学习3

// m6.cpp : Defines the entry point for the console application.
//
#include "stdafx.h"
#include<windows.h>
#include<iostream.h>
#include<stdio.h>
HANDLE g_hProcess;
DWORD dwGoalAddr[1024],count;
int CompareAPage(DWORD dwBase,DWORD goal)
{
    DWORD i;
    BYTE arBytes[4096];
    if(!::ReadProcessMemory(g_hProcess,(LPVOID)dwBase,arBytes,4096,NULL))
    {
        return FALSE;
    }
    DWORD * lpDw;
    for(i=0;i<4096-3;i++)
    {
        lpDw=(DWORD*)&arBytes[i];
        if(count>=1024) return FALSE;
        if(*lpDw==goal)
            dwGoalAddr[count++]=dwBase+i;
    }
    return count;
}
int FirstFind(DWORD goal)
{
    const DWORD dwOneGB=1024*1024*1024;
    const DWORD dwOnePage=4*1024;
    DWORD dwBaseAddr;
    OSVERSIONINFO vi;
    ::GetVersionEx(&vi);

    if(vi.dwPlatformId==VER_PLATFORM_WIN32_WINDOWS)
        dwBaseAddr=4*1024*1024;
    else
        dwBaseAddr=64*1024;
    count=0;
    for(;dwBaseAddr<2*dwOneGB;dwBaseAddr+=dwOnePage)
    {
        CompareAPage(dwBaseAddr,goal);
    }
    return 0;
}
int ShowAddr(int k)
{
    int i;
    for(i=0;i<k;i++)
        printf("%08lX\n",dwGoalAddr[i]);
        return 1;
}
int FindNext(DWORD goal)
{
    int i,k=0;
    LPVOID lpAddr;
    DWORD gValue;
    for(i=0;i<(int)count;i++)
    {
        lpAddr=(LPVOID)dwGoalAddr[i];
        ::ReadProcessMemory(g_hProcess,(LPVOID*) dwGoalAddr[i],&gValue,sizeof(DWORD),NULL);
        if(gValue==goal) dwGoalAddr[k++]=dwGoalAddr[i];
    }
    return k;
}
int main()
{
    DWORD goal;
   // char fileName[]="D:\\VC\\02testor\\Debug\\main.exe";
char fileName[] = "E:\\miao\\VC6\\MyProjects\\01test\\Debug\\01test.exe";
    STARTUPINFO si={sizeof(STARTUPINFO)};
    PROCESS_INFORMATION ps;

    if(!::CreateProcess(NULL,fileName,NULL,NULL,FALSE,CREATE_NEW_CONSOLE,NULL,NULL,&si,&ps))
    {
        printf("创建进程失败！\n");
        return 0;
    }
    ::CloseHandle(ps.hThread);
    g_hProcess=ps.hProcess;

        if(g_hProcess==INVALID_HANDLE_VALUE)
    {
        printf("进程创建失败！\n");
        return 0;
    }
    printf("请输入你要查找的值：");
    scanf("%ld",&goal);
        FirstFind(goal);

    //ShowAddr(count);
    while(count>1)
    {
        printf("本次查找有%d个目标，请输入下一次要查找的值：",count);
        scanf("%ld",&goal);
        count=FindNext(goal);
    }
    if(count==0)
    {
        printf("没有查找到目标！\n");
        return FALSE;
    }
    else
    {
        printf("请输入你要修改的值：");
        scanf("%ld",&goal);
    }
    if(!::WriteProcessMemory(g_hProcess,(LPVOID)dwGoalAddr[0],&goal,sizeof(DWORD),NULL))
    {
        printf("修改内存失败！\n");
        return FALSE;
    }
        ::ReadProcessMemory(g_hProcess,(LPVOID)dwGoalAddr[0],&goal,sizeof(DWORD),NULL);
    printf("最种修改为：%ld\n",goal);
    //DWORD exitCode;
    //GetExitCodeProcess(g_hProcess,&exitCode);
    //TerminateProcess(g_hProcess,exitCode);
    ::CloseHandle(g_hProcess);
        return 0;
}

上面需要的

#include<iostream>
#include<windows.h>
int g_nNum;
int main()
{
    int i;
    g_nNum=1003; i=0;
    while(1)
    {
        printf("i=%d,  &i=0X%08lX,  g_nNum=%d,  &g_nNum=0X%08lX\n",i++,&i,++g_nNum,&g_nNum);
        getchar();
    }
    return 0;
}