先上代码
#include<iostream>
#include<windows.h>
#include<Windows.h>
#include<TLHELP32.H>
#include<direct.h>
#include<TCHAR.h>
using namespace std;
int main(){
const long long baseaddr=0x6A9EC0;
PROCESSENTRY32 pe32;
pe32.dwSize=sizeof(pe32);
HANDLE hProcessSnap=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
int pid=-1;
for(bool ret=Process32First(hProcessSnap,&pe32);ret;ret=Process32Next(hProcessSnap,&pe32))
if(!_tcscmp(pe32.szExeFile,_T("Plants vs. Zombies.exe"))){
pid=pe32.th32ProcessID;
break;
}
CloseHandle(hProcessSnap);
HANDLE hprocess=OpenProcess(PROCESS_ALL_ACCESS,FALSE,pid);
DWORD timer;
long long addr;
ReadProcessMemory(hprocess,LPVOID(baseaddr),&addr,4,0);
ReadProcessMemory(hprocess,LPVOID(addr+0x768),&addr,4,0);
ReadProcessMemory(hprocess,LPVOID(addr+0x5568),&timer,4,0);
cout<<timer;
return 0;
}
功能是读取植物大战僵尸游戏时间
bug是输出一直为0
然后在前两个ReadProcessMemory之间加一行cout<<addr;会输出1就很神奇
我用Cheat Engine看了addr理论上应该是39428000
timer理论上应该是114905
但输出就是1和0
要读个游戏时间这么难吗,整了我一天了,一开始试的python也一直输出0
难绷死了·-·
bool AdjustPrivileges() {
HANDLE hToken;
TOKEN_PRIVILEGES tp;
TOKEN_PRIVILEGES oldtp;
DWORD dwSize=sizeof(TOKEN_PRIVILEGES);
LUID luid;
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)) {
if (GetLastError()==ERROR_CALL_NOT_IMPLEMENTED) return true;
else return false;
}
if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid)) {
CloseHandle(hToken);
return false;
}
ZeroMemory(&tp, sizeof(tp));
tp.PrivilegeCount=1;
tp.Privileges[0].Luid=luid;
tp.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED;
/* Adjust Token Privileges */
if (!AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), &oldtp, &dwSize)) {
CloseHandle(hToken);
return false;
}
// close handles
CloseHandle(hToken);
return true;
}