Question

此行在我的代码中不起作用现在这里是代码和错误

uint PROCESS_ALL_ACCESS = (DELETE | READ_CONTROL | WRITE_DAC | WRITE_OWNER | SYNCHRONIZE | END);

字段Initialize不能尊重非静态字段

以下是我发表的文章：http://blackandodd.blogspot.com/2012/12/c-read-and-write-process-memory-in.html

public class MAin
{

    [DllImport("kernel32.dll")]
    public static extern int OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);

    [DllImport("kernel32.dll")]
    public static extern bool ReadProcessMemory(int hProcess, int lpBaseAddress, byte[] buffer, int size, int lpNumberOfBytesRead);

    [DllImport("kernel32.dll")]
    public static extern bool WriteProcessMemory(int hProcess, int lpBaseAddress, byte[] buffer, int size, int lpNumberOfBytesWritten);

    uint DELETE = 0x00010000;
    uint READ_CONTROL = 0x00020000;
    uint WRITE_DAC = 0x00040000;
    uint WRITE_OWNER = 0x00080000;
    uint SYNCHRONIZE = 0x00100000;
    uint END = 0xFFF; //if you have Windows XP or Windows Server 2003 you must change this to 0xFFFF
    uint PROCESS_ALL_ACCESS = (DELETE | READ_CONTROL | WRITE_DAC | WRITE_OWNER | SYNCHRONIZE | END);



    public void OnLoad(){

        Console.WriteLine ("");

        Process[] p = Process.GetProcessesByName("notepad");

        int processHandle = OpenProcess(PROCESS_ALL_ACCESS, false, p[0].Id); 

    }


    public byte[] ReadMemory(int adress, int processSize, int processHandle) {
        byte[] buffer = new byte[processSize];
        ReadProcessMemory(processHandle, adress, buffer, processSize, 0);
        return buffer;
    }

    public void WriteMemory(int adress, byte[] processBytes, int processHandle) {
        WriteProcessMemory(processHandle, adress, processBytes, processBytes.Length, 0);
    }

    public int GetObjectSize(object TestObject) {
        BinaryFormatter bf = new BinaryFormatter();
        MemoryStream ms = new MemoryStream();
        byte[] Array;
        bf.Serialize(ms, TestObject);
        Array = ms.ToArray();
        return Array.Length;
    }
}

Answer 1

将定义（uint DELETE和所有其他定义）更改为const uint DELETE，这样您就可以将值作为表达式引用。

const uint DELETE = 0x00010000;
const uint READ_CONTROL = 0x00020000;
const uint WRITE_DAC = 0x00040000;
const uint WRITE_OWNER = 0x00080000;
const uint SYNCHRONIZE = 0x00100000;
const uint END = 0xFFF; //if you have Windows XP or Windows Server 2003 you must change this to 0xFFFF
const uint PROCESS_ALL_ACCESS = (DELETE | READ_CONTROL | WRITE_DAC | WRITE_OWNER | SYNCHRONIZE | END);

访问其他进程内存

1 个答案: