1,找阳光基址并修改阳光值
#include <stdio.h> #include <Windows.h> DWORD pid; HANDLE hProcess = 0; int main(int argc,char ** argv) { printf("请输入游戏进程ID号:"); scanf_s("%d", &pid); hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid); if (hProcess == INVALID_HANDLE_VALUE) { printf("打开进程失败...erronumber:%d ",GetLastError()); return 0 ; } DWORD sAddr = 0x6a9ec0; DWORD value = 0; ReadProcessMemory(hProcess, (void*)sAddr, &value, 4, NULL); printf("first level addr : %d ", value); sAddr = value + 0x768; ReadProcessMemory(hProcess, (void*)sAddr, &value, 4, NULL); printf("second level addr : %d ", value); sAddr = value + 0x5560; while (1) { ReadProcessMemory(hProcess, (void*)sAddr, &value, 4, NULL); printf_s("目前血量:%d ", value); Sleep(3000); if (value<2000) { value = 2500; WriteProcessMemory(hProcess, (void*)sAddr, &value, 4, NULL); } } CloseHandle(hProcess); return 0; }
2,不找基址,改程序代码
#include <Windows.h> #include <stdio.h> DWORD pid; HANDLE hProcess = 0; int main(int argc, char** argv) { printf("请输入游戏进程ID号:"); scanf_s("%d", &pid); hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid); if (hProcess == INVALID_HANDLE_VALUE) { printf("打开进程失败...erronumber:%d ", GetLastError()); return 0; } DWORD ads_ps = 0x00430A0D; //程序内存地址 BYTE value; value = 0xFA; DWORD oldFlag; VirtualProtectEx(hProcess, (void*)ads_ps, 1, PAGE_READWRITE, &oldFlag); WriteProcessMemory(hProcess, (void*)ads_ps, &value, 1, NULL); VirtualProtectEx(hProcess, (void*)ads_ps, 1, oldFlag, &oldFlag); CloseHandle(hProcess); getchar(); return 0; }