以下是用VB做外挂的一些知识.我个人认为是入门的一些知识.不敢独享.贴出来给大家!~
有时间随时补充~呵呵
1.查目标窗口.需要做外挂,就需要查目标窗口.然后才做一些其他的动作.比如说鼠标键盘模拟啦.内存修改啦.封包型发送与替换啦什么什么的
------------------------------------------------------------------------- '定义模块
Declare Function FindWindow Lib "user32" Alias "FindWin dowA" (ByVal lpClassName As String, ByVal lpWindowNa me As String) As Long
'在窗口中建立一timer(时间控制器),然后在代码窗口输入如下代码:
Private Sub Form_Load()
Timer1.Interval = 500
End Sub
时间控制器的代码如下:
Private Sub Timer1_Timer()
Dim hwnd As Long
hwnd = FindWindow(vbNullString, "计算器") '抓取"计算器"这个窗口名称.
If (hwnd = 0) Then
If MsgBox("你没有打开[计算器]程序!点击“确定”退出。点“取消”继续。", 49, "错误!") = 1 Then End
ElseIf (hwnd <> 0) Then
MsgBox "你已经打开了[计算器]程序.点“确定”退出本程序", , "退出"
End
End If
End Sub
2.以下为模拟键盘事件.比如模拟"r"键.
'在模块中定义
Public Declare Sub keybd_event Lib "user32" (ByVal bV
k As Byte, ByVal Scan As Byte, ByVal dwFlags As Long, B yVal dwExtraInfo As Long)
vb计算器代码大全在窗口中建立一timer.时间间隔随意.只要不是0就可以了Private Sub Timer1_Timer()
Call keybd_event(82, 0, 0, 0) '模拟按下"R"键
End Sub
3.以下为快捷键例子.比如按下"ctrl+A"就退出!
'可以设置Form的KeyPreview属性为True,然后在For m_KeyDown事件中添加代码:
Private Sub Form_KeyDown(KeyCode As Integer, Shift A
s Integer)
If KeyCode = Asc("A") And Shift = vbCtrlMask Then unloa d me '如果ctrl+A键被按下就退出
End Sub
例二:
在Form中加入
Private Declare Function GetAsyncKeyState Lib "user32" (B yVal vkey As Long) As Integer
Private Function MyHotKey(vKeyCode) As Boolean MyHotKey = (GetAsyncKeyState(vKeyCode) < 0)
End Function
'然后在循环中或Timer的Timer事件中检测:
Private Sub Timer1_Timer()
If MyHotKey(vbKeyA) And vbKeyControl Then 'ctrl+A End '关闭
End If
'其中vbkeyA是键盘〃A〃的常数,其他键可按F1查得。End Sub
取得窗口的句柄.类.名称等
建立三个label1/label2/lebel3/
名称分别为窗口句柄/类/标题/
建立一个text窗口
建立二个command按钮,一为开始抓取。一为退出
声明:
Private Type POINTAPI
x As Long
y As Long
End Type
Private Declare Function GetCursorPos Lib "user32" (lpPoin t As POINTAPI) As Long
Private Declare Function SetWindowPos Lib "user32" (ByV al hwnd As Long, ByVal hWndInsertAfter As Long, ByVa
l x As Long, ByVal y As Long, ByVal cx As Long, ByVal c y As Long, ByVal wFlags As Long) As Long
Private Declare Function GetClassName Lib "user32" Alia
s "GetClassNameA" (ByVal hwnd As Long, ByVal lpClassN ame As String, ByVal nMaxCount As Long) As Long Private Declare Function SendMessage Lib "user32" Alias " SendMessageA" (ByVal hwnd As Long, ByVal wMsg As Lo ng, ByVal wParam As Long, lParam As Any) As Long Private Declare Function WindowFromPoint Lib "user32" (B yVal xPoint As Long, ByVal yPoint As Long) As Long
Private Declare Function GetWindowLong Lib "user32" Alia s "GetWindowLongA" (ByVal hwnd As Long, ByVal nInde x As Long) As Long
Private Declare Function GetWindowText Lib "user32" Alia s "GetWindowTextA" (ByVal hwnd As Long, ByVal lpStrin g As String, ByVal cch As Long) As Long
Private Sub Command1_Click()
If Command1.Caption = "开始抓取(&S)" Then
Timer1.Enabled = True
Command1.Caption = "停止抓取(&S)"
Else
Timer1.Enabled = False
Command1.Caption = "开始抓取(&S)"
End If
End Sub
Private Sub Command2_Click()
End
End Sub
Private Sub Form_Load()
SetWindowPos Me.hwnd, -1, 0, 0, 0, 0, &H1 Or &H2 '使窗体位于最顶端
End Sub
Private Sub Timer1_Timer()
On Error Resume Next
Dim tPoint As POINTAPI
Dim hWin As Long
Dim str As String * 255
Dim Abc As String * 64000
Dim Txt(64000) As Byte
GetCursorPos tPoint '获得当前鼠标位置
hWin = WindowFromPoint(tPoint.x, tPoint.y) '获得窗口名柄
If hWin = Me.hwnd Or hWin = Command1.hwnd Or hWi
n = Command2.hwnd Or hWin = Text1.hwnd Then Exit Su b '确定窗口不在 Form1 中
GetClassName hWin, str, 255 '获得窗口类SendMessage hWin, &HD, 64000, Txt(0) '获得窗口标题(也可使用 API 函数:GetWindowText,但效果不佳)
Label1.Caption = "窗口名柄: " & hWin Label2.Caption = "窗口类: " & str
Text1.Text = StrConv(Txt, vbUnicode)
End Sub
Option Explicit
Private Declare Function FindWindow Lib "user32" Alias "F indWindowA" (ByVal lpClassName As String, ByVal lpWin dowName As String) As Long
Private Declare Function GetWindowThreadProcessId Lib " user32" (ByVal hWnd As Long, lpdwProcessId As Long) A s Long
Private Declare Function OpenProcess Lib "kernel32" (ByVa l dwDesiredAccess As Long, ByVal bInheritHandle As Lon g, ByVal dwProcessId As Long) As Long
Private Declare Function WriteProcessMemory Lib "kernel3 2" (ByVal hProcess As Long, ByVal lpBaseAddress As An y, lpBuffer As Any, ByVal nSize As Long, lpNumberOfByte sWritten As Long) As Long
Private Declare Function ReadProcessMemory Lib "kernel32 " (ByVal hProcess As Long, ByVal lpBaseAddress As Any, l pBuffer As Any, ByVal nSize As Long, lpNumberOfBytesW ritten As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVa l hObject As Long) As Long
Private Const PROCESS_ALL_ACCESS = &H1F0FFF Private hProcess As Long
'下面的函数用于查游戏
Function FindGame() As Boolean
Dim PID As Long, Gamehwnd As Long
FindGame = False
Gamehwnd = FindWindow(vbNullString, "蜘蛛") '查游戏的句柄
If (Gamehwnd = 0) Then '如果不到(例如游戏未运行)就退出函数
MsgBox "没有到蜘蛛游戏"
Exit Function
End If
GetWindowThreadProcessId Gamehwnd, PID '取得进程ID
hProcess = OpenProcess(PROCESS_ALL_ACCESS, Fals e, PID) '以全部权力打开进程
If (hProcess = 0) Then '打开进程失败
MsgBox "没有打开进程"
Exit Function
End If
FindGame = True '成功!!
End Function
'回到VB的窗口设计模式,在窗体上放上两个按钮和一个文本框
'一个按钮为"读取"一个为"写入",分别用于读取和写入数据
'把Text1的Text设为空白
Private Sub Command1_Click()
Dim retV%, r&
'Dim retV%, r&=Dim retV As Integer, r As Long
If FindGame Then
r = ReadProcessMemory(hProcess, &H1011F20, retV, 2, 0) '这里重要,&H1011F20为内存地址.
If r = 0 Then
MsgBox "读取内存不成功!"
Else
Text1 = retV
End If
End If
End Sub
Private Sub Command2_Click()
Dim r&
If FindGame Then
r = WriteProcessMemory(hProcess, &H1011F20, CInt(Val(T ext1)), 2, 0)
'参数与上面的基本相同
'cInt(Val(Text1))是防止输入的过程有误,,例如,输入了字母,,如果不处理程序就会出错
If r = 0 Then
MsgBox "写内存不成功!"
Else
MsgBox "OK"
End If
End If
End Sub
一些控制鼠标的例子!
1.模拟鼠标击键过程
'声明:
Option Explicit Private Declare Sub mouse_event Lib "user32" ( ByVal dwF lags As Long, ByVal dx As Long, ByVal dy As Long, ByVa l cButtons As Long, ByVal dwExtraInfo As Long )
'对变量的定义
Const MOUSEEVENTF_LEFTDOWN = &H2
Const MOUSEEVENTF_LEFTUP = &H4
Const MOUSEEVENTF_MIDDLEDOWN = &H20
Const MOUSEEVENTF_MIDDLEUP = &H40
Const MOUSEEVENTF_MOVE = &H1
Const MOUSEEVENTF_ABSOLUTE = &H8000
Const MOUSEEVENTF_RIGHTDOWN = &H8
Const MOUSEEVENTF_RIGHTUP = &H10
'这里是鼠标左键按下和松开两个事件的组合即一次单击
mouse_event MOUSEEVENTF_LEFTDOWN Or MOUSE EVENTF_LEFTUP, 0, 0, 0, 0
'模拟鼠标右键单击事件
mouse_event MOUSEEVENTF_RIGHTDOWN Or MOUS EEVENTF_RIGHTUP, 0, 0, 0, 0
'两次连续的鼠标左键单击事件构成一次鼠标双击事件 mouse_event MOUSEEVENTF_LEFTDOWN Or MOUSE EVENTF_LEFTUP, 0, 0, 0, 0
mouse_event MOUSEEVENTF_LEFTDOWN Or MOUSE EVENTF_LEFTUP, 0, 0, 0, 0
2.模拟鼠标显示.隐藏
隐藏/显示鼠标.
Public Declare Function ShowCursor Lib "user32" (ByVal b Show As Long) As Long
'forml中函数如下
'隐藏鼠标(需要事件击活,比如窗体事件等) ShowCursor False
'显示鼠标(需要事件击活,比如窗体事件等) ShowCursor True
3.定位鼠标,使之不能移动
定位鼠标。
Type rect
sbleft As Long
sbtop As Long
sbright As Long
sbbottom As Long
End Type
Public Declare Function ClipCursor Lib "user32" (lpRect A s Any) As Long
'鼠标定位
Private Sub Form_Load()
'定位鼠标
Dim x As Long, y As Long
Dim newrect As rect
x& = Screen.TwipsPerPixelX
y& = Screen.TwipsPerPixelY
With newrect '鼠标只能在500,500-500,500这个范围内移动,如果四个数一样也可以说锁定鼠标了.如果加在记时器里的话就移动不了啦.
.sbleft = 500
.sbtop = 500
.sbright = 500
.sbbottom = 500
End With
ClipCursor newrect
如果鼠标被锁定,不能恢复怎么办?不用担心.看如下代码.
'使鼠标恢复(设定一个事件.才好击活这个代码.)
Dim newrect As rect
With newrect '这样鼠标又可以在0,0-屏幕的最右角,屏幕的最右下脚移动了
.sbleft = 0
.sbtop = 0
.sbright = Screen.Width / Screen.TwipsPerPixelX
.sbbottom = Screen.Height / Screen.TwipsPerPixelY
End With
ClipCursor newrect
End Sub 4.移动鼠标到某某点
移动鼠标.
Public Declare Function SetCursorPos Lib "user32" (ByVa l x As Long, ByVal y As Long) As Long
窗口函数如下:
SetCursorPos 0, 0 '鼠标移动到0,0点
5.鼠标坐标
鼠标坐标.
Type POINTAPI
x As Long
y As Long
End Type
Public Declare Function GetCursorPos Lib "user32" (lpPoin t As POINTAPI) As Long
'鼠标坐标:
在窗口中设立一记时器。一显示框。
Dim z As POINTAPI
GetCursorPos z
Label1.Caption = "x: " & z.x & " y: " & z.y '设定一个显示点label1.
6.鼠标键数
'鼠标键数.
Public Declare Function GetSystemMetrics Lib "user32" (By Val nIndex As Long) As Long
'鼠标键数
Dim mousebtn As Long
mousebtn = GetSystemMetrics(43)
Label1.Caption = "你的鼠标是 " & mousebtn & " 键鼠标! " '设定一个显示点label1.
以上也可以使用其他方式模拟.
SetWindowPos函数:使窗口停留在屏幕最顶层。
声明:
Private Declare Function SetWindowPos Lib "user32" (ByVa l hwnd As Long, _
ByVal hWndinsertAfter As Long, ByVal x As Long, ByVal y As Long, _
ByVal cx As Long, ByVal cy As Long, ByVal wFlags As Lon g) As Long
调用如:
Private Sub Form_Load()
SetWindowPos hwnd, HWND_TOPMOST, 0, 0, 0, 0, &H2 +
&H1
End Sub 窗口form1将保留在屏幕表面。
该函数功能是为窗口指定1个新的位置和状态。参数:hwnd:欲定位的窗口。
hwndinsertAfter:指定窗口的位置。可能选用下述值之一:HWND_BOTTOM 将窗口置于窗口列表底部
HWND_TOP 将窗口置于Z序列的顶部;Z序列代表在分级结构中,窗口针对一个给定级别的窗口显示的顺序HWND_TOPMOST(值-1)将窗口置于列表顶部,并位于任何最顶部窗口的前面
HWND_NOTOPMOST(值-2)将窗口置于列表顶部,并位于任何最顶部窗口的后面
x: 窗口新的x坐标。如hwnd是一个子窗口,则x用父窗口的客户区坐标表示
y: 窗口新的y坐标。如hwnd是一个子窗口,则y用父窗口的客户区坐标表示
cx:指定新的窗口宽度
cy:指定新的窗口高度
wFlags:包含了游标的一个整数,可能为下述值或其组合。SWP_DRAWFRAME 围绕窗口画一个框
SWP_HIDEWINDOW 隐藏窗口
SWP_NOACTIVA TE 不激活窗口
SWP_NOMOVE 保持当前位置(x和y设定将被忽略)SWP_NOREDRAW 窗口不自动重画
SWP_NOSIZE 保持当前大小(cx和cy会被忽略)
SWP_NOZORDER 保持窗口在列表的当前位置(hWndInsertAfter将被忽略)
SWP_SHOWWINDOW 显示窗口
SWP_FRAMECHANGED 强迫一条WM_NCCALCSIZE 消息进入窗口,即使窗口的大小没有改变
======
移动无标题栏的窗口:在标准模块中声明
Declare Function ReleaseCapture Lib "user32" () As Long ReleaseCapture函数:为当前程序释放鼠标捕获。Declare Function SendMessage Lib "user32" _
Alias "SendMessageA" ( _
ByVal hwnd As Long, ByVal wMsg As Long, _
ByVal wParam As Long, lParam As Any) As Long
Public Const HTCAPTION = 2
Public Const WM_NCLBUTTONDOWN = &HA1 此消息指在窗口的非客户区域内按下左键
在FORM_mousedown事件中写:
Private Sub Form_MouseDown(Button As Integer, Shift As I nteger, X As Single, Y As Single)
ReleaseCapture (此句为释放鼠标本来在Form客户区的捕获)
SendMessage hwnd, WM_NCLBUTTONDOWN, HTCAPT ION, 0&
End Sub
==== 创建椭圆(不规则)窗口:SetWindowRgn函数结合CreateEllipticRgn椭圆函数
SetWindowRgn函数用来创建不规则窗口,如椭圆(结合CreateEllipticRgn),多边形(结合CreatePolygonRgn),矩形(结合CreateRectRgn),圆角矩形(结合CreateRoundRectRgn)等。
声明:
Private Declare Function CreateEllipticRgn Lib "gdi32" (By Val X1 As Long, ByVal Y1 As Long, ByVal X2 As Long, By Val Y2 As Long) As Long
Private Declare Function SetWindowRgn Lib "user32" (ByV al hWnd As Long, _
ByVal hRgn As Long, ByVal bRedraw As Boolean) As Long 调用如:
Private Sub Form_Load()
SetWindowRgn hWnd, CreateEllipticRgn(0, 0, 300, 200), Tr ue
End Sub
SetWindowRgn函数用于创建不规则窗口,可创建任何几何形状的窗口,只要用Create…Rgn函数返回值传入各种形状区域句柄,参数:
参数类型及说明
hWnd:将设置其区域的窗口的句柄。
hRgn:设置好的区域的句柄,一旦设置了该区域,就不能使用或修改该区域句柄,也不要删除它
bRedraw:是否立即重画窗口,若为TRUE,则立即重画窗口
注:为区域指定的所有坐标都以窗口坐标(和客户坐标不完全相同)表示,它们以整个窗口(包括标题栏和边框,而客户坐标是指不包括标题栏的窗口内部有效区域)的左上角为起点
椭圆CreateEllipticRgn函数:创建一个椭圆,该椭圆以X 1,Y1和X2,Y2坐标点确定的矩形内切。参数:
X1,Y1:内切矩形左上角X,Y坐标
X2,Y2:内切矩形右下角X,Y坐标
====
得到屏幕有效区大小(除去任务条):SystemParametersI nfoA
声明:
Private Type RECT
Left As Long
top As Long
Right As Long
Botton As Long
End Type
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论