这篇教程C++ GetModuleInformation函数代码示例写得很实用,希望能帮到您。
本文整理汇总了C++中GetModuleInformation函数的典型用法代码示例。如果您正苦于以下问题:C++ GetModuleInformation函数的具体用法?C++ GetModuleInformation怎么用?C++ GetModuleInformation使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。 在下文中一共展示了GetModuleInformation函数的29个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。 示例1: gethandleint CMemUtil::GetProcessBaseAddr(int processId){ HANDLE dwHandle = gethandle(processId); if (processId == m_prevProcessIdBase && m_prevProcessIdBase != -1 && m_prevBaseAddr != NULL) { return m_prevBaseAddr; } else { m_prevProcessIdBase = -1; m_prevBaseAddr = NULL; } int ret = 0; int isNotFromNormalScan = 0; if (dwHandle) { unsigned long moduleCount = 0; EnumProcessModules(dwHandle, NULL, 0, &moduleCount); moduleCount = moduleCount / sizeof(HMODULE); HMODULE *modules = (HMODULE*)calloc(moduleCount, sizeof(HMODULE)); char moduleName[64]; EnumProcessModules(dwHandle, modules, moduleCount * sizeof(HMODULE), &moduleCount); for (unsigned long i = 0; i < moduleCount; i++) { GetModuleBaseName(dwHandle, modules[i], moduleName, sizeof(moduleName)); if (_strcmpi(moduleName, "Tibia.exe") == 0) { MODULEINFO moduleInfo; GetModuleInformation(dwHandle, modules[i], &moduleInfo, sizeof(moduleInfo)); //isNotFromNormalScan=0; // commented to see if Tibia.exe in sometimes not first ret = (int)moduleInfo.lpBaseOfDll; break; } if (i == 0) // catches first module in case Tibia.exe does not exist { MODULEINFO moduleInfo; GetModuleInformation(dwHandle, modules[i], &moduleInfo, sizeof(moduleInfo)); isNotFromNormalScan = 1; ret = (int)moduleInfo.lpBaseOfDll; } } free(modules); modules = NULL; } if (isNotFromNormalScan) AfxMessageBox("While finding base address, main module was no first or was not named /"Tibia.exe/"."); if (ret) { m_prevBaseAddr = ret; m_prevProcessIdBase = processId; } return ret;}
开发者ID:Wisling,项目名称:tibiaauto,代码行数:55,
示例2: GetProcessBaseAddrint GetProcessBaseAddr(){ static HANDLE dwHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, ::GetCurrentProcessId()); if (dwHandle == NULL) { CloseHandle(dwHandle); AfxMessageBox("Unable to read Tibia memory!"); } int ret = 0; int isNotFromNormalScan = 0; if (dwHandle) { unsigned long moduleCount = 0; EnumProcessModules(dwHandle, NULL, 0, &moduleCount); moduleCount = moduleCount / sizeof(HMODULE); HMODULE *modules = (HMODULE*)calloc(moduleCount, sizeof(HMODULE)); char moduleName[64]; unsigned long dummy; EnumProcessModules(dwHandle, modules, moduleCount * sizeof(HMODULE), &dummy); for (size_t i = 0; i < moduleCount; i++) { GetModuleBaseName(dwHandle, modules[i], moduleName, sizeof(moduleName)); if (_strcmpi(moduleName, "Tibia.exe") == 0) { MODULEINFO moduleInfo; GetModuleInformation(dwHandle, modules[i], &moduleInfo, sizeof(moduleInfo)); isNotFromNormalScan = 0; // commented to see if Tibia.exe in sometimes not first ret = (int)moduleInfo.lpBaseOfDll; break; } if (i == 0) // catches first module in case Tibia.exe does not exist { MODULEINFO moduleInfo; GetModuleInformation(dwHandle, modules[i], &moduleInfo, sizeof(moduleInfo)); isNotFromNormalScan = 1; ret = (int)moduleInfo.lpBaseOfDll; } } free(modules); modules = NULL; } if (isNotFromNormalScan) AfxMessageBox("While finding base address, main module was no first or was not named /"Tibia.exe/"."); return ret;}
开发者ID:ArthurRTz,项目名称:tibiaauto,代码行数:48,
示例3: mainFunctionvoid mainFunction(){ MODULEINFO moduleInfo; bool bSuccess; MH_STATUS status; Log::Init(); GetModuleInformation(GetCurrentProcess(), GetModuleHandle(NULL), &moduleInfo, sizeof(MODULEINFO)); Log::Write(Log::Type::Debug, "Base address is at: %I64X", moduleInfo.lpBaseOfDll); funcToHookOn = Pattern::Scan(moduleInfo, "48 89 5C 24 ? 57 48 83 EC 20 44 0F B7 05 ? ? ? ? 33 D2"); Log::Write(Log::Type::Debug, "The code is found at: %I64X", funcToHookOn); status = MH_Initialize(); Log::Write(Log::Type::Debug, "MinHook intialization was: ", status != MH_STATUS::MH_OK ? "Not successful" : "Successful"); status = MH_CreateHook((void*)funcToHookOn, hkRETURN_NUMBER_OF_RUNNING_SCRIPT, (void**)&oRETURN_NUMBER_OF_RUNNING_SCRIPT); Log::Write(Log::Type::Debug, "MinHook hook creation was: ", status != MH_STATUS::MH_OK ? "Not successful" : "Successful"); status = MH_EnableHook((void*)funcToHookOn); Log::Write(Log::Type::Debug, "MinHook enable was: ", status != MH_STATUS::MH_OK ? "Not successful" : "Successful"); }
开发者ID:leftas,项目名称:hookNative,代码行数:28,
示例4: GetModuleHandleADDRESS HexSearcher::GetModuleEnd(){ MODULEINFO mi; HMODULE moduleHandle = GetModuleHandle(NULL); GetModuleInformation(GetCurrentProcess(), moduleHandle, &mi, sizeof(mi)); return (ADDRESS)mi.SizeOfImage + (ADDRESS)moduleHandle;}
开发者ID:DrEhsan,项目名称:Whiff,代码行数:7,
示例5: genericPatternSearchbool mod_memory::genericPatternSearch(PBYTE * thePtr, wchar_t * moduleName, BYTE pattern[], ULONG taillePattern, LONG offSetToPtr, char * startFunc, bool enAvant, bool noPtr){ bool resultat = false; if(thePtr && pattern && taillePattern) { if(HMODULE monModule = GetModuleHandle(moduleName)) { MODULEINFO mesInfos; if(GetModuleInformation(GetCurrentProcess(), monModule, &mesInfos, sizeof(MODULEINFO))) { PBYTE addrMonModule = reinterpret_cast<PBYTE>(mesInfos.lpBaseOfDll); if(PBYTE addrDebut = startFunc ? reinterpret_cast<PBYTE>(GetProcAddress(monModule, startFunc)) : addrMonModule) { if(resultat = mod_memory::searchMemory(addrDebut, enAvant ? (addrMonModule + mesInfos.SizeOfImage) : reinterpret_cast<PBYTE>(mesInfos.lpBaseOfDll), pattern, thePtr, taillePattern, enAvant)) { *thePtr += offSetToPtr; if(!noPtr) {#ifdef _M_X64 *thePtr += sizeof(long) + *reinterpret_cast<long *>(*thePtr);#elif defined _M_IX86 *thePtr = *reinterpret_cast<PBYTE *>(*thePtr);#endif } } else *thePtr = NULL; } } } } return resultat;}
开发者ID:BaldyBadgersRunningRoundMyBrain,项目名称:meterpreter,代码行数:33,
示例6: DllMainBOOL APIENTRY DllMain(HMODULE hModule, DWORD reason, LPVOID lpReserved ){ if (reason == DLL_PROCESS_ATTACH) { Log::Init(hModule); DEBUGOUT("FiveMP DLL loaded"); if (!GetModuleInformation(GetCurrentProcess(), GetModuleHandle(0), &g_MainModuleInfo, sizeof(g_MainModuleInfo))) { Log::Fatal("Unable to get MODULEINFO from GTA5.exe"); } DEBUGOUT("GTA5 [0x%I64X][0x%X]", g_MainModuleInfo.lpBaseOfDll, g_MainModuleInfo.SizeOfImage); hook.StartConsole(); hook.NoIntro(); hook.Initialize(hModule); } if (reason == DLL_PROCESS_DETACH) { printf("reach end"); scriptUnregister(hModule); printf("reach end 2"); hook.StopConsole(); } return TRUE;}
开发者ID:jmsimo-old,项目名称:FiveMP,代码行数:25,
示例7: GetCurrentProcessstd::wstring Dll::FindConflictingModule() { HMODULE hMods[1024]; DWORD cbNeeded; TCHAR moduleName[MAX_PATH]; auto hProcess = GetCurrentProcess(); std::wstring conflicting; const uint32_t templeImageSize = 0x01EB717E; const uint32_t templeDesiredStart = 0x10000000; const uint32_t templeDesiredEnd = templeDesiredStart + templeImageSize; if (EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbNeeded)) { for (uint32_t i = 0; i < (cbNeeded / sizeof(HMODULE)); i++) { GetModuleFileName(hMods[i], moduleName, MAX_PATH); MODULEINFO moduleInfo; GetModuleInformation(hProcess, hMods[i], &moduleInfo, cbNeeded); auto fromAddress = reinterpret_cast<uint32_t>(moduleInfo.lpBaseOfDll); auto toAddress = fromAddress + moduleInfo.SizeOfImage; logger->debug(" Module {}: 0x{:08x}-0x{:08x}", ucs2_to_utf8(moduleName), fromAddress, toAddress); if (fromAddress <= templeDesiredEnd && toAddress > templeDesiredStart) { conflicting = fmt::format(L"{} (0x{:08x}-0x{:08x})", moduleName, fromAddress, toAddress); } } } CloseHandle(hProcess); return conflicting;}
开发者ID:ema29,项目名称:TemplePlus,代码行数:32,
示例8: ZeroMemoryvoid AbstractBTGenerator::LoadSymbols(){ TModulesMap modules = m_process.GetModules(); for (TModulesMap::iterator i = modules.begin(); i != modules.end(); i++) { MODULEINFO modInfo; ZeroMemory(&modInfo, sizeof(modInfo)); QString strModule = i.key(); GetModuleInformation(m_process.GetHandle(), i.value(), &modInfo, sizeof(modInfo)); SymLoadModuleEx( m_process.GetHandle(), NULL, (CHAR*) i.key().toLatin1().constData(), (CHAR*) i.key().toLatin1().constData(), (DWORD64) modInfo.lpBaseOfDll, modInfo.SizeOfImage, NULL, 0); LoadSymbol(strModule, (DWORD64) modInfo.lpBaseOfDll); if (!IsSymbolLoaded(strModule)) { emit MissingSymbol(strModule); } } emit DebugLine(QString());}
开发者ID:Kicer86,项目名称:photobroom,代码行数:31,
示例9: sizeofbool CallStack::loadAllModules(){#ifdef WIN32 DWORD dwNeeded = 0; if (!EnumProcessModules(hProcess, hModule, sizeof(hModule), &dwNeeded)) return false; const int iCount = dwNeeded / sizeof(HMODULE); for (int i = 0; i < iCount; ++i) { MODULEINFO info; GetModuleInformation(hProcess, hModule[i], &info, sizeof(info)); GetModuleFileNameEx(hProcess, hModule[i], szImageName, iMax); GetModuleBaseName(hProcess, hModule[i], szModuleName, iMax);#ifdef X64 SymLoadModule64(hProcess, hModule[i], szImageName, szModuleName, (DWORD64)info.lpBaseOfDll, info.SizeOfImage);#else SymLoadModule(hProcess, hModule[i], szImageName, szModuleName, (DWORD)info.lpBaseOfDll, info.SizeOfImage);#endif }#endif return true;}
开发者ID:lwch,项目名称:QLanguage,代码行数:25,
示例10: EngineGetModuleBaseRemoteULONG_PTR EngineGetModuleBaseRemote(HANDLE hProcess, ULONG_PTR APIAddress){ if(!hProcess) //no process specified { if(!dbgProcessInformation.hProcess) hProcess = GetCurrentProcess(); else hProcess = dbgProcessInformation.hProcess; } DWORD cbNeeded = 0; if(EnumProcessModules(hProcess, 0, 0, &cbNeeded)) { HMODULE* hMods = (HMODULE*)malloc(cbNeeded * sizeof(HMODULE)); if(EnumProcessModules(hProcess, hMods, cbNeeded, &cbNeeded)) { for(unsigned int i = 0; i < cbNeeded / sizeof(HMODULE); i++) { MODULEINFO modinfo; memset(&modinfo, 0, sizeof(MODULEINFO)); if(GetModuleInformation(hProcess, hMods[i], &modinfo, sizeof(MODULEINFO))) { ULONG_PTR start = (ULONG_PTR)hMods[i]; ULONG_PTR end = start + modinfo.SizeOfImage; if(APIAddress >= start && APIAddress < end) return start; } } } free(hMods); } return 0;}
开发者ID:brock7,项目名称:TitanEngine,代码行数:32,
示例11: GetKernelProcAddress// ------------------------------------------------------------------// GetKernelProcAddress()// ------------------------------------------------------------------ LPVOID GetKernelProcAddress(PCHAR KernelModule, PCHAR FunctionName){ // Load the module HMODULE hModule = LoadLibraryExA(KernelModule, NULL, DONT_RESOLVE_DLL_REFERENCES); if(hModule == NULL) return NULL; // Get address LPVOID pFunction = (LPVOID)GetProcAddress(hModule, FunctionName); if(pFunction == NULL) return NULL; // Get base address in ring0 MODULEINFO ModuleInfo; if(!GetModuleInformation(GetCurrentProcess(), hModule, &ModuleInfo, sizeof(ModuleInfo))) return NULL; // Caclc ring0 VA and return // printf("addrees of %p GetDriverImageBase is/r/n ",GetDriverImageBase(KernelModule)); // printf("addrees of %p hModule is /r/n",hModule); // printf("addrees of %p pFunction is/r/n ",pFunction); return (LPVOID)((CHAR*)pFunction - (CHAR*)hModule + (CHAR*)GetDriverImageBase(KernelModule));}
开发者ID:Strongc,项目名称:WinIo-Vidix,代码行数:28,
示例12: GetModuleInformation// Thanks to kurta999 - YSF projectDWORD CUtils::FindPattern(char *szPattern, char *szMask){#ifdef WIN32 // Get the current process information MODULEINFO mInfo = {0}; GetModuleInformation(GetCurrentProcess(), GetModuleHandle(NULL), &mInfo, sizeof(MODULEINFO)); // Find the base address DWORD dwBase = (DWORD)mInfo.lpBaseOfDll; DWORD dwSize = (DWORD)mInfo.SizeOfImage;#else DWORD dwBase = 0x804b480; DWORD dwSize = 0x8128B80 - dwBase;#endif // Get the pattern length DWORD dwPatternLength = (DWORD)strlen(szMask); // Loop through all the process for(DWORD i = 0; i < dwSize - dwPatternLength; i++) { bool bFound = true; // Loop through the pattern caracters for (DWORD j = 0; j < dwPatternLength; j++) bFound &= szMask[j] == '?' || szPattern[j] == *(char*)(dwBase + i + j); // If found return the current address if(bFound) return dwBase + i; } // Return null return NULL;}
开发者ID:OrMisicL,项目名称:FCNPC,代码行数:31,
示例13: searchLiveGlobalLogonSessionListbool mod_mimikatz_sekurlsa_livessp::searchLiveGlobalLogonSessionList(){#ifdef _M_X64 BYTE PTRN_WALL_LiveUpdatePasswordForLogonSessions[] = {0x48, 0x83, 0x65, 0xdf, 0x00, 0x48, 0x83, 0x65, 0xef, 0x00, 0x48, 0x83, 0x65, 0xe7, 0x00};#elif defined _M_IX86 BYTE PTRN_WALL_LiveUpdatePasswordForLogonSessions[] = {0x89, 0x5d, 0xdc, 0x89, 0x5d, 0xe4, 0x89, 0x5d, 0xe0};#endif LONG OFFS_WALL_LiveUpdatePasswordForLogonSessions = -(5 + 4); if(mod_mimikatz_sekurlsa::searchLSASSDatas() && pModLIVESSP && !LiveGlobalLogonSessionList) { PBYTE *pointeur = reinterpret_cast<PBYTE *>(&LiveGlobalLogonSessionList); if(HMODULE monModule = LoadLibrary(L"livessp")) { MODULEINFO mesInfos; if(GetModuleInformation(GetCurrentProcess(), monModule, &mesInfos, sizeof(MODULEINFO))) { mod_memory::genericPatternSearch(pointeur, L"livessp", PTRN_WALL_LiveUpdatePasswordForLogonSessions, sizeof(PTRN_WALL_LiveUpdatePasswordForLogonSessions), OFFS_WALL_LiveUpdatePasswordForLogonSessions); *pointeur += pModLIVESSP->modBaseAddr - reinterpret_cast<PBYTE>(mesInfos.lpBaseOfDll); } FreeLibrary(monModule); } } return (pModLIVESSP && LiveGlobalLogonSessionList);}
开发者ID:S3ize,项目名称:meterpreter,代码行数:26,
示例14: GetModuleInformation uintptr_t MemoryAccess::FindPattern(const char *pattern, const char *mask) { MODULEINFO module = { }; GetModuleInformation(GetCurrentProcess(), GetModuleHandle(nullptr), &module, sizeof(MODULEINFO)); const char *address = reinterpret_cast<const char *>(module.lpBaseOfDll), *address_end = address + module.SizeOfImage; const size_t mask_length = static_cast<size_t>(strlen(mask) - 1); for (size_t i = 0; address < address_end; address++) { if (*address == pattern[i] || mask[i] == '?') { if (mask[i + 1] == '/0') { return reinterpret_cast<uintptr_t>(address) - mask_length; } i++; } else { i = 0; } } return 0; }
开发者ID:BlackCoyote,项目名称:scripthookvdotnet,代码行数:27,
示例15: GetModuleSizeBOOL GetModuleSize(HMODULE hModule, LPVOID* lplpBase, LPDWORD lpdwSize) { if (hModule == GetModuleHandle(NULL)) { PIMAGE_NT_HEADERS pImageNtHeaders = ImageNtHeader((PVOID)hModule); if (pImageNtHeaders == NULL) { return FALSE; } *lplpBase = (LPVOID)hModule; *lpdwSize = pImageNtHeaders->OptionalHeader.SizeOfImage; } else { MODULEINFO ModuleInfo; if (!GetModuleInformation(GetCurrentProcess(), hModule, &ModuleInfo, sizeof(MODULEINFO))) { return FALSE; } *lplpBase = ModuleInfo.lpBaseOfDll; *lpdwSize = ModuleInfo.SizeOfImage; } return TRUE;}
开发者ID:PrinceFroggy,项目名称:DDT,代码行数:30,
示例16: addLibrary bool addLibrary(char* libraryName,void* addressContained) { HMODULE module; if(GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS,(LPCSTR)addressContained,&module)) { HANDLE process = GetCurrentProcess(); _MODULEINFO moduleInfo; if(GetModuleInformation(process,module,&moduleInfo,sizeof moduleInfo)) { CloseHandle(process); LibraryInfo* libraryInfo = new LibraryInfo; libraryInfo->baseAddress = (void*) moduleInfo.lpBaseOfDll; libraryInfo->length = moduleInfo.SizeOfImage; libraryInfo->handle = module; LibraryNameToLibraryInfo->insert(libraryName,libraryInfo); return true; } } return false; }
开发者ID:ShootingKing-AM,项目名称:OrpheuPack2.3,代码行数:27,
示例17: GetModuleInfo MODULEINFO GetModuleInfo(LPCSTR szModule) { MODULEINFO modinfo = { 0 }; HMODULE hModule = GetModuleHandleA(szModule); if (hModule == 0) return modinfo; GetModuleInformation(GetCurrentProcess(), hModule, &modinfo, sizeof(MODULEINFO)); return modinfo; }
开发者ID:KyoukoToshinou,项目名称:Animeme,代码行数:7,
示例18: FindPatternDWORD FindPattern(char *pattern, char *mask){#ifdef WIN32 MODULEINFO mInfo = { 0 }; GetModuleInformation(GetCurrentProcess(), GetModuleHandle("samp.dll"), &mInfo, sizeof(MODULEINFO)); DWORD base = (DWORD)mInfo.lpBaseOfDll; DWORD size = (DWORD)mInfo.SizeOfImage;#else#endif DWORD patternLength = (DWORD)strlen(mask); for (DWORD i = 0; i < size - patternLength; i++) { bool found = true; for (DWORD j = 0; j < patternLength; j++) { found &= mask[j] == '?' || pattern[j] == *(char*)(base + i + j); } if (found) { return base + i; } } return NULL;}
开发者ID:Black17,项目名称:gtasa_crashfix,代码行数:31,
示例19: GetProcessIdByName//Get the processID wantedDWORD GetProcessIdByName(DWORD processId, TCHAR* sProcessNameWanted){ TCHAR szProcessName[MAX_PATH] = TEXT("<unknown>"); //require information type, ?, processid HANDLE hProcess = OpenProcess (PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, processId ); DWORD baseAddr=0; MODULEINFO miModInfo = { 0 }; if(NULL!=hProcess) { HMODULE hMod; DWORD cbReturned; if(EnumProcessModules(hProcess, &hMod, sizeof(hMod), &cbReturned)) { GetModuleBaseName( hProcess, hMod, szProcessName, sizeof(szProcessName)/sizeof(TCHAR)); } if(_tcscmp(szProcessName,sProcessNameWanted) == 0) { GetModuleInformation(hProcess,hMod, &miModInfo, sizeof(miModInfo)); //_tprintf( TEXT("%s (PID: %u) baseAddr: 0x%X/n"), szProcessName, processId,miModInfo.lpBaseOfDll); CloseHandle(hProcess); return processId; } CloseHandle(hProcess); return 0; } return 0;}
开发者ID:gongz,项目名称:minesweeper,代码行数:28,
示例20: GetModuleInformationDWORD Disasm::GetModuleSize(HMODULE moduleHandle){ MODULEINFO a; GetModuleInformation(GetCurrentProcess(),moduleHandle,&a,sizeof(a)); return a.SizeOfImage;}
开发者ID:stankusl,项目名称:evo,代码行数:7,
示例21: EnumerateLoadedModulesW64 |
