【发布时间】:2021-09-18 17:14:49
【问题描述】:
程序_A
int main()
{
std::cout << "Process ID = " << GetCurrentProcessId() << "\n"; // Id my process (i get something like '37567')
std::string My_String = "JoJo"; // My string
std::cout << &My_String << std::endl; //here i get something like '0x0037ab7'
system("pause");
}
这个程序只是将字符串“JoJo”的引用输出到控制台。
程序_B
int main()
{
int id;
std::cin >> id;
DWORD ProcessId = id;
HANDLE ProcessHandle = OpenProcess(PROCESS_VM_READ, FALSE, ProcessId);
if (!ProcessHandle) {
std::cout << "Process is not found...\n";
return 0;
}
std::string r;
std::cin >> r; // this is me writing the link that I get in programs_A
DWORD address = std::strtoul(r.c_str(), NULL, 16);
std::string JoJo_string = " ";
ReadProcessMemory(ProcessHandle, (LPVOID)(address), &JoJo_string, sizeof(JoJo_string), 0); //here I want to get the JoJo_string value by reference from programm_A
std::cout << JoJo_string << std::endl;
}
有趣的是,“int”变量类型一切正常。但是std::string 不起作用。读取的准确值,但程序立即报错:
[-- programm_B--]
[-- error--]
【问题讨论】:
-
了解
std::string对象地址中实际存在的内容,而不是像本机int这样的东西,将非常有启发性。爆破像std::string这样包含内部指针、引用等的非平凡对象的内存背景,在任何情况下都不会结束,无论是使用@987654329 之类的东西@、fread、memcpy或任何其他相关内容。