include "stdafx.h"
include
include
include
include
//取进程id
DWORD GetProcessIDByName(const char* pName)
{
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (INVALID_HANDLE_VALUE == hSnapshot) {
return NULL;
}
PROCESSENTRY32 pe = { sizeof(pe) };
for (BOOL ret = Process32First(hSnapshot, &pe); ret; ret = Process32Next(hSnapshot, &pe)) {
if (strcmp(pe.szExeFile, pName) == 0) {
CloseHandle(hSnapshot);
return pe.th32ProcessID;
}
//printf("%-6d %s\n", pe.th32ProcessID, pe.szExeFile);
}
CloseHandle(hSnapshot);
return 0;
}
//获取程序内部模块基址
PVOID GetProcessImageBase(DWORD dwProcessId,char dllName)
{
PVOID pProcessImageBase = NULL;
MODULEENTRY32 me32 = { 0 };
me32.dwSize = sizeof(MODULEENTRY32);
// 获取指定进程全部模块的快照
HANDLE hModuleSnap = ::CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessId);
if (INVALID_HANDLE_VALUE == hModuleSnap)
{
return pProcessImageBase;
}
// 获取快照中第一条信息
BOOL bRet = ::Module32First(hModuleSnap, &me32);
while (strcmp((char)me32.szModule, dllName)!=0)
{
Module32Next(hModuleSnap, &me32);
}
pProcessImageBase = (PVOID)me32.modBaseAddr;
// 关闭句柄
::CloseHandle(hModuleSnap);
return pProcessImageBase;
}
int main(int argc, char argv[])
{
char gameName = (char*)"cittt.com.exe";
DWORD processID= GetProcessIDByName(gameName);
HANDLE h = OpenProcess(PROCESS_ALL_ACCESS,false, processID);
DWORD base_address = (DWORD)GetProcessImageBase(processID, "cittt.com.exe");
printf("%d\n",processID);
printf("%d\n",base_address);
system("pause");
return 0;
}
|