public static void clickWin(int hwnd, int x, int y) { IntPtr wnd = (IntPtr)hwnd; //int lx = LoadDll.ReadHwndMemoryOffsetValue(wnd, Global.addr.ls, 0x64); //int ly = LoadDll.ReadHwndMemoryOffsetValue(wnd, Global.addr.ls, 0x68); //double xx = (x - lx) * 0.92; //double yy = (y - ly) * 0.92; //int dx = LoadDll.ReadHwndMemoryOffsetValue(wnd, Global.addr.bX); //int dy = LoadDll.ReadHwndMemoryOffsetValue(wnd, new IntPtr(Global.addr.bX + 4).ToInt32()); //int x1 = (int)xx + dx; //int y1 = (int)yy + dy; MouseMove(hwnd, x, y); //LoadDll.WriteMemoryHwndValue(wnd, Global.addr.bX, BitConverter.GetBytes(x1)); //LoadDll.WriteMemoryHwndValue(wnd, new IntPtr(Global.addr.bX + 4).ToInt32(), BitConverter.GetBytes(y1)); // 写入单击事件 LoadDll.WriteMemoryHwndValue(wnd, new IntPtr(Global.addr.bX - 8).ToInt32(), BitConverter.GetBytes(1)); System.Threading.Thread.Sleep(80); LoadDll.WriteMemoryHwndValue(wnd, new IntPtr(Global.addr.bX - 8).ToInt32(), BitConverter.GetBytes(0)); }
/// <summary> /// 隐藏验证窗口 /// </summary> /// <param name="hwnd"></param> public static void HideCheckWin(int hwnd) { int tmpPtr = LoadDll.ReadHwndMemoryOffsetValue((IntPtr)hwnd, Global.addr.win, 0x68, 0x04, 0x68); tmpPtr = LoadDll.ReadHwndMemoryValue((IntPtr)hwnd, tmpPtr) + 0x28; LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, tmpPtr, BitConverter.GetBytes(1)); }
/// <summary> /// 鼠标移动 /// </summary> /// <param name="hwnd"></param> /// <param name="x"></param> /// <param name="y"></param> public static void MouseMove(int hwnd, int x, int y) { int x1 = Global.addr.bX - 4 ^ x; int y1 = Global.addr.bY - 12 ^ y; LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, Global.addr.bX, BitConverter.GetBytes(x1)); LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, Global.addr.bY, BitConverter.GetBytes(y1)); }
/// <summary> /// 隐藏或者显示全部UI /// </summary> /// <param name="hwnd"></param> public static void UIShowStatus(int hwnd, bool show) { int UI = LoadDll.ReadHwndMemoryOffsetValue((IntPtr)hwnd, Global.addr.win, 0x68, 0x8) + 0x28; //0显示 1隐藏 int s = show == true ? 0 : 1; show = LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, UI, BitConverter.GetBytes(s)); }
/// <summary> /// 任务点击 /// </summary> /// <param name="hwnd"></param> /// <param name="x"></param> /// <param name="y"></param> public static void taskClick(int hwnd, int x, int y) { Global.mouseMx.WaitOne(); //获取窗口焦点 LoadDll.SetForegroundWindow((IntPtr)hwnd); //设置窗口显示状态 LoadDll.SetWindowPos((IntPtr)hwnd, -2, 0, 0, 0, 0, 3); System.Threading.Thread.Sleep(1500); MouseMove(hwnd, x, y); // 写入单击事件 LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, new IntPtr(Global.addr.bX - 8).ToInt32(), BitConverter.GetBytes(1)); System.Threading.Thread.Sleep(80); LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, new IntPtr(Global.addr.bX - 8).ToInt32(), BitConverter.GetBytes(0)); Global.mouseMx.ReleaseMutex(); }
/// <summary> /// 关闭对话 /// </summary> /// <param name="hwnd"></param> public static void CloseDia(int hwnd) { for (int i = 0; i < 10; i++) { int show = LoadDll.ReadHwndMemoryOffsetValue((IntPtr)hwnd, Global.addr.win, 0x68, 0x8, 0x68, (i * 4), 0x28); int type = LoadDll.ReadHwndMemoryOffsetValue((IntPtr)hwnd, Global.addr.win, 0x68, 0x8, 0x68, (i * 4), 0x18); if (show == 0) { if (type == 641 || type == 579 || type == 465 || type == 544 || type == 550 || type == 278 || type == 370 || type == 290 || type == 641 || type == 581 || type == 544 || type == 425 || type == 360 || type == 362 || type == 190 || type == 500 || type == 560 || type == 410) { int addr = LoadDll.ReadHwndMemoryOffsetValue((IntPtr)hwnd, Global.addr.win, 0x68, 0x8, 0x68, (i * 4)) + 0x28; LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, addr, BitConverter.GetBytes(1)); } } } }
public static void HidePlayer(int hwnd) { LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, Global.addr.shop, BitConverter.GetBytes(122)); }
public bool Init() { //string t = "[3=08,4=00]={48,32,62,78}[3=07,4=00]={48,32,62,78}"; //RegisterRule(0x80, t); //byte[] b = new byte[] { 0x80, 0x00, 0x00, 0x08, 0x00 }; //// byte [] ret= matchRule(b); //return false; hwnd = LoadDll.FindWindow("WSGAME", null).ToInt32(); Global.addr = new mhxy.AddrManager().loadAddr(hwnd); //汇编指令 byte[] code = { 104, 0, 0, 0, 0, 104, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 87, 191, 0, 0, 46, 0, 141, 127, 1, 136, 12, 16, 131, 63, 0, 117, 10, 232, 128, 0, 0, 0, 131, 63, 0, 116, 77, 131, 127, 5, 0, 117, 11, 232, 70, 0, 0, 0, 131, 127, 5, 0, 116, 60, 133, 192, 117, 13, 96, 106, 255, 255, 55, 185, 54, 17, 159, 117, 255, 209, 97, 139, 95, 5, 136, 76, 24, 4, 131, 248, 3, 114, 31, 15, 183, 90, 1, 131, 195, 2, 57, 216, 114, 20, 139, 95, 5, 199, 3, 1, 0, 0, 0, 96, 255, 55, 187, 30, 17, 159, 117, 255, 211, 97, 95, 194, 12, 0, 96, 141, 79, 9, 81, 106, 0, 106, 2, 186, 11, 75, 159, 117, 255, 210, 104, 0, 32, 0, 0, 49, 210, 82, 82, 106, 2, 80, 186, 193, 24, 159, 117, 255, 210, 95, 87, 137, 71, 5, 97, 195, 96, 141, 79, 21, 81, 106, 0, 104, 1, 0, 31, 0, 186, 239, 239, 160, 117, 255, 210, 95, 87, 137, 7, 97, 195, 49, 192, 232, 0, 0, 0, 0, 89, 139, 121, 39, 133, 255, 116, 19, 49, 219, 102, 187, 0, 4, 137, 7, 137, 4, 59, 141, 60, 95, 137, 7, 137, 4, 59, 95, 91, 89, 194, 8, 0, 104, 0, 0, 0, 0, 104, 0, 0, 0, 0, 104, 0, 0, 0, 0, 104, 0, 0, 0, 0, 104, 0, 0, 0, 0, 104, 0, 0, 0, 0, 104, 0, 0, 0, 0, 104, 0, 0, 0, 0, 131, 124, 36, 24, 0, 117, 12, 232, 131, 0, 0, 0, 131, 124, 36, 24, 0, 116, 115, 131, 124, 36, 28, 0, 117, 12, 232, 161, 0, 0, 0, 131, 124, 36, 28, 0, 116, 96, 96, 106, 255, 255, 116, 36, 60, 185, 54, 17, 159, 117, 255, 209, 97, 49, 200, 139, 76, 36, 24, 133, 210, 117, 17, 60, 241, 117, 13, 15, 182, 89, 5, 131, 195, 2, 137, 95, 16, 198, 1, 1, 49, 219, 102, 187, 0, 4, 128, 57, 1, 15, 68, 68, 17, 4, 141, 12, 25, 137, 68, 17, 4, 137, 17, 141, 12, 25, 128, 57, 1, 15, 68, 68, 17, 4, 141, 12, 25, 137, 68, 17, 4, 96, 255, 116, 36, 60, 187, 30, 17, 159, 117, 255, 211, 97, 131, 196, 32, 95, 91, 89, 194, 8, 0, 96, 141, 76, 36, 48, 81, 106, 0, 106, 2, 187, 11, 75, 159, 117, 255, 211, 104, 0, 32, 0, 0, 49, 219, 83, 83, 106, 2, 80, 186, 193, 24, 159, 117, 255, 210, 137, 68, 36, 60, 139, 76, 36, 32, 137, 65, 210, 97, 195, 96, 141, 76, 36, 36, 81, 106, 0, 104, 1, 0, 31, 0, 186, 239, 239, 160, 117, 255, 210, 137, 68, 36, 64, 139, 76, 36, 32, 137, 65, 186, 97, 195, 0, 0, 0, 0, 0, 0 }; string hexHwnd = StringUtil.IntToHex(hwnd); recvHwnd = new util.ShareMemory("MYs" + hexHwnd, shareSize); sendHwnd = new util.ShareMemory("MYf" + hexHwnd, shareSize); recvHC = new util.WinMutex("HCs" + hexHwnd); sendHC = new util.WinMutex("HCf" + hexHwnd); Start(); code = StringUtil.ReplaceBytes(code, 11, 12, GetByteEnd(recvHwnd.HwndName, new byte[] { 0 })); code = StringUtil.ReplaceBytes(code, 23, 12, GetByteEnd(recvHC.Name, new byte[] { 0 })); byte[] jj = GetByteEnd(sendHwnd.HwndName, new byte[] { 0 }); byte[] kk = jj.Skip(jj.Length - 4).Take(4).ToArray(); //===================================== code = StringUtil.ReplaceBytes(code, 261, 4, kk); kk = jj.Skip(4).Take(4).ToArray(); code = StringUtil.ReplaceBytes(code, 266, 4, kk); kk = jj.Skip(0).Take(4).ToArray(); code = StringUtil.ReplaceBytes(code, 271, 4, kk); jj = GetByteEnd(sendHC.Name, new byte[] { 0 }); kk = jj.Skip(jj.Length - 4).Take(4).ToArray(); code = StringUtil.ReplaceBytes(code, 276, 4, kk); kk = jj.Skip(4).Take(4).ToArray(); code = StringUtil.ReplaceBytes(code, 281, 4, kk); kk = jj.Skip(0).Take(4).ToArray(); code = StringUtil.ReplaceBytes(code, 286, 4, kk); //==== int addr = (int)util.WinApi.MallocMemory((IntPtr)hwnd, 4096); code = StringUtil.ReplaceBytes(code, 37, 4, BitConverter.GetBytes(addr)); IntPtr kernelHwnd = util.WinApi.GetModuleHandleA("kernel32.dll"); int[] moduleAddrs = new int[5]; moduleAddrs[0] = (int)util.WinApi.GetProcAddress(kernelHwnd, "WaitForSingleObject"); moduleAddrs[1] = (int)util.WinApi.GetProcAddress(kernelHwnd, "ReleaseMutex"); moduleAddrs[2] = (int)util.WinApi.GetProcAddress(kernelHwnd, "OpenFileMappingA"); moduleAddrs[3] = (int)util.WinApi.GetProcAddress(kernelHwnd, "MapViewOfFile"); moduleAddrs[4] = (int)util.WinApi.GetProcAddress(kernelHwnd, "OpenMutexA"); int[] oldAddrs = new int[5] { 1973358902, 1973358878, 1973373707, 1973360833, 1973481455 }; int n = 0; int flag = 0;//标志位 for (int i = 0; i < 10; i++) { if (flag == 5) { flag = 0; } kk = BitConverter.GetBytes(oldAddrs[flag]); jj = BitConverter.GetBytes(moduleAddrs[flag]); n = n + 1; n = StringUtil.FindBytes(code, kk, n); code = StringUtil.ReplaceBytes(code, n + 1, 4, jj); flag++; } LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, addr, code); code = StringUtil.AppendBytes(new byte[] { 104 }, BitConverter.GetBytes(addr + 34), new byte[] { 195 }); LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, Global.addr.msg, code); code = StringUtil.AppendBytes(new byte[] { 104 }, BitConverter.GetBytes(addr + 209), new byte[] { 195 }); LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, Global.addr.pkgEnd, code); code = StringUtil.AppendBytes(new byte[] { 104 }, BitConverter.GetBytes(addr + 249), new byte[] { 195 }); LoadDll.WriteMemoryHwndValue((IntPtr)hwnd, Global.addr.toPkg, code); return(false); }