Código
Option Explicit Dim hProcess As Long Private Sub cmdBusqueda_Click() Dim Data As String, Buffer As String, Target As Long Dim TmpByte As Byte, TmpInteger As Integer, TmpLong As Long, TmpString As String Dim Pos As Long, Address As Long, FirstByte As String Dim Fin As Boolean, BytesLeidos As Long, BytesRead As Long Dim TotalBytes As Long Fin = False Address = 0 If optByte.Value = True Then TmpByte = Val(txtData.Text) Data = Space(1) Call CopyMemory(ByVal Data, TmpByte, 1) ElseIf optInteger.Value = True Then TmpInteger = Val(txtData.Text) Data = Space(2) Call CopyMemory(ByVal Data, TmpInteger, 2) ElseIf optLong.Value = True Then TmpLong = Val(txtData.Text) Data = Space(4) Call CopyMemory(ByVal Data, TmpLong, 4) Else 'String Data = txtData.Text If optStringUnicode.Value = True Then Data = Unicode(Data) End If End If Dim Tmp As String, X As Integer, PID As Long X = lstProcesos.ListIndex If X = -1 Then Exit Sub Tmp = lstProcesos.List(X) Pos = InStr(1, Tmp, "*") If Pos > 0 Then Tmp = Mid(Tmp, Pos + 1) PID = Val(Tmp) hProcess = OpenProcess(PROCESS_ALL_ACCESS, False, PID) If hProcess = 0 Then MsgBox "No se pudo abrir el proceso", vbCritical, "" Exit Sub End If lstDirecciones.Clear FirstByte = Mid(Data, 1, 1) While (Fin = False) Buffer = Space(5000) Call ReadProcessMemory(hProcess, Address, Buffer, Len(Buffer), BytesLeidos) DoEvents If BytesLeidos > 0 Then Buffer = Left(Buffer, BytesLeidos) Pos = InStr(1, Buffer, FirstByte) If Pos > 0 Then Call ReadProcessMemory(hProcess, Address + Pos - 1, Buffer, Len(Buffer), BytesRead) If BytesRead > 0 Then Buffer = Left(Buffer, BytesRead) If Buffer = Data Then Target = Target + Pos - 1 'dato encontrado lstDirecciones.AddItem Target Address = Target + Len(Data) Else Address = Address + 1 End If Else Address = Address + BytesLeidos End If End If TotalBytes = TotalBytes + BytesLeidos If TotalBytes >= 150000000 Then Fin = True If BytesLeidos < 5000 Then Fin = True Wend Call CloseHandle(hProcess) Me.Caption = TotalBytes End Sub Private Sub cmdRefrescar_Click() Dim Proceso As String, pShot As PROCESSENTRY32 Dim ProcessID As Long, P As Long Dim R32Next As Long, hHelp32 As Long lstProcesos.Clear hHelp32 = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0) pShot.dwSize = Len(pShot) R32Next = Process32First(hHelp32, pShot) While (R32Next <> 0) Proceso = pShot.szExeFile P = InStr(1, Proceso, Chr(0)) If P > 0 Then Proceso = Left(Proceso, P - 1) ProcessID = pShot.th32ProcessID lstProcesos.AddItem Proceso & Space(5) & "*" & ProcessID R32Next = Process32Next(hHelp32, pShot) Wend Call CloseHandle(hHelp32) End Sub Private Sub Form_Load() Call cmdRefrescar_Click End Sub
el codigo abre el proceso seleccionado normalmente pero al ejecutar el readprocessmemory , este no lee nada de memoria, al final del cmdBusqueda_Click agregue "me.caption = TotalBytes" (total de bytes leidos) para ver cuantos bytes lee pero siempre me da "0", intente usar el string buffer con byval y sin byval pero igual no lee:
Código
Call ReadProcessMemory(hProcess, Address, ByVal Buffer, Len(Buffer), BytesLeidos)
Código
Call ReadProcessMemory(hProcess, Address, Buffer, Len(Buffer), BytesLeidos)
en google encontre esta declaracion del api:
Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, ByVal lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
tambien encontre otra casi igual excepto que el parametro lpBuffer no tiene byval, he intentado con ambas formas pero no da resultado.