WriteProcessMemory C++

Question

尽管我的日志记录显示WriteProcessMemory()是成功的，但是只是粘贴了所需的内存地址。另外，我还检查了我是否有正确的内存地址。谢谢你的帮助。

char* offsets[][3] = {
    { "0x3E264", "0", "char[1]" },
    { "0x45848", "Auto-Mine", "char[10]" },
    { "0x458C0", "Auto-Build", "char[10]" },
    //to be continued...
};

HANDLE scHandle = OpenProcess(PROCESS_VM_WRITE | PROCESS_VM_OPERATION, FALSE, ID);
if (scHandle == NULL) {
    log << "ERROR: OpenProcess() returned " << GetLastError() << endl;
    return false;
}
DWORD bytesOut;
for (int a = 0; a < 9; a++) {
    if (WriteProcessMemory(scHandle, (LPVOID)(wDetectorBaseAddress + (int)strtol(offsets[a][0], NULL, 0)), offsets[a][1], strlen(offsets[a][1]) + 1, &bytesOut))
    {
        log << "WriteProcessMemory() to address " << wDetectorBaseAddress << " + " << (int)strtol(offsets[a][0], NULL, 0) << " = " << wDetectorBaseAddress + (int)strtol(offsets[a][0], NULL, 0) << " with '" << offsets[a][1] << "'; " << bytesOut << " bytes were written" << endl;
    }
    else
    {
        log << "ERROR: WriteProcessMemory() returned " << GetLastError() << endl;
        return false;
    }
}
CloseHandle(scHandle);

Answer 1

在写入进程的内存之前，需要使用VirtualProtect调用PAGE_EXECUTE_READWRITE。编写完后，您需要恢复原始的保护。

另一件事是，你怎么知道这些地址总是一样的？你能确认它从未改变过吗？

注意:您可能还必须在编写完之后调用FlushInstructionCache。