1. C#做外挂的常用API,本人用了很久,基本没发现问题  
  2.   
  3. using System;  
  4. using System.Collections.Generic;  
  5. using System.Text;  
  6. using System.Runtime.InteropServices;  //这个肯定要的   
  7.   
  8. namespace WindowsApplication1  
  9. {  
  10.     class win32API  
  11.     {  
  12.         public const int OPEN_PROCESS_ALL = 2035711;  
  13.         public const int PAGE_READWRITE = 4;  
  14.         public const int PROCESS_CREATE_THREAD = 2;  
  15.         public const int PROCESS_HEAP_ENTRY_BUSY = 4;  
  16.         public const int PROCESS_VM_OPERATION = 8;  
  17.         public const int PROCESS_VM_READ = 256;  
  18.         public const int PROCESS_VM_WRITE = 32;  
  19.   
  20.         private const int PAGE_EXECUTE_READWRITE = 0x4;  
  21.         private const int MEM_COMMIT = 4096;  
  22.         private const int MEM_RELEASE = 0x8000;  
  23.         private const int MEM_DECOMMIT = 0x4000;  
  24.         private const int PROCESS_ALL_ACCESS = 0x1F0FFF;  
  25.   
  26.          
  27.   
  28.   
  29.         //查找窗体  
  30.         [DllImport("User32.dll", EntryPoint = "FindWindow")]  
  31.         public extern static IntPtr FindWindow(  
  32.             string lpClassName,  
  33.             string lpWindowName  
  34.             );  
  35.   
  36.         //得到目标进程句柄的函数  
  37.         [DllImport("USER32.DLL")]  
  38.         public extern static int GetWindowThreadProcessId(  
  39.             int hwnd,  
  40.             ref int lpdwProcessId  
  41.             );  
  42.         [DllImport("USER32.DLL")]  
  43.         public extern static int GetWindowThreadProcessId(  
  44.             IntPtr hwnd,  
  45.             ref int lpdwProcessId  
  46.             );  
  47.   
  48.         //打开进程  
  49.         [DllImport("kernel32.dll")]  
  50.         public extern static int OpenProcess(  
  51.             int dwDesiredAccess,  
  52.             int bInheritHandle,  
  53.             int dwProcessId  
  54.             );  
  55.         [DllImport("kernel32.dll")]  
  56.         public extern static IntPtr OpenProcess(  
  57.             uint dwDesiredAccess,  
  58.             int bInheritHandle,  
  59.             uint dwProcessId  
  60.             );  
  61.          
  62.         //关闭句柄的函数  
  63.         [DllImport("kernel32.dll", EntryPoint = "CloseHandle")]  
  64.         public static extern int CloseHandle(  
  65.             int hObject  
  66.             );  
  67.   
  68.         //读内存  
  69.         [DllImport("Kernel32.dll ")]  
  70.         public static extern Int32 ReadProcessMemory(  
  71.             IntPtr hProcess,  
  72.             IntPtr lpBaseAddress,  
  73.             [In, Out] byte[] buffer,  
  74.             int size,  
  75.             out IntPtr lpNumberOfBytesWritten  
  76.             );  
  77.         [DllImport("Kernel32.dll ")]  
  78.         public static extern Int32 ReadProcessMemory(  
  79.             int hProcess,  
  80.             int lpBaseAddress,  
  81.             ref int buffer,  
  82.             //byte[] buffer,  
  83.             int size,  
  84.             int lpNumberOfBytesWritten  
  85.             );  
  86.         [DllImport("Kernel32.dll ")]  
  87.         public static extern Int32 ReadProcessMemory(  
  88.             int hProcess,  
  89.             int lpBaseAddress,  
  90.             byte[] buffer,  
  91.             int size,  
  92.             int lpNumberOfBytesWritten  
  93.             );  
  94.   
  95.         //写内存  
  96.         [DllImport("kernel32.dll")]  
  97.         public static extern Int32 WriteProcessMemory(  
  98.             IntPtr hProcess,  
  99.             IntPtr lpBaseAddress,  
  100.             [In, Out] byte[] buffer,  
  101.             int size,  
  102.             out IntPtr lpNumberOfBytesWritten  
  103.             );  
  104.   
  105.         [DllImport("kernel32.dll")]  
  106.         public static extern Int32 WriteProcessMemory(  
  107.             int hProcess,  
  108.             int lpBaseAddress,  
  109.             byte[] buffer,  
  110.             int size,  
  111.             int lpNumberOfBytesWritten  
  112.             );  
  113.   
  114.         //创建线程  
  115.         [DllImport("kernel32", EntryPoint = "CreateRemoteThread")]  
  116.         public static extern int CreateRemoteThread(  
  117.             int hProcess,  
  118.             int lpThreadAttributes,  
  119.             int dwStackSize,  
  120.             int lpStartAddress,  
  121.             int lpParameter,  
  122.             int dwCreationFlags,  
  123.             ref int lpThreadId  
  124.             );  
  125.   
  126.         //开辟指定进程的内存空间  
  127.         [DllImport("Kernel32.dll")]  
  128.         public static extern System.Int32 VirtualAllocEx(  
  129.          System.IntPtr hProcess,  
  130.          System.Int32 lpAddress,  
  131.          System.Int32 dwSize,  
  132.          System.Int16 flAllocationType,  
  133.          System.Int16 flProtect  
  134.          );  
  135.   
  136.         [DllImport("Kernel32.dll")]  
  137.         public static extern System.Int32 VirtualAllocEx(  
  138.         int hProcess,  
  139.         int lpAddress,  
  140.         int dwSize,  
  141.         int flAllocationType,  
  142.         int flProtect  
  143.         );  
  144.   
  145.         //释放内存空间  
  146.         [DllImport("Kernel32.dll")]  
  147.         public static extern System.Int32 VirtualFreeEx(  
  148.         int hProcess,  
  149.         int lpAddress,  
  150.         int dwSize,  
  151.         int flAllocationType  
  152.         );  
  153.     }  
  154. }  
posted on 2014-07-17 15:13  GC2013  阅读(2226)  评论(0编辑  收藏  举报