/// <summary>
/// 获取模块地址
/// </summary>
/// <param name="pid">目标进程PID</param>
/// <param name="moduleName">需获取到的模块名</param>
/// <returns>返回个int类型的吧.想怎么转换看你们自己了.</returns>
public int GetModelBaseAddr(int pid, string moduleName)
{
Win32API.PROCESSENTRY32 pr = new Win32API.PROCESSENTRY32();
Win32API.MODULEENTRY32 mo = new Win32API.MODULEENTRY32();
IntPtr LM;
if (string.IsNullOrEmpty(moduleName))
{
return(-1);
}
pr.dwSize = (uint)Marshal.SizeOf(typeof(Win32API.PROCESSENTRY32));
LM = Win32API.CreateToolhelp32Snapshot(Win32API.TH32CS_SNAPMODULE, (IntPtr)pid);
if (LM.ToInt32() > 0)
{
mo.dwSize = (uint)Marshal.SizeOf(typeof(Win32API.MODULEENTRY32));
if (Win32API.Module32First(LM, ref mo))
{
do
{
if (mo.szModule == moduleName)
{
Win32API.CloseHandle(LM);
return(mo.modBaseAddr.ToInt32());
}
}while (Win32API.Module32Next(LM, ref mo));
}
Win32API.CloseHandle(LM);
}
//获取不到.或者遍历不到.都返回-1
return(-1);
}
/// <summary>
/// 获取模块地址
/// </summary>
/// <param name="PID">目标进程PID</param>
/// <param name="ModuleName">需获取到的模块名</param>
/// <returns>返回个int类型的吧.想怎么转换看你们自己了.</returns>
private int GetModelAddress(IntPtr PID, string ModuleName)
{
PROCESSENTRY32 pr = new PROCESSENTRY32();
MODULEENTRY32 mo = new MODULEENTRY32();
IntPtr LM;
if (ModuleName == "")
{
//如果模块空,直接88 返回-2 因为2..
return(-2);
}
pr.dwSize = (uint)Marshal.SizeOf(typeof(PROCESSENTRY32));
LM = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, PID);
if (LM.ToInt32() > 0)
{
mo.dwSize = (uint)Marshal.SizeOf(typeof(MODULEENTRY32));
if (Module32First(LM, ref mo))
{
do
{
if (mo.szModule == ModuleName)
{
CloseHandle(LM);
return(mo.modBaseAddr.ToInt32());
}
}while (Module32Next(LM, ref mo));
}
CloseHandle(LM);
}
//获取不到.或者遍历不到.都返回-1
return(-1);
}