高分求VB高手一个问题.解决了送更多分..
我按教程写了一个小程序,是把游戏内的人物血值读出来,我用暗黑2做测试.获取PID值,获取句丙都以成功,但是用ReadProcessMemorycc3,ByVal&H22F...
我按教程写了一个小程序,是把游戏内的人物血值读出来,我用暗黑2做测试.获取PID值,获取句丙都以成功,但是用
ReadProcessMemory cc3, ByVal &H22F4045, hp, 4, 0&
获取内存中数据时,返回的数据始终是0,求高手,告诉下这是为什么.我按教程来的我仔细确认没有任何出入。.就是游戏不一样.但是我想这个游戏应该没问题吧.....这么老的游戏了
附全部代码
Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Const PROCESS_ALL_ACCESS = &H1F0FFF
Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, ByVal lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Sub Textbox_Click()
End Sub
Private Sub ReadTimer_Timer()
Dim hwnd As Long
'hwnd = FindWindow(vbNullString, "DII 1.10 中文版")Calculator Trainer
hwnd = FindWindow(vbNullString, "DII 1.10 中文版")
If hwnd = 0 Then
Label1.Caption = "游戏未运行"
Else
Label1.Caption = "游戏已成功载入!"
End If
Dim pid As Long
GetWindowThreadProcessId hwnd, pid
If pid = 0 Then
Label2.Caption = "未获取了PID值"
Else
Label2.Caption = "成功获取了PID值!"
End If
Dim cc3 As Long
cc3 = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
If cc3 = 0 Then
Label3.Caption = "未获取程序句丙!"
Else
Label3.Caption = "以获取程序句丙!"
End If
Dim hp As Long
ReadProcessMemory cc3, ByVal &H22F4045, hp, 4, 0&
Label4.Caption = hp
End Sub
另内存地址我是用 Cheat.Engine.V5.4.简体中文版 查出来的...在软件里可以修改血值信息什么的..都正常...
暗黑的这个内存地址是不会发生变化的..每次都是固定的这个地址 展开
ReadProcessMemory cc3, ByVal &H22F4045, hp, 4, 0&
获取内存中数据时,返回的数据始终是0,求高手,告诉下这是为什么.我按教程来的我仔细确认没有任何出入。.就是游戏不一样.但是我想这个游戏应该没问题吧.....这么老的游戏了
附全部代码
Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Const PROCESS_ALL_ACCESS = &H1F0FFF
Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, ByVal lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Sub Textbox_Click()
End Sub
Private Sub ReadTimer_Timer()
Dim hwnd As Long
'hwnd = FindWindow(vbNullString, "DII 1.10 中文版")Calculator Trainer
hwnd = FindWindow(vbNullString, "DII 1.10 中文版")
If hwnd = 0 Then
Label1.Caption = "游戏未运行"
Else
Label1.Caption = "游戏已成功载入!"
End If
Dim pid As Long
GetWindowThreadProcessId hwnd, pid
If pid = 0 Then
Label2.Caption = "未获取了PID值"
Else
Label2.Caption = "成功获取了PID值!"
End If
Dim cc3 As Long
cc3 = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
If cc3 = 0 Then
Label3.Caption = "未获取程序句丙!"
Else
Label3.Caption = "以获取程序句丙!"
End If
Dim hp As Long
ReadProcessMemory cc3, ByVal &H22F4045, hp, 4, 0&
Label4.Caption = hp
End Sub
另内存地址我是用 Cheat.Engine.V5.4.简体中文版 查出来的...在软件里可以修改血值信息什么的..都正常...
暗黑的这个内存地址是不会发生变化的..每次都是固定的这个地址 展开
7个回答
展开全部
这是典型的内存地址不可修改 你的程序必须获得更高的权限
我帮你修改一下吧
Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Const PROCESS_ALL_ACCESS = &H1F0FFF
Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, ByVal lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Type LUID
lowpart As Long
highpart As Long
End Type
Private Type LUID_AND_ATTRIBUTES
pLuid As LUID
Attributes As Long
End Type
Private Type TOKEN_PRIVILEGES
PrivilegeCount As Long
Privileges As LUID_AND_ATTRIBUTES
End Type
Private Const PROCESS_ALL_ACCESS As Long = &H1F0FFF
Private Const TOKEN_QUERY As Long = &H8&
Private Const TOKEN_ADJUST_PRIVILEGES As Long = &H20&
Private Const SE_PRIVILEGE_ENABLED As Long = &H2
Private Const SE_DEBUG_NAME As String = "SeDebugPrivilege"
Private Declare Function GetCurrentProcess Lib "kernel32" () As Long
Private Declare Function OpenProcessToken Lib "advapi32.dll" (ByVal ProcessHandle As Long, ByVal DesiredAccess As Long, TokenHandle As Long) As Long
Private Declare Function LookupPrivilegeValue Lib "advapi32.dll" Alias "LookupPrivilegeValueW" (ByVal lpSystemName As Long, ByVal lpName As Long, lpLuid As LUID) As Long
Private Declare Function AdjustTokenPrivileges Lib "advapi32.dll" (ByVal TokenHandle As Long, ByVal DisableAllPrivileges As Long, NewState As TOKEN_PRIVILEGES, ByVal BufferLength As Long, ByVal PrevState As Long, ByVal N As Long) As Long
Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleW" (ByVal lpwModuleName As Long) As Long
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Private Sub Textbox_Click()
End Sub
Private Sub ReadTimer_Timer()
Dim hwnd As Long
'hwnd = FindWindow(vbNullString, "DII 1.10 中文版")Calculator Trainer
hwnd = FindWindow(vbNullString, "DII 1.10 中文版")
If hwnd = 0 Then
Label1.Caption = "游戏未运行"
Else
Label1.Caption = "游戏已成功载入!"
End If
Dim pid As Long
GetWindowThreadProcessId hwnd, pid
If pid = 0 Then
Label2.Caption = "未获取了PID值"
Else
Label2.Caption = "成功获取了PID值!"
End If
Dim pToken As TOKEN_PRIVILEGES
Dim hToken As Long
OpenProcessToken GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES Or TOKEN_QUERY, hToken
LookupPrivilegeValue 0, StrPtr(SE_DEBUG_NAME), pToken.Privileges.pLuid
pToken.PrivilegeCount = 1
pToken.Privileges.Attributes = SE_PRIVILEGE_ENABLED
AdjustTokenPrivileges hToken, False, pToken, Len(pToken), 0, 0
Dim cc3 As Long
cc3 = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
If cc3 = 0 Then
Label3.Caption = "未获取程序句丙!"
Else
Label3.Caption = "以获取程序句丙!"
End If
Dim hp As Long
ReadProcessMemory cc3, ByVal &H22F4045, hp, 4, 0&
Label4.Caption = hp
End Sub
我帮你修改一下吧
Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Const PROCESS_ALL_ACCESS = &H1F0FFF
Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, ByVal lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Type LUID
lowpart As Long
highpart As Long
End Type
Private Type LUID_AND_ATTRIBUTES
pLuid As LUID
Attributes As Long
End Type
Private Type TOKEN_PRIVILEGES
PrivilegeCount As Long
Privileges As LUID_AND_ATTRIBUTES
End Type
Private Const PROCESS_ALL_ACCESS As Long = &H1F0FFF
Private Const TOKEN_QUERY As Long = &H8&
Private Const TOKEN_ADJUST_PRIVILEGES As Long = &H20&
Private Const SE_PRIVILEGE_ENABLED As Long = &H2
Private Const SE_DEBUG_NAME As String = "SeDebugPrivilege"
Private Declare Function GetCurrentProcess Lib "kernel32" () As Long
Private Declare Function OpenProcessToken Lib "advapi32.dll" (ByVal ProcessHandle As Long, ByVal DesiredAccess As Long, TokenHandle As Long) As Long
Private Declare Function LookupPrivilegeValue Lib "advapi32.dll" Alias "LookupPrivilegeValueW" (ByVal lpSystemName As Long, ByVal lpName As Long, lpLuid As LUID) As Long
Private Declare Function AdjustTokenPrivileges Lib "advapi32.dll" (ByVal TokenHandle As Long, ByVal DisableAllPrivileges As Long, NewState As TOKEN_PRIVILEGES, ByVal BufferLength As Long, ByVal PrevState As Long, ByVal N As Long) As Long
Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleW" (ByVal lpwModuleName As Long) As Long
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Private Sub Textbox_Click()
End Sub
Private Sub ReadTimer_Timer()
Dim hwnd As Long
'hwnd = FindWindow(vbNullString, "DII 1.10 中文版")Calculator Trainer
hwnd = FindWindow(vbNullString, "DII 1.10 中文版")
If hwnd = 0 Then
Label1.Caption = "游戏未运行"
Else
Label1.Caption = "游戏已成功载入!"
End If
Dim pid As Long
GetWindowThreadProcessId hwnd, pid
If pid = 0 Then
Label2.Caption = "未获取了PID值"
Else
Label2.Caption = "成功获取了PID值!"
End If
Dim pToken As TOKEN_PRIVILEGES
Dim hToken As Long
OpenProcessToken GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES Or TOKEN_QUERY, hToken
LookupPrivilegeValue 0, StrPtr(SE_DEBUG_NAME), pToken.Privileges.pLuid
pToken.PrivilegeCount = 1
pToken.Privileges.Attributes = SE_PRIVILEGE_ENABLED
AdjustTokenPrivileges hToken, False, pToken, Len(pToken), 0, 0
Dim cc3 As Long
cc3 = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
If cc3 = 0 Then
Label3.Caption = "未获取程序句丙!"
Else
Label3.Caption = "以获取程序句丙!"
End If
Dim hp As Long
ReadProcessMemory cc3, ByVal &H22F4045, hp, 4, 0&
Label4.Caption = hp
End Sub
本回答由提问者推荐
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
估计是权限问题,读血量前后加这个试试
cc3 = OpenProcess(PROCESS_ALL_ACCESS, hwnd, pid)
If cc3 <> 0 Then
ReadProcessMemory cc3, ByVal &H22F4045, hp, 4, 0&
end if
CloseHandle cc3
我想你也不是只是做单机游戏的挂挂吧~~呵呵
另二楼说的对,游戏可能有基址和偏移,我只弄过网络游戏。单机游戏还没时间试。
窗口名字一定对的吗?Label1.Caption是游戏已成功载入不?
cc3 = OpenProcess(PROCESS_ALL_ACCESS, hwnd, pid)
If cc3 <> 0 Then
ReadProcessMemory cc3, ByVal &H22F4045, hp, 4, 0&
end if
CloseHandle cc3
我想你也不是只是做单机游戏的挂挂吧~~呵呵
另二楼说的对,游戏可能有基址和偏移,我只弄过网络游戏。单机游戏还没时间试。
窗口名字一定对的吗?Label1.Caption是游戏已成功载入不?
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
ReadProcessMemory 的第三个参数要放一个变量地址,varptr这个函数是取变量地址的,同样还有一个是这样的strptr,看到这两个函数的头三个字母就知道取哪种变量类型的地址啦,str是字符串地址的var不用我说了吧!!!
为什么要传地址?
你自已看看那个api的第三个参数的定义就知道啦ByVal lpBuffer As Any(lpBuffer)是一个指针,那就是说要传一个变量地址给它
为什么要传地址?
你自已看看那个api的第三个参数的定义就知道啦ByVal lpBuffer As Any(lpBuffer)是一个指针,那就是说要传一个变量地址给它
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
请问
1——H22F4045地址是否为内存基地址?
2——你是否找到了相对应的偏移量?
要获取血量值,你必须要找到游戏的内存基地址~!并且还要找到血量的内存偏移量。
1——H22F4045地址是否为内存基地址?
2——你是否找到了相对应的偏移量?
要获取血量值,你必须要找到游戏的内存基地址~!并且还要找到血量的内存偏移量。
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
msgbox "太难了!"
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
内存是binary(二进制)的,Caption不能显示
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
更多回答(5)
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询
