求大佬修改一下一個(gè)C++程序
我想將這程序修改成dll,,接收參數(shù)2個(gè)參數(shù)1:進(jìn)程PID參數(shù)2:特征碼下邊這個(gè)程序是網(wǎng)上大佬分享的#include<Windows.h>#include<iostream>#include<vector>#include<time.h> using namespace std; #define BLOCKMAXSIZE 409600//每次讀取內(nèi)存的最大大小BYTE* MemoryData;//每次將讀取的內(nèi)存讀入這里short Next[260]; //特征碼轉(zhuǎn)字節(jié)集word GetTzmArray(char* Tzm, word* TzmArray){int len = 0;WORD TzmLength = strlen(Tzm) / 3 + 1; for (int i = 0; i < strlen(Tzm); )//將十六進(jìn)制特征碼轉(zhuǎn)為十進(jìn)制{char num[2];num[0] = Tzm[i++];num[1] = Tzm[i++];i++;if (num[0] != '?' && num[1] != '?'){int sum = 0;WORD a[2];for (int i = 0; i < 2; i++){if (num[i] >= '0' && num[i] <= '9'){a[i] = num[i] - '0';}else if (num[i] >= 'a' && num[i] <= 'z'){a[i] = num[i] - 87;}else if (num[i] >= 'A' && num[i] <= 'Z'){a[i] = num[i] - 55;} }sum = a[0] * 16 + a[1];TzmArray[len++] = sum;}else{TzmArray[len++] = 256;}}return TzmLength;} //獲取Next數(shù)組void GetNext(short* next, WORD* Tzm, WORD TzmLength){//特征碼(字節(jié)集)的每個(gè)字節(jié)的范圍在0-255(0-FF)之間,,256用來(lái)表示問(wèn)號(hào),,到260是為了防止越界for (int i = 0; i < 260; i++)next[i] = -1;for (int i = 0; i < TzmLength; i++)next[Tzm[i]] = i;} //搜索一塊內(nèi)存void SearchMemoryBlock(HANDLE hProcess, WORD* Tzm, WORD TzmLength, unsigned __int64 StartAddress, unsigned long size, vector<unsigned __int64>& ResultArray){if (!ReadProcessMemory(hProcess, (LPCVOID)StartAddress, MemoryData, size, NULL)){return;} for (int i = 0, j, k; i < size;){j = i; k = 0; for (; k < TzmLength && j < size && (Tzm[k] == MemoryData[j] || Tzm[k] == 256); k++, j++); if (k == TzmLength){ResultArray.push_back(StartAddress + i);} if ((i + TzmLength) >= size){return;} int num = Next[MemoryData[i + TzmLength]];if (num == -1)i += (TzmLength - Next[256]);//如果特征碼有問(wèn)號(hào),,就從問(wèn)號(hào)處開(kāi)始匹配,,如果沒(méi)有就i+=-1elsei += (TzmLength - num);}} //搜索整個(gè)程序int SearchMemory(HANDLE hProcess, char* Tzm, unsigned __int64 StartAddress, unsigned __int64 EndAddress, int InitSize, vector<unsigned __int64>& ResultArray){int i = 0;unsigned long BlockSize;MEMORY_BASIC_INFORMATION mbi; WORD TzmLength = strlen(Tzm) / 3 + 1;WORD* TzmArray = new WORD[TzmLength]; GetTzmArray(Tzm, TzmArray);GetNext(Next, TzmArray, TzmLength); //初始化結(jié)果數(shù)組ResultArray.clear();ResultArray.reserve(InitSize); while (VirtualQueryEx(hProcess, (LPCVOID)StartAddress, &mbi, sizeof(mbi)) != 0){//獲取可讀可寫(xiě)和可讀可寫(xiě)可執(zhí)行的內(nèi)存塊if (mbi.Protect == PAGE_READWRITE || mbi.Protect == PAGE_EXECUTE_READWRITE){i = 0;BlockSize = mbi.RegionSize;//搜索這塊內(nèi)存while (BlockSize >= BLOCKMAXSIZE){SearchMemoryBlock(hProcess, TzmArray, TzmLength, StartAddress + (BLOCKMAXSIZE * i), BLOCKMAXSIZE, ResultArray);BlockSize -= BLOCKMAXSIZE; i++;}SearchMemoryBlock(hProcess, TzmArray, TzmLength, StartAddress + (BLOCKMAXSIZE * i), BlockSize, ResultArray); }StartAddress += mbi.RegionSize; if (EndAddress != 0 && StartAddress > EndAddress){return ResultArray.size();}}free(TzmArray);return ResultArray.size();} int main(){//初始化MemoryData大小MemoryData = new BYTE[BLOCKMAXSIZE]; DWORD pid=0;vector<unsigned __int64> ResultArray;cout << "請(qǐng)輸入進(jìn)程ID:" << endl;cin >> pid; //通過(guò)進(jìn)程ID獲取進(jìn)程句柄HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, pid); int start = clock();SearchMemory(hProcess, (char*)"FF 3F FF ?? FF F2", 0x410000, 0xFFFFFFFF, 30, ResultArray);int end = clock(); cout << "用時(shí):" << end-start << "毫秒"<<endl;cout << "搜索到" << ResultArray.size() << "個(gè)結(jié)果" << endl; for (vector<unsigned __int64>::iterator it = ResultArray.begin(); it != ResultArray.end(); it++){printf("%x", *it);} return 0;}
將一個(gè)完整的可運(yùn)行C++程序改為dll,,對(duì)任何一個(gè)程序員,,都是非常簡(jiǎn)單的事
但你要注意的是
1.你要按你的開(kāi)發(fā)工具,,選生成目標(biāo)為dll
2,你的導(dǎo)出要有輸出項(xiàng)(dll不支持控制臺(tái)輸出的)
對(duì)你的可改程序中的main()為
__declspec(dllexport) voidSearchMemory_d(DWORD pid, char *keys,int *times,unsigned __int64 *ret){//初始化MemoryData大小MemoryData = new BYTE[BLOCKMAXSIZE]; vector<unsigned __int64> ResultArray;/*cout << "請(qǐng)輸入進(jìn)程ID:" << endl;cin >> pid;*/ //通過(guò)進(jìn)程ID獲取進(jìn)程句柄HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, pid); int start = clock();SearchMemory(hProcess, keys, 0x410000, 0xFFFFFFFF, 30, ResultArray);int end = clock(); /*cout << "用時(shí):" << end-start << "毫秒"<<endl;cout << "搜索到" << ***.size() << "個(gè)結(jié)果" << endl; */ *times=end-start ;for (vector<unsigned __int64>::iterator it = ***.begin(); it != ResultArray.end(); it++){//printf("%x", *it); *ret++=*it;}//return 0;}
其中,,SearchMemory_d為DLL導(dǎo)出函數(shù),前兩個(gè)參數(shù)為進(jìn)程PID和特征碼,,times為返回的搜索用時(shí),,而ret為結(jié)果(要注意給它們足夠的空間)