今天忽然明白了运行时程序补丁的原理:
补丁程序运行,启动应用程序,此时补丁程序利用OpenProcess,WriteProcessMemory写入某个内存即可实现动态Patch程序。Like this:
{....}
var
WindowName: Integer;
ProcessId: Integer;
ThreadId: Integer;
buf: PChar;
HandleWindow: Integer;
Write: Cardinal;
{....}
const
WindowTitle = 'a program name';
Address = $A662D6;
PokeValue = $4A;
NumberOfBytes = 2;
{....}
procedure TForm1.Button1Click(Sender: TObject);
begin
WindowName := FindWindow(nil, WindowTitle);
if WindowName = 0 then
begin
MessageDlg('Program not running.', mtWarning, [mbOK], 0);
end;
ThreadId := GetWindowThreadProcessId(WindowName, @ProcessId);
HandleWindow := OpenProcess(PROCESS_ALL_ACCESS, False, ProcessId);
GetMem(buf, 1);
buf^ := Chr(PokeValue);
WriteProcessMemory(HandleWindow, ptr(Address), buf, NumberOfBytes, Write);
FreeMem(buf);
CloseHandle(HandleWindow);
end;