游戏辅助 -- 获取人物属性代码编写

Posted 2022-05-06 web安全工具库

一、在上节课DLL注入窗口我们已经实现了注入dll，这节课我们利用线程注入

DWORD WINAPI 窗口函数地址(LPVOID arg)       AFX_MANAGE_STATE(AfxGetStaticModuleState());       DLLTEST dt;       dt.DoModal();       FreeLibraryAndExitThread(theApp.m_hInstance, 123);//自动卸载dll       return 1;BOOL CMFCDLLApp::InitInstance()       CWinApp::InitInstance();       DWORD 线程ID = 0;       ::CreateThread(0, 0, 窗口函数地址, 0, 0, &线程ID);       return TRUE;

二、在窗口添加三个按钮，分别实现调试信息输出、解绑调试信息，获取护甲值

DWORD 读地址(UINT_PTR 地址)       __try                     return *(DWORD*)地址;              __except (1)                     return 0;       VOID CALLBACK 护甲(HWND h, UINT arg2, UINT_PTR arg3_id, DWORD time)              KillTimer(h, 11111);              const char* 参数1 = "player";       UINT_PTR 返回值 = 0;       UINT_PTR 函数地址 = 0x60C1F0;       __asm                     push 参数1              call 函数地址              add esp, 4              mov 返回值, eax              DWORD 护甲 = 读地址(读地址(返回值 + 0xD0) + 0x174);       char buf[256];       sprintf_s(buf, "护甲=%d\\r\\n",护甲);       printf(buf);;void DLLTEST::OnBnClickedButton1()              HWND 游戏窗口句柄 = FindWindowA("GxWindowClassD3d", "魔兽世界");       ::SetTimer(游戏窗口句柄, 11111, 1, 护甲);void DLLTEST::OnBnClickedButton2()       AllocConsole();       FILE* file = 0;       freopen_s(&file, "CONOUT$", "w+t", stdout);void DLLTEST::OnBnClickedGbtsck()       FreeConsole();

三、查看效果

 

四、完整项目下载地址

关注下方公众号编程有你，回复20220504