[C++] 纯文本查看 复制代码
#include <windows.h>
#include <stdio.h>
typedef struct g_GETPROCESSINFO {
HWND WindowsHwand;
DWORD Pid;
HANDLE ProcessHandle;
PVOID AllocMemoryAddr;
DWORD ThunderArrayBase;//雷数组基址
DWORD WidthBase;//宽度基址
}g_GetProcessInfo, *g_pGetProcessInfo;
//重新开始
void Restart(g_GetProcessInfo& info)
{
byte RestartCallCode[] = { 0x60 ,0x9C ,0xB8 ,0x7A ,0x36 ,0x00 ,0x01 ,0xFF ,0xD0 ,0x61 ,0x9D ,0xC3 };
WriteProcessMemory(info.ProcessHandle, info.AllocMemoryAddr, RestartCallCode, sizeof(RestartCallCode), NULL);
CreateRemoteThread(info.ProcessHandle, NULL, NULL, (LPTHREAD_START_ROUTINE)info.AllocMemoryAddr, NULL, NULL, NULL);
}
//点击Call
void ClickCallCode(g_GetProcessInfo& info,BYTE x, BYTE y)
{
BYTE Code1[] = { 0x60 ,0x9C ,0x6A ,x ,0x6A ,y ,0xB8 ,0x12 ,0x35 ,0x00 ,0x01 ,0xFF ,0xD0 ,0x61 ,0x9D ,0xC3 };
WriteProcessMemory(info.ProcessHandle, info.AllocMemoryAddr, Code1, sizeof(Code1), NULL);
}
//点击
void Click(g_GetProcessInfo& info)
{
DWORD Width = 0;
BYTE ThunderValue = 0;
ReadProcessMemory(info.ProcessHandle, (LPCVOID)info.WidthBase, &Width, 0x4, NULL);
for (BYTE i = 1; i < (Width + 0x1); i++)//行
{
DWORD FirstThunderArray = info.ThunderArrayBase + i * 0x20;//定位左上角第一个框的内存地址
DWORD index = 0;
for (BYTE j = 1; j < (Width + 0x1); j++)//列
{
DWORD FirstBase = FirstThunderArray + j * 0x1;
ReadProcessMemory(info.ProcessHandle, (LPCVOID)FirstBase, &ThunderValue, 0x1, NULL);
if (ThunderValue == 0x10)//墙
{
break;
}
//0x8F=雷 0x8E=旗 0x40=空 0x41=1 0x42=2 0x43=3 0x44=4 0x45=5
if (ThunderValue != 0x8F
&& ThunderValue != 0x8E
&& ThunderValue != 0x40
&& ThunderValue != 0x41
&& ThunderValue != 0x42
&& ThunderValue != 0x43
&& ThunderValue != 0x44
&& ThunderValue != 0x45)
{
ClickCallCode(info, i, j);
Sleep(10);
CreateRemoteThread(info.ProcessHandle, NULL, NULL, (LPTHREAD_START_ROUTINE)info.AllocMemoryAddr, NULL, NULL, NULL);
Sleep(20);
}
index++;
}
if (index==0)
{
break;
}
}
}
//判断是否有雷并标记
void ThunderArray(g_GetProcessInfo& info)
{
BYTE ifThunder = 0;
for (int i = 0; i < (int)0x360; i++)
{
ReadProcessMemory(info.ProcessHandle, (LPCVOID)(info.ThunderArrayBase +i), &ifThunder, 0x1, NULL);
if (ifThunder == (byte)0x8F)//雷
{
BYTE Flag = 0x8E;//旗
WriteProcessMemory(info.ProcessHandle, (LPVOID)(info.ThunderArrayBase + i), &Flag, 0x1, NULL);
}
}
RECT rt = { 0 };
GetClientRect(info.WindowsHwand, &rt);
InvalidateRect(info.WindowsHwand, &rt, true);
}
void GetProcessInfo(g_GetProcessInfo& info)
{
info.WindowsHwand = FindWindow(NULL, L"扫雷");
GetWindowThreadProcessId(info.WindowsHwand, &info.Pid);
info.ProcessHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, info.Pid);
info.AllocMemoryAddr = VirtualAllocEx(info.ProcessHandle, NULL, 0x4096, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
}
void HotKey(g_GetProcessInfo& info)
{
MSG msg;
SecureZeroMemory(&msg, sizeof(msg));
DWORD KeyCodeF1 = 112;
DWORD KeyCodeF2 = 113;
DWORD KeyCodeF3 = 114;
RegisterHotKey(NULL, KeyCodeF1, NULL, KeyCodeF1);
RegisterHotKey(NULL, KeyCodeF2, NULL, KeyCodeF2);
RegisterHotKey(NULL, KeyCodeF3, NULL, KeyCodeF3);
while (GetMessageA(&msg, NULL, 0, 0) != 0)
{
if (msg.message == WM_HOTKEY)
{
if (msg.wParam == KeyCodeF1)
{
Restart(info);
}
if (msg.wParam == KeyCodeF2)
{
ThunderArray(info);
}
if (msg.wParam == KeyCodeF3)
{
Click(info);
}
}
}
}
int main()
{
g_GetProcessInfo info = {0};
GetProcessInfo(info);//取游戏信息
info.ThunderArrayBase = 0x1005340;//雷数组基址
info.WidthBase = 0x10056AC;//宽度基址
printf("F1=重新开局\n");
printf("F2=雷标记旗\n");
printf("F3=激活框框\n\n");
HotKey(info);
getchar();getchar();
return 0;
}
发表于 2020-5-30 15:58
|
发表于 2020-5-31 13:34
