从零开始编外挂
0 Reply , Posted in 程序代码 on 2017 28, 2017
vb 从零开始编外挂(六)
--------------------------------------------------------------------------------------------------------------------------------------------------------
应用实战
--------------------------------------------------------------------------------------------------------------------------------------------------------
需要vb api函数:
findwindow
getwindowthreadprocessid
openprocess
readprocessmemory
closehandle
--------------------------------------------------------------------------------------------------------------------------------------------------------
相关api声明:
findwindow
↓
private declare function
findwindow lib "user32" alias "findwindowa" ( byval lpclassname as
string , byval lpwindowname as string ) as long
getwindowthreadprocessid
↓
private declare function getwindowthreadprocessid lib "user32" ( byval hwnd as long , lpdwprocessid as long )
as long
openprocess
↓
private
declare function openprocess lib "kernel32" ( byval dwdesiredaccess as
long , byval binherithandle as long , byval dwprocessid as long ) as
long
readprocessmemory
↓
private declare function
readprocessmemory lib "kernel32" ( byval hprocess as long , byval
lpbaseaddress as any , byval lpbuffer as any , byval nsize as long ,
lpnumberofbyteswritten as long ) as long
closehandle
↓
private declare function closehandle lib "kernel32" ( byval hobject as long ) as long
getcurrentprocess
↓
private declare function getcurrentprocess lib "kernel32" () as long
--------------------------------------------------------------------------------------------------------------------------------------------------------
需要的控件: label 、 timer(interval不为空)、text
--------------------------------------------------------------------------------------------------------------------------------------------------------
定义函数:
dim sethp as integer ' 定义设定的体力值
dim setmp as integer ' 定义设定的魔法值
dim nowhp as long ' 定义目前的体力值
dim nowmp as long ' 定义目前的魔法值
dim maxhp as long ' 定义角色的最高体力值
dim maxmp as long ' 定义角色的最高魔法值
dim dizhi as long '定义内存地址函数
dim hwnd as long ' 储存 findwindow 函数返回的句柄
--------------------------------------------------------------------------------------------------------------------------------------------------------
代码:
private declare function findwindow lib "user32" alias
"findwindowa" ( byval lpclassname as string , byval lpwindowname as
string ) as long
private declare function getwindowthreadprocessid lib "user32" ( byval hwnd as long , lpdwprocessid as long )
as long
private
declare function openprocess lib "kernel32" ( byval dwdesiredaccess as
long , byval binherithandle as long , byval dwprocessid as long ) as
long
private declare function readprocessmemory lib "kernel32" (
byval hprocess as long , byval lpbaseaddress as any , byval lpbuffer as
any , byval nsize as long , lpnumberofbyteswritten as long ) as long
private declare function closehandle lib "kernel32" ( byval hobject as long ) as long
private declare function getcurrentprocess lib "kernel32" () as long
dim sethp as integer ' 定义设定的体力值
dim setmp as integer ' 定义设定的魔法值
dim nowhp as long ' 定义目前的体力值
dim nowmp as long ' 定义目前的魔法值
dim maxhp as long ' 定义角色的最高体力值
dim maxmp as long ' 定义角色的最高魔法值
dim dizhi as long '定义内存地址函数
' 声明一些需要的变量
dim hwnd as long ' 储存 findwindow 函数返回的句柄
dim pid as long ' 储存进程标识符( process id )
dim phandle as long ' 储存进程句柄
hwnd = findwindow(vbnullstring, "封神榜·网络版")
' 取得进程标识符
getwindowthreadprocessid hwnd, pid
' 使用进程标识符取得进程句柄
phandle = openprocess(process_all_access, false, pid)
' 在内存地址中读取数据
readprocessmemory phandle, lpaddress, byval varptr(ncnr), 4, 0&
' 关闭进程句柄
closehandle hprocess
end function
const standard_rights_required = &hf0000
const synchronize = &h100000
const specific_rights_all = &hffff
const standard_rights_all = &h1f0000
const process_all_access = standard_rights_required or synchronize or &hfff
const process_vm_operation = &h8&
const process_vm_read = &h10&
const process_vm_wr99ve = &h20&
