1.VB怎么做动态内存地址的基址变速驱动源码修改器?
VB怎么做动态内存地址的修改器?
vb改内存跟位操作没关系,只要你会用ReadProcessMemory和WriteProcessMemory就能做修改器
修改动态地址一般两种方法:找基址和偏移,代码注入
我以前做了个植物大战僵尸修改器,部分源码我贴上来,是代码注入的,你参考下:
Option Explicit
Private Declare Function FindWindow Lib "user" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
Private Declare Function GetWindowThreadProcessId Lib "user" (ByVal hwnd As Long, lpdwProcessId As Long) As Long
Private Declare Function OpenProcess Lib "kernel" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function ReadProcessMemory Lib "kernel.dll" (ByVal hProcess As Long, ByVal lpBaseAddress As Long, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function WriteProcessMemory Lib "kernel" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function CloseHandle Lib "kernel" (ByVal hObject As Long) As Long
Const PROCESS_ALL_ACCESS = &H1F0FFF
Dim hHwnd As Long
Dim pid As Long
Dim hProcess As Long
Dim base(5) As Long
Private Sub doSun() '无限阳光
WriteProcessMemory hProcess, ByVal &HBAB5, &HE9, 1, 0 'jmp E
WriteProcessMemory hProcess, ByVal &HBAB6, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HBAB7, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HBAB8, &HE3, 1, 0
WriteProcessMemory hProcess, ByVal &HBAB9, &HFF, 1, 0
WriteProcessMemory hProcess, ByVal &HBABA, &H, 1, 0 'nop
WriteProcessMemory hProcess, ByVal &HE, &H3E, 1, 0 'add eax,dword ptr ds:[edx+]
WriteProcessMemory hProcess, ByVal &HE, &H3, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H0, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H0, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0 'mov dword ptr [E],edx
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HEA, &HE1, 1, 0
WriteProcessMemory hProcess, ByVal &HEB, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HEC, &H0, 1, 0
WriteProcessMemory hProcess, ByVal &HED, &HE9, 1, 0 'jmp BABB
WriteProcessMemory hProcess, ByVal &HEE, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HEF, &HD9, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H1C, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H0, 1, 0
End Sub
Private Sub doFreeze() '冻结时间
WriteProcessMemory hProcess, ByVal &HE, &HE9, 1, 0 'jmp E
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HE7A, &HDC, 1, 0
WriteProcessMemory hProcess, ByVal &HE7B, &HFF, 1, 0
WriteProcessMemory hProcess, ByVal &HE7C, &H, 1, 0 'nop
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0 'mov dword ptr ss:[ebp+],eax
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0 'mov dword ptr [E],ebp
WriteProcessMemory hProcess, ByVal &HE, &H2D, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &HE1, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H0, 1, 0
WriteProcessMemory hProcess, ByVal &HEA, &H, 1, 0 'mov dword ptr ss:[ebp+],eax
WriteProcessMemory hProcess, ByVal &HEB, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HEC, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HED, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HEE, &HE9, 1, 0 'jmp E7D
WriteProcessMemory hProcess, ByVal &HEF, &H6A, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &HAD, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H0, 1, 0
WriteProcessMemory hProcess, ByVal &HE, &H, 1, 0 'nop
End Sub
Private Sub Timer1_Timer()
Static isChange As Boolean
hHwnd = FindWindow(vbNullString, "植物大战僵尸中文版")
If hHwnd <> 0 Then
Call GetWindowThreadProcessId(hHwnd, pid)
hProcess = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
If hProcess <> 0 Then
If isChange = False Then
'代码注入
Call doSun
Call doFreeze
isChange = True
End If
If myCheck(0).Value = 1 Then '无限阳光
ReadProcessMemory hProcess, &HE, base(0), 4, 0
WriteProcessMemory hProcess, base(0) + &H, , 4, 0 '阳光数量改成
End If
If myCheck(1).Value = 1 Then '冻结时间
ReadProcessMemory hProcess, &HE, base(1), 4, 0
WriteProcessMemory hProcess, base(1) + &H, , 4, 0 '冻结时间
End If
End If
End If
End Sub