<p><strong>首先,</strong><code>sizeof(c_void_p) = 4;</code></p>
<p>因为<code>0x140000000</code>超过四个字节,它将被截断。在</p>
<p><a href="https://i.stack.imgur.com/17fKr.png" rel="nofollow noreferrer"><img src="https://i.stack.imgur.com/17fKr.png" alt="1"/></a></p>
<p>您可以看到,在相同的环境下,<code>0x40000000</code>和{<cd2>}的结果是相同的。在</p>
<p>您需要将<code>sizeof(c_void_p)</code>更改为<code>sizeof(c_longlong)</code></p>
<p><strong>其次,</strong>根据<a href="https://docs.microsoft.com/en-us/windows/win32/api/memoryapi/nf-memoryapi-writeprocessmemory" rel="nofollow noreferrer">WriteProcessMemory</a>的功能原型</p>
<pre><code>BOOL WriteProcessMemory(
HANDLE hProcess,
LPVOID lpBaseAddress,
LPCVOID lpBuffer,
SIZE_T nSize,
SIZE_T *lpNumberOfBytesWritten
);
</code></pre>
<p>您可以看到<code>lpBuffer</code>的类型是<code>VOID*</code></p>
<p>所以您需要将<code>windll.kernel32.WriteProcessMemory.argtypes = [c_void_p, c_void_p, c_char_p, c_int, c_void_p]</code>更改为<code>windll.kernel32.WriteProcessMemory.argtypes = [c_void_p, c_void_p, c_void_p, c_int, c_void_p]</code></p>
<p><strong>最后,这是修改后的代码。</strong></p>
^{pr2}$
<p><strong>注意:</strong>在<code>hProcess</code>检查<code>* address1</code>时,还应注意类型,并使用长类型来检查<code>address1</code>。在</p>