In WIN game players, most of them are more familiar with the game modifier, players can use the game modifier to modify the experience of the characters in the game or money. So what is the game modifier on WIN? About the game modifier on WIN has a lot of technical information on the Internet, I also clearly remember that there is more detailed introduction to this in the earliest number of "programmer" magazine, I was still in college. ^ _ ^, Here is "programmers" magazine to do an advertisement, this magazine is my favorite time for my school, now it is still the case, I will not miss every issue, from inside, I have learned a lot, in a big The degree enriching your knowledge, here I want to thank this magazine, and sincerely hope that "programmer" magazine is getting better and better!
Haha, there is no one to run, we are in the middle of the way, there are special APIs on WIN to scan the address space of another process, of course, what kind of scanning method, to position, guess the related data in the game, I don't say it. It is important that this API provides us a means to operate data in another process address space. Normally, every process has its own independent address space, this process is unable to directly access another process address space data. of.
In UNIX, we also have similar functions to do such operations, pread, pwrite these functions allow us to read and write another process address space, and many debugging tools are actually using these interfaces to complete debugging another program. But using these two functions, there must be a prerequisite, just use the PTRACE function catch to live the target process before you can call pread or pwrite. Since it hasoche the target process, in fact, the target process will stop running, then The way does not catch the target process, we can modify the data of another process address space? The answer is of course ^ _ ^, we can use the process file system PROC to easily complete this matter.
The process file system on UNIX is actually a virtual file system. You use the command CD / Proc, you find that there is a corresponding folder in each process number, this folder is able to help us Complete the stuff required to modify another process address space. In addition, there is a lot of process file system commands in the directory / usr / proc / bin directory, such as: pstack, which can view the stack information of another process, in fact, the implementation of this command is implemented through a process file system.
Here we assume that the process number of the process of modifying the address space data is 3548, then the file in the / proc / 3548 folder is what we need, this file is the full mapping of the data in the process address space, and we can The AS file is performed by the standard read and write function Read, Write, so that the purpose of modifying the data in the 3548 process address space is achieved. Here I list a simple code to describe this process:
#include
INT main (void) {int procfd; int except_value = 0; int in_value = 0; int new_value = 0;
Unsigned long address = 0;
CHAR CMD_STRING [50]; char proc_id [50];
MEMSET (cmd_string, 0, sizeof (cmd_string)); MEMSET (Proc_ID, 0, SIZEOF (Proc_ID)); System ("Clear");
Printf ("/ t / t ........... Welcome to the memory data modification tool ........ / n"); Printf ("/ n"); printf (" / N ");
Printf ("Please enter the process ID number of the process you want to modify ..... / n"); scanf ("% s", proc_id);
Printf ("Enter the data memory address to modify (input data is a hexadecimal format, for example: ED802498) / N"); scanf ("% x", & address);
Printf ("Enter the desired data / N"); scanf ("% d", & except_value);
Sprintf (cmd_string, "% s% s% s", "/ proc /", proc_id, "/ as"); procfd = open (cmd_string, o_rdwr); // Open file / proc // as, obtain file handle IF (Procfd <0) {Printf ("Open Process File System Fails, Error Code is% D / N", Errno); Exit (1);
Lseek (Procfd, Address, Seek_set); Read (Procfd, & Old_Value, 4);
Printf ("The data on the memory address is% d / n", OLD_VALUE);
Lseek (Procfd, Address, Seek_set); Write (Procfd, & ExcePT_Value, 4);
LSeek (Procfd, Address, Seek_set); Read (Protefd, & New_Value, 4); Printf ("The data on the memory address is% D / N", new_value);
}
The code is simple, clear, everyone can write more complex and more fun things according to this idea, welcome everyone to make further exchanges with me!
