|
|
示例:
'定義游戲路徑,以及各種特征碼
Private Const Game_Path = "D:\Game\7fgame\7FGameApp.dll"
Private Const Game_Base_Feature_Codes = "90909081EC780500008B0D"
Private Const Code_Check_Feature_Codes = "50518BCBE86C0200008B4C242C"
Private Const Code_Check1_Feature_Codes = "50518BCBE8A80100008B4C2428"
Private Const Date_Check_Feature_Codes = "83C41485C07414FFD3"
Private Const Date_Check1_Feature_Codes = "03C283C41C3BC874"
Private Const Date_Check2_Feature_Codes = "0F858700000033DB3BD3895C"
Private Const Room_On_Feature_Codes = "85C07408C74424100000"
Private Const Hall_Check_Feature_Codes = "C744242C140000008B48"
Private Const Room_Check_Feature_Codes = "8D94244E040000C1E902F3"
Private Const Game_Check_Feature_Codes = "8954242E894424328D93"
Private Const Date_Lock_Feature_Codes = "66ABAA8B45103BC80F"
Private Const Date_Lock1_Feature_Codes = "8B531033ED85D2C744241401"
'定義SCO結構體變量
Private SCO As Sanguo_Check_Offset
'過程搜索游戲個特征碼的偏移
Private Sub Call_Search_Offset()
Dim FileBin() As Byte
ReadFileBin FileBin, Game_Path
SCO.Game_Base_offset = Find_Location(FileBin, Game_Base_Feature_Codes, 1)
SCO.Code_Check_offset = Find_Location(FileBin, Code_Check_Feature_Codes, 7)
SCO.Code_Check1_offset = Find_Location(FileBin, Code_Check1_Feature_Codes, 7)
SCO.Date_Check_offset = Find_Location(FileBin, Date_Check_Feature_Codes, -3)
SCO.Date_Check1_offset = Find_Location(FileBin, Date_Check1_Feature_Codes)
SCO.Date_Check2_offset = Find_Location(FileBin, Date_Check2_Feature_Codes, 3)
SCO.Room_On_offset = Find_Location(FileBin, Room_On_Feature_Codes, -1)
SCO.Hall_Check_offset = Find_Location(FileBin, Hall_Check_Feature_Codes, 8)
SCO.Room_Check_offset = Find_Location(FileBin, Room_Check_Feature_Codes, &H16D)
SCO.Game_Check_offset = Find_Location(FileBin, Game_Check_Feature_Codes, -&HF)
SCO.Date_Lock_offset = Find_Location(FileBin, Date_Lock_Feature_Codes, 0)
SCO.Date_Lock1_offset = Find_Location(FileBin, Date_Lock1_Feature_Codes, 4)
Show_List_Result
Label1.Caption = "掃描完畢�!"
End Sub
以下是模塊:
Option Explicit
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function ReadProcessMemory Lib "kernel32.dll" (ByVal hProcess As Long, ByVal lpBaseAddress As Long, ByRef lpBuffer As Any, ByVal nSize As Long, ByRef lpNumberOfBytesWritten As Long) As Long
Private Const PROCESS_ALL_ACCESS = &H1F0FFF
'以二進制形式讀取文件存放在FileBin()數組中
Public Sub ReadFileBin(FileBin() As Byte, FilePath As String)
Open FilePath For Binary As #1
ReDim FileBin(FileLen(FilePath))
While Not EOF(1)
Get #1, , FileBin
DoEvents
Wend
Close #1
End Sub
'讀取內存進程代碼存放在FileBin()數組中
Public Sub ReadExeBin(FileBin() As Byte, Pid As Long)
Dim Hand As Long
Hand = OpenProcess(PROCESS_ALL_ACCESS, False, Pid)
If Hand Then
ReDim FileBin(61440) As Byte
ReadProcessMemory Hand, &H971000, FileBin(0), 61440, 0&
End If
CloseHandle Hand
End Sub
'將要比較的特征碼轉化為Byte數組并存放在s2中
Private Sub StrBin(ByVal s1 As String, s2() As Byte)
Dim i As Long
ReDim s2(Len(s1) / 2 - 1) As Byte
For i = 0 To UBound(s2)
s2(i) = CByte("&H" & Mid(s1, i * 2 + 1, 2))
Next i
End Sub
'從s1中查找出特征碼,并返回該特征碼的首位置
Private Function StrStr(ByRef s1() As Byte, ByRef s2() As Byte) As Long
Dim c1 As Long, c2 As Long, i As Long, j As Long
c1 = UBound(s1): c2 = UBound(s2)
If c2 > c1 Then StrStr = -1: Exit Function
For i = 0 To c1 - c2
For j = 0 To c2 - 1
If (s1(i + j) <> s2(j)) Then Exit For
If (j = c2 - 1) Then StrStr = i: Exit Function
Next j
Next i
StrStr = -1
End Function
'Location:位置
'此函數的功能:返回特征碼最后一個位置+j偏移的位置
Public Function Find_Location(ByRef FileBin() As Byte, s1 As String, Optional j As Long = 0) As Long
Dim i As Long, Str As String, s2() As Byte
StrBin s1, s2
i = StrStr(FileBin, s2)
If i = -1 Then
Find_Location = -1: Exit Function
End If
Find_Location = i + UBound(s2) + j
End Function
|
|
QQ好友和群
QQ空間
騰訊微博
騰訊朋友
收藏
淘帖
頂
踩
