//
/*
* --《Red Alert 2》v1.006 繁体中文版金钱修改器Demo--
* 作者:叶飞
* 制作时间:23:30 2007-06-20
* 本程序适用于:Win9x/NT
* 代码在Win2000P+SP4 + VC6+SP6测试通过
*/
/********************************************/
#include<windows.h>
#include <tlhelp32.h>
int APIENTRY WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
HANDLE handle=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
PROCESSENTRY32* info=new PROCESSENTRY32;
info->dwSize=sizeof(PROCESSENTRY32);
BOOL report;
DWORD PID;
HANDLE hProcess;
char *szName="game.exe";//目标进程名
int i=0;
//OBJ_INFO
unsigned int OBJ_mycode[4]={0x82ED60A3,0x52FF5000,0xE9C93318,0xFFC658E0};
unsigned int OBJ_jumptomycode[2]={0x39A711E9,0x9000};
unsigned int OBJ_money[1]={0xEA60};//60000$
unsigned int OBJ_money_ip[1]={0x0};
unsigned int OBJ_code[1]={0x0};
char OBJ_path[255];//目标所在目录
GetCurrentDirectory(255,OBJ_path);//获取当前目录
strcat(OBJ_path,"//game.exe");//目标所在目录
report=Process32First(handle,info);
while(report)
{
if((strncmp(strlwr(info->szExeFile), strlwr(szName), strlen(szName)) == 0)||(strncmp(strlwr(info->szExeFile), strlwr(OBJ_path), strlen(OBJ_path)) == 0))
{
PID=info->th32ProcessID;
//打开游戏进程
hProcess=OpenProcess(PROCESS_ALL_ACCESS,false,PID);
ReadProcessMemory(hProcess,(int *)0x0049466A,OBJ_code,1,0);
//获取0x0049466A代码:如为修改前的0x50或修改后的0xE9则继续运行,
//否则可认定游戏版本不符。
if (OBJ_code[0]==0x50||OBJ_code[0]==0xE9)
{
//写入代码
WriteProcessMemory(hProcess,(int *)0x0082ED80,OBJ_mycode,16,0);
WriteProcessMemory(hProcess,(int *)0x0049466A,OBJ_jumptomycode,6,0);
for (i=0;i<10;i++)
{
//取金钱地址
ReadProcessMemory(hProcess,(int *)0x0082ED60,OBJ_money_ip,4,0);
if (OBJ_money_ip[0]==0x0)
{
Sleep(5000);
}
else
{
//如果得到金钱地址则写入“60000$”
WriteProcessMemory(hProcess,(int *)(OBJ_money_ip[0]+0x228),OBJ_money,2,0);
i=10;
}
}
}
else
MessageBox(NULL,"请检查游戏版本。","错误!",NULL);
break;
}
report=Process32Next(handle,info);
if (report==0)
MessageBox(NULL,"游戏还没有启动吧?","错误!",NULL);
}
CloseHandle(hProcess);
return 0;
}
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
