好友
阅读权限10
听众
最后登录1970-1-1
|
地址是
xxx.dll + 0x40DF480, 偏移是offsets=[0x50, 0x408, 0x190, 0x88, 0x20, 0x18, 0x78]
我用python的pymem读xxx.dll的地址是 0x7ffccac40000
1.怎么会有这么大的物理地址?已经12位16进制了。
2.基于那个地址去读取的时候会报错,Int too long.
[Asm] 纯文本查看 复制代码 import pymem
# from ReadWriteMemory import ReadWriteMemory
pm = pymem.Pymem("abc.exe")
baseAddress = pymem.process.module_from_name(pm.process_handle, "assembly.dll").lpBaseOfDll
print(hex(baseAddress)) # 0x7ffccac40000
# rwm = ReadWriteMemory()
# process = rwm.get_process_by_id(17056)
# process.open()
# hp_pointer = process.get_pointer(0x7ffccac40000 + 0x40DF480, offsets=[0x50, 0x408, 0x190, 0x88, 0x20, 0x18, 0x78])
# hp = process.read(hp_pointer)
# print(hp)
|
|
发帖前要善用【论坛搜索】功能,那里可能会有你要找的答案或者已经有人发布过相同内容了,请勿重复发帖。 |
|
|
|
|