Exemple #1
0
        /// <summary>
        /// 内存申请
        /// </summary>
        /// <param name="hwnd">窗口句柄</param>
        /// <param name="addr">地址</param>
        /// <param name="size">区域大小</param>
        /// <param name="attr">设置为PAGE_EXECUTE_READWRITE(0x40)时该内存页为可读可写可执行。</param>
        /// <param name="prevValue">内存原始属性类型保存地址</param>
        /// <returns></returns>
        public static int MemoryAlloc(IntPtr hwnd, int addr, int size, int attr, int prevValue)
        {
            IntPtr pid = IntPtr.Zero;

            //获取窗口句柄

            GetWindowThreadProcessId(hwnd, out pid);
            IntPtr hWnd = LoadDll.OpenProcess(0x1F0FFF, false, pid.ToInt32()); //获取进程句柄

            return(VirtualProtectEx(hwnd, addr, 4096, 64, ref prevValue));     //执行VirtualProtectEx函数
        }
Exemple #2
0
        /// <summary>
        /// 初始化游戏
        /// </summary>
        /// <param name="hwnd"></param>
        public void initMhSystem(IntPtr hwnd)
        {
            // string path = "E:\\mh_code\\mh\\mh\\bin\\x86\\Debug\\mhxy_kernel.dll";
            string path = Path.GetFullPath("mhxy_kernel.dll");

            //获取远程进程的函数地址
            mhMsgCallBack = new LoadDll.ResvMhMsg(CallBackHandle);

            //远程调用初始化
            //LoadDll.InitSystemRemoteThread(path, hwnd, this.Handle, mhMsgCallBack);


            //本地初始化
            LoadDll.InitSystemMhxy(path, hwnd, this.Handle, mhMsgCallBack);


            //跳过已经载入的窗口
            if (mh_excute.ContainsKey(hwnd) == false)
            {
                //启动任务处理
                mh_excute[hwnd] = new biz.Execute(hwnd);
            }
            IntPtr pid = IntPtr.Zero;

            //获取窗口句柄
            LoadDll.GetWindowThreadProcessId(hwnd, out pid);
            //放置修改前的保护方式
            Int32 prev = 0;
            //获取进程句柄
            IntPtr hWnd = LoadDll.OpenProcess(0x1F0FFF, false, pid.ToInt32());

            //执行VirtualProtectEx函数
            LoadDll.VirtualProtectEx(hWnd, 0x11000900, 4096, 64, ref prev);
            LoadDll.CloseHandle(hWnd);
            //更新基址
            if (Global.addr == null)
            {
                Global.addr = new mhxy.AddrManager().loadAddr(hwnd.ToInt32());
            }

            //加载用户配置
            string wName = mhxy.Common.GetMHName(hwnd.ToInt32());

            if (wName != "mh")
            {
                //读取用户ID加载配置
                int peopleID = Global.addr.GetPeopleID(hwnd.ToInt32());
                Global.mh_cfg[hwnd] = model.MhxyConfig.GetID(peopleID);
                Log.WriteLine("配置加载:{0}", peopleID);
            }
        }
Exemple #3
0
        /// <summary>
        /// 初始化游戏
        /// </summary>
        /// <param name="hwnd"></param>
        public void initMhxy(IntPtr hwnd)
        {
            //获取梦幻西游句柄
            btn_send.Enabled = true;
            //初始化基本信息
            LoadDll.initmhDll(hwnd.ToInt32(), this.Handle.ToInt32());
            //bug 需要两次
            LoadDll.subPkg(0, hwnd);
            LoadDll.subPkg(1, hwnd);



            //跳过已经载入的窗口
            if (mh_excute.ContainsKey(hwnd) == false)
            {
                //启动任务处理
                mh_excute[hwnd] = new biz.Execute(hwnd);
            }
            IntPtr pid = IntPtr.Zero;

            //获取窗口句柄
            LoadDll.GetWindowThreadProcessId(hwnd, out pid);
            //放置修改前的保护方式
            Int32 prev = 0;
            //获取进程句柄
            IntPtr hWnd = LoadDll.OpenProcess(0x1F0FFF, false, pid.ToInt32());

            //执行VirtualProtectEx函数
            LoadDll.VirtualProtectEx(hWnd, 0x11000900, 4096, 64, ref prev);
            LoadDll.CloseHandle(hWnd);
            //更新基址
            if (Global.addr == null)
            {
                Global.addr = new mhxy.AddrManager().loadAddr(hwnd.ToInt32());
            }

            //加载用户配置
            string wName = mhxy.Common.GetMHName(hwnd.ToInt32());

            if (wName != "mh")
            {
                //读取用户ID加载配置
                int peopleID = Global.addr.GetPeopleID(hwnd.ToInt32());
                Global.mh_cfg[hwnd] = model.MhxyConfig.GetID(peopleID);
                Log.WriteLine("配置加载:{0}", peopleID);
            }
        }
Exemple #4
0
        /// <summary>
        /// 读取浮点数据
        /// </summary>
        /// <param name="hwnd"></param>
        /// <param name="baseAddress"></param>
        /// <returns></returns>
        public static float ReadHwndMemoryFloatValue(IntPtr hwnd, int baseAddress)
        {
            IntPtr pid = IntPtr.Zero;

            //获取窗口句柄
            LoadDll.GetWindowThreadProcessId(hwnd, out pid);

            byte[] buffer      = new byte[4];
            IntPtr byteAddress = Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0);
            IntPtr hProcess    = LoadDll.OpenProcess(0x1F0FFF, false, pid.ToInt32());

            LoadDll.ReadProcessMemory(hProcess, (IntPtr)baseAddress, byteAddress, 4, IntPtr.Zero);
            float ret = BitConverter.ToSingle(buffer, 0);

            //关闭操作
            CloseHandle(hProcess);
            return(ret);
        }