程序代码 Public Const PROCESS_VM_WRITE = &H20 'For WriteProcessMemory Public Const PROCESS_VM_OPERATION = &H8 'For VirtualAllocEx Public Const PROCESS_ALL_ACCESS& = &H1F0FFF
Public Const CREATE_SUSPENDED = &H4 Public Const MEM_COMMIT = &H1000 Public Const PAGE_READWRITE = &H4 Public Const PAGE_EXECUTE_READWRITE = &H40 Public Const MEM_RESERVE = &H2000 Public Const MEM_RELEASE = &H8000
Public Const INFINITE = &HFFFF Public Const WM_SYSCOMMAND = &H112
Public Const PROCESS_VM_READ = &H10 Public Const PROCESS_QUERY_INFORMATION = &H400 Public Const MAX_PATH = 260
Public Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long Public Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long Public Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long Public Declare Function VirtualFreeEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal dwFreeType As Long) As Long Public Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long Public Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long Public Declare Function ResumeThread Lib "kernel32" (ByVal hThread As Long) As Long Public Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long Public Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long Public Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long Public Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long Public Declare Function CreateRemoteThread Lib "kernel32" (ByVal hProcess As Long, lpThreadAttributes As Any, ByVal dwStackSize As Long, lpStartAddress As Long, lpParameter As Any, ByVal dwCreationFlags As Long, lpThreadId As Long) As Long Public Declare Function WaitForSingleObject Lib "kernel32" (ByVal hHandle As Long, ByVal dwMilliseconds As Long) As Long Public Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long Public Declare Function lstrlen Lib "kernel32" Alias "lstrlenA" (ByVal lpString As String) As Long
Public Declare Function EnumProcessModules Lib "PSAPI.DLL" (ByVal hProcess As Long, hModule As Long, ByVal cb As Long, cbNeeded As Long) As Long Public Declare Function GetModuleFileNameEx Lib "PSAPI.DLL" Alias "GetModuleFileNameExA" (ByVal hProcess As Long, ByVal hModule As Long, ByVal lpFileName As String, ByVal nSize As Long) As Long Public Declare Function GetCurrentProcessId Lib "kernel32" () As Long 看看这个CALL:
//===========================自动寻路====================== P1:=P^.Param1; // ---- 坐标X P2:=P^.Param2; // ---- 坐标Y P3:=P^.Param3; // ---- 坐标Z P4:=P^.Param4; // ---- 地图ID asm pushad mov eax, P1 mov [$906F58], eax mov eax, P3 mov [$906F5c], eax mov eax, P2 mov [$906F60], eax mov eax, dword ptr [$9045ec] mov eax, dword ptr [eax+$28] lea eax, dword ptr [eax+$3c] push P4 // ---- 地图ID push $906F58 push eax mov ecx, $900a90 mov eax, $42aa20 call eax popad end;
已有评论: