注入的代码 自己水平很差,期待批评。HWND hwnd= ::FindWindow(NULL,"YB_OnlineClient");
if(hwnd==NULL)
{
::AfxMessageBox("获取窗口句柄失败");
return;
}
DWORD pid=0;
::GetWindowThreadProcessId(hwnd,&pid);
CString cs;
OpenProcessPrivate(pid,cs); HANDLE hpid=OpenProcess(PROCESS_CREATE_THREAD| //允许远程创建线程
PROCESS_VM_OPERATION | //VM操作
PROCESS_VM_READ|
PROCESS_VM_WRITE,FALSE,pid);
if(hpid==NULL)
{
DWORD errid=::GetLastError();
LPSTR lpBuffer;
FormatMessage ( FORMAT_MESSAGE_ALLOCATE_BUFFER |
FORMAT_MESSAGE_IGNORE_INSERTS |
FORMAT_MESSAGE_FROM_SYSTEM,
NULL,
errid, // 此乃错误代码,通常在程序中可由 GetLastError()得之
LANG_NEUTRAL,
(LPTSTR) & lpBuffer,
0 ,
NULL );
CString strErrorCause = lpBuffer ? _T(lpBuffer) : _T( " Sorry, cannot find this error info. " );
this->SetWindowTextA(strErrorCause);
}
LPVOID paddress=::VirtualAllocEx(hpid,NULL,0x3000,MEM_COMMIT|MEM_RESERVE,PAGE_EXECUTE_READWRITE);
BOOL iReturnCode=WriteProcessMemory (hpid,paddress,AddBloog,0x3000,NULL);
if (!iReturnCode)
{
//::AfxMessageBox("写入内存失败");
}
else
{
//::AfxMessageBox("写入内存成功");
DWORD tid=0;
HANDLE htid=CreateRemoteThread(hpid,NULL,0,(LPTHREAD_START_ROUTINE )paddress,0,0,&tid);
if(htid==NULL)
{
::CloseHandle(htid);
DWORD errid=::GetLastError();
LPSTR lpBuffer;
FormatMessage ( FORMAT_MESSAGE_ALLOCATE_BUFFER |
FORMAT_MESSAGE_IGNORE_INSERTS |
FORMAT_MESSAGE_FROM_SYSTEM,
NULL,
errid, // 此乃错误代码,通常在程序中可由 GetLastError()得之
LANG_NEUTRAL,
(LPTSTR) & lpBuffer,
0 ,
NULL );
CString strErrorCause = lpBuffer ? _T(lpBuffer) : _T( " Sorry, cannot find this error info. " );
this->SetWindowTextA(strErrorCause);
}
}
VirtualFreeEx(hpid,paddress,0x3000,MEM_RELEASE);代码下载地址:www.teilihua.com打怪的源码
void CRMainDialog::EMon(void)
{
UpdateData(false);
int *p;
int max=MONLISTBASE+0xffff*4;
float *pt;
int *p2e;
int *p380;
int md=-1;
float ptt=-1;
for(int i=MONLISTBASE;i<max;i+=4)
{
p=(int *)i;
p2e=(int *)(*p+8);
if(*p2e==0x2e)
{
pt=(float *)(*p+0x31);
if (*pt<this->m_mon_dis)
{
p380=(int *)(*p+0x18);
if(*p380==0)
{
if(ptt<0)
{
ptt=*pt;
int *monid=(int *)(*p+0xc);
md=*monid;
//::AfxMessageBox("if(ptt<-1)");
}
else
{
if(ptt>*pt)
{
ptt=*pt;
int *monid=(int *)(*p+0xc);
md=*monid;
//::AfxMessageBox("if(ptt>*pt)");
}
}
}
}
}
}
int *pbasese=(int *)(CURRENTMON);
int base=*pbasese;
int* psel;
psel=(int *)(base+0x1cb0);
*psel=md;
}
if(hwnd==NULL)
{
::AfxMessageBox("获取窗口句柄失败");
return;
}
DWORD pid=0;
::GetWindowThreadProcessId(hwnd,&pid);
CString cs;
OpenProcessPrivate(pid,cs); HANDLE hpid=OpenProcess(PROCESS_CREATE_THREAD| //允许远程创建线程
PROCESS_VM_OPERATION | //VM操作
PROCESS_VM_READ|
PROCESS_VM_WRITE,FALSE,pid);
if(hpid==NULL)
{
DWORD errid=::GetLastError();
LPSTR lpBuffer;
FormatMessage ( FORMAT_MESSAGE_ALLOCATE_BUFFER |
FORMAT_MESSAGE_IGNORE_INSERTS |
FORMAT_MESSAGE_FROM_SYSTEM,
NULL,
errid, // 此乃错误代码,通常在程序中可由 GetLastError()得之
LANG_NEUTRAL,
(LPTSTR) & lpBuffer,
0 ,
NULL );
CString strErrorCause = lpBuffer ? _T(lpBuffer) : _T( " Sorry, cannot find this error info. " );
this->SetWindowTextA(strErrorCause);
}
LPVOID paddress=::VirtualAllocEx(hpid,NULL,0x3000,MEM_COMMIT|MEM_RESERVE,PAGE_EXECUTE_READWRITE);
BOOL iReturnCode=WriteProcessMemory (hpid,paddress,AddBloog,0x3000,NULL);
if (!iReturnCode)
{
//::AfxMessageBox("写入内存失败");
}
else
{
//::AfxMessageBox("写入内存成功");
DWORD tid=0;
HANDLE htid=CreateRemoteThread(hpid,NULL,0,(LPTHREAD_START_ROUTINE )paddress,0,0,&tid);
if(htid==NULL)
{
::CloseHandle(htid);
DWORD errid=::GetLastError();
LPSTR lpBuffer;
FormatMessage ( FORMAT_MESSAGE_ALLOCATE_BUFFER |
FORMAT_MESSAGE_IGNORE_INSERTS |
FORMAT_MESSAGE_FROM_SYSTEM,
NULL,
errid, // 此乃错误代码,通常在程序中可由 GetLastError()得之
LANG_NEUTRAL,
(LPTSTR) & lpBuffer,
0 ,
NULL );
CString strErrorCause = lpBuffer ? _T(lpBuffer) : _T( " Sorry, cannot find this error info. " );
this->SetWindowTextA(strErrorCause);
}
}
VirtualFreeEx(hpid,paddress,0x3000,MEM_RELEASE);代码下载地址:www.teilihua.com打怪的源码
void CRMainDialog::EMon(void)
{
UpdateData(false);
int *p;
int max=MONLISTBASE+0xffff*4;
float *pt;
int *p2e;
int *p380;
int md=-1;
float ptt=-1;
for(int i=MONLISTBASE;i<max;i+=4)
{
p=(int *)i;
p2e=(int *)(*p+8);
if(*p2e==0x2e)
{
pt=(float *)(*p+0x31);
if (*pt<this->m_mon_dis)
{
p380=(int *)(*p+0x18);
if(*p380==0)
{
if(ptt<0)
{
ptt=*pt;
int *monid=(int *)(*p+0xc);
md=*monid;
//::AfxMessageBox("if(ptt<-1)");
}
else
{
if(ptt>*pt)
{
ptt=*pt;
int *monid=(int *)(*p+0xc);
md=*monid;
//::AfxMessageBox("if(ptt>*pt)");
}
}
}
}
}
}
int *pbasese=(int *)(CURRENTMON);
int base=*pbasese;
int* psel;
psel=(int *)(base+0x1cb0);
*psel=md;
}
http://www.pudn.com/downloads471/sourcecode/windows/freedic/detail1974539.html
csdn好象不让上传源码。
这里可以下载源码。
还给你用WriteProcessMemory()
都是通过键盘钩子注入dll。
弄这个网站主要为了下周发布的一个类似excel的控件
(业余做了三年多,自己是从事soho所以时间多些)。下周发布。和开源差不多的发布。