FORM1.FRM 的内容
VERSION 5.00
Object = "{F9043C88-F6F2-101A-A3C9-08002B2F49FB}#1.2#0"; "COMDLG32.OCX"
Begin VB.Form Form1
Caption = "Form1"
ClientHeight = 3930
ClientLeft = 60
ClientTop = 345
ClientWidth = 9585
LinkTopic = "Form1"
ScaleHeight = 3930
ScaleWidth = 9585
StartUpPosition = 3 '窗口缺省
Begin VB.OptionButton Option1
Caption = "4"
Height = 255
Index = 4
Left = 5160
TabIndex = 28
Top = 1440
Width = 735
End
Begin VB.OptionButton Option1
Caption = "2"
Height = 255
Index = 2
Left = 4440
TabIndex = 27
Top = 1440
Value = -1 'True
Width = 735
End
Begin VB.CommandButton Command3
Caption = "改"
Height = 375
Left = 9000
TabIndex = 26
Top = 3480
Width = 495
End
Begin VB.TextBox Text4
Height = 375
Left = 7800
TabIndex = 25
Text = "添入要改的"
Top = 3480
Width = 1095
End
Begin VB.TextBox Text3
DragMode = 1 'Automatic
Height = 375
Left = 6240
TabIndex = 24
Text = "可拖动到左边"
Top = 3480
Width = 1455
End
Begin VB.ListBox List1
Height = 3300
ItemData = "FORM1.frx":0000
Left = 6240
List = "FORM1.frx":0002
TabIndex = 23
Top = 120
Width = 3255
End
Begin VB.TextBox Text2
Height = 375
Index = 3
Left = 3120
TabIndex = 22
Top = 3480
Width = 1575
End
Begin VB.TextBox Text2
Height = 375
Index = 2
Left = 3120
TabIndex = 21
Top = 3000
Width = 1575
End
Begin VB.TextBox Text2
Height = 375
Index = 1
Left = 3120
TabIndex = 20
Top = 2520
Width = 1575
End
Begin VB.TextBox Text2
Height = 375
Index = 0
Left = 3120
TabIndex = 19
Text = "添入要改的数值"
Top = 2040
Width = 1575
End
Begin VB.CommandButton Command2
Caption = "修改"
Height = 375
Index = 3
Left = 4920
TabIndex = 18
Top = 3480
Width = 1095
End
Begin VB.CommandButton Command2
Caption = "修改"
Height = 375
Index = 2
Left = 4920
TabIndex = 17
Top = 3000
Width = 1095
End
Begin VB.CommandButton Command2
Caption = "修改"
Height = 375
Index = 1
Left = 4920
TabIndex = 16
Top = 2520
Width = 1095
End
Begin VB.CommandButton Command2
Caption = "修改"
Height = 375
Index = 0
Left = 4920
TabIndex = 15
Top = 2040
Width = 1095
End
Begin VB.TextBox Text1
Height = 375
Index = 3
Left = 480
TabIndex = 14
Top = 3480
Width = 2175
End
Begin VB.TextBox Text1
Height = 375
Index = 2
Left = 480
TabIndex = 13
Top = 3000
Width = 2175
End
Begin VB.TextBox Text1
Height = 375
Index = 1
Left = 480
TabIndex = 12
Top = 2520
Width = 2175
End
Begin VB.TextBox Text1
Height = 375
Index = 0
Left = 480
TabIndex = 11
Text = "可以接收地址"
Top = 2040
Width = 2175
End
Begin MSComDlg.CommonDialog CommonDialog1
Left = 3360
Top = 2280
_ExtentX = 847
_ExtentY = 847
_Version = 393216
CancelError = -1 'True
Filter = "*.exe"
End
Begin VB.CommandButton btnReset
Caption = "Reset"
Height = 345
Left = 1440
TabIndex = 9
Top = 1440
Width = 945
End
Begin VB.CommandButton btnModify
Caption = "修改"
Height = 375
Left = 2640
TabIndex = 8
Top = 1440
Width = 915
End
Begin VB.CommandButton btnSearch
Caption = "搜索"
Height = 405
Left = 240
TabIndex = 7
Top = 1440
Width = 975
End
Begin VB.TextBox txtValue
BeginProperty Font
Name = "Fixedsys"
Size = 12
Charset = 134
Weight = 400
Underline = 0 'False
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
Height = 375
Left = 1170
TabIndex = 4
Text = "123"
Top = 810
Width = 1425
End
Begin VB.TextBox txtApp
Height = 375
Left = 1170
TabIndex = 1
Text = "test.exe"
Top = 240
Width = 3495
End
Begin VB.CommandButton btnExecute
Caption = "运行"
Height = 375
Left = 5400
TabIndex = 2
Top = 240
Width = 705
End
Begin VB.CommandButton Command1
Caption = "浏览"
Height = 375
Left = 4680
TabIndex = 10
Top = 240
Width = 735
End
Begin VB.Label Label6
Caption = "改为"
Height = 255
Left = 2760
TabIndex = 31
Top = 2160
Width = 375
End
Begin VB.Label Label5
Caption = "地址"
Height = 255
Left = 120
TabIndex = 30
Top = 2160
Width = 495
End
Begin VB.Label Label4
Caption = "长度"
Height = 255
Left = 3720
TabIndex = 29
Top = 1440
Width = 495
End
Begin VB.Label lblCount
Alignment = 1 'Right Justify
BorderStyle = 1 'Fixed Single
Caption = "0"
BeginProperty Font
Name = "Fixedsys"
Size = 12
Charset = 134
Weight = 400
Underline = 0 'False
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
Height = 315
Left = 3990
TabIndex = 6
Top = 810
Width = 1125
End
Begin VB.Label Label3
AutoSize = -1 'True
Caption = "搜索结果:"
Height = 195
Left = 3030
TabIndex = 5
Top = 870
Width = 900
End
Begin VB.Label Label2
AutoSize = -1 'True
Caption = "数值:"
Height = 195
Left = 240
TabIndex = 3
Top = 900
Width = 540
End
Begin VB.Label Label1
AutoSize = -1 'True
Caption = "应用程序:"
Height = 180
Left = 240
TabIndex = 0
Top = 330
Width = 900
End
End
Attribute VB_Name = "Form1"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
Option Explicit
'打开程序
Private Declare Function OpenProcess Lib "Kernel32.dll" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
'dwDesiredAccess 存取方式,一般用PROCESS_ALL_ACCESS就可以
'bInheritHandle 这里不用,必须是0
'dwProcessId 进程ID,自己想办法得到它,可用GetWindowThreadProcessId等函数,
' 或是在VB里用Shell命令执行程序返回的值
'返回 进程Handle'读写程序内存
Private Declare Function ReadProcessMemory Lib "Kernel32.dll" (ByVal hProcess As Long, ByVal lpBaseAddress As Long, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesRead As Long) As Long
Private Declare Function WriteProcessMemory Lib "Kernel32.dll" (ByVal hProcess As Long, ByVal lpBaseAddress As Long, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Any) As Long
'hProcess 进程Handle
'lpBaseAddress 指定的地址
'lpBuffer 读/写的缓冲区
'nSize lpBuffer的大小(字节数)
'lpNumberOfBytesWritten 完成读写的字节数
'返回 非0 成功,0 失败'内存基本信息
Private Type MEMORY_BASIC_INFORMATION
BaseAddress As Long
AllocationBase As Long
AllocattionProtect As Long
RegionSize As Long
State As Long
Protect As Long
Type As Long
End Type'虚拟内存管理
Private Declare Function VirtualQueryEx Lib "Kernel32.dll" (ByVal hProcess As Long, ByVal lpAddress As Long, info As MEMORY_BASIC_INFORMATION, ByVal dwLength As Long) As Long
'关闭句柄
Private Declare Function CloseHandle Lib "Kernel32.dll" (ByVal handle As Long) As Long'常量定义
Private Const PROCESS_TERMINATE = &H1&
Private Const PROCESS_CREATE_THREAD = &H2&
Private Const PROCESS_SET_SESSIONID = &H4&
Private Const PROCESS_VM_OPERATION = &H8&
Private Const PROCESS_VM_READ = &H10&
Private Const PROCESS_VM_WRITE = &H20&
Private Const PROCESS_DUP_HANDLE = &H40&
Private Const PROCESS_CREATE_PROCESS = &H80&
Private Const PROCESS_SET_QUOTA = &H100&
Private Const PROCESS_SET_INFORMATION = &H200&
Private Const PROCESS_QUERY_INFORMATION = &H400&
Private Const PROCESS_ALL_ACCESS = &H1F0FFFPrivate Const PAGE_NOACCESS = &H1
Private Const PAGE_READONLY = &H2
Private Const PAGE_READWRITE = &H4
Private Const PAGE_WRITECOPY = &H8
Private Const PAGE_EXECUTE = &H10
Private Const PAGE_EXECUTE_READ = &H20
Private Const PAGE_EXECUTE_READWRITE = &H40
Private Const PAGE_EXECUTE_WRITECOPY = &H80
Private Const PAGE_GUARD = &H100
Private Const PAGE_NOCACHE = &H200
Private Const PAGE_WRITECOMBINE = &H400
Private Const MEM_COMMIT = &H1000
Private Const MEM_RESERVE = &H2000
Private Const MEM_DECOMMIT = &H4000
Private Const MEM_RELEASE = &H8000
Private Const MEM_FREE = &H10000
Private Const MEM_PRIVATE = &H20000
Private Const MEM_MAPPED = &H40000
Private Const MEM_RESET = &H80000
Private Const MEM_TOP_DOWN = &H100000
Private Const MEM_4MB_PAGES = &H80000000
Private Const SEC_FILE = &H800000
Private Const SEC_IMAGE = &H1000000
Private Const SEC_VLM = &H2000000
Private Const SEC_RESERVE = &H4000000
Private Const SEC_COMMIT = &H8000000
Private Const SEC_NOCACHE = &H10000000
Private Const MEM_IMAGE = SEC_IMAGE'程序ID
Private ProcessID As LongPrivate Addrs As Collection
'搜索结果
Private SearchValue As Integer
'设置最大数为10000
Const MAXCOUNT = 10000
'缓冲区
Private Buffer() As Byte
'缓冲区长度
Private BufferLength As LongPublic www As LongPublic KKK As LongPrivate Property Get SearchCount() As Long
If Addrs Is Nothing Then
'如果地址为"无"
SearchCount = 0
Else
SearchCount = Addrs.Count
End If
End PropertyPrivate Sub btnExecute_Click()
ProcessID = Shell(txtApp.Text, vbNormalFocus)
EnableButtons
End Sub
Private Function GetValue() As Boolean
On Error GoTo VAL_FAIL
SearchValue = Val(txtValue.Text)
txtValue.Text = SearchValue
GetValue = True
Exit Function
VAL_FAIL:
MsgBox "please enter a integer between -32768 to 32767"
End Function
Private Sub btnModify_Click()
If Not GetValue Then
Exit Sub
End If
Dim hProcess As Long
hProcess = OpenProcess(PROCESS_VM_WRITE + PROCESS_VM_OPERATION, 0&, ProcessID)
If hProcess = 0 Then
MsgBox "can't open process"
Exit Sub
End If
Dim r As Long
Dim n As Long
Dim i As Long
For i = 1 To Addrs.Count
r = WriteProcessMemory(hProcess, CLng(Addrs.Item(i)), SearchValue, 2&, n)
If r = 0 Then
MsgBox "modify fail"
End If
Next i
CloseHandle (hProcess)
End SubPrivate Sub btnReset_Click()
Set Addrs = Nothing
EnableButtons
End SubPrivate Sub btnSearch_Click()
List1.Clear
If Not GetValue Then
Exit Sub
End If
Dim hProcess As Long
hProcess = OpenProcess(PROCESS_VM_READ + PROCESS_QUERY_INFORMATION, 0&, ProcessID)
If hProcess = 0 Then
MsgBox "can't open process"
Exit Sub
End If
Dim base As Long
Dim cVal As Integer
Dim i As Long
Dim n As Long
Dim r As Long
Dim info As MEMORY_BASIC_INFORMATION
Dim col As Collection
Set col = New Collection
If SearchCount > 0 Then
For i = 1 To SearchCount
base = CLng(Addrs.Item(i))
If ReadProcessMemory(hProcess, base, cVal, 2&, n) > 0 Then
If cVal = SearchValue Then
col.Add base
List1.AddItem base
End If
End If
Next i
Else
base = 0
On Error GoTo SEARCH_FINISH
Do While True
If VirtualQueryEx(hProcess, base, info, Len(info)) = 0 Then
Exit Do
End If
If info.Type <> 0 Then
If info.Protect = PAGE_READWRITE Then
If info.RegionSize > BufferLength Then
BufferLength = info.RegionSize
ReDim Buffer(0 To BufferLength) As Byte
End If
r = ReadProcessMemory(hProcess, info.BaseAddress, Buffer(0), info.RegionSize, n)
If r > 0 Then
For i = 0 To n - 1
Dim temp As Long
temp = CLng(Buffer(i)) + CLng(Buffer(i + 1)) * 256
If temp < 65536 Then
If temp < 32768 Then
cVal = temp
Else
cVal = temp - 65536
End If
If cVal = SearchValue Then
col.Add (info.BaseAddress + i)
End If
End If
Next i
End If
End If
End If
base = info.BaseAddress + info.RegionSize
Loop
End If
SEARCH_FINISH:
CloseHandle hProcess
Set Addrs = col
EnableButtons
End SubPrivate Sub Command1_Click()
CommonDialog1.ShowOpen
txtApp.Text = CommonDialog1.FileName
End SubPrivate Sub Command2_Click(Index As Integer)
WIRET_MEM Val(Text1(Index).Text), Val(Text2(Index).Text)
End SubPrivate Sub Command3_Click()
WIRET_MEM Val(Text3.Text), Val(Text4.Text)
End SubPrivate Sub Form_Load()
'启动
EnableButtons
End Sub
Private Sub EnableButtons()
lblCount.Caption = SearchCount
btnSearch.Enabled = ProcessID <> 0
btnModify.Enabled = SearchCount > 0
End SubPrivate Sub List1_Click()
Text3.Text = List1.List(List1.ListIndex)
End SubPrivate Sub WIRET_MEM(ADDSS As Long, SSS_Value As Long)
Dim hProcess As Long
hProcess = OpenProcess(PROCESS_VM_WRITE + PROCESS_VM_OPERATION, 0&, ProcessID)
If hProcess = 0 Then
Form1.Caption = "can't open process"
Exit Sub
End If
Dim r As Long
Dim n As Long
r = WriteProcessMemory(hProcess, ADDSS, SSS_Value, KKK, n)
If r = 0 Then
Form1.Caption = Str(ADDSS) & " modify fail"
End If
CloseHandle (hProcess)
End SubPrivate Sub Option1_Click(Index As Integer)
KKK = Index
End SubPrivate Sub Text1_DragDrop(Index As Integer, Source As Control, X As Single, Y As Single)
Text1(Index).Text = Text3.Text
End Sub
VERSION 5.00
Object = "{F9043C88-F6F2-101A-A3C9-08002B2F49FB}#1.2#0"; "COMDLG32.OCX"
Begin VB.Form Form1
Caption = "Form1"
ClientHeight = 3930
ClientLeft = 60
ClientTop = 345
ClientWidth = 9585
LinkTopic = "Form1"
ScaleHeight = 3930
ScaleWidth = 9585
StartUpPosition = 3 '窗口缺省
Begin VB.OptionButton Option1
Caption = "4"
Height = 255
Index = 4
Left = 5160
TabIndex = 28
Top = 1440
Width = 735
End
Begin VB.OptionButton Option1
Caption = "2"
Height = 255
Index = 2
Left = 4440
TabIndex = 27
Top = 1440
Value = -1 'True
Width = 735
End
Begin VB.CommandButton Command3
Caption = "改"
Height = 375
Left = 9000
TabIndex = 26
Top = 3480
Width = 495
End
Begin VB.TextBox Text4
Height = 375
Left = 7800
TabIndex = 25
Text = "添入要改的"
Top = 3480
Width = 1095
End
Begin VB.TextBox Text3
DragMode = 1 'Automatic
Height = 375
Left = 6240
TabIndex = 24
Text = "可拖动到左边"
Top = 3480
Width = 1455
End
Begin VB.ListBox List1
Height = 3300
ItemData = "FORM1.frx":0000
Left = 6240
List = "FORM1.frx":0002
TabIndex = 23
Top = 120
Width = 3255
End
Begin VB.TextBox Text2
Height = 375
Index = 3
Left = 3120
TabIndex = 22
Top = 3480
Width = 1575
End
Begin VB.TextBox Text2
Height = 375
Index = 2
Left = 3120
TabIndex = 21
Top = 3000
Width = 1575
End
Begin VB.TextBox Text2
Height = 375
Index = 1
Left = 3120
TabIndex = 20
Top = 2520
Width = 1575
End
Begin VB.TextBox Text2
Height = 375
Index = 0
Left = 3120
TabIndex = 19
Text = "添入要改的数值"
Top = 2040
Width = 1575
End
Begin VB.CommandButton Command2
Caption = "修改"
Height = 375
Index = 3
Left = 4920
TabIndex = 18
Top = 3480
Width = 1095
End
Begin VB.CommandButton Command2
Caption = "修改"
Height = 375
Index = 2
Left = 4920
TabIndex = 17
Top = 3000
Width = 1095
End
Begin VB.CommandButton Command2
Caption = "修改"
Height = 375
Index = 1
Left = 4920
TabIndex = 16
Top = 2520
Width = 1095
End
Begin VB.CommandButton Command2
Caption = "修改"
Height = 375
Index = 0
Left = 4920
TabIndex = 15
Top = 2040
Width = 1095
End
Begin VB.TextBox Text1
Height = 375
Index = 3
Left = 480
TabIndex = 14
Top = 3480
Width = 2175
End
Begin VB.TextBox Text1
Height = 375
Index = 2
Left = 480
TabIndex = 13
Top = 3000
Width = 2175
End
Begin VB.TextBox Text1
Height = 375
Index = 1
Left = 480
TabIndex = 12
Top = 2520
Width = 2175
End
Begin VB.TextBox Text1
Height = 375
Index = 0
Left = 480
TabIndex = 11
Text = "可以接收地址"
Top = 2040
Width = 2175
End
Begin MSComDlg.CommonDialog CommonDialog1
Left = 3360
Top = 2280
_ExtentX = 847
_ExtentY = 847
_Version = 393216
CancelError = -1 'True
Filter = "*.exe"
End
Begin VB.CommandButton btnReset
Caption = "Reset"
Height = 345
Left = 1440
TabIndex = 9
Top = 1440
Width = 945
End
Begin VB.CommandButton btnModify
Caption = "修改"
Height = 375
Left = 2640
TabIndex = 8
Top = 1440
Width = 915
End
Begin VB.CommandButton btnSearch
Caption = "搜索"
Height = 405
Left = 240
TabIndex = 7
Top = 1440
Width = 975
End
Begin VB.TextBox txtValue
BeginProperty Font
Name = "Fixedsys"
Size = 12
Charset = 134
Weight = 400
Underline = 0 'False
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
Height = 375
Left = 1170
TabIndex = 4
Text = "123"
Top = 810
Width = 1425
End
Begin VB.TextBox txtApp
Height = 375
Left = 1170
TabIndex = 1
Text = "test.exe"
Top = 240
Width = 3495
End
Begin VB.CommandButton btnExecute
Caption = "运行"
Height = 375
Left = 5400
TabIndex = 2
Top = 240
Width = 705
End
Begin VB.CommandButton Command1
Caption = "浏览"
Height = 375
Left = 4680
TabIndex = 10
Top = 240
Width = 735
End
Begin VB.Label Label6
Caption = "改为"
Height = 255
Left = 2760
TabIndex = 31
Top = 2160
Width = 375
End
Begin VB.Label Label5
Caption = "地址"
Height = 255
Left = 120
TabIndex = 30
Top = 2160
Width = 495
End
Begin VB.Label Label4
Caption = "长度"
Height = 255
Left = 3720
TabIndex = 29
Top = 1440
Width = 495
End
Begin VB.Label lblCount
Alignment = 1 'Right Justify
BorderStyle = 1 'Fixed Single
Caption = "0"
BeginProperty Font
Name = "Fixedsys"
Size = 12
Charset = 134
Weight = 400
Underline = 0 'False
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
Height = 315
Left = 3990
TabIndex = 6
Top = 810
Width = 1125
End
Begin VB.Label Label3
AutoSize = -1 'True
Caption = "搜索结果:"
Height = 195
Left = 3030
TabIndex = 5
Top = 870
Width = 900
End
Begin VB.Label Label2
AutoSize = -1 'True
Caption = "数值:"
Height = 195
Left = 240
TabIndex = 3
Top = 900
Width = 540
End
Begin VB.Label Label1
AutoSize = -1 'True
Caption = "应用程序:"
Height = 180
Left = 240
TabIndex = 0
Top = 330
Width = 900
End
End
Attribute VB_Name = "Form1"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
Option Explicit
'打开程序
Private Declare Function OpenProcess Lib "Kernel32.dll" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
'dwDesiredAccess 存取方式,一般用PROCESS_ALL_ACCESS就可以
'bInheritHandle 这里不用,必须是0
'dwProcessId 进程ID,自己想办法得到它,可用GetWindowThreadProcessId等函数,
' 或是在VB里用Shell命令执行程序返回的值
'返回 进程Handle'读写程序内存
Private Declare Function ReadProcessMemory Lib "Kernel32.dll" (ByVal hProcess As Long, ByVal lpBaseAddress As Long, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesRead As Long) As Long
Private Declare Function WriteProcessMemory Lib "Kernel32.dll" (ByVal hProcess As Long, ByVal lpBaseAddress As Long, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Any) As Long
'hProcess 进程Handle
'lpBaseAddress 指定的地址
'lpBuffer 读/写的缓冲区
'nSize lpBuffer的大小(字节数)
'lpNumberOfBytesWritten 完成读写的字节数
'返回 非0 成功,0 失败'内存基本信息
Private Type MEMORY_BASIC_INFORMATION
BaseAddress As Long
AllocationBase As Long
AllocattionProtect As Long
RegionSize As Long
State As Long
Protect As Long
Type As Long
End Type'虚拟内存管理
Private Declare Function VirtualQueryEx Lib "Kernel32.dll" (ByVal hProcess As Long, ByVal lpAddress As Long, info As MEMORY_BASIC_INFORMATION, ByVal dwLength As Long) As Long
'关闭句柄
Private Declare Function CloseHandle Lib "Kernel32.dll" (ByVal handle As Long) As Long'常量定义
Private Const PROCESS_TERMINATE = &H1&
Private Const PROCESS_CREATE_THREAD = &H2&
Private Const PROCESS_SET_SESSIONID = &H4&
Private Const PROCESS_VM_OPERATION = &H8&
Private Const PROCESS_VM_READ = &H10&
Private Const PROCESS_VM_WRITE = &H20&
Private Const PROCESS_DUP_HANDLE = &H40&
Private Const PROCESS_CREATE_PROCESS = &H80&
Private Const PROCESS_SET_QUOTA = &H100&
Private Const PROCESS_SET_INFORMATION = &H200&
Private Const PROCESS_QUERY_INFORMATION = &H400&
Private Const PROCESS_ALL_ACCESS = &H1F0FFFPrivate Const PAGE_NOACCESS = &H1
Private Const PAGE_READONLY = &H2
Private Const PAGE_READWRITE = &H4
Private Const PAGE_WRITECOPY = &H8
Private Const PAGE_EXECUTE = &H10
Private Const PAGE_EXECUTE_READ = &H20
Private Const PAGE_EXECUTE_READWRITE = &H40
Private Const PAGE_EXECUTE_WRITECOPY = &H80
Private Const PAGE_GUARD = &H100
Private Const PAGE_NOCACHE = &H200
Private Const PAGE_WRITECOMBINE = &H400
Private Const MEM_COMMIT = &H1000
Private Const MEM_RESERVE = &H2000
Private Const MEM_DECOMMIT = &H4000
Private Const MEM_RELEASE = &H8000
Private Const MEM_FREE = &H10000
Private Const MEM_PRIVATE = &H20000
Private Const MEM_MAPPED = &H40000
Private Const MEM_RESET = &H80000
Private Const MEM_TOP_DOWN = &H100000
Private Const MEM_4MB_PAGES = &H80000000
Private Const SEC_FILE = &H800000
Private Const SEC_IMAGE = &H1000000
Private Const SEC_VLM = &H2000000
Private Const SEC_RESERVE = &H4000000
Private Const SEC_COMMIT = &H8000000
Private Const SEC_NOCACHE = &H10000000
Private Const MEM_IMAGE = SEC_IMAGE'程序ID
Private ProcessID As LongPrivate Addrs As Collection
'搜索结果
Private SearchValue As Integer
'设置最大数为10000
Const MAXCOUNT = 10000
'缓冲区
Private Buffer() As Byte
'缓冲区长度
Private BufferLength As LongPublic www As LongPublic KKK As LongPrivate Property Get SearchCount() As Long
If Addrs Is Nothing Then
'如果地址为"无"
SearchCount = 0
Else
SearchCount = Addrs.Count
End If
End PropertyPrivate Sub btnExecute_Click()
ProcessID = Shell(txtApp.Text, vbNormalFocus)
EnableButtons
End Sub
Private Function GetValue() As Boolean
On Error GoTo VAL_FAIL
SearchValue = Val(txtValue.Text)
txtValue.Text = SearchValue
GetValue = True
Exit Function
VAL_FAIL:
MsgBox "please enter a integer between -32768 to 32767"
End Function
Private Sub btnModify_Click()
If Not GetValue Then
Exit Sub
End If
Dim hProcess As Long
hProcess = OpenProcess(PROCESS_VM_WRITE + PROCESS_VM_OPERATION, 0&, ProcessID)
If hProcess = 0 Then
MsgBox "can't open process"
Exit Sub
End If
Dim r As Long
Dim n As Long
Dim i As Long
For i = 1 To Addrs.Count
r = WriteProcessMemory(hProcess, CLng(Addrs.Item(i)), SearchValue, 2&, n)
If r = 0 Then
MsgBox "modify fail"
End If
Next i
CloseHandle (hProcess)
End SubPrivate Sub btnReset_Click()
Set Addrs = Nothing
EnableButtons
End SubPrivate Sub btnSearch_Click()
List1.Clear
If Not GetValue Then
Exit Sub
End If
Dim hProcess As Long
hProcess = OpenProcess(PROCESS_VM_READ + PROCESS_QUERY_INFORMATION, 0&, ProcessID)
If hProcess = 0 Then
MsgBox "can't open process"
Exit Sub
End If
Dim base As Long
Dim cVal As Integer
Dim i As Long
Dim n As Long
Dim r As Long
Dim info As MEMORY_BASIC_INFORMATION
Dim col As Collection
Set col = New Collection
If SearchCount > 0 Then
For i = 1 To SearchCount
base = CLng(Addrs.Item(i))
If ReadProcessMemory(hProcess, base, cVal, 2&, n) > 0 Then
If cVal = SearchValue Then
col.Add base
List1.AddItem base
End If
End If
Next i
Else
base = 0
On Error GoTo SEARCH_FINISH
Do While True
If VirtualQueryEx(hProcess, base, info, Len(info)) = 0 Then
Exit Do
End If
If info.Type <> 0 Then
If info.Protect = PAGE_READWRITE Then
If info.RegionSize > BufferLength Then
BufferLength = info.RegionSize
ReDim Buffer(0 To BufferLength) As Byte
End If
r = ReadProcessMemory(hProcess, info.BaseAddress, Buffer(0), info.RegionSize, n)
If r > 0 Then
For i = 0 To n - 1
Dim temp As Long
temp = CLng(Buffer(i)) + CLng(Buffer(i + 1)) * 256
If temp < 65536 Then
If temp < 32768 Then
cVal = temp
Else
cVal = temp - 65536
End If
If cVal = SearchValue Then
col.Add (info.BaseAddress + i)
End If
End If
Next i
End If
End If
End If
base = info.BaseAddress + info.RegionSize
Loop
End If
SEARCH_FINISH:
CloseHandle hProcess
Set Addrs = col
EnableButtons
End SubPrivate Sub Command1_Click()
CommonDialog1.ShowOpen
txtApp.Text = CommonDialog1.FileName
End SubPrivate Sub Command2_Click(Index As Integer)
WIRET_MEM Val(Text1(Index).Text), Val(Text2(Index).Text)
End SubPrivate Sub Command3_Click()
WIRET_MEM Val(Text3.Text), Val(Text4.Text)
End SubPrivate Sub Form_Load()
'启动
EnableButtons
End Sub
Private Sub EnableButtons()
lblCount.Caption = SearchCount
btnSearch.Enabled = ProcessID <> 0
btnModify.Enabled = SearchCount > 0
End SubPrivate Sub List1_Click()
Text3.Text = List1.List(List1.ListIndex)
End SubPrivate Sub WIRET_MEM(ADDSS As Long, SSS_Value As Long)
Dim hProcess As Long
hProcess = OpenProcess(PROCESS_VM_WRITE + PROCESS_VM_OPERATION, 0&, ProcessID)
If hProcess = 0 Then
Form1.Caption = "can't open process"
Exit Sub
End If
Dim r As Long
Dim n As Long
r = WriteProcessMemory(hProcess, ADDSS, SSS_Value, KKK, n)
If r = 0 Then
Form1.Caption = Str(ADDSS) & " modify fail"
End If
CloseHandle (hProcess)
End SubPrivate Sub Option1_Click(Index As Integer)
KKK = Index
End SubPrivate Sub Text1_DragDrop(Index As Integer, Source As Control, X As Single, Y As Single)
Text1(Index).Text = Text3.Text
End Sub
Type=Exe
Form=FORM1.FRM
Reference=*\G{00020430-0000-0000-C000-000000000046}#2.0#0#C:\WINNT\System32\stdole2.tlb#OLE Automation
Object={F9043C88-F6F2-101A-A3C9-08002B2F49FB}#1.2#0; COMDLG32.OCX
IconForm="Form1"
Startup="Form1"
ExeName32="工程2.exe"
Path32="C:\Documents and Settings\Administrator\桌面"
Command32=""
Name="工程1"
HelpContextID="0"
CompatibleMode="0"
MajorVer=1
MinorVer=0
RevisionVer=0
AutoIncrementVer=0
ServerSupportFiles=0
VersionCompanyName="PC"
CompilationType=0
OptimizationType=0
FavorPentiumPro(tm)=0
CodeViewDebugInfo=0
NoAliasing=0
BoundsCheck=0
OverflowCheck=0
FlPointCheck=0
FDIVCheck=0
UnroundedFP=0
StartMode=0
Unattended=0
Retained=0
ThreadPerObject=0
MaxNumberOfThreads=1[MS Transaction Server]
AutoRefresh=1