- 注册时间
- 2011-3-10
- 最后登录
- 1970-1-1
该用户从未签到
|
下面写过NP的不会搞, 求个思路!!!!!!!!我用的是vb.net2005.vb相差好多啊.
还有怎么用线程代替时钟,我用了10几个了.线程池不会,就要代码实例.
下面讲讲躲过NP的扫描的几个方法:
四、编程篇(VB、VC、DELPHI等等!)
怎么办呢?呵呵,我不懂怎么编VC和DELPHI的。***我就喜欢VB怎么着?
VB可以简单的实现虚拟nProtect的消息发送。具体的就不说了!
一句话虚拟nProtect消息(你不等于没说嘛!)-_-!呵呵这个嘛......!
代码就不写了,麻烦。就像用WPE这些发包一样的原理.
我的跑路代码.
Public Declare Function WriteProcessMemory Lib "kernel32.dll" Alias "WriteProcessMemory" (ByVal hProcess As Integer, ByVal lpBaseAddress As Integer, ByRef lpBuffer As Long, ByVal nSize As Integer, ByRef lpNumberOfBytesWritten As Long) As Long
Public Declare Function WriteProcessMemory1 Lib "kernel32.dll" Alias "WriteProcessMemory" (ByVal hProcess As Integer, ByVal lpBaseAddress As Integer, ByRef lpBuffer As Single, ByVal nSize As Integer, ByRef lpNumberOfBytesWritten As Long) As Single '用来写坐标
'下面的时钟写内存
Private Sub Timer4_Tick(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Timer4.Tick
Dim addrx, addry, addr2 As Single, shijiao As Single = -90
Dim addr, addr1, old, back As Integer, xx As Single = Val(gox.Text), yy As Single = Val(goy.Text)
hProcess = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
ReadProcessMemory(hProcess, &H12F824, addr1, 4, 0)
ReadProcessMemory(hProcess, addr1 + &H24, addr1, 4, 0)
ReadProcessMemory(hProcess, addr1 + &H8C8, addr, 4, 0)
ReadProcessMemory(hProcess, addr + &H30, addr, 4, 0)
ReadProcessMemory(hProcess, addr + &H4, addr, 4, 0)
ReadProcessMemory1(hProcess, addr + &H20, addrx, 4, 0)
ReadProcessMemory1(hProcess, addr + &H28, addry, 4, 0)
Label25.Text = addr2
back = 0
If CInt(rx) <> CInt(xx) Or CInt(ry) <> CInt(yy) Then
VirtualProtectEx(hProcess, addr1 + &H5A8, 4, PAGE_EXECUTE_READWRITE, old)
WriteProcessMemory1(hProcess, addr + &H20, xx, 4, 0)
WriteProcessMemory1(hProcess, addr + &H28, yy, 4, 0)
WriteProcessMemory1(hProcess, addr1 + &H5A8, shijiao, 4, 0)
VirtualProtectEx(hProcess, addr1 + &H5A8, 4, old, back)
Else
Timer4.Enabled = False
End If
CloseHandle(hProcess)
End Sub
Private Sub movestart_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles movestart.Click '启动跑路
SendMessage(hwd, WM_LBUTTONDOWN, 1, 500 * (2 ^ 16) + 380)
SendMessage(hwd, WM_LBUTTONUP, 1, 500 * (2 ^ 16) + 380)
Timer4.Enabled = True
SendMessage(hwd, WM_LBUTTONDOWN, 1, 500 * (2 ^ 16) + 380)
SendMessage(hwd, WM_LBUTTONUP, 0, 500 * (2 ^ 16) + 380)
End Sub
Private Sub movestop_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles movestop.Click '停止
Timer4.Enabled = False
End Sub |
|