发表新帖
发表新帖

Finding the baseaddress of a running process

前端 未结
关注
2 1058
夕颜
夕颜 2021-01-14 02:49

Ive got the following code:

import subprocess
from ctypes import *

#-Part where I get the PID and declare all variables-#

OpenProcess = windll.kernel32.Ope
2条回答
  • 独厮守ぢ
    独厮守ぢ (楼主)
    2021-01-14 02:58

    See How to enumerate modules in python 64bit for some good code to use. You are looking for 'modBaseAddr'.

    For more info on tagMODULEENTRY32, see http://msdn.microsoft.com/en-us/library/windows/desktop/ms684225(v=vs.85).aspx

    You could also use pymem ('obsolete' project but still works) with the following code (you want modBaseAddr):

      for m in self.listModules():
    if m.szModule==szModule:
      print m.szModule, m.szExePath, m.modBaseAddr

    0 讨论(0)
 看不清?
提交回复
热议问题