引用
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
type
TForm1 = class(TForm)
Button1: TButton;
Button2: TButton;
Button3: TButton;
procedure Button1Click(Sender: TObject);
procedure Button2Click(Sender: TObject);
procedure Button3Click(Sender: TObject);
procedure FormCreate(Sender: TObject);
procedure FormDestroy(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
var
pHandle:Thandle;
function FunIn(Hid:cardinal;FunName:pointer):cardinal;
var
{要注入线程的窗口句柄和临时存放的句柄}
TmpHandle: THandle;
ThreadID: Thandle;
ThreadAdd:pointer;
WriteCount: DWORD;
begin
ThreadAdd := VirtualAllocEx(Hid, nil, 4096, MEM_COMMIT, PAGE_EXECUTE_READWRITE);//在目标进程建立内存空间
WriteProcessMemory(Hid, ThreadAdd, FunName , 4096, WriteCount);//将要注入的过程写到上面建立的内存空间中
TmpHandle := CreateRemoteThread(Hid, nil, 0, ThreadAdd, nil, CREATE_SUSPENDED, ThreadID);//获得注入后过程的句柄ID
result:=TmpHandle;//返回句柄ID
end;
procedure DaZuo; //打坐CALL过程
var
Address:pointer;
begin
Address:=Pointer($005ACCE0); //函数入口地址
asm
pushad
CALL Address
popad
end;
end;
procedure QXDaZuo; //取消打坐CALL过程
var
Address:pointer;
begin
Address:=Pointer($005ACCA0); //函数入口地址
asm
pushad
CALL Address
popad
end;
end;
procedure PTGJ; //普通攻击CALL过程
var
Address:pointer;
begin
Address:=Pointer($005AC660); //函数入口地址
asm
pushad
CALL Address
popad
end;
end;
procedure TForm1.Button1Click(Sender: TObject); //打坐按钮
var
HomeAdd:cardinal;
begin
HomeAdd:= FunIn(pHandle, @DaZuo);//调用注入函数
ResumeThread( HomeAdd)); //运行注入的CALL线程
end;
procedure TForm1.Button2Click(Sender: TObject); //取消打坐按钮
var
HomeAdd:cardinal;
begin
HomeAdd:=FunIn(pHandle, @QXDaZuo );//调用注入函数
ResumeThread(HomeAdd)); //运行注入的CALL线程
end;
procedure TForm1.Button3Click(Sender: TObject); //普通攻击按钮
var
HomeAdd:cardinal;
begin
HomeAdd:=FunIn(pHandle, @PTGJ);//调用注入函数
ResumeThread( HomeAdd)); //运行注入的CALL线程
end;
procedure TForm1.FormCreate(Sender: TObject);
var
thwnd :Thandle ; //声明变量 窗口句柄
pid:Thandle; //进程句柄
begin
thWnd := FindWindow(nil,'Element Client'); //得窗口句柄
GetWindowThreadProcessId(thwnd,@pid);//得进程ID
phandle := OpenProcess(PROCESS_ALL_ACCESS,False,pid); //打开进程
if phandle=0 then
begin
Application.MessageBox ('请先运行游戏再打开本程序','友情提示',MB_OK);
Application.Terminate;
end;
end;
procedure TForm1.FormDestroy(Sender: TObject);
begin
CloseHandle(pHandle);//关闭句柄
end;
end.
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
type
TForm1 = class(TForm)
Button1: TButton;
Button2: TButton;
Button3: TButton;
procedure Button1Click(Sender: TObject);
procedure Button2Click(Sender: TObject);
procedure Button3Click(Sender: TObject);
procedure FormCreate(Sender: TObject);
procedure FormDestroy(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
var
pHandle:Thandle;
function FunIn(Hid:cardinal;FunName:pointer):cardinal;
var
{要注入线程的窗口句柄和临时存放的句柄}
TmpHandle: THandle;
ThreadID: Thandle;
ThreadAdd:pointer;
WriteCount: DWORD;
begin
ThreadAdd := VirtualAllocEx(Hid, nil, 4096, MEM_COMMIT, PAGE_EXECUTE_READWRITE);//在目标进程建立内存空间
WriteProcessMemory(Hid, ThreadAdd, FunName , 4096, WriteCount);//将要注入的过程写到上面建立的内存空间中
TmpHandle := CreateRemoteThread(Hid, nil, 0, ThreadAdd, nil, CREATE_SUSPENDED, ThreadID);//获得注入后过程的句柄ID
result:=TmpHandle;//返回句柄ID
end;
procedure DaZuo; //打坐CALL过程
var
Address:pointer;
begin
Address:=Pointer($005ACCE0); //函数入口地址
asm
pushad
CALL Address
popad
end;
end;
procedure QXDaZuo; //取消打坐CALL过程
var
Address:pointer;
begin
Address:=Pointer($005ACCA0); //函数入口地址
asm
pushad
CALL Address
popad
end;
end;
procedure PTGJ; //普通攻击CALL过程
var
Address:pointer;
begin
Address:=Pointer($005AC660); //函数入口地址
asm
pushad
CALL Address
popad
end;
end;
procedure TForm1.Button1Click(Sender: TObject); //打坐按钮
var
HomeAdd:cardinal;
begin
HomeAdd:= FunIn(pHandle, @DaZuo);//调用注入函数
ResumeThread( HomeAdd)); //运行注入的CALL线程
end;
procedure TForm1.Button2Click(Sender: TObject); //取消打坐按钮
var
HomeAdd:cardinal;
begin
HomeAdd:=FunIn(pHandle, @QXDaZuo );//调用注入函数
ResumeThread(HomeAdd)); //运行注入的CALL线程
end;
procedure TForm1.Button3Click(Sender: TObject); //普通攻击按钮
var
HomeAdd:cardinal;
begin
HomeAdd:=FunIn(pHandle, @PTGJ);//调用注入函数
ResumeThread( HomeAdd)); //运行注入的CALL线程
end;
procedure TForm1.FormCreate(Sender: TObject);
var
thwnd :Thandle ; //声明变量 窗口句柄
pid:Thandle; //进程句柄
begin
thWnd := FindWindow(nil,'Element Client'); //得窗口句柄
GetWindowThreadProcessId(thwnd,@pid);//得进程ID
phandle := OpenProcess(PROCESS_ALL_ACCESS,False,pid); //打开进程
if phandle=0 then
begin
Application.MessageBox ('请先运行游戏再打开本程序','友情提示',MB_OK);
Application.Terminate;
end;
end;
procedure TForm1.FormDestroy(Sender: TObject);
begin
CloseHandle(pHandle);//关闭句柄
end;
end.
关键字词:
