| 发表于:2007-12-05 15:01:03 楼主 |
下面是一个游戏外挂的实现代码,请问怎么实现这些代码,怎么样让这些代码变能一个程序启用。代码太长了我只把前面的一部分粘上了。
option explicit
private declare function releasecapture lib "user32" () as long
private declare function sendmessage lib "user32" alias "sendmessagea" (byval hwnd as long, byval wmsg as long, byval wparam as long, lparam as any) as long
private declare function setlayeredwindowattributes lib "user32" (byval hwnd as long, byval crkey as long, byval balpha as byte, byval dwflags as long) as long
private const wm_syscommand = &h112
private const sc_move = &hf010&
private const wm_nclbuttondown = &ha1
private const htcaption = 2
const lwa_alpha = &h2 '注释:表示把窗体设置成半透明样式
const lwa_colorkey = &h1 '注释:表示不显示窗体中的透明色
dim base as long
const ws_ex_layered = &h80000
const gwl_exstyle = (-20)
private declare function getwindowlong lib "user32" alias "getwindowlonga" (byval hwnd as long, byval nindex as long) as long
private declare function setwindowlong lib "user32" alias "setwindowlonga" (byval hwnd as long, byval nindex as long, byval dwnewlong as long) as long
private declare function setwindowpos lib "user32" (byval hwnd as long, _
byval hwndinsertafter as long, byval x as long, byval y as long, byval cx as long, _
byval cy as long, byval wflags as long) as long
'常量声明
const swp_nomove = &h2 '保持当前位置(x和y设定将被忽略)
const swp_nosize = &h1 '保持当前大小(cx和cy会被忽略)
const hwnd_topmost = -1
const flags = swp_nomove or swp_nosize
dim pid as long
dim hprocess as long
private sub form_load()
dim rtn as long
rtn = getwindowlong(me.hwnd, gwl_exstyle) '注释:取的窗口原先的样式
rtn = rtn or ws_ex_layered '注释:使窗体添加上新的样式ws_ex_layered
setwindowlong me.hwnd, gwl_exstyle, rtn '注释:把新的样式赋给窗体
setlayeredwindowattributes me.hwnd, 0, 170, lwa_alpha
end sub
private sub frame1_mousedown(button as integer, shift as integer, x as single, y as single)
releasecapture
sendmessage me.hwnd, wm_syscommand, sc_move + htcaption, 0
'sendmessage hwnd, wm_nclbuttondown, htcaption, 0&
'上述两种方法都能实现该功能。
end sub
private sub picture1_mousedown(button as integer, shift as integer, x as single, y as single)
releasecapture
sendmessage me.hwnd, wm_syscommand, sc_move + htcaption, 0
'sendmessage hwnd, wm_nclbuttondown, htcaption, 0&
'上述两种方法都能实现该功能。
end sub
function isrun() as boolean
isrun = false
dim gameupdatetitle as string
dim hwd as long ' 储存 findwindow 函数返回的句柄
hwd = findwindow(vbnullstring, "element client")
getwindowthreadprocessid hwd, pid
hprocess = openprocess(process_all_access, false, pid)
if hprocess = 0 then
isrun = false
else
isrun = true
end if
closehandle hprocess
end function
private sub a1_timer()
hprocess = openprocess(process_all_access, false, pid)
if hprocess then
writeprocessmemory hprocess, byval &h403e33, 1099547353, 4, 0& '写入内存1099547353这个值实现穿墙功能。
end if
closehandle hprocess
end sub
private sub command1_click()
if isrun = true then
if command1.caption = "飞天(开)" then
command1.caption = " 飞天(关)"
feitian.enabled = true
elseif command1.caption = "飞天(关)" then
command1.caption = "飞天(开)"
feitian.enabled = false
end if
else
msgbox "游戏未开启", 16
exit sub
end if
end sub
private sub command2_click()
if isrun = true then
if command2.caption = "穿墙(开)" then
command2.caption = " 穿墙(关)"
a1.enabled = true
elseif command2.caption = "穿墙(关)" then
command2.caption = "穿墙(开)"
a1.enabled = false
end if
else
msgbox "游戏未开启", 16
exit sub
end if
end sub
private sub feitian_timer()
hprocess = openprocess(process_all_access, false, pid)
if hprocess then
writeprocessmemory hprocess, byval &h45e019, -846528150, 4, 0& '写入内存846528150这个值实现飞天功能。
end if
closehandle hprocess
end sub
private sub label1_click()
end
end sub
private sub label3_click()
me.windowstate = 1
end sub
private sub picture2_mousedown(button as integer, shift as integer, x as single, y as single)
releasecapture
sendmessage me.hwnd, wm_syscommand, sc_move + htcaption, 0
'sendmessage hwnd, wm_nclbuttondown, htcaption, 0&
'上述两种方法都能实现该功能。
end sub
以下是call查找
|
|
|
|
|
