Bootstrap

植物大战僵尸外挂 核心源代码

ExpandedBlockStart.gif 代码

long  setSunMoney()
{
        DWORD pId;
        
        HWND myWnd,gameWnd;
        gameWnd
= FindWindow(NULL,_T( " 植物大战僵尸中文版 " ));
        myWnd
= FindWindow(NULL,_T( " 植物大战僵尸外挂 " ));
        
        DWORD sun,money;
        sun
= (DWORD)GetDlgItemInt(myWnd,IDC_EDIT_SUN,NULL,FALSE);
        money
= (DWORD)GetDlgItemInt(myWnd,IDC_EDIT_MONEY,NULL,FALSE);
        
if (gameWnd == NULL)
        {
                
// MessageBox(myWnd,_T("没有找到游戏!"),_T("Game"),MB_OK);
                 return  FALSE;
        }
        
        GetWindowThreadProcessId(gameWnd,
& pId);
        HANDLE hProcess
= OpenProcess(PROCESS_ALL_ACCESS,FALSE,pId);
        LPVOID lpOneBaseAddress
= (LPVOID) 0x006a9ec0 ;
        DWORD dwOne;
    ReadProcessMemory(
                 hProcess ,            
                 lpOneBaseAddress,  
                 (LPVOID)
& dwOne,   
                 
sizeof (DWORD),    
                 
0                    
        );
        
        LPVOID lpTwoBaseAddress
= (LPVOID)(dwOne + 0x768 );
        DWORD dwTwo;
        
    ReadProcessMemory(
                 hProcess ,            
                 lpTwoBaseAddress,    
                 (LPVOID)
& dwTwo,   
                 
sizeof (DWORD),     
                 
0                    
        );
        LPVOID lpTrueHPAddress
= (LPVOID)(dwTwo + 0x5560 );
/*         DWORD dwHP;
    ReadProcessMemory(
                 hProcess ,         
                 lpTrueHPAddress,  
                 (LPVOID)&dwHP,   
                 sizeof(DWORD),    
                 0                  
        );
*/
        WriteProcessMemory(
                hProcess,             
                lpTrueHPAddress,    
                (LPVOID)
& sun,   
                
sizeof (DWORD),     
                
0                      
        );

        LPVOID lpOneMoney
= (LPVOID) 0x006a9ec0 ;
        DWORD lpOneInfo;
        ReadProcessMemory(hProcess,lpOneMoney,(LPVOID)
& lpOneInfo, sizeof (DWORD), 0 );
        LPVOID lpTwoMoney
= (LPVOID)(lpOneInfo + 0x82c );
        DWORD lpTwoInfo;
        ReadProcessMemory(hProcess,lpTwoMoney,(LPVOID)
& lpTwoInfo, sizeof (DWORD), 0 );
        LPVOID lpThreeMoney
= (LPVOID)(lpTwoInfo + 0x28 );
/*         DWORD lpThreeInfo;
        ReadProcessMemory(hProcess,lpThreeMoney,(LPVOID)&lpThreeInfo,sizeof(DWORD),0);
*/
        
// DWORD money=0xea60;        
        WriteProcessMemory( 
                hProcess,
//  HANDLE hProcess, 
                (LPVOID)lpThreeMoney, //  LPVOID lpBaseAddress, 
                (LPVOID) & money , //  LPVOID lpBuffer, 
                 sizeof (DWORD), //  DWORD nSize, 
                 0 //  LPDWORD lpNumberOfBytesWritten 
        );
                
        
return  TRUE;
 
}

 

ExpandedBlockStart.gif 代码

DWORD GetWindowThreadProcessId(
  HWND hWnd,             
//  handle to window
  LPDWORD lpdwProcessId  //  process identifier
);
 
 
BOOL ReadProcessMemory(
  HANDLE hProcess,              
//  handle to the process
  LPCVOID lpBaseAddress,         //  base of memory area
  LPVOID lpBuffer,               //  data buffer
  SIZE_T nSize,                  //  number of bytes to read
  SIZE_T  *  lpNumberOfBytesRead   //  number of bytes read
);
 
BOOL WriteProcessMemory(
  HANDLE hProcess,                
//  handle to process
  LPVOID lpBaseAddress,  //  base of memory area
  LPCVOID lpBuffer,                //  data buffer
  SIZE_T nSize,                    //  count of bytes to write
  SIZE_T  *  lpNumberOfBytesWritten  //  count of bytes written
);

 

 

转载于:https://www.cnblogs.com/rogee/archive/2010/10/07/1845120.html

;