Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- program ReadMemPrj;
- {$APPTYPE CONSOLE}
- uses
- Windows, SysUtils;
- const
- NTDLL = 'ntdll.dll';
- SE_DEBUG_PRIVILEGE = 20;
- VirtAddr: DWORD = $084A5450;//Адрес вписать
- function RtlAdjustPrivilege(Privilege: ULONG; Enable: BOOL; CurrentThread: BOOL;
- out OldPrivilege: BOOL): ULONG; stdcall; external NTDLL;
- var
- hProcess, n, op: DWORD;
- PID: DWORD = 666;//ID процесса
- Buffer: DWORD;
- OldPrivilege: BOOL;
- begin
- RtlAdjustPrivilege(SE_DEBUG_PRIVILEGE, True, False, OldPrivilege);
- Write('PID: '); ReadLn(PID); //ID процессса
- hProcess := OpenProcess(PROCESS_ALL_ACCESS, False, PID);
- if hProcess <> 0 then
- try
- if VirtualProtectEx(hProcess, Pointer(VirtAddr), SizeOf(Buffer), PAGE_EXECUTE_WRITECOPY, @op) then
- if ReadProcessMemory(hProcess, Pointer(VirtAddr), @Buffer, SizeOf(Buffer), n) then
- WriteLn(Format('DWORD[%.8x] = %.8x', [VirtAddr, Buffer]));
- finally
- VirtualProtectEx(hProcess, Pointer(VirtAddr), SizeOf(Buffer), op, @op);
- CloseHandle(hProcess);
- end;
- ReadLn;
- end.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
