Начинающий
Начинающий
- Статус
- Онлайн
- Регистрация
- 23 Фев 2025
- Сообщения
- 82
- Реакции
- 1
pattern scan:
uintptr_t FindPattern(const std::vector<BYTE>& pattern)
{
SYSTEM_INFO systemInfo;
GetSystemInfo(&systemInfo);
uintptr_t searchStart = (uintptr_t)systemInfo.lpMinimumApplicationAddress;
uintptr_t searchEnd = (uintptr_t)systemInfo.lpMaximumApplicationAddress;
MEMORY_BASIC_INFORMATION memoryInfo;
for (uintptr_t currentAddr = searchStart; currentAddr < searchEnd; currentAddr += memoryInfo.RegionSize)
{
BOOL querySuccess = VirtualQuery((LPCVOID)currentAddr, &memoryInfo, sizeof(memoryInfo));
if (querySuccess == FALSE)
continue;
BOOL isCommitted = (memoryInfo.State == MEM_COMMIT);
if (isCommitted == FALSE)
continue;
BOOL hasExecuteReadAccess = (memoryInfo.Protect & PAGE_EXECUTE_READ);
BOOL hasExecuteReadWriteAccess = (memoryInfo.Protect & PAGE_EXECUTE_READWRITE);
BOOL hasExecuteAccess = (memoryInfo.Protect & PAGE_EXECUTE);
if (hasExecuteReadAccess == FALSE &&
hasExecuteReadWriteAccess == FALSE &&
hasExecuteAccess == FALSE)
continue;
BYTE* memoryBlock = (BYTE*)memoryInfo.BaseAddress;
SIZE_T blockSize = memoryInfo.RegionSize;
for (SIZE_T offset = 0; offset < blockSize - pattern.size(); offset++)
{
bool patternFound = true;
for (SIZE_T byteIndex = 0; byteIndex < pattern.size(); byteIndex++)
{
if (pattern[byteIndex] != memoryBlock[offset + byteIndex])
{
patternFound = false;
break;
}
}
if (patternFound)
return (uintptr_t)(memoryBlock + offset);
}
}
return 0;
}Может кому то поможет вот код с моим решением данной ситуации
Есть = { 0xC4, 0x81, 0x7A, 0x11, 0xA4, 0xDC, 0x98, 0x00, 0x00, 0x00 }; если нужно в куче найти патерн
Последнее редактирование:
