Python注入进程源码

import psutil
import ctypes

# 找到目标进程
target_process_name = “example.exe” # 替换为实际的进程名
target_process = None
for proc in psutil.process_iter([‘name’]):
if proc.info[‘name’] == target_process_name:
target_process = proc
break

if target_process is None:
print(f”未找到进程 {target_process_name}”)
else:
# 打开目标进程
kernel32 = ctypes.windll.kernel32
PROCESS_ALL_ACCESS = 0x1F0FFF
process_handle = kernel32.OpenProcess(PROCESS_ALL_ACCESS, False, target_process.pid)

if process_handle:
# 这里可以进行内存读取操作
buffer = ctypes.create_string_buffer(1024)
bytes_read = ctypes.c_ulong(0)
address = 0x12345678 # 替换为实际的内存地址
success = kernel32.ReadProcessMemory(process_handle, address, buffer, len(buffer), ctypes.byref(bytes_read))
if success:
print(f”读取了 {bytes_read.value} 字节的数据: {buffer.raw[:bytes_read.value]}”)
else:
print(“读取内存失败”)

# 关闭进程句柄
kernel32.CloseHandle(process_handle)
else:
print(“无法打开目标进程”)