C#外挂类

using System;
using System.Collections.Generic;
using System.Text;
using System.Runtime.InteropServices;
using System.Diagnostics;
using System.Management;
namespace sendkey
{
public class key
{
const uint PROCESS_ALL_ACCESS = 0x001F0FFF;
const uint KEYEVENTF_EXTENDEDKEY = 0x1;
const uint KEYEVENTF_KEYUP = 0x2;
private readonly int MOUSEEVENTF_LEFTDOWN = 0x2;
private readonly int MOUSEEVENTF_LEFTUP = 0x4;
const uint KBC_KEY_CMD = 0x64;
const uint KBC_KEY_DATA = 0x60;
//得到窗体句柄的函数,FindWindow函数用来返回符合指定的类名( ClassName )和窗口名( WindowTitle )的窗口句柄
[DllImport("user32.dll", CharSet = CharSet.Auto)]
public static extern IntPtr FindWindow(
string lpClassName, // pointer to class name
string lpWindowName // pointer to window name
);
[DllImport("user32.dll")]
private static extern int GetWindowThreadProcessId(IntPtr id,int pid);

[DllImport("kernel32.dll")]
private static extern void CloseHandle
(
uint hObject //Handle to object
);
//读取进程内存的函数
[DllImport("kernel32.dll")]
static extern bool ReadProcessMemory(uint hProcess, IntPtr lpBaseAddress,
IntPtr lpBuffer, uint nSize, ref uint lpNumberOfBytesRead);
//得到目标进程句柄的函数
[DllImport("kernel32.dll")]
public static extern uint OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);
//鼠标事件声明
[DllImport("user32.dll")]
static extern bool setcursorpos(int x, int y);
[DllImport("user32.dll")]
static extern void mouse_event(mouseeventflag flags, int dx, int dy, uint data, UIntPtr extrainfo);
//键盘事件声明
[DllImport("user32.dll")]
static extern byte MapVirtualKey(byte wCode, int wMap);
[DllImport("user32.dll")]
static extern short GetKeyState(int nVirtKey);
[DllImport("user32.dll")]
static extern void keybd_event( byte bVk, byte bScan,uint dwFlags,uint dwExtraInfo);
//键盘事件声明winio
[DllImport("winio.dll")]
public static extern bool InitializeWinIo();
[DllImport("winio.dll")]
public static extern bool GetPortVal(IntPtr wPortAddr, out int pdwPortVal, byte bSize);
[DllImport("winio.dll")]
public static extern bool SetPortVal(uint wPortAddr, IntPtr dwPortVal, byte bSize);
[DllImport("winio.dll")]
public static extern byte MapPhysToLin(byte pbPhysAddr, uint dwPhysSize, IntPtr PhysicalMemoryHandle);
[DllImport("winio.dll")]
public static extern bool UnmapPhysicalMemory(IntPtr PhysicalMemoryHandle, byte pbLinAddr);
[DllImport("winio.dll")]
public static extern bool GetPhysLong(IntPtr pbPhysAddr, byte pdwPhysVal);
[DllImport("winio.dll")]
public static extern bool SetPhysLong(IntPtr pbPhysAddr, byte dwPhysVal);
[DllImport("winio.dll")]
public static extern void ShutdownWinIo();

/// <summary>
/// 获取进程pid
/// </summary>
/// <param name="name"></param>
/// <returns></returns>
private int pid(String name)
{
try
{
ObjectQuery oQuery = new ObjectQuery("select * from Win32_Process where Name='" + name + "'");
ManagementObjectSearcher oSearcher = new ManagementObjectSearcher(oQuery);
ManagementObjectCollection oReturnCollection = oSearcher.Get();

string pid = "";
string cmdLine;
StringBuilder sb = new StringBuilder();
foreach (ManagementObject oReturn in oReturnCollection)
{
pid = oReturn.GetPropertyvalue("ProcessId").ToString();
//cmdLine = (string)oReturn.GetPropertyvalue("CommandLine");

//string pattern = "-ap \"(.*)\"";
//Regex regex = new Regex(pattern, RegexOptions.IgnoreCase);
// Match match = regex.Match(cmdLine);
//string appPoolName = match.Groups[1].ToString();
//sb.AppendFormat("W3WP.exe PID: {0} AppPoolId:{1}\r\n", pid, appPoolName);
}
return Convert.ToInt32(pid);
}
catch (Exception ss)
{ return 0; }

}
private int pid(IntPtr id)
{
int pid=0;
pid=GetWindowThreadProcessId(id, pid);
return 260;
}
/// <summary>
/// 读取内存值
/// </summary>
/// <param name="name">进程id</param>
/// <param name="dizhi">读取的内存地址</param>
/// <returns></returns>
//public String getread(String QEC,String EC, IntPtr dizhi, uint size)
//{
// Byte bt = new Byte();
// IntPtr id=FindWindow(QEC, EC);
// uint hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, pid(id));
// IntPtr fanhui = new IntPtr();
// String gg = null;
// if (hProcess == 0)
// {
// // gg = ReadProcessMemory(hProcess, dizhi, fanhui, size, 0);
// // CloseHandle(hProcess);

// }
// return gg;
//}
public String getread(String jincheng, String EC, IntPtr dizhi, uint size)
{
byte[] vBuffer = new byte[4];
IntPtr vBytesAddress = Marshal.UnsafeAddrOfPinnedArrayElement(vBuffer, 0); // 得到缓冲区的地址

uint vNumberOfBytesRead = 0;
Byte bt = new Byte();
//IntPtr id = FindWindow(QEC, EC);
uint hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, pid(jincheng));
//pid(0);
IntPtr fanhui = new IntPtr();
String gg = null;
//if (hProcess == 0)
//{
if (ReadProcessMemory(hProcess, dizhi, vBytesAddress, (uint)vBuffer.Length, ref hProcess))
{
CloseHandle(hProcess);
}
else
{
CloseHandle(hProcess);
}

// }
int vInt = Marshal.ReadInt32(vBytesAddress);
return vInt.ToString() ;
}
/// <summary>
/// 获取键盘状态
/// </summary>
/// <param name="Key"></param>
/// <returns></returns>
public bool GetState(VirtualKeys Key)
{
return (GetKeyState((int)Key) == 1);
}
/// <summary>
/// 发送键盘事件
/// </summary>
/// <returns></returns>
public void Send(VirtualKeys Key, bool State)
{
if (State != GetState(Key))
{
byte a= MapVirtualKey((byte)Key, 0);
keybd_event((byte)Key, MapVirtualKey((byte)Key, 0), 0, 0);
System.Threading.Thread.Sleep(1000);
keybd_event((byte)Key, MapVirtualKey((byte)Key, 0), KEYEVENTF_KEYUP, 0);
}
}
/// <summary>
/// 初始化winio
/// </summary>
public void sendwinio()
{
if (InitializeWinIo())
{
KBCWait4IBE();
}
}
private void KBCWait4IBE() //等待键盘缓冲区为空
{
//int[] dwVal = new int[] { 0 };
int dwVal = 0;
do
{
//这句表示从&H64端口读取一个字节并把读出的数据放到变量dwVal中
//GetPortVal函数的用法是GetPortVal 端口号,存放读出数据的变量,读入的长度
bool flag = GetPortVal((IntPtr)0x64, out dwVal, 1);
}
while ((dwVal & 0x2) > 0);
}
/// <summary>
/// 模拟键盘标按下
/// </summary>
/// <param name="vKeyCoad"></param>
public void MykeyDown(int vKeyCoad)
{
int btScancode = 0;

btScancode = MapVirtualKey((byte)vKeyCoad, 0);
// btScancode = vKeyCoad;

KBCWait4IBE(); // '发送数据前应该先等待键盘缓冲区为空
SetPortVal(KBC_KEY_CMD, (IntPtr)0xD2, 1);// '发送键盘写入命令
//SetPortVal函数用于向端口写入数据,它的用法是SetPortVal 端口号,欲写入的数据,写入数据的长度
KBCWait4IBE();
SetPortVal(KBC_KEY_DATA, (IntPtr)0xe2, 1);// '写入按键信息,按下键
KBCWait4IBE(); // '发送数据前应该先等待键盘缓冲区为空
SetPortVal(KBC_KEY_CMD, (IntPtr)0xD2, 1);// '发送键盘写入命令
//SetPortVal函数用于向端口写入数据,它的用法是SetPortVal 端口号,欲写入的数据,写入数据的长度
KBCWait4IBE();
SetPortVal(KBC_KEY_DATA, (IntPtr)btScancode, 1);// '写入按键信息,按下键

}
/// <summary>
/// 模拟键盘弹出
/// </summary>
/// <param name="vKeyCoad"></param>
public void MykeyUp(int vKeyCoad)
{
int btScancode = 0;
btScancode = MapVirtualKey((byte)vKeyCoad, 0);
//btScancode = vKeyCoad;

KBCWait4IBE(); // '发送数据前应该先等待键盘缓冲区为空
SetPortVal(KBC_KEY_CMD,(IntPtr) 0xD2, 1); //'发送键盘写入命令
KBCWait4IBE();
SetPortVal(KBC_KEY_DATA, (IntPtr)0xe0, 1);// '写入按键信息,释放键
KBCWait4IBE(); // '发送数据前应该先等待键盘缓冲区为空
SetPortVal(KBC_KEY_CMD, (IntPtr)0xD2, 1); //'发送键盘写入命令
KBCWait4IBE();
SetPortVal(KBC_KEY_DATA, (IntPtr)btScancode, 1);// '写入按键信息,释放键
}
/// <summary>
/// 模拟鼠标按下
/// </summary>
/// <param name="vKeyCoad"></param>
public void MyMouseDown(int vKeyCoad)
{
int btScancode = 0;

btScancode = MapVirtualKey((byte)vKeyCoad, 0);
//btScancode = vKeyCoad;

KBCWait4IBE(); // '发送数据前应该先等待键盘缓冲区为空
SetPortVal(KBC_KEY_CMD,(IntPtr)0xD3, 1);// '发送键盘写入命令
//SetPortVal函数用于向端口写入数据,它的用法是SetPortVal 端口号,欲写入的数据,写入数据的长度
KBCWait4IBE();
SetPortVal(KBC_KEY_DATA, (IntPtr)(btScancode|0x80), 1);// '写入按键信息,按下键

}
/// <summary>
/// 模拟鼠标弹出
/// </summary>
/// <param name="vKeyCoad"></param>
public void MyMouseUp(int vKeyCoad)
{
int btScancode = 0;
btScancode = MapVirtualKey((byte)vKeyCoad, 0);
// btScancode = vKeyCoad;

KBCWait4IBE(); // '发送数据前应该先等待键盘缓冲区为空
SetPortVal(KBC_KEY_CMD,(IntPtr) 0xD3, 1); //'发送键盘写入命令
KBCWait4IBE();
SetPortVal(KBC_KEY_DATA, (IntPtr)(btScancode | 0x80), 1);// '写入按键信息,释放键
}
/// <summary>
/// 发送鼠标事件
/// </summary>
/// <returns></returns>
public void SendMouse()
{

}
/// <summary>
/// 鼠标动作枚举
/// </summary>
public enum mouseeventflag : uint
{
move = 0x0001,
leftdown = 0x0002,
leftup = 0x0004,
rightdown = 0x0008,
rightup = 0x0010,
middledown = 0x0020,
middleup = 0x0040,
xdown = 0x0080,
xup = 0x0100,
wheel = 0x0800,
virtualdesk = 0x4000,
absolute = 0x8000
}
/// <summary>
/// 键盘动作枚举
/// </summary>
public enum VirtualKeys : byte
{
//VK_NUMLOCK = 0x90, //数字锁定键
//VK_SCROLL = 0x91, //滚动锁定
//VK_CAPITAL = 0x14, //大小写锁定
//VK_A = 62, //键盘A
VK_LBUTTON=1, //鼠标左键
VK_RBUTTON=2,  //鼠标右键
VK_CANCEL=3,    //Ctrl+Break(通常不需要处理)
VK_MBUTTON=4,   //鼠标中键
VK_BACK=8,     //Backspace
VK_TAB=9,     //Tab
VK_CLEAR=12,    //Num Lock关闭时的数字键盘5
VK_RETURN=13,   //Enter(或者另一个)
VK_SHIFT=16,    //Shift(或者另一个)
VK_CONTROL=17,   //Ctrl(或者另一个)
VK_MENU=18,    //Alt(或者另一个)
VK_PAUSE=19,    //Pause
VK_CAPITAL=20,   //Caps Lock
VK_ESCAPE=27,   //Esc
VK_SPACE=32,    //Spacebar
VK_PRIOR=33,    //Page Up
VK_NEXT=34,    //Page Down
VK_END=35,     //End
VK_HOME=36,    //Home
VK_LEFT=37,    //左箭头
VK_UP=38,     //上箭头
VK_RIGHT=39,    //右箭头
VK_DOWN=40,    //下箭头
VK_SELECT=41,   //可选
VK_PRINT=42,    //可选
VK_EXECUTE=43,   //可选
VK_SNAPSHOT=44,  //Print Screen
VK_INSERT=45,   //Insert
VK_DELETE=46,   //Delete
VK_HELP=47,   //可选
VK_NUM0=48, //0
VK_NUM1=49, //1
VK_NUM2=50, //2
VK_NUM3=51, //3
VK_NUM4=52, //4
VK_NUM5=53, //5
VK_NUM6=54, //6
VK_NUM7=55, //7
VK_NUM8=56, //8
VK_NUM9=57, //9
VK_A=65, //A
VK_B=66, //B
VK_C=67, //C
VK_D=68, //D
VK_E=69, //E
VK_F=70, //F
VK_G=71, //G
VK_H=72, //H
VK_I=73, //I
VK_J=74, //J
VK_K=75, //K
VK_L=76, //L
VK_M=77, //M
VK_N=78, //N
VK_O=79, //O
VK_P=80, //P
VK_Q=81, //Q
VK_R=82, //R
VK_S=83, //S
VK_T=84, //T
VK_U=85, //U
VK_V=86, //V
VK_W=87, //W
VK_X=88, //X
VK_Y=89, //Y
VK_Z=90, //Z
VK_NUMPAD0=96, //0
VK_NUMPAD1=97, //1
VK_NUMPAD2=98, //2
VK_NUMPAD3=99, //3
VK_NUMPAD4=100, //4
VK_NUMPAD5=101, //5
VK_NUMPAD6=102, //6
VK_NUMPAD7=103, //7
VK_NUMPAD8=104, //8
VK_NUMPAD9=105, //9
VK_NULTIPLY=106,  //数字键盘上的*
VK_ADD=107,    //数字键盘上的+
VK_SEPARATOR=108, //可选
VK_SUBTRACT=109,  //数字键盘上的-
VK_DECIMAL=110,  //数字键盘上的.
VK_DIVIDE=111,   //数字键盘上的/
VK_F1=112,
VK_F2=113,
VK_F3=114,
VK_F4=115,
VK_F5=116,
VK_F6=117,
VK_F7=118,
VK_F8=119,
VK_F9=120,
VK_F10=121,
VK_F11=122,
VK_F12=123,
VK_NUMLOCK=144,  //Num Lock
VK_SCROLL=145   // Scroll Lock
}
}
}

 

本文来自CSDN博客,转载请标明出处:http://blog.csdn.net/hi123456/archive/2009/11/10/4791043.aspx

你可能感兴趣的:(C#)