超级全能音频转换器loader
尝试写loader,不知道为什么修改地址$004B82B6总是Bytes don 't match ,希望各老师指点vari: Integer;
cl: PChar;
si: TStartupInfo;
pi: PROCESS_INFORMATION;
Buffer: array of Byte;
nByteRead, nByteWrite: Cardinal;
NewBytes: array of Byte;
const
BaseAddress: Pointer = Pointer($004B82B6);
Original: array of Byte = ($8B,$80,$C4,$04,$00,$00);
FName = 'MP3.exe';
Err1 = 'Can ''t CreateProcess';
Err2 = 'Can ''t ReadProcessMemory';
Err3 = 'Bytes don ''t match ';
Err4 = 'Can ''t WriteProcessMemory';
begin
NewBytes := $8B;
NewBytes := $C2;
for i := 2 to 5 do
NewBytes :=$90;
ZeroMemory(@si, SizeOf(si));
si.cb := SizeOf(si);
cl := GetCommandLine;
if CreateProcess(FName, cl, nil, nil, False, NORMAL_PRIORITY_CLASS, nil, nil, si, pi) then
begin
WaitForInputIdle(pi.hProcess,INFINITE);
if ReadProcessMemory(pi.hProcess, BaseAddress, @NewBytes, 6, nByteRead) then
begin
for i := 0 to 5 do
if Buffer <> Original then Break;
if i = 5 then
begin
if not WriteProcessMemory(pi.hProcess, BaseAddress,@NewBytes, 6, nByteWrite) then ShowMessage(Err4)
end else ShowMessage(Err3);
end else ShowMessage(Err2);
CloseHandle(pi.hProcess);
CloseHandle(pi.hThread);
end else ShowMessage(Err1);
end;
页:
[1]