python内存地址的值_python怎么修改某个内存地址的数据匿名⽤户
1级
2011-03-09 回答
使⽤ctypes模块调⽤WriteProcessMemory函数,在创建程序进程后,就可以修改该程序指定内存地址。WriteProcessMemory的函数原型如下所⽰。
BOOL WriteProcessMemory(
HANDLE    hProcess,
LPVOID    lpBaseAddress,
LPCVOID    lpBuffer,
SIZE_T    nSize,
SIZE_T*    lpNumberOfBytesWritten
);
其参数含义如下。
·    hProcess:要写内存的进程句柄。
·    lpBaseAddress:要写的内存起始地址。
·    lpBuffer:写⼊值的地址。
·    nSize:写⼊值的⼤⼩。
·    lpNumberOfBytesWritten  :实际写⼊的⼤⼩。
python代码⽰例如下:
from ctypes import *
python怎么读文件
# 定义_PROCESS_INFORMATION结构体
class _PROCESS_INFORMATION(Structure):
_fields_ = [('hProcess', c_void_p),
('hThread', c_void_p),
('dwProcessId', c_ulong),
('dwThreadId', c_ulong)]
# 定义_STARTUPINFO结构体
class _STARTUPINFO(Structure):
_fields_ = [('cb',c_ulong),
('lpReserved', c_char_p),
('lpDesktop', c_char_p),
('lpTitle', c_char_p),
('dwX', c_ulong),
('dwY', c_ulong),
('dwXSize', c_ulong),
('dwYSize', c_ulong),
('dwXCountChars', c_ulong),
('dwYCountChars', c_ulong),
('dwFillAttribute', c_ulong),
('dwFlags', c_ulong),
('wShowWindow', c_ushort),
('cbReserved2', c_ushort),
('lpReserved2', c_char_p),
('hStdInput', c_ulong),
('hStdOutput', c_ulong),
('hStdError', c_ulong)]
NORMAL_PRIORITY_CLASS = 0x00000020              # 定义NORMAL_PRIORITY_CLASS
kernel32 = windll.LoadLibrary("kernel32.dll")      # 加载kernel32.dll
CreateProcess = kernel32.CreateProcessA        # 获得CreateProcess函数地址
ReadProcessMemory = kernel32.ReadProcessMemory # 获得ReadProcessMemory函数地址WriteProcessMemory = kernel32.WriteProcessMemory    # 获得WriteProcessMemory函数地址TerminateProcess = kernel32.TerminateProcess
# 声明结构体
ProcessInfo = _PROCESS_INFORMATION()
StartupInfo = _STARTUPINFO()
file = ''                          # 要进⾏修改的⽂件
address = 0x0040103c                                # 要修改的内存地址
buffer = c_char_p("_")                          # 缓冲区地址
bytesRead = c_ulong(0)                          # 读⼊的字节数
bufferSize = len(buffer.value)                  # 缓冲区⼤⼩
# 创建进程
if CreateProcess(file, 0, 0, 0, 0, NORMAL_PRIORITY_CLASS, 0, 0, byref(StartupInfo), byref(ProcessInfo)): # 读取要修改的内存地址,以判断是否是要修改的⽂件
if ReadProcessMemory(ProcessInfo.hProcess, address, buffer, bufferSize, byref(bytesRead)):
if buffer.value == '\x74':
buffer.value = '\x75'                  # 修改缓冲区内的值,将其写⼊内存
# 修改内存
if WriteProcessMemory(ProcessInfo.hProcess, address, buffer, bufferSize, byref(bytesRead)): print '成功改写内存!'
else:
print '写内存错误!'
else:
print '打开了错误的⽂件!'
TerminateProcess(ProcessInfo.hProcess,0)  # 如果不是要修改的⽂件,则终⽌进程
else:
print '读内存错误!'
else:
print '不能创建进程!'

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。