OpenProcess 返回值是 0
using System;using System.Runtime.InteropServices;namespace Text{ class Program { [DllImport("kernel32.dll ")] public static extern uint OpenProcess(UInt32 dwDesiredAccess, bool bInheritHandle, UInt32 dwProcessId); [DllImport("User32.dll ")] public static extern System.IntPtr FindWindowEx(System.IntPtr parent, System.IntPtr childe, string strclass, string strname); [DllImport("user32.dll")] public static extern uint GetWindowThreadProcessId(IntPtr hwnd, out int pid); [DllImport("Kernel32")] public static extern int GetProcAddress(int handle, String funcname); [DllImport("kernel32", EntryPoint = "GetModuleHandle")] public static extern int GetModuleHandle(string lpModuleName); [DllImport("kernel32", EntryPoint = "WriteProcessMemory")] public static extern int WriteProcessMemory(uint hwnd, UInt32 baseaddress, int lpBuffer, int nsize, int filewriten); static void Main(string[] args) { #region 测试 unsafe { Console.WriteLine("----------Press Any Key To Start----------"); Console.ReadKey(); Console.WriteLine("开始"); const uint PROCESS_ALL_ACCESS = 0x1F0FFF; //定义权限 //const uint PROCESS_VM_READ = 0x0010; //const uint PROCESS_VM_WRITE = 0x0020; //string winName = "计算器"; string winName = "无标题 - 记事本"; IntPtr hwnd = FindWindowEx(System.IntPtr.Zero, System.IntPtr.Zero, null, winName); // 取句柄 int pid; uint dwProcessId = GetWindowThreadProcessId(hwnd, out pid); // 取进程ID uint hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, dwProcessId); // 打开进程 Console.WriteLine("Pid={0}, Hwnd={1},hProcess={2}", pid.ToString(), hwnd, hProcess); if (hProcess > 0) { UInt16 ModiCode = 0xEB; UInt32 MutexAAdd = (UInt32)GetProcAddress(GetModuleHandle("Kernel32.dll"), "CreateMutexA") + 13; WriteProcessMemory(hProcess, (UInt32)MutexAAdd, (int)&ModiCode, System.Runtime.InteropServices.Marshal.SizeOf(ModiCode), 0); Console.WriteLine("MutexAAdd={0}", MutexAAdd); } else { Console.WriteLine("打开失败,hProcess <=0, hProcess={0}", hProcess); } hProcess = 0; Console.WriteLine("Press any key to end"); Console.ReadKey(); } #endregion } }}using System;using System.Runtime.InteropServices;namespace Text{ class Program { [DllImport("kernel32.dll ")] public static extern uint OpenProcess(UInt32 dwDesiredAccess, bool bInheritHandle, int dwProcessId); [DllImport("User32.dll ")] public static extern System.IntPtr FindWindowEx(System.IntPtr parent, System.IntPtr childe, string strclass, string strname); [DllImport("user32.dll")] public static extern uint GetWindowThreadProcessId(IntPtr hwnd, out int pid); [DllImport("Kernel32")] public static extern int GetProcAddress(int handle, String funcname); [DllImport("kernel32", EntryPoint = "GetModuleHandle")] public static extern int GetModuleHandle(string lpModuleName); [DllImport("kernel32", EntryPoint = "WriteProcessMemory")] public static extern int WriteProcessMemory(uint hwnd, UInt32 baseaddress, int lpBuffer, int nsize, int filewriten); static void Main(string[] args) { #region 测试 unsafe { Console.WriteLine("----------Press Any Key To Start----------"); Console.ReadKey(); Console.WriteLine("开始"); const uint PROCESS_ALL_ACCESS = 0x1F0FFF; //定义权限 //const uint PROCESS_VM_READ = 0x0010; //const uint PROCESS_VM_WRITE = 0x0020; //string winName = "计算器"; string winName = "无标题 - 记事本"; IntPtr hwnd = FindWindowEx(System.IntPtr.Zero, System.IntPtr.Zero, null, winName); // 取句柄 int pid; uint dwProcessId = GetWindowThreadProcessId(hwnd, out pid); // 取进程ID uint hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, pid); // 打开进程 Console.WriteLine("Pid={0}, Hwnd={1},hProcess={2}", pid.ToString(), hwnd, hProcess); if (hProcess > 0) { UInt16 ModiCode = 0xEB; UInt32 MutexAAdd = (UInt32)GetProcAddress(GetModuleHandle("Kernel32.dll"), "CreateMutexA") + 13; WriteProcessMemory(hProcess, (UInt32)MutexAAdd, (int)&ModiCode, System.Runtime.InteropServices.Marshal.SizeOf(ModiCode), 0); Console.WriteLine("MutexAAdd={0}", MutexAAdd); } else { Console.WriteLine("打开失败,hProcess <=0, hProcess={0}", hProcess); } hProcess = 0; Console.WriteLine("Press any key to end"); Console.ReadKey(); } #endregion } }}