundFunction = Output.MainFunctHookAddressInt;
and in a second time I pass it to detours:
DetourAttach(&(LPVOID&)AddressOfHookSoundFunction, HookMainFunction);
Unfortunately "GetModuleHandleA" work only on 32 bit games, but I need to extend the compatibility to 64 bit games too.
So I need to fix my 'GetGameFunctionAddress' function to add 64 bit compatibility.
Can you help me please ?
Update:
One user tell me:
According to this GetModuleHandleA does not work to get the base address if the process is 64bit.
Why does getting the base address using GetModuleHandle work?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
“ noreferrer”> >返回类型
hmodule的值(相同的与hinstance,akahandle,akapvoid,akavoid*)。换句话说:它返回指针大小的值。指针尺寸的值在32位过程中为32位,在64位过程中宽度为64位。无论哪种方式,您都可以获得模块基础地址的地址,而不论过程的位。
现在,显然,由于您正在与不在无法控制的文件系统对象进行互动,因此您要 想要调用API的ANSI版本(
getmodulehandlea),而是Unicode版本:getModuleHandlew。当您在这里做相当低级别的事情时,您可能不想使用C ++标准库中的类型(如果您坚持使用,请使用std :: Wstring/code>/std :: WSTRING_VIEW)。GetModuleHandleWreturns a value of typeHMODULE(which is the same asHINSTANCE, akaHANDLE, akaPVOID, akavoid*). In other words: It returns a pointer sized value.Pointer sized values are 32 bits wide in 32-bit processes, and 64 bits wide in 64-bit processes. Either way you get the address of the module base address, irrespective of the bitness of the process.
Now obviously, since you are interacting with filesystem objects that aren't under your control, you do not want to call the ANSI version of the API (
GetModuleHandleA) but the Unicode version:GetModuleHandleW. And while you're doing pretty low-level stuff here, you probably don't want to use types from the C++ Standard Library either (if you insist, usestd::wstring/std::wstring_view).