Option Explicit '---------------声明函数----------------------- '得到窗体句柄的函数,FindWindow函数用来返回符合指定的类名( ClassName )和窗口名( WindowTitle )的窗口句柄 Public Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long '得到窗体控件句柄的函数 Public Declare Function FindWindowEx Lib "user32" Alias "FindWindowExA" (ByVal hWnd1 As Long, ByVal hWnd2 As Long, ByVal lpsz1 As String, ByVal lpsz2 As String) As Long '得到进程标识符的函数 Public Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long '得到目标进程句柄的函数 Public Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long '关闭句柄的函数 Public Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long '读取进程内存的函数 Public Declare Function ReadProcessMemory Lib "kernel32.dll" (ByVal hProcess As Long, ByVal lpBaseAddress As Long, ByRef lpBuffer As Any, ByVal nSize As Long, ByRef lpNumberOfBytesWritten As Long) As Long '参数决定了对进程的存储权限,使用完全控制 Public Const PROCESS_ALL_ACCESS = &H1F0FFF '发送信息的函数 Public Declare Function SendMessage Lib "user32" Alias "SendMessageA" (ByVal hwnd As Long, ByVal wMsg As Long, ByVal wParam As Long, lParam As Any) As Long Public Declare Function PostMessage Lib "user32" Alias "PostMessageA" (ByVal hwnd As Long, ByVal wMsg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long '延迟函数 Public Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As Long) [/code] 发送消息函数和延迟函数是以前内容没有用过的,这回我们将涉及发送模拟键盘消息给窗口,所以加入这两个函数。 3.做好模块,下一步该写Form了。同样还是声明一些变量及Form_Load,代码如下: [code] Dim hwd As Long Dim pid As Long Dim hProcess As Long '存放进程句柄 Dim base As Long '存放人物基地址 Dim hp As Long '存储生命值 Dim hpmax As Long '存储生命最大值 Dim mp As Long '存储真气值 Dim mpmax As Long '存储真气最大值 Private Sub Form_Load() hwd = FindWindow("QElementClient Window", "Element Client") If hwd = 0 Then MsgBox "未启动游戏", vbOKOnly, "提示" Unload Form1 End If GetWindowThreadProcessId hwd, pid '获取进程标识符 '将进程标识符做为参数,返回目标进程PID的句柄,得到此句柄后 '即可对目标进行读写操,PROCESS_ALL_ACCESS表示完全控制,权限最大 hProcess = OpenProcess(PROCESS_ALL_ACCESS, 0, pid) If hProcess = 0 Then MsgBox "不能打开进程", vbOKOnly, "提示" Unload Form1 End If CloseHandle hProcess End Sub [/code] 4.下一步,我们通过TimerList显示人物信息,设置TimerList的Interval属性值为1000,其代码如下: [code] Private Sub TimerList_Timer() '显示人物信息时钟 Dim name(31) As Byte '存储人物名称 Dim name_temp As Long hProcess = OpenProcess(PROCESS_ALL_ACCESS, False, pid) If hProcess Then ReadProcessMemory hProcess, ByVal &H8C9E54, base, 4, 0& ReadProcessMemory hProcess, ByVal base + &H24, base, 4, 0& '得到为人物基地址,方便以后使用 ReadProcessMemory hProcess, ByVal base + &H254, hp, 4, 0& '得到生命值 ReadProcessMemory hProcess, ByVal base + &H26C, hpmax, 4, 0& '得到生命最大值 ReadProcessMemory hProcess, ByVal base + &H258, mp, 4, 0& '得到真气值 ReadProcessMemory hProcess, ByVal base + &H270, mpmax, 4, 0& '得到真气最大值 ReadProcessMemory hProcess, ByVal base + &H390, name_temp, 4, 0& ReadProcessMemory hProcess, ByVal name_temp, name(0), 32, 0& '得到人物名称 CloseHandle hProcess End If Frame1.Caption = name '显示人物名称 Label2.Caption = "生命值:" & hp & "/" & hpmax '显示生命值 Label3.Caption = "真气值:" & mp & "/" & mpmax '显示真气值 End Sub [/code] 现在可以运行一下看看数值是否能正常显示! 5.在来做第二个TimerAdd,设置Enabled = False,Interval属性值为100,期代码如下: [code] Private Sub TimerAdd_Timer() '加血判断时钟 If Val(Text1.Text) > hp Then '比较当前血量是否比预定值低,是则按下F1健 SendMessage hwd, &H100, &H70, 0& '按住F1键,&H100代表按下,&H70代表F1 SendMessage hwd, &H101, &H70, 0& '松开F1键,&H101代表松开,&H70代表F1 Sleep Val(Text2.Text) '延迟text2中的数值,用val()取数值 End If End Sub [/code] 6.最后就剩下Command了,设置其Caption属性为“开始”,期代码如下: [code] Private Sub Command1_Click() If Command1.Caption = "开始" Then '按下标签为“开始”的按钮,激活TimerAdd并改变标签为“停止” TimerAdd.Enabled = True Command1.Caption = "停止" ElseIf Command1.Caption = "停止" Then '刚好和上面相反 TimerAdd.Enabled = False Command1.Caption = "开始" End If End Sub
|