byte[] proc = new byte[]{0x60, 0xBB, 0x70, 0x1F, 0x5A, 0x00, 0xFF, 0xD3, 0x61}; //机器码
//第2步,在进程中申请空间
UInt32 ThreadAdd = ProcessMemoryWorkApi.VirtualAllocEx(PinballHandle, 0, (UInt32)proc.Length, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
//第3步,在申请的空间中,写如要执行的代码
ProcessMemoryWorkApi.WriteProcessMemory(PinballHandle, (IntPtr)ThreadAdd, proc, (UInt32)proc.Length, (IntPtr)0); //写入函数地址
//第4步,调用远程线程
uint threadId=0;//为了最后一个破参数,随便定义个变量
hThread = (IntPtr)ProcessMemoryWorkApi.CreateRemoteThread(PinballHandle, 0, 0, ThreadAdd, (IntPtr)0, 0, ref threadId); //创建远程线程
//第5步,等待线程结束
ProcessMemoryWorkApi.WaitForSingleObject(hThread, 0xFFFFFFFF);//等待线程结束
//第6步,释放申请的地址
ProcessMemoryWorkApi.VirtualFreeEx(PinballHandle, (IntPtr)ThreadAdd, 0, MEM_RELEASE); //释放申请的地址
ProcessMemoryWorkApi.CloseHandle(hThread);
ProcessMemoryWorkApi.CloseHandle(PinballHandle); //关闭打开的句柄这个是我在网上找的代码 游戏中的我已经把它转成机器码了 但我不知道在C#代码中怎么用
我转换的机器码
B8009B6300FFD0
for (int i = 0; i < bytes.Length; i++)
{
bytes[i] = Convert.ToByte(Int32.Parse(HEX.Substring(i * 2 , 2),
System.Globalization.NumberStyles.AllowHexSpecifier));
}
return bytes;