请问vbnet如何让用api获取的模块地址能正确显示?
请问如何让进程的使用api获取的主模块地址的显示不为126呢
Public Class Form1
Declare Function OpenProcess Lib "kernel32" Alias "OpenProcess" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As IntPtr
Declare Function EnumProcessModulesEx Lib "PSAPI.DLL" (ByVal hProcess As IntPtr, ByVal lphModule() As Long, ByVal cb As Long, ByRef cbNeeded As Long, ByVal dwFilterFlag As Long) As Long
Declare Function GetModuleFileNameEx Lib "PSAPI.DLL" Alias "GetModuleFileNameExA" (ByVal hProcess As IntPtr, ByVal hModule As IntPtr, ByVal lpFileName As System.Text.StringBuilder, ByVal nSize As Long) As Long
Declare Function CloseHandle Lib "kernel32" Alias "CloseHandle" (ByVal hObject As Long) As Long
Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long
Private Declare Function FreeLibrary Lib "kernel32" (ByVal hLibModule As String) As Long
Declare Function GetLastError Lib "kernel32" () As Long
Public Const PROCESS_QUERY_INFORMATION = 1024
Public Const PROCESS_VM_READ = 16
Const LIST_MODULES_ALL = 3
Public myProcesses() As Process
Public myProcess As Process
Public Const WM_KEYDOWN = &H100
Public Const WM_KEYUP = &H101
Private Sub listModApi(ByVal proid As Integer)
ListBox4.Items.Clear()
Dim str As String
Dim prohandle As IntPtr
prohandle = OpenProcess(PROCESS_QUERY_INFORMATION Or PROCESS_VM_READ, 0, proid)
Dim maxMod As Integer = 1024
Dim pmod() As Long
ReDim pmod(0)
Dim cb As Integer
cb = System.Runtime.InteropServices.Marshal.SizeOf(pmod(0))
Dim cbneeded As Integer
Dim result As Integer
result = EnumProcessModulesEx(prohandle, pmod, 8, cbneeded, LIST_MODULES_ALL)
cb = cbneeded / 8
ReDim pmod(cb - 1)
result = EnumProcessModulesEx(prohandle, pmod, cb * 8, cbneeded, LIST_MODULES_ALL)
For i As Integer = 0 To pmod.Count - 1
Dim modfilename As New System.Text.StringBuilder(255)
result = GetModuleFileNameEx(prohandle, pmod(i), modfilename, 255)
ListBox4.Items.Add(modfilename)
str = ListBox4.Items.Item(ListBox4.Items.Count - 1).ToString
Next
CloseHandle(prohandle)
End Sub
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
ListBox1.Items.Clear()
ListBox2.Items.Clear()
For Each pro As Process In Process.GetProcesses
ListBox1.Items.Add(pro.ProcessName)
ListBox2.Items.Add("&h" & Hex(pro.Id))
Next
End Sub
Private Sub ListBox1_SelectedIndexChanged(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles ListBox1.SelectedIndexChanged
ListBox3.Items.Clear()
ListBox5.Items.Clear()
Dim pro As Process = Process.GetProcessById(ListBox2.Items(ListBox1.SelectedIndex))
Try
For Each promod As ProcessModule In pro.Modules
ListBox3.Items.Add(promod.ModuleName.ToString)
ListBox5.Items.Add("&h" & Hex(promod.BaseAddress.ToInt64))
Next
ListBox2.SelectedIndex = ListBox1.SelectedIndex
Call listModApi(ListBox2.Items(ListBox1.SelectedIndex))
Catch
End Try
End Sub
Private Sub ListBox4_SelectedIndexChanged(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles ListBox4.SelectedIndexChanged
If GetModuleHandle(ListBox4.Items(ListBox4.SelectedIndex).ToString) <> 0 Then
TextBox1.Text = "&h" & Hex(GetModuleHandle(ListBox4.Items(ListBox4.SelectedIndex).ToString))
Else
TextBox1.Text = GetLastError
End If
End Sub
End Class
首先确定使用api所在动态库
请问方便举个例子么?我对api比较陌生,谢了