C++ VS2013 種植物四

原創

EXPENF

2018-08-27 12:56

1.添加一個按鈕，並修改Caption

2.修改按鈕ID爲IDC_BUTTON_tree

3.雙擊按鈕，添加按鈕處理函數

	DWORD byWrite;
	HANDLE hp = GetGameProcessHanlde();


	PVOID FarCall = VirtualAllocEx(hp,NULL,0x8FFF,MEM_COMMIT,PAGE_EXECUTE_READWRITE);

	WriteProcessMemory(hp,FarCall,plant1,0x8fff,&byWrite);

	//執行代碼
	//TRACE
<span style="white-space:pre">	</span>HANDLE th=CreateRemoteThread(hp, NULL, NULL, (LPTHREAD_START_ROUTINE)FarCall, NULL, NULL, NULL);


<span style="white-space:pre">	</span>WaitForSingleObject(th,0xFFFFFF);
<span style="white-space:pre">		</span>VirtualFreeEx(hp, FarCall, 0x8fff, MEM_DECOMMIT);

在按鈕處理函數上面添加

_declspec(naked) void plant1(void)
{_asm
	{
	push -1 
		push 2
		push 8 //X列
		mov eax, dword ptr ds : [0x6a9ec0] //mov eax,0x6a9ec0
		mov eax, dword ptr ds : [eax + 0x768]
		push eax
		mov eax, 2 //Y行
		mov edx, 0x0040D120
		call edx
		ret
}

==========================下面是有參數

1.plant1函數處理成

_declspec(naked) void plant1(DWORD *pxy)

{_asm
	{

	mov ebx, [esp + 4] //xy
		mov ecx, [ebx]  //x
		mov edx, [ebx + 4] //y
		push - 1
		push 2
		push ecx //X列
		//mov ebx,[esp+4+0xc] //xy
		//mov ecx,[ebx]  //y
		//mov edx,[ebx+4] //y
		mov eax, dword ptr ds : [0x6a9ec0] //mov eax,0x6a9ec0
		mov eax, dword ptr ds : [eax + 0x768]
		push eax
		mov eax, edx//Y行
		mov edx, 0x0040D120
		call edx
		ret
}
}

2.按鈕按下處理函數

	for (int x = 0; x <= 8; x++)
	{
		for (int y = 0; y <= 4; y++)
		{
			plantOne(x,y);
		}
	}

3.在按鈕按下處理函數上添加plantOne函數

void plantOne(DWORD x, DWORD y)
{
	DWORD xy[2];
	xy[0] = x;//0..7
	xy[1] = y;// 0..4
	DWORD byWrite;
	//遊戲進程句柄
	HANDLE hp = GetGameProcessHanlde();
	//在目標進程分配內存空間 以方便寫入要執行的代碼
	PVOID FarCall = VirtualAllocEx(hp, NULL, 0x8FFF, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
	PVOID CallArg = VirtualAllocEx(hp, NULL, sizeof(int)* 2, MEM_COMMIT, PAGE_READWRITE);
	//向目標進程的 目標地址寫入我們要執行的代碼 
	WriteProcessMemory(hp, FarCall, plant1, 0x8FFF, &byWrite);
	//向目標進程 寫入參數
	WriteProcessMemory(hp, CallArg, xy, sizeof(DWORD)* 2, &byWrite);
	//在目標進程 指定地址 執行代碼
	TRACE("\n addr=%x \n", FarCall);
	HANDLE th = CreateRemoteThread(hp, NULL, NULL, (LPTHREAD_START_ROUTINE)FarCall, CallArg, NULL, NULL);
	WaitForSingleObject(th, 0xFFFFFFF);//等待 ...
	VirtualFreeEx(hp, FarCall, 0x8FFF, MEM_DECOMMIT);
	CloseHandle(th);
	CloseHandle(hp);
}

發表評論

所有評論

還沒有人評論，想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.

C++ VS2013 種植物四

C++ VS2013 植物禁止CD功能一

C++ MFC VS2013 安裝D3DX9_39.dll

C++ VS2013 修改金錢二

C++ VS2013 貪喫蛇小遊戲

蹂躪D&F數據之XP-NtOpenProcess（虛擬機）

Mac下配置sublime實現LaTeX

https://yachay.unat.edu.pe/blog/index.php?comment_area=format_blog&comment_component=blog&comment_co

linux以太網驅動總結

C++ VS2013 種植物 四

C++ VS2013 種植物四