| 技术论坛 |
|
|
| ≡技术区≡ ① |
| DELPHI技术 |
| lazarus/fpc/Free Pascal |
| 移动应用开发 |
| Web应用开发 |
| 数据库专区 |
| 报表专区 |
| 网络通讯 |
| 开源项目 |
| 论坛精华贴 |
| ≡发布区≡ ② |
| 发布代码 |
| 发布控件 |
| 文档资料 |
| 经典工具 |
| ≡事务区≡ ③ |
| 网站意见 |
| 盒子之家 |
| 招聘应聘 |
| 信息交换 |
| 论坛信息 |
|||
|
| 导航: | 论坛 -> DELPHI技术 斑竹:liumazi,sephil | |||||
| 作者: |
|
2021/4/22 14:17:41 | ||||
| 标题: |
|
加入我的收藏 | ||||
| 楼主: | 最近正学习CE基址的搜索,找到后不知道怎样编写代码,求助高手指点一下。
- |
|||||
| 作者: |
|
2021/4/22 14:22:43 | ||||
| 1楼: | 请教怎样通过基址00488BDC偏移104、4C、32C,最终转换为指针 021E2450,再读出里面的值? ---------------------------------------------- - |
|||||
| 作者: |
|
2021/4/23 12:31:54 | ||||
| 2楼: | 我猜你是想要这个: a = PDWORD(PDWORD(00488BDC)^+$104)^; ---------------------------------------------- - |
|||||
| 作者: |
|
2021/4/23 12:42:38 | ||||
| 3楼: | @sdzzb 请问只能用PDWORD吗 还有其他变量可以用吗? 其他变量 能写下写法吗。。谢谢, 另外 lz 拿到的是 基址? 表示怀疑 ---------------------------------------------- [alias] co = clone --recurse-submodules up = submodule update --init --recursiveupd = pullinfo = statusrest = reset --hard懒鬼提速  https://www.cctry.com/>http://qalculate.github.io/downloads.htmlhttps://www.cctry.com/
|
|||||
| 作者: |
|
2021/4/23 12:47:55 | ||||
| 4楼: | 都可以,看你的数据类型了 ---------------------------------------------- - |
|||||
| 作者: |
|
2021/4/23 12:53:53 | ||||
| 5楼: | @sdzzb 用 NativeInt 怎么表示 a = PNativeInt(PNativeInt(00488BDC)^+$104)^; 这样可行?? 官方文档 http://docwiki.embarcadero.com/RADStudio/Sydney/en/Delphi_Data_Types_for_API_Integration http://docwiki.embarcadero.com/RADStudio/Sydney/en/Pointers_and_Pointer_Types_(Delphi) http://docwiki.embarcadero.com/RADStudio/Sydney/en/Simple_Types_(Delphi) ---------------------------------------------- [alias] co = clone --recurse-submodules up = submodule update --init --recursiveupd = pullinfo = statusrest = reset --hard懒鬼提速 https://www.cctry.com/>http://qalculate.github.io/downloads.htmlhttps://www.cctry.com/
|
|||||
| 作者: |
|
2021/4/23 16:47:32 | ||||
| 6楼: | 看看我复制数据的过程: procedure InnerCopyData(ASource, ADest: Pointer; ACount: Integer); overload; begin Move(ASource^, ADest^, ACount); end; procedure InnerCopyData(ASource, ADest: NativeInt; ACount: Integer); overload; begin InnerCopyData(Pointer(ASource), Pointer(ADest), ACount); end; procedure InnerCopyData(ASource: Pointer; ADest: NativeInt; ACount: Integer); overload; begin InnerCopyData(ASource, Pointer(ADest), ACount); end; procedure InnerCopyData(ASource: NativeInt; ADest: Pointer; ACount: Integer); overload; begin InnerCopyData(Pointer(ASource), ADest, ACount); end; 因此: 指针转换成 NativeInt 就用 Value := NativeInt(p); 反之: p := Pointer(Value); ---------------------------------------------- 我84砖家 |
|||||
| 作者: |
|
2021/4/23 18:38:37 | ||||
| 7楼: | @sczhyq 感谢。 ---------------------------------------------- [alias] co = clone --recurse-submodules up = submodule update --init --recursiveupd = pullinfo = statusrest = reset --hard懒鬼提速 https://www.cctry.com/>http://qalculate.github.io/downloads.htmlhttps://www.cctry.com/
|
|||||
| 作者: |
|
2021/4/25 10:25:45 | ||||
| 8楼: | 感谢大家的帮助 ---------------------------------------------- - |
|||||
| 作者: |
|
2021/4/25 10:37:32 | ||||
| 9楼: | var x,BWT,addre,PID:DWORD; ss,ss2:string; hw:hwnd; hand: THandle; begin hw:=FindWindow(nil,'ABCs' ); if hw=0 then exit; GetWindowThreadprocessID(hw,PID); hand:=OpenProcess(PROCESS_ALL_ACCESS,false,PID); ss2:='00488BDC'; //基址坐标 readprocessmemory(hand,pointer(StrToInt('$'+ss2)),@addre,4,BWT); ss2:=IntToHex(addre+260,8); //偏移 readprocessmemory(hand,pointer(StrToInt('$'+ss2)),@addre,4,BWT); ss2:=IntToHex(addre+76,8); //偏移 readprocessmemory(hand,pointer(StrToInt('$'+ss2)),@addre,4,BWT); ss2:=IntToHex(addre+772,8); //偏移 readprocessmemory(hand,pointer(StrToInt('$'+ss2)),@addre,4,BWT); ss2:=IntToHex(addre+108,8); //偏移 readprocessmemory(hand,pointer(StrToInt('$'+ss2)),@addre,4,BWT); readProcessMemory(hand,Pointer(StrToInt('$'+ IntToHex(addre+2604,8))),@x,4, BWT); edit2.Text:=inttostr(x); end; ---------------------------------------------- - |
|||||
| 信息 |
| 登陆以后才能回复 |
