您现在的位置:首页 >> API >> API >> 内容

Delphi写内存补丁范例

时间:2011/9/3 14:53:39 点击:

  核心提示:interfaceusesWindows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,Dialogs;typeT...

interface

uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs;

type
TForm1 = class(TForm)
procedure FormCreate(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;

var
Form1: TForm1;

implementation

{$R *.dfm}
var
si:STARTUPINFO ;
pi:PROCESS_INFORMATION ;
NewData : array[0..1] of byte = ($90,$90);
NewDataSize : DWORD;
Bytesread : DWORD;
Olddata : array[0..1] of byte;
dir:string ;
procedure TForm1.FormCreate(Sender: TObject);
begin
dir:=ExtractFileDir(Application.ExeName );
if FileExists(dir+'\crackme1.exe') then
begin

ZeroMemory(@Pi,SizeOf(pi));
FillChar (si,SizeOf(si),0);
si.cb :=SizeOf(si);
NewDatasize :=SizeOf(NewData ) ;
if CreateProcess (nil,'crackme1.exe',nil,nil,False ,CREATE_SUSPENDED ,nil ,nil,si,pi)=True then
begin
ReadProcessMemory(pi.hProcess ,Pointer($00401586 ),@olddata,2 ,BytesRead );
if (OldData[0]=$75) and (OldData[1]=$18) then
begin
WriteProcessMemory(pi.hProcess ,Pointer($00401586 ),@newdata,NewDatasize ,BytesRead );
ResumeThread(pi.hThread );
CloseHandle(pi.hProcess );
CloseHandle(pi.hThread );
end else
MessageBox(Handle, PChar('无法打入内存补丁'), PChar('错误'),MB_ICONERROR or MB_OK);
TerminateProcess(pi.hProcess ,0);
CloseHandle(pi.hProcess );
CloseHandle(pi.hThread );
end;
end
else
begin
ShowMessage('本补丁必须与原文件放在同一目录下');
Application.Terminate ;
end;

end;

end.

作者:网络 来源:转载
共有评论 0相关评论
发表我的评论
  • 大名:
  • 内容:
本类推荐
  • 没有
本类固顶
  • 没有
  • 盒子文章(www.2ccc.com) © 2022 版权所有 All Rights Reserved.
  • 沪ICP备05001939号