我正在使用基地址和一些偏移量从内存中读取数据:
public static int ReadInt(long address)
{
byte[] buffer = new byte[sizeof(int)];
ReadProcessMemory(pHandle, (UIntPtr)address, buffer, (UIntPtr)4,
IntPtr.Zero);
return BitConverter.ToInt32(buffer, 0);
}
我添加这样的偏移量:
var one = MemoryHandler.ReadInt((long)MemoryHandler.base_adress +
(long)0x0945BB0C);
var two = MemoryHandler.ReadInt(one + (long)0x28);
var three = MemoryHandler.ReadInt(two + (long)0x214);
var four = MemoryHandler.ReadInt(three + (long)0x38);
var five = MemoryHandler.ReadInt(four + (long)0x7EC);
var six = MemoryHandler.ReadInt(five + (long)0x230);
其中 six 包含我需要的值。
我尝试做一个重载来完成同样的事情。我的问题是它没有给我同样的值(value)。我想知道为什么:
public static int ReadInt(long address, int[] offsets)
{
long prev = 0;
for (int i = 0; i < offsets.Length; i++)
{
address = prev > 0 ? ReadInt(prev + (long)offsets[i]) : ReadInt(address);
prev = address + offsets[i];
}
return (int)address;
}
var offsets = new int[] { 0x28, 0x214, 0x38, 0x7EC, 0x230 };
var result = MemoryHandler.ReadInt((long)MemoryHandler.base_adress +
(long)0x0945BB0C, offsets);
只是澄清一下:我希望 result 具有与上面的 6 相同的值。
最佳答案
请注意,这仅适用于 32 位
public static int ReadInt(long address, int[] offsets)
{
address = ReadInt(address);
for (int i = 0; i < offsets.Length; i++)
{
address = ReadInt(address + (long)offsets[i]);
}
return (int)address;
}
您有 offsets.Length + 1 ReadInt 要做,一个没有偏移量,一个 offsets.Length 有偏移量。每个返回下一个的地址。最后一个返回一个值。
考虑到这仅适用于 32 位(因为您正在读取 32 位并将它们用作 ptr),使用 long 是没有用的。 int 就足够了。
关于c# - 从进程内存中读取 int,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/18113004/