VC++信息安全编程(8)实现扫描内存,实现内存读写
扫描内存,实现内存读写是杀毒软件必备的功能,这个功能如何实现呢,
请见代码实现与分析
调用美国大牛写的PSAPI.DLL
#include "stdafx.h"
#include "DoProcess.h"
#include "DoProcessDlg.h"
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif
char ch[]="zhao1234";
/////////////////////////////////////////////////////////////////////////////
// CDoProcessDlg dialog
CDoProcessDlg::CDoProcessDlg(CWnd* pParent /*=NULL*/)
: CDialog(CDoProcessDlg::IDD, pParent)
{
//{{AFX_DATA_INIT(CDoProcessDlg)
m_Code = _T("zhao1234");
m_Ebase = _T("");
m_Esize = _T("");
m_Eaddress = _T("");
m_Edata = _T("");
m_EAdd_Change = _T("");
//}}AFX_DATA_INIT
// Note that LoadIcon does not require a subsequent DestroyIcon in Win32
m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME);
}
void CDoProcessDlg::DoDataExchange(CDataExchange* pDX)
{
CDialog::DoDataExchange(pDX);
//{{AFX_DATA_MAP(CDoProcessDlg)
DDX_Control(pDX, IDC_LIST2, m_list);
DDX_Control(pDX, IDC_ScanProcess, m_Scan);
DDX_Text(pDX, IDC_Code, m_Code);
DDX_Control(pDX, IDC_LIST1, m_lCtrl);
DDX_Text(pDX, IDC_Ebase, m_Ebase);
DDX_Text(pDX, IDC_Esize, m_Esize);
DDV_MaxChars(pDX, m_Esize, 2000);
DDX_Text(pDX, IDC_Eaddress, m_Eaddress);
DDX_Text(pDX, IDC_Edata, m_Edata);
DDX_Text(pDX, IDC_EAdd_Change, m_EAdd_Change);
//}}AFX_DATA_MAP
}
BEGIN_MESSAGE_MAP(CDoProcessDlg, CDialog)
//{{AFX_MSG_MAP(CDoProcessDlg)
ON_WM_PAINT()
ON_WM_QUERYDRAGICON()
ON_BN_CLICKED(IDC_GetProcess, OnGetProcess)
ON_BN_CLICKED(IDC_GetProcess2, OnGetProcess2)
ON_BN_CLICKED(IDC_KillProcess, OnKillProcess)
ON_BN_CLICKED(IDC_ScanProcess, OnScanProcess)
ON_BN_CLICKED(IDC_ReadMem, OnReadMem)
ON_EN_CHANGE(IDC_Code, OnChangeCode)
ON_EN_CHANGE(IDC_Ebase, OnChangeEbase)
ON_EN_CHANGE(IDC_Esize, OnChangeEsize)
ON_NOTIFY(NM_DBLCLK, IDC_LIST1, OnDblclkList1)
ON_EN_CHANGE(IDC_Eaddress, OnChangeEaddress)
ON_EN_CHANGE(IDC_Edata, OnChangeEdata)
ON_BN_CLICKED(IDC_BWriteMem, OnBWriteMem)
ON_BN_CLICKED(IDC_BEnumAllDLL, OnBEnumAllDLL)
ON_BN_CLICKED(IDC_BChangeAttr, OnBChangeAttr)
ON_EN_CHANGE(IDC_EAdd_Change, OnChangeEAddChange)
ON_BN_CLICKED(IDC_BgetModule, OnBgetModule)
ON_BN_CLICKED(IDC_BGetAllDLL2, OnBGetAllDLL)
//}}AFX_MSG_MAP
END_MESSAGE_MAP()
/////////////////////////////////////////////////////////////////////////////
// CDoProcessDlg message handlers
BOOL CDoProcessDlg::OnInitDialog()
{
CDialog::OnInitDialog();
// Set the icon for this dialog. The framework does this automatically
// when the application's main window is not a dialog
SetIcon(m_hIcon, TRUE); // Set big icon
SetIcon(m_hIcon, FALSE); // Set small icon
// TODO: Add extra initialization here
ListView_SetExtendedListViewStyleEx(m_lCtrl.m_hWnd, LVS_EX_FULLROWSELECT|
LVS_SORTDESCENDING, 0xFFFFFFFF);
m_lCtrl.InsertColumn(0,"序号",HDF_LEFT,50,0);
m_lCtrl.InsertColumn(1,"进程ID",HDF_LEFT,60,0);
m_lCtrl.InsertColumn(2,"路径",HDF_LEFT,560,0);
m_lCtrl.InsertColumn(3,"基地址",HDF_LEFT,60,0);
return TRUE; // return TRUE unless you set the focus to a control
}
// If you add a minimize button to your dialog, you will need the code below
// to draw the icon. For MFC applications using the document/view model,
// this is automatically done for you by the framework.
void CDoProcessDlg::OnPaint()
{
if (IsIconic())
{
CPaintDC dc(this); // device context for painting
SendMessage(WM_ICONERASEBKGND, (WPARAM) dc.GetSafeHdc(), 0);
// Center icon in client rectangle
int cxIcon = GetSystemMetrics(SM_CXICON);
int cyIcon = GetSystemMetrics(SM_CYICON);
CRect rect;
GetClientRect(&rect);
int x = (rect.Width() - cxIcon + 1) / 2;
&n
补充:综合编程 , 安全编程 ,
