vb点虐 内存修改器 内存修改器教程
怎么用VB6编写游戏修改器?
这个东西呢,现在的动能来看,需要的核心就这几部分
十年的柘荣网站建设经验,针对设计、前端、开发、售后、文案、推广等六对一服务,响应快,48小时及时工作处理。营销型网站的优势是能够根据用户设备显示端的尺寸不同,自动调整柘荣建站的显示方式,使网站能够适用不同显示终端,在浏览器中调整网站的宽度,无论在任何一种浏览器上浏览网站,都能展现优雅布局与设计,从而大程度地提升浏览体验。创新互联公司从事“柘荣网站设计”,“柘荣网站推广”以来,每个客户项目都认真落实执行。
1、进程列表获取,VB6中都是用API,可是.NET里不用了。
2、进程操作权限的提升,修改了VB6的一些API声明来实现的。
3、进程内存的读写,也是修改了一些VB6的API实现的。
4、用BYTE结构存取2进制文件内容以获取配置。
5、一些进制的转换。
要陪媳妇去了,所以这篇写最简单的一个:BYTE数组与INTEGER类型的转换。
同志们可能要说了,这个是啥,还用你写。。。呵呵。。反正我是不知道.NET里面转换的方法,另外用分字节转化的办法代码太多,也懒得写。再就是公开一下这个API的使用方法,在网上找的头大手疼也没找到。
把它帖在这里,.NET2005下测试通过。
Private Declare Sub CopyMemoryToArr Lib "kernel32" Alias "RtlMoveMemory" (ByVal Destination() As Byte, ByRef Source As Integer, ByVal Length As Integer)
Private Declare Sub CopyMemoryToDec Lib "kernel32" Alias "RtlMoveMemory" (ByRef Destination As Int32, ByVal Source() As Byte, ByVal Length As Integer)
嘿嘿,看着眼熟吧,实际上就是VB6里咱们可爱的CopyMemory。。。不过因为用途不同,所以出现了2个定义方式,我弄了半天,还是没能写成一种定义形式。
写成函数:
Public Function HexArr2Dec(ByVal ByteArr() As Byte) As Integer
Dim Dec As Integer
CopyMemoryToDec(Dec, ByteArr, 4)
Return Dec
End Function
Public Function Dec2HexArr(ByVal Dec As Integer) As Byte()
Dim mTmpArr(3) As Byte
CopyMemoryToArr(mTmpArr, Dec, 4)
Return mTmpArr
End Function
调用方法:
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
Dim byteArr(3) As Byte, intnum As Integer = 511
byteArr = Dec2HexArr(intnum)
Debug.Print(byteArr(0) " " byteArr(1) " " byteArr(2) " " byteArr(3))
MsgBox(HexArr2Dec(byteArr))
End Sub
ok了,就这些啊。。回头看看这个定义,有几个有趣的地方
CopyMemoryToArr 中 ByVal Destination() As Byte 和 ByRef Source As Integer
CopyMemoryToDec 中 ByRef Destination As Int32 和 ByVal Source() As Byte
以往VB6里面,我们(至少是我)要像RtlMoveMemory函数传递值的时候,是这样定义的
Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long)
在.NET里这个ANY被INTPTR代替了,但是在某些操作数组的API中,例如ReadProcessMemory、WriteProcessMemory等,写成INTPTR很难成功调用,我们就可以修改定义为XXXX() As Byte。还有一个有趣的地方,API里面传递数值时,一般Byval来做,可是上面,却定义为ByRef Source As Integer和ByRef Destination As Int32。。(懒啊我,没有统一定义,INT32和INTEGER一样吧)
总结一下:
若,VB6的API声明中参数为ANY则:
1、当需要向API内传递数组的指针时,将VB6声明修改为ByVal xxxx() As Byte (必须为BYVAL)
2、当需要向API内传递一个被其操作的数据时,将VB6声明修改为ByRef Source As (Integer)
3、仅传递数据时,可声明为ByRef XXXX As IntPtr(Int32,Integer)
另举2例:
Private Declare Function ReadProcessMemory Lib "kernel32" ( _
ByVal hProcess As Integer, _
ByVal lpBaseAddress As Integer, _
ByVal lpBuffer() As Byte, _
ByVal nSize As Integer, _
ByRef lpNumberOfBytesWritten As Integer) As Integer
Private Declare Function WriteProcessMemory Lib "kernel32" ( _
ByVal hProcess As Int32, _
ByVal lpBaseAddress As Int32, _
ByVal lpBuffer() As Byte, _
ByVal nSize As Int32, _
ByRef lpNumberOfBytesWritten As Int32) As Integer
以上2声明在VS.NET 2005环境测试通过。其中Int32和Integer可互相替换。
vb点虐 写入内存值不正确
Imports System.Runtime.InteropServices
Public Class MemoryEditor
Inherits WINAPI.NativeMethods
Private phwnd As IntPtr
Private Buffer As Byte()
Private BytesRead As IntPtr
Private BytesWrite As IntPtr
''' summary创建内存编辑器/summary
''' param name="processHwnd"进程句柄/param
Sub New(processHwnd As IntPtr)
Me.phwnd = processHwnd
End Sub
''' summary根据指定偏移量读取内存基址/summary
''' param name="addr"内存地址/param
''' param name="offsets"偏移量数组/param
Public Function ReadBaseAddress(addr As IntPtr, offsets() As Integer) As IntPtr
Dim address As IntPtr = ReadMemoryToInteger(addr)
For Each offset As Integer In offsets
address = address.ToInt32 + offset
address = ReadMemoryToInteger(address)
If address = IntPtr.Zero Then
Dim errInfo As String = "内存偏移量[" Hex(offset) "]错误!"
Throw New Exception(errInfo)
End If
Next
Return address
End Function
''' summary读取4字节内存数值/summary
''' param name="addr"内存地址/param
Public Function ReadMemoryToInteger(addr As IntPtr) As Integer
Buffer = New Byte(3) {}
ReadProcessMemory(phwnd, addr, Buffer, 4, BytesRead)
Return BitConverter.ToInt32(Buffer, 0)
End Function
''' summary读取4字节内存数组/summary
''' param name="addr"内存地址/param
Public Function ReadMemoryToBytes(addr As IntPtr) As Byte()
Buffer = New Byte(3) {}
ReadProcessMemory(phwnd, addr, Buffer, 4, BytesRead)
Return Buffer
End Function
''' summary将内存值数组写入指定地址/summary
''' param name="addr"内存地址/param
''' param name="buffer"内存值数组/param
Public Function WriteMemoryByBytes(addr As IntPtr, buffer As Byte()) As Boolean
Return WriteProcessMemory(phwnd, addr, buffer, buffer.Length, BytesWrite)
End Function
End Class
Namespace WINAPI
Public MustInherit Class NativeMethods
DllImport("kernel32.dll", SetLastError:=True) _
Public Shared Function ReadProcessMemory(ByVal hProcess As IntPtr, _
ByVal lpBaseAddress As IntPtr, _
Out() ByVal lpBuffer() As Byte, _
ByVal dwSize As Integer, _
ByRef lpBytesRead As Integer) As Boolean
End Function
DllImport("kernel32.dll", SetLastError:=True) _
Public Shared Function WriteProcessMemory(ByVal hProcess As IntPtr, _
ByVal lpBaseAddress As IntPtr, _
ByVal lpBuffer As Byte(), _
ByVal nSize As Integer, _
Out() ByRef lpBytesWritten As IntPtr) As Boolean
End Function
End Class
End Namespace
是不是内存读写代码有问题!用上面的代码试试,我以前写的;
调用方法:
Dim mem As New MemoryEditor(进程句柄)
Dim offsets As Integer() = {H1, H2, H3} '{一级基址,二级基址,三级基址}
Dim baseaddr As IntPtr = mem.ReadBaseAddress(内存地址, offsets)
Dim value As Integer = mem.ReadMemoryToInteger(baseaddr)
VB.NET中,PInvoke 函数 GetWindowThreadProcessId 调用导致堆栈不对称
题主用的是 VB6 时代的 Windows API,那里面的 Long 类型相当于 .NET 里的 Int32,声明 API 时要把所有 Long 类型替换成 Int32 才可以正常使用,否则堆栈溢出。
另外操作内存这种函数需要管理员权限来运行,否则程序会报错甚至崩溃。
用VB.NET做植物大战僵尸修改器无法从地址读取值?
无法从地址读取数值,建议你换一个更大内存的内存条就可以正常使用了。
文章名称:vb点虐 内存修改器 内存修改器教程
文章URL:http://pcwzsj.com/article/ddjdgdi.html