unit Unit1;interfaceuses
Windows, Forms, SysUtils,Dialogs,Classes, ExtCtrls, Controls, StdCtrls,
Menus, ComCtrls, Spin,Graphics;
type
TFrm_Pop = class(TForm)
Button1: TButton;
procedure Button1Click(Sender: TObject);
procedure FormDestroy(Sender: TObject);
procedure FormCreate(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;var
Frm_Pop: TFrm_Pop;
drProcessHandle: THandle; //进程句柄
drProcessID: DWORD; //进程IDFunction ReadDroiyanData(Address: integer; N: integer; var Buf): integer; //读地址的代码
procedure GameSend2(CLen:integer;BaoData:Pointer); //发包函数implementation{$R *.dfm}//===========================================================================================
Function ReadDroiyanData(Address: integer; N: integer; var Buf): integer; //读内存地址的代码
var
ByteOfRead: DWORD;
begin
Result := -1;
if ReadProcessMemory(drProcessHandle, Pointer(Address),@Buf, N, ByteOfRead) then
Result := ByteOfRead;
end;
//===========================================================================================
procedure GameSend2(CLen:integer;BaoData:Pointer); //发包函数
Var
ebx1:integer;
begin
ebx1:=integer(pointer($0043D450+$254)^);
asm
pushad
MOV ECX,CLen
PUSH ECX
MOV EDX,BaoData
PUSH EDX
MOV EAX,ebx1
CALL DWORD PTR DS:[EDX+$14]
popad
end;
end;
//===========================================================================================
procedure TFrm_Pop.Button1Click(Sender: TObject); // 操作的过程封包数据
type
REao = packed record
head:integer;
minlin:word;
data1:integer;
data2:integer;
data3:integer;
data4:integer;
data5:integer;
data6:integer;
asend:word;
end;var
Eao:REao;
PEao:Pointer;begin
Eao.head:=$xxxxx;
Eao.minlin:=$0;
Eao.data1:=$xxxxx;
Eao.data2:=$xxxxxxxx;
Eao.data3:=$xxxxxxxx;
Eao.data4:=$xxxxxxxx;
Eao.data5:=$xxxxxxxx;
Eao.data6:=$xxxxxxxx;
Eao.asend:=$0;
PEao:=@(Eao);
GameSend2($1D,PEao);
end;
//===========================================================================================procedure TFrm_Pop.FormDestroy(Sender: TObject);
begin
//关闭进程
CloseHandle(drProcessHandle);
end;procedure TFrm_Pop.FormCreate(Sender: TObject);
begin
GetWindowThreadProcessId(Findwindow(nil,'游戏标题'), @drProcessID);
drProcessHandle := OpenProcess(PROCESS_VM_READ or PROCESS_VM_WRITE or PROCESS_VM_OPERATION, false, drProcessID);
//打开进程
end;end.==============Hook dll 正确代码下分离出来的, 求直接写在exe中的解决办法,如上不能正常操作===========不够再开贴加分.
Windows, Forms, SysUtils,Dialogs,Classes, ExtCtrls, Controls, StdCtrls,
Menus, ComCtrls, Spin,Graphics;
type
TFrm_Pop = class(TForm)
Button1: TButton;
procedure Button1Click(Sender: TObject);
procedure FormDestroy(Sender: TObject);
procedure FormCreate(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;var
Frm_Pop: TFrm_Pop;
drProcessHandle: THandle; //进程句柄
drProcessID: DWORD; //进程IDFunction ReadDroiyanData(Address: integer; N: integer; var Buf): integer; //读地址的代码
procedure GameSend2(CLen:integer;BaoData:Pointer); //发包函数implementation{$R *.dfm}//===========================================================================================
Function ReadDroiyanData(Address: integer; N: integer; var Buf): integer; //读内存地址的代码
var
ByteOfRead: DWORD;
begin
Result := -1;
if ReadProcessMemory(drProcessHandle, Pointer(Address),@Buf, N, ByteOfRead) then
Result := ByteOfRead;
end;
//===========================================================================================
procedure GameSend2(CLen:integer;BaoData:Pointer); //发包函数
Var
ebx1:integer;
begin
ebx1:=integer(pointer($0043D450+$254)^);
asm
pushad
MOV ECX,CLen
PUSH ECX
MOV EDX,BaoData
PUSH EDX
MOV EAX,ebx1
CALL DWORD PTR DS:[EDX+$14]
popad
end;
end;
//===========================================================================================
procedure TFrm_Pop.Button1Click(Sender: TObject); // 操作的过程封包数据
type
REao = packed record
head:integer;
minlin:word;
data1:integer;
data2:integer;
data3:integer;
data4:integer;
data5:integer;
data6:integer;
asend:word;
end;var
Eao:REao;
PEao:Pointer;begin
Eao.head:=$xxxxx;
Eao.minlin:=$0;
Eao.data1:=$xxxxx;
Eao.data2:=$xxxxxxxx;
Eao.data3:=$xxxxxxxx;
Eao.data4:=$xxxxxxxx;
Eao.data5:=$xxxxxxxx;
Eao.data6:=$xxxxxxxx;
Eao.asend:=$0;
PEao:=@(Eao);
GameSend2($1D,PEao);
end;
//===========================================================================================procedure TFrm_Pop.FormDestroy(Sender: TObject);
begin
//关闭进程
CloseHandle(drProcessHandle);
end;procedure TFrm_Pop.FormCreate(Sender: TObject);
begin
GetWindowThreadProcessId(Findwindow(nil,'游戏标题'), @drProcessID);
drProcessHandle := OpenProcess(PROCESS_VM_READ or PROCESS_VM_WRITE or PROCESS_VM_OPERATION, false, drProcessID);
//打开进程
end;end.==============Hook dll 正确代码下分离出来的, 求直接写在exe中的解决办法,如上不能正常操作===========不够再开贴加分.
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货