12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960296129622963296429652966296729682969297029712972297329742975297629772978297929802981298229832984298529862987298829892990299129922993299429952996299729982999300030013002300330043005300630073008300930103011301230133014301530163017301830193020302130223023302430253026302730283029303030313032303330343035303630373038303930403041304230433044304530463047304830493050305130523053305430553056305730583059306030613062306330643065306630673068306930703071307230733074307530763077307830793080308130823083308430853086308730883089309030913092309330943095309630973098309931003101310231033104310531063107310831093110311131123113311431153116311731183119312031213122312331243125312631273128312931303131313231333134313531363137313831393140314131423143314431453146314731483149315031513152315331543155315631573158315931603161316231633164316531663167316831693170317131723173317431753176317731783179318031813182318331843185318631873188318931903191319231933194319531963197319831993200320132023203320432053206320732083209321032113212321332143215321632173218321932203221322232233224322532263227322832293230323132323233323432353236323732383239324032413242324332443245324632473248324932503251325232533254325532563257325832593260326132623263326432653266326732683269327032713272327332743275327632773278327932803281328232833284328532863287328832893290329132923293329432953296329732983299330033013302330333043305330633073308330933103311331233133314331533163317331833193320332133223323332433253326332733283329333033313332333333343335333633373338333933403341334233433344334533463347334833493350335133523353335433553356335733583359336033613362336333643365336633673368336933703371337233733374337533763377337833793380338133823383338433853386338733883389339033913392339333943395339633973398339934003401340234033404340534063407340834093410341134123413341434153416341734183419342034213422342334243425342634273428342934303431343234333434343534363437343834393440344134423443344434453446344734483449345034513452345334543455345634573458345934603461346234633464346534663467346834693470347134723473347434753476347734783479348034813482348334843485348634873488348934903491349234933494349534963497349834993500350135023503350435053506350735083509351035113512351335143515351635173518351935203521352235233524352535263527352835293530353135323533353435353536353735383539354035413542354335443545354635473548354935503551355235533554355535563557355835593560356135623563356435653566356735683569357035713572357335743575357635773578357935803581358235833584358535863587358835893590359135923593359435953596359735983599360036013602360336043605360636073608360936103611361236133614361536163617361836193620362136223623362436253626362736283629363036313632363336343635363636373638363936403641364236433644364536463647364836493650365136523653365436553656365736583659366036613662366336643665366636673668366936703671367236733674367536763677367836793680368136823683368436853686368736883689369036913692369336943695369636973698369937003701370237033704370537063707370837093710371137123713371437153716371737183719372037213722372337243725372637273728372937303731373237333734373537363737373837393740374137423743374437453746374737483749375037513752375337543755375637573758375937603761376237633764376537663767376837693770377137723773377437753776377737783779378037813782378337843785378637873788378937903791379237933794379537963797379837993800380138023803380438053806380738083809381038113812381338143815381638173818381938203821382238233824382538263827382838293830383138323833383438353836383738383839384038413842384338443845384638473848384938503851385238533854385538563857385838593860386138623863386438653866386738683869387038713872387338743875387638773878387938803881388238833884388538863887388838893890389138923893389438953896389738983899390039013902390339043905390639073908390939103911391239133914391539163917391839193920392139223923392439253926392739283929393039313932393339343935393639373938393939403941394239433944394539463947394839493950395139523953395439553956395739583959396039613962396339643965396639673968396939703971397239733974397539763977397839793980398139823983398439853986398739883989399039913992399339943995399639973998399940004001400240034004400540064007400840094010401140124013401440154016401740184019402040214022402340244025402640274028402940304031403240334034403540364037403840394040404140424043404440454046404740484049405040514052405340544055405640574058405940604061406240634064406540664067406840694070407140724073407440754076407740784079408040814082408340844085408640874088408940904091409240934094409540964097409840994100410141024103410441054106410741084109411041114112411341144115411641174118411941204121412241234124412541264127412841294130413141324133413441354136413741384139414041414142414341444145414641474148414941504151415241534154415541564157415841594160416141624163416441654166416741684169417041714172417341744175417641774178417941804181418241834184418541864187418841894190419141924193419441954196419741984199420042014202420342044205420642074208420942104211421242134214421542164217421842194220422142224223422442254226422742284229423042314232423342344235423642374238423942404241424242434244424542464247424842494250425142524253425442554256425742584259426042614262426342644265426642674268 |
- /*
- 本源码由TC简单软件科技有限公司开源,功能可以自由修改、发布、
- 长沙简单软件科技有限公司对于源码不做后期维护,,请大家在使用过程中遵循开源协议
- */
- #include "StdAfx.h"
- #include "TSMemoryAPI.h"
- #include <Tlhelp32.h>
- #include <psapi.h>
- #include "TSRuntime.h"
- #include "TSMyUser32DllFuntion.h"
- #include "TSMyKernel32DllFuntion.h"
- //#include "TSVIPHookFuntion.h"
- #pragma comment ( lib, "psapi.lib" )
- extern myOpenProcess my_OpenProcess;
- extern myGetWindowThreadProcessId my_GetWindowThreadProcessId;
- extern myReadProcessMemory my_ReadProcessMemory;
- extern myWriteProcessMemory my_WriteProcessMemory;
- extern myTerminateProcess my_TerminateProcess;
- extern myVirtualProtect my_VirtualProtect;
- extern myVirtualProtectEx my_VirtualProtectEx;
- extern myCreateRemoteThread my_CreateRemoteThread;
- extern myZwOpenProcess my_ZwOpenProcess;
- typedef LONG(WINAPI* PROCNTQSIP)(HANDLE, UINT, PVOID, ULONG, PULONG);
- PROCNTQSIP NtQueryInformationProcess;
- //NtReadVirtualMemory(
- // IN HANDLE ProcessHandle,
- // IN PVOID BaseAddress,
- // OUT PVOID Buffer,
- // IN ULONG NumberOfBytesToRead,
- // OUT PULONG NumberOfBytesReaded OPTIONAL );
- extern DWORD Ntdll_ProtectVirtual;
- extern DWORD Ntdll_ProtectVirtualEax;
- extern DWORD ZwWriteVirtualMemoryRet;
- extern DWORD ZwWriteVirtualMemoryEax;
- DWORD GetWindowThreadProcessIdRet = 0;
- __declspec(naked) DWORD WINAPI My_GetWindowThreadProcessId(HWND hWnd, LPDWORD lpdwProcessId)
- {
- _asm
- {
- mov edi, edi
- push ebp
- mov ebp, esp
- jmp GetWindowThreadProcessIdRet;
- }
- }
- DWORD ZwOpenProcessRet = 0;
- DWORD ZwOpenProcessEax = 0;
- __declspec(naked) NTSTATUS WINAPI My_ZwOpenProcess(
- __out PHANDLE ProcessHandle,
- __in ACCESS_MASK DesiredAccess,
- __in POBJECT_ATTRIBUTES ObjectAttributes,
- __in_opt PCLIENT_ID ClientId
- )
- {
- _asm
- {
- //MOV EAX,0x23 //win7
- mov eax, ZwOpenProcessEax;
- jmp ZwOpenProcessRet;
- }
- }
- HANDLE My_OpenProcess(int proid)
- {
- HANDLE ProcessHandle = (HANDLE)0;
- OBJECT_ATTRIBUTES ObjectAttribute = { sizeof(OBJECT_ATTRIBUTES), 0,NULL,NULL };
- ObjectAttribute.Attributes = 0;
- CLIENT_ID ClientIds;
- ClientIds.UniqueProcess = (HANDLE)proid;
- ClientIds.UniqueThread = (HANDLE)0;
- My_ZwOpenProcess(&ProcessHandle, PROCESS_ALL_ACCESS, &ObjectAttribute, &ClientIds);
- ProcessHandle;
- return ProcessHandle;
- }
- int GetProcessNumber()//获取CPU个数 ,CPU核数决定线程个数
- {
- SYSTEM_INFO info;
- GetSystemInfo(&info);
- return (int)info.dwNumberOfProcessors;
- }
- TSMemoryAPI::TSMemoryAPI(void)
- {
- nPid = 0;
- retstringlen = 0;
- asmcodearry.clear();
- memset(Asmcalladdr, 0, MAX_PATH);
- allocatememory = NULL;
- int sysvion = TSRuntime::InitialWindowsVersion();
- if (GetWindowThreadProcessIdRet == 0)
- {
- DWORD addr = (DWORD)GetProcAddress(GetModuleHandle(L"user32.dll"), "GetWindowThreadProcessId");
- GetWindowThreadProcessIdRet = addr + 5;
- }
- if (ZwWriteVirtualMemoryRet == 0)
- {
- DWORD addr = (DWORD)GetProcAddress(GetModuleHandle(L"ntdll.dll"), "ZwWriteVirtualMemory");
- ZwWriteVirtualMemoryRet = addr + 5;
- if (sysvion == 4 && TSRuntime::IsWin7X64)//win7X64
- ZwWriteVirtualMemoryEax = 0x37;
- else if (sysvion == 4)//win7x86
- ZwWriteVirtualMemoryEax = 0x18F;
- else if (sysvion == 1)//WINXP
- ZwWriteVirtualMemoryEax = 0x115;
- else if (sysvion == 2)//WIN2003
- ZwWriteVirtualMemoryEax = 0x11f;
- else if (sysvion == 5 && TSRuntime::IsWin8X64)
- ZwWriteVirtualMemoryEax = 0x38;
- else if (sysvion == 5)//win8X86
- ZwWriteVirtualMemoryEax = 0x2;
- }
- if (Ntdll_ProtectVirtual == 0)
- {
- DWORD addr = (DWORD)GetProcAddress(GetModuleHandle(L"ntdll.dll"), "ZwProtectVirtualMemory");
- Ntdll_ProtectVirtual = addr + 5;
- if (sysvion == 4 && TSRuntime::IsWin7X64)//win7X64
- Ntdll_ProtectVirtualEax = 0x4d;
- else if (sysvion == 4)//win7x86
- Ntdll_ProtectVirtualEax = 0xd7;
- else if (sysvion == 1)//WINXP
- Ntdll_ProtectVirtualEax = 0x89;
- else if (sysvion == 2)//WIN2003
- Ntdll_ProtectVirtualEax = 0x8f;
- else if (sysvion == 5 && TSRuntime::IsWin8X64)
- Ntdll_ProtectVirtualEax = 0x4e;
- else if (sysvion == 5)//win8X86
- Ntdll_ProtectVirtualEax = 0xC3;
- }
- if (ZwOpenProcessRet == 0)
- {
- DWORD addr = (DWORD)GetProcAddress(GetModuleHandle(L"ntdll.dll"), "ZwOpenProcess");
- ZwOpenProcessRet = addr + 5;
- if (sysvion == 4 && TSRuntime::IsWin7X64)//win7X64
- ZwOpenProcessEax = 0x23;
- else if (sysvion == 4)//win7x86
- ZwOpenProcessEax = 0xBe;
- else if (sysvion == 1)//WINXP
- ZwOpenProcessEax = 0x7a;
- else if (sysvion == 2)//WIN2003
- ZwOpenProcessEax = 0X80;
- else if (sysvion == 5 && TSRuntime::IsWin8X64)
- ZwOpenProcessEax = 0X24;
- else if (sysvion == 5)//win8X86
- ZwOpenProcessEax = 0XDD;
- }
- // m_mutex=mm_mutex;
- }
- TSMemoryAPI::~TSMemoryAPI(void)
- {
- }
- void FindDataThread(void* para)
- {
- PFindDataInfo info = (PFindDataInfo)para;
- BYTE buffData[4096] = { 0 };
- int retstrlen = 0;
- //DWORD count=0;
- DWORD dwRead = 0;
- DWORD ibegin = 0;
- if (info->FindDataType == FINDDATATYPE_FINDFLOATEX) //FindFloatEx
- {
- for (int n = 0; n < info->dwncount; n++)
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程
- for (int k = 0; k < info->dwncount; k++)
- {
- if (info->bfindindex[k] == true)
- n = k;
- else
- {
- info->bfindindex[k] = true;
- break;
- }
- }
- LeaveCriticalSection(&info->m_mutex);//临界区保护多线程
- int size = info->dwend[n] - info->dwbegin[n];
- if (size <= 4096)
- {
- ibegin = info->dwbegin[n];
- ::memset(buffData, 0, size);
- if (ReadProcessMemory(info->hprocess, LPVOID(info->dwbegin[n]), buffData, size, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- float* float_value = (float*)&buffData[i];
- if (*float_value >= info->float_value_min && *float_value <= info->float_value_max)
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
- if (info->count <= 20000) //记录找到地址的上限为20000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(info->retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(info->retstr, inx);
- }
- else
- {
- LeaveCriticalSection(&info->m_mutex);
- return;
- }
- info->count++;
- LeaveCriticalSection(&info->m_mutex);
- }
- }
- }
- }
- else
- {
- ibegin = info->dwbegin[n];
- int sizen = 4096;
- while (ibegin < info->dwend[n] && info->dwend[n]>0)
- {
- if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- float* float_value = (float*)&buffData[i];
- if (*float_value >= info->float_value_min && *float_value <= info->float_value_max)
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
- if (info->count <= 20000) //记录找到地址的上限为20000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(info->retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(info->retstr, inx);
- }
- else
- {
- LeaveCriticalSection(&info->m_mutex);
- return;
- }
- info->count++;
- LeaveCriticalSection(&info->m_mutex);
- }
- }
- }
- if (info->dwend[n] >= ibegin + 4096)
- ibegin = ibegin + 4096;
- else
- {
- sizen = info->dwend[n] - ibegin;
- ibegin = ibegin + 4096;
- ::memset(buffData, 0, sizen);
- }
- }
- }
- }
- }
- else if (info->FindDataType == FINDDATATYPE_FINDDOUBLEEX) //FindDoubleEx
- {
- for (int n = 0; n < info->dwncount; n++)
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程
- for (int k = 0; k < info->dwncount; k++)
- {
- if (info->bfindindex[k] == true)
- n = k;
- else
- {
- info->bfindindex[k] = true;
- break;
- }
- }
- LeaveCriticalSection(&info->m_mutex);//临界区保护多线程
- int size = info->dwend[n] - info->dwbegin[n];
- if (size <= 4096)
- {
- ibegin = info->dwbegin[n];
- ::memset(buffData, 0, size);
- if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, size, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- double* double_value = (double*)&buffData[i];
- if (*double_value >= info->double_value_min && *double_value <= info->double_value_max)
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
- if (info->count <= 20000) //记录找到地址的上限为20000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(info->retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(info->retstr, inx);
- //swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i));
- }
- else
- {
- LeaveCriticalSection(&info->m_mutex);
- return;
- }
- info->count++;
- LeaveCriticalSection(&info->m_mutex);
- }
- }
- }
- }
- else
- {
- ibegin = info->dwbegin[n];
- int sizen = 4096;
- while (ibegin < info->dwend[n] && info->dwend[n]>0)
- {
- if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- double* double_value = (double*)&buffData[i];
- if (*double_value >= info->double_value_min && *double_value <= info->double_value_max)
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
- if (info->count <= 20000) //记录找到地址的上限为20000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(info->retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(info->retstr, inx);
- //swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i));
- }
- else
- {
- LeaveCriticalSection(&info->m_mutex);
- return;
- }
- info->count++;
- LeaveCriticalSection(&info->m_mutex);
- }
- }
- }
- if (info->dwend[n] >= ibegin + 4096)
- ibegin = ibegin + 4096;
- else
- {
- sizen = info->dwend[n] - ibegin;
- ibegin = ibegin + 4096;
- ::memset(buffData, 0, sizen);
- }
- }
- }
- }
- }
- else if (info->FindDataType == FINDDATATYPE_FINDINTEX)//FindIntEx
- {
- for (int n = 0; n < info->dwncount; n++)
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程
- for (int k = 0; k < info->dwncount; k++)
- {
- if (info->bfindindex[k] == true)
- n = k;
- else
- {
- info->bfindindex[k] = true;
- break;
- }
- }
- LeaveCriticalSection(&info->m_mutex);//临界区保护多线程
- int size = info->dwend[n] - info->dwbegin[n];
- if (size <= 4096)
- {
- ibegin = info->dwbegin[n];
- ::memset(buffData, 0, size);
- if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, size, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- if (info->FindIntType == 0)//0 : 32位
- {
- int* value = (int*)&buffData[i];
- if (*value >= info->int_value_min && *value <= info->int_value_max)
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
- if (info->count <= 20000) //记录找到地址的上限为20000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(info->retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(info->retstr, inx);
- //swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i));
- }
- else
- {
- LeaveCriticalSection(&info->m_mutex);
- return;
- }
- info->count++;
- LeaveCriticalSection(&info->m_mutex);
- }
- }
- else if (info->FindIntType == 1) //1 : 16 位
- {
- short* value = (short*)&buffData[i];
- if (*value >= info->int_value_min && *value <= info->int_value_max)
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
- if (info->count <= 20000) //记录找到地址的上限为20000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(info->retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(info->retstr, inx);
- //swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i));
- }
- else
- {
- LeaveCriticalSection(&info->m_mutex);
- return;
- }
- info->count++;
- LeaveCriticalSection(&info->m_mutex);
- }
- }
- else if (info->FindIntType == 2)//2 : 8位
- {
- if (buffData[i] >= info->int_value_min && buffData[i] <= info->int_value_max)
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
- if (info->count <= 20000) //记录找到地址的上限为20000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(info->retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(info->retstr, inx);
- //swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i));
- }
- else
- {
- LeaveCriticalSection(&info->m_mutex);
- return;
- }
- info->count++;
- LeaveCriticalSection(&info->m_mutex);
- }
- }
- }
- }
- }
- else
- {
- ibegin = info->dwbegin[n];
- int sizen = 4096;
- while (ibegin < info->dwend[n] && info->dwend[n]>0)
- {
- if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- if (info->FindIntType == 0)//0 : 32位
- {
- int* value = (int*)&buffData[i];
- if (*value >= info->int_value_min && *value <= info->int_value_max)
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
- if (info->count <= 20000) //记录找到地址的上限为20000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(info->retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(info->retstr, inx);
- //swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i));
- }
- else
- {
- LeaveCriticalSection(&info->m_mutex);
- return;
- }
- info->count++;
- LeaveCriticalSection(&info->m_mutex);
- }
- }
- else if (info->FindIntType == 1) //1 : 16 位
- {
- short* value = (short*)&buffData[i];
- if (*value >= info->int_value_min && *value <= info->int_value_max)
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
- if (info->count <= 20000) //记录找到地址的上限为20000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(info->retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(info->retstr, inx);
- //swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i));
- }
- else
- {
- LeaveCriticalSection(&info->m_mutex);
- return;
- }
- info->count++;
- LeaveCriticalSection(&info->m_mutex);
- }
- }
- else if (info->FindIntType == 2)//2 : 8位
- {
- if (buffData[i] >= info->int_value_min && buffData[i] <= info->int_value_max)
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
- if (info->count <= 20000) //记录找到地址的上限为20000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(info->retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(info->retstr, inx);
- //swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i));
- }
- else
- {
- LeaveCriticalSection(&info->m_mutex);
- return;
- }
- info->count++;
- LeaveCriticalSection(&info->m_mutex);
- }
- }
- }
- }
- if (info->dwend[n] >= ibegin + 4096)
- ibegin = ibegin + 4096;
- else
- {
- sizen = info->dwend[n] - ibegin;
- ibegin = ibegin + 4096;
- ::memset(buffData, 0, sizen);
- }
- }
- }
- }
- }
- else if (info->FindDataType == FINDDATATYPE_FINDDATAEX)
- {
- int nindex = 0;
- for (int n = 0; n < info->dwncount; n++)
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程
- for (int k = 0; k < info->dwncount; k++)
- {
- if (info->bfindindex[k] == true)
- n = k;
- else
- {
- info->bfindindex[k] = true;
- break;
- }
- }
- LeaveCriticalSection(&info->m_mutex);//临界区保护多线程
- int size = info->dwend[n] - info->dwbegin[n];
- if (size <= 4096)
- {
- ibegin = info->dwbegin[n];
- ::memset(buffData, 0, size);
- if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, size, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- if (buffData[i] == info->Finddata[nindex] || info->Finddata[nindex] == 256)// unknow=256;//标记??模糊查询
- {
- if (info->FindIntType == (nindex + 1)) //匹配成功
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
- if (info->count <= 20000) //记录找到地址的上限为20000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(info->retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i) - nindex);
- else
- swprintf(inx, L"|%X", (ibegin + i) - nindex);
- wcscat(info->retstr, inx);
- //swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i)-nindex);
- }
- else
- {
- LeaveCriticalSection(&info->m_mutex);
- return;
- }
- info->count++;
- nindex = 0;
- LeaveCriticalSection(&info->m_mutex);
- }
- nindex++;
- }
- else
- nindex = 0;
- }
- }
- }
- else
- {
- ibegin = info->dwbegin[n];
- int sizen = 4096;
- while (ibegin < info->dwend[n] && info->dwend[n]>0)
- {
- if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- if (buffData[i] == info->Finddata[nindex] || info->Finddata[nindex] == 256)// unknow=256;//标记??模糊查询
- {
- if (info->FindIntType == (nindex + 1)) //匹配成功
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
- if (info->count <= 20000) //记录找到地址的上限为20000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(info->retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i) - nindex);
- else
- swprintf(inx, L"|%X", (ibegin + i) - nindex);
- wcscat(info->retstr, inx);
- //swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i)-nindex);
- }
- else
- {
- LeaveCriticalSection(&info->m_mutex);
- return;
- }
- info->count++;
- nindex = 0;
- LeaveCriticalSection(&info->m_mutex);
- }
- nindex++;
- }
- else
- nindex = 0;
- }
- }
- if (info->dwend[n] >= ibegin + 4096)
- ibegin = ibegin + 4096;
- else
- {
- sizen = info->dwend[n] - ibegin;
- ibegin = ibegin + 4096;
- ::memset(buffData, 0, sizen);
- }
- }
- }
- }
- }
- else if (info->FindDataType == FINDDATATYPE_FINDSTRINGEX)
- {
- int nindex = 0;
- //////////////////0:ASCCII编码查找 1:Unicode编码查找//////////////////////////////
- if (info->FindIntType == 1)
- {
- USES_CONVERSION;
- int len = wcslen(info->Findstring);
- char chstr[MAX_PATH * 2] = { 0 };
- strcpy(chstr, W2A(info->Findstring));
- len = strlen(chstr);;
- for (int n = 0; n < info->dwncount; n++)
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程
- for (int k = 0; k < info->dwncount; k++)
- {
- if (info->bfindindex[k] == true)
- n = k;
- else
- {
- info->bfindindex[k] = true;
- break;
- }
- }
- LeaveCriticalSection(&info->m_mutex);//临界区保护多线程
- int size = info->dwend[n] - info->dwbegin[n];
- if (size <= 4096)
- {
- ibegin = info->dwbegin[n];
- ::memset(buffData, 0, size);
- if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, size, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- if (buffData[i] == chstr[nindex])
- {
- if (len == (nindex + 1)) //匹配成功
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
- if (info->count <= 20000) //记录找到地址的上限为20000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(info->retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i) - nindex);
- else
- swprintf(inx, L"|%X", (ibegin + i) - nindex);
- wcscat(info->retstr, inx);
- //swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i)-nindex);
- }
- else
- {
- LeaveCriticalSection(&info->m_mutex);
- return;
- }
- info->count++;
- nindex = 0;
- LeaveCriticalSection(&info->m_mutex);
- }
- nindex++;
- }
- else
- nindex = 0;
- }
- }
- }
- else
- {
- ibegin = info->dwbegin[n];
- int sizen = 4096;
- while (ibegin < info->dwbegin[n] && info->dwbegin[n]>0)
- {
- if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- if (buffData[i] == chstr[nindex])
- {
- if (len == (nindex + 1)) //匹配成功
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
- if (info->count <= 20000) //记录找到地址的上限为20000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(info->retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i) - nindex);
- else
- swprintf(inx, L"|%X", (ibegin + i) - nindex);
- wcscat(info->retstr, inx);
- //swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i)-nindex);
- }
- else
- {
- LeaveCriticalSection(&info->m_mutex);
- return;
- }
- info->count++;
- nindex = 0;
- LeaveCriticalSection(&info->m_mutex);
- }
- nindex++;
- }
- else
- nindex = 0;
- }
- }
- if (info->dwbegin[n] >= ibegin + 4096)
- ibegin = ibegin + 4096;
- else
- {
- sizen = info->dwbegin[n] - ibegin;
- ibegin = ibegin + 4096;
- ::memset(buffData, 0, sizen);
- }
- }
- }
- }
- }
- else if (info->FindIntType == 0)
- {
- int len = wcslen(info->Findstring);
- for (int n = 0; n < info->dwncount; n++)
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程
- for (int k = 0; k < info->dwncount; k++)
- {
- if (info->bfindindex[k] == true)
- n = k;
- else
- {
- info->bfindindex[k] = true;
- break;
- }
- }
- LeaveCriticalSection(&info->m_mutex);//临界区保护多线程
- int size = info->dwend[n] - info->dwbegin[n];
- if (size <= 4096)
- {
- ibegin = info->dwbegin[n];
- ::memset(buffData, 0, size);
- if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, size, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- if (buffData[i] == info->Findstring[nindex])
- {
- if (len == (nindex + 1)) //匹配成功
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
- if (info->count <= 20000) //记录找到地址的上限为20000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(info->retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", ibegin + (i - nindex) * 2);
- else
- swprintf(inx, L"|%X", ibegin + (i - nindex) * 2);
- wcscat(info->retstr, inx);
- //swprintf(info->retstr,L"%s|%X",info->retstr,ibegin+(i-nindex)*2);
- }
- else
- {
- LeaveCriticalSection(&info->m_mutex);
- return;
- }
- info->count++;
- nindex = 0;
- LeaveCriticalSection(&info->m_mutex);
- }
- nindex++;
- }
- else
- nindex = 0;
- }
- }
- }
- else
- {
- ibegin = info->dwbegin[n];
- int sizen = 4096;
- while (ibegin < info->dwend[n] && info->dwend[n]>0)
- {
- if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- if (buffData[i] == info->Findstring[nindex])
- {
- if (len == (nindex + 1)) //匹配成功
- {
- EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
- if (info->count <= 20000) //记录找到地址的上限为20000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(info->retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", ibegin + (i - nindex) * 2);
- else
- swprintf(inx, L"|%X", ibegin + (i - nindex) * 2);
- wcscat(info->retstr, inx);
- //swprintf(info->retstr,L"%s|%X",info->retstr,ibegin+(i-nindex)*2);
- }
- else
- {
- LeaveCriticalSection(&info->m_mutex);
- return;
- }
- info->count++;
- nindex = 0;
- LeaveCriticalSection(&info->m_mutex);
- }
- nindex++;
- }
- else
- nindex = 0;
- }
- }
- if (info->dwend[n] >= ibegin + 4096)
- ibegin = ibegin + 4096;
- else
- {
- sizen = info->dwend[n] - ibegin;
- ibegin = ibegin + 4096;
- ::memset(buffData, 0, sizen);
- }
- }
- }
- }
- }
- }
- }
- bool TSMemoryAPI::TSFindInt(LONG hwnd, wchar_t* addr_range, wchar_t* retstr, LONG int_value_min, LONG int_value_max, LONG type, bool threadtype)
- {
- bool bret = false;
- LONG ibegin = 0;
- LONG ipend = 0;
- DWORD MaxAddrs[MAX_PATH * 200] = { 0 };//最大寻址的地址个数
- int naddr = 0;
- if (TSGetaddr_range(addr_range, ibegin, ipend, MaxAddrs, naddr))
- {
- if (ibegin >= ipend && naddr == 0)
- return bret;
- DWORD Pid = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &Pid);
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(Pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)Pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- int retstrlen = 0;
- DWORD dwRead = 0;
- int count = 0;
- if (ibegin >= 0 && naddr == 0)
- {
- if (ibegin < 0x400000)
- ibegin = 0x400000;
- DWORD nbegin[MAX_PATH * 10] = { 0 };
- DWORD npend[MAX_PATH * 10] = { 0 };
- int naddr = 0;
- GetFindaddr(hprocess, (LPVOID)ibegin, (LPVOID)ipend, nbegin, npend, naddr);
- if (naddr == 0)
- return bret;
- if (threadtype)//是否多线程模式
- {
- DWORD ncpu = GetProcessNumber();//获取CPU个数,决定多线程的个数
- HANDLE threadhandle[MAX_PATH] = { 0 };
- //双核以下CPU双线程
- if (ncpu <= 2)
- ncpu = 2;
- else if (ncpu >= 8)
- ncpu = 8;
- FindDataInfo info;
- info.FindDataType = FINDDATATYPE_FINDINTEX;
- info.hprocess = hprocess;
- info.int_value_min = int_value_min;
- info.int_value_max = int_value_max;
- info.FindIntType = type;
- info.retstr = retstr;
- info.dwncount = naddr;
- memcpy(info.dwbegin, nbegin, naddr * sizeof(DWORD));
- memcpy(info.dwend, npend, naddr * sizeof(DWORD));
- InitializeCriticalSection(&info.m_mutex);
- for (int i = 0; i < ncpu; i++)
- {
- threadhandle[i] = (HANDLE)_beginthread(FindDataThread, 0, &info);
- }
- ::WaitForMultipleObjects(ncpu, threadhandle, TRUE, INFINITE); //等待所有线程结束后返回
- DeleteCriticalSection(&info.m_mutex);
- return true;
- }
- BYTE buffData[4096] = { 0 };
- for (int n = 0; n < naddr; n++)
- {
- int size = npend[n] - nbegin[n];
- if (size <= 4096)
- {
- ::memset(buffData, 0, size);
- if (ReadProcessMemory(hprocess, LPVOID(nbegin[n]), buffData, size, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- if (type == 0)//0 : 32位
- {
- int* value = (int*)&buffData[i];
- if (*value >= int_value_min && *value <= int_value_max)
- {
- if (count <= 20000)
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
- }
- count++;
- bret = true;
- }
- }
- else if (type == 1) //1 : 16 位
- {
- short* value = (short*)&buffData[i];
- if (*value >= int_value_min && *value <= int_value_max)
- {
- if (count <= 20000)
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
- }
- count++;
- bret = true;
- }
- }
- else if (type == 2)//2 : 8位
- {
- if (buffData[i] >= int_value_min && buffData[i] <= int_value_max)
- {
- if (count <= 20000)
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
- }
- count++;
- bret = true;
- }
- }
- }
- }
- }
- else
- {
- ibegin = nbegin[n];
- int sizen = 4096;
- while (ibegin < npend[n] && npend[n]>0)
- {
- if (ReadProcessMemory(hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- if (type == 0)//0 : 32位
- {
- int* value = (int*)&buffData[i];
- if (*value >= int_value_min && *value <= int_value_max)
- {
- if (count <= 20000)
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
- }
- count++;
- bret = true;
- }
- }
- else if (type == 1) //1 : 16 位
- {
- short* value = (short*)&buffData[i];
- if (*value >= int_value_min && *value <= int_value_max)
- {
- if (count <= 20000)
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
- }
- count++;
- bret = true;
- }
- }
- else if (type == 2)//2 : 8位
- {
- if (buffData[i] >= int_value_min && buffData[i] <= int_value_max)
- {
- if (count <= 20000)
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
- }
- count++;
- bret = true;
- }
- }
- }
- }
- if (npend[n] >= ibegin + 4096)
- ibegin = ibegin + 4096;
- else
- {
- sizen = npend[n] - ibegin;
- ibegin = ibegin + 4096;
- ::memset(buffData, 0, sizen);
- }
- }
- }
- }
- //BYTE buffData[4096]={0};
- //while(ibegin<ipend&&ibegin>0)
- // {
- // ::memset(buffData,0,4096);
- // if(ReadProcessMemory(hprocess,LPVOID(ibegin),buffData,4096,&dwRead))
- // {
- // int i=0;
- // for(;i<(int)dwRead;i++)
- // {
- // if(type==0)//0 : 32位
- // {
- // int *value=(int *)&buffData[i];
- // if(*value>=int_value_min&&*value<=int_value_max)
- // {
- // if(count<=20000)
- // {
- // if(retstrlen==0)
- // retstrlen=wcslen(retstr);
- // if(retstrlen==0)
- // swprintf(retstr,L"%X",(ibegin+i));
- // else
- // swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
- // }
- // count++;
- // bret=true;
- // }
- // }
- // else if(type==1) //1 : 16 位
- // {
- // short *value=(short *)&buffData[i];
- // if(*value>=int_value_min&&*value<=int_value_max)
- // {
- // if(count<=20000)
- // {
- // if(retstrlen==0)
- // retstrlen=wcslen(retstr);
- // if(retstrlen==0)
- // swprintf(retstr,L"%X",(ibegin+i));
- // else
- // swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
- // }
- // count++;
- // bret=true;
- // }
- // }
- // else if(type==2)//2 : 8位
- // {
- // if(buffData[i]>=int_value_min&&buffData[i]<=int_value_max)
- // {
- // if(count<=20000)
- // {
- // if(retstrlen==0)
- // retstrlen=wcslen(retstr);
- // if(retstrlen==0)
- // swprintf(retstr,L"%X",(ibegin+i));
- // else
- // swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
- // }
- // count++;
- // bret=true;
- // }
- // }
- // }
- // }
- // ibegin=ibegin+4096;
- // }
- }
- else
- {
- if (type == 0)//0 : 32位
- {
- int value = 0;
- for (int i = 0; i < naddr; i++)
- {
- if (ReadProcessMemory(hprocess, LPVOID(MaxAddrs[i]), &value, sizeof(int), &dwRead))
- {
- if (value >= int_value_min && value <= int_value_max)
- {
- if (count <= 2000)
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", MaxAddrs[i]);
- else
- swprintf(inx, L"|%X", MaxAddrs[i]);
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,MaxAddrs[i]);
- }
- bret = true;
- count++;
- }
- }
- }
- }
- else if (type == 1) //1 : 16 位
- {
- short value = 0;
- for (int i = 0; i < naddr; i++)
- {
- if (ReadProcessMemory(hprocess, LPVOID(MaxAddrs[i]), &value, sizeof(short), &dwRead))
- {
- if (value >= int_value_min && value <= int_value_max)
- {
- if (count <= 2000)
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", MaxAddrs[i]);
- else
- swprintf(inx, L"|%X", MaxAddrs[i]);
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,MaxAddrs[i]);
- }
- bret = true;
- count++;
- }
- }
- }
- }
- else if (type == 2)//2 : 8位
- {
- BYTE value = 0;
- for (int i = 0; i < naddr; i++)
- {
- if (ReadProcessMemory(hprocess, LPVOID(MaxAddrs[i]), &value, sizeof(BYTE), &dwRead))
- {
- if (value >= int_value_min && value <= int_value_max)
- {
- if (count <= 2000)
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", MaxAddrs[i]);
- else
- swprintf(inx, L"|%X", MaxAddrs[i]);
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,MaxAddrs[i]);
- }
- bret = true;
- count++;
- }
- }
- }
- }
- }
- }
- return bret;
- }
- bool TSMemoryAPI::TSFindFloat(LONG hwnd, wchar_t* addr_range, wchar_t* retstr, FLOAT float_value_min, FLOAT float_value_max, bool threadtype)
- {
- // TSRuntime::newstr=NULL;
- bool bret = false;
- LONG ibegin = 0;
- LONG ipend = 0;
- DWORD MaxAddrs[MAX_PATH * 200] = { 0 };//最大寻址的地址个数
- int naddr = 0;
- int count = 0;
- if (TSGetaddr_range(addr_range, ibegin, ipend, MaxAddrs, naddr))
- {
- if (ibegin >= ipend && naddr == 0)
- return bret;
- DWORD Pid = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &Pid);
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(Pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)Pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- int retstrlen = 0;
- DWORD dwRead = 0;
- if (ibegin >= 0 && naddr == 0)
- {
- if (ibegin < 0x400000)
- ibegin = 0x400000;
- DWORD nbegin[MAX_PATH * 10] = { 0 };
- DWORD npend[MAX_PATH * 10] = { 0 };
- int naddr = 0;
- GetFindaddr(hprocess, (LPVOID)ibegin, (LPVOID)ipend, nbegin, npend, naddr);
- if (naddr == 0)
- return bret;
- if (threadtype)//是否多线程模式
- {
- memset(TSRuntime::membstr, 0, MAX_PATH * 200);
- DWORD ncpu = GetProcessNumber();//获取CPU个数,决定多线程的个数
- HANDLE threadhandle[MAX_PATH] = { 0 };
- //双核以下CPU双线程
- if (ncpu <= 2)
- ncpu = 2;
- else if (ncpu >= 8)
- ncpu = 8;
- FindDataInfo info;
- info.FindDataType = FINDDATATYPE_FINDFLOATEX;
- info.hprocess = hprocess;
- info.float_value_min = float_value_min;
- info.float_value_max = float_value_max;
- info.retstr = retstr;
- info.dwncount = naddr;
- memcpy(info.dwbegin, nbegin, naddr * sizeof(DWORD));
- memcpy(info.dwend, npend, naddr * sizeof(DWORD));
- InitializeCriticalSection(&info.m_mutex);
- for (int i = 0; i < ncpu; i++)
- {
- threadhandle[i] = (HANDLE)_beginthread(FindDataThread, 0, &info);
- }
- ::WaitForMultipleObjects(ncpu, threadhandle, TRUE, INFINITE); //等待所有线程结束后返回
- DeleteCriticalSection(&info.m_mutex);
- return true;
- }
- BYTE buffData[4096] = { 0 };
- for (int n = 0; n < naddr; n++)
- {
- int size = npend[n] - nbegin[n];
- if (size <= 4096)
- {
- ::memset(buffData, 0, size);
- if (ReadProcessMemory(hprocess, LPVOID(nbegin[n]), buffData, size, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- float* float_value = (float*)&buffData[i];
- if (*float_value >= float_value_min && *float_value <= float_value_max)
- {
- if (count <= 20000) //记录找到地址的上限为5000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
- }
- count++;
- }
- }
- }
- }
- else
- {
- ibegin = nbegin[n];
- int sizen = 4096;
- while (ibegin < npend[n] && npend[n]>0)
- {
- if (ReadProcessMemory(hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- float* float_value = (float*)&buffData[i];
- if (*float_value >= float_value_min && *float_value <= float_value_max)
- {
- if (count <= 20000) //记录找到地址的上限为5000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
- }
- count++;
- }
- }
- }
- if (npend[n] >= ibegin + 4096)
- ibegin = ibegin + 4096;
- else
- {
- sizen = npend[n] - ibegin;
- ibegin = ibegin + 4096;
- ::memset(buffData, 0, sizen);
- }
- }
- }
- }
- //BYTE buffData[4096]={0};
- //while(ibegin<ipend&&ibegin>0)
- // {
- // ::memset(buffData,0,4096);
- // if(ReadProcessMemory(hprocess,LPVOID(ibegin),buffData,4096,&dwRead))
- // {
- // int i=0;
- // for(;i<(int)dwRead;i++)
- // {
- // float *float_value=(float *)&buffData[i];
- // if(*float_value>=float_value_min&&*float_value<=float_value_max)
- // {
- // if(count<=10000)
- // {
- // if(retstrlen==0)
- // retstrlen=wcslen(retstr);
- // if(retstrlen==0)
- // swprintf(retstr,L"%X",(ibegin+i));
- // else
- // swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
- // }
- // count++;
- // bret=true;
- // }
- // }
- // }
- // ibegin=ibegin+4096;
- // }
- }
- else
- {
- float buffData = 0;
- for (int i = 0; i < naddr; i++)
- {
- if (ReadProcessMemory(hprocess, LPVOID(MaxAddrs[i]), &buffData, sizeof(float), &dwRead))
- {
- if (buffData >= float_value_min && buffData <= float_value_max)
- {
- if (count <= 10000)
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", MaxAddrs[i]);
- else
- swprintf(inx, L"|%X", MaxAddrs[i]);
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,MaxAddrs[i]);
- }
- bret = true;
- count++;
- }
- }
- }
- }
- }
- //if(bret&&count>1600)
- // TSRuntime::newstr=::SysAllocString(retstr);
- return bret;
- }
- bool TSMemoryAPI::TSFindDouble(LONG hwnd, wchar_t* addr_range, wchar_t* retstr, double double_value_min, double double_value_max, bool threadtype)
- {
- bool bret = false;
- LONG ibegin = 0;
- LONG ipend = 0;
- DWORD MaxAddrs[MAX_PATH * 200] = { 0 };//最大寻址的地址个数
- int naddr = 0;
- if (TSGetaddr_range(addr_range, ibegin, ipend, MaxAddrs, naddr))
- {
- if (ibegin >= ipend && naddr == 0)
- return bret;
- DWORD Pid = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &Pid);
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(Pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)Pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- int retstrlen = 0;
- DWORD dwRead = 0;
- int count = 0;
- if (ibegin >= 0 && naddr == 0)
- {
- if (ibegin < 0x400000)
- ibegin = 0x400000;
- DWORD nbegin[MAX_PATH * 10] = { 0 };
- DWORD npend[MAX_PATH * 10] = { 0 };
- int naddr = 0;
- GetFindaddr(hprocess, (LPVOID)ibegin, (LPVOID)ipend, nbegin, npend, naddr);
- if (naddr == 0)
- return bret;
- if (threadtype)//是否多线程模式
- {
- memset(TSRuntime::membstr, 0, MAX_PATH * 200);
- DWORD ncpu = GetProcessNumber();//获取CPU个数,决定多线程的个数
- HANDLE threadhandle[MAX_PATH] = { 0 };
- //双核以下CPU双线程
- if (ncpu <= 2)
- ncpu = 2;
- else if (ncpu >= 8)
- ncpu = 8;
- FindDataInfo info;
- info.FindDataType = FINDDATATYPE_FINDDOUBLEEX;
- info.hprocess = hprocess;
- info.double_value_min = double_value_min;
- info.double_value_max = double_value_max;
- info.retstr = retstr;
- info.dwncount = naddr;
- memcpy(info.dwbegin, nbegin, naddr * sizeof(DWORD));
- memcpy(info.dwend, npend, naddr * sizeof(DWORD));
- InitializeCriticalSection(&info.m_mutex);
- for (int i = 0; i < ncpu; i++)
- {
- threadhandle[i] = (HANDLE)_beginthread(FindDataThread, 0, &info);
- }
- ::WaitForMultipleObjects(ncpu, threadhandle, TRUE, INFINITE); //等待所有线程结束后返回
- DeleteCriticalSection(&info.m_mutex);
- return true;
- }
- BYTE buffData[4096] = { 0 };
- for (int n = 0; n < naddr; n++)
- {
- int size = npend[n] - nbegin[n];
- if (size <= 4096)
- {
- ::memset(buffData, 0, size);
- if (ReadProcessMemory(hprocess, LPVOID(nbegin[n]), buffData, size, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- double* double_value = (double*)&buffData[i];
- if (*double_value >= double_value_min && *double_value <= double_value_max)
- {
- if (count <= 20000) //记录找到地址的上限为5000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
- }
- count++;
- }
- }
- }
- }
- else
- {
- ibegin = nbegin[n];
- int sizen = 4096;
- while (ibegin < npend[n] && npend[n]>0)
- {
- if (ReadProcessMemory(hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- double* double_value = (double*)&buffData[i];
- if (*double_value >= double_value_min && *double_value <= double_value_max)
- {
- if (count <= 20000) //记录找到地址的上限为5000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i));
- else
- swprintf(inx, L"|%X", (ibegin + i));
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
- }
- count++;
- }
- }
- }
- if (npend[n] >= ibegin + 4096)
- ibegin = ibegin + 4096;
- else
- {
- sizen = npend[n] - ibegin;
- ibegin = ibegin + 4096;
- ::memset(buffData, 0, sizen);
- }
- }
- }
- }
- //BYTE buffData[4096]={0};
- //while(ibegin<ipend&&ibegin>0)
- // {
- // ::memset(buffData,0,4096);
- // if(ReadProcessMemory(hprocess,LPVOID(ibegin),buffData,4096,&dwRead))
- // {
- // int i=0;
- // for(;i<(int)dwRead;i++)
- // {
- // double *double_value=(double *)&buffData[i];
- // if(*double_value>=double_value_min&&*double_value<=double_value_max)
- // {
- // if(count<=5000) //记录找到地址的上限为5000,防止溢出
- // {
- // if(retstrlen==0)
- // retstrlen=wcslen(retstr);
- // if(retstrlen==0)
- // swprintf(retstr,L"%X",(ibegin+i));
- // else
- // swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
- // }
- // count++;
- // }
- // }
- // }
- // ibegin=ibegin+4096;
- // }
- }
- else
- {
- double buffData = 0;
- for (int i = 0; i < naddr; i++)
- {
- if (ReadProcessMemory(hprocess, LPVOID(MaxAddrs[i]), &buffData, sizeof(double), &dwRead))
- {
- if (buffData >= double_value_min && buffData <= double_value_max)
- {
- if (count <= 20000) //记录找到地址的上限为5000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", MaxAddrs[i]);
- else
- swprintf(inx, L"|%X", MaxAddrs[i]);
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,MaxAddrs[i]);
- }
- count++;
- }
- }
- }
- }
- }
- return bret;
- }
- bool TSMemoryAPI::TSFindData(LONG hwnd, wchar_t* addr_range, wchar_t* data, wchar_t* retstr, bool threadtype)
- {
- bool bret = false;
- LONG ibegin = 0;
- LONG ipend = 0;
- DWORD MaxAddrs[MAX_PATH * 200] = { 0 };//最大寻址的地址个数
- int naddr = 0;
- if (wcslen(data) == 0 || wcslen(addr_range) == 0)
- return false;
- if (TSGetaddr_range(addr_range, ibegin, ipend, MaxAddrs, naddr))
- {
- if (ibegin >= ipend && naddr == 0)
- return bret;
- DWORD Pid = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &Pid);
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(Pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)Pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- DWORD dwRead = 0;
- int nindex = 0;
- DWORD Finddata[MAX_PATH] = { 0 };
- int nconut = 0;//返回 data的个数
- TSGetDataValue(data, Finddata, nconut);
- int retstrlen = 0;
- int count = 0;
- if (ibegin >= 0 && naddr == 0)
- {
- if (ibegin < 0x400000)
- ibegin = 0x400000;
- DWORD nbegin[MAX_PATH * 10] = { 0 };
- DWORD npend[MAX_PATH * 10] = { 0 };
- int naddr = 0;
- GetFindaddr(hprocess, (LPVOID)ibegin, (LPVOID)ipend, nbegin, npend, naddr);
- if (naddr == 0)
- return bret;
- if (threadtype)//是否多线程模式
- {
- DWORD ncpu = GetProcessNumber();//获取CPU个数,决定多线程的个数
- HANDLE threadhandle[MAX_PATH] = { 0 };
- //双核以下CPU双线程
- if (ncpu <= 2)
- ncpu = 2;
- else if (ncpu >= 8)
- ncpu = 8;
- FindDataInfo info;
- info.FindDataType = FINDDATATYPE_FINDDATAEX;
- info.hprocess = hprocess;
- memcpy(info.Finddata, Finddata, sizeof(DWORD) * nconut);
- info.FindIntType = nconut;
- info.retstr = retstr;
- info.dwncount = naddr;
- memcpy(info.dwbegin, nbegin, naddr * sizeof(DWORD));
- memcpy(info.dwend, npend, naddr * sizeof(DWORD));
- InitializeCriticalSection(&info.m_mutex);
- for (int i = 0; i < ncpu; i++)
- {
- threadhandle[i] = (HANDLE)_beginthread(FindDataThread, 0, &info);
- }
- ::WaitForMultipleObjects(ncpu, threadhandle, TRUE, INFINITE); //等待所有线程结束后返回
- DeleteCriticalSection(&info.m_mutex);
- return true;
- }
- BYTE buffData[4096] = { 0 };
- for (int n = 0; n < naddr; n++)
- {
- int size = npend[n] - nbegin[n];
- if (size <= 4096)
- {
- ::memset(buffData, 0, size);
- if (ReadProcessMemory(hprocess, LPVOID(nbegin[n]), buffData, size, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- if (buffData[i] == Finddata[nindex] || Finddata[nindex] == 256)// unknow=256;//标记??模糊查询
- {
- if (nconut == (nindex + 1)) //匹配成功
- {
- if (count <= 20000) //记录找到地址的上限为5000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i) - nindex);
- else
- swprintf(inx, L"|%X", (ibegin + i) - nindex);
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,(ibegin+i)-nindex);
- }
- count++;
- nindex = 0;
- }
- nindex++;
- }
- else
- nindex = 0;
- }
- }
- }
- else
- {
- ibegin = nbegin[n];
- int sizen = 4096;
- while (ibegin < npend[n] && npend[n]>0)
- {
- if (ReadProcessMemory(hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- if (buffData[i] == Finddata[nindex] || Finddata[nindex] == 256)// unknow=256;//标记??模糊查询
- {
- if (nconut == (nindex + 1)) //匹配成功
- {
- if (count <= 20000) //记录找到地址的上限为5000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", (ibegin + i) - nindex);
- else
- swprintf(inx, L"|%X", (ibegin + i) - nindex);
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,(ibegin+i)-nindex);
- }
- count++;
- nindex = 0;
- }
- nindex++;
- }
- else
- nindex = 0;
- }
- }
- if (npend[n] >= ibegin + 4096)
- ibegin = ibegin + 4096;
- else
- {
- sizen = npend[n] - ibegin;
- ibegin = ibegin + 4096;
- ::memset(buffData, 0, sizen);
- }
- }
- }
- }
- //byte buffData[4096]={0};
- //while(ibegin<ipend&&ibegin>0)
- // {
- // ::memset(buffData,4096,sizeof(byte)*4096);
- // if(ReadProcessMemory(hprocess,LPVOID(ibegin),&buffData,4096,&dwRead))
- // {
- // for(int i=0;i<dwRead;i++)
- // {
- // if(buffData[i]==Finddata[nindex]||Finddata[nindex]==256)// unknow=256;//标记??模糊查询
- // {
- // if(nconut==(nindex+1)) //匹配成功
- // {
- // if(count<=5000) //记录找到地址的上限为5000,防止溢出
- // {
- // if(retstrlen==0)
- // retstrlen=wcslen(retstr);
- // if(retstrlen==0)
- // swprintf(retstr,L"%X",(ibegin+i)-nindex);
- // else
- // swprintf(retstr,L"%s|%X",retstr,(ibegin+i)-nindex);
- // }
- // count++;
- // nindex=0;
- // }
- // nindex++;
- // }
- // else
- // nindex=0;
- //
- // }
- // }
- // ibegin=ibegin+4096;
- // }
- }
- else //地址是地址集合
- {
- byte buffData[MAX_PATH] = { 0 };
- for (int i = 0; i < naddr; i++)
- {
- if (ReadProcessMemory(hprocess, LPVOID(MaxAddrs[i]), &buffData, nconut, &dwRead))
- {
- for (int i = 0; i < nconut; i++)
- {
- if (buffData[i] == Finddata[nindex] || Finddata[nindex] == 256)// unknow=256;//标记??模糊查询
- {
- if (nconut == (nindex + 1)) //匹配成功
- {
- if (count <= 5000) //记录找到地址的上限为5000,防止溢出
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", MaxAddrs[i]);
- else
- swprintf(inx, L"|%X", MaxAddrs[i]);
- wcscat(retstr, inx);
- // swprintf(retstr,L"%s|%X",retstr,MaxAddrs[i]);
- }
- count++;
- nindex = 0;
- }
- nindex++;
- }
- else
- {
- nindex = 0;
- break;
- }
- }
- }
- }
- }
- }
- return bret;
- }
- bool TSMemoryAPI::TSGetDataValue(wchar_t* strs, DWORD* Data_range, int& nconut)
- {
- int len = wcslen(strs);
- int index = 0;
- int n = 0;
- int m = 0;
- int unknow = 0;//标记??模糊查询
- wchar_t s[3] = { 0 };
- for (int i = 0; i < len; i++)
- {
- if (strs[i] != ' ')
- {
- s[n] = strs[i];
- if (strs[i] == '?')
- unknow = 256;
- if (n == 1 && strs[i + 1] != ' ' && (i + 1) != len)
- {
- if (unknow == 0)
- Data_range[index] = wcstol(s, 0, 16);
- else
- {
- Data_range[index] = unknow;
- unknow = 0;
- }
- memset(s, 0, n);
- n = 0;
- m = i;
- index++;
- continue;
- }
- n++;
- }
- else if (n != 0)
- {
- if (unknow == 0)
- Data_range[index] = wcstol(s, 0, 16);
- else
- {
- Data_range[index] = unknow;
- unknow = 0;
- }
- memset(s, 0, n);
- n = 0;
- m = i;
- index++;
- }
- }
- Data_range[index] = wcstol(&strs[m + 1], 0, 16);
- nconut = index + 1;
- return true;
- }
- bool TSMemoryAPI::TSGetaddr_range(wchar_t* strs, LONG& begin, LONG& end, DWORD* addr_range, int& nconut)
- {
- bool bret = false;
- int len = wcslen(strs);
- wchar_t strbegin[16] = { 0 };
- wchar_t strend[16] = { 0 };
- bool fistrfind = false;
- begin = -1;
- end = -1;
- int index = 0;
- int n = 0;
- int m = 0;
- for (int i = 0; i < len; i++, n++)
- {
- if (strs[i] != '-' && strs[i] != '|')
- strbegin[n] = strs[i];
- if (strs[i] == '-')
- {
- if (i > 10)//非法地址
- return false;
- fistrfind = true;
- wcscpy(strend, &strs[i + 1]);
- break;
- }
- else if (strs[i] == '|')
- {
- if (index >= (MAX_PATH * 200) - 1)
- return false;
- if (n <= 10)//判断是否是非法地址
- {
- addr_range[index] = wcstol(strbegin, 0, 16);
- index++;
- bret = true;
- }
- memset(strbegin, 0, n);
- n = -1;
- m = i;
- }
- }
- if (fistrfind)
- {
- begin = wcstol(strbegin, 0, 16);
- end = wcstol(strend, 0, 16);
- bret = true;
- }
- else
- {
- addr_range[index] = wcstol(&strs[m + 1], 0, 16); //拷贝最后一个地址
- nconut = index + 1;
- }
- return bret;
- }
- bool TSMemoryAPI::TSValueTypeToData(int type, wchar_t* retstr, double dvalue, float fvalue, int ivalue, wchar_t* svalue, int type1)
- {
- bool bret = false;
- if (type == 0)//DoubleToData
- {
- BYTE bdouble[8] = { 0 };
- memcpy(bdouble, &dvalue, 8);
- for (int i = 0; i < 8; i++)
- {
- if (i == 0)
- {
- if (bdouble[i] < 0x10)
- swprintf(retstr, L"0%x", bdouble[i]);
- else
- swprintf(retstr, L"%x", bdouble[i]);
- }
- else
- {
- if (bdouble[i] < 0x10)
- swprintf(retstr, L"%s 0%x", retstr, bdouble[i]);
- else
- swprintf(retstr, L"%s %x", retstr, bdouble[i]);
- }
- }
- }
- else if (type == 1) //FloatToData
- {
- BYTE bfolat[4] = { 0 };
- memcpy(bfolat, &fvalue, 4);
- for (int i = 0; i < 4; i++)
- {
- if (i == 0)
- {
- if (bfolat[i] < 0x10)
- swprintf(retstr, L"0%x", bfolat[i]);
- else
- swprintf(retstr, L"%x", bfolat[i]);
- }
- else
- {
- if (bfolat[i] < 0x10)
- swprintf(retstr, L"%s 0%x", retstr, bfolat[i]);
- else
- swprintf(retstr, L"%s %x", retstr, bfolat[i]);
- }
- }
- bret = true;
- }
- else if (type == 2)//IntToData
- {
- //0: 4字节整形数 (一般都选这个)
- //1: 2字节整形数
- //2: 1字节整形数
- int n = 0;
- BYTE bint[4] = { 0 };
- if (type1 == 0)
- {
- memcpy(bint, &ivalue, 4);
- n = 4;
- }
- else if (type1 == 1)
- {
- memcpy(bint, &ivalue, 2);
- n = 2;
- }
- else if (type1 == 2)
- {
- memcpy(bint, &ivalue, 1);
- n = 1;
- }
- if (n == 0)
- return bret;
- for (int i = 0; i < n; i++)
- {
- if (i == 0)
- {
- if (bint[i] < 0x10)
- swprintf(retstr, L"0%x", bint[i]);
- else
- swprintf(retstr, L"%x", bint[i]);
- }
- else
- {
- if (bint[i] < 0x10)
- swprintf(retstr, L"%s 0%x", retstr, bint[i]);
- else
- swprintf(retstr, L"%s %x", retstr, bint[i]);
- }
- }
- bret = true;
- }
- else if (type == 3)//StringToData
- {
- int len = wcslen(svalue);
- USES_CONVERSION;
- if (type1 == 0)//0: 返回Ascii表达的字符串
- {
- char* bstr = new char[len * 2 + 1];
- strcpy(bstr, W2A(svalue));
- for (int i = 0; i < len; i++)
- {
- if (i == 0)
- {
- if (bstr[i] < 0x10)
- swprintf(retstr, L"0%x", bstr[i]);
- else
- swprintf(retstr, L"%x", bstr[i]);
- }
- else
- {
- if (bstr[i] < 0x10)
- swprintf(retstr, L"%s 0%x", retstr, bstr[i]);
- else
- swprintf(retstr, L"%s %x", retstr, bstr[i]);
- }
- }
- delete[] bstr;
- bret = true;
- }
- else if (type1 == 1)//1: 返回Unicode表达的字符串
- {
- for (int i = 0; i < len; i++)
- {
- if (i == 0)
- {
- if (svalue[i] < 0x10)
- swprintf(retstr, L"0%x 00", svalue[i]);
- else
- swprintf(retstr, L"%x 00", svalue[i]);
- }
- else
- {
- if (svalue[i] < 0x10)
- swprintf(retstr, L"%s 0%x 00", retstr, svalue[i]);
- else
- swprintf(retstr, L"%s %x 00", retstr, svalue[i]);
- }
- }
- bret = true;
- }
- }
- return bret;
- }
- DWORD TSMemoryAPI::TSGetFindDataAddr(wchar_t* strs, DWORD pid)
- {
- DWORD readaddr = 0;
- long longAdd = 0;
- wchar_t module[MAX_PATH] = { 0 };
- int moduleindex = 0;//记录模块长度
- int nindex = 0;//记录指针个数
- int noffset = 0;//
- int index = 0;
- bool subindex[MAX_PATH] = { 0 };//标记"-"号的位置:true,默认是"+":false
- wchar_t offsetaddrstr[MAX_PATH][16] = { 0 };//存储偏移地址
- DWORD offsetaddr[MAX_PATH] = { 0 };
- for (int i = 0; i < MAX_PATH; i++)
- {
- memset(offsetaddrstr[i], 0, 16);
- }
- int len = wcslen(strs);
- if (len < 1)
- {
- longAdd = -1;
- return longAdd;
- }
- for (int i = 0; i < len; i++)
- {
- if (strs[i] == '<' || moduleindex > 0)
- {
- if (strs[i] == '>')
- {
- moduleindex = -1;
- }
- else if (strs[i + 1] != '>')
- {
- module[moduleindex] = strs[i + 1];
- moduleindex++;
- }
- }
- if (strs[i] == '>' && moduleindex == 0)
- {
- longAdd = -1;
- return longAdd;
- }
- if (strs[i] == '[')
- nindex++;//记录指针个数
- else if (((strs[i] == '+' || index > 0) || (strs[i] == '-' || index > 0) || moduleindex == 0))
- {
- if (strs[i] == '-')//记录-号的下标
- subindex[noffset] = true;
- if (strs[i] == ']')
- {
- index = 0;
- noffset++;
- }
- else if (strs[i] != ']' && (strs[i] == '+' || strs[i] == '-'))
- {
- offsetaddrstr[noffset][index] = strs[i + 1];
- index++;
- i++;
- }
- else if (strs[i] != ']')
- {
- offsetaddrstr[noffset][index] = strs[i];
- index++;
- }
- }
- else if ((noffset == nindex))//记录最后一个偏移地址
- {
- if (strs[i] == '-')//记录-号的下标
- subindex[noffset] = true;
- if (strs[i] == '+' || strs[i] == '-')
- {
- offsetaddrstr[noffset][index] = strs[i + 1];
- index++;
- }
- else if (index > 0)
- {
- offsetaddrstr[noffset][index] = strs[i + 1];
- index++;
- }
- }
- }
- DWORD Baseaddr = 0;
- if (moduleindex == -1)//说明有传入<modulename>
- {
- HANDLE tlh = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid);
- MODULEENTRY32 modEntry;
- modEntry.dwSize = sizeof(MODULEENTRY32);
- Module32First(tlh, &modEntry);
- do
- {
- if (!wcsicmp(module, modEntry.szModule))
- {
- Baseaddr = (DWORD)modEntry.modBaseAddr;
- DWORD handle = modEntry.th32ModuleID;
- break;
- }
- } while (Module32Next(tlh, &modEntry));
- CloseHandle(tlh);
- if (Baseaddr == 0)
- {
- longAdd = -1;
- return longAdd;
- }
- }
- if (nindex > 0) //说明不是一级指针
- {
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return longAdd;
- }
- for (int i = 0; i < nindex; i++)
- {
- offsetaddr[i] = wcstol(offsetaddrstr[i], 0, 16);
- if (i == 0 && Baseaddr > 0)
- readaddr = Baseaddr + offsetaddr[i];
- else if (i == 0)
- readaddr = offsetaddr[i];
- else if (readaddr != 0)
- {
- if (subindex[i])
- readaddr = longAdd - offsetaddr[i];
- else
- readaddr = longAdd + offsetaddr[i];
- }
- longAdd = 0;
- if (my_ReadProcessMemory)
- my_ReadProcessMemory(hprocess, (void*)readaddr, &longAdd, sizeof(longAdd), long(0));
- else
- ::ReadProcessMemory(hprocess, (void*)readaddr, &longAdd, sizeof(longAdd), long(0));
- if (longAdd <= 0)//说明读取错误地址
- {
- longAdd = -1;
- return longAdd;
- }
- }
- offsetaddr[nindex] = wcstol(offsetaddrstr[nindex], 0, 16);
- if (subindex[nindex])
- longAdd = longAdd - offsetaddr[nindex];
- else
- longAdd = longAdd + offsetaddr[nindex];
- CloseHandle(hprocess);
- }
- else if (moduleindex != -1)//1367DBC
- longAdd = wcstol(strs, 0, 16);
- else if (moduleindex == -1) //<xx.exe>+1367DBC
- {
- longAdd = wcstol(offsetaddrstr[0], 0, 16);
- longAdd = Baseaddr + longAdd;
- }
- return longAdd;
- }
- bool TSMemoryAPI::TSFindString(LONG hwnd, wchar_t* addr_range, wchar_t* retstr, wchar_t* string_value, LONG type, bool threadtype)
- {
- bool bret = false;
- LONG ibegin = 0;
- LONG ipend = 0;
- DWORD MaxAddrs[MAX_PATH * 200] = { 0 };//最大寻址的地址个数
- int naddr = 0;
- if (TSGetaddr_range(addr_range, ibegin, ipend, MaxAddrs, naddr))
- {
- if (ibegin >= ipend && naddr == 0)
- return bret;
- DWORD Pid = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &Pid);
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(Pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)Pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- int retstrlen = 0;
- DWORD dwRead = 0;
- int count = 0;
- int nindex = 0;
- if (ibegin >= 0 && naddr == 0)
- {
- if (ibegin < 0x400000)
- ibegin = 0x400000;
- DWORD nbegin[MAX_PATH * 10] = { 0 };
- DWORD npend[MAX_PATH * 10] = { 0 };
- int naddr = 0;
- GetFindaddr(hprocess, (LPVOID)ibegin, (LPVOID)ipend, nbegin, npend, naddr);
- if (naddr == 0)
- return bret;
- if (threadtype)//是否多线程模式
- {
- DWORD ncpu = GetProcessNumber();//获取CPU个数,决定多线程的个数
- HANDLE threadhandle[MAX_PATH] = { 0 };
- //双核以下CPU双线程
- if (ncpu <= 2)
- ncpu = 2;
- else if (ncpu >= 8)
- ncpu = 8;
- int len = wcslen(string_value);
- if (len >= MAX_PATH || len == 0)
- return bret;
- FindDataInfo info;
- info.FindDataType = FINDDATATYPE_FINDSTRINGEX;
- info.hprocess = hprocess;
- wcscpy(info.Findstring, string_value);
- info.FindIntType = type; ////0:ASCCII编码查找 1:Unicode编码查找
- info.retstr = retstr;
- info.dwncount = naddr;
- memcpy(info.dwbegin, nbegin, naddr * sizeof(DWORD));
- memcpy(info.dwend, npend, naddr * sizeof(DWORD));
- InitializeCriticalSection(&info.m_mutex);
- for (int i = 0; i < ncpu; i++)
- {
- threadhandle[i] = (HANDLE)_beginthread(FindDataThread, 0, &info);
- }
- ::WaitForMultipleObjects(ncpu, threadhandle, TRUE, INFINITE); //等待所有线程结束后返回
- DeleteCriticalSection(&info.m_mutex);
- return true;
- }
- //////////////////0:ASCCII编码查找 1:Unicode编码查找//////////////////////////////
- if (type == 0)
- {
- USES_CONVERSION;
- int len = wcslen(string_value);
- if (len > MAX_PATH || len == 0)
- return bret;
- char chstr[MAX_PATH * 2] = { 0 };
- strcpy(chstr, W2A(string_value));
- len = strlen(chstr);;
- BYTE buffData[4096] = { 0 };
- for (int n = 0; n < naddr; n++)
- {
- int size = npend[n] - nbegin[n];
- if (size <= 4096)
- {
- ::memset(buffData, 0, size);
- if (ReadProcessMemory(hprocess, LPVOID(nbegin[n]), buffData, size, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- if (buffData[i] == chstr[nindex])
- {
- if (len == (nindex + 1)) //匹配成功
- {
- if (count <= 20000)
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", ibegin + i - nindex);
- else
- swprintf(inx, L"|%X", ibegin + i - nindex);
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,ibegin+i-nindex);
- }
- bret = true;
- count++;
- nindex = 0;
- }
- nindex++;
- }
- else
- nindex = 0;
- }
- }
- }
- else
- {
- ibegin = nbegin[n];
- int sizen = 4096;
- while (ibegin < npend[n] && npend[n]>0)
- {
- if (ReadProcessMemory(hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- if (buffData[i] == chstr[nindex])
- {
- if (len == (nindex + 1)) //匹配成功
- {
- if (count <= 20000)
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", ibegin + (i - nindex) * 2);
- else
- swprintf(inx, L"|%X", ibegin + (i - nindex) * 2);
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,ibegin+i-nindex);
- }
- bret = true;
- count++;
- nindex = 0;
- }
- nindex++;
- }
- else
- nindex = 0;
- }
- }
- if (npend[n] >= ibegin + 4096)
- ibegin = ibegin + 4096;
- else
- {
- sizen = npend[n] - ibegin;
- ibegin = ibegin + 4096;
- ::memset(buffData, 0, sizen);
- }
- }
- }
- }
- //while(ibegin<ipend&&ibegin>0)
- // {
- // memset(buffData,0,4096);
- // if(ReadProcessMemory(hprocess,(PVOID)ibegin,buffData,4096,&dwRead))
- // {
- // for(int i=0;i<dwRead;i++)
- // {
- // if(buffData[i]==chstr[nindex])
- // {
- // if(len==(nindex+1)) //匹配成功
- // {
- // if(count<=20000)
- // {
- // if(retstrlen==0)
- // retstrlen=wcslen(retstr);
- // if(retstrlen==0)
- // swprintf(retstr,L"%X",ibegin+i-nindex);
- // else
- // swprintf(retstr,L"%s|%X",retstr,ibegin+i-nindex);
- // }
- // bret=true;
- // count++;
- // nindex=0;
- // }
- // nindex++;
- // }
- // else
- // nindex=0;
- // }
- // }
- // ibegin=ibegin+4096;
- // }
- }
- else if (type == 1)
- {
- wchar_t buffData[2048] = { 0 };
- int len = wcslen(string_value);
- if (len > MAX_PATH || len == 0)
- return bret;
- //BYTE buffData[4096]={0};
- for (int n = 0; n < naddr; n++)
- {
- int size = npend[n] - nbegin[n];
- if (size <= 4096)
- {
- ::memset(buffData, 0, size);
- if (ReadProcessMemory(hprocess, LPVOID(nbegin[n]), buffData, size, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- if (buffData[i] == string_value[nindex])
- {
- if (len == (nindex + 1)) //匹配成功
- {
- if (count <= 20000)
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", ibegin + (i - nindex) * 2);
- else
- swprintf(inx, L"|%X", ibegin + (i - nindex) * 2);
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,ibegin+(i-nindex)*2);
- }
- bret = true;
- count++;
- nindex = 0;
- }
- nindex++;
- }
- else
- nindex = 0;
- }
- }
- }
- else
- {
- ibegin = nbegin[n];
- int sizen = 4096;
- while (ibegin < npend[n] && npend[n]>0)
- {
- if (ReadProcessMemory(hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
- {
- int i = 0;
- for (; i < (int)dwRead; i++)
- {
- if (buffData[i] == string_value[nindex])
- {
- if (len == (nindex + 1)) //匹配成功
- {
- if (count <= 20000)
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", ibegin + (i - nindex) * 2);
- else
- swprintf(inx, L"|%X", ibegin + (i - nindex) * 2);
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,ibegin+(i-nindex)*2);
- }
- bret = true;
- count++;
- nindex = 0;
- }
- nindex++;
- }
- else
- nindex = 0;
- }
- }
- if (npend[n] >= ibegin + 4096)
- ibegin = ibegin + 4096;
- else
- {
- sizen = npend[n] - ibegin;
- ibegin = ibegin + 4096;
- ::memset(buffData, 0, sizen);
- }
- }
- }
- }
- //while(ibegin<ipend&&ibegin>0)
- // {
- // dwRead=0;
- // memset(buffData,0,2048*sizeof(wchar_t));
- // if(ReadProcessMemory(hprocess,(PVOID)ibegin,buffData,2048*sizeof(wchar_t),&dwRead))
- // {
- // for(int i=0;i<dwRead;i++)
- // {
- // if(buffData[i]==string_value[nindex])
- // {
- // if(len==(nindex+1)) //匹配成功
- // {
- // if(count<=20000)
- // {
- // if(retstrlen==0)
- // retstrlen=wcslen(retstr);
- // if(retstrlen==0)
- // swprintf(retstr,L"%X",ibegin+(i-nindex)*2);
- // else
- // swprintf(retstr,L"%s|%X",retstr,ibegin+(i-nindex)*2);
- // }
- // bret=true;
- // count++;
- // nindex=0;
- // }
- // nindex++;
- // }
- // else
- // nindex=0;
- // }
- // }
- // ibegin=ibegin+2048*sizeof(wchar_t);
- // //ibegin=ibegin+4096-findLength;
- // }
- }
- }
- else //重复查找
- {
- //////////////////0:ASCCII编码查找 1:Unicode编码查找//////////////////////////////
- if (type == 0)//0 : ASCCII
- {
- char buffData[MAX_PATH * 2] = { 0 };
- USES_CONVERSION;
- int len = wcslen(string_value);
- if (len > MAX_PATH)
- return bret;
- char value[MAX_PATH * 2] = { 0 };
- strcpy(value, W2A(string_value));
- len = strlen(value);
- for (int i = 0; i < naddr; i++)
- {
- if (ReadProcessMemory(hprocess, LPVOID(MaxAddrs[i]), &buffData, len, &dwRead))
- {
- if (::memcmp(buffData, value, len) == 0)
- {
- if (count <= 20000)
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", MaxAddrs[i]);
- else
- swprintf(inx, L"|%X", MaxAddrs[i]);
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,MaxAddrs[i]);
- }
- bret = true;
- count++;
- }
- }
- }
- }
- else if (type == 1) //1 :Unicode
- {
- wchar_t buffData[MAX_PATH] = { 0 };
- int len = wcslen(string_value);
- for (int i = 0; i < naddr; i++)
- {
- if (ReadProcessMemory(hprocess, LPVOID(MaxAddrs[i]), &buffData, len, &dwRead))
- {
- if (::memcmp(buffData, string_value, len) == 0)
- {
- if (count <= 20000)
- {
- wchar_t inx[10] = { 0 };
- if (retstrlen == 0)
- retstrlen = wcslen(retstr);
- if (retstrlen == 0)
- swprintf(inx, L"%X", MaxAddrs[i]);
- else
- swprintf(inx, L"|%X", MaxAddrs[i]);
- wcscat(retstr, inx);
- //swprintf(retstr,L"%s|%X",retstr,MaxAddrs[i]);
- }
- bret = true;
- count++;
- }
- }
- }
- }
- }
- }
- return bret;
- }
- bool TSMemoryAPI::TSReadData(LONG hwnd, wchar_t* addr, wchar_t* retstr, LONG len)
- {
- bool bret = false;
- if (len<0 || len>MAX_PATH)
- return bret;
- DWORD pid = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &pid);
- DWORD findaddr = TSGetFindDataAddr(addr, pid);
- if (findaddr == -1)
- return bret;
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- BYTE finddata[MAX_PATH] = { 0 };
- DWORD dwread = 0;
- if (my_ReadProcessMemory)
- my_ReadProcessMemory(hprocess, (LPCVOID)findaddr, finddata, len, &dwread);
- else
- ::ReadProcessMemory(hprocess, (LPCVOID)findaddr, finddata, len, &dwread);
- if (dwread > 0)
- {
- for (int i = 0; i < len; i++)
- {
- if (i == 0)
- {
- if (finddata[i] < 0x10)
- {
- if (finddata[i] >= 0)
- swprintf(retstr, L"%s 0%X", retstr, finddata[i]);
- else
- {
- LONG val = finddata[i] - 0xffffff00;
- swprintf(retstr, L"%s %X", retstr, val);
- }
- }
- else
- swprintf(retstr, L"%X", finddata[i]);
- bret = true;
- }
- else
- {
- if (finddata[i] < 0x10)
- {
- if (finddata[i] >= 0)
- swprintf(retstr, L"%s 0%X", retstr, finddata[i]);
- else
- {
- LONG val = finddata[i] - 0xffffff00;
- swprintf(retstr, L"%s %X", retstr, val);
- }
- }
- else
- swprintf(retstr, L"%s %X", retstr, finddata[i]);
- bret = true;
- }
- }
- }
- CloseHandle(hprocess);
- return bret;
- }
- bool TSMemoryAPI::TSReadDouble(LONG hwnd, wchar_t* addr, double& dvalue, float& fvalue, int type)
- {
- bool bret = false;
- DWORD pid = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &pid);
- DWORD findaddr = TSGetFindDataAddr(addr, pid);
- if (findaddr == -1)
- return bret;
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- DWORD dwread = 0;
- if (type == 0)//type0:DOUBLE,1:FLOAT
- {
- double readdouble = 0;
- if (my_ReadProcessMemory)
- my_ReadProcessMemory(hprocess, (LPCVOID)findaddr, &readdouble, sizeof(double), &dwread);
- else
- ::ReadProcessMemory(hprocess, (LPCVOID)findaddr, &readdouble, sizeof(double), &dwread);
- dvalue = readdouble;
- }
- else if (type == 1)
- {
- float readfloat = 0;
- if (my_ReadProcessMemory)
- my_ReadProcessMemory(hprocess, (LPCVOID)findaddr, &readfloat, sizeof(float), &dwread);
- else
- ::ReadProcessMemory(hprocess, (LPCVOID)findaddr, &readfloat, sizeof(float), &dwread);
- fvalue = readfloat;
- }
- CloseHandle(hprocess);
- if (dwread != 0)
- bret = true;
- return bret;
- }
- bool TSMemoryAPI::TSReadInt(LONG hwnd, wchar_t* addr, int& ivalue, short& svalue, BYTE& bvalue, int type)
- {
- bool bret = false;
- DWORD pid = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &pid);
- DWORD findaddr = TSGetFindDataAddr(addr, pid);
- if (findaddr == -1)
- return bret;
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- DWORD dwread = 0;
- //0 : 32位
- //1 : 16 位
- //2 : 8位
- if (type == 0)
- {
- int value = 0;
- if (my_ReadProcessMemory)
- my_ReadProcessMemory(hprocess, (LPCVOID)findaddr, &value, sizeof(int), &dwread);
- else
- ::ReadProcessMemory(hprocess, (LPCVOID)findaddr, &value, sizeof(int), &dwread);
- ivalue = value;
- }
- else if (type == 1)
- {
- short value = 0;
- if (my_ReadProcessMemory)
- my_ReadProcessMemory(hprocess, (LPCVOID)findaddr, &value, sizeof(short), &dwread);
- else
- ::ReadProcessMemory(hprocess, (LPCVOID)findaddr, &value, sizeof(short), &dwread);
- svalue = value;
- }
- else if (type == 2)
- {
- BYTE value = 0;
- if (my_ReadProcessMemory)
- my_ReadProcessMemory(hprocess, (LPCVOID)findaddr, &value, sizeof(BYTE), &dwread);
- else
- ::ReadProcessMemory(hprocess, (LPCVOID)findaddr, &value, sizeof(BYTE), &dwread);
- bvalue = value;
- }
- CloseHandle(hprocess);
- if (dwread != 0)
- bret = true;
- return bret;
- }
- bool TSMemoryAPI::TSReadString(LONG hwnd, wchar_t* addr, wchar_t* retstr, LONG len, int type)
- {
- bool bret = false;
- if (len > MAX_PATH)
- return bret;
- DWORD pid = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &pid);
- DWORD findaddr = TSGetFindDataAddr(addr, pid);
- if (findaddr == -1)
- return bret;
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- DWORD dwread = 0;
- ////0 : GBK字符串
- ////1 :Unicode字符串
- if (type == 0)
- {
- char strvalue[MAX_PATH] = { 0 };
- if (my_ReadProcessMemory)
- my_ReadProcessMemory(hprocess, (LPCVOID)findaddr, strvalue, len, &dwread);
- else
- ::ReadProcessMemory(hprocess, (LPCVOID)findaddr, strvalue, len, &dwread);
- USES_CONVERSION;
- wcscpy(retstr, A2W(strvalue));
- }
- else if (type == 1)
- {
- wchar_t wstrvlue[MAX_PATH] = { 0 };
- if (my_ReadProcessMemory)
- my_ReadProcessMemory(hprocess, (LPCVOID)findaddr, wstrvlue, len * sizeof(wchar_t), &dwread);
- else
- ::ReadProcessMemory(hprocess, (LPCVOID)findaddr, wstrvlue, len * sizeof(wchar_t), &dwread);
- wcscpy(retstr, wstrvlue);
- }
- CloseHandle(hprocess);
- if (dwread != 0)
- bret = true;
- return bret;
- }
- bool TSMemoryAPI::TSTerminateProcess(LONG pid)
- {
- bool bret = false;
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- if (my_TerminateProcess)
- bret = my_TerminateProcess(hprocess, 0);
- else
- bret = ::TerminateProcess(hprocess, 0);
- CloseHandle(hprocess);
- return bret;
- }
- bool TSMemoryAPI::TSVirtualAllocEx(LONG hwnd, LONG& addr, LONG size, LONG type)
- {
- bool bret = false;
- DWORD pid = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &pid);
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- DWORD dwtype = 0;
- if (type == 0)//可读可写可执行
- {
- dwtype = PAGE_EXECUTE_READWRITE;
- }
- else//1 : 可读可执行,不可写
- {
- dwtype = PAGE_EXECUTE_READ;
- }
- LPVOID retaddr = NULL;
- if (dwtype != 0)
- retaddr = ::VirtualAllocEx(hprocess, (void*)addr, size, MEM_COMMIT, dwtype);
- CloseHandle(hprocess);
- addr = (DWORD)retaddr;
- return bret;
- }
- bool TSMemoryAPI::TSVirtualFreeEx(LONG hwnd, LONG addr)
- {
- bool bret = false;
- DWORD pid = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &pid);
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- bret = ::VirtualFreeEx(hprocess, (void*)addr, 0, MEM_RELEASE);
- CloseHandle(hprocess);
- return bret;
- }
- bool TSMemoryAPI::TSWriteData(LONG hwnd, wchar_t* addr, wchar_t* data)
- {
- bool bret = false;
- DWORD pid = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &pid);
- DWORD findaddr = TSGetFindDataAddr(addr, pid);
- if (findaddr == -1)
- return bret;
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- DWORD dwwrite = 0;
- DWORD Finddata[MAX_PATH] = { 0 };
- int nconut = 0;//返回 data的个数
- TSGetDataValue(data, Finddata, nconut);
- if (nconut <= 0)
- return bret;
- BYTE strvalue[MAX_PATH * 10] = { 0 };
- for (int i = 0; i < nconut; i++)
- {
- strvalue[i] = Finddata[i];
- }
- DWORD dwback;
- if (my_VirtualProtectEx)
- my_VirtualProtectEx(hprocess, (void*)findaddr, nconut, PAGE_EXECUTE_READWRITE, &dwback);
- else
- ::VirtualProtectEx(hprocess, (void*)findaddr, nconut, PAGE_EXECUTE_READWRITE, &dwback);
- if (my_WriteProcessMemory)
- bret = my_WriteProcessMemory(hprocess, (void*)findaddr, strvalue, nconut, &dwwrite);
- else
- bret = ::WriteProcessMemory(hprocess, (void*)findaddr, strvalue, nconut, &dwwrite);
- if (my_VirtualProtectEx)
- bret = my_VirtualProtectEx(hprocess, (void*)findaddr, nconut, dwback, &dwback);
- else
- bret = ::VirtualProtectEx(hprocess, (void*)findaddr, nconut, dwback, &dwback);
- CloseHandle(hprocess);
- return bret;
- }
- bool TSMemoryAPI::TSWriteDouble(LONG hwnd, wchar_t* addr, DOUBLE dvalue, FLOAT fvlaue)
- {
- bool bret = false;
- DWORD pid = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &pid);
- DWORD findaddr = TSGetFindDataAddr(addr, pid);
- if (findaddr == -1)
- return bret;
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- DWORD dwback;
- if (my_VirtualProtectEx)
- my_VirtualProtectEx(hprocess, (void*)findaddr, sizeof(DOUBLE), PAGE_EXECUTE_READWRITE, &dwback);
- else
- ::VirtualProtectEx(hprocess, (void*)findaddr, sizeof(DOUBLE), PAGE_EXECUTE_READWRITE, &dwback);
- DWORD dwwrite = 0;
- if (dvalue != 0)
- {
- if (my_WriteProcessMemory)
- bret = my_WriteProcessMemory(hprocess, (void*)findaddr, &dvalue, sizeof(DOUBLE), &dwwrite);
- else
- bret = ::WriteProcessMemory(hprocess, (void*)findaddr, &dvalue, sizeof(DOUBLE), &dwwrite);
- }
- else if (fvlaue != 0)
- {
- if (my_WriteProcessMemory)
- bret = my_WriteProcessMemory(hprocess, (void*)findaddr, &fvlaue, sizeof(FLOAT), &dwwrite);
- else
- bret = ::WriteProcessMemory(hprocess, (void*)findaddr, &fvlaue, sizeof(FLOAT), &dwwrite);
- }
- if (my_VirtualProtectEx)
- bret = my_VirtualProtectEx(hprocess, (void*)findaddr, sizeof(DOUBLE), dwback, &dwback);
- else
- bret = ::VirtualProtectEx(hprocess, (void*)findaddr, sizeof(DOUBLE), dwback, &dwback);
- CloseHandle(hprocess);
- return bret;
- }
- bool TSMemoryAPI::TSWriteInt(LONG hwnd, wchar_t* addr, int ivalue, short svalue, BYTE bvalue)
- {
- bool bret = false;
- DWORD pid = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &pid);
- DWORD findaddr = TSGetFindDataAddr(addr, pid);
- if (findaddr == -1)
- return bret;
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- DWORD dwwrite = 0;
- DWORD dwback;
- if (my_VirtualProtectEx)
- my_VirtualProtectEx(hprocess, (void*)findaddr, sizeof(int), PAGE_EXECUTE_READWRITE, &dwback);
- else
- ::VirtualProtectEx(hprocess, (void*)findaddr, sizeof(int), PAGE_EXECUTE_READWRITE, &dwback);
- if (ivalue != 0)
- {
- if (my_WriteProcessMemory)
- bret = my_WriteProcessMemory(hprocess, (void*)findaddr, &ivalue, sizeof(int), &dwwrite);
- else
- bret = ::WriteProcessMemory(hprocess, (void*)findaddr, &ivalue, sizeof(int), &dwwrite);
- }
- else if (svalue != 0)
- {
- if (my_WriteProcessMemory)
- bret = my_WriteProcessMemory(hprocess, (void*)findaddr, &svalue, sizeof(short), &dwwrite);
- else
- bret = ::WriteProcessMemory(hprocess, (void*)findaddr, &svalue, sizeof(short), &dwwrite);
- }
- else if (bvalue != 0)
- {
- if (my_WriteProcessMemory)
- bret = my_WriteProcessMemory(hprocess, (void*)findaddr, &bvalue, sizeof(BYTE), &dwwrite);
- else
- bret = ::WriteProcessMemory(hprocess, (void*)findaddr, &bvalue, sizeof(BYTE), &dwwrite);
- }
- if (my_VirtualProtectEx)
- bret = my_VirtualProtectEx(hprocess, (void*)findaddr, sizeof(int), dwback, &dwback);
- else
- bret = ::VirtualProtectEx(hprocess, (void*)findaddr, sizeof(int), dwback, &dwback);
- CloseHandle(hprocess);
- return bret;
- }
- bool TSMemoryAPI::TSWriteString(LONG hwnd, wchar_t* addr, wchar_t* strvalue, LONG type)
- {
- bool bret = false;
- int len = wcslen(strvalue);
- if (len == 0 || len > MAX_PATH)
- return bret;
- DWORD pid = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &pid);
- DWORD findaddr = TSGetFindDataAddr(addr, pid);
- if (findaddr == -1)
- return bret;
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(pid);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)pid;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- DWORD dwwrite = 0;
- DWORD dwback;
- if (my_VirtualProtectEx)
- my_VirtualProtectEx(hprocess, (void*)findaddr, len, PAGE_EXECUTE_READWRITE, &dwback);
- else
- ::VirtualProtectEx(hprocess, (void*)findaddr, len, PAGE_EXECUTE_READWRITE, &dwback);
- if (type == 0)//Ascii字符串
- {
- USES_CONVERSION;
- char strchar[MAX_PATH * 2] = { 0 };
- strcpy(strchar, W2A(strvalue));
- int len = strlen(strchar);
- if (my_ReadProcessMemory)
- my_WriteProcessMemory(hprocess, (void*)findaddr, strchar, len, &dwwrite);
- else
- ::WriteProcessMemory(hprocess, (void*)findaddr, strchar, len, &dwwrite);
- }
- else if (type == 1)
- {
- if (my_ReadProcessMemory)
- bret = my_WriteProcessMemory(hprocess, (void*)findaddr, strvalue, len, &dwwrite);
- else
- bret = ::WriteProcessMemory(hprocess, (void*)findaddr, strvalue, len, &dwwrite);
- }
- if (my_VirtualProtectEx)
- bret = my_VirtualProtectEx(hprocess, (void*)findaddr, len, dwback, &dwback);
- else
- bret = ::VirtualProtectEx(hprocess, (void*)findaddr, len, dwback, &dwback);
- CloseHandle(hprocess);
- return bret;
- }
- bool TSMemoryAPI::GetFindaddr(HANDLE hprocess, PVOID lpbegin, PVOID lpend, DWORD* ibegin, DWORD* ipend, int& ncount)
- {
- bool bret = false;
- int index = 0;
- SYSTEM_INFO si_info;
- MEMORY_BASIC_INFORMATION mbi;
- DWORD rett;
- GetSystemInfo(&si_info);
- DWORD len = sizeof(MEMORY_BASIC_INFORMATION);
- PVOID addr = si_info.lpMinimumApplicationAddress;
- bool bfind = false;
- do
- {
- rett = VirtualQueryEx(hprocess, addr, &mbi, len);
- if (mbi.Type == MEM_IMAGE || mbi.Type == MEM_PRIVATE) //找到了块
- {
- //MessageBox(0,L"找到了块",0,0);
- if (lpbegin == 0)
- lpbegin = LPVOID(mbi.AllocationBase);
- else if (bfind == false)
- lpbegin = addr;
- if (lpend == 0)
- {
- lpend = si_info.lpMaximumApplicationAddress;
- }
- ibegin[index] = int(lpbegin);
- ipend[index] = int(lpend);
- bfind = true;
- //break;
- }
- else
- {
- if (ibegin != 0 && bfind == true)
- {
- ipend[index] = (DWORD)mbi.BaseAddress + mbi.RegionSize;
- bfind = false;
- index++;
- bret = true;
- }
- }
- addr = ((PBYTE)mbi.BaseAddress + mbi.RegionSize);
- } while (rett == len);
- ncount = index;
- for (int i = 0; i < index; i++)
- {
- if (((DWORD)ipend[i] - (DWORD)ibegin[i]) > 0xF00000)
- {
- DWORD end = ipend[i];
- ipend[i] = ibegin[i] + 0xF00000;
- DWORD iend = ipend[i];
- while ((end - (DWORD)iend) > 0xF00000)
- {
- ibegin[ncount] = iend;
- ipend[ncount] = ibegin[ncount] + 0xF00000;
- ncount++;
- iend = iend + 0xF00000;
- }
- ibegin[ncount] = iend;
- ipend[ncount] = end;
- ncount++;
- }
- }
- return bret;
- }
- bool TSMemoryAPI::TSGetCmdLine(LONG hwnd, wchar_t* retstr)
- {
- bool bret = false;
- DWORD dwPID = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &dwPID);
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(dwPID);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)dwPID;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- NtQueryInformationProcess = (PROCNTQSIP)GetProcAddress(GetModuleHandle(L"ntdll"), "NtQueryInformationProcess");
- PROCESS_BASIC_INFORMATION pbis;
- PEB pebs;
- PROCESS_PARAMETERS ppms;
- TCHAR* text = 0;
- NtQueryInformationProcess(hprocess, 0, &pbis, sizeof(PROCESS_BASIC_INFORMATION), 0);
- ReadProcessMemory(hprocess, pbis.PebBaseAddress, &pebs, sizeof(PEB), 0);
- ReadProcessMemory(hprocess, pebs.ProcessParameters, &ppms, sizeof(PROCESS_PARAMETERS), 0);
- text = (TCHAR*)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, ppms.CommandLine.MaximumLength);
- ReadProcessMemory(hprocess, ppms.CommandLine.Buffer, text, ppms.CommandLine.Length, 0);
- if (text)
- {
- wcscpy(retstr, text);
- bret = true;
- }
- ::HeapFree(GetProcessHeap(), HEAP_NO_SERIALIZE, text);
- return bret;
- }
- bool TSMemoryAPI::TSAsmAdd(wchar_t* asm_ins)
- {
- bool bret = false;
- char asmcode[MAX_PATH] = { 0 };
- USES_CONVERSION;
- strcpy(asmcode, W2A(asm_ins));
- char erro[MAX_PATH] = { 0 };
- int len = -1;
- char* charcall = strstr(::CharLowerA(asmcode), "call");
- if (charcall != NULL)//判断是否是Call指令,记住Call地址
- {
- if (strlen(Asmcalladdr) == 0)
- strcpy(Asmcalladdr, charcall);
- return true;
- }
- else
- len = tsasm.Assemble(asmcode, NULL, &am, 0, 0, erro); //将汇编指令转为机器码
- if (len < 0)
- return bret;
- else
- bret = true;
- for (int i = 0; i < len; i++)
- {
- char asmcodes[10] = { 0 };
- if (am.code[i] >= 0x10)
- sprintf(asmcodes, "%X", am.code[i]);
- else
- sprintf(asmcodes, "0%X", am.code[i]);
- if (am.code[i] != 0)
- asmcodearry = asmcodearry + asmcodes;//这里做拼接
- else
- {
- int serlen = asmcodearry.length();
- serlen = serlen + 1;
- asmcodearry.resize(serlen);
- }
- }
- //int charlen=strlen(asmcode);
- //int serlen=asmcodearry.length();
- //if(charlen<len)
- // asmcodearry.resize(serlen+(len-charlen));
- return bret;
- }
- DWORD TSMemoryAPI::GetCallstartData(DWORD Allocaddr, DWORD* startaddr, char* code)//获取CALL地址前的汇编指令
- {
- CMgAsmBase::t_asmmodel tam;
- char erro[MAX_PATH] = { 0 };
- char asmcode[MAX_PATH] = { 0 };
- Allocaddr = Allocaddr + 0x1000;
- if (code == NULL)
- sprintf(asmcode, "push %x", Allocaddr);
- else
- sprintf(asmcode, "%s", code);
- LONG l = tsasm.Assemble(asmcode, Allocaddr, &tam, 0, 0, erro); //将汇编指令转为机器码
- for (int i = 0; i < l; i++)
- {
- startaddr[i] = tam.code[i];
- }
- return l;
- }
- bool TSMemoryAPI::TSAsmCall(LONG hwnd, LONG mode)
- {
- bool bret = false;
- int len = asmcodearry.length();
- if (strlen(Asmcalladdr) <= 0)
- return bret;
- DWORD dwPID = 0;
- DWORD treadid = 0;
- //if(my_GetWindowThreadProcessId)
- // my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //else
- My_GetWindowThreadProcessId((HWND)hwnd, &dwPID);
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- if (mode == 1) //1 : 对hwnd指定的进程内执行,注入模式为创建远程线程
- {
- //if(my_OpenProcess)
- // hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- //else
- // hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
- hprocess = My_OpenProcess(dwPID);
- if (hprocess == NULL)
- {
- if (my_ZwOpenProcess)
- {
- CLIENT_ID Cileid;
- Cileid.UniqueProcess = (HANDLE)dwPID;
- my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
- }
- if (hprocess == NULL)
- return bret;
- }
- }
- else if (mode == 0) //0 : 在本进程中进行执行,这时hwnd无效
- {
- hprocess = ::GetCurrentProcess();
- treadid = GetCurrentThreadId();
- }
- else
- {
- return bret;
- }
- if (allocatememory)
- {
- ::VirtualFreeEx(hprocess, allocatememory, 0, MEM_RELEASE);
- allocatememory = NULL;
- }
- allocatememory = ::VirtualAllocEx(hprocess, NULL, 0x2000, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
- if (allocatememory)
- {
- char retstring[MAX_PATH * 10] = { 0 };
- int retstrlen = 0;
- if (len != 0)
- {
- //asmcodearry="9C60"+asmcodearry;//pushfd,pushad;保持堆栈平衡
- len = asmcodearry.length();
- for (int i = 0; i < len; i++)
- {
- int stringlen = 0;
- {
- stringlen = strlen(&asmcodearry.c_str()[i]);
- if (stringlen > 0)
- {
- LONG val = ::strtol(&asmcodearry.c_str()[i], 0, 16);
- if (val >= 0x10)
- {
- if (val <= 0xff)
- {
- if (retstrlen == 0)
- retstrlen = strlen(retstring);
- if (retstrlen == 0)
- sprintf(retstring, "%s", &asmcodearry.c_str()[i]);
- else
- sprintf(retstring, "%s %s", retstring, &asmcodearry.c_str()[i]);
- }
- else
- {
- int len = strlen(&asmcodearry.c_str()[i]);
- char str[16] = { 0 };
- strcpy(str, &asmcodearry.c_str()[i]);
- for (int n = 0; n < len; n = n + 2)
- {
- char nstr[2] = { 0 };
- strncpy(nstr, &str[n], 2);
- int strn = strtol(nstr, 0, 16);
- if (n + 2 != len || n + 2 < len)
- {
- if (retstrlen == 0)
- retstrlen = strlen(retstring);
- if (retstrlen == 0)
- {
- if (strn >= 0x10)
- sprintf(retstring, "%X", strn);
- else
- sprintf(retstring, "0%X", strn);
- }
- else
- {
- if (strn >= 0x10)
- sprintf(retstring, "%s %X", retstring, strn);
- else
- sprintf(retstring, "%s 0%X", retstring, strn);
- }
- }
- else
- {
- if (len % 2 == 0)
- {
- if (strn >= 0x10)
- sprintf(retstring, "%s %X", retstring, strn);
- else
- sprintf(retstring, "%s 0%X", retstring, strn);
- }
- else
- {
- if (strn >= 0x10)
- sprintf(retstring, "%s %X", retstring, strn);
- else
- sprintf(retstring, "%s 0%X", retstring, strn);
- }
- }
- }
- }
- }
- else
- sprintf(retstring, "%s 0%s", retstring, &asmcodearry.c_str()[i]);
- i = i + stringlen - 1;
- }
- else
- sprintf(retstring, "%s 00", retstring);
- }
- }
- }
- DWORD datas[MAX_PATH * 10] = { 0 };
- int count = 0;
- int lenth = 0;
- if (strlen(retstring) > 0)
- {
- DWORD data[10] = { 0 };
- int len = GetCallstartData((DWORD)allocatememory, data);
- for (int i = 0; i < len; i++)
- {
- datas[i] = data[i];
- }
- memset(data, 0, len);
- int l = len;
- lenth = lenth + len;
- len = GetCallstartData((DWORD)allocatememory + l, data, "push dword ptr fs:[0]");
- for (int i = 0; i < len; i++)
- {
- datas[lenth + i] = data[i];
- }
- memset(data, 0, len);
- l = len;
- lenth = lenth + len;
- len = GetCallstartData((DWORD)allocatememory + l, data, "mov dword ptr fs:[0],esp");
- for (int i = 0; i < len; i++)
- {
- datas[lenth + i] = data[i];
- }
- lenth = lenth + len;
- USES_CONVERSION;
- wchar_t wretsting[MAX_PATH * 10] = { 0 };
- wcscpy(wretsting, A2W(retstring));
- TSGetDataValue(wretsting, &datas[lenth], count);
- }
- BYTE helpByte[MAX_PATH * 10] = { 0 };
- for (int i = 0; i < count + lenth; i++)
- {
- helpByte[i] = datas[i];
- }
- char erro[MAX_PATH] = { 0 };
- int calllen = tsasm.Assemble(Asmcalladdr, ((DWORD)allocatememory + count + lenth), &am, 0, 0, erro); //将汇编指令转为机器码
- if (calllen > 0)
- {
- memcpy(&helpByte[count + lenth], am.code, calllen);
- calllen = calllen + count + lenth;
- if (count != 0)
- {
- BYTE CallendData[] = { 0x8b,0x1c,0x24,0x64,0x89,0x1d,0x0,0x0,0x0,0x0,0x81,0xc4,0x08,0x0,0x0,0x0,0xc2,0x04,0x0 };
- //CallendData存储的机器码对应汇编指令
- //mov ebx,dword ptr ss:[esp]
- //mov dword ptr fs:[0],ebx
- //add esp,0x8
- //retn 0x4;
- memcpy(&helpByte[calllen], CallendData, sizeof(CallendData));
- calllen = calllen + sizeof(CallendData) + 1;
- }
- if (my_WriteProcessMemory)
- bret = my_WriteProcessMemory(hprocess, (void*)allocatememory, (void*)helpByte, calllen, 0);
- else
- bret = ::WriteProcessMemory(hprocess, (void*)allocatememory, (void*)helpByte, calllen, 0);
- HANDLE hthread = NULL;
- ////判断是否DX绑定窗口
- //char pszMapName[MAX_PATH]={0};
- //DWORD Pid=0;
- //My_GetWindowThreadProcessId((HWND)hwnd,&Pid);
- //sprintf( pszMapName,"%s%d",TS_MAPVIEW_NAME,Pid);
- //HANDLE hFileMap = OpenFileMappingA(FILE_MAP_ALL_ACCESS, FALSE, pszMapName);
- //////如果hFileMap句柄不为空说明DLL绑定注入
- //if(hFileMap!=NULL) //说明已经DX绑定
- // hthread=(HANDLE)::SendMessage((HWND)hwnd,TS_ASMCALL,(WPARAM)allocatememory,0);
- //else
- hthread = ::CreateRemoteThread(hprocess, NULL, 0, (LPTHREAD_START_ROUTINE)(allocatememory), 0, 0, &treadid);
- //CloseHandle(hFileMap);
- if (hthread != NULL)
- bret = true;
- DWORD ExitCode = 0;
- //Sleep(50);//等待50毫秒,等待线程执行完毕
- ::GetExitCodeThread(hthread, &ExitCode);
- if (ExitCode != STILL_ACTIVE)//判断线程是否退出
- {
- if (allocatememory)
- {
- ::VirtualFreeEx(hprocess, allocatememory, 0, MEM_RELEASE);
- allocatememory = NULL;
- }
- }
- }
- }
- asmcodearry.clear();
- memset(Asmcalladdr, 0, MAX_PATH);
- return bret;
- }
- bool TSMemoryAPI::TSAsmClear()
- {
- asmcodearry.clear();
- memset(Asmcalladdr, 0, MAX_PATH);
- return true;
- }
- bool TSMemoryAPI::TSAsmCode(LONG base_addr, wchar_t* retstr)
- {
- bool bret = false;
- int len = asmcodearry.length();
- char retstring[MAX_PATH * 10] = { 0 };
- int retstrlen = 0;
- for (int i = 0; i < len; i++)
- {
- int stringlen = 0;
- {
- stringlen = strlen(&asmcodearry.c_str()[i]);
- if (stringlen > 0)
- {
- LONG val = ::strtol(&asmcodearry.c_str()[i], 0, 16);
- if (val >= 0x10)
- {
- if (val <= 0xff)
- {
- if (retstrlen == 0)
- retstrlen = strlen(retstring);
- if (retstrlen == 0)
- sprintf(retstring, "%s", &asmcodearry.c_str()[i]);
- else
- sprintf(retstring, "%s %s", retstring, &asmcodearry.c_str()[i]);
- }
- else
- {
- int len = strlen(&asmcodearry.c_str()[i]);
- char str[MAX_PATH] = { 0 };
- strcpy(str, &asmcodearry.c_str()[i]);
- for (int n = 0; n < len; n = n + 2)
- {
- char nstr[2] = { 0 };
- strncpy(nstr, &str[n], 2);
- int strn = strtol(nstr, 0, 16);
- if (n + 2 != len || n + 2 < len)
- {
- if (retstrlen == 0)
- retstrlen = strlen(retstring);
- if (retstrlen == 0)
- {
- if (strn >= 0x10)
- sprintf(retstring, "%X", strn);
- else
- sprintf(retstring, "0%X", strn);
- }
- else
- {
- if (strn >= 0x10)
- sprintf(retstring, "%s %X", retstring, strn);
- else
- sprintf(retstring, "%s 0%X", retstring, strn);
- }
- }
- else
- {
- if (len % 2 == 0)
- {
- if (strn >= 0x10)
- sprintf(retstring, "%s %X", retstring, strn);
- else
- sprintf(retstring, "%s 0%X", retstring, strn);
- }
- else
- {
- if (strn >= 0x10)
- sprintf(retstring, "%s %X", retstring, strn);
- else
- sprintf(retstring, "%s 0%X", retstring, strn);
- }
- }
- }
- }
- }
- else
- sprintf(retstring, "%s 0%s", retstring, &asmcodearry.c_str()[i]);
- i = i + stringlen - 1;
- }
- else
- sprintf(retstring, "%s 00", retstring);
- }
- bret = true;
- }
- if (strlen(Asmcalladdr) != 0)
- {
- char erro[MAX_PATH] = { 0 };
- int calllen = tsasm.Assemble(Asmcalladdr, base_addr, &am, 0, 0, erro); //将汇编指令转为机器码
- for (int i = 0; i < calllen; i++)
- {
- if (strlen(retstring) == 0)
- {
- if (am.code[i] >= 0)
- if (am.code[i] >= 0x10)
- sprintf(retstring, "%X", am.code[i]);
- else
- sprintf(retstring, "%s 0%X", retstring, am.code[i]);
- else
- {
- LONG val = am.code[i] - 0xffffff00;
- if (val >= 0x10)
- sprintf(retstring, "%s %X", retstring, val);
- else
- sprintf(retstring, "%s 0%X", retstring, val);
- }
- }
- else
- {
- if (am.code[i] >= 0)
- if (am.code[i] >= 0x10)
- sprintf(retstring, "%s %X", retstring, am.code[i]);
- else
- sprintf(retstring, "%s 0%X", retstring, am.code[i]);
- else
- {
- LONG val = am.code[i] - 0xffffff00;
- if (val >= 0x10)
- sprintf(retstring, "%s %X", retstring, val);
- else
- sprintf(retstring, "%s 0%X", retstring, val);
- }
- };
- bret = true;
- }
- }
- USES_CONVERSION;
- wcscpy(retstr, A2W(retstring));
- return bret;
- }
- bool TSMemoryAPI::TSAssemble(wchar_t* asm_code, LONG base_addr, LONG is_upper, wchar_t* retstr)
- {
- bool bret = false;
- if (wcslen(asm_code) <= 0)
- return bret;
- CMgDisasmBase::t_disasm da;
- tsdsm.m_nIDEAL = 0; tsdsm.m_nLowercase = is_upper; tsdsm.m_nPutDefSeg = 0;
- DWORD datas[MAX_PATH * 10] = { 0 };
- int count = 0;
- TSGetDataValue(asm_code, datas, count);
- if (count <= 0)
- return bret;
- BYTE helpByte[MAX_PATH * 10] = { 0 };
- for (int i = 0; i < count; i++)
- {
- helpByte[i] = datas[i];
- }
- ulong l = tsdsm.Disasm((char*)helpByte, count, 0, &da, DISASM_CODE);
- USES_CONVERSION;
- wcscpy(retstr, A2W(da.result));
- return bret;
- }
- bool TSMemoryAPI::TSFreeProcessMemory(LONG hwnd)
- {
- DWORD nPid = 0;
- My_GetWindowThreadProcessId((HWND)hwnd, &nPid);
- TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
- HANDLE hprocess = NULL;
- hprocess = My_OpenProcess(nPid);
- SetProcessWorkingSetSize(hprocess, -1, -1);
- //内存整理
- EmptyWorkingSet(hprocess);
- CloseHandle(hprocess);
- return true;
- }
|