/// <summary>
/// 读取窗口句柄中的值
/// </summary>
/// <param name="hwnd"></param>
/// <param name="offset"></param>
/// <returns></returns>
public static int ReadHwndMemoryOffsetValue(IntPtr hwnd, params int[] offset)
{
IntPtr pid = IntPtr.Zero;
//获取窗口句柄
LoadDll.GetWindowThreadProcessId(hwnd, out pid);
int ret = ReadMemoryOffsetValue(pid.ToInt32(), offset);
return(ret);
}
/// <summary>
/// 读取句柄中内存的值
/// </summary>
/// <param name="hwnd"></param>
/// <param name="baseAddress"></param>
/// <returns></returns>
public static int ReadHwndMemoryValue(IntPtr hwnd, int baseAddress)
{
IntPtr pid = IntPtr.Zero;
//获取窗口句柄
LoadDll.GetWindowThreadProcessId(hwnd, out pid);
int ret = LoadDll.ReadMemoryValue(pid.ToInt32(), baseAddress);
return(ret);
}
/// <summary>
/// 获取句柄进程,记得关闭
/// </summary>
/// <param name="hwnd"></param>
/// <returns></returns>
public static IntPtr GetHwndProcess(IntPtr hwnd)
{
IntPtr pid = IntPtr.Zero;
//获取窗口句柄
LoadDll.GetWindowThreadProcessId(hwnd, out pid);
IntPtr hProcess = OpenProcess(0xFFFFF, false, pid.ToInt32());
return(hProcess);
}
/// <summary>
/// 初始化游戏
/// </summary>
/// <param name="hwnd"></param>
public void initMhSystem(IntPtr hwnd)
{
// string path = "E:\\mh_code\\mh\\mh\\bin\\x86\\Debug\\mhxy_kernel.dll";
string path = Path.GetFullPath("mhxy_kernel.dll");
//获取远程进程的函数地址
mhMsgCallBack = new LoadDll.ResvMhMsg(CallBackHandle);
//远程调用初始化
//LoadDll.InitSystemRemoteThread(path, hwnd, this.Handle, mhMsgCallBack);
//本地初始化
LoadDll.InitSystemMhxy(path, hwnd, this.Handle, mhMsgCallBack);
//跳过已经载入的窗口
if (mh_excute.ContainsKey(hwnd) == false)
{
//启动任务处理
mh_excute[hwnd] = new biz.Execute(hwnd);
}
IntPtr pid = IntPtr.Zero;
//获取窗口句柄
LoadDll.GetWindowThreadProcessId(hwnd, out pid);
//放置修改前的保护方式
Int32 prev = 0;
//获取进程句柄
IntPtr hWnd = LoadDll.OpenProcess(0x1F0FFF, false, pid.ToInt32());
//执行VirtualProtectEx函数
LoadDll.VirtualProtectEx(hWnd, 0x11000900, 4096, 64, ref prev);
LoadDll.CloseHandle(hWnd);
//更新基址
if (Global.addr == null)
{
Global.addr = new mhxy.AddrManager().loadAddr(hwnd.ToInt32());
}
//加载用户配置
string wName = mhxy.Common.GetMHName(hwnd.ToInt32());
if (wName != "mh")
{
//读取用户ID加载配置
int peopleID = Global.addr.GetPeopleID(hwnd.ToInt32());
Global.mh_cfg[hwnd] = model.MhxyConfig.GetID(peopleID);
Log.WriteLine("配置加载:{0}", peopleID);
}
}
/// <summary>
/// 初始化游戏
/// </summary>
/// <param name="hwnd"></param>
public void initMhxy(IntPtr hwnd)
{
//获取梦幻西游句柄
btn_send.Enabled = true;
//初始化基本信息
LoadDll.initmhDll(hwnd.ToInt32(), this.Handle.ToInt32());
//bug 需要两次
LoadDll.subPkg(0, hwnd);
LoadDll.subPkg(1, hwnd);
//跳过已经载入的窗口
if (mh_excute.ContainsKey(hwnd) == false)
{
//启动任务处理
mh_excute[hwnd] = new biz.Execute(hwnd);
}
IntPtr pid = IntPtr.Zero;
//获取窗口句柄
LoadDll.GetWindowThreadProcessId(hwnd, out pid);
//放置修改前的保护方式
Int32 prev = 0;
//获取进程句柄
IntPtr hWnd = LoadDll.OpenProcess(0x1F0FFF, false, pid.ToInt32());
//执行VirtualProtectEx函数
LoadDll.VirtualProtectEx(hWnd, 0x11000900, 4096, 64, ref prev);
LoadDll.CloseHandle(hWnd);
//更新基址
if (Global.addr == null)
{
Global.addr = new mhxy.AddrManager().loadAddr(hwnd.ToInt32());
}
//加载用户配置
string wName = mhxy.Common.GetMHName(hwnd.ToInt32());
if (wName != "mh")
{
//读取用户ID加载配置
int peopleID = Global.addr.GetPeopleID(hwnd.ToInt32());
Global.mh_cfg[hwnd] = model.MhxyConfig.GetID(peopleID);
Log.WriteLine("配置加载:{0}", peopleID);
}
}
/// <summary>
/// 读取浮点数据
/// </summary>
/// <param name="hwnd"></param>
/// <param name="baseAddress"></param>
/// <returns></returns>
public static float ReadHwndMemoryFloatValue(IntPtr hwnd, int baseAddress)
{
IntPtr pid = IntPtr.Zero;
//获取窗口句柄
LoadDll.GetWindowThreadProcessId(hwnd, out pid);
byte[] buffer = new byte[4];
IntPtr byteAddress = Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0);
IntPtr hProcess = LoadDll.OpenProcess(0x1F0FFF, false, pid.ToInt32());
LoadDll.ReadProcessMemory(hProcess, (IntPtr)baseAddress, byteAddress, 4, IntPtr.Zero);
float ret = BitConverter.ToSingle(buffer, 0);
//关闭操作
CloseHandle(hProcess);
return(ret);
}
//将值写入指定内存地址中
public static bool WriteMemoryHwndValue(IntPtr hwnd, int baseAddress, byte[] value)
{
bool ret = false;
IntPtr pid = IntPtr.Zero;
//获取窗口句柄
LoadDll.GetWindowThreadProcessId(hwnd, out pid);
try
{
//打开一个已存在的进程对象 0x1F0FFF 最高权限
IntPtr hProcess = OpenProcess(0x1F0FFF, false, pid.ToInt32());
//从指定内存中写入字节集数据
ret = WriteProcessMemory(hProcess, (IntPtr)baseAddress, value, value.Length, IntPtr.Zero);
//关闭操作
CloseHandle(hProcess);
}
catch { }
return(ret);
}