热门标签
热门文章
- 1步进电机基本知识_步进电机知识
- 212.2 算法模型三大框架(Encoder-Only、Encoder-Decoder、Decoder-Only)_bert是encode only的吗
- 3Python编程基础:Python简介及开发环境搭建_python开发环境
- 4c++入门
- 5python视频框架_Python视频编辑库:MoviePy
- 6鸿蒙系统开发【加解密算法库框架】安全
- 7Visual Studio Code 插件Polacode的使用技巧
- 8Weblogic 常见漏洞分析与利用_weblogic漏洞
- 9python cv2.imread 读取中文路径的图片返回为None的问题_imread python 中文
- 10ChatGPT的前世今生,到如今AI领域的竞争格局,本文带你一路回看!_chatgpt——circuit mind
当前位置: article > 正文
C#修改内存制作外挂_c#内存外挂
作者:小惠珠哦 | 2024-08-05 21:25:55
赞
踩
c#内存外挂
完整源码:
//
Program.cs
using System;
using System.Threading;
/*
*
* 作者:牛A与牛C之间
* Q Q:1046559384 C#/Java技术交流群:96020642
* 微博:http://weibo.com/flydoos
* 博客:http://www.cnblogs.com/flydoos
* 日期:2012-01-19
*
* 金钱:0x00A35DB4 + 0x24C
* 负载:0x00A35DB4 + 0x52D4
*
*/
namespace RedAlert2
{
class Program
{
private const int BaseAddress = 0x00A35DB4;
private const string ProcessName = " GAME ";
static void Main()
{
while ( true)
{
if (Helper.GetPidByProcessName(ProcessName) == 0)
{
Console.WriteLine( " 对不起,您还没有启动红色警戒Ⅱ游戏! ");
Console.Read();
return;
}
var moneyAddress = Helper.ReadMemoryValue(BaseAddress, ProcessName) + 0x24C;
Helper.WriteMemoryValue(moneyAddress, ProcessName, 999999999);
Console.WriteLine(DateTime.Now + " : " + Helper.ReadMemoryValue(moneyAddress, ProcessName));
Thread.Sleep( 1000);
}
}
}
}
//
Helper.cs
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;
{
public abstract class Helper
{
#region API
[DllImport( " kernel32.dll ")]
public static extern bool ReadProcessMemory
(
IntPtr hProcess,
IntPtr lpBaseAddress,
IntPtr lpBuffer,
int nSize,
IntPtr lpNumberOfBytesRead
);
[DllImportAttribute( " kernel32.dll ")]
public static extern bool WriteProcessMemory
(
IntPtr hProcess,
IntPtr lpBaseAddress,
int[] lpBuffer,
int nSize,
IntPtr lpNumberOfBytesWritten
);
[DllImportAttribute( " kernel32.dll ")]
public static extern IntPtr OpenProcess
(
int dwDesiredAccess,
bool bInheritHandle,
int dwProcessId
);
[DllImport( " kernel32.dll ")]
private static extern void CloseHandle
(
IntPtr hObject
);
#endregion
#region 方法
/// <summary>
/// 根据窗口标题获取PID
/// </summary>
/// <param name="windowTitle"> 窗口标题 </param>
/// <returns></returns>
public static int GetPidByTitle( string windowTitle)
{
int rs = 0;
Process[] arrayProcess = Process.GetProcesses();
foreach (Process p in arrayProcess)
{
if (p.MainWindowTitle.IndexOf(windowTitle) != - 1)
{
rs = p.Id;
break;
}
}
return rs;
}
/// <summary>
/// 根据进程名获取PID
/// </summary>
/// <param name="processName"> 进程名字 </param>
/// <returns></returns>
public static int GetPidByProcessName( string processName)
{
Process[] arrayProcess = Process.GetProcessesByName(processName);
foreach (Process p in arrayProcess)
{
return p.Id;
}
return 0;
}
/// <summary>
/// 根据窗口标题查找窗口句柄
/// </summary>
/// <param name="title"> 窗口标题 </param>
/// <returns></returns>
public static IntPtr FindWindow( string title)
{
Process[] ps = Process.GetProcesses();
foreach (Process p in ps)
{
if (p.MainWindowTitle.IndexOf(title) != - 1)
{
return p.MainWindowHandle;
}
}
return IntPtr.Zero;
}
/// <summary>
/// 读取内存中的值
/// </summary>
/// <param name="baseAddress"> 地址 </param>
/// <param name="processName"> 进程名 </param>
/// <returns></returns>
public static int ReadMemoryValue( int baseAddress, string processName)
{
try
{
var buffer = new byte[ 4];
IntPtr byteAddress = Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0); // 获取缓冲区地址
IntPtr hProcess = OpenProcess( 0x1F0FFF, false, GetPidByProcessName(processName));
ReadProcessMemory(hProcess, (IntPtr) baseAddress, byteAddress, 4, IntPtr.Zero); // 将制定内存中的值读入缓冲区
CloseHandle(hProcess);
return Marshal.ReadInt32(byteAddress);
}
catch
{
return 0;
}
}
/// <summary>
/// 将值写入指定内存地址中
/// </summary>
/// <param name="baseAddress"> 地址 </param>
/// <param name="processName"> 进程名 </param>
/// <param name="value"></param>
public static void WriteMemoryValue( int baseAddress, string processName, int value)
{
IntPtr hProcess = OpenProcess( 0x1F0FFF, false, GetPidByProcessName(processName)); // 0x1F0FFF 最高权限
WriteProcessMemory(hProcess, (IntPtr) baseAddress, new[] {value}, 4, IntPtr.Zero);
CloseHandle(hProcess);
}
#endregion
}
}
本文内容由网友自发贡献,转载请注明出处:【wpsshop博客】
推荐阅读
相关标签
