1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 | using System;using System.Drawing;using System.Text;using System.Windows.Forms;namespace PlantsVsZombiesTool{ /// <summary> /// /// </summary> public partial class Form1 : Form { public Form1() { InitializeComponent(); } private void Form1_Load(object sender, EventArgs e) { } //启动无线阳光 private void btnGet_Click(object sender, EventArgs e) { if (Helper.GetPidByProcessName(processName) == 0) { MessageBox.Show("哥们启用之前游戏总该运行吧!"); return; } if (btnGet.Text == "启用-阳光无限") { timer1.Enabled = true; btnGet.Text = "关闭-阳光无限"; } else { timer1.Enabled = false; btnGet.Text = "启用-阳光无限"; } } private void timer1_Tick(object sender, EventArgs e) { if (Helper.GetPidByProcessName(processName) == 0) { timer1.Enabled = false; btnGet.Text = "启用-阳光无限"; } int address = ReadMemoryValue(baseAddress); //读取基址(该地址不会改变) address = address + 0x768; //获取2级地址 address = ReadMemoryValue(address); address = address + 0x5560; //获取存放阳光数值的地址 WriteMemory(address, 0x1869F); //写入数据到地址(0x1869F表示99999) timer1.Interval = 1000; } //启动无线金钱 private void btnMoney_Click(object sender, EventArgs e) { if (Helper.GetPidByProcessName(processName) == 0) { MessageBox.Show("哥们启用之前游戏总该运行吧!"); return; } if (btnMoney.Text == "启用-金钱无限") { timer2.Enabled = true; btnMoney.Text = "关闭-金钱无限"; } else { timer2.Enabled = false; btnMoney.Text = "启用-金钱无限"; } } private void timer2_Tick(object sender, EventArgs e) { if (Helper.GetPidByProcessName(processName) == 0) { timer2.Enabled = false; btnMoney.Text = "启用-金钱无限"; } int address = ReadMemoryValue(baseAddress); //读取基址(该地址不会改变) address = address + 0x82C; //获取2级地址 address = ReadMemoryValue(address); address = address + 0x28; //得到金钱地址 WriteMemory(address, 0x1869F); //写入数据到地址(0x1869F表示99999) timer2.Interval = 1000; } private void btnGo_Click(object sender, EventArgs e) { if (Helper.GetPidByProcessName(processName) == 0) { MessageBox.Show("哥们启用之前游戏总该运行吧!"); return; } int address = ReadMemoryValue(baseAddress); //读取基址(该地址不会改变) address = address + 0x82C; //获取2级地址 address = ReadMemoryValue(address); address = address + 0x24; int lev = 1; try { lev = int.Parse(txtLev.Text.Trim()); } catch { MessageBox.Show("输入的关卡格式不真确!默认设置为1"); } WriteMemory(address, lev); } //读取制定内存中的值 public int ReadMemoryValue(int baseAdd) { return Helper.ReadMemoryValue(baseAdd, processName); } //将值写入指定内存中 public void WriteMemory(int baseAdd, int value) { Helper.WriteMemoryValue(baseAdd, processName, value); } private int baseAddress = 0x006A9EC0; //游戏内存基址 private string processName = "PlantsVsZombies"; //游戏进程名字 }} |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 | using System;using System.Text;using System.Diagnostics;using System.Runtime.InteropServices;namespace PlantsVsZombiesTool{ public abstract class Helper { [DllImportAttribute("kernel32.dll", EntryPoint = "ReadProcessMemory")] public static extern bool ReadProcessMemory ( IntPtr hProcess, IntPtr lpBaseAddress, IntPtr lpBuffer, int nSize, IntPtr lpNumberOfBytesRead ); [DllImportAttribute("kernel32.dll", EntryPoint = "OpenProcess")] public static extern IntPtr OpenProcess ( int dwDesiredAccess, bool bInheritHandle, int dwProcessId ); [DllImport("kernel32.dll")] private static extern void CloseHandle ( IntPtr hObject ); //写内存 [DllImportAttribute("kernel32.dll", EntryPoint = "WriteProcessMemory")] public static extern bool WriteProcessMemory ( IntPtr hProcess, IntPtr lpBaseAddress, int[] lpBuffer, int nSize, IntPtr lpNumberOfBytesWritten ); //获取窗体的进程标识ID public static int GetPid(string windowTitle) { int rs = 0; Process[] arrayProcess = Process.GetProcesses(); foreach (Process p in arrayProcess) { if (p.MainWindowTitle.IndexOf(windowTitle) != -1) { rs = p.Id; break; } } return rs; } //根据进程名获取PID public static int GetPidByProcessName(string processName) { Process[] arrayProcess = Process.GetProcessesByName(processName); foreach (Process p in arrayProcess) { return p.Id; } return 0; } //根据窗体标题查找窗口句柄(支持模糊匹配) public static IntPtr FindWindow(string title) { Process[] ps = Process.GetProcesses(); foreach (Process p in ps) { if (p.MainWindowTitle.IndexOf(title) != -1) { return p.MainWindowHandle; } } return IntPtr.Zero; } //读取内存中的值 public static int ReadMemoryValue(int baseAddress,string processName) { try { byte[] buffer = new byte[4]; IntPtr byteAddress = Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0); //获取缓冲区地址 IntPtr hProcess = OpenProcess(0x1F0FFF, false, GetPidByProcessName(processName)); ReadProcessMemory(hProcess, (IntPtr)baseAddress, byteAddress, 4, IntPtr.Zero); //将制定内存中的值读入缓冲区 CloseHandle(hProcess); return Marshal.ReadInt32(byteAddress); } catch { return 0; } } //将值写入指定内存地址中 public static void WriteMemoryValue(int baseAddress, string processName, int value) { IntPtr hProcess = OpenProcess(0x1F0FFF, false, GetPidByProcessName(processName)); //0x1F0FFF 最高权限 WriteProcessMemory(hProcess, (IntPtr)baseAddress, new int[] { value }, 4, IntPtr.Zero); CloseHandle(hProcess); } }} |
联系客服
