【王艳平WINDOWS API书】游戏内存修改器之C++类实现

为了不在枯燥繁杂的语法中发神经。。数据结构也看腻了。。难的部分留着再说吧。。想动手写点实际的程序。。

找了本王艳平的《WINDOWS程序设计》第一版来看。。再不敲几行代码，脑袋就秀逗了。。断断续续看到第二章。。章末有个作业。。封装“游戏内存修改器”成一个类。。就动手做吧。。代码贴在这儿，怕以后丢了：

游戏CPP文件：

欲修改的数据为g_nNum和i.按一下回车键，数据相应的变化，以使我们的数据独一无二，要不然没法确定改我们想改的数据。

#include <iostream.h>

// 全局变量测试
int g_nNum;
int main(int argc, char* argv[])
{
    int i = 198;    // 局部变量测试
    g_nNum = 1003;

    while(true)
    {
        // 输出个变量的值和地址
        cout<<" i = "<<++i<<" addr = "<<&i<<" g_nNum = "<<--g_nNum<<" addr = "<<&g_nNum<<endl;
        getchar();
    }

    return 0;
}

修改器CPP：

输入要改的游戏中的数据，如果确定了唯一的该数据的地址，就输入新的值后退出，如果不唯一就切到游戏中按一下回车改变一下数据，直到唯一为止。

#include "windows.h"
#include "stdio.h"
#include <iostream.h>
#include <stdexcept>


class CMemFinder
{
public:
    CMemFinder(DWORD dwProcessId);
    virtual ~CMemFinder();

    BOOL IsFirst() const { return m_bFirst; }
    BOOL IsValid() const { return m_hProcess != NULL; }
    int GetListCount() const { return m_nListCnt; }
    DWORD operator[](int nIndex) { return m_arList[nIndex]; }

    virtual void FindFirst(DWORD dwValue);
    virtual void FindNext(DWORD dwValue);
    virtual void WriteMemory(DWORD dwValue);
    void DispList();

protected:
    virtual void CompareAPage(DWORD dwBaseAddr,DWORD dwValue);
    DWORD m_arList[1024];
    int m_nListCnt;
    HANDLE m_hProcess;
    BOOL m_bFirst;
};

CMemFinder::CMemFinder(DWORD dwProcessId):m_nListCnt(0),m_bFirst(TRUE)
{
    HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS,FALSE,dwProcessId);
    if(hProcess == NULL)
    {
        throw std::runtime_error("Process Error occured!");
    }
    m_hProcess = hProcess;
}

CMemFinder::~CMemFinder()
{
    if(m_hProcess != NULL)
    {
        CloseHandle(m_hProcess);
    }
}

void CMemFinder::FindFirst(DWORD dwValue)
{
    const DWORD dwAPage = 1024 * 4;
    const DWORD dwAGB = 1024 * 1024 * 1024;
    DWORD dwBase;
    OSVERSIONINFO vi = { sizeof(vi) };
    if (vi.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS)
    {
        dwBase = 4*1024*1024;   // Windows 98系列，4MB
    }
    else
    {
        dwBase = 640*1024;      // Windows NT系列，64KB
    }
    for(;dwBase < dwAGB * 2;dwBase += dwAPage)
    {
        CompareAPage(dwBase,dwValue);
    }
    m_bFirst = FALSE;
}

void CMemFinder::FindNext(DWORD dwValue)
{
    if( IsFirst() )
    {
        throw std::runtime_error("First Error!");
    }
    DWORD dwOrgCnt = this->m_nListCnt;
    this->m_nListCnt = 0;
    DWORD buffer;
    for(DWORD i = 0;i < dwOrgCnt;i++)
    {
        ::ReadProcessMemory(m_hProcess,(LPCVOID)m_arList[i],&buffer,sizeof(DWORD),NULL);
        if( buffer == dwValue)
        {
            m_arList[m_nListCnt++] = m_arList[i];
        }
    }
}

void CMemFinder::WriteMemory(DWORD dwValue)
{
    if(m_nListCnt != 1)
    {
        throw std::runtime_error("m_nListCnt != 1 Error!");
    }
    ::WriteProcessMemory(m_hProcess,(LPVOID)m_arList[0],(LPVOID)&dwValue,sizeof(DWORD),NULL);
}

void CMemFinder::CompareAPage(DWORD dwBaseAddr,DWORD dwValue)
{
    const DWORD dwAPage = 1024 * 4;
    BYTE buffer[4096];
    DWORD* aDw;
    ::ReadProcessMemory(m_hProcess,(LPCVOID)dwBaseAddr,(LPVOID)buffer,dwAPage,NULL);
    for(DWORD i = 0;i < dwAPage;i++)
    {
        aDw = (DWORD*)&buffer[i];
        if(*aDw == dwValue)
        {
            m_arList[m_nListCnt++] = dwBaseAddr + i;
        }
    }
}

void CMemFinder::DispList()
{
    for(DWORD i = 0;i < m_nListCnt;i++)
    {
        cout<<hex<<m_arList[i]<<endl;
    }
}

int main()
{
    CHAR appName[]="..//process//debug//process.exe";
    STARTUPINFO si={sizeof(si)};
    PROCESS_INFORMATION pi;

    CreateProcess(NULL,appName,NULL,NULL,FALSE,CREATE_NEW_CONSOLE,NULL,NULL,&si,&pi);
    CloseHandle(pi.hThread);
    CloseHandle(pi.hProcess);

    CMemFinder cmf(pi.dwProcessId);

    cout<<"Input a Number"<<endl;
    DWORD search;
    cin>>search;

    try
    {
        cmf.FindFirst(search);
        cmf.DispList();
        while(TRUE)
        {
            cout<<"Input Again!"<<endl;
            cin>>search;
            cmf.FindNext(search);
            cmf.DispList();
            if(cmf.GetListCount() == 1)
            {
                cout<<"Input New Value!"<<endl;
                DWORD newValue;
                cin>>newValue;
                cmf.WriteMemory(newValue);
                break;
            }
        }
    }
    catch(std::runtime_error re)
    {
        cout<<re.what()<<endl;
    }

    cout<<"finished!"<<endl;
    return 0;
}

最后上张图：

呵呵，继续加油吧