给你一个例子
QQRN:
我用VB写了一个简单的修改数据的程序,在NT和WIN98上运行都没有问题。搜索的数据类型只支持Integer类型,用法和过去的GameBuster和FPE相同。
1:先运行应用程序
2:输入一个数值,然后搜索。
3:等应用程序的这个数值变化之后,把变化后的数值输入进去,再次搜索。直到搜索结果为1。
4: 输入一个想要改变的数值,然后 修改。
用这个程序对付一般的游戏应该没什么问题。VERSION 5.00
Begin VB.Form Form1
Caption = "Form1"
ClientHeight = 3885
ClientLeft = 60
ClientTop = 345
ClientWidth = 6120
LinkTopic = "Form1"
ScaleHeight = 3885
ScaleWidth = 6120
StartUpPosition = 3 'Windows Default
Begin VB.CommandButton btnReset
Caption = "Reset"
Height = 345
Left = 2370
TabIndex = 9
Top = 1500
Width = 945
End
Begin VB.CommandButton btnModify
Caption = "修改"
Height = 375
Left = 3720
TabIndex = 8
Top = 1440
Width = 915
End
Begin VB.CommandButton btnSearch
Caption = "搜索"
Height = 405
Left = 930
TabIndex = 7
Top = 1440
Width = 975
End
Begin VB.TextBox txtValue
BeginProperty Font
Name = "Fixedsys"
Size = 12
Charset = 134
Weight = 400
Underline = 0 'False
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
Height = 375
Left = 1170
TabIndex = 4
Text = "123"
Top = 810
Width = 1425
End
Begin VB.CommandButton btnExecute
Caption = "运行"
Height = 375
Left = 4800
TabIndex = 2
Top = 210
Width = 945
End
Begin VB.TextBox txtApp
Height = 375
Left = 1170
TabIndex = 1
Text = "test.exe"
Top = 240
Width = 3495
End
Begin VB.Label lblCount
Alignment = 1 'Right Justify
BorderStyle = 1 'Fixed Single
Caption = "0"
BeginProperty Font
Name = "Fixedsys"
Size = 12
Charset = 134
Weight = 400
Underline = 0 'False
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
Height = 315
Left = 3990
TabIndex = 6
Top = 810
Width = 1125
End
Begin VB.Label Label3
AutoSize = -1 'True
Caption = "搜索结果:"
Height = 195
Left = 3030
TabIndex = 5
Top = 870
Width = 900
End
Begin VB.Label Label2
AutoSize = -1 'True
Caption = "数值:"
Height = 195
Left = 240
TabIndex = 3
Top = 900
Width = 540
End
Begin VB.Label Label1
AutoSize = -1 'True
Caption = "应用程序:"
Height = 195
Left = 240
TabIndex = 0
Top = 330
Width = 900
End
End
Attribute VB_Name = "Form1"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
Option Explicit
Private Declare Function OpenProcess Lib "Kernel32.dll" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
'dwDesiredAccess 存取方式,一般用PROCESS_ALL_ACCESS就可以
'bInheritHandle 这里不用,必须是0
'dwProcessId 进程ID,自己想办法得到它,可用GetWindowThreadProcessId等函数,
' 或是在VB里用Shell命令执行程序返回的值
'返回 进程HandlePrivate Declare Function ReadProcessMemory Lib "Kernel32.dll" (ByVal hProcess As Long, ByVal lpBaseAddress As Long, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesRead As Long) As Long
Private Declare Function WriteProcessMemory Lib "Kernel32.dll" (ByVal hProcess As Long, ByVal lpBaseAddress As Long, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Any) As Long
'hProcess 进程Handle
'lpBaseAddress 指定的地址
'lpBuffer 读/写的缓冲区
'nSize lpBuffer的大小(字节数)
'lpNumberOfBytesWritten 完成读写的字节数
'返回 非0 成功,0 失败Private Type MEMORY_BASIC_INFORMATION
BaseAddress As Long
AllocationBase As Long
AllocattionProtect As Long
RegionSize As Long
State As Long
Protect As Long
Type As Long
End Type
Private Declare Function VirtualQueryEx Lib "Kernel32.dll" (ByVal hProcess As Long, ByVal lpAddress As Long, info As MEMORY_BASIC_INFORMATION, ByVal dwLength As Long) As Long
Private Declare Function CloseHandle Lib "Kernel32.dll" (ByVal handle As Long) As Long
Private Const PROCESS_TERMINATE = &H1&
Private Const PROCESS_CREATE_THREAD = &H2&
Private Const PROCESS_SET_SESSIONID = &H4&
Private Const PROCESS_VM_OPERATION = &H8&
Private Const PROCESS_VM_READ = &H10&
Private Const PROCESS_VM_WRITE = &H20&
Private Const PROCESS_DUP_HANDLE = &H40&
Private Const PROCESS_CREATE_PROCESS = &H80&
Private Const PROCESS_SET_QUOTA = &H100&
Private Const PROCESS_SET_INFORMATION = &H200&
Private Const PROCESS_QUERY_INFORMATION = &H400&
Private Const PROCESS_ALL_ACCESS = &H1F0FFFPrivate Const PAGE_NOACCESS = &H1
Private Const PAGE_READONLY = &H2
Private Const PAGE_READWRITE = &H4
Private Const PAGE_WRITECOPY = &H8
Private Const PAGE_EXECUTE = &H10
Private Const PAGE_EXECUTE_READ = &H20
Private Const PAGE_EXECUTE_READWRITE = &H40
Private Const PAGE_EXECUTE_WRITECOPY = &H80
Private Const PAGE_GUARD = &H100
Private Const PAGE_NOCACHE = &H200
Private Const PAGE_WRITECOMBINE = &H400
Private Const MEM_COMMIT = &H1000
Private Const MEM_RESERVE = &H2000
Private Const MEM_DECOMMIT = &H4000
Private Const MEM_RELEASE = &H8000
Private Const MEM_FREE = &H10000
Private Const MEM_PRIVATE = &H20000
Private Const MEM_MAPPED = &H40000
Private Const MEM_RESET = &H80000
Private Const MEM_TOP_DOWN = &H100000
Private Const MEM_4MB_PAGES = &H80000000
Private Const SEC_FILE = &H800000
Private Const SEC_IMAGE = &H1000000
Private Const SEC_VLM = &H2000000
Private Const SEC_RESERVE = &H4000000
Private Const SEC_COMMIT = &H8000000
Private Const SEC_NOCACHE = &H10000000
Private Const MEM_IMAGE = SEC_IMAGEPrivate ProcessID As Long
Private Addrs As Collection
Private SearchValue As Integer
Const MAXCOUNT = 10000
Private Buffer() As Byte
Private BufferLength As Long
Private Property Get SearchCount() As Long
If Addrs Is Nothing Then
SearchCount = 0
Else
SearchCount = Addrs.Count
End If
End PropertyPrivate Sub btnExecute_Click()
ProcessID = Shell(txtApp.Text, vbNormalFocus)
EnableButtons
End Sub
Private Function GetValue() As Boolean
On Error GoTo VAL_FAIL
SearchValue = Val(txtValue.Text)
txtValue.Text = SearchValue
GetValue = True
Exit Function
VAL_FAIL:
MsgBox "please enter a integer between -32768 to 32767"
End Function
Private Sub btnModify_Click()
If Not GetValue Then
Exit Sub
End If
Dim hProcess As Long
hProcess = OpenProcess(PROCESS_VM_WRITE + PROCESS_VM_OPERATION, 0&, ProcessID)
If hProcess = 0 Then
MsgBox "can't open process"
Exit Sub
End If
Dim r As Long
Dim n As Long
Dim i As Long
For i = 1 To Addrs.Count
r = WriteProcessMemory(hProcess, CLng(Addrs.Item(i)), SearchValue, 2&, n)
If r = 0 Then
MsgBox "modify fail"
End If
Next i
CloseHandle (hProcess)
End SubPrivate Sub btnReset_Click()
Set Addrs = Nothing
EnableButtons
End SubPrivate Sub btnSearch_Click()
If Not GetValue Then
Exit Sub
End If
Dim hProcess As Long
hProcess = OpenProcess(PROCESS_VM_READ + PROCESS_QUERY_INFORMATION, 0&, ProcessID)
If hProcess = 0 Then
MsgBox "can't open process"
Exit Sub
End If
Dim base As Long
Dim cVal As Integer
Dim i As Long
Dim n As Long
Dim r As Long
Dim info As MEMORY_BASIC_INFORMATION
Dim col As Collection
Set col = New Collection
If SearchCount > 0 Then
For i = 1 To SearchCount
base = CLng(Addrs.Item(i))
If ReadProcessMemory(hProcess, base, cVal, 2&, n) > 0 Then
If cVal = SearchValue Then
col.Add base
End If
End If
Next i
Else
base = 0
On Error GoTo SEARCH_FINISH
Do While True
If VirtualQueryEx(hProcess, base, info, Len(info)) = 0 Then
Exit Do
End If
If info.Type <> 0 Then
If info.Protect = PAGE_READWRITE Then
If info.RegionSize > BufferLength Then
BufferLength = info.RegionSize
ReDim Buffer(0 To BufferLength) As Byte
End If
r = ReadProcessMemory(hProcess, info.BaseAddress, Buffer(0), info.RegionSize, n)
If r > 0 Then
For i = 0 To n - 1
Dim temp As Long
temp = CLng(Buffer(i)) + CLng(Buffer(i + 1)) * 256
If temp < 65536 Then
If temp < 32768 Then
cVal = temp
Else
cVal = temp - 65536
End If
If cVal = SearchValue Then
col.Add (info.BaseAddress + i)
End If
End If
Next i
End If
End If
End If
base = info.BaseAddress + info.RegionSize
Loop
End If
SEARCH_FINISH:
CloseHandle hProcess
Set Addrs = col
EnableButtons
End SubPrivate Sub Form_Load()
EnableButtons
End Sub
Private Sub EnableButtons()
lblCount.Caption = SearchCount
btnSearch.Enabled = ProcessID <> 0
btnModify.Enabled = SearchCount > 0
End Sub
QQRN:
我用VB写了一个简单的修改数据的程序,在NT和WIN98上运行都没有问题。搜索的数据类型只支持Integer类型,用法和过去的GameBuster和FPE相同。
1:先运行应用程序
2:输入一个数值,然后搜索。
3:等应用程序的这个数值变化之后,把变化后的数值输入进去,再次搜索。直到搜索结果为1。
4: 输入一个想要改变的数值,然后 修改。
用这个程序对付一般的游戏应该没什么问题。VERSION 5.00
Begin VB.Form Form1
Caption = "Form1"
ClientHeight = 3885
ClientLeft = 60
ClientTop = 345
ClientWidth = 6120
LinkTopic = "Form1"
ScaleHeight = 3885
ScaleWidth = 6120
StartUpPosition = 3 'Windows Default
Begin VB.CommandButton btnReset
Caption = "Reset"
Height = 345
Left = 2370
TabIndex = 9
Top = 1500
Width = 945
End
Begin VB.CommandButton btnModify
Caption = "修改"
Height = 375
Left = 3720
TabIndex = 8
Top = 1440
Width = 915
End
Begin VB.CommandButton btnSearch
Caption = "搜索"
Height = 405
Left = 930
TabIndex = 7
Top = 1440
Width = 975
End
Begin VB.TextBox txtValue
BeginProperty Font
Name = "Fixedsys"
Size = 12
Charset = 134
Weight = 400
Underline = 0 'False
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
Height = 375
Left = 1170
TabIndex = 4
Text = "123"
Top = 810
Width = 1425
End
Begin VB.CommandButton btnExecute
Caption = "运行"
Height = 375
Left = 4800
TabIndex = 2
Top = 210
Width = 945
End
Begin VB.TextBox txtApp
Height = 375
Left = 1170
TabIndex = 1
Text = "test.exe"
Top = 240
Width = 3495
End
Begin VB.Label lblCount
Alignment = 1 'Right Justify
BorderStyle = 1 'Fixed Single
Caption = "0"
BeginProperty Font
Name = "Fixedsys"
Size = 12
Charset = 134
Weight = 400
Underline = 0 'False
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
Height = 315
Left = 3990
TabIndex = 6
Top = 810
Width = 1125
End
Begin VB.Label Label3
AutoSize = -1 'True
Caption = "搜索结果:"
Height = 195
Left = 3030
TabIndex = 5
Top = 870
Width = 900
End
Begin VB.Label Label2
AutoSize = -1 'True
Caption = "数值:"
Height = 195
Left = 240
TabIndex = 3
Top = 900
Width = 540
End
Begin VB.Label Label1
AutoSize = -1 'True
Caption = "应用程序:"
Height = 195
Left = 240
TabIndex = 0
Top = 330
Width = 900
End
End
Attribute VB_Name = "Form1"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
Option Explicit
Private Declare Function OpenProcess Lib "Kernel32.dll" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
'dwDesiredAccess 存取方式,一般用PROCESS_ALL_ACCESS就可以
'bInheritHandle 这里不用,必须是0
'dwProcessId 进程ID,自己想办法得到它,可用GetWindowThreadProcessId等函数,
' 或是在VB里用Shell命令执行程序返回的值
'返回 进程HandlePrivate Declare Function ReadProcessMemory Lib "Kernel32.dll" (ByVal hProcess As Long, ByVal lpBaseAddress As Long, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesRead As Long) As Long
Private Declare Function WriteProcessMemory Lib "Kernel32.dll" (ByVal hProcess As Long, ByVal lpBaseAddress As Long, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Any) As Long
'hProcess 进程Handle
'lpBaseAddress 指定的地址
'lpBuffer 读/写的缓冲区
'nSize lpBuffer的大小(字节数)
'lpNumberOfBytesWritten 完成读写的字节数
'返回 非0 成功,0 失败Private Type MEMORY_BASIC_INFORMATION
BaseAddress As Long
AllocationBase As Long
AllocattionProtect As Long
RegionSize As Long
State As Long
Protect As Long
Type As Long
End Type
Private Declare Function VirtualQueryEx Lib "Kernel32.dll" (ByVal hProcess As Long, ByVal lpAddress As Long, info As MEMORY_BASIC_INFORMATION, ByVal dwLength As Long) As Long
Private Declare Function CloseHandle Lib "Kernel32.dll" (ByVal handle As Long) As Long
Private Const PROCESS_TERMINATE = &H1&
Private Const PROCESS_CREATE_THREAD = &H2&
Private Const PROCESS_SET_SESSIONID = &H4&
Private Const PROCESS_VM_OPERATION = &H8&
Private Const PROCESS_VM_READ = &H10&
Private Const PROCESS_VM_WRITE = &H20&
Private Const PROCESS_DUP_HANDLE = &H40&
Private Const PROCESS_CREATE_PROCESS = &H80&
Private Const PROCESS_SET_QUOTA = &H100&
Private Const PROCESS_SET_INFORMATION = &H200&
Private Const PROCESS_QUERY_INFORMATION = &H400&
Private Const PROCESS_ALL_ACCESS = &H1F0FFFPrivate Const PAGE_NOACCESS = &H1
Private Const PAGE_READONLY = &H2
Private Const PAGE_READWRITE = &H4
Private Const PAGE_WRITECOPY = &H8
Private Const PAGE_EXECUTE = &H10
Private Const PAGE_EXECUTE_READ = &H20
Private Const PAGE_EXECUTE_READWRITE = &H40
Private Const PAGE_EXECUTE_WRITECOPY = &H80
Private Const PAGE_GUARD = &H100
Private Const PAGE_NOCACHE = &H200
Private Const PAGE_WRITECOMBINE = &H400
Private Const MEM_COMMIT = &H1000
Private Const MEM_RESERVE = &H2000
Private Const MEM_DECOMMIT = &H4000
Private Const MEM_RELEASE = &H8000
Private Const MEM_FREE = &H10000
Private Const MEM_PRIVATE = &H20000
Private Const MEM_MAPPED = &H40000
Private Const MEM_RESET = &H80000
Private Const MEM_TOP_DOWN = &H100000
Private Const MEM_4MB_PAGES = &H80000000
Private Const SEC_FILE = &H800000
Private Const SEC_IMAGE = &H1000000
Private Const SEC_VLM = &H2000000
Private Const SEC_RESERVE = &H4000000
Private Const SEC_COMMIT = &H8000000
Private Const SEC_NOCACHE = &H10000000
Private Const MEM_IMAGE = SEC_IMAGEPrivate ProcessID As Long
Private Addrs As Collection
Private SearchValue As Integer
Const MAXCOUNT = 10000
Private Buffer() As Byte
Private BufferLength As Long
Private Property Get SearchCount() As Long
If Addrs Is Nothing Then
SearchCount = 0
Else
SearchCount = Addrs.Count
End If
End PropertyPrivate Sub btnExecute_Click()
ProcessID = Shell(txtApp.Text, vbNormalFocus)
EnableButtons
End Sub
Private Function GetValue() As Boolean
On Error GoTo VAL_FAIL
SearchValue = Val(txtValue.Text)
txtValue.Text = SearchValue
GetValue = True
Exit Function
VAL_FAIL:
MsgBox "please enter a integer between -32768 to 32767"
End Function
Private Sub btnModify_Click()
If Not GetValue Then
Exit Sub
End If
Dim hProcess As Long
hProcess = OpenProcess(PROCESS_VM_WRITE + PROCESS_VM_OPERATION, 0&, ProcessID)
If hProcess = 0 Then
MsgBox "can't open process"
Exit Sub
End If
Dim r As Long
Dim n As Long
Dim i As Long
For i = 1 To Addrs.Count
r = WriteProcessMemory(hProcess, CLng(Addrs.Item(i)), SearchValue, 2&, n)
If r = 0 Then
MsgBox "modify fail"
End If
Next i
CloseHandle (hProcess)
End SubPrivate Sub btnReset_Click()
Set Addrs = Nothing
EnableButtons
End SubPrivate Sub btnSearch_Click()
If Not GetValue Then
Exit Sub
End If
Dim hProcess As Long
hProcess = OpenProcess(PROCESS_VM_READ + PROCESS_QUERY_INFORMATION, 0&, ProcessID)
If hProcess = 0 Then
MsgBox "can't open process"
Exit Sub
End If
Dim base As Long
Dim cVal As Integer
Dim i As Long
Dim n As Long
Dim r As Long
Dim info As MEMORY_BASIC_INFORMATION
Dim col As Collection
Set col = New Collection
If SearchCount > 0 Then
For i = 1 To SearchCount
base = CLng(Addrs.Item(i))
If ReadProcessMemory(hProcess, base, cVal, 2&, n) > 0 Then
If cVal = SearchValue Then
col.Add base
End If
End If
Next i
Else
base = 0
On Error GoTo SEARCH_FINISH
Do While True
If VirtualQueryEx(hProcess, base, info, Len(info)) = 0 Then
Exit Do
End If
If info.Type <> 0 Then
If info.Protect = PAGE_READWRITE Then
If info.RegionSize > BufferLength Then
BufferLength = info.RegionSize
ReDim Buffer(0 To BufferLength) As Byte
End If
r = ReadProcessMemory(hProcess, info.BaseAddress, Buffer(0), info.RegionSize, n)
If r > 0 Then
For i = 0 To n - 1
Dim temp As Long
temp = CLng(Buffer(i)) + CLng(Buffer(i + 1)) * 256
If temp < 65536 Then
If temp < 32768 Then
cVal = temp
Else
cVal = temp - 65536
End If
If cVal = SearchValue Then
col.Add (info.BaseAddress + i)
End If
End If
Next i
End If
End If
End If
base = info.BaseAddress + info.RegionSize
Loop
End If
SEARCH_FINISH:
CloseHandle hProcess
Set Addrs = col
EnableButtons
End SubPrivate Sub Form_Load()
EnableButtons
End Sub
Private Sub EnableButtons()
lblCount.Caption = SearchCount
btnSearch.Enabled = ProcessID <> 0
btnModify.Enabled = SearchCount > 0
End Sub
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货