Ejemplo n.º 1
0
        /// <summary>
        /// 获取模块地址
        /// </summary>
        /// <param name="pid">目标进程PID</param>
        /// <param name="moduleName">需获取到的模块名</param>
        /// <returns>返回个int类型的吧.想怎么转换看你们自己了.</returns>
        public int GetModelBaseAddr(int pid, string moduleName)
        {
            Win32API.PROCESSENTRY32 pr = new Win32API.PROCESSENTRY32();
            Win32API.MODULEENTRY32  mo = new Win32API.MODULEENTRY32();
            IntPtr LM;

            if (string.IsNullOrEmpty(moduleName))
            {
                return(-1);
            }
            pr.dwSize = (uint)Marshal.SizeOf(typeof(Win32API.PROCESSENTRY32));
            LM        = Win32API.CreateToolhelp32Snapshot(Win32API.TH32CS_SNAPMODULE, (IntPtr)pid);
            if (LM.ToInt32() > 0)
            {
                mo.dwSize = (uint)Marshal.SizeOf(typeof(Win32API.MODULEENTRY32));
                if (Win32API.Module32First(LM, ref mo))
                {
                    do
                    {
                        if (mo.szModule == moduleName)
                        {
                            Win32API.CloseHandle(LM);
                            return(mo.modBaseAddr.ToInt32());
                        }
                    }while (Win32API.Module32Next(LM, ref mo));
                }
                Win32API.CloseHandle(LM);
            }
            //获取不到.或者遍历不到.都返回-1
            return(-1);
        }
Ejemplo n.º 2
0
        /// <summary>
        /// 获取模块地址
        /// </summary>
        /// <param name="PID">目标进程PID</param>
        /// <param name="ModuleName">需获取到的模块名</param>
        /// <returns>返回个int类型的吧.想怎么转换看你们自己了.</returns>
        private int GetModelAddress(IntPtr PID, string ModuleName)
        {
            PROCESSENTRY32 pr = new PROCESSENTRY32();
            MODULEENTRY32  mo = new MODULEENTRY32();
            IntPtr         LM;

            if (ModuleName == "")
            {
                //如果模块空,直接88 返回-2 因为2..
                return(-2);
            }
            pr.dwSize = (uint)Marshal.SizeOf(typeof(PROCESSENTRY32));
            LM        = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, PID);
            if (LM.ToInt32() > 0)
            {
                mo.dwSize = (uint)Marshal.SizeOf(typeof(MODULEENTRY32));
                if (Module32First(LM, ref mo))
                {
                    do
                    {
                        if (mo.szModule == ModuleName)
                        {
                            CloseHandle(LM);
                            return(mo.modBaseAddr.ToInt32());
                        }
                    }while (Module32Next(LM, ref mo));
                }
                CloseHandle(LM);
            }
            //获取不到.或者遍历不到.都返回-1
            return(-1);
        }