C#编写的<植物大战僵尸>作弊器源码【转】
2011-03-16 09:30
417 查看
首先用CE或者OD或者其他反汇编工具找出游戏的内存基址!
游戏内存基址:base=0x006A9EC0
游戏阳光地址:[base+0x768]+0x5560
游戏金钱地址:[base+0x82C]+0x28
游戏关卡地址:[base+0x82C]+0x24//关卡如:A-B实际值为:(A-1)×10+B
至于如何获取这些地址不在我们这论坛研究的范围中!新建窗体:
.csharpcode,.csharpcodepre
{
font-size:small;
color:black;
font-family:consolas,"CourierNew",courier,monospace;
background-color:#ffffff;
/*white-space:pre;*/
}
.csharpcodepre{margin:0em;}
.csharpcode.rem{color:#008000;}
.csharpcode.kwrd{color:#0000ff;}
.csharpcode.str{color:#006080;}
.csharpcode.op{color:#0000c0;}
.csharpcode.preproc{color:#cc6633;}
.csharpcode.asp{background-color:#ffff00;}
.csharpcode.html{color:#800000;}
.csharpcode.attr{color:#ff0000;}
.csharpcode.alt
{
background-color:#f4f4f4;
width:100%;
margin:0em;
}
.csharpcode.lnum{color:#606060;}
下面这个类是整个工具的核心
.csharpcode,.csharpcodepre
{
font-size:small;
color:black;
font-family:consolas,"CourierNew",courier,monospace;
background-color:#ffffff;
/*white-space:pre;*/
}
.csharpcodepre{margin:0em;}
.csharpcode.rem{color:#008000;}
.csharpcode.kwrd{color:#0000ff;}
.csharpcode.str{color:#006080;}
.csharpcode.op{color:#0000c0;}
.csharpcode.preproc{color:#cc6633;}
.csharpcode.asp{background-color:#ffff00;}
.csharpcode.html{color:#800000;}
.csharpcode.attr{color:#ff0000;}
.csharpcode.alt
{
background-color:#f4f4f4;
width:100%;
margin:0em;
}
.csharpcode.lnum{color:#606060;}
游戏内存基址:base=0x006A9EC0
游戏阳光地址:[base+0x768]+0x5560
游戏金钱地址:[base+0x82C]+0x28
游戏关卡地址:[base+0x82C]+0x24//关卡如:A-B实际值为:(A-1)×10+B
至于如何获取这些地址不在我们这论坛研究的范围中!新建窗体:
usingSystem;
usingSystem.Drawing;
usingSystem.Text;
usingSystem.Windows.Forms;
namespacePlantsVsZombiesTool
{///<summary>
///
///</summary>
publicpartialclassForm1:Form
{publicForm1()
{InitializeComponent();
}
privatevoidForm1_Load(objectsender,EventArgse)
{}
//启动无线阳光
privatevoidbtnGet_Click(objectsender,EventArgse)
{if(Helper.GetPidByProcessName(processName)==0)
{MessageBox.Show("哥们启用之前游戏总该运行吧!");return;
}
if(btnGet.Text=="启用-阳光无限")
{timer1.Enabled=true;
btnGet.Text="关闭-阳光无限";
}
else
{timer1.Enabled=false;
btnGet.Text="启用-阳光无限";
}
}
privatevoidtimer1_Tick(objectsender,EventArgse)
{if(Helper.GetPidByProcessName(processName)==0)
{timer1.Enabled=false;
btnGet.Text="启用-阳光无限";
}
intaddress=ReadMemoryValue(baseAddress);//读取基址(该地址不会改变)
address=address+0x768;//获取2级地址
address=ReadMemoryValue(address);
address=address+0x5560;//获取存放阳光数值的地址
WriteMemory(address,0x1869F);//写入数据到地址(0x1869F表示99999)
timer1.Interval=1000;
}
//启动无线金钱
privatevoidbtnMoney_Click(objectsender,EventArgse)
{if(Helper.GetPidByProcessName(processName)==0)
{MessageBox.Show("哥们启用之前游戏总该运行吧!");return;
}
if(btnMoney.Text=="启用-金钱无限")
{timer2.Enabled=true;
btnMoney.Text="关闭-金钱无限";
}
else
{timer2.Enabled=false;
btnMoney.Text="启用-金钱无限";
}
}
privatevoidtimer2_Tick(objectsender,EventArgse)
{if(Helper.GetPidByProcessName(processName)==0)
{timer2.Enabled=false;
btnMoney.Text="启用-金钱无限";
}
intaddress=ReadMemoryValue(baseAddress);//读取基址(该地址不会改变)
address=address+0x82C;//获取2级地址
address=ReadMemoryValue(address);
address=address+0x28;//得到金钱地址
WriteMemory(address,0x1869F);//写入数据到地址(0x1869F表示99999)
timer2.Interval=1000;
}
privatevoidbtnGo_Click(objectsender,EventArgse)
{if(Helper.GetPidByProcessName(processName)==0)
{MessageBox.Show("哥们启用之前游戏总该运行吧!");return;
}
intaddress=ReadMemoryValue(baseAddress);//读取基址(该地址不会改变)
address=address+0x82C;//获取2级地址
address=ReadMemoryValue(address);
address=address+0x24;
intlev=1;
try
{lev=int.Parse(txtLev.Text.Trim());
}
catch
{MessageBox.Show("输入的关卡格式不真确!默认设置为1");}
WriteMemory(address,lev);
}
//读取制定内存中的值
publicintReadMemoryValue(intbaseAdd)
{returnHelper.ReadMemoryValue(baseAdd,processName);
}
//将值写入指定内存中
publicvoidWriteMemory(intbaseAdd,intvalue)
{Helper.WriteMemoryValue(baseAdd,processName,value);
}
privateintbaseAddress=0x006A9EC0;//游戏内存基址
privatestringprocessName="PlantsVsZombies";//游戏进程名字
}
}
.csharpcode,.csharpcodepre
{
font-size:small;
color:black;
font-family:consolas,"CourierNew",courier,monospace;
background-color:#ffffff;
/*white-space:pre;*/
}
.csharpcodepre{margin:0em;}
.csharpcode.rem{color:#008000;}
.csharpcode.kwrd{color:#0000ff;}
.csharpcode.str{color:#006080;}
.csharpcode.op{color:#0000c0;}
.csharpcode.preproc{color:#cc6633;}
.csharpcode.asp{background-color:#ffff00;}
.csharpcode.html{color:#800000;}
.csharpcode.attr{color:#ff0000;}
.csharpcode.alt
{
background-color:#f4f4f4;
width:100%;
margin:0em;
}
.csharpcode.lnum{color:#606060;}
下面这个类是整个工具的核心
usingSystem;
usingSystem.Text;
usingSystem.Diagnostics;
usingSystem.Runtime.InteropServices;
namespacePlantsVsZombiesTool
{publicabstractclassHelper
{[DllImportAttribute("kernel32.dll",EntryPoint="ReadProcessMemory")]publicstaticexternboolReadProcessMemory
(
IntPtrhProcess,
IntPtrlpBaseAddress,
IntPtrlpBuffer,
intnSize,
IntPtrlpNumberOfBytesRead
);
[DllImportAttribute("kernel32.dll",EntryPoint="OpenProcess")]publicstaticexternIntPtrOpenProcess
(
intdwDesiredAccess,
boolbInheritHandle,
intdwProcessId
);
[DllImport("kernel32.dll")]privatestaticexternvoidCloseHandle
(
IntPtrhObject
);
//写内存
[DllImportAttribute("kernel32.dll",EntryPoint="WriteProcessMemory")]publicstaticexternboolWriteProcessMemory
(
IntPtrhProcess,
IntPtrlpBaseAddress,
int[]lpBuffer,
intnSize,
IntPtrlpNumberOfBytesWritten
);
//获取窗体的进程标识ID
publicstaticintGetPid(stringwindowTitle)
{intrs=0;
Process[]arrayProcess=Process.GetProcesses();
foreach(ProcesspinarrayProcess)
{if(p.MainWindowTitle.IndexOf(windowTitle)!=-1)
{rs=p.Id;
break;
}
}
returnrs;
}
//根据进程名获取PID
publicstaticintGetPidByProcessName(stringprocessName)
{Process[]arrayProcess=Process.GetProcessesByName(processName);
foreach(ProcesspinarrayProcess)
{returnp.Id;
}
return0;
}
//根据窗体标题查找窗口句柄(支持模糊匹配)
publicstaticIntPtrFindWindow(stringtitle)
{Process[]ps=Process.GetProcesses();
foreach(Processpinps)
{if(p.MainWindowTitle.IndexOf(title)!=-1)
{returnp.MainWindowHandle;
}
}
returnIntPtr.Zero;
}
//读取内存中的值
publicstaticintReadMemoryValue(intbaseAddress,stringprocessName)
{try
{byte[]buffer=newbyte[4];
IntPtrbyteAddress=Marshal.UnsafeAddrOfPinnedArrayElement(buffer,0);//获取缓冲区地址
IntPtrhProcess=OpenProcess(0x1F0FFF,false,GetPidByProcessName(processName));
ReadProcessMemory(hProcess,(IntPtr)baseAddress,byteAddress,4,IntPtr.Zero);//将制定内存中的值读入缓冲区
CloseHandle(hProcess);
returnMarshal.ReadInt32(byteAddress);
}
catch
{return0;
}
}
//将值写入指定内存地址中
publicstaticvoidWriteMemoryValue(intbaseAddress,stringprocessName,intvalue)
{IntPtrhProcess=OpenProcess(0x1F0FFF,false,GetPidByProcessName(processName));//0x1F0FFF最高权限
WriteProcessMemory(hProcess,(IntPtr)baseAddress,newint[]{value},4,IntPtr.Zero);CloseHandle(hProcess);
}
}
}
.csharpcode,.csharpcodepre
{
font-size:small;
color:black;
font-family:consolas,"CourierNew",courier,monospace;
background-color:#ffffff;
/*white-space:pre;*/
}
.csharpcodepre{margin:0em;}
.csharpcode.rem{color:#008000;}
.csharpcode.kwrd{color:#0000ff;}
.csharpcode.str{color:#006080;}
.csharpcode.op{color:#0000c0;}
.csharpcode.preproc{color:#cc6633;}
.csharpcode.asp{background-color:#ffff00;}
.csharpcode.html{color:#800000;}
.csharpcode.attr{color:#ff0000;}
.csharpcode.alt
{
background-color:#f4f4f4;
width:100%;
margin:0em;
}
.csharpcode.lnum{color:#606060;}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- C#编写的<植物大战僵尸>作弊器源码 (转)
- C# 游戏外挂 编写的<植物大战僵尸>作弊器源码
- C#读写内存也不差!(发布C#编写的<植物大战僵尸>作弊器源码)
- Cocos2d-x简单游戏<植物大战僵尸>代码实现|第二部分:菜单场景<后续会提供源码下载链接>
- Cocos2d-x简单游戏<植物大战僵尸>代码实现|第六部分:植物类<后续会提供源码下载链接>
- Cocos2d-x简单游戏<植物大战僵尸>代码实现|第三部分:通关场景<后续会提供源码下载链接>
- Cocos2d-x简单游戏<植物大战僵尸>代码实现|第七部分:僵尸类<后续会提供源码下载链接>
- Cocos2d-x简单游戏<植物大战僵尸>代码实现|第四部分:通关失败场景<后续会提供源码下载链接>
- Cocos2d-x简单游戏<植物大战僵尸>代码实现|第八部分:子弹类<后续会提供源码下载链接>
- Cocos2d-x简单游戏<植物大战僵尸>代码实现|第九部分:游戏场景GameScene.h<后续会提供源码下载链接>
- Cocos2d-x简单游戏<植物大战僵尸>代码实现|第五部分:公用类<后续会提供源码下载链接>
- Cocos2d-x简单游戏<植物大战僵尸>代码实现|第九部分:游戏场景GameScene.cpp<后续会提供源码下载链接>
- Cocos2d-x简单游戏<植物大战僵尸>代码实现|第一部分:开始场景<后续会提供源码下载链接>
- 编写高质量代码改善C#程序的157个建议——建议29:区别LINQ查询中的IEnumerable<T>和IQueryable<T>
- C#_Assembly-Reflection_程序集与反射 练习<二> 记事本插件编写
- 编写高质量代码改善C#程序的157个建议[勿选List<T>做基类、迭代器是只读的、慎用集合可写属性]
- C#_Assembly-Reflection_程序集与反射 练习<一> 记事本插件编写
- C#读写内存原来也不差!(发布C#编写的《植物大战僵尸》作弊器源码)希望朋友们多来捧捧场!
- C#开发 植物大战僵尸 修改阳光值 源码无私分享
- 编写高质量代码改善C#程序的157个建议[IEnumerable<T>和IQueryable<T>、LINQ避免迭代、LINQ替代迭代]