JAVA(JNA)内联汇编之外挂编写()
MyKernel32类
[java]
1. package com.jna;
2.
3. import com.sun.jna.Native;
4. import com.sun.jna.Structure;
5. import com.amples.win32.Kernel32;
6. import com.amples.win32.W32API;
7. import com.sun.jna.ptr.IntByReference;
8.
9.
10.
11. public interface MyKernel32 extends Kernel32{
12.
13. public MyKernel32 INSTANCE=(MyKernel32)Native.loadLibrary("kernel32",MyKernel32.class);
14.
15. public W32API.HANDLE OpenProcess(int dwDesiredAccess,boolean flag,int dwProcessid);
16.
17. public boolean ReadProcessMemory(W32API.HANDLE hProcess,int ipBaseAddress,Object ipBuffer,int nSize,IntByReference i
18.
19. public boolean ReadProcesMemorey(W32API.HANDLE hProcess,int IntBaseAddress,byte []ipBuffer,int nSize,IntByReference i
20.
21. public int VirtualAllocEx(W32API.HANDLE hProcess,IntByReference lpAddress,int dwSize,int flAllocationType,int flProtect);
22.
23. public HANDLE CreateRemoteThread(W32API.HANDLE hProcess,Structure lpThreadAttributes,int dwStackSize,int lpStartAdd
24.
25. public boolean WriteProcessMemory(W32API.HANDLE hProcess,int lpBaseAddress,byte []lpBuffer,int nSize,IntByReference lp
26.
27.
28.
29.
30.
31.
32.
33. }
package com.jna;
import com.sun.jna.Native;
import com.sun.jna.Structure;
import com.amples.win32.Kernel32;
import com.amples.win32.W32API;
import com.sun.jna.ptr.IntByReference;
public interface MyKernel32 extends Kernel32{
public MyKernel32 INSTANCE=(MyKernel32)Native.loadLibrary("kernel32",MyKernel32.class);
public W32API.HANDLE OpenProcess(int dwDesiredAccess,boolean flag,int dwProcessid);
public boolean ReadProcessMemory(W32API.HANDLE hProcess,int ipBaseAddress,Object ipBuffer,int nSize,IntByReference ipNumberOfBytesRead);
public boolean ReadProcesMemorey(W32API.HANDLE hProcess,int IntBaseAddress,byte []ipBuffer,int nSize,IntByReference ipNumberOfBytesRead);
public int VirtualAllocEx(W32API.HANDLE hProcess,IntByReference lpAddress,int dwSize,int flAllocationType,int flProtect);
public HANDLE CreateRemoteThread(W32API.HANDLE hProcess,Structure lpThreadAttributes,int d
wStackSize,int lpStartAddress,Structure lpParameter,int dwC public boolean WriteProcessMemory(W32API.HANDLE hProcess,int lpBaseAddress,byte []lpBuffer,int nSize,IntByReference lpNumberOfBytesWritten);
}
Main类
[java]
1. package com.main;
2.
java jna3. import com.jna.MyKernel32;
4. import com.sun.jna.Structure;
5. import com.amples.win32.User32;
6. import com.amples.win32.W32API;
7. import com.amples.win32.W32API.HANDLE;
8. import com.amples.win32.W32API.HWND;
9. import com.sun.jna.ptr.IntByReference;
10. import org.loon.framework.os.ASM;
11.
12. @SuppressWarnings({"unused","static-access"})
13. public class Main {
14. private static final int PROCESS_ALL_ACCESS=2035711; //权限
15.
16.
17. public void Game(){
18. //获得窗⼝句柄
19. W32API.HWND hwnd = User32.INSTANCE.FindWindow(null, "【魔域】");
20.
21. //获得窗⼝进程ID
22. IntByReference lpdwProcessId=new IntByReference();
23. int Tid = User32.INSTANCE.GetWindowThreadProcessId(hwnd, lpdwProcessId);
24.
25. W32API.HANDLE processHandle=null;
26.
27. //获得进程句柄
28. processHandle=MyKernel32.INSTANCE.OpenProcess(PROCESS_ALL_ACCESS,false, Value());
29.
30. //开辟内存空间
31. int l=MyKernel32.INSTANCE.VirtualAllocEx(processHandle, null, 0x3000, 0x1000, 0x40);
32.
33. if(l==0){
34. System.out.println("分配内存失败");
35. return;
36. }else{
37. System.out.println("分配内存成功");
38. System.out.println("内存地址:"+l);
39. }
40.
41. //编写汇编码
42. ASM asm = new ASM();
43.
44. //寄存器全部⼊栈
45. asm._PUSHAD();
46. //写⼊CALL汇编码
47.
48. //BB出征CALL
49. asm._PUSH(0);
50. asm._PUSH(0x83afe631);
51. asm._MOV_ECX(0x01170090);
52. asm._CALL(0x00C88890);
53. //寄存器全部出栈
54. asm._POPAD();
55. //结尾标记
56. asm._RET();
57.
58. boolean b = MyKernel32.INSTANCE.WriteProcessMemory(processHandle, l, ASMCode()),
59. if(b){
60. System.out.println("写⼊成功");
61. }else{
62. System.out.println("写⼊失败");
63. return;
64. }
65. int lpThreadId=0;
66. MyKernel32.INSTANCE.CreateRemoteThread(processHandle, null, 0, l,null , 0, null);
67.
68. }
69.
70. public static void main(String[] args) {
71.
72. Main main = new Main();
73. main.Game();
74.
75.
76.
77. }
78.
79. }
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论