大学IT网 - 最懂大学生的IT学习网站! QQ资料交流群:367606806
当前位置:大学IT网 > C#技巧 > C# 制作外挂常用的API

C# 制作外挂常用的API

关键词:制作外挂APIC#  阅读(1449) 赞(19)

[摘要]本文是对C# 制作外挂常用的API的讲解,对学习C#编程技术有所帮助,与大家分享。
  1. C#做外挂的常用API,本人用了很久,基本没发现问题
  2. usingSystem;
  3. usingSystem.Collections.Generic;
  4. usingSystem.Text;
  5. usingSystem.Runtime.InteropServices;//这个肯定要的
  6. namespaceWindowsApplication1
  7. {
  8. classwin32API
  9. {
  10. publicconstintOPEN_PROCESS_ALL=2035711;
  11. publicconstintPAGE_READWRITE=4;
  12. publicconstintPROCESS_CREATE_THREAD=2;
  13. publicconstintPROCESS_HEAP_ENTRY_BUSY=4;
  14. publicconstintPROCESS_VM_OPERATION=8;
  15. publicconstintPROCESS_VM_READ=256;
  16. publicconstintPROCESS_VM_WRITE=32;
  17. privateconstintPAGE_EXECUTE_READWRITE=0x4;
  18. privateconstintMEM_COMMIT=4096;
  19. privateconstintMEM_RELEASE=0x8000;
  20. privateconstintMEM_DECOMMIT=0x4000;
  21. privateconstintPROCESS_ALL_ACCESS=0x1F0FFF;
  22. //查找窗体
  23. [DllImport("User32.dll",EntryPoint="FindWindow")]
  24. publicexternstaticIntPtrFindWindow(
  25. stringlpClassName,
  26. stringlpWindowName
  27. );
  28. //得到目标进程句柄的函数
  29. [DllImport("USER32.DLL")]
  30. publicexternstaticintGetWindowThreadProcessId(
  31. inthwnd,
  32. refintlpdwProcessId
  33. );
  34. [DllImport("USER32.DLL")]
  35. publicexternstaticintGetWindowThreadProcessId(
  36. IntPtrhwnd,
  37. refintlpdwProcessId
  38. );
  39. //打开进程
  40. [DllImport("kernel32.dll")]
  41. publicexternstaticintOpenProcess(
  42. intdwDesiredAccess,
  43. intbInheritHandle,
  44. intdwProcessId
  45. );
  46. [DllImport("kernel32.dll")]
  47. publicexternstaticIntPtrOpenProcess(
  48. uintdwDesiredAccess,
  49. intbInheritHandle,
  50. uintdwProcessId
  51. );
  52. //关闭句柄的函数
  53. [DllImport("kernel32.dll",EntryPoint="CloseHandle")]
  54. publicstaticexternintCloseHandle(
  55. inthObject
  56. );
  57. //读内存
  58. [DllImport("Kernel32.dll")]
  59. publicstaticexternInt32ReadProcessMemory(
  60. IntPtrhProcess,
  61. IntPtrlpBaseAddress,
  62. [In,Out]byte[]buffer,
  63. intsize,
  64. outIntPtrlpNumberOfBytesWritten
  65. );
  66. [DllImport("Kernel32.dll")]
  67. publicstaticexternInt32ReadProcessMemory(
  68. inthProcess,
  69. intlpBaseAddress,
  70. refintbuffer,
  71. //byte[]buffer,
  72. intsize,
  73. intlpNumberOfBytesWritten
  74. );
  75. [DllImport("Kernel32.dll")]
  76. publicstaticexternInt32ReadProcessMemory(
  77. inthProcess,
  78. intlpBaseAddress,
  79. byte[]buffer,
  80. intsize,
  81. intlpNumberOfBytesWritten
  82. );
  83. //写内存
  84. [DllImport("kernel32.dll")]
  85. publicstaticexternInt32WriteProcessMemory(
  86. IntPtrhProcess,
  87. IntPtrlpBaseAddress,
  88. [In,Out]byte[]buffer,
  89. intsize,
  90. outIntPtrlpNumberOfBytesWritten
  91. );
  92. [DllImport("kernel32.dll")]
  93. publicstaticexternInt32WriteProcessMemory(
  94. inthProcess,
  95. intlpBaseAddress,
  96. byte[]buffer,
  97. intsize,
  98. intlpNumberOfBytesWritten
  99. );
  100. //创建线程
  101. [DllImport("kernel32",EntryPoint="CreateRemoteThread")]
  102. publicstaticexternintCreateRemoteThread(
  103. inthProcess,
  104. intlpThreadAttributes,
  105. intdwStackSize,
  106. intlpStartAddress,
  107. intlpParameter,
  108. intdwCreationFlags,
  109. refintlpThreadId
  110. );
  111. //开辟指定进程的内存空间
  112. [DllImport("Kernel32.dll")]
  113. publicstaticexternSystem.Int32VirtualAllocEx(
  114. System.IntPtrhProcess,
  115. System.Int32lpAddress,
  116. System.Int32dwSize,
  117. System.Int16flAllocationType,
  118. System.Int16flProtect
  119. );
  120. [DllImport("Kernel32.dll")]
  121. publicstaticexternSystem.Int32VirtualAllocEx(
  122. inthProcess,
  123. intlpAddress,
  124. intdwSize,
  125. intflAllocationType,
  126. intflProtect
  127. );
  128. //释放内存空间
  129. [DllImport("Kernel32.dll")]
  130. publicstaticexternSystem.Int32VirtualFreeEx(
  131. inthProcess,
  132. intlpAddress,
  133. intdwSize,
  134. intflAllocationType
  135. );
  136. }
  137. }


相关评论