控制版使用不太方便,此MFC版與控制台版內容一樣。具體可以參考前面。此處只附源代碼,不加以說明。。。。。。。。。。
頭文件 // jsMFCDlg.h : 頭文件 // #pragma once // CjsMFCDlg 對話框 class CjsMFCDlg : public CDialogEx { // 構造 public: CjsMFCDlg(CWnd* pParent = NULL); // 標准構造函數 // 對話框數據 enum { IDD = IDD_JSMFC_DIALOG }; protected: virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持 // 實現 protected: HICON m_hIcon; // 生成的消息映射函數 virtual BOOL OnInitDialog(); afx_msg void OnSysCommand(UINT nID, LPARAM lParam); afx_msg void OnPaint(); afx_msg HCURSOR OnQueryDragIcon(); DECLARE_MESSAGE_MAP() public: //新增函數,對應按鈕 afx_msg void OnBnClickedButton1(); afx_msg void OnBnClickedButton2(); afx_msg void OnBnClickedButton3(); afx_msg void OnBnClickedButton4(); afx_msg void OnBnClickedButton5(); afx_msg void OnBnClickedButton6(); afx_msg void OnBnClickedButton8(); afx_msg void OnBnClickedButton7(); CString mBigGuan; CString mSmallGuan; afx_msg void OnBnClickedButton9(); };
源文件 // jsMFCDlg.cpp : 實現文件 // #include "stdafx.h" #include "jsMFC.h" #include "jsMFCDlg.h" #include "afxdialogex.h" #ifdef _DEBUG #define new DEBUG_NEW #endif // 用於應用程序“關於”菜單項的 CAboutDlg 對話框 class CAboutDlg : public CDialogEx { public: CAboutDlg(); // 對話框數據 enum { IDD = IDD_ABOUTBOX }; protected: virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持 // 實現 protected: DECLARE_MESSAGE_MAP() }; CAboutDlg::CAboutDlg() : CDialogEx(CAboutDlg::IDD) { } void CAboutDlg::DoDataExchange(CDataExchange* pDX) { CDialogEx::DoDataExchange(pDX); } BEGIN_MESSAGE_MAP(CAboutDlg, CDialogEx) END_MESSAGE_MAP() // CjsMFCDlg 對話框 CjsMFCDlg::CjsMFCDlg(CWnd* pParent /*=NULL*/) : CDialogEx(CjsMFCDlg::IDD, pParent) , mBigGuan(_T("")) , mSmallGuan(_T("")) { m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME); } void CjsMFCDlg::DoDataExchange(CDataExchange* pDX) { CDialogEx::DoDataExchange(pDX); DDX_Text(pDX, IDC_EDIT1, mBigGuan); DDV_MaxChars(pDX, mBigGuan, 1); DDX_Text(pDX, IDC_EDIT2, mSmallGuan); DDV_MaxChars(pDX, mSmallGuan, 2); } BEGIN_MESSAGE_MAP(CjsMFCDlg, CDialogEx) ON_WM_SYSCOMMAND() ON_WM_PAINT() ON_WM_QUERYDRAGICON() ON_BN_CLICKED(IDC_BUTTON1, &CjsMFCDlg::OnBnClickedButton1) ON_BN_CLICKED(IDC_BUTTON2, &CjsMFCDlg::OnBnClickedButton2) ON_BN_CLICKED(IDC_BUTTON3, &CjsMFCDlg::OnBnClickedButton3) ON_BN_CLICKED(IDC_BUTTON4, &CjsMFCDlg::OnBnClickedButton4) ON_BN_CLICKED(IDC_BUTTON5, &CjsMFCDlg::OnBnClickedButton5) ON_BN_CLICKED(IDC_BUTTON6, &CjsMFCDlg::OnBnClickedButton6) ON_BN_CLICKED(IDC_BUTTON8, &CjsMFCDlg::OnBnClickedButton8) ON_BN_CLICKED(IDC_BUTTON7, &CjsMFCDlg::OnBnClickedButton7) ON_BN_CLICKED(IDC_BUTTON9, &CjsMFCDlg::OnBnClickedButton9) END_MESSAGE_MAP() //英文原版---植物大戰僵屍 //游戲基址 int base = 0x006A9EC0; HANDLE hProcess; //根據基址,再進行兩次偏移,得到最終地址。陽光、金幣 int *get2Point(int base, int p1, int p2) { int iBase, iP1, *iP2; if (!ReadProcessMemory(hProcess, (LPVOID)base, &iBase, 4, NULL)) { return NULL; } if (!ReadProcessMemory(hProcess, (LPVOID)(iBase + p1), &iP1, 4, NULL)) { return NULL; } iP2 = (int *)(iP1 + p2); return iP2; } //根據基址,再進行三次偏移,得到最終地址。免CD int *get3Point(int base, int p1, int p2, int p3) { int iBase, iP1, iP2, *iP3; if (!ReadProcessMemory(hProcess, (LPVOID)base, &iBase, 4, NULL)) { return NULL; } if (!ReadProcessMemory(hProcess, (LPVOID)(iBase + p1), &iP1, 4, NULL)) { return NULL; } if (!ReadProcessMemory(hProcess, (LPVOID)(iP1 + p2), &iP2, 4, NULL)) { return NULL; } iP3 = (int *)(iP2 + p3); return iP3; } BOOL InitWaigua() { HWND hWnd = FindWindow(NULL, TEXT("植物大戰僵屍中文版")); if (NULL == hWnd) { AfxMessageBox(TEXT("查找窗口失敗")); return FALSE; } DWORD dwProcessId; GetWindowThreadProcessId(hWnd, &dwProcessId); //獲取進程句柄 hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessId); if (NULL == hProcess) { //AfxMessageBox(TEXT("打開進程失敗")); return FALSE; } return TRUE; } //改陽光 void ModifySun() { int *sun = get2Point(base, 0x768, 0x5560); int sunValue = 999999; WriteProcessMemory(hProcess, sun, &sunValue, 4, NULL); } //改金幣 void ModifyMoney() { int *pMoney = get2Point(base, 0x82C, 0x28); int moneyValue = 999999; WriteProcessMemory(hProcess, pMoney, &moneyValue, 4, NULL); } //免CD void ModifyColdTime() { int *pCount = get3Point(base, 0x768, 0x144, 0x24); if (pCount == NULL) return ; int *pFirst = get3Point(base, 0x768, 0x144, 0x4C); if (pFirst == NULL) return ; // int iCount = 0; ReadProcessMemory(hProcess, pCount, &iCount, 4, NULL); for (int i = 0; i < iCount; i++) { //pFirst[0] = pFirst[1];//讀和寫 int iRecoveryTime; ReadProcessMemory(hProcess, pFirst + 1, &iRecoveryTime, 4, NULL); WriteProcessMemory(hProcess, pFirst, &iRecoveryTime, 4, NULL); pFirst = (int *)((int)pFirst + 0x50); } } // CjsMFCDlg 消息處理程序 //判斷是否執行操作 BOOL IsSunUnlimite = FALSE, IsMoneyUnlimite = FALSE, IsColdTimeZero = FALSE; //不斷更新 DWORD WINAPI WaiguaThread(LPVOID lpParameter) { CjsMFCDlg *dlg = (CjsMFCDlg *)lpParameter; while (1) { Sleep(1000); //檢測游戲是否啟動 if (InitWaigua()) { //檢測到了游戲 dlg->SetDlgItemText((int)IDC_STATIC10, TEXT("已經檢測到游戲啟動")); //保存原來的三個字節 //ReadProcessMemory(hProcess, pCode, oldOpCode, 3, NULL); } else { //設置窗口狀態,沒有檢測到游戲 dlg->SetDlgItemText((int)IDC_STATIC10, TEXT("未檢測到游戲啟動")); continue; } if (IsSunUnlimite) { ModifySun(); } if (IsMoneyUnlimite) { ModifyMoney(); } if (IsColdTimeZero) { ModifyColdTime(); } } return 0; } //免暫停的基址 unsigned char *pCode = (unsigned char *)0x4502C0; unsigned char oldOpCode[3]; //更換的地址 unsigned char newOpCode[] = "\xC3\x04\x00"; BOOL CjsMFCDlg::OnInitDialog() { CDialogEx::OnInitDialog(); // 將“關於...”菜單項添加到系統菜單中。 // IDM_ABOUTBOX 必須在系統命令范圍內。 ASSERT((IDM_ABOUTBOX & 0xFFF0) == IDM_ABOUTBOX); ASSERT(IDM_ABOUTBOX < 0xF000); CMenu* pSysMenu = GetSystemMenu(FALSE); if (pSysMenu != NULL) { BOOL bNameValid; CString strAboutMenu; bNameValid = strAboutMenu.LoadString(IDS_ABOUTBOX); ASSERT(bNameValid); if (!strAboutMenu.IsEmpty()) { pSysMenu->AppendMenu(MF_SEPARATOR); pSysMenu->AppendMenu(MF_STRING, IDM_ABOUTBOX, strAboutMenu); } } // 設置此對話框的圖標。 當應用程序主窗口不是對話框時,框架將自動 // 執行此操作 SetIcon(m_hIcon, TRUE); // 設置大圖標 SetIcon(m_hIcon, FALSE); // 設置小圖標 ShowWindow(SW_MINIMIZE); // TODO: 在此添加額外的初始化代碼 //創建線程來不停修改陽光。。。。。 CreateThread(0, 0, WaiguaThread, this, 0, 0); return TRUE; // 除非將焦點設置到控件,否則返回 TRUE } void CjsMFCDlg::OnSysCommand(UINT nID, LPARAM lParam) { if ((nID & 0xFFF0) == IDM_ABOUTBOX) { CAboutDlg dlgAbout; dlgAbout.DoModal(); } else { CDialogEx::OnSysCommand(nID, lParam); } } // 如果向對話框添加最小化按鈕,則需要下面的代碼 // 來繪制該圖標。 對於使用文檔/視圖模型的 MFC 應用程序, // 這將由框架自動完成。 void CjsMFCDlg::OnPaint() { if (IsIconic()) { CPaintDC dc(this); // 用於繪制的設備上下文 SendMessage(WM_ICONERASEBKGND, reinterpret_cast<WPARAM>(dc.GetSafeHdc()), 0); // 使圖標在工作區矩形中居中 int cxIcon = GetSystemMetrics(SM_CXICON); int cyIcon = GetSystemMetrics(SM_CYICON); CRect rect; GetClientRect(&rect); int x = (rect.Width() - cxIcon + 1) / 2; int y = (rect.Height() - cyIcon + 1) / 2; // 繪制圖標 dc.DrawIcon(x, y, m_hIcon); } else { CDialogEx::OnPaint(); } } //當用戶拖動最小化窗口時系統調用此函數取得光標 //顯示。 HCURSOR CjsMFCDlg::OnQueryDragIcon() { return static_cast<HCURSOR>(m_hIcon); } void CjsMFCDlg::OnBnClickedButton1() { // TODO: 在此添加控件通知處理程序代碼 IsSunUnlimite = TRUE; } void CjsMFCDlg::OnBnClickedButton2() { // TODO: 在此添加控件通知處理程序代碼 IsSunUnlimite = FALSE; } void CjsMFCDlg::OnBnClickedButton3() { // TODO: 在此添加控件通知處理程序代碼 IsMoneyUnlimite = TRUE; } void CjsMFCDlg::OnBnClickedButton4() { // TODO: 在此添加控件通知處理程序代碼 IsMoneyUnlimite = FALSE; } void CjsMFCDlg::OnBnClickedButton5() { // TODO: 在此添加控件通知處理程序代碼 IsColdTimeZero = TRUE; } void CjsMFCDlg::OnBnClickedButton6() { // TODO: 在此添加控件通知處理程序代碼 IsColdTimeZero = FALSE; } //禁用暫停 void NoPause() { DWORD dwOldProtect; VirtualProtectEx(hProcess, pCode, 3, PAGE_EXECUTE_READWRITE, &dwOldProtect); WriteProcessMemory(hProcess, pCode, newOpCode, 3, NULL); VirtualProtectEx(hProcess, pCode, 3, dwOldProtect, NULL); } void YesPause() { DWORD dwOldProtect; VirtualProtectEx(hProcess, pCode, 3, PAGE_EXECUTE_READWRITE, &dwOldProtect); WriteProcessMemory(hProcess, pCode, oldOpCode, 3, NULL); VirtualProtectEx(hProcess, pCode, 3, dwOldProtect, NULL); } void CjsMFCDlg::OnBnClickedButton8() { // TODO: 在此添加控件通知處理程序代碼 NoPause(); } void CjsMFCDlg::OnBnClickedButton7() { // TODO: 在此添加控件通知處理程序代碼 YesPause(); } void ModifyGuanka(int iGuanka) { int *pGuanka = get2Point(base, 0x82C, 0x24); WriteProcessMemory(hProcess, pGuanka, &iGuanka, 4, NULL); } void CjsMFCDlg::OnBnClickedButton9() { // TODO: 在此添加控件通知處理程序代碼 UpdateData(); TCHAR *pStopstring; long lBigGuan = wcstol(mBigGuan, &pStopstring, 10); long lSmallGuan = wcstol(mSmallGuan, &pStopstring, 10); if (lBigGuan < 1 || lBigGuan > 6) { AfxMessageBox(TEXT("大關關卡不合格")); return; } if (lSmallGuan < 1 || lSmallGuan > 10) { AfxMessageBox(TEXT("小關關卡不合格")); return; } int iGuanka = (lBigGuan - 1) * 10 + lSmallGuan; ModifyGuanka(iGuanka); //AfxMessageBox(mBigGuan + mSmallGuan); }