实例介绍
【实例简介】
【实例截图】
【核心代码】
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
using System.Runtime.InteropServices;
using System.Diagnostics;
namespace ThreeEyE_Helper
{
public partial class csdnf : Form
{
public csdnf()
{
InitializeComponent();
}
String start = "";
[DllImport("user32.dll")]
public static extern Int32 FindWindow(string ClassName, string title);
[DllImport("kernel32.dll")]
public static extern int VirtualAllocEx(IntPtr hwnd, int lpaddress, int size, int type, int tect);
[DllImport("kernel32.dll")]
public static extern int WriteProcessMemory(IntPtr hwnd, int baseaddress, string buffer, int nsize, int filewriten);
[DllImport("kernel32.dll")]
public static extern int GetProcAddress(int hwnd, string lpname);
[DllImport("kernel32.dll")]
public static extern int GetModuleHandleA(string name);
[DllImport("kernel32.dll")]
public static extern int CreateRemoteThread(IntPtr hwnd, int attrib, int size, int address, int par, int flags, int threadid);
private void Form1_Load(object sender, EventArgs e)
{
if (AboutMemory.GetPidByProcessName(processname) == 0)
{
MessageBox.Show("先启动游戏!");
button1.Enabled = true;
button2.Enabled = true;
}
else
{
label1.Text = "游戏已运行!";
button1.Enabled = true;
button2.Enabled = true;
}
}
[DllImport("kernel32.dll")]
public static extern int OpenProcess(int dwDesiredAccess, bool bInheritHandle, int dwProcessId);
public class AboutMemory
{
[DllImportAttribute("kernel32.dll", EntryPoint = "ReadProcessMemory")]
public static extern bool ReadProcessMemory
(
IntPtr lpProcess,
IntPtr lpBaseAddress,
IntPtr lpBuffer,
int nSize,
IntPtr BytesRead
);
[DllImportAttribute("kernel32.dll", EntryPoint = "OpenProcess")]
public static extern IntPtr OpenProcess
(
int iAccess,
bool Handle,
int ProcessID
);
[DllImport("kernel32.dll", EntryPoint = "CloseHandle")]
private static extern void CloseHandle
(
IntPtr hObject
);
//
[DllImportAttribute("kernel32.dll", EntryPoint = "WriteProcessMemory")]
public static extern bool WriteProcessMemory
(
IntPtr lpProcess,
IntPtr lpBaseAddress,
int[] lpBuffer,
int nSize,
IntPtr BytesWrite
);
public static int GetPidByProcessName(string processName)
{
Process[] ArrayProcess = Process.GetProcessesByName(processName);
foreach (Process pro in ArrayProcess)
{
return pro.Id;
}
return 0;
}
public static int ReadMemoryValue(int baseAddress, string ProcessName)
{
try
{
byte[] buffer = new byte[4];
IntPtr byteAddress = Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0);
IntPtr hProcess = OpenProcess(0x1F0FFF, false, GetPidByProcessName(ProcessName));
ReadProcessMemory(hProcess, (IntPtr)baseAddress, byteAddress, 4, IntPtr.Zero);
CloseHandle(hProcess);
return Marshal.ReadInt32(byteAddress);
}
catch
{
return 0;
}
}
public static void WriteMemoryValue(int baseAddress, string ProcessName, int value)
{
IntPtr hProcess = OpenProcess(0x1F0FFF, false, GetPidByProcessName(ProcessName));
WriteProcessMemory(hProcess, (IntPtr)baseAddress, new int[] { value }, 4, IntPtr.Zero);
CloseHandle(hProcess);
}
public int conversion(string s)
{
return int.Parse(s, System.Globalization.NumberStyles.AllowHexSpecifier);
}
}
public string processname = "DNF";
public int baseaddress = csdnf.FindWindow(null, "DNF");
public int ReadMemoryValue(int baseAdd)
{
return AboutMemory.ReadMemoryValue(baseAdd, processname);
}
public void WriteMemoryValue(int baseAdd, int value)
{
AboutMemory.WriteMemoryValue(baseAdd, processname, value);
}
private void button1_Click(object sender, EventArgs e)
{
int address = ReadMemoryValue(baseaddress);
string value = Convert.ToString(Convert.ToInt32(textBox2.Text), 16);
address = address Convert.ToInt32("0x" textBox1.Text, 16);
WriteMemoryValue(address, Convert.ToInt32("0x" value, 16));
label1.Text = "修改成功" ReadMemoryValue(address); ;
}
private void MoneyBtn_Click(object sender, EventArgs e)
{
try
{
int address = ReadMemoryValue(baseaddress);
string value = Convert.ToString(Convert.ToInt32(start), 16);
address = address Convert.ToInt32("0x" textBox1.Text, 16);
WriteMemoryValue(address, Convert.ToInt32(" 0x" value, 16));
label1.Text = "还原成功" ReadMemoryValue(address);
}
catch (Exception)
{
}
}
private void Closebtn_Click(object sender, EventArgs e)
{
this.Close();
}
private void textBox1_TextChanged(object sender, EventArgs e)
{
try
{
int address = ReadMemoryValue(baseaddress);
address = address Convert.ToInt32("0x" textBox1.Text, 16);
start = ReadMemoryValue(address).ToString();
label1.Text = start;
}
catch (Exception)
{
}
}
private void button2_Click(object sender, EventArgs e)
{
int address = ReadMemoryValue(baseaddress);
string value = Convert.ToString(Convert.ToInt32(textBox2.Text), 16);
address = address Convert.ToInt32("0x" textBox3.Text, 16);
address = ReadMemoryValue(address) 0x989;
WriteMemoryValue(address, Convert.ToInt32("0x" value, 16));
label1.Text = "修改成功" ReadMemoryValue(address); ;
}
private void button4_Click(object sender, EventArgs e)
{
int address = ReadMemoryValue(baseaddress);
string value = Convert.ToString(Convert.ToInt32(textBox2.Text), 16);
address = address Convert.ToInt32("0x" textBox3.Text, 16);
address = ReadMemoryValue(address) 0x989;
WriteMemoryValue(address, Convert.ToInt32("0x" value, 16));
label1.Text = "修改成功" ReadMemoryValue(address); ;
}
private void button5_Click(object sender, EventArgs e)
{
/* int address = ReadMemoryValue(baseaddress);
string value = Convert.ToString(Convert.ToInt32( 0xeb ));
address = address Convert.ToInt32( textBox4.Text, 16);
WriteMemoryValue(address, Convert.ToInt32( Convert.ToString(value)));
label1.Text = "修改成功" ReadMemoryValue(address); ;
string value1 = Convert.ToString(Convert.ToInt32(value 0x25));
address = address Convert.ToInt32(textBox5.Text, 16);
WriteMemoryValue(address, Convert.ToInt32(Convert.ToString(value1)));
*/
int address = ReadMemoryValue(baseaddress);
string value = Convert.ToString(Convert.ToInt32(0xC3));
address = address Convert.ToInt32(textBox4.Text, 16);
WriteMemoryValue(address, Convert.ToInt32(Convert.ToString(value)));
label1.Text = "修改成功" ReadMemoryValue(address); ;
}
private void button7_Click(object sender, EventArgs e)
{
int ok1;
//int ok2;
//int hwnd;
int baseaddress;
int temp = 0;
int hack;
int yan;
string dllname;
dllname = "C://dll.dll";
int dlllength;
dlllength = dllname.Length 1;
Process[] pname = Process.GetProcesses();
foreach (Process name in pname)
{
//MessageBox.Show(name.ProcessName.ToLower());
if (name.ProcessName.ToLower().IndexOf("DNF") != -1)
{
baseaddress = VirtualAllocEx(name.Handle, 0, dlllength, 4096, 4);
if (baseaddress == 0)
{
MessageBox.Show("申请内存空间失败!!");
label1.Text = "修改成功" ReadMemoryValue(baseaddress); ;
Application.Exit();
}
ok1 = WriteProcessMemory(name.Handle, baseaddress, dllname, dlllength, temp);
if (ok1 == 0)
{
MessageBox.Show("写内存失败!!");
label1.Text = "修改成功" ReadMemoryValue(ok1); ;
Application.Exit();
}
hack = GetProcAddress(GetModuleHandleA("Kernel32"), "LoadLibraryA");
if (hack == 0)
{
MessageBox.Show("无法取得函数的入口点!!");
label1.Text = "修改成功" ReadMemoryValue(hack); ;
Application.Exit();
}
yan = CreateRemoteThread(name.Handle, 0, 0, hack, baseaddress, 0, temp);
if (yan == 0)
{
MessageBox.Show("创建远程线程失败!!");
label1.Text = "修改成功" ReadMemoryValue(yan); ;
Application.Exit();
}
else
{
MessageBox.Show("已成功注入dll!!");
label1.Text = "修改成功" ReadMemoryValue(yan); ;
}
}
}
}
}
}
好例子网口号:伸出你的我的手 — 分享!
小贴士
感谢您为本站写下的评论,您的评论对其它用户来说具有重要的参考价值,所以请认真填写。
- 类似“顶”、“沙发”之类没有营养的文字,对勤劳贡献的楼主来说是令人沮丧的反馈信息。
- 相信您也不想看到一排文字/表情墙,所以请不要反馈意义不大的重复字符,也请尽量不要纯表情的回复。
- 提问之前请再仔细看一遍楼主的说明,或许是您遗漏了。
- 请勿到处挖坑绊人、招贴广告。既占空间让人厌烦,又没人会搭理,于人于己都无利。
关于好例子网
本站旨在为广大IT学习爱好者提供一个非营利性互相学习交流分享平台。本站所有资源都可以被免费获取学习研究。本站资源来自网友分享,对搜索内容的合法性不具有预见性、识别性、控制性,仅供学习研究,请务必在下载后24小时内给予删除,不得用于其他任何用途,否则后果自负。基于互联网的特殊性,平台无法对用户传输的作品、信息、内容的权属或合法性、安全性、合规性、真实性、科学性、完整权、有效性等进行实质审查;无论平台是否已进行审查,用户均应自行承担因其传输的作品、信息、内容而可能或已经产生的侵权或权属纠纷等法律责任。本站所有资源不代表本站的观点或立场,基于网友分享,根据中国法律《信息网络传播权保护条例》第二十二与二十三条之规定,若资源存在侵权或相关问题请联系本站客服人员,点此联系我们。关于更多版权及免责申明参见 版权及免责申明
网友评论
我要评论