实例介绍
【实例简介】
【实例截图】
【核心代码】
using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Linq; using System.Text; using System.Windows.Forms; using System.Diagnostics; using System.Runtime.InteropServices; using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Text; using System.Windows.Forms; using System.Runtime.InteropServices; using System.Diagnostics; namespace ThreeEyE_Helper { public partial class csdnf : Form { public csdnf() { InitializeComponent(); } String start = ""; [DllImport("user32.dll")] public static extern Int32 FindWindow(string ClassName, string title); [DllImport("kernel32.dll")] public static extern int VirtualAllocEx(IntPtr hwnd, int lpaddress, int size, int type, int tect); [DllImport("kernel32.dll")] public static extern int WriteProcessMemory(IntPtr hwnd, int baseaddress, string buffer, int nsize, int filewriten); [DllImport("kernel32.dll")] public static extern int GetProcAddress(int hwnd, string lpname); [DllImport("kernel32.dll")] public static extern int GetModuleHandleA(string name); [DllImport("kernel32.dll")] public static extern int CreateRemoteThread(IntPtr hwnd, int attrib, int size, int address, int par, int flags, int threadid); private void Form1_Load(object sender, EventArgs e) { if (AboutMemory.GetPidByProcessName(processname) == 0) { MessageBox.Show("先启动游戏!"); button1.Enabled = true; button2.Enabled = true; } else { label1.Text = "游戏已运行!"; button1.Enabled = true; button2.Enabled = true; } } [DllImport("kernel32.dll")] public static extern int OpenProcess(int dwDesiredAccess, bool bInheritHandle, int dwProcessId); public class AboutMemory { [DllImportAttribute("kernel32.dll", EntryPoint = "ReadProcessMemory")] public static extern bool ReadProcessMemory ( IntPtr lpProcess, IntPtr lpBaseAddress, IntPtr lpBuffer, int nSize, IntPtr BytesRead ); [DllImportAttribute("kernel32.dll", EntryPoint = "OpenProcess")] public static extern IntPtr OpenProcess ( int iAccess, bool Handle, int ProcessID ); [DllImport("kernel32.dll", EntryPoint = "CloseHandle")] private static extern void CloseHandle ( IntPtr hObject ); // [DllImportAttribute("kernel32.dll", EntryPoint = "WriteProcessMemory")] public static extern bool WriteProcessMemory ( IntPtr lpProcess, IntPtr lpBaseAddress, int[] lpBuffer, int nSize, IntPtr BytesWrite ); public static int GetPidByProcessName(string processName) { Process[] ArrayProcess = Process.GetProcessesByName(processName); foreach (Process pro in ArrayProcess) { return pro.Id; } return 0; } public static int ReadMemoryValue(int baseAddress, string ProcessName) { try { byte[] buffer = new byte[4]; IntPtr byteAddress = Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0); IntPtr hProcess = OpenProcess(0x1F0FFF, false, GetPidByProcessName(ProcessName)); ReadProcessMemory(hProcess, (IntPtr)baseAddress, byteAddress, 4, IntPtr.Zero); CloseHandle(hProcess); return Marshal.ReadInt32(byteAddress); } catch { return 0; } } public static void WriteMemoryValue(int baseAddress, string ProcessName, int value) { IntPtr hProcess = OpenProcess(0x1F0FFF, false, GetPidByProcessName(ProcessName)); WriteProcessMemory(hProcess, (IntPtr)baseAddress, new int[] { value }, 4, IntPtr.Zero); CloseHandle(hProcess); } public int conversion(string s) { return int.Parse(s, System.Globalization.NumberStyles.AllowHexSpecifier); } } public string processname = "DNF"; public int baseaddress = csdnf.FindWindow(null, "DNF"); public int ReadMemoryValue(int baseAdd) { return AboutMemory.ReadMemoryValue(baseAdd, processname); } public void WriteMemoryValue(int baseAdd, int value) { AboutMemory.WriteMemoryValue(baseAdd, processname, value); } private void button1_Click(object sender, EventArgs e) { int address = ReadMemoryValue(baseaddress); string value = Convert.ToString(Convert.ToInt32(textBox2.Text), 16); address = address Convert.ToInt32("0x" textBox1.Text, 16); WriteMemoryValue(address, Convert.ToInt32("0x" value, 16)); label1.Text = "修改成功" ReadMemoryValue(address); ; } private void MoneyBtn_Click(object sender, EventArgs e) { try { int address = ReadMemoryValue(baseaddress); string value = Convert.ToString(Convert.ToInt32(start), 16); address = address Convert.ToInt32("0x" textBox1.Text, 16); WriteMemoryValue(address, Convert.ToInt32(" 0x" value, 16)); label1.Text = "还原成功" ReadMemoryValue(address); } catch (Exception) { } } private void Closebtn_Click(object sender, EventArgs e) { this.Close(); } private void textBox1_TextChanged(object sender, EventArgs e) { try { int address = ReadMemoryValue(baseaddress); address = address Convert.ToInt32("0x" textBox1.Text, 16); start = ReadMemoryValue(address).ToString(); label1.Text = start; } catch (Exception) { } } private void button2_Click(object sender, EventArgs e) { int address = ReadMemoryValue(baseaddress); string value = Convert.ToString(Convert.ToInt32(textBox2.Text), 16); address = address Convert.ToInt32("0x" textBox3.Text, 16); address = ReadMemoryValue(address) 0x989; WriteMemoryValue(address, Convert.ToInt32("0x" value, 16)); label1.Text = "修改成功" ReadMemoryValue(address); ; } private void button4_Click(object sender, EventArgs e) { int address = ReadMemoryValue(baseaddress); string value = Convert.ToString(Convert.ToInt32(textBox2.Text), 16); address = address Convert.ToInt32("0x" textBox3.Text, 16); address = ReadMemoryValue(address) 0x989; WriteMemoryValue(address, Convert.ToInt32("0x" value, 16)); label1.Text = "修改成功" ReadMemoryValue(address); ; } private void button5_Click(object sender, EventArgs e) { /* int address = ReadMemoryValue(baseaddress); string value = Convert.ToString(Convert.ToInt32( 0xeb )); address = address Convert.ToInt32( textBox4.Text, 16); WriteMemoryValue(address, Convert.ToInt32( Convert.ToString(value))); label1.Text = "修改成功" ReadMemoryValue(address); ; string value1 = Convert.ToString(Convert.ToInt32(value 0x25)); address = address Convert.ToInt32(textBox5.Text, 16); WriteMemoryValue(address, Convert.ToInt32(Convert.ToString(value1))); */ int address = ReadMemoryValue(baseaddress); string value = Convert.ToString(Convert.ToInt32(0xC3)); address = address Convert.ToInt32(textBox4.Text, 16); WriteMemoryValue(address, Convert.ToInt32(Convert.ToString(value))); label1.Text = "修改成功" ReadMemoryValue(address); ; } private void button7_Click(object sender, EventArgs e) { int ok1; //int ok2; //int hwnd; int baseaddress; int temp = 0; int hack; int yan; string dllname; dllname = "C://dll.dll"; int dlllength; dlllength = dllname.Length 1; Process[] pname = Process.GetProcesses(); foreach (Process name in pname) { //MessageBox.Show(name.ProcessName.ToLower()); if (name.ProcessName.ToLower().IndexOf("DNF") != -1) { baseaddress = VirtualAllocEx(name.Handle, 0, dlllength, 4096, 4); if (baseaddress == 0) { MessageBox.Show("申请内存空间失败!!"); label1.Text = "修改成功" ReadMemoryValue(baseaddress); ; Application.Exit(); } ok1 = WriteProcessMemory(name.Handle, baseaddress, dllname, dlllength, temp); if (ok1 == 0) { MessageBox.Show("写内存失败!!"); label1.Text = "修改成功" ReadMemoryValue(ok1); ; Application.Exit(); } hack = GetProcAddress(GetModuleHandleA("Kernel32"), "LoadLibraryA"); if (hack == 0) { MessageBox.Show("无法取得函数的入口点!!"); label1.Text = "修改成功" ReadMemoryValue(hack); ; Application.Exit(); } yan = CreateRemoteThread(name.Handle, 0, 0, hack, baseaddress, 0, temp); if (yan == 0) { MessageBox.Show("创建远程线程失败!!"); label1.Text = "修改成功" ReadMemoryValue(yan); ; Application.Exit(); } else { MessageBox.Show("已成功注入dll!!"); label1.Text = "修改成功" ReadMemoryValue(yan); ; } } } } } }
好例子网口号:伸出你的我的手 — 分享!
小贴士
感谢您为本站写下的评论,您的评论对其它用户来说具有重要的参考价值,所以请认真填写。
- 类似“顶”、“沙发”之类没有营养的文字,对勤劳贡献的楼主来说是令人沮丧的反馈信息。
- 相信您也不想看到一排文字/表情墙,所以请不要反馈意义不大的重复字符,也请尽量不要纯表情的回复。
- 提问之前请再仔细看一遍楼主的说明,或许是您遗漏了。
- 请勿到处挖坑绊人、招贴广告。既占空间让人厌烦,又没人会搭理,于人于己都无利。
关于好例子网
本站旨在为广大IT学习爱好者提供一个非营利性互相学习交流分享平台。本站所有资源都可以被免费获取学习研究。本站资源来自网友分享,对搜索内容的合法性不具有预见性、识别性、控制性,仅供学习研究,请务必在下载后24小时内给予删除,不得用于其他任何用途,否则后果自负。基于互联网的特殊性,平台无法对用户传输的作品、信息、内容的权属或合法性、安全性、合规性、真实性、科学性、完整权、有效性等进行实质审查;无论平台是否已进行审查,用户均应自行承担因其传输的作品、信息、内容而可能或已经产生的侵权或权属纠纷等法律责任。本站所有资源不代表本站的观点或立场,基于网友分享,根据中国法律《信息网络传播权保护条例》第二十二与二十三条之规定,若资源存在侵权或相关问题请联系本站客服人员,点此联系我们。关于更多版权及免责申明参见 版权及免责申明
网友评论
我要评论