C#修改内存外挂源码
2013-11-12 16:21
309 查看
// Program.csusing System;using System.Threading;
/*** 作者:牛A与牛C之间* Q Q:1046559384 C#/Java技术交流群:96020642* 微博:http://weibo.com/flydoos* 博客:http://www.cnblogs.com/flydoos* 日期:2012-01-19** 金钱:0x00A35DB4 + 0x24C* 负载:0x00A35DB4 + 0x52D4**/
namespace RedAlert2
{
class Program
{
private const int BaseAddress = 0x00A35DB4;
private const string ProcessName = "GAME";
static void Main()
{
while (true)
{
if (Helper.GetPidByProcessName(ProcessName) == 0)
{
Console.WriteLine("对不起,您还没有启动红色警戒Ⅱ游戏!");
Console.Read();
return;
}
var moneyAddress = Helper.ReadMemoryValue(BaseAddress, ProcessName) + 0x24C;
Helper.WriteMemoryValue(moneyAddress, ProcessName, 999999999);
Console.WriteLine(DateTime.Now + ":" + Helper.ReadMemoryValue(moneyAddress, ProcessName));
Thread.Sleep(1000);
}
}
}
}
复制代码
// Helper.csusing System;
using System.Diagnostics;
using System.Runtime.InteropServices;
namespace RedAlert2
{
public abstract class Helper
{
#region API
[DllImport("kernel32.dll")]
public static extern bool ReadProcessMemory
(
IntPtr hProcess,
IntPtr lpBaseAddress,
IntPtr lpBuffer,
int nSize,
IntPtr lpNumberOfBytesRead
);
[DllImportAttribute("kernel32.dll")]
public static extern bool WriteProcessMemory
(
IntPtr hProcess,
IntPtr lpBaseAddress,
int[] lpBuffer,
int nSize,
IntPtr lpNumberOfBytesWritten
);
[DllImportAttribute("kernel32.dll")]
public static extern IntPtr OpenProcess
(
int dwDesiredAccess,
bool bInheritHandle,
int dwProcessId
);
[DllImport("kernel32.dll")]
private static extern void CloseHandle
(
IntPtr hObject
);
#endregion
#region 方法
///<summary>
/// 根据窗口标题获取PID
///</summary>
///<param name="windowTitle">窗口标题</param>
///<returns></returns>
public static int GetPidByTitle(string windowTitle)
{
int rs = 0;
Process[] arrayProcess = Process.GetProcesses();
foreach (Process p in arrayProcess)
{
if (p.MainWindowTitle.IndexOf(windowTitle) != -1)
{
rs = p.Id;
break;
}
}
return rs;
}
///<summary>
/// 根据进程名获取PID
///</summary>
///<param name="processName">进程名字</param>
///<returns></returns>
public static int GetPidByProcessName(string processName)
{
Process[] arrayProcess = Process.GetProcessesByName(processName);
foreach (Process p in arrayProcess)
{
return p.Id;
}
return 0;
}
///<summary>
/// 根据窗口标题查找窗口句柄
///</summary>
///<param name="title">窗口标题</param>
///<returns></returns>
public static IntPtr FindWindow(string title)
{
Process[] ps = Process.GetProcesses();
foreach (Process p in ps)
{
if (p.MainWindowTitle.IndexOf(title) != -1)
{
return p.MainWindowHandle;
}
}
return IntPtr.Zero;
}
///<summary>
/// 读取内存中的值
///</summary>
///<param name="baseAddress">地址</param>
///<param name="processName">进程名</param>
///<returns></returns>
public static int ReadMemoryValue(int baseAddress, string processName)
{
try
{
var buffer = new byte[4];
IntPtr byteAddress = Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0); //获取缓冲区地址
IntPtr hProcess = OpenProcess(0x1F0FFF, false, GetPidByProcessName(processName));
ReadProcessMemory(hProcess, (IntPtr) baseAddress, byteAddress, 4, IntPtr.Zero); //将制定内存中的值读入缓冲区
CloseHandle(hProcess);
return Marshal.ReadInt32(byteAddress);
}
catch
{
return 0;
}
}
///<summary>
/// 将值写入指定内存地址中
///</summary>
///<param name="baseAddress">地址</param>
///<param name="processName">进程名</param>
///<param name="value"></param>
public static void WriteMemoryValue(int baseAddress, string processName, int value)
{
IntPtr hProcess = OpenProcess(0x1F0FFF, false, GetPidByProcessName(processName)); //0x1F0FFF 最高权限
WriteProcessMemory(hProcess, (IntPtr) baseAddress, new[] {value}, 4, IntPtr.Zero);
CloseHandle(hProcess);
}
#endregion
}
}复制代码
相关文章推荐
- C#修改内存制作外挂
- [C#] .NET Core项目修改project.json来引用其他目录下的源码等文件的办法 & 解决多框架时 project.json 与 app.config冲突的问题
- C#读写内存也不差!(发布C#编写的作弊器源码)
- C# 红色警戒2无限金钱+电力负载 外挂源码示例
- C#下用zedGraph生成大量数据统计图表的方法(通过修改一些源码)
- c#中用windows api函数修改内存数据
- 2、lib7z-Memory从内存或网络解压数据(分析源码,修改源码)
- 在内存中修改数据的网游外挂
- c#中用windows api函数修改内存数据
- VC在内存中修改数据的网游外挂
- 共享内存操作类(C#源码)
- 微信小程序 跳一跳 外挂 C# winform源码
- (外挂破解)Cheat Engine(内存修改工具)V6.2中文版软件介绍
- c#对xml多属性节点的增加,删除,修改操作源码
- 共享内存操作类(C#源码)
- C#读写内存也不差!(发布C#编写的<植物大战僵尸>作弊器源码)
- C# 红色警戒2无限金钱+电力负载 外挂源码示例
- c#中用windows api函数修改内存数据
- 共享内存操作类(C#源码)[转]
- 共享内存操作类(C#源码)