DELPHI实现游戏内存的修改
生活随笔
收集整理的這篇文章主要介紹了
DELPHI实现游戏内存的修改
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
要修改指定程序的指定地址數據,我們需要用到兩個api函數,分別是ReadProcessMemory和WriteProcessMemory。
??HANDLE?hProcess,??
??LPCVOID?lpBaseAddress,??
??LPVOID?lpBuffer,??
??SIZE_T?nSize,??
??SIZE_T*?lpNumberOfBytesRead??
);??
Parameters??
??
hProcess??
[in]?A?handle?to?the?process?with?memory?that?is?being?read.?The?handle?must?have?PROCESS_VM_READ?access?to?the?process.??
lpBaseAddress??
[in]?A?pointer?to?the?base?address?in?the?specified?process?from?which?to?read.?Before?any?data?transfer?occurs,?the?system?verifies?that?all?data?in?the?base?address?and?memory?of?the?specified?size?is?accessible?for?read?access,?and?if?it?is?not?accessible?the?function?fails.??
lpBuffer??
[out]?A?pointer?to?a?buffer?that?receives?the?contents?from?the?address?space?of?the?specified?process.??
nSize??
[in]?The?number?of?bytes?to?be?read?from?the?specified?process.??
lpNumberOfBytesRead??
[out]?A?pointer?to?a?variable?that?receives?the?number?of?bytes?transferred?into?the?specified?buffer.?If?lpNumberOfBytesRead?is?NULL,?the?parameter?is?ignored.??
Return?Value??
??
If?the?function?succeeds,?the?return?value?is?nonzero.??
??
If?the?function?fails,?the?return?value?is?0?(zero).?To?get?extended?error?information,?call?GetLastError.??
??
The?function?fails?if?the?requested?read?operation?crosses?into?an?area?of?the?process?that?is?inaccessible.??
??
WriteProcessMemory??
??
Writes?data?to?an?area?of?memory?in?a?specified?process.?The?entire?area?to?be?written?to?must?be?accessible?or?the?operation?fails.??
??
BOOL?WriteProcessMemory(??
??HANDLE?hProcess,??
??LPVOID?lpBaseAddress,??
??LPCVOID?lpBuffer,??
??SIZE_T?nSize,??
??SIZE_T*?lpNumberOfBytesWritten??
);??
Parameters??
??
hProcess??
[in]?A?handle?to?the?process?memory?to?be?modified.?The?handle?must?have?PROCESS_VM_WRITE?and?PROCESS_VM_OPERATION?access?to?the?process.??
lpBaseAddress??
[in]?A?pointer?to?the?base?address?in?the?specified?process?to?which?data?is?written.?Before?data?transfer?occurs,?the?system?verifies?that?all?data?in?the?base?address?and?memory?of?the?specified?size?is?accessible?for?write?access,?and?if?it?is?not?accessible,?the?function?fails.??
lpBuffer??
[in]?A?pointer?to?the?buffer?that?contains?data?to?be?written?in?the?address?space?of?the?specified?process.??
nSize??
[in]?The?number?of?bytes?to?be?written?to?the?specified?process.??
lpNumberOfBytesWritten??
[out]?A?pointer?to?a?variable?that?receives?the?number?of?bytes?transferred?into?the?specified?process.?This?parameter?is?optional.?If?lpNumberOfBytesWritten?is?NULL,?the?parameter?is?ignored.??
Return?Value??
??
If?the?function?succeeds,?the?return?value?is?nonzero.??
??
If?the?function?fails,?the?return?value?is?0?(zero).?To?get?extended?error?information,?call?GetLastError.?The?function?fails?if?the?requested?write?operation?crosses?into?an?area?of?the?process?that?is?inaccessible.??
var??
hw:?HWND;??
pid:?DWord;??
h:?THandle;??
tt:?Cardinal;??
Gold:?array[0..3]?of?byte;??
Gas:?array[0..3]?of?byte;??
GoldA:?integer;??
GasA:?integer;??
i:?integer;??
const??
Gold130?=?$508600;??
Gas130?=?$508630;??
begin??
hw?:=?FindWindow(nil,?'Brood?War');??
if?hw?=?0?then??
????Exit;??
GetWindowThreadProcessId(hw,?@pid);??
h?:=?OpenProcess(PROCESS_ALL_ACCESS,?false,?pid);??
if?h?=?0?then??
????Exit;??
Gold[0]?:=?$FF;??
Gold[1]?:=?$FF;??
Gold[2]?:=?$00;??
Gold[3]?:=?$00;??
Gas[0]?:=?$FF;??
Gas[1]?:=?$FF;??
Gas[2]?:=?$00;??
Gas[3]?:=?$00;??
GoldA?:=?Gold130;??
GasA?:=?Gas130;??
if?(chkMineral.Enabled)?and?(chkMineral.Checked)?then??
begin??
????for?i?:=?0?to?11?do??
????begin??
??????WriteProcessMemory(h,?ptr(GoldA?+?i?*?4),?@Gold,?4,?tt);??
????end;??
end;??
if?(chkGas.Enabled)?and?(chkGas.Checked)?then??
begin??
????for?i?:=?0?to?11?do??
????begin??
??????WriteProcessMemory(h,?ptr(GasA?+?i?*?4),?@Gas,?4,?tt);??
????end;??
end;??
CloseHandle(h);??
end; ??
下載是函數的定義:
BOOL?ReadProcessMemory(????HANDLE?hProcess,??
??LPCVOID?lpBaseAddress,??
??LPVOID?lpBuffer,??
??SIZE_T?nSize,??
??SIZE_T*?lpNumberOfBytesRead??
);??
Parameters??
??
hProcess??
[in]?A?handle?to?the?process?with?memory?that?is?being?read.?The?handle?must?have?PROCESS_VM_READ?access?to?the?process.??
lpBaseAddress??
[in]?A?pointer?to?the?base?address?in?the?specified?process?from?which?to?read.?Before?any?data?transfer?occurs,?the?system?verifies?that?all?data?in?the?base?address?and?memory?of?the?specified?size?is?accessible?for?read?access,?and?if?it?is?not?accessible?the?function?fails.??
lpBuffer??
[out]?A?pointer?to?a?buffer?that?receives?the?contents?from?the?address?space?of?the?specified?process.??
nSize??
[in]?The?number?of?bytes?to?be?read?from?the?specified?process.??
lpNumberOfBytesRead??
[out]?A?pointer?to?a?variable?that?receives?the?number?of?bytes?transferred?into?the?specified?buffer.?If?lpNumberOfBytesRead?is?NULL,?the?parameter?is?ignored.??
Return?Value??
??
If?the?function?succeeds,?the?return?value?is?nonzero.??
??
If?the?function?fails,?the?return?value?is?0?(zero).?To?get?extended?error?information,?call?GetLastError.??
??
The?function?fails?if?the?requested?read?operation?crosses?into?an?area?of?the?process?that?is?inaccessible.??
??
WriteProcessMemory??
??
Writes?data?to?an?area?of?memory?in?a?specified?process.?The?entire?area?to?be?written?to?must?be?accessible?or?the?operation?fails.??
??
BOOL?WriteProcessMemory(??
??HANDLE?hProcess,??
??LPVOID?lpBaseAddress,??
??LPCVOID?lpBuffer,??
??SIZE_T?nSize,??
??SIZE_T*?lpNumberOfBytesWritten??
);??
Parameters??
??
hProcess??
[in]?A?handle?to?the?process?memory?to?be?modified.?The?handle?must?have?PROCESS_VM_WRITE?and?PROCESS_VM_OPERATION?access?to?the?process.??
lpBaseAddress??
[in]?A?pointer?to?the?base?address?in?the?specified?process?to?which?data?is?written.?Before?data?transfer?occurs,?the?system?verifies?that?all?data?in?the?base?address?and?memory?of?the?specified?size?is?accessible?for?write?access,?and?if?it?is?not?accessible,?the?function?fails.??
lpBuffer??
[in]?A?pointer?to?the?buffer?that?contains?data?to?be?written?in?the?address?space?of?the?specified?process.??
nSize??
[in]?The?number?of?bytes?to?be?written?to?the?specified?process.??
lpNumberOfBytesWritten??
[out]?A?pointer?to?a?variable?that?receives?the?number?of?bytes?transferred?into?the?specified?process.?This?parameter?is?optional.?If?lpNumberOfBytesWritten?is?NULL,?the?parameter?is?ignored.??
Return?Value??
??
If?the?function?succeeds,?the?return?value?is?nonzero.??
??
If?the?function?fails,?the?return?value?is?0?(zero).?To?get?extended?error?information,?call?GetLastError.?The?function?fails?if?the?requested?write?operation?crosses?into?an?area?of?the?process?that?is?inaccessible.??
?
?
下面以星際爭霸的礦石修改為例,簡述這兩個函數的用法。
先獲取當前的礦石數,用ReadProcessMemory
ReadProcessMemory(h, ptr(GoldA + i * 4), @Gold, 4, tt);
h是程序進程的句柄,其中GoldA就是地址偏移基準數值,@Gold是一個byte型的數組buffer,讀取到的數據也就存放在里面,接下來的4表示buffer的長度,最后的tt是傳出值,它顯示了成功讀取的長度。
好了,現在讀取到了,我們把@Gold的值進行一番修改后,再寫回去,使用WriteProcessMemory方法
WriteProcessMemory(h, ptr(GoldA + i * 4), @Gold, 4, tt);
與上面的Read過程一模一樣,這樣就能夠寫回去了。
下面附上一段完整代碼?
procedure?TFormMain.Cheat113;??var??
hw:?HWND;??
pid:?DWord;??
h:?THandle;??
tt:?Cardinal;??
Gold:?array[0..3]?of?byte;??
Gas:?array[0..3]?of?byte;??
GoldA:?integer;??
GasA:?integer;??
i:?integer;??
const??
Gold130?=?$508600;??
Gas130?=?$508630;??
begin??
hw?:=?FindWindow(nil,?'Brood?War');??
if?hw?=?0?then??
????Exit;??
GetWindowThreadProcessId(hw,?@pid);??
h?:=?OpenProcess(PROCESS_ALL_ACCESS,?false,?pid);??
if?h?=?0?then??
????Exit;??
Gold[0]?:=?$FF;??
Gold[1]?:=?$FF;??
Gold[2]?:=?$00;??
Gold[3]?:=?$00;??
Gas[0]?:=?$FF;??
Gas[1]?:=?$FF;??
Gas[2]?:=?$00;??
Gas[3]?:=?$00;??
GoldA?:=?Gold130;??
GasA?:=?Gas130;??
if?(chkMineral.Enabled)?and?(chkMineral.Checked)?then??
begin??
????for?i?:=?0?to?11?do??
????begin??
??????WriteProcessMemory(h,?ptr(GoldA?+?i?*?4),?@Gold,?4,?tt);??
????end;??
end;??
if?(chkGas.Enabled)?and?(chkGas.Checked)?then??
begin??
????for?i?:=?0?to?11?do??
????begin??
??????WriteProcessMemory(h,?ptr(GasA?+?i?*?4),?@Gas,?4,?tt);??
????end;??
end;??
CloseHandle(h);??
end; ??
轉載于:https://www.cnblogs.com/rogee/archive/2010/09/15/1827438.html
總結
以上是生活随笔為你收集整理的DELPHI实现游戏内存的修改的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 自动查找并删除VC生成的临时文件
- 下一篇: 2021-05-19