using System.Runtime.InteropServices;
using sendkey;//这个东西没有的可以找我
namespace shishi
{
public partial class Form1 : Form
{
[DllImport("kernel32.dll")]//调用API函数
public static extern int ReadProcessMemory( int hProcess, int lpBaseAddress, int[] lpBuffer, int nSize, int lpNumberOfBytesWritten);
[DllImport("kernel32.dll")]
public static extern int OpenProcess(int dwDesiredAccess, int bInheritHandle, int dwProcessId);
public key kk = new key();
System.Diagnostics.Process[] GamesProcess = System.Diagnostics.Process.GetProcessesByName("玩个游戏");//进程名字
int ProcessID = 0;
static int process = 0;
int a = 400;
int jbid =0;
public Form1()
{
InitializeComponent();
}
private void button1_Click(object sender, EventArgs e)
{
//timer1.Start();
ss();
}
private void Form1_Load(object sender, EventArgs e)
{
jbid= kk.findwin(txtname.Text);
ProcessID = GamesProcess[0].Id;
process = OpenProcess(0x1F0FFF, 0, ProcessID);
}
private static void ss()
{
int[] Base = new int[1];
int[] hp = new int[1];
ReadProcessMemory(process, 0x013B0168, Base, 4, 0);//0x013B0168 为内存地址 Base为 变量
MessageBox.Show(Base[0].ToString());//输出进程地址的值
}
}
}
很有意思的 可以对一些游戏 包括网络游戏做外挂 嘿嘿