How do I modify the following code that drives integer reading to read this string and print it with printf

dxw914 注册会员
2023-02-26 19:30
, buf); } .
< !- - - - - >
wuzhengfa1 注册会员
2023-02-26 19:30

is a unicode string that can be parsed by itself or output using a character conversion such as A2W or W2A, or simply CString, For example, CString str = CString(CStringA(xxx)) xxx holds the address for the text

dailiben 注册会员
2023-02-26 19:30

Import the driver module

import driver_module

Initialize the driver

driver = driver_module.Driver()

Call a method to retrieve the memory code string

memory_code = driver.get_memory_code()

Print the memory code string


In this example, driver_module is the name of the module that contains the driver code. The class Driver is the class that represents the Driver, and get_memory_code() is a method driver of the class that retrieves strings of memory code. Once the memory_code variable is assigned a value for the memory_code string, the print function prints it to the console.

To read memory with this driver, you need to call the function with ReadProcessMemoryForPid with the following arguments:

dwPid: The process ID of the target process whose memory is to be read.
pBase: The address of the memory location in the target process from which to start reading.
lpBuffer: Pointer to the buffer in the current process to store data read from the target process's memory.

dian19920226 注册会员
2023-02-26 19:30

To read Unicode strings, you can use the ReadProcessMemory function. This function reads data from a specified memory address in a process and copies it to a specified buffer. Here is an example of how to read a Unicode string from a specified process using the ReadProcessMemory function:

#include <Windows.h>

// 读取 Unicode 字符串
void ReadUnicodeString(HANDLE hProcess, LPCVOID lpBaseAddress, LPWSTR lpBuffer, SIZE_T nSize)
    SIZE_T nBytesRead = 0;
    BOOL bSuccess = ReadProcessMemory(hProcess, lpBaseAddress, lpBuffer, nSize, &nBytesRead);
    if (!bSuccess || nBytesRead == 0)
        lpBuffer[0] = L'\0';
        // 确保字符串以 null 终止
        lpBuffer[nBytesRead / sizeof(WCHAR)] = L'\0';

// 读取进程中的 Unicode 字符串
void ReadProcessUnicodeString(DWORD dwProcessId, LPCVOID lpBaseAddress, LPWSTR lpBuffer, SIZE_T nSize)
    // 打开进程句柄
    HANDLE hProcess = OpenProcess(PROCESS_VM_READ, FALSE, dwProcessId);
    if (hProcess == NULL)
        lpBuffer[0] = L'\0';

    // 读取字符串
    ReadUnicodeString(hProcess, lpBaseAddress, lpBuffer, nSize);

    // 关闭进程句柄

To use this function, you need to pass it the ID of the process to be read, the memory address to be read, and the buffer to store the results. If the read was successful, the buffer will contain the read string, otherwise the buffer will contain the empty string. Note that the buffer size passed to the function should be large enough to hold the string to be read. If the buffer is too small, only part of the string can be read.

chentongli0577 注册会员
2023-02-26 19:30


UINT64 读取Unicode字符串(INT pid, UINT_PTR 地址, std::wstring& 结果) {
    DWORD dwRetSize = 0;
    UINT64 tmp = 0;

    // 输入缓冲区的第一个元素是PID,第二个元素是要读取的地址,
    // 第三个元素是要读取的字符串的长度(以字节为单位),第四个元素是0,
    // 这样驱动程序就知道要读取的是Unicode字符串。
    std::vector<UINT64> 缓冲区 = { pid, 地址, 0, 0 };

    // 返回缓冲区是一个用来存放字符串的缓冲区,大小为4096个字符。
    std::vector<wchar_t> 返回缓冲区(4096);

    // 调用DeviceIoControl函数来读取Unicode字符串。
    BOOL bResult = DeviceIoControl(
        sizeof(UINT64) * 输入缓冲区.size(),
        sizeof(wchar_t) * 返回缓冲区.size(),

    if (bResult && dwRetSize > 0) {
        // 如果读取成功,将结果保存到wstring对象中,并返回字符串的长度。
        结果.assign(返回缓冲区.data(), dwRetSize / sizeof(wchar_t));
        return 结果.size();
    } else {
        // 如果读取失败,返回0。
        return 0;
< !- - - - - >

About the Author

Question Info

Publish Time
2023-02-26 19:30
Update Time
2023-02-26 19:30

Related Question