public void writeInt32(int lpBaseAddr, Int32 Data, bool IsCheckProtect = false)
{
uint mhProcess = (uint)GetHandle();
//uint mhProcess = (uint)GetHandle();
//Byte[] buffer = new Byte[4];
//IntPtr vBytesAddress = Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0);
//Marshal.WriteInt32(vBytesAddress, Data);
int oldProtect = 0;
if (IsCheckProtect)
{
Win32.Kernel.VirtualProtectEx((IntPtr)mhProcess, (IntPtr)lpBaseAddr, 4, 4, ref oldProtect);
}
write <Int32>((uint)lpBaseAddr, Data);
if (IsCheckProtect)
{
Win32.Kernel.VirtualProtectEx((IntPtr)mhProcess, (IntPtr)lpBaseAddr, 4, oldProtect, ref oldProtect);
}
//MemRWer.closeHandle(mhProcess);
//MemRWer.closeHandle(mhProcess);
MemRWer.closeHandle(mhProcess);
//return result;
}
public byte[] readData(uint lpBaseAddr, uint lenth, byte[] temp = null)
{
if (lpBaseAddr < 0)
{
lpBaseAddr = ((uint)lpBaseAddr & 0xFFFFFFFF);
}
;
uint mhProcess = (uint)GetHandle();
byte[] result;
if (temp == null)
{
result = new byte[lenth];
}
else
{
result = temp;
}
IntPtr vBytesAddress = Marshal.UnsafeAddrOfPinnedArrayElement(result, 0);
//ReadProcessMemory(mhProcess, lpBaseAddr, vBytesAddress, lenth, 0);
readProcessMemory(pid, lpBaseAddr, (int)lenth, vBytesAddress);
MemRWer.closeHandle(mhProcess);
return(result);
}
public SimulationKeys(MemRWer g, CallTool.Function f)
{
WinIo.KeyUpEx(VKKey.VK_DOWN);
WinIo.KeyUpEx(VKKey.VK_UP);
WinIo.KeyUpEx(VKKey.VK_LEFT);
WinIo.KeyUpEx(VKKey.VK_RIGHT);
gMrw = g;
fun = f;
}
public void writedData(uint lpBaseAddr, Byte[] Data, uint lenth)
{
if (lpBaseAddr < 0)
{
lpBaseAddr = ((uint)lpBaseAddr & 0xFFFFFFFF);
}
;
uint mhProcess = (uint)GetHandle();
IntPtr vBytesAddress = Marshal.UnsafeAddrOfPinnedArrayElement(Data, 0);
//WriteProcessMemory(mhProcess, lpBaseAddr, vBytesAddress, lenth, 0);
writeProcessMemory(pid, lpBaseAddr, (int)lenth, vBytesAddress);
MemRWer.closeHandle(mhProcess);
}
public T read <T>(long lpBaseAddr)
{
if (lpBaseAddr < 0)
{
lpBaseAddr = ((uint)lpBaseAddr & 0xFFFFFFFF);
}
;
uint mhProcess = (uint)GetHandle();
T[] t = new T[1];
int size = Marshal.SizeOf(t[0]);
IntPtr vBytesAddress = Marshal.UnsafeAddrOfPinnedArrayElement(t, 0);
//ReadProcessMemory(mhProcess, (uint)lpBaseAddr, vBytesAddress, (uint)size, 0);
readProcessMemory(pid, lpBaseAddr, size, vBytesAddress);
MemRWer.closeHandle(mhProcess);
return(t[0]);
}
public void write <T>(uint lpBaseAddr, T data)
{
if (lpBaseAddr < 0)
{
lpBaseAddr = ((uint)lpBaseAddr & 0xFFFFFFFF);
}
;
uint mhProcess = (uint)GetHandle();
T[] t = new T[1];
t[0] = data;
int size = Marshal.SizeOf(t[0]);
IntPtr vBytesAddress = Marshal.UnsafeAddrOfPinnedArrayElement(t, 0);
// WriteProcessMemory(mhProcess, (uint)lpBaseAddr, vBytesAddress, (uint)size, 0);
writeProcessMemory(pid, lpBaseAddr, (int)size, vBytesAddress);
//MessageBox.Show(Win32.Kernel.GetLastError().ToString());
MemRWer.closeHandle(mhProcess);
}
public void init(MemRWer g, CallTool.Function f)
{
gMrw = g;
fun = f;
}
//常量
public AssemblyTools(Int32 hProcess, Int32 Lenth, MemRWer gMrwA, Action <string> writeLogLine)
{
if (Lenth == 0)
{
Lenth = 0x1000;
}
// gMrw = new MemRWer((uint)hProcess);
mhProcess = hProcess;
gMrw = gMrwA;
int twice = 0;
while (virtualAddr == 0)
{
//0331CCC0 E8 2AA9D25B call 5F0475EF
virtualAddr = /*VirtualAllocEx(hProcess, 0, 0x1000, 0x103000, 0x40)*/ gMrw.readInt32(0x02FF98D0 + 1) + 0x02FF98D0 + 0x100; //033558A0 E8 28203C10 call 137178CD
//033C96A0 E8 BEE26D5A call 5DAA7963
//033558A0 E8 28203C10 call 137178CD
//033560D0 E8 8E181A58 call 5B4F7963
//virtualAddr = GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlFreeMemoryBlockLookaside");
Int32 eid = (Int32)GetLastError();
if (virtualAddr == 0)
{
if (eid == 8L)
{
writeLogLine("由于客户端工作集内存不足,无法分配内存 重试第 " + twice + "次" + "期间最好进行选择角色等操作");
Thread.Sleep(500);
}
else
{
writeLogLine("289行 错误代码 : " + eid);
return;
}
}
if (twice >= 99)
{
writeLogLine("等待次数过多 终止重试");
return;
}
}
hModule = GetModuleHandleA("User32.dll");
if (hModule == IntPtr.Zero)
{
MessageBox.Show("303 行 句柄错误");
}
CallProcAddress = GetProcAddress(hModule, "CallWindowProcW");
GetWindowLongW = GetProcAddress(hModule, "GetWindowLongW");
SetWindowLongW = GetProcAddress(hModule, "SetWindowLongW");
SetTimer = GetProcAddress(hModule, "SetTimer");
KillTimer = GetProcAddress(hModule, "KillTimer");
PostMessage = GetProcAddress(hModule, "PostMessageW");
SendMessage = GetProcAddress(hModule, "SendMessageW");
hModule = GetModuleHandleA("kernel32.dll");
GetTickCount = GetProcAddress(hModule, "GetTickCount");
writeLogLine("GetTickCount = " + GetTickCount);
hModule = GetModuleHandleA("ntdll.dll");
memcpy = GetProcAddress(hModule, "memcpy");
writeLogLine("memcpy = " + memcpy);
//MyGetModuleHandleA = GetProcAddress(hModule, "KillTimer");
hModule = GetModuleHandleA("Kernel32.dll");
MyGetModuleHandleA = GetProcAddress(hModule, "GetModuleHandleA");
GetModuleHandleW = GetProcAddress(hModule, "GetModuleHandleW");
GetLastErrorC = GetProcAddress(hModule, "GetLastError");
//CloseHandle(hProcess);
if (CallProcAddress == 0)
{
MessageBox.Show("306 行 句柄错误");
}
}
