【原创】C#超强游戏外挂帮助类,封装了很多方法,含多级指针数据读写方法等。

代码如下:

using System;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Windows.Forms;

//QQ 844125365 青椒科技内存帮助类  C# 千人QQ 群:137 696 483 欢迎大牛 加入!
namespace 主
{
    class ProcessMemoryReaderApi
    {
        public const uint PROCESS_VM_READ = (0x0010);
        public const uint PROCESS_VM_WRITE = (0x0020);
        public const uint PROCESS_VM_OPERATION = (0x0008);
        public const uint PAGE_READWRITE = 0x0004;
        public const int WM_SYSCOMMAND = 0x0112;
        public const int WM_ACTIVATE = 0x6;
        public const int WM_HOTKEY = 0x0312;
        [DllImport("user32.dll", CharSet = CharSet.Auto, CallingConvention = CallingConvention.StdCall)]
        public static extern void mouse_event(long dwFlags, long dx, long dy, long cButtons, long dwExtraInfo);
        [DllImport("kernel32.dll")]
        public static extern IntPtr OpenProcess(UInt32 dwDesiredAccess, Int32 bInheritHandle, UInt32 dwProcessId);

        [DllImport("kernel32.dll")]
        public static extern Int32 CloseHandle(IntPtr hObject);

        [DllImport("kernel32.dll")]
        public static extern Int32 ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesRead);

        [DllImport("kernel32.dll")]
        public static extern Int32 WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesWritten);

        [DllImport("kernel32", SetLastError = true)]
        public static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress, UInt32 dwSize, uint flAllocationType, uint flProtect);

        [DllImport("kernel32.dll", SetLastError = true)]
        public static extern bool VirtualProtectEx(IntPtr hProcess, IntPtr lpAddress, UInt32 dwSize, uint flNewProtect, out uint lpflOldProtect);

        [DllImport("user32.dll", SetLastError = true)]
        public static extern bool UnregisterHotKey(IntPtr hWnd, int id);

        [DllImport("user32.dll")]
        public static extern int GetKeyState(int vKey);

    }
    public class ProcessMemoryReader
    {
        public ProcessMemoryReader()
        {
        }
        public Process ReadProcess
        {
            get
            {
                return m_ReadProcess;
            }
            set
            {
                m_ReadProcess = value;
            }
        }
        private Process m_ReadProcess = null;
        private IntPtr m_hProcess = IntPtr.Zero;
        public void OpenProcess()
        {
            m_hProcess = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ | ProcessMemoryReaderApi.PROCESS_VM_WRITE | ProcessMemoryReaderApi.PROCESS_VM_OPERATION, 1, (uint)m_ReadProcess.Id);
        }
        public void CloseHandle()
        {
            int iRetValue;
            iRetValue = ProcessMemoryReaderApi.CloseHandle(m_hProcess);
            if (iRetValue == 0)
                throw new Exception("CloseHandle failed");
        }

        #region ReadMem
        public int ReadMem(int MemoryAddress, uint bytesToRead, out byte[] buffer)
        {
            IntPtr procHandle = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ | ProcessMemoryReaderApi.PROCESS_VM_WRITE | ProcessMemoryReaderApi.PROCESS_VM_OPERATION, 1, (uint)m_ReadProcess.Id);
            if (procHandle == IntPtr.Zero)
            {
                buffer = new byte[0];
                return 0;
            }

            buffer = new byte[bytesToRead];
            IntPtr ptrBytesReaded;
            ProcessMemoryReaderApi.ReadProcessMemory(procHandle, (IntPtr)MemoryAddress, buffer, bytesToRead, out ptrBytesReaded);
            ProcessMemoryReaderApi.CloseHandle(procHandle);
            return ptrBytesReaded.ToInt32();
        }

        //We use this to
        public int ReadMultiLevelPointer(int MemoryAddress, uint bytesToRead, Int32[] offsetList)
        {
            IntPtr procHandle = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ | ProcessMemoryReaderApi.PROCESS_VM_WRITE | ProcessMemoryReaderApi.PROCESS_VM_OPERATION, 1, (uint)m_ReadProcess.Id);
            IntPtr pointer = (IntPtr)0x0;
            //IF THE PROCESS isnt available we return nothing
            if (procHandle == IntPtr.Zero)
            {
                return 0;
            }

            byte[] btBuffer = new byte[bytesToRead];
            IntPtr lpOutStorage = IntPtr.Zero;

            int pointerAddy = MemoryAddress;
            //int pointerTemp = 0;
            for (int i = 0; i < (offsetList.Length); i++)
            {
                if (i == 0)
                {
                    ProcessMemoryReaderApi.ReadProcessMemory(
                        procHandle,
                        (IntPtr)(pointerAddy),
                        btBuffer,
                        (uint)btBuffer.Length,
                        out lpOutStorage);
                }
                pointerAddy = (BitConverter.ToInt32(btBuffer, 0) + offsetList[i]);
                //string pointerAddyHEX = pointerAddy.ToString("X");

                ProcessMemoryReaderApi.ReadProcessMemory(
                    procHandle,
                    (IntPtr)(pointerAddy),
                    btBuffer,
                    (uint)btBuffer.Length,
                    out lpOutStorage);
            }
            return pointerAddy;
        }

        public byte ReadByte(int MemoryAddress)
        {
            byte[] buffer;
            int read = ReadMem(MemoryAddress, 1, out buffer);
            if (read == 0)
                return new byte();
            else
                return buffer[0];
        }
        public int ReadInt(int MemoryAddress)
        {
            byte[] buffer;
            int read = ReadMem(MemoryAddress, 4, out buffer);
            if (read == 0)
                return 0;
            else
                return BitConverter.ToInt32(buffer, 0);
        }

        public uint ReadUInt(int MemoryAddress)
        {
            byte[] buffer;
            int read = ReadMem(MemoryAddress, 4, out buffer);
            if (read == 0)
                return 0;
            else
                return BitConverter.ToUInt32(buffer, 0);
        }
        public float ReadFloat(int MemoryAddress)
        {
            byte[] buffer;
            int read = ReadMem(MemoryAddress, 4, out buffer);
            if (read == 0)
                return 0;
            else
                return BitConverter.ToSingle(buffer, 0);
        }
        public byte[] ReadAMem(IntPtr MemoryAddress, uint bytesToRead, out int bytesReaded)
        {
            byte[] buffer = new byte[bytesToRead];

            IntPtr ptrBytesReaded;
            ProcessMemoryReaderApi.ReadProcessMemory(m_hProcess, MemoryAddress, buffer, bytesToRead, out ptrBytesReaded);
            bytesReaded = ptrBytesReaded.ToInt32();
            return buffer;
        }
        internal byte[] ReadAMem(int p, int p_2, out int bytesReadSize)
        {
            throw new NotImplementedException();
        }

        #endregion
        #region WriteMem
        public int WriteMem(int MemoryAddress, byte[] buf)
        {
            IntPtr procHandle = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ | ProcessMemoryReaderApi.PROCESS_VM_WRITE | ProcessMemoryReaderApi.PROCESS_VM_OPERATION, 1, (uint)m_ReadProcess.Id);
            if (procHandle == IntPtr.Zero)
                return 0;

            uint oldProtect;
            ProcessMemoryReaderApi.VirtualProtectEx(procHandle, (IntPtr)MemoryAddress, (uint)buf.Length, ProcessMemoryReaderApi.PAGE_READWRITE, out oldProtect);
            IntPtr ptrBytesWritten;
            ProcessMemoryReaderApi.WriteProcessMemory(procHandle, (IntPtr)MemoryAddress, buf, (uint)buf.Length, out ptrBytesWritten);
            ProcessMemoryReaderApi.CloseHandle(procHandle);
            return ptrBytesWritten.ToInt32();
        }

        public void WriteByte(int MemoryAddress, byte b)
        {
            WriteMem(MemoryAddress, new byte[] { b });
        }
        public void WriteInt(int MemoryAddress, int w)
        {
            byte[] buf = BitConverter.GetBytes(w);
            WriteMem(MemoryAddress, buf);
        }
        public void WriteUInt(int MemoryAddress, uint u)
        {
            byte[] buf = BitConverter.GetBytes(u);
            WriteMem(MemoryAddress, buf);
        }
        public void WriteFloat(int MemoryAddress, float f)
        {
            byte[] buf = BitConverter.GetBytes(f);
            WriteMem(MemoryAddress, buf);
        }

        public void WriteDouble(int MemoryAddress, double d)
        {
            byte[] buf = BitConverter.GetBytes(d);
            WriteMem(MemoryAddress, buf);
        }

        public void WriteAMem(IntPtr MemoryAddress, byte[] bytesToWrite, out int bytesWritten)
        {
            IntPtr ptrBytesWritten;
            ProcessMemoryReaderApi.WriteProcessMemory(m_hProcess, MemoryAddress, bytesToWrite, (uint)bytesToWrite.Length, out ptrBytesWritten);

            bytesWritten = ptrBytesWritten.ToInt32();
        }
        #endregion
        #region Keys
        [DllImport("user32.dll")]
        public static extern short GetKeyState(Keys nVirtKey);
        public enum VirtualKeyStates : int
        {
            VK_LBUTTON = 0x01,
            VK_RBUTTON = 0x02,
            VK_CANCEL = 0x03,
            VK_MBUTTON = 0x04,
            //
            VK_XBUTTON1 = 0x05,
            VK_XBUTTON2 = 0x06,
            //
            VK_BACK = 0x08,
            VK_TAB = 0x09,
            //
            VK_CLEAR = 0x0C,
            VK_RETURN = 0x0D,
            //
            VK_SHIFT = 0x10,
            VK_CONTROL = 0x11,
            VK_MENU = 0x12,
            VK_PAUSE = 0x13,
            VK_CAPITAL = 0x14,
            //
            VK_KANA = 0x15,
            VK_HANGEUL = 0x15,  /* old name - should be here for compatibility */
            VK_HANGUL = 0x15,
            VK_JUNJA = 0x17,
            VK_FINAL = 0x18,
            VK_HANJA = 0x19,
            VK_KANJI = 0x19,
            //
            VK_ESCAPE = 0x1B,
            //
            VK_CONVERT = 0x1C,
            VK_NONCONVERT = 0x1D,
            VK_ACCEPT = 0x1E,
            VK_MODECHANGE = 0x1F,
            //
            VK_SPACE = 0x20,
            VK_PRIOR = 0x21,
            VK_NEXT = 0x22,
            VK_END = 0x23,
            VK_HOME = 0x24,
            VK_LEFT = 0x25,
            VK_UP = 0x26,
            VK_RIGHT = 0x27,
            VK_DOWN = 0x28,
            VK_SELECT = 0x29,
            VK_PRINT = 0x2A,
            VK_EXECUTE = 0x2B,
            VK_SNAPSHOT = 0x2C,
            VK_INSERT = 0x2D,
            VK_DELETE = 0x2E,
            VK_HELP = 0x2F,
            //
            VK_LWIN = 0x5B,
            VK_RWIN = 0x5C,
            VK_APPS = 0x5D,
            //
            VK_SLEEP = 0x5F,
            //
            VK_NUMPAD0 = 0x60,
            VK_NUMPAD1 = 0x61,
            VK_NUMPAD2 = 0x62,
            VK_NUMPAD3 = 0x63,
            VK_NUMPAD4 = 0x64,
            VK_NUMPAD5 = 0x65,
            VK_NUMPAD6 = 0x66,
            VK_NUMPAD7 = 0x67,
            VK_NUMPAD8 = 0x68,
            VK_NUMPAD9 = 0x69,
            VK_MULTIPLY = 0x6A,
            VK_ADD = 0x6B,
            VK_SEPARATOR = 0x6C,
            VK_SUBTRACT = 0x6D,
            VK_DECIMAL = 0x6E,
            VK_DIVIDE = 0x6F,
            VK_F1 = 0x70,
            VK_F2 = 0x71,
            VK_F3 = 0x72,
            VK_F4 = 0x73,
            VK_F5 = 0x74,
            VK_F6 = 0x75,
            VK_F7 = 0x76,
            VK_F8 = 0x77,
            VK_F9 = 0x78,
            VK_F10 = 0x79,
            VK_F11 = 0x7A,
            VK_F12 = 0x7B,
            VK_F13 = 0x7C,
            VK_F14 = 0x7D,
            VK_F15 = 0x7E,
            VK_F16 = 0x7F,
            VK_F17 = 0x80,
            VK_F18 = 0x81,
            VK_F19 = 0x82,
            VK_F20 = 0x83,
            VK_F21 = 0x84,
            VK_F22 = 0x85,
            VK_F23 = 0x86,
            VK_F24 = 0x87,
            //
            VK_NUMLOCK = 0x90,
            VK_SCROLL = 0x91,
            //
            VK_OEM_NEC_EQUAL = 0x92,   // ‘=‘ key on numpad
            //
            VK_OEM_FJ_JISHO = 0x92,   // ‘Dictionary‘ key
            VK_OEM_FJ_MASSHOU = 0x93,   // ‘Unregister word‘ key
            VK_OEM_FJ_TOUROKU = 0x94,   // ‘Register word‘ key
            VK_OEM_FJ_LOYA = 0x95,   // ‘Left OYAYUBI‘ key
            VK_OEM_FJ_ROYA = 0x96,   // ‘Right OYAYUBI‘ key
            //
            VK_LSHIFT = 0xA0,
            VK_RSHIFT = 0xA1,
            VK_LCONTROL = 0xA2,
            VK_RCONTROL = 0xA3,
            VK_LMENU = 0xA4,
            VK_RMENU = 0xA5,
            //
            VK_BROWSER_BACK = 0xA6,
            VK_BROWSER_FORWARD = 0xA7,
            VK_BROWSER_REFRESH = 0xA8,
            VK_BROWSER_STOP = 0xA9,
            VK_BROWSER_SEARCH = 0xAA,
            VK_BROWSER_FAVORITES = 0xAB,
            VK_BROWSER_HOME = 0xAC,
            //
            VK_VOLUME_MUTE = 0xAD,
            VK_VOLUME_DOWN = 0xAE,
            VK_VOLUME_UP = 0xAF,
            VK_MEDIA_NEXT_TRACK = 0xB0,
            VK_MEDIA_PREV_TRACK = 0xB1,
            VK_MEDIA_STOP = 0xB2,
            VK_MEDIA_PLAY_PAUSE = 0xB3,
            VK_LAUNCH_MAIL = 0xB4,
            VK_LAUNCH_MEDIA_SELECT = 0xB5,
            VK_LAUNCH_APP1 = 0xB6,
            VK_LAUNCH_APP2 = 0xB7,
            //
            VK_OEM_1 = 0xBA,   // ‘;:‘ for US
            VK_OEM_PLUS = 0xBB,   // ‘+‘ any country
            VK_OEM_COMMA = 0xBC,   // ‘,‘ any country
            VK_OEM_MINUS = 0xBD,   // ‘-‘ any country
            VK_OEM_PERIOD = 0xBE,   // ‘.‘ any country
            VK_OEM_2 = 0xBF,   // ‘/?‘ for US
            VK_OEM_3 = 0xC0,   // ‘`~‘ for US
            //
            VK_OEM_4 = 0xDB,  //  ‘[{‘ for US
            VK_OEM_5 = 0xDC,  //  ‘\|‘ for US
            VK_OEM_6 = 0xDD,  //  ‘]}‘ for US
            VK_OEM_7 = 0xDE,  //  ‘‘"‘ for US
            VK_OEM_8 = 0xDF,
            //
            VK_OEM_AX = 0xE1,  //  ‘AX‘ key on Japanese AX kbd
            VK_OEM_102 = 0xE2,  //  "<>" or "\|" on RT 102-key kbd.
            VK_ICO_HELP = 0xE3,  //  Help key on ICO
            VK_ICO_00 = 0xE4,  //  00 key on ICO
            //
            VK_PROCESSKEY = 0xE5,
            //
            VK_ICO_CLEAR = 0xE6,
            //
            VK_PACKET = 0xE7,
            //
            VK_OEM_RESET = 0xE9,
            VK_OEM_JUMP = 0xEA,
            VK_OEM_PA1 = 0xEB,
            VK_OEM_PA2 = 0xEC,
            VK_OEM_PA3 = 0xED,
            VK_OEM_WSCTRL = 0xEE,
            VK_OEM_CUSEL = 0xEF,
            VK_OEM_ATTN = 0xF0,
            VK_OEM_FINISH = 0xF1,
            VK_OEM_COPY = 0xF2,
            VK_OEM_AUTO = 0xF3,
            VK_OEM_ENLW = 0xF4,
            VK_OEM_BACKTAB = 0xF5,
            //
            VK_ATTN = 0xF6,
            VK_CRSEL = 0xF7,
            VK_EXSEL = 0xF8,
            VK_EREOF = 0xF9,
            VK_PLAY = 0xFA,
            VK_ZOOM = 0xFB,
            VK_NONAME = 0xFC,
            VK_PA1 = 0xFD,
            VK_OEM_CLEAR = 0xFE
        }
        public bool Keystate(Keys key)
        {
            int state = GetKeyState(key);
            if (state == -127 || state == -128)
            {
                return true;
            }
            return false;
        }
        #endregion
    }
}

  

时间: 2024-08-19 23:04:06

【原创】C#超强游戏外挂帮助类,封装了很多方法,含多级指针数据读写方法等。的相关文章

游戏外挂原理解析与制作 - [内存数值修改类 篇四]

前三篇的博文结合了C#的Demo对内存数据修改一类的挂剖析了原理,利用C#语言调用Windows API,我们其实已经写出了一个简单的内存扫描工具,但是它存在一些缺陷,比如说只能所搜索单一类型数值(整型),只能搜索确定的数值,比如1000.2000,而不能进行模糊搜索,比如搜索某个值变小了,或者在某某区间内变化了等. 我一直认为语言只是一种工具,只要能够达到修改数值的目的,用什么语言都可以,甚至可以配合着多种语言和工具来完成一项数值的修改.其实实际中通常都是这样,因为每种语言有自己的优势,比如C

游戏外挂原理解析与制作 - [内存数值修改类 篇一]

本章旨在讲解外挂实现原理,未深入涉及至代码层面.希望能与对这方面感兴趣的朋友多多交流,毕竟理论是死的,套路是固定的,只有破解经验是花大量时间和心血积累的. 对于单机游戏而言,游戏中绝大部分的参数(比如血.蓝.能量亦或是金币)都存储在计算机的堆栈中,一些类似剧情进度的则加密后写入本地的自定义配置文件中: 对于页游.网游和手游,虽然服务器保存了大量的重要的参数,但由于客户端不可避免的需要进行大量的计算和资源的加载,本地内存种必定存有部分的临时变量,通过判断这些变量的变化规律和函数的破密寻到利于自身的

游戏外挂原理解析与制作 - [内存数值修改类 篇二]

本章旨在讲解如何利用高级语言根据变量数值寻找内存地址.涉及代码以C#为例. 我用C#写了一个WinForm形式的Demo,界面如下: 源代码: //血量初始值 private int value = 1000; public Form1() { InitializeComponent(); } /// <summary> /// 刷新界面:将最新的血量显示在界面 /// </summary> /// <param name="sender"><

腾讯手游如何提早揭露游戏外挂风险?

目前腾讯SR手游安全测试限期开放免费专家预约!点击链接:http://wetest.qq.com/product/sr立即预约! 作者:sheldon,腾讯高级安全工程师 商业转载请联系腾讯WeTest获得授权,非商业转载请注明出处. WeTest导读 随着大量外挂.辅助.工作室等非法盈利团队借由移动游戏产业迅猛发展的东风趁虚而入,对游戏开发商和玩家来说都造成了不小的伤害,安全问题成为手游发展不容忽视的前提.本文告诉你如何从技术的角度来提前曝光这些安全问题和外挂风险. 安全无小事-安全测试开展思

关于游戏外挂

这篇文章不是自己所写,但基本上工作中也有接触,看到了就转过来记录 对于一个要上线的游戏,防外挂是必须的,历史上因为外挂而造成大量玩家流失的游戏数不胜数.随着游戏研发技术的发展,对外挂的预防业内其实做的已经越来越好了.下面总结一下防外挂的基础知识,以及我们的移动模块为防外挂做了哪些工作. 1 预防外挂的基础知识 在做外挂预防工作之前,我们要先了解外挂有哪些.根据我的了解,市面上常见的外挂主要有以下几种: 修改客户端的内存信息这类外挂通过分析游戏所使用的内存,找到内存中的变量去分析猜测变量是代表的什

【转载】游戏外挂的编写原理和思路

原文:游戏外挂的编写原理和思路 游戏外挂的编写原理(一) 一. 前言 所谓游戏外挂,其实是一种游戏外辅程序,它可以协助玩家自动产生游戏动作.修改游戏网络数据包以及修改游戏内存数据等,以实现玩家用最少的时间和金钱去完成功力升级和过关斩将.虽然,现在对游戏外挂程序的“合法”身份众说纷纭,在这里我不想对此发表任何个人意见,让时间去说明一切吧. 不管游戏外挂程序是不是“合法”身份,但是它却是具有一定的技术含量的,在这些小小程序中使用了许多高端技术,如拦截Sock技术.拦截API技术.模拟键盘与鼠标技术.

游戏外挂教程(转)

游戏外挂教程(转) 由于本人是游戏爱好者,又是懒人,所以就有了写外挂的想法. 有同样爱好的人 可以 参考一下 主要是调用API的一些东西. 以下教程来自网上,本人通过一下教程,编写了魔兽争霸3,辅助工具(主用功能显血.改键) 谢谢 O(∩_∩)O~ 游戏外挂的编写原理(一)     一. 前言 所谓游戏外挂,其实是一种游戏外辅程序,它可以协助玩家自动产生游戏动作.修改游戏网络数据包以及修改游 戏内存数据等,以实现玩家用最少的时间和金钱去完成功力升级和过关斩将.虽然,现在对游戏外挂程序的“合法”

游戏外挂制作原理

外挂现在大体上来讲分为三种,分别是模拟按键,WPE封包和内存挂.比如模拟键盘的,鼠标的,这种就叫做按键模拟,也叫脚本精灵:还有修改数据包的,这种就叫做WPE封包外挂,这种外挂相对而言比较稳定,但是对于技术要求难度也比较高,因为修改WPE封包,你需要知道和了解加密解密算法等等一系列的知识:还有最后一种就是修改本地内存的,这种相对而言比较常见,市场上面比较常见的也是这种游戏外挂,相对而言技术要求也不是太高,资料也比较齐全,比较大众:但好像没有修改服务器内存的哦,呵呵.其实修改服务器也是有办法的,只是

用游戏外挂的方式修复有道云笔记的BUG

由爱到痛 有道云笔记是个好东西,在认识它之前,我一直使用Windows记事本来保存网上摘抄的文档资料和学习心得体会.某天朋友推荐了有道云笔记,我安装后就不可收拾的爱上了它.那种感觉,就好比一夜之间手扶拖拉机换成了奥迪Q7,从此驶上了码字界的康庄大道. 可就在我对它的爱如火如荼的进行中时,一件痛心疾首的事情发生了. 宋体,是我钟爱的字体,而有道云笔记钟爱的字体则是微软雅黑.就是那么一个兴趣爱好的不同,使我们之间产生了矛盾,并不断被激化,最终影响到了工作和生活,以至于之后一度要和它分手. 问题是这样