Beispiel #1
0
        public static void clickWin(int hwnd, int x, int y)
        {
            IntPtr wnd = (IntPtr)hwnd;

            //int lx = LoadDll.ReadHwndMemoryOffsetValue(wnd, Global.addr.ls, 0x64);
            //int ly = LoadDll.ReadHwndMemoryOffsetValue(wnd, Global.addr.ls, 0x68);

            //double xx = (x - lx) * 0.92;
            //double yy = (y - ly) * 0.92;

            //int dx = LoadDll.ReadHwndMemoryOffsetValue(wnd, Global.addr.bX);
            //int dy = LoadDll.ReadHwndMemoryOffsetValue(wnd, new IntPtr(Global.addr.bX + 4).ToInt32());

            //int x1 = (int)xx + dx;
            //int y1 = (int)yy + dy;
            MouseMove(hwnd, x, y);

            //LoadDll.WriteMemoryHwndValue(wnd, Global.addr.bX, BitConverter.GetBytes(x1));
            //LoadDll.WriteMemoryHwndValue(wnd, new IntPtr(Global.addr.bX + 4).ToInt32(), BitConverter.GetBytes(y1));


            // 写入单击事件
            LoadDll.WriteMemoryHwndValue(wnd, new IntPtr(Global.addr.bX - 8).ToInt32(), BitConverter.GetBytes(1));
            System.Threading.Thread.Sleep(80);
            LoadDll.WriteMemoryHwndValue(wnd, new IntPtr(Global.addr.bX - 8).ToInt32(), BitConverter.GetBytes(0));
        }
Beispiel #2
0
        /// <summary>
        /// 隐藏验证窗口
        /// </summary>
        /// <param name="hwnd"></param>
        public static void HideCheckWin(int hwnd)
        {
            int tmpPtr = LoadDll.ReadHwndMemoryOffsetValue((IntPtr)hwnd, Global.addr.win, 0x68, 0x04, 0x68);

            tmpPtr = LoadDll.ReadHwndMemoryValue((IntPtr)hwnd, tmpPtr) + 0x28;

            LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, tmpPtr, BitConverter.GetBytes(1));
        }
Beispiel #3
0
        /// <summary>
        /// 鼠标移动
        /// </summary>
        /// <param name="hwnd"></param>
        /// <param name="x"></param>
        /// <param name="y"></param>
        public static void MouseMove(int hwnd, int x, int y)
        {
            int x1 = Global.addr.bX - 4 ^ x;
            int y1 = Global.addr.bY - 12 ^ y;

            LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, Global.addr.bX, BitConverter.GetBytes(x1));
            LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, Global.addr.bY, BitConverter.GetBytes(y1));
        }
Beispiel #4
0
        /// <summary>
        /// 隐藏或者显示全部UI
        /// </summary>
        /// <param name="hwnd"></param>
        public static void UIShowStatus(int hwnd, bool show)
        {
            int UI = LoadDll.ReadHwndMemoryOffsetValue((IntPtr)hwnd, Global.addr.win, 0x68, 0x8) + 0x28;
            //0显示 1隐藏
            int s = show == true ? 0 : 1;

            show = LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, UI, BitConverter.GetBytes(s));
        }
Beispiel #5
0
 /// <summary>
 /// 任务点击
 /// </summary>
 /// <param name="hwnd"></param>
 /// <param name="x"></param>
 /// <param name="y"></param>
 public static void taskClick(int hwnd, int x, int y)
 {
     Global.mouseMx.WaitOne();
     //获取窗口焦点
     LoadDll.SetForegroundWindow((IntPtr)hwnd);
     //设置窗口显示状态
     LoadDll.SetWindowPos((IntPtr)hwnd, -2, 0, 0, 0, 0, 3);
     System.Threading.Thread.Sleep(1500);
     MouseMove(hwnd, x, y);
     // 写入单击事件
     LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, new IntPtr(Global.addr.bX - 8).ToInt32(), BitConverter.GetBytes(1));
     System.Threading.Thread.Sleep(80);
     LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, new IntPtr(Global.addr.bX - 8).ToInt32(), BitConverter.GetBytes(0));
     Global.mouseMx.ReleaseMutex();
 }
Beispiel #6
0
 /// <summary>
 /// 关闭对话
 /// </summary>
 /// <param name="hwnd"></param>
 public static void CloseDia(int hwnd)
 {
     for (int i = 0; i < 10; i++)
     {
         int show = LoadDll.ReadHwndMemoryOffsetValue((IntPtr)hwnd, Global.addr.win, 0x68, 0x8, 0x68, (i * 4), 0x28);
         int type = LoadDll.ReadHwndMemoryOffsetValue((IntPtr)hwnd, Global.addr.win, 0x68, 0x8, 0x68, (i * 4), 0x18);
         if (show == 0)
         {
             if (type == 641 || type == 579 || type == 465 || type == 544 || type == 550 || type == 278 || type == 370 || type == 290 || type == 641 || type == 581 || type == 544 || type == 425 || type == 360 || type == 362 || type == 190 || type == 500 || type == 560 || type == 410)
             {
                 int addr = LoadDll.ReadHwndMemoryOffsetValue((IntPtr)hwnd, Global.addr.win, 0x68, 0x8, 0x68, (i * 4)) + 0x28;
                 LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, addr, BitConverter.GetBytes(1));
             }
         }
     }
 }
Beispiel #7
0
 public static void HidePlayer(int hwnd)
 {
     LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, Global.addr.shop, BitConverter.GetBytes(122));
 }
Beispiel #8
0
        public bool Init()
        {
            //string t = "[3=08,4=00]={48,32,62,78}[3=07,4=00]={48,32,62,78}";

            //RegisterRule(0x80, t);
            //byte[] b = new byte[] { 0x80, 0x00, 0x00, 0x08, 0x00 };

            ////   byte [] ret=  matchRule(b);
            //return false;
            hwnd        = LoadDll.FindWindow("WSGAME", null).ToInt32();
            Global.addr = new mhxy.AddrManager().loadAddr(hwnd);
            //汇编指令
            byte[] code = { 104, 0, 0, 0, 0, 104, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 87, 191, 0, 0, 46, 0, 141, 127, 1, 136, 12, 16, 131, 63, 0, 117, 10, 232, 128, 0, 0, 0, 131, 63, 0, 116, 77, 131, 127, 5, 0, 117, 11, 232, 70, 0, 0, 0, 131, 127, 5, 0, 116, 60, 133, 192, 117, 13, 96, 106, 255, 255, 55, 185, 54, 17, 159, 117, 255, 209, 97, 139, 95, 5, 136, 76, 24, 4, 131, 248, 3, 114, 31, 15, 183, 90, 1, 131, 195, 2, 57, 216, 114, 20, 139, 95, 5, 199, 3, 1, 0, 0, 0, 96, 255, 55, 187, 30, 17, 159, 117, 255, 211, 97, 95, 194, 12, 0, 96, 141, 79, 9, 81, 106, 0, 106, 2, 186, 11, 75, 159, 117, 255, 210, 104, 0, 32, 0, 0, 49, 210, 82, 82, 106, 2, 80, 186, 193, 24, 159, 117, 255, 210, 95, 87, 137, 71, 5, 97, 195, 96, 141, 79, 21, 81, 106, 0, 104, 1, 0, 31, 0, 186, 239, 239, 160, 117, 255, 210, 95, 87, 137, 7, 97, 195, 49, 192, 232, 0, 0, 0, 0, 89, 139, 121, 39, 133, 255, 116, 19, 49, 219, 102, 187, 0, 4, 137, 7, 137, 4, 59, 141, 60, 95, 137, 7, 137, 4, 59, 95, 91, 89, 194, 8, 0, 104, 0, 0, 0, 0, 104, 0, 0, 0, 0, 104, 0, 0, 0, 0, 104, 0, 0, 0, 0, 104, 0, 0, 0, 0, 104, 0, 0, 0, 0, 104, 0, 0, 0, 0, 104, 0, 0, 0, 0, 131, 124, 36, 24, 0, 117, 12, 232, 131, 0, 0, 0, 131, 124, 36, 24, 0, 116, 115, 131, 124, 36, 28, 0, 117, 12, 232, 161, 0, 0, 0, 131, 124, 36, 28, 0, 116, 96, 96, 106, 255, 255, 116, 36, 60, 185, 54, 17, 159, 117, 255, 209, 97, 49, 200, 139, 76, 36, 24, 133, 210, 117, 17, 60, 241, 117, 13, 15, 182, 89, 5, 131, 195, 2, 137, 95, 16, 198, 1, 1, 49, 219, 102, 187, 0, 4, 128, 57, 1, 15, 68, 68, 17, 4, 141, 12, 25, 137, 68, 17, 4, 137, 17, 141, 12, 25, 128, 57, 1, 15, 68, 68, 17, 4, 141, 12, 25, 137, 68, 17, 4, 96, 255, 116, 36, 60, 187, 30, 17, 159, 117, 255, 211, 97, 131, 196, 32, 95, 91, 89, 194, 8, 0, 96, 141, 76, 36, 48, 81, 106, 0, 106, 2, 187, 11, 75, 159, 117, 255, 211, 104, 0, 32, 0, 0, 49, 219, 83, 83, 106, 2, 80, 186, 193, 24, 159, 117, 255, 210, 137, 68, 36, 60, 139, 76, 36, 32, 137, 65, 210, 97, 195, 96, 141, 76, 36, 36, 81, 106, 0, 104, 1, 0, 31, 0, 186, 239, 239, 160, 117, 255, 210, 137, 68, 36, 64, 139, 76, 36, 32, 137, 65, 186, 97, 195, 0, 0, 0, 0, 0, 0 };

            string hexHwnd = StringUtil.IntToHex(hwnd);

            recvHwnd = new util.ShareMemory("MYs" + hexHwnd, shareSize);
            sendHwnd = new util.ShareMemory("MYf" + hexHwnd, shareSize);
            recvHC   = new util.WinMutex("HCs" + hexHwnd);
            sendHC   = new util.WinMutex("HCf" + hexHwnd);
            Start();
            code = StringUtil.ReplaceBytes(code, 11, 12, GetByteEnd(recvHwnd.HwndName, new byte[] { 0 }));

            code = StringUtil.ReplaceBytes(code, 23, 12, GetByteEnd(recvHC.Name, new byte[] { 0 }));

            byte[] jj = GetByteEnd(sendHwnd.HwndName, new byte[] { 0 });
            byte[] kk = jj.Skip(jj.Length - 4).Take(4).ToArray();
            //=====================================
            code = StringUtil.ReplaceBytes(code, 261, 4, kk);
            kk   = jj.Skip(4).Take(4).ToArray();
            code = StringUtil.ReplaceBytes(code, 266, 4, kk);
            kk   = jj.Skip(0).Take(4).ToArray();
            code = StringUtil.ReplaceBytes(code, 271, 4, kk);

            jj   = GetByteEnd(sendHC.Name, new byte[] { 0 });
            kk   = jj.Skip(jj.Length - 4).Take(4).ToArray();
            code = StringUtil.ReplaceBytes(code, 276, 4, kk);
            kk   = jj.Skip(4).Take(4).ToArray();
            code = StringUtil.ReplaceBytes(code, 281, 4, kk);
            kk   = jj.Skip(0).Take(4).ToArray();
            code = StringUtil.ReplaceBytes(code, 286, 4, kk);
            //====

            int addr = (int)util.WinApi.MallocMemory((IntPtr)hwnd, 4096);

            code = StringUtil.ReplaceBytes(code, 37, 4, BitConverter.GetBytes(addr));

            IntPtr kernelHwnd = util.WinApi.GetModuleHandleA("kernel32.dll");

            int[] moduleAddrs = new int[5];
            moduleAddrs[0] = (int)util.WinApi.GetProcAddress(kernelHwnd, "WaitForSingleObject");
            moduleAddrs[1] = (int)util.WinApi.GetProcAddress(kernelHwnd, "ReleaseMutex");
            moduleAddrs[2] = (int)util.WinApi.GetProcAddress(kernelHwnd, "OpenFileMappingA");
            moduleAddrs[3] = (int)util.WinApi.GetProcAddress(kernelHwnd, "MapViewOfFile");
            moduleAddrs[4] = (int)util.WinApi.GetProcAddress(kernelHwnd, "OpenMutexA");
            int[] oldAddrs = new int[5] {
                1973358902, 1973358878, 1973373707, 1973360833, 1973481455
            };
            int n    = 0;
            int flag = 0;//标志位

            for (int i = 0; i < 10; i++)
            {
                if (flag == 5)
                {
                    flag = 0;
                }
                kk   = BitConverter.GetBytes(oldAddrs[flag]);
                jj   = BitConverter.GetBytes(moduleAddrs[flag]);
                n    = n + 1;
                n    = StringUtil.FindBytes(code, kk, n);
                code = StringUtil.ReplaceBytes(code, n + 1, 4, jj);
                flag++;
            }


            LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, addr, code);

            code = StringUtil.AppendBytes(new byte[] { 104 }, BitConverter.GetBytes(addr + 34), new byte[] { 195 });

            LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, Global.addr.msg, code);

            code = StringUtil.AppendBytes(new byte[] { 104 }, BitConverter.GetBytes(addr + 209), new byte[] { 195 });
            LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, Global.addr.pkgEnd, code);

            code = StringUtil.AppendBytes(new byte[] { 104 }, BitConverter.GetBytes(addr + 249), new byte[] { 195 });
            LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, Global.addr.toPkg, code);



            return(false);
        }