├── .gitignore
├── WeGame
    ├── Ioc.h
    ├── 公告.h
    ├── 公用.h
    ├── 判断.h
    ├── 功能.h
    ├── 寻路.h
    ├── 组包.h
    ├── 结构.h
    ├── 自动.h
    ├── 读写.h
    ├── 遍历.h
    ├── Api读写.h
    ├── 判断.cpp
    ├── 寻路.cpp
    ├── 组包.cpp
    ├── 遍历.cpp
    ├── Address.h
    ├── Driver.h
    ├── VuDriver.h
    ├── WeGame.aps
    ├── WeGame.rc
    ├── 游戏Call.h
    ├── res
    │   ├── WeGame.ico
    │   └── WeGame.rc2
    ├── pch.cpp
    ├── targetver.h
    ├── WeGame.vcxproj.user
    ├── pch.h
    ├── WeGame.h
    ├── WeGameDlg.h
    ├── framework.h
    ├── resource.h
    ├── 读写.cpp
    ├── WeGame.cpp
    ├── 公告.cpp
    ├── 功能.cpp
    ├── Driver.cpp
    ├── Api读写.cpp
    ├── 自动.cpp
    ├── WeGame.vcxproj.filters
    ├── 游戏Call.cpp
    ├── WeGameDlg.cpp
    ├── 公用.cpp
    ├── WeGame.vcxproj
    └── VuDriver.cpp
├── Driver
    ├── Randw.sys
    └── VuDrv.sys
├── README.md
└── WeGame.sln


/.gitignore:
--------------------------------------------------------------------------------
1 | .vs/
2 | x64/
3 | WeGame/x64/
4 | .git/
5 | 


--------------------------------------------------------------------------------
/WeGame/Ioc.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/Ioc.h


--------------------------------------------------------------------------------
/WeGame/公告.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/公告.h


--------------------------------------------------------------------------------
/WeGame/公用.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/公用.h


--------------------------------------------------------------------------------
/WeGame/判断.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/判断.h


--------------------------------------------------------------------------------
/WeGame/功能.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/功能.h


--------------------------------------------------------------------------------
/WeGame/寻路.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/寻路.h


--------------------------------------------------------------------------------
/WeGame/组包.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/组包.h


--------------------------------------------------------------------------------
/WeGame/结构.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/结构.h


--------------------------------------------------------------------------------
/WeGame/自动.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/自动.h


--------------------------------------------------------------------------------
/WeGame/读写.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/读写.h


--------------------------------------------------------------------------------
/WeGame/遍历.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/遍历.h


--------------------------------------------------------------------------------
/WeGame/Api读写.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/Api读写.h


--------------------------------------------------------------------------------
/WeGame/判断.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/判断.cpp


--------------------------------------------------------------------------------
/WeGame/寻路.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/寻路.cpp


--------------------------------------------------------------------------------
/WeGame/组包.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/组包.cpp


--------------------------------------------------------------------------------
/WeGame/遍历.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/遍历.cpp


--------------------------------------------------------------------------------
/Driver/Randw.sys:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/Driver/Randw.sys


--------------------------------------------------------------------------------
/Driver/VuDrv.sys:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/Driver/VuDrv.sys


--------------------------------------------------------------------------------
/WeGame/Address.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/Address.h


--------------------------------------------------------------------------------
/WeGame/Driver.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/Driver.h


--------------------------------------------------------------------------------
/WeGame/VuDriver.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/VuDriver.h


--------------------------------------------------------------------------------
/WeGame/WeGame.aps:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/WeGame.aps


--------------------------------------------------------------------------------
/WeGame/WeGame.rc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/WeGame.rc


--------------------------------------------------------------------------------
/WeGame/游戏Call.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/游戏Call.h


--------------------------------------------------------------------------------
/WeGame/res/WeGame.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/res/WeGame.ico


--------------------------------------------------------------------------------
/WeGame/res/WeGame.rc2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/qiuapeng921/DnfHelper-C/HEAD/WeGame/res/WeGame.rc2


--------------------------------------------------------------------------------
/WeGame/pch.cpp:
--------------------------------------------------------------------------------
1 | // pch.cpp: 与预编译标头对应的源文件
2 | 
3 | #include "pch.h"
4 | 
5 | // 当使用预编译的头时，需要使用此源文件，编译才能成功。
6 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | ### 此代码库仅自己学习! 禁止商用和用于非法操作; 如果违反产生的任何纠纷与本人无任何关系!
2 | 
3 | ### 交流群: star后带上github用户名加群
4 | 
5 | ### 点击链接加入群聊【毒奶粉研究院】：https://t.me/+D3V4dfGWE_JjYzU1
6 | 


--------------------------------------------------------------------------------
/WeGame/targetver.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | 
3 | // 包括 SDKDDKVer.h 将定义可用的最高版本的 Windows 平台。
4 | 
5 | //如果要为以前的 Windows 平台生成应用程序，请包括 WinSDKVer.h，并
6 | // 将 _WIN32_WINNT 宏设置为要支持的平台，然后再包括 SDKDDKVer.h。
7 | 
8 | #include <SDKDDKVer.h>
9 | 


--------------------------------------------------------------------------------
/WeGame/WeGame.vcxproj.user:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
3 |   <PropertyGroup>
4 |     <RESOURCE_FILE>WeGame.rc</RESOURCE_FILE>
5 |   </PropertyGroup>
6 | </Project>


--------------------------------------------------------------------------------
/WeGame/pch.h:
--------------------------------------------------------------------------------
 1 | // pch.h: 这是预编译标头文件。
 2 | // 下方列出的文件仅编译一次，提高了将来生成的生成性能。
 3 | // 这还将影响 IntelliSense 性能，包括代码完成和许多代码浏览功能。
 4 | // 但是，如果此处列出的文件中的任何一个在生成之间有更新，它们全部都将被重新编译。
 5 | // 请勿在此处添加要频繁更新的文件，这将使得性能优势无效。
 6 | 
 7 | #ifndef PCH_H
 8 | #define PCH_H
 9 | 
10 | // 添加要在此处预编译的标头
11 | #include "framework.h"
12 | 
13 | #endif //PCH_H
14 | 


--------------------------------------------------------------------------------
/WeGame/WeGame.h:
--------------------------------------------------------------------------------
 1 | 
 2 | // WeGame.h: PROJECT_NAME 应用程序的主头文件
 3 | //
 4 | 
 5 | #pragma once
 6 | 
 7 | #ifndef __AFXWIN_H__
 8 | 	#error "在包含此文件之前包含 'pch.h' 以生成 PCH"
 9 | #endif
10 | 
11 | #include "resource.h"		// 主符号
12 | 
13 | 
14 | // WeGameApp:
15 | // 有关此类的实现，请参阅 WeGame.cpp
16 | //
17 | 
18 | class WeGameApp : public CWinApp
19 | {
20 | public:
21 | 	WeGameApp();
22 | 
23 | // 重写
24 | public:
25 | 	virtual BOOL InitInstance();
26 | 
27 | // 实现
28 | 
29 | 	DECLARE_MESSAGE_MAP()
30 | };
31 | 
32 | extern WeGameApp theApp;
33 | 


--------------------------------------------------------------------------------
/WeGame/WeGameDlg.h:
--------------------------------------------------------------------------------
 1 | 
 2 | // WeGameDlg.h: 头文件
 3 | #pragma once
 4 | 
 5 | // CWeGameDlg 对话框
 6 | class CWeGameDlg : public CDialogEx
 7 | {
 8 | // 构造
 9 | public:
10 | 	CWeGameDlg(CWnd* pParent = nullptr);	// 标准构造函数
11 | 
12 | // 对话框数据
13 | #ifdef AFX_DESIGN_TIME
14 | 	enum { IDD = IDD_WEGAME_DIALOG };
15 | #endif
16 | 
17 | // 实现
18 | protected:
19 | 	HICON m_hIcon;
20 | 	// 生成的消息映射函数
21 | 	virtual BOOL OnInitDialog();
22 | 	afx_msg void OnPaint();
23 | 	afx_msg HCURSOR OnQueryDragIcon();
24 | 
25 | 
26 | 	DECLARE_MESSAGE_MAP()
27 | public:
28 | 	void 激活();
29 | 	afx_msg void 卸载();
30 | 	afx_msg void OnHotKey(UINT nHotKeyId, UINT nKey1, UINT nKey2);
31 | 	virtual BOOL PreTranslateMessage(MSG* pMsg);
32 | 	afx_msg LRESULT OnNcHitTest(CPoint point);
33 | };
34 | 
35 | extern CWeGameDlg app;


--------------------------------------------------------------------------------
/WeGame/framework.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | 
 3 | #ifndef VC_EXTRALEAN
 4 | #define VC_EXTRALEAN            // 从 Windows 头中排除极少使用的资料
 5 | #endif
 6 | 
 7 | #include "targetver.h"
 8 | 
 9 | #define _ATL_CSTRING_EXPLICIT_CONSTRUCTORS      // 某些 CString 构造函数将是显式的
10 | 
11 | // 关闭 MFC 的一些常见且经常可放心忽略的隐藏警告消息
12 | #define _AFX_ALL_WARNINGS
13 | 
14 | #include <afxwin.h>         // MFC 核心组件和标准组件
15 | #include <afxext.h>         // MFC 扩展
16 | 
17 | // 自定义全局加载 start
18 | #include <string>
19 | 
20 | // 自定义全局加载 end
21 | 
22 | 
23 | #ifndef _AFX_NO_OLE_SUPPORT
24 | #include <afxdtctl.h>           // MFC 对 Internet Explorer 4 公共控件的支持
25 | #endif
26 | #ifndef _AFX_NO_AFXCMN_SUPPORT
27 | #include <afxcmn.h>             // MFC 对 Windows 公共控件的支持
28 | #endif // _AFX_NO_AFXCMN_SUPPORT
29 | 
30 | #include <afxcontrolbars.h>     // MFC 支持功能区和控制条
31 | 
32 | 
33 | 
34 | 
35 | 
36 | 
37 | 
38 | 
39 | 
40 | 
41 | 
42 | 


--------------------------------------------------------------------------------
/WeGame/resource.h:
--------------------------------------------------------------------------------
 1 | //{{NO_DEPENDENCIES}}
 2 | // Microsoft Visual C++ 生成的包含文件。
 3 | // 供 WeGame.rc 使用
 4 | //
 5 | #define IDD_WEGAME_DIALOG               102
 6 | #define IDR_MAINFRAME                   128
 7 | #define IDC_BUTTON1                     1000
 8 | #define IDC_BUTTON2                     1001
 9 | #define IDC_EDIT1                       1002
10 | #define IDC_NOTICE                      1002
11 | #define IDC_EDIT2                       1003
12 | #define IDC_EDIT3                       1004
13 | #define IDC_EDIT4                       1010
14 | #define IDC_CHECK1                      1011
15 | #define IDC_CHECK2                      1012
16 | #define IDC_COMBO1                      1015
17 | #define IDC_COMBO2                      1016
18 | #define IDC_COMBO3                      1017
19 | 
20 | // Next default values for new objects
21 | // 
22 | #ifdef APSTUDIO_INVOKED
23 | #ifndef APSTUDIO_READONLY_SYMBOLS
24 | #define _APS_NEXT_RESOURCE_VALUE        132
25 | #define _APS_NEXT_COMMAND_VALUE         32771
26 | #define _APS_NEXT_CONTROL_VALUE         1016
27 | #define _APS_NEXT_SYMED_VALUE           101
28 | #endif
29 | #endif
30 | 


--------------------------------------------------------------------------------
/WeGame.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 12.00
 3 | # Visual Studio Version 16
 4 | VisualStudioVersion = 16.0.32602.291
 5 | MinimumVisualStudioVersion = 10.0.40219.1
 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "WeGame", "WeGame\WeGame.vcxproj", "{B9DC800B-E4B5-4E2A-A346-4B191FBDED85}"
 7 | EndProject
 8 | Global
 9 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | 		Debug|x64 = Debug|x64
11 | 		Debug|x86 = Debug|x86
12 | 		Release|x64 = Release|x64
13 | 		Release|x86 = Release|x86
14 | 	EndGlobalSection
15 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | 		{B9DC800B-E4B5-4E2A-A346-4B191FBDED85}.Debug|x64.ActiveCfg = Debug|x64
17 | 		{B9DC800B-E4B5-4E2A-A346-4B191FBDED85}.Debug|x64.Build.0 = Debug|x64
18 | 		{B9DC800B-E4B5-4E2A-A346-4B191FBDED85}.Debug|x86.ActiveCfg = Debug|Win32
19 | 		{B9DC800B-E4B5-4E2A-A346-4B191FBDED85}.Debug|x86.Build.0 = Debug|Win32
20 | 		{B9DC800B-E4B5-4E2A-A346-4B191FBDED85}.Release|x64.ActiveCfg = Release|x64
21 | 		{B9DC800B-E4B5-4E2A-A346-4B191FBDED85}.Release|x64.Build.0 = Release|x64
22 | 		{B9DC800B-E4B5-4E2A-A346-4B191FBDED85}.Release|x86.ActiveCfg = Release|Win32
23 | 		{B9DC800B-E4B5-4E2A-A346-4B191FBDED85}.Release|x86.Build.0 = Release|Win32
24 | 	EndGlobalSection
25 | 	GlobalSection(SolutionProperties) = preSolution
26 | 		HideSolutionNode = FALSE
27 | 	EndGlobalSection
28 | 	GlobalSection(ExtensibilityGlobals) = postSolution
29 | 		SolutionGuid = {63C6D2B4-5B9A-44FC-B00E-2B3FCC6799A8}
30 | 	EndGlobalSection
31 | EndGlobal
32 | 


--------------------------------------------------------------------------------
/WeGame/读写.cpp:
--------------------------------------------------------------------------------
 1 | #include "pch.h"
 2 | #include "读写.h"
 3 | 
 4 | #include "Api读写.h"
 5 | #include "公用.h"
 6 | 
 7 | ApiReadWrite apiRw;
 8 | 
 9 | DWORD static globleProcessId;
10 | 
11 | HWND static globleProcessHandle;
12 | 
13 | VOID _SetProcessId(DWORD processId, HWND processHandle)
14 | {
15 | 	globleProcessId = processId;
16 | 	globleProcessHandle = processHandle;
17 | }
18 | 
19 | LPVOID _ApplyMemory(DWORD length) {
20 | 	return apiRw.申请内存64(globleProcessId, length);
21 | }
22 | 
23 | BOOL readBytes(DWORD64 address, PVOID val, INT32 length)
24 | {
25 | 	return apiRw.进程_读字节集(globleProcessId, address, val, length);
26 | }
27 | 
28 | BOOL writeBytes(DWORD64 address, PVOID val, INT32 length) {
29 | 	return apiRw.进程_写字节集(globleProcessId, address, val, length);
30 | }
31 | 
32 | DWORD _ReadInt(DWORD64 address)
33 | {
34 | 	DWORD result;
35 | 	readBytes(address, &result, sizeof(result));
36 | 	return result;
37 | }
38 | 
39 | DWORD64 _ReadLong(DWORD64 address)
40 | {
41 | 	DWORD64 result;
42 | 	readBytes(address, &result, sizeof(result));
43 | 	return result;
44 | }
45 | 
46 | BOOL _WriteInt(DWORD64 address, DWORD val)
47 | {
48 | 	return writeBytes(address, &val, sizeof(val));
49 | }
50 | 
51 | BOOL _WriteLong(DWORD64 address, DWORD64 val)
52 | {
53 | 	return writeBytes(address, &val, sizeof(val));
54 | }
55 | 
56 | // BYTE* 原字节集 = 读字节集型(制裁基址, 2);
57 | //BYTE* _ReadBytes(DWORD64 address, INT32 length) {
58 | //	BYTE* result = new BYTE[length];
59 | //	readBytes(address, result, length);
60 | //	return result;
61 | //}
62 | 
63 | // 写字节集型(制裁基址, new BYTE[]{ 0x48, 0xBE }, 2);
64 | //BOOL _WriteBytes(DWORD64 address, PBYTE val, INT32 length) {
65 | //	return writeBytes(address, val, length);
66 | //}
67 | 
68 | vector<BYTE> _ReadByteArr(DWORD64 address, INT32 length)
69 | {
70 | 	return apiRw.读字节数组(globleProcessId, address, length);
71 | }
72 | 
73 | BOOL _WriteByteArr(DWORD64 address, ByteArr val)
74 | {
75 | 	return apiRw.写字节数组(globleProcessId, address, val);
76 | }


--------------------------------------------------------------------------------
/WeGame/WeGame.cpp:
--------------------------------------------------------------------------------
 1 | 
 2 | // WeGame.cpp: 定义应用程序的类行为。
 3 | //
 4 | 
 5 | #include "pch.h"
 6 | #include "framework.h"
 7 | #include "WeGame.h"
 8 | #include "WeGameDlg.h"
 9 | 
10 | #ifdef _DEBUG
11 | #define new DEBUG_NEW
12 | #endif
13 | 
14 | 
15 | // WeGameApp
16 | 
17 | BEGIN_MESSAGE_MAP(WeGameApp, CWinApp)
18 | 	ON_COMMAND(ID_HELP, &CWinApp::OnHelp)
19 | END_MESSAGE_MAP()
20 | 
21 | 
22 | // WeGameApp 构造
23 | 
24 | WeGameApp::WeGameApp()
25 | {
26 | 	// TODO: 在此处添加构造代码，
27 | 	// 将所有重要的初始化放置在 InitInstance 中
28 | }
29 | 
30 | 
31 | // 唯一的 WeGameApp 对象
32 | 
33 | WeGameApp theApp;
34 | 
35 | 
36 | // WeGameApp 初始化
37 | 
38 | BOOL WeGameApp::InitInstance()
39 | {
40 | 	CWinApp::InitInstance();
41 | 
42 | 
43 | 	// 创建 shell 管理器，以防对话框包含
44 | 	// 任何 shell 树视图控件或 shell 列表视图控件。
45 | 	CShellManager *pShellManager = new CShellManager;
46 | 
47 | 	// 激活“Windows Native”视觉管理器，以便在 MFC 控件中启用主题
48 | 	CMFCVisualManager::SetDefaultManager(RUNTIME_CLASS(CMFCVisualManagerWindows));
49 | 
50 | 	// 标准初始化
51 | 	// 如果未使用这些功能并希望减小
52 | 	// 最终可执行文件的大小，则应移除下列
53 | 	// 不需要的特定初始化例程
54 | 	// 更改用于存储设置的注册表项
55 | 	// TODO: 应适当修改该字符串，
56 | 	// 例如修改为公司或组织名
57 | 	SetRegistryKey(_T("应用程序向导生成的本地应用程序"));
58 | 
59 | 	CWeGameDlg dlg;
60 | 	m_pMainWnd = &dlg;
61 | 	INT_PTR nResponse = dlg.DoModal();
62 | 	if (nResponse == IDOK)
63 | 	{
64 | 		// TODO: 在此放置处理何时用
65 | 		//  “确定”来关闭对话框的代码
66 | 	}
67 | 	else if (nResponse == IDCANCEL)
68 | 	{
69 | 		// TODO: 在此放置处理何时用
70 | 		//  “取消”来关闭对话框的代码
71 | 	}
72 | 	else if (nResponse == -1)
73 | 	{
74 | 		TRACE(traceAppMsg, 0, "警告: 对话框创建失败，应用程序将意外终止。\n");
75 | 		TRACE(traceAppMsg, 0, "警告: 如果您在对话框上使用 MFC 控件，则无法 #define _AFX_NO_MFC_CONTROLS_IN_DIALOGS。\n");
76 | 	}
77 | 
78 | 	// 删除上面创建的 shell 管理器。
79 | 	if (pShellManager != nullptr)
80 | 	{
81 | 		delete pShellManager;
82 | 	}
83 | 
84 | #if !defined(_AFXDLL) && !defined(_AFX_NO_MFC_CONTROLS_IN_DIALOGS)
85 | 	ControlBarCleanUp();
86 | #endif
87 | 
88 | 	// 由于对话框已关闭，所以将返回 FALSE 以便退出应用程序，
89 | 	//  而不是启动应用程序的消息泵。
90 | 	return FALSE;
91 | }


--------------------------------------------------------------------------------
/WeGame/公告.cpp:
--------------------------------------------------------------------------------
 1 | #include "pch.h"
 2 | #include "公告.h"
 3 | 
 4 | #include "读写.h"
 5 | #include "公用.h"
 6 | #include "游戏Call.h"
 7 | 
 8 | static CEdit* windowPEdit;
 9 | 
10 | VOID SetWindowPEdit(CEdit* pEdit)
11 | {
12 | 	windowPEdit = pEdit;
13 | }
14 | 
15 | CEdit* GetWindowPEdit() 
16 | {
17 | 	return windowPEdit;
18 | }
19 | 
20 | VOID 监控(CString message)
21 | {
22 | 	CString data;
23 | 	data = data + "\r\n" + message;
24 | 	GetWindowPEdit()->ReplaceSel(data);
25 | }
26 | 
27 | VOID 神话公告(string message, int type) {
28 | 	
29 | }
30 | 
31 | VOID 游戏公告(string message,int type) {
32 | 	__int64 static 局_空白地址;
33 | 	if (局_空白地址 == 0)
34 | 	{
35 | 		局_空白地址 = (__int64)_ApplyMemory(1024);
36 | 	}
37 | 	__int64 公告基址 = 公告参数;
38 | 	__int64 公告CALL_1 = 公告CALL;
39 | 	__int64 空白地址1 = 局_空白地址 + 800;
40 | 	__int64 空白地址2 = 局_空白地址 + 1000;
41 | 	_WriteByteArr(空白地址2, _AppendToBytes(AnsiToUnicode("情歌 √  " + message), ByteArr{ 0, 0 }));
42 | 	_WriteLong(空白地址1 + 8, 空白地址2);
43 | 	_WriteLong(空白地址1 + 24, 0);
44 | 	_WriteLong(空白地址1 + 32, RGB(0, 255, 255));
45 | 	// 桃红色 RGB(255, 80, 128)
46 | 	// 艳青色 RGB(0, 255, 255)
47 | 	// 青绿色 RGB(0, 224, 128)
48 | 	// 桃红色 RGB(255, 80, 128)
49 | 	 // 公告类型 17系统公告 38普通公告
50 | 	int 公告类型 = 38;
51 | 	if (type == 2)
52 | 	{
53 | 		公告类型 = 17;
54 | 	}
55 | 	_WriteLong(空白地址1 + 36, 公告类型); 
56 | 
57 | 	ByteArr 汇编数据 = { 72, 129, 236, 0, 1, 0, 0 };
58 | 	汇编数据 = _AppendToBytes(汇编数据, { 72, 186 });
59 | 	汇编数据 = _AppendToBytes(汇编数据, _IntToBytes(空白地址1, 8));
60 | 
61 | 	汇编数据 = _AppendToBytes(汇编数据, { 72, 190 });
62 | 	汇编数据 = _AppendToBytes(汇编数据, _IntToBytes(公告基址, 8));
63 | 
64 | 	汇编数据 = _AppendToBytes(汇编数据, { 72, 139, 54 });
65 | 	汇编数据 = _AppendToBytes(汇编数据, { 72, 137, 241 });
66 | 	汇编数据 = _AppendToBytes(汇编数据, { 191, 255, 255, 255, 255 });
67 | 
68 | 	汇编数据 = _AppendToBytes(汇编数据, { 72, 184 });
69 | 	汇编数据 = _AppendToBytes(汇编数据, _IntToBytes(公告CALL_1, 8));
70 | 
71 | 	汇编数据 = _AppendToBytes(汇编数据, { 255, 208 });
72 | 	汇编数据 = _AppendToBytes(汇编数据, { 72, 129, 196, 0, 1, 0, 0 });
73 | 	汇编执行(汇编数据);
74 | 	汇编数据.clear();
75 | }


--------------------------------------------------------------------------------
/WeGame/功能.cpp:
--------------------------------------------------------------------------------
 1 | #include "pch.h"
 2 | #include "公告.h"
 3 | 
 4 | #include "公用.h"
 5 | #include "读写.h"
 6 | #include "游戏Call.h"
 7 | #include "公告.h"
 8 | #include "遍历.h"
 9 | 
10 | HANDLE 技能开关句柄;
11 | 
12 | VOID 技能开关() {
13 | 	static bool _switch;
14 | 	_switch = !_switch;
15 | 
16 | 	if (_switch == true)
17 | 	{
18 | 		技能开关句柄 = _CreateThread(&全屏技能);
19 | 		游戏公告("技能全屏 - 开启", 2);
20 | 	}
21 | 	else
22 | 	{
23 | 		_DeleteThread(技能开关句柄);
24 | 		游戏公告("技能全屏 - 关闭", 2);
25 | 	}
26 | }
27 | 
28 | VOID 无形秒杀()
29 | {
30 | 	技能Call(0, 39002, 0, 0, 0, 0, 0);
31 | 	游戏公告("无形秒杀 - 完毕", 2);
32 | }
33 | 
34 | VOID 武器冰冻() {
35 | 	static bool _switch;
36 | 	__int64 static 局_空白地址;
37 | 	if (局_空白地址 == 0)
38 | 	{
39 | 		局_空白地址 = (__int64)_ApplyMemory(1024);
40 | 	}
41 | 	__int64 空白地址 = 局_空白地址;
42 | 	int 冰冻伤害 = 99999;
43 | 	_switch = !_switch;
44 | 	if (_switch == true)
45 | 	{
46 | 		_WriteInt(空白地址, 0);
47 | 		_WriteInt(空白地址 + 4, 2000);
48 | 		_WriteInt(空白地址 + 8, 2000);
49 | 		_WriteInt(空白地址 + 12, 50);
50 | 		_WriteInt(空白地址 + 16, 100);
51 | 		_WriteInt(空白地址 + 20, 99);
52 | 		_WriteInt(空白地址 + 24, 130);
53 | 		_WriteInt(空白地址 + 28, 冰冻伤害 * 100000);
54 | 		__int64 武器 = _ReadLong(_ReadLong(取人物基质()) + 武器偏移);
55 | 		_WriteLong(武器 + 冰冻开始, 空白地址);
56 | 		_WriteLong(武器 + 冰冻结束, 空白地址 + 32);
57 | 		游戏公告("武器冰冻 - 启动", 2);
58 | 	}
59 | 	else
60 | 	{
61 | 		__int64 武器 = _ReadLong(_ReadLong(取人物基质()) + 武器偏移);
62 | 		_WriteLong(武器 + 冰冻开始, 0);
63 | 		_WriteLong(武器 + 冰冻结束, 0);
64 | 
65 | 		for (int i = 0; i <= 7; i++)
66 | 		{
67 | 			_WriteLong(空白地址, 0);
68 | 			空白地址 = 空白地址 + 4;
69 | 		}
70 | 		游戏公告("武器冰冻 - 关闭", 2);
71 | 	}
72 | }
73 | 
74 | VOID HOOK伤害() {
75 | 	static bool _switch;
76 | 	__int64 倍攻伤害 = 9999999;
77 | 	static ByteArr 地址原数据;
78 | 	_switch = !_switch;
79 | 	if (_switch == true)
80 | 	{
81 | 		地址原数据 = _ReadByteArr(全局基址, 10);
82 | 		ByteArr data = _AppendToBytes(ByteArr{ 72, 190 }, _IntToBytes(倍攻伤害, 8));
83 | 		_WriteByteArr(全局基址, data);
84 | 		游戏公告("HOOK伤害 - 启动", 2);
85 | 	}
86 | 	else
87 | 	{
88 | 		_WriteByteArr(全局基址, 地址原数据);
89 | 		游戏公告("HOOK伤害 - 关闭", 2);
90 | 	}
91 | }


--------------------------------------------------------------------------------
/WeGame/Driver.cpp:
--------------------------------------------------------------------------------
  1 | #include "pch.h"
  2 | #include "Driver.h"
  3 | 
  4 | 
  5 | Driver::Driver() //构造函数
  6 | {
  7 | 	//初始化变量
  8 | 	hSCManager = NULL;
  9 | 	hService = NULL;
 10 | 	hDriver = INVALID_HANDLE_VALUE;
 11 | 
 12 | 	dwLastError = 0;
 13 | }
 14 | 
 15 | Driver::~Driver() //析构函数
 16 | {
 17 | 	//释放资源
 18 | 	CloseServiceHandle(hService);
 19 | 	CloseServiceHandle(hSCManager);
 20 | 	CloseHandle(hDriver);
 21 | }
 22 | 
 23 | 
 24 | BOOL Driver::LoadDriver(LPCWSTR 驱动文件路径, LPCWSTR 服务名, LPCWSTR 服务显示名) {
 25 | 
 26 | 	BOOL result = false;
 27 | 
 28 | 	hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
 29 | 	if (hSCManager != NULL) {
 30 | 
 31 | 		hService = CreateService(
 32 | 			hSCManager,
 33 | 			服务名,//驱动程序在注册表中的名字
 34 | 			服务显示名,// 注册表驱动程序的 DisplayName 值
 35 | 			SERVICE_ALL_ACCESS,// 加载驱动程序的访问权限
 36 | 			SERVICE_KERNEL_DRIVER,// 表示加载的服务是驱动程序
 37 | 			SERVICE_DEMAND_START,// 注册表驱动程序的 Start 值
 38 | 			SERVICE_ERROR_IGNORE,// 注册表驱动程序的 ErrorControl 值
 39 | 			驱动文件路径,// 注册表驱动程序的 ImagePath 值
 40 | 			NULL, NULL, NULL, NULL, NULL);
 41 | 
 42 | 		if (hService == NULL && GetLastError() == ERROR_SERVICE_EXISTS)  // 服务已经存在
 43 | 		{
 44 | 			hService = OpenService(hSCManager, 服务名, SERVICE_ALL_ACCESS);
 45 | 		}
 46 | 		if (hService != NULL)
 47 | 		{
 48 | 			BOOL 启动服务 = StartService(hService, NULL, NULL);
 49 | 			dwLastError = GetLastError();
 50 | 			if (启动服务 || dwLastError == ERROR_SERVICE_ALREADY_RUNNING)
 51 | 			{
 52 | 				result = true;
 53 | 			}
 54 | 			else
 55 | 			{
 56 | 				CloseServiceHandle(hService);
 57 | 			}
 58 | 		}
 59 | 		else
 60 | 		{
 61 | 			CloseServiceHandle(hSCManager);
 62 | 		}
 63 | 		
 64 | 	}
 65 | 	return result;
 66 | }
 67 | 
 68 | //example: \\\\.\\xxoo
 69 | BOOL Driver::OpenDriver(LPCWSTR pLinkName)
 70 | {
 71 | 	if (hDriver != INVALID_HANDLE_VALUE)
 72 | 	{
 73 | 		return true;
 74 | 	}
 75 | 	hDriver = CreateFile(pLinkName, GENERIC_READ | GENERIC_WRITE, 0, 0, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0);
 76 | 	if (hDriver != INVALID_HANDLE_VALUE)
 77 | 	{
 78 | 		return true;
 79 | 	}
 80 | 	return false;
 81 | }
 82 | 
 83 | BOOL Driver::UnLoadDriver(LPCWSTR 服务名) {
 84 | 
 85 | 	BOOL result = false;
 86 | 
 87 | 	if (hSCManager != NULL) {
 88 | 		if (hService != NULL) {
 89 | 			SERVICE_STATUS ss;
 90 | 			if (ControlService(hService, SERVICE_CONTROL_STOP, &ss))  // 停止运行
 91 | 			{
 92 | 				DeleteService(hService);
 93 | 				CloseServiceHandle(hService);
 94 | 				result = true;
 95 | 			}
 96 | 		}
 97 | 		CloseServiceHandle(hSCManager);
 98 | 	}
 99 | 
100 | 	return result;
101 | }
102 | 
103 | BOOL Driver::IoControl(DWORD dwIoCode, PVOID InBuff, DWORD InBuffLen, PVOID OutBuff, DWORD OutBuffLen, DWORD* RealRetBytes)
104 | {
105 | 	return DeviceIoControl(hService, dwIoCode, InBuff, InBuffLen, OutBuff, OutBuffLen, RealRetBytes, NULL);
106 | }


--------------------------------------------------------------------------------
/WeGame/Api读写.cpp:
--------------------------------------------------------------------------------
  1 | #include "pch.h"
  2 | #include <winsvc.h>
  3 | #include "tlhelp32.h"
  4 | #include "Api读写.h"
  5 | 
  6 | LPVOID ApiReadWrite::申请内存64(DWORD 进程ID, DWORD 申请长度) {
  7 | 	HANDLE 进程句柄 = ::OpenProcess(PROCESS_ALL_ACCESS, 0, 进程ID);
  8 | 	LPVOID 内存地址 = VirtualAllocEx(进程句柄, 0, 申请长度, 4096, 64);
  9 | 	CloseHandle(进程句柄);
 10 | 	return 内存地址;
 11 | }
 12 | 
 13 | BOOL ApiReadWrite::进程_读字节集(DWORD 进程ID, DWORD64 地址, PVOID 返回值, INT32 写入长度) {
 14 | 	HANDLE hProcess = ::OpenProcess(PROCESS_ALL_ACCESS, NULL, 进程ID);
 15 | 	if (hProcess == NULL) {
 16 | 		return FALSE;
 17 | 	}
 18 | 
 19 | 	BOOL result = ::ReadProcessMemory(hProcess, (LPVOID)地址, 返回值, 写入长度, NULL);
 20 | 	if (result == false)
 21 | 	{
 22 | 		return 0;
 23 | 	}
 24 | 	::CloseHandle(hProcess);
 25 | 	return result;
 26 | }
 27 | BOOL ApiReadWrite::进程_写字节集(DWORD 进程ID, DWORD64 地址, PVOID 写入值, INT32 写入长度) {
 28 | 
 29 | 	HANDLE hProcess = ::OpenProcess(PROCESS_ALL_ACCESS, NULL, 进程ID);
 30 | 	if (hProcess == NULL) {
 31 | 		return FALSE;
 32 | 	}
 33 | 
 34 | 	BOOL result = ::WriteProcessMemory(hProcess, (LPVOID)地址, 写入值, 写入长度, NULL);
 35 | 	if (result == false)
 36 | 	{
 37 | 		return 0;
 38 | 	}
 39 | 	::CloseHandle(hProcess);
 40 | 	return result;
 41 | }
 42 | 
 43 | DWORD ApiReadWrite::读整数型(DWORD 进程ID, DWORD64 地址)
 44 | {
 45 | 	DWORD result;
 46 | 	进程_读字节集(进程ID, 地址, &result, sizeof(result));
 47 | 	return result;
 48 | }
 49 | BOOL ApiReadWrite::写整数型(DWORD 进程ID, DWORD64 地址, DWORD 数据)
 50 | {
 51 | 	return 进程_写字节集(进程ID, 地址, &数据, sizeof(数据));
 52 | }
 53 | 
 54 | DWORD64 ApiReadWrite::读长整数型(DWORD 进程ID, DWORD64 地址)
 55 | {
 56 | 	DWORD64 result;
 57 | 	进程_读字节集(进程ID, 地址, &result, sizeof(result));
 58 | 	return result;
 59 | }
 60 | BOOL ApiReadWrite::写长整数型(DWORD 进程ID, DWORD64 地址, DWORD64 数据)
 61 | {
 62 | 	return 进程_写字节集(进程ID, 地址, &数据, sizeof(数据));
 63 | }
 64 | 
 65 | vector<BYTE> ApiReadWrite::读字节数组(DWORD 进程ID, DWORD64 地址, INT32 长度)
 66 | {
 67 | 	vector<BYTE> result;
 68 | 
 69 | 	HANDLE hProcess = ::OpenProcess(PROCESS_ALL_ACCESS, NULL, 进程ID);
 70 | 	if (hProcess == NULL) {
 71 | 		return result;
 72 | 	}
 73 | 
 74 | 	BYTE* tempResult = new BYTE[(__int64)长度 + 1];
 75 | 
 76 | 	memset(tempResult, 0, 长度);
 77 | 	ReadProcessMemory(hProcess, (LPVOID)地址, tempResult, 长度, NULL);
 78 | 	CloseHandle(hProcess);
 79 | 
 80 | 	result.resize(长度);
 81 | 	for (int i = 0; i < 长度; i++)
 82 | 	{
 83 | 		result[i] = tempResult[i];
 84 | 	}
 85 | 	return result;
 86 | }
 87 | // API_写字节集(任务地址, { 0x90, 0x90, 0x90, 0x90, 0x90 });
 88 | BOOL ApiReadWrite::写字节数组(DWORD 进程ID, DWORD64 地址, vector<byte> 值)
 89 | {
 90 | 	HANDLE hProcess = ::OpenProcess(PROCESS_ALL_ACCESS, NULL, 进程ID);
 91 | 	if (hProcess == NULL) {
 92 | 		return FALSE;
 93 | 	}
 94 | 
 95 | 	int length;
 96 | 	length = (int)值.size();
 97 | 	byte* val = new byte[length]();
 98 | 	for (int i = 0; i < length; i++)
 99 | 	{
100 | 		val[i] = 值[i];
101 | 	}
102 | 	WriteProcessMemory(hProcess, (LPVOID)地址, (LPCVOID)val, length, 0);
103 | 	CloseHandle(hProcess);
104 | 	return TRUE;
105 | }


--------------------------------------------------------------------------------
/WeGame/自动.cpp:
--------------------------------------------------------------------------------
  1 | #include "pch.h"
  2 | #include "自动.h"
  3 | 
  4 | #include "公用.h"
  5 | #include "读写.h"
  6 | #include "公告.h"
  7 | #include "判断.h"
  8 | #include "游戏Call.h"
  9 | #include "组包.h"
 10 | #include "寻路.h"
 11 | 
 12 | // 自动开关
 13 | static bool automaticSwitch;
 14 | // 自动线程句柄
 15 | HANDLE threadHandle = NULL;
 16 | 
 17 | VOID 自动开关() {
 18 | 	automaticSwitch = !automaticSwitch;
 19 | 	if (automaticSwitch == true)
 20 | 	{
 21 | 		threadHandle = ::_CreateThread(&自动线程);
 22 | 		游戏公告("自动刷图 - 启动", 2);
 23 | 		return;
 24 | 	}
 25 | 
 26 | 	if (automaticSwitch == false && threadHandle != NULL)
 27 | 	{
 28 | 		_DeleteThread(threadHandle);
 29 | 		游戏公告("自动刷图 - 关闭", 2);
 30 | 	}
 31 | }
 32 | 
 33 | VOID 自动线程() {
 34 | 	static bool 首次进图 = false;
 35 | 
 36 | 	while (true)
 37 | 	{
 38 | 		Sleep(200);
 39 | 		if (取游戏状态() == 0)
 40 | 		{
 41 | 			Sleep(200);
 42 | 			进入城镇();
 43 | 			continue;
 44 | 		}
 45 | 		if (取游戏状态() == 1 && 取是否城镇() == true)
 46 | 		{
 47 | 			城镇处理();
 48 | 			continue;
 49 | 		}
 50 | 
 51 | 		if (取游戏状态() == 2)
 52 | 		{
 53 | 			进入副本(_ReadConfig(L"自动配置", L"副本编号"), 0);
 54 | 			continue;
 55 | 		}
 56 | 
 57 | 		if (取游戏状态() == 3)
 58 | 		{
 59 | 			if (首次进图 == false)
 60 | 			{
 61 | 				透明Call(_ReadInt(取人物基质()));
 62 | 				首次进图 = true;
 63 | 			}
 64 | 
 65 | 			if (取是否开门() == true && 取是否BOSS房() == false)
 66 | 			{
 67 | 				// 物品入包();
 68 | 				模拟顺图();
 69 | 				continue;
 70 | 			}
 71 | 			if (取是否BOSS房() == true)
 72 | 			{
 73 | 				if (取是否通关() == true || 取是否通关() == true)
 74 | 				{
 75 | 					退出副本();
 76 | 					首次进图 = false;
 77 | 				}
 78 | 			}
 79 | 		}
 80 | 	}
 81 | }
 82 | 
 83 | VOID 进入城镇() {
 84 | 	static int 全_已刷角色;
 85 | 	if (全_已刷角色 + 1 > 32) {
 86 | 		监控(L"指定角色完成所有角色");
 87 | 		_DeleteThread(threadHandle);
 88 | 		游戏公告("自动线程 - 关闭", 1);
 89 | 		return;
 90 | 	}
 91 | 
 92 | 	全_已刷角色++;
 93 | 	组包选择角色(全_已刷角色);
 94 | 	监控(L"进入角色[" + _IntToCString(全_已刷角色) + L"]");
 95 | 	监控(L"开始第[" + _IntToCString(全_已刷角色) + L"] 个角色, 剩余疲劳[" + _IntToCString(取疲劳值()) + L"]");
 96 | 	Sleep(200);
 97 | 	do
 98 | 	{
 99 | 		if (取游戏状态() == 1) {
100 | 			break;
101 | 		}
102 | 		Sleep(500);
103 | 	} while (取游戏状态() == 0);
104 | }
105 | 
106 | VOID 城镇处理() {
107 | 	if (取疲劳值() < 8)
108 | 	{
109 | 		返回角色();
110 | 		return;
111 | 	}
112 | 	区域Call(_ReadConfig(L"自动配置", L"副本编号"));
113 | 	Sleep(200);
114 | 	进入选图();
115 | }
116 | 
117 | VOID 进入选图()
118 | {
119 | 	do
120 | 	{
121 | 		Sleep(200);
122 | 		组包选图();
123 | 		for (int i = 1; i <= 10; i++)
124 | 		{
125 | 			Sleep(500);
126 | 			if (取游戏状态() == 2) {
127 | 				return;
128 | 			}
129 | 		}
130 | 	} while (取游戏状态() == 1);
131 | }
132 | 
133 | VOID 返回角色() {
134 | 	监控(L"疲劳值不足 · 即将切换角色");
135 | 	Sleep(100);
136 | 	组包返回角色();
137 | 	Sleep(500);
138 | 	do
139 | 	{
140 | 		if (取游戏状态() == 0) {
141 | 			break;
142 | 		}
143 | 		Sleep(500);
144 | 	} while (取游戏状态() == 1);
145 | }
146 | 
147 | VOID 进入副本(int 副本编号, int 副本难度) {
148 | 	if (副本难度 == 5)
149 | 	{
150 | 		if (副本编号 < 10 || 副本编号 == 1000)
151 | 		{
152 | 			组包进图(副本编号, 副本难度, 0, 0);
153 | 		}
154 | 		else
155 | 		{
156 | 			组包进图(副本编号, 4, 0, 0);
157 | 			组包进图(副本编号, 3, 0, 0);
158 | 			组包进图(副本编号, 2, 0, 0);
159 | 			组包进图(副本编号, 1, 0, 0);
160 | 			组包进图(副本编号, 0, 0, 0);
161 | 		}
162 | 	}
163 | 	else
164 | 	{
165 | 		组包进图(副本编号, 副本难度, 0, 0);
166 | 	}
167 | 	do
168 | 	{
169 | 		Sleep(200);
170 | 		for (int i = 1; i <= 10; i++)
171 | 		{
172 | 			Sleep(500);
173 | 			if (取游戏状态() == 3) break;
174 | 		}
175 | 	} while (取游戏状态() == 2);
176 | }
177 | 
178 | VOID 模拟顺图()
179 | {
180 | 	if (取是否开门() == false || 取是否BOSS房() == true)
181 | 	{
182 | 		return;
183 | 	}
184 | 	地图数据 局_地图数据 = 寻路_地图数据();
185 | 	if (sizeof(局_地图数据.地图走法) >= 2)
186 | 	{
187 | 		int 过图方向 = 寻路_计算方向(局_地图数据.地图走法[0], 局_地图数据.地图走法[1]);
188 | 		int 顺图方式 = _ReadConfig(L"自动配置", L"顺图方式");
189 | 		if (顺图方式 == 1)
190 | 		{
191 | 			组包_顺图(过图方向);
192 | 		}
193 | 		if (顺图方式 == 2) {
194 | 			坐标_顺图(过图方向);
195 | 		}
196 | 	}
197 | }
198 | 
199 | VOID 通关计次()
200 | {
201 | 	int 通关计次 = _ReadConfig(L"计次", L"次数");
202 | 	通关计次++;
203 | 	_WriteConfig(L"计次", L"次数", _IntToCString(通关计次));
204 | 
205 | 	监控(L"当前副本 [ " + 取地图名称() + L" ]");
206 | 	监控(L"自动刷图 [" + _IntToCString(通关计次) + L" ]" + L"剩余疲劳 [" + _IntToCString(取疲劳值()) + L" ]");
207 | }
208 | 
209 | VOID 退出副本()
210 | {
211 | 	通关计次();
212 | 	Sleep(200);
213 | 	//物品入包();
214 | 	do
215 | 	{
216 | 		组包翻牌(0, _Rand(0, 3));
217 | 		Sleep(200);
218 | 		组包出图();
219 | 		Sleep(200);
220 | 	} while (取游戏状态() == 3 || 取是否城镇() == false);
221 | }


--------------------------------------------------------------------------------
/WeGame/WeGame.vcxproj.filters:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup>
  4 |     <Filter Include="源文件">
  5 |       <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
  6 |       <Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
  7 |     </Filter>
  8 |     <Filter Include="头文件">
  9 |       <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
 10 |       <Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
 11 |     </Filter>
 12 |     <Filter Include="资源文件">
 13 |       <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
 14 |       <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
 15 |     </Filter>
 16 |   </ItemGroup>
 17 |   <ItemGroup>
 18 |     <ClInclude Include="WeGame.h">
 19 |       <Filter>头文件</Filter>
 20 |     </ClInclude>
 21 |     <ClInclude Include="WeGameDlg.h">
 22 |       <Filter>头文件</Filter>
 23 |     </ClInclude>
 24 |     <ClInclude Include="framework.h">
 25 |       <Filter>头文件</Filter>
 26 |     </ClInclude>
 27 |     <ClInclude Include="targetver.h">
 28 |       <Filter>头文件</Filter>
 29 |     </ClInclude>
 30 |     <ClInclude Include="Resource.h">
 31 |       <Filter>头文件</Filter>
 32 |     </ClInclude>
 33 |     <ClInclude Include="pch.h">
 34 |       <Filter>头文件</Filter>
 35 |     </ClInclude>
 36 |     <ClInclude Include="Api读写.h">
 37 |       <Filter>头文件</Filter>
 38 |     </ClInclude>
 39 |     <ClInclude Include="公用.h">
 40 |       <Filter>头文件</Filter>
 41 |     </ClInclude>
 42 |     <ClInclude Include="公告.h">
 43 |       <Filter>头文件</Filter>
 44 |     </ClInclude>
 45 |     <ClInclude Include="功能.h">
 46 |       <Filter>头文件</Filter>
 47 |     </ClInclude>
 48 |     <ClInclude Include="自动.h">
 49 |       <Filter>头文件</Filter>
 50 |     </ClInclude>
 51 |     <ClInclude Include="读写.h">
 52 |       <Filter>头文件</Filter>
 53 |     </ClInclude>
 54 |     <ClInclude Include="游戏Call.h">
 55 |       <Filter>头文件</Filter>
 56 |     </ClInclude>
 57 |     <ClInclude Include="Driver.h">
 58 |       <Filter>头文件</Filter>
 59 |     </ClInclude>
 60 |     <ClInclude Include="VuDriver.h">
 61 |       <Filter>头文件</Filter>
 62 |     </ClInclude>
 63 |     <ClInclude Include="Ioc.h">
 64 |       <Filter>头文件</Filter>
 65 |     </ClInclude>
 66 |     <ClInclude Include="Address.h">
 67 |       <Filter>头文件</Filter>
 68 |     </ClInclude>
 69 |     <ClInclude Include="寻路.h">
 70 |       <Filter>头文件</Filter>
 71 |     </ClInclude>
 72 |     <ClInclude Include="遍历.h">
 73 |       <Filter>头文件</Filter>
 74 |     </ClInclude>
 75 |     <ClInclude Include="判断.h">
 76 |       <Filter>头文件</Filter>
 77 |     </ClInclude>
 78 |     <ClInclude Include="结构.h">
 79 |       <Filter>头文件</Filter>
 80 |     </ClInclude>
 81 |     <ClInclude Include="组包.h">
 82 |       <Filter>头文件</Filter>
 83 |     </ClInclude>
 84 |   </ItemGroup>
 85 |   <ItemGroup>
 86 |     <ClCompile Include="WeGame.cpp">
 87 |       <Filter>源文件</Filter>
 88 |     </ClCompile>
 89 |     <ClCompile Include="WeGameDlg.cpp">
 90 |       <Filter>源文件</Filter>
 91 |     </ClCompile>
 92 |     <ClCompile Include="pch.cpp">
 93 |       <Filter>源文件</Filter>
 94 |     </ClCompile>
 95 |     <ClCompile Include="Api读写.cpp">
 96 |       <Filter>源文件</Filter>
 97 |     </ClCompile>
 98 |     <ClCompile Include="公用.cpp">
 99 |       <Filter>源文件</Filter>
100 |     </ClCompile>
101 |     <ClCompile Include="公告.cpp">
102 |       <Filter>源文件</Filter>
103 |     </ClCompile>
104 |     <ClCompile Include="功能.cpp">
105 |       <Filter>源文件</Filter>
106 |     </ClCompile>
107 |     <ClCompile Include="自动.cpp">
108 |       <Filter>源文件</Filter>
109 |     </ClCompile>
110 |     <ClCompile Include="读写.cpp">
111 |       <Filter>源文件</Filter>
112 |     </ClCompile>
113 |     <ClCompile Include="游戏Call.cpp">
114 |       <Filter>源文件</Filter>
115 |     </ClCompile>
116 |     <ClCompile Include="Driver.cpp">
117 |       <Filter>源文件</Filter>
118 |     </ClCompile>
119 |     <ClCompile Include="VuDriver.cpp">
120 |       <Filter>源文件</Filter>
121 |     </ClCompile>
122 |     <ClCompile Include="寻路.cpp">
123 |       <Filter>源文件</Filter>
124 |     </ClCompile>
125 |     <ClCompile Include="遍历.cpp">
126 |       <Filter>源文件</Filter>
127 |     </ClCompile>
128 |     <ClCompile Include="判断.cpp">
129 |       <Filter>源文件</Filter>
130 |     </ClCompile>
131 |     <ClCompile Include="组包.cpp">
132 |       <Filter>源文件</Filter>
133 |     </ClCompile>
134 |   </ItemGroup>
135 |   <ItemGroup>
136 |     <ResourceCompile Include="WeGame.rc">
137 |       <Filter>资源文件</Filter>
138 |     </ResourceCompile>
139 |   </ItemGroup>
140 |   <ItemGroup>
141 |     <None Include="res\WeGame.rc2">
142 |       <Filter>资源文件</Filter>
143 |     </None>
144 |   </ItemGroup>
145 |   <ItemGroup>
146 |     <Image Include="res\WeGame.ico">
147 |       <Filter>资源文件</Filter>
148 |     </Image>
149 |   </ItemGroup>
150 | </Project>


--------------------------------------------------------------------------------
/WeGame/游戏Call.cpp:
--------------------------------------------------------------------------------
  1 | #include "pch.h"
  2 | #include "游戏Call.h"
  3 | 
  4 | #include "读写.h"
  5 | #include "公用.h"
  6 | #include "判断.h"
  7 | #include "组包.h"
  8 | 
  9 | VOID 汇编执行(ByteArr 汇编代码)
 10 | {
 11 | 	__int64 static 局_空白地址;
 12 | 	if (局_空白地址 == 0)
 13 | 	{
 14 | 		局_空白地址 = (__int64)_ApplyMemory(1024);
 15 | 	}
 16 | 	__int64 汇编中转 = 局_空白地址 + 300;
 17 | 	__int64 空白地址 = 局_空白地址 + 500;
 18 | 	__int64 判断地址 = 空白地址 - 100;
 19 | 	static bool 异步执行;
 20 | 	if (异步执行) {
 21 | 		return;
 22 | 	}
 23 | 	异步执行 = true;
 24 | 
 25 | 	__int64 Hook汇编 = 汇编CALL;
 26 | 	Hook汇编 = Hook汇编 + 144;
 27 | 	__int64 Hook跳回 = Hook汇编 + 19;
 28 | 	ByteArr Hook数据 = _ReadByteArr(Hook汇编, 19);
 29 | 	ByteArr Hook原数据 = Hook数据;
 30 | 
 31 | 	Hook数据 = _AppendToBytes(Hook数据, ByteArr{ 72, 184 });
 32 | 	Hook数据 = _AppendToBytes(Hook数据, _IntToBytes(判断地址, 8));
 33 | 
 34 | 	Hook数据 = _AppendToBytes(Hook数据, ByteArr{ 131, 56, 1, 117, 42, 72, 129, 236, 0, 3, 0, 0 });
 35 | 
 36 | 	Hook数据 = _AppendToBytes(Hook数据, ByteArr{ 72, 187 });
 37 | 	Hook数据 = _AppendToBytes(Hook数据, _IntToBytes(空白地址, 8));
 38 | 
 39 | 	Hook数据 = _AppendToBytes(Hook数据, ByteArr{ 255, 211 });
 40 | 
 41 | 	Hook数据 = _AppendToBytes(Hook数据, ByteArr{ 72, 184 });
 42 | 	Hook数据 = _AppendToBytes(Hook数据, _IntToBytes(判断地址, 8));
 43 | 
 44 | 	Hook数据 = _AppendToBytes(Hook数据, ByteArr{ 199, 0, 3, 0, 0, 0 });
 45 | 	Hook数据 = _AppendToBytes(Hook数据, ByteArr{ 72, 129, 196, 0, 3, 0, 0 });
 46 | 
 47 | 	Hook数据 = _AppendToBytes(Hook数据, ByteArr{ 255, 37, 0, 0, 0, 0 });
 48 | 	Hook数据 = _AppendToBytes(Hook数据, _IntToBytes(Hook跳回, 8));
 49 | 
 50 | 	if (_ReadLong(汇编中转) == 0) {
 51 | 		_WriteByteArr(汇编中转, Hook数据);
 52 | 	}
 53 | 	Hook数据.clear();
 54 | 
 55 | 	_WriteByteArr(空白地址, _AppendToBytes(汇编代码, ByteArr{ 195 }));
 56 | 	ByteArr tmp = { 255, 37, 0, 0, 0, 0 };
 57 | 	tmp = _AppendToBytes(tmp, _IntToBytes(汇编中转, 8));
 58 | 	tmp = _AppendToBytes(tmp, ByteArr{ 144, 144, 144, 144, 144 });
 59 | 	_WriteByteArr(Hook汇编, tmp);
 60 | 	_WriteLong(判断地址, 1);
 61 | 	while (_ReadLong(判断地址) == 1)
 62 | 	{
 63 | 		Sleep(10);
 64 | 	}
 65 | 	_WriteByteArr(Hook汇编, Hook原数据);
 66 | 	_WriteByteArr(空白地址, 取空白ByteArr(sizeof(汇编代码) + 16));
 67 | 
 68 | 	异步执行 = false;
 69 | }
 70 | 
 71 | 
 72 | VOID 技能Call(__int64 触发指针, int 技能代码, int 技能伤害, int x, int y, int z, int 大小) {
 73 | 	__int64 static 局_空白地址;
 74 | 	if (局_空白地址 == 0)
 75 | 	{
 76 | 		局_空白地址 = (__int64)_ApplyMemory(1024);
 77 | 	}
 78 | 	__int64 空白地址 = 局_空白地址;
 79 | 	int 技能大小 = 1;
 80 | 	_WriteLong(空白地址, 触发指针);
 81 | 	_WriteInt(空白地址 + 16, 技能代码);
 82 | 	_WriteLong(空白地址 + 20, 技能伤害);
 83 | 	_WriteInt(空白地址 + 32, x);
 84 | 	_WriteInt(空白地址 + 36, y);
 85 | 	_WriteInt(空白地址 + 40, z);
 86 | 	_WriteInt(空白地址 + 140, 技能大小);
 87 | 	_WriteInt(空白地址 + 144, 65535);
 88 | 	_WriteInt(空白地址 + 148, 65535);
 89 | 	ByteArr shellCode = { 72, 129, 236, 0, 2, 0, 0 };
 90 | 	shellCode = _AppendToBytes(shellCode, _AppendToBytes({ 72, 185 }, _IntToBytes(空白地址, 8)));
 91 | 	shellCode = _AppendToBytes(shellCode, _AppendToBytes({ 72, 184 }, _IntToBytes(技能CALL, 8)));
 92 | 	shellCode = _AppendToBytes(shellCode, { 255, 208, 72, 129, 196, 0, 2, 0, 0 });
 93 | 	汇编执行(shellCode);
 94 | 	shellCode.clear();
 95 | }
 96 | 
 97 | VOID  透明Call(__int64 对象指针)
 98 | {
 99 | 	ByteArr shellCode = { 72, 129, 236, 0, 2, 0, 0 };
100 | 	shellCode = _AppendToBytes(shellCode, { 65, 191, 255, 255, 255, 255 });
101 | 	shellCode = _AppendToBytes(shellCode, { 199, 68, 36, 32, 255, 255, 0, 0 });
102 | 	shellCode = _AppendToBytes(shellCode, { 65, 185, 1, 0, 0, 0 });
103 | 	shellCode = _AppendToBytes(shellCode, { 73, 184, 1, 0, 0, 0, 0, 0, 0, 0 });
104 | 	shellCode = _AppendToBytes(shellCode, { 186, 1, 0, 0, 0 });
105 | 	shellCode = _AppendToBytes(shellCode, _AppendToBytes({ 72, 185 }, _IntToBytes(对象指针, 8)));
106 | 	shellCode = _AppendToBytes(shellCode, _AppendToBytes({ 72, 184 }, _IntToBytes(透明CALL, 8)));
107 | 	shellCode = _AppendToBytes(shellCode, { 255, 208, 72, 129, 196, 0, 2, 0, 0 });
108 | 	汇编执行(shellCode);
109 | 	shellCode.clear();
110 | }
111 | 
112 | VOID 评分Call(int Value)
113 | {
114 | 	加密(_ReadLong(评分基址) + 加密评分, Value);
115 | }
116 | 
117 | __int64 取人物指针Call(__int64 空白地址)
118 | {
119 | 	ByteArr shellCode = { 72, 131, 236, 100 };  // sub rsp,100
120 | 
121 | 	shellCode = _AppendToBytes(shellCode, { 72, 184 });  // mov rax  人物call
122 | 	shellCode = _AppendToBytes(shellCode, _IntToBytes(人物CALL, 8));
123 | 
124 | 	shellCode = _AppendToBytes(shellCode, { 255, 208 });  // CALL rax
125 | 
126 | 	shellCode = _AppendToBytes(shellCode, { 72, 163 });
127 | 	shellCode = _AppendToBytes(shellCode, _IntToBytes(空白地址, 8));
128 | 
129 | 	shellCode = _AppendToBytes(shellCode, { 72, 131, 196, 100 });  // add rsp,100
130 | 	汇编执行(shellCode);
131 | 	__int64 返回地址 = _ReadLong(空白地址);
132 | 	return 返回地址;
133 | }
134 | 
135 | __int64 取人物基质() {
136 | 	__int64 static 局_空白地址;
137 | 	if (局_空白地址 == 0)
138 | 	{
139 | 		局_空白地址 = (__int64)_ApplyMemory(1024);
140 | 	}
141 | 	__int64 空白地址 = 局_空白地址;
142 | 	__int64 人物指针 = 取人物指针Call(空白地址);
143 | 	return 空白地址;
144 | }
145 | 
146 | VOID 区域Call(int 地图编号)
147 | {
148 | 	__int64 局_区域基址 = _ReadLong(区域参数);
149 | 	__int64 局_区域CALL = 区域CALL;
150 | 
151 | 	ByteArr shellCode = { 72, 131, 236, 48 };
152 | 	shellCode = _AppendToBytes(shellCode, _AppendToBytes({ 65, 184 }, _IntToBytes(地图编号, 4)));
153 | 	shellCode = _AppendToBytes(shellCode, { 186, 174, 12, 0, 0 });
154 | 	shellCode = _AppendToBytes(shellCode, { 72, 184, 255, 255, 255, 255, 0, 0, 0, 0 });
155 | 	shellCode = _AppendToBytes(shellCode, _AppendToBytes({ 72, 185 }, _IntToBytes(区域参数, 8)));
156 | 	shellCode = _AppendToBytes(shellCode, { 72, 139, 9 });
157 | 	shellCode = _AppendToBytes(shellCode, _AppendToBytes({ 72, 184 }, _IntToBytes(局_区域CALL, 8)));
158 | 	shellCode = _AppendToBytes(shellCode, { 255, 208, 72, 131, 196, 48 });
159 | 	汇编执行(shellCode);
160 | 	shellCode.clear();
161 | 
162 | 	int 大区域 = _ReadInt(局_区域基址 + 区域偏移 + 0);
163 | 	int 小区域 = _ReadInt(局_区域基址 + 区域偏移 + 4);
164 | 	int 城镇X = _ReadInt(局_区域基址 + 区域偏移 + 8);
165 | 	int 城镇Y = _ReadInt(局_区域基址 + 区域偏移 + 12);
166 | 	组包移动(大区域, 小区域, 城镇X, 城镇Y);
167 | }
168 | 
169 | VOID 坐标Call(int 对象横轴, int 对象纵轴, int 对象竖轴)
170 | {
171 | 	__int64 触发指针 = _ReadLong(取人物基质());
172 | 	if (触发指针 < 1) return;
173 | 
174 | 	ByteArr 汇编数据 = { 72, 129, 236, 0, 1, 0, 0 };
175 | 	汇编数据 = _AppendToBytes(汇编数据, _AppendToBytes({ 65, 185 }, _IntToBytes(对象竖轴, 4)));
176 | 	汇编数据 = _AppendToBytes(汇编数据, _AppendToBytes({ 65, 184 }, _IntToBytes(对象纵轴, 4)));
177 | 	汇编数据 = _AppendToBytes(汇编数据, _AppendToBytes({ 186 }, _IntToBytes(对象横轴, 4)));
178 | 	汇编数据 = _AppendToBytes(汇编数据, _AppendToBytes({ 72, 185 }, _IntToBytes(触发指针, 8)));
179 | 	汇编数据 = _AppendToBytes(汇编数据, { 72, 139, 1 });
180 | 	汇编数据 = _AppendToBytes(汇编数据, _AppendToBytes({ 255, 144 }, _IntToBytes(坐标CALL偏移, 8)));
181 | 	汇编数据 = _AppendToBytes(汇编数据, { 72, 129, 196, 0, 1, 0, 0 });
182 | 	汇编执行(汇编数据);
183 | 	汇编数据.clear();
184 | }
185 | 
186 | VOID 漂移Call(_int64 触发指针, int 对象横轴, int 对象纵轴, int 对象竖轴, int 速度)
187 | {
188 | 
189 | }
190 | 
191 | int 顺图Call(int 顺图方向)
192 | {
193 | 	__int64 static 局_空白地址;
194 | 	if (局_空白地址 == 0)
195 | 	{
196 | 		局_空白地址 = (__int64)_ApplyMemory(1024);
197 | 	}
198 | 	__int64 空白地址 = 局_空白地址;
199 | 	__int64 房间数据 = _ReadLong(_ReadLong(_ReadLong(房间编号) + 时间基址) + 顺图偏移);
200 | 	ByteArr shellCode = { 72, 129, 236, 0, 1, 0, 0 };
201 | 	shellCode = _AppendToBytes(shellCode, _AppendToBytes({ 72, 185 }, _IntToBytes(房间数据, 8)));
202 | 	shellCode = _AppendToBytes(shellCode, _AppendToBytes({ 186 }, _IntToBytes(顺图方向, 4)));
203 | 	shellCode = _AppendToBytes(shellCode, _AppendToBytes({ 72, 184 }, _IntToBytes(坐标顺图CALL, 8)));
204 | 	shellCode = _AppendToBytes(shellCode, { 255, 208 });
205 | 	shellCode = _AppendToBytes(shellCode, _AppendToBytes({ 72, 163 }, _IntToBytes(空白地址, 8)));
206 | 	shellCode = _AppendToBytes(shellCode, { 72, 129, 196, 0, 1, 0, 0 });
207 | 	汇编执行(shellCode);
208 | 	shellCode.clear();
209 | 	return _ReadInt(空白地址);
210 | }


--------------------------------------------------------------------------------
/WeGame/WeGameDlg.cpp:
--------------------------------------------------------------------------------
  1 | 
  2 | // WeGameDlg.cpp: 实现文件
  3 | 
  4 | #include "pch.h"
  5 | #include "framework.h"
  6 | #include "WeGame.h"
  7 | #include "WeGameDlg.h"
  8 | #include "afxdialogex.h"
  9 | 
 10 | #include "Driver.h"
 11 | #include "公用.h"
 12 | #include "功能.h"
 13 | #include "自动.h"
 14 | #include "读写.h"
 15 | #include "公告.h"
 16 | #include "游戏Call.h"
 17 | #include "寻路.h"
 18 | 
 19 | #ifdef _DEBUG
 20 | #define new DEBUG_NEW
 21 | #endif
 22 | 
 23 | 
 24 | // CWeGameDlg 对话框
 25 | CWeGameDlg::CWeGameDlg(CWnd* pParent /*=nullptr*/)
 26 | 	: CDialogEx(IDD_WEGAME_DIALOG, pParent)
 27 | {
 28 | 	m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME);
 29 | }
 30 | 
 31 | 
 32 | BEGIN_MESSAGE_MAP(CWeGameDlg, CDialogEx)
 33 | 	ON_WM_PAINT()
 34 | 	ON_WM_QUERYDRAGICON()
 35 | 	ON_BN_CLICKED(IDC_BUTTON2, &CWeGameDlg::激活)
 36 | 	ON_BN_CLICKED(IDC_BUTTON1, &CWeGameDlg::卸载)
 37 | 	ON_WM_HOTKEY()
 38 | 	ON_WM_NCHITTEST()
 39 | END_MESSAGE_MAP()
 40 | 
 41 | // 动态设置窗口标题动态设置窗口标题 start
 42 | DWORD WINAPI SetWindowTitle(PVOID pParam)
 43 | {
 44 | 	CWeGameDlg* weGameDlg = (CWeGameDlg*)pParam;
 45 | 	while (true)
 46 | 	{
 47 | 		SetWindowText(weGameDlg->GetSafeHwnd(), L"情歌 √ 当前时间：" + _GetCurrentTime());
 48 | 		Sleep(1000);
 49 | 	}
 50 | }
 51 | // 动态设置窗口标题 end
 52 | 
 53 | 
 54 | // CWeGameDlg 消息处理程序
 55 | BOOL CWeGameDlg::OnInitDialog()
 56 | {
 57 | 	CDialogEx::OnInitDialog();
 58 | 
 59 | 	// 设置此对话框的图标。  当应用程序主窗口不是对话框时，框架将自动
 60 | 	//  执行此操作
 61 | 	SetIcon(m_hIcon, TRUE);			// 设置大图标
 62 | 	SetIcon(m_hIcon, FALSE);		// 设置小图标
 63 | 
 64 | 	// TODO: 在此添加额外的初始化代码
 65 | 	// 
 66 | 	// SetWindowText(windowTitle);
 67 | 
 68 | 	// 启动线程设置窗口标题，需要传递窗口句柄
 69 | 	CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&SetWindowTitle, this, 0, 0);
 70 | 
 71 | 	CEdit* pEdit = (CEdit*)GetDlgItem(IDC_EDIT4);
 72 | 	int nLength = pEdit->GetWindowTextLength();
 73 | 	//选定当前文本的末端
 74 | 	pEdit->SetSel(nLength, nLength);
 75 | 	SetWindowPEdit(pEdit);
 76 | 
 77 | 	return TRUE;  // 除非将焦点设置到控件，否则返回 TRUE
 78 | }
 79 | 
 80 | // 如果向对话框添加最小化按钮，则需要下面的代码
 81 | //  来绘制该图标。  对于使用文档/视图模型的 MFC 应用程序，
 82 | //  这将由框架自动完成。
 83 | 
 84 | void CWeGameDlg::OnPaint()
 85 | {
 86 | 	if (IsIconic())
 87 | 	{
 88 | 		CPaintDC dc(this); // 用于绘制的设备上下文
 89 | 
 90 | 		SendMessage(WM_ICONERASEBKGND, reinterpret_cast<WPARAM>(dc.GetSafeHdc()), 0);
 91 | 
 92 | 		// 使图标在工作区矩形中居中
 93 | 		int cxIcon = GetSystemMetrics(SM_CXICON);
 94 | 		int cyIcon = GetSystemMetrics(SM_CYICON);
 95 | 		CRect rect;
 96 | 		GetClientRect(&rect);
 97 | 		int x = (rect.Width() - cxIcon + 1) / 2;
 98 | 		int y = (rect.Height() - cyIcon + 1) / 2;
 99 | 
100 | 		// 绘制图标
101 | 		dc.DrawIcon(x, y, m_hIcon);
102 | 	}
103 | 	else
104 | 	{
105 | 		CDialogEx::OnPaint();
106 | 	}
107 | }
108 | 
109 | //当用户拖动最小化窗口时系统调用此函数取得光标
110 | //显示。
111 | HCURSOR CWeGameDlg::OnQueryDragIcon()
112 | {
113 | 	return static_cast<HCURSOR>(m_hIcon);
114 | }
115 | 
116 | 
117 | Driver drive;
118 | 
119 | void CWeGameDlg::激活()
120 | {
121 | 	TCHAR szDrvPath[MAX_PATH];
122 | 	GetModuleFileName(NULL, szDrvPath, MAX_PATH);
123 | 	*(_tcsrchr(szDrvPath, _T('\\')) + 1) = _T('\0');
124 | 	_tcscat_s(szDrvPath, MAX_PATH, _T("Randw.sys"));
125 | 
126 | 	if (szDrvPath == NULL)
127 | 	{
128 | 		MessageBoxW(L"驱动文件未找到");
129 | 		//CDialogEx::OnCancel();
130 | 		return;
131 | 	}
132 | 
133 | 	BOOL result = drive.LoadDriver(szDrvPath, L"Drivecontrol", L"Drivecontrol");
134 | 	if (!result)
135 | 	{
136 | 		drive.UnLoadDriver(L"Drivecontrol");
137 | 		MessageBoxW(L"加载驱动失败");
138 | 		return;
139 | 	}
140 | 
141 | 	DWORD gameProcess = _GetProcessId(L"dnf.exe");
142 | 
143 | 	HWND gameHandle = ::FindWindowW(L"地下城与勇士", L"地下城与勇士");
144 | 
145 | 	if (gameProcess == 0)
146 | 	{
147 | 		监控(L"未启动游戏");
148 | 		return;
149 | 	}
150 | 
151 | 	_DebugStringW(L"gameProcess = %d ", gameProcess);
152 | 
153 | 	_SetProcessId(gameProcess, NULL);
154 | 
155 | 	// 设置热键
156 | 	RegisterHotKey(this->GetSafeHwnd(), 1000, 0, VK_F1);
157 | 	RegisterHotKey(this->GetSafeHwnd(), 1001, 0, VK_F2);
158 | 	RegisterHotKey(this->GetSafeHwnd(), 1002, 0, VK_F3);
159 | 	RegisterHotKey(this->GetSafeHwnd(), 1010, 0, VK_END);
160 | 	// 波浪
161 | 	RegisterHotKey(this->GetSafeHwnd(), 192, 0, VK_OEM_3);
162 | 
163 | 
164 | 	RegisterHotKey(this->GetSafeHwnd(), 1000, MOD_CONTROL, VK_UP);//上
165 | 	RegisterHotKey(this->GetSafeHwnd(), 1001, MOD_CONTROL, VK_DOWN);//下
166 | 	RegisterHotKey(this->GetSafeHwnd(), 1002, MOD_CONTROL, VK_LEFT);//左
167 | 	RegisterHotKey(this->GetSafeHwnd(), 1003, MOD_CONTROL, VK_RIGHT);//右
168 | 	RegisterHotKey(this->GetSafeHwnd(), 1004, MOD_ALT, VK_UP);//上
169 | 	RegisterHotKey(this->GetSafeHwnd(), 1005, MOD_ALT, VK_DOWN);//下
170 | 	RegisterHotKey(this->GetSafeHwnd(), 1006, MOD_ALT, VK_LEFT);//左
171 | 	RegisterHotKey(this->GetSafeHwnd(), 1007, MOD_ALT, VK_RIGHT);//右
172 | 
173 | 
174 | 	游戏公告("激活成功-欢迎使用", 1);
175 | 
176 | 	监控(L"F1 - 技能全屏");
177 | 	监控(L"F2 - 武器冰冻");
178 | 	监控(L"F3 - 自身倍攻");
179 | 	监控(L"~  - 无形秒杀");
180 | 	监控(L"End - 自动刷图");
181 | 
182 | 	_InitConfig();
183 | 	// 禁用激活按钮
184 | 	GetDlgItem(IDC_BUTTON2)->EnableWindow(false);
185 | }
186 | 
187 | void CWeGameDlg::卸载()
188 | {
189 | 	UnregisterHotKey(this->GetSafeHwnd(), 1000);
190 | 	UnregisterHotKey(this->GetSafeHwnd(), 1001);
191 | 	UnregisterHotKey(this->GetSafeHwnd(), 1002);
192 | 	UnregisterHotKey(this->GetSafeHwnd(), 1010);
193 | 	UnregisterHotKey(this->GetSafeHwnd(), 192);
194 | 
195 | 	UnregisterHotKey(this->GetSafeHwnd(), 10000);//上
196 | 	UnregisterHotKey(this->GetSafeHwnd(), 10001);//下
197 | 	UnregisterHotKey(this->GetSafeHwnd(), 10002);//左
198 | 	UnregisterHotKey(this->GetSafeHwnd(), 10003);//右
199 | 	UnregisterHotKey(this->GetSafeHwnd(), 10004);//上
200 | 	UnregisterHotKey(this->GetSafeHwnd(), 10005);//下
201 | 	UnregisterHotKey(this->GetSafeHwnd(), 10006);//左
202 | 	UnregisterHotKey(this->GetSafeHwnd(), 10007);//右
203 | 
204 | 	if (drive.UnLoadDriver(L"Drivecontrol") == FALSE) {
205 | 		_DebugStringW(L"驱动服务卸载失败");
206 | 	}
207 | 	_DebugStringW(L"驱动服务卸载完成");
208 | 
209 | 	MessageBoxW(L"助手以安全卸载");
210 | 
211 | 	// 关闭窗口界面
212 | 	AfxGetMainWnd()->SendMessage(WM_CLOSE);
213 | }
214 | 
215 | void CWeGameDlg::OnHotKey(UINT nHotKeyId, UINT nKey1, UINT nKey2)
216 | {
217 | 	// TODO: 在此添加消息处理程序代码和/或调用默认值
218 | 	switch (nHotKeyId) {
219 | 	case 1000:
220 | 		技能开关();
221 | 		break;
222 | 	case 1001:
223 | 		武器冰冻();
224 | 		break;
225 | 	case 1002:
226 | 		HOOK伤害();
227 | 		break;
228 | 	case 1010:
229 | 		自动开关();
230 | 		break;
231 | 	case 10000:
232 | 		组包_顺图(2);
233 | 		break;
234 | 	case 10001:
235 | 		组包_顺图(3);
236 | 		break;
237 | 	case 10002:
238 | 		组包_顺图(0);
239 | 		break;
240 | 	case 10003:
241 | 		组包_顺图(1);
242 | 		break;
243 | 	case 10004:
244 | 		坐标_顺图(2);
245 | 		break;
246 | 	case 10005:
247 | 		坐标_顺图(3);
248 | 		break;
249 | 	case 10006:
250 | 		坐标_顺图(0);
251 | 		break;
252 | 	case 10007:
253 | 		坐标_顺图(1);
254 | 		break;
255 | 	case 192:
256 | 		无形秒杀();
257 | 		break;
258 | 	}
259 | 	CDialogEx::OnHotKey(nHotKeyId, nKey1, nKey2);
260 | }
261 | 
262 | /*
263 | 屏蔽Esc和Enter 退出对话框
264 | */
265 | BOOL CWeGameDlg::PreTranslateMessage(MSG* pMsg)
266 | {
267 | 	// TODO: 在此添加专用代码和/或调用基类
268 | 	if ((pMsg->message == WM_KEYDOWN) && (pMsg->wParam == VK_RETURN))
269 | 	{
270 | 		return TRUE;
271 | 	}
272 | 	if ((pMsg->message == WM_KEYDOWN) && (pMsg->wParam == VK_ESCAPE))
273 | 	{
274 | 		return TRUE;
275 | 	}
276 | 	if ((pMsg->message == WM_KEYDOWN) && (pMsg->wParam == VK_TAB))
277 | 	{
278 | 		return TRUE;
279 | 	}
280 | 
281 | 	return CDialogEx::PreTranslateMessage(pMsg);
282 | }
283 | 
284 | 
285 | LRESULT CWeGameDlg::OnNcHitTest(CPoint point)
286 | {
287 | 	LRESULT ret = CDialog::OnNcHitTest(point);
288 | 
289 | 	if (HTTOP == ret || HTBOTTOM == ret || HTLEFT == ret || HTRIGHT == ret || HTBOTTOMLEFT == ret || HTBOTTOMRIGHT == ret || HTTOPLEFT == ret || HTTOPRIGHT == ret || HTCAPTION == ret) {
290 | 		return HTCLIENT;
291 | 	}
292 | 
293 | 	return ret;
294 | }
295 | 


--------------------------------------------------------------------------------
/WeGame/公用.cpp:
--------------------------------------------------------------------------------
  1 | #include "pch.h"
  2 | #include "公用.h"
  3 | 
  4 | DWORD _GetProcessId(LPCWSTR 进程) {
  5 | 	PROCESSENTRY32 pe;
  6 | 	pe.dwSize = sizeof(PROCESSENTRY32);
  7 | 
  8 | 	HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
  9 | 	if (INVALID_HANDLE_VALUE == hSnap) {
 10 | 		return 0;
 11 | 	}
 12 | 
 13 | 	if (Process32First(hSnap, &pe))
 14 | 	{
 15 | 		while (Process32Next(hSnap, &pe)) {
 16 | 			if (lstrcmpi(进程, pe.szExeFile) == 0) {
 17 | 				return pe.th32ProcessID;
 18 | 			}
 19 | 		}
 20 | 	}
 21 | 	CloseHandle(hSnap);
 22 | 	return 0;
 23 | }
 24 | 
 25 | CString _IntToCString(int value)
 26 | {
 27 | 	CString str;
 28 | 	str.Format(L"%d", value);
 29 | 	return str;
 30 | }
 31 | 
 32 | char* _AnsiToUnicode(char* str)
 33 | {
 34 | 	int dwNum = MultiByteToWideChar(CP_ACP, 0, str, -1, NULL, 0);
 35 | 	char* pwText;
 36 | 	pwText = new char[(__int64)dwNum * 2];
 37 | 	MultiByteToWideChar(CP_ACP, 0, str, -1, (LPWSTR)pwText, dwNum);
 38 | 	return pwText;
 39 | }
 40 | 
 41 | CString _UnicodeToAnsi(vector<byte> vby)
 42 | {
 43 | 	int length = (int)vby.size();
 44 | 	byte* str = new byte[vby.size()]();
 45 | 	for (int i = 0; i < length; ++i)
 46 | 	{
 47 | 		str[i] = vby[i];
 48 | 	}
 49 | 	length = length / 2;
 50 | 	length = ::WideCharToMultiByte(CP_ACP, NULL, (LPCWCH)str, length, NULL, 0, NULL, NULL);
 51 | 	char* resultCha = new char[(__int64)length + 1]();
 52 | 	::WideCharToMultiByte(CP_ACP, NULL, (LPCWCH)str, length, resultCha, length, NULL, NULL);
 53 | 	CString result(resultCha);
 54 | 	return result;
 55 | }
 56 | 
 57 | CString _GetDesktopPath()
 58 | {
 59 | 	char desktop[MAX_PATH];
 60 | 	::SHGetSpecialFolderPathA(0, desktop, CSIDL_DESKTOPDIRECTORY, 0);
 61 | 	CString path(desktop);
 62 | 	return path + L"\\";
 63 | }
 64 | VOID _WriteConfig(CString 节, CString 项, CString 值)
 65 | {
 66 | 	::WritePrivateProfileString(节, 项, 值, _GetDesktopPath() + L"WeGame.ini");
 67 | }
 68 | DWORD _ReadConfig(CString 节, CString 项)
 69 | {
 70 | 	DWORD  result;
 71 | 	result = GetPrivateProfileIntW(节, 项, 0, _GetDesktopPath() + L"WeGame.ini");
 72 | 	return result;
 73 | }
 74 | 
 75 | VOID _InitConfig()
 76 | {
 77 | 	_WriteConfig(L"自动配置", L"刷图方式", L"1");
 78 | 	_WriteConfig(L"自动配置", L"角色数量", L"1");
 79 | 	_WriteConfig(L"自动配置", L"副本编号", L"104");
 80 | 	_WriteConfig(L"自动配置", L"副本等级", L"4");
 81 | 	_WriteConfig(L"自动配置", L"顺图方式", L"1");
 82 | 
 83 | 	_WriteConfig(L"全屏配置", L"技能代码", L"70231");
 84 | 	_WriteConfig(L"全屏配置", L"技能伤害", L"5201314");
 85 | 	_WriteConfig(L"全屏配置", L"技能频率", L"500");
 86 | 	_WriteConfig(L"全屏配置", L"技能个数", L"3");
 87 | }
 88 | 
 89 | HANDLE _CreateThread(PVOID 线程子程序)
 90 | {
 91 | 	HANDLE handle = CreateThread(0, 0, (LPTHREAD_START_ROUTINE)线程子程序, NULL, 0, 0);
 92 | 	return handle;
 93 | }
 94 | BOOL _DeleteThread(HANDLE 线程句柄)
 95 | {
 96 | 	DWORD dwExitCode;
 97 | 	GetExitCodeThread(线程句柄, &dwExitCode);
 98 | 	return ::TerminateThread(线程句柄, dwExitCode);
 99 | }
100 | 
101 | //转换16进制
102 | BYTE _ConvertHexChar(BYTE ch)
103 | {
104 | 	if ((ch >= '0') && (ch <= '9'))
105 | 		return ch - 0x30;
106 | 	else if ((ch >= 'A') && (ch <= 'F'))
107 | 		return ch - 'A' + 10;
108 | 	else if ((ch >= 'a') && (ch <= 'f'))
109 | 		return ch - 'a' + 10;
110 | 	else
111 | 		return -1;
112 | }
113 | 
114 | //随机数，最小值-最大值
115 | INT _Rand(int min, int max)
116 | {
117 | 	int m;
118 | 	m = (max - min);
119 | 	m = min + (int)double(rand()) / RAND_MAX * m;
120 | 	return m;
121 | }
122 | 
123 | // 获取当前时间
124 | CString _GetCurrentTime() 
125 | {
126 | 	CTime tm(CTime::GetCurrentTime());
127 | 	return tm.Format(L"%Y年%m月%d日 %X");
128 | }
129 | 
130 | //使用示例：_DebugStringA("%d,%s",123,"hello");
131 | VOID _DebugStringA(const char* lpcszOutputString, ...) {
132 | 	string strResult;
133 | 	if (NULL != lpcszOutputString)
134 | 	{
135 | 		va_list marker = NULL;
136 | 		va_start(marker, lpcszOutputString); //初始化变量参数
137 | 		size_t nLength = (__int64)_vscprintf(lpcszOutputString, marker) + 1; //获取格式化字符串长度
138 | 		std::vector<char> vBuffer(nLength, '\0'); //创建用于存储格式化字符串的字符数组
139 | 		int nWritten = _vsnprintf_s(&vBuffer[0], vBuffer.size(), nLength, lpcszOutputString, marker);
140 | 		if (nWritten > 0)
141 | 		{
142 | 			strResult = &vBuffer[0];
143 | 		}
144 | 		va_end(marker); //重置变量参数
145 | 	}
146 | 	if (!strResult.empty())
147 | 	{
148 | 		string strFormated = "[WeGame] ";
149 | 		strFormated.append(strResult);
150 | 		OutputDebugStringA(strFormated.c_str());
151 | 	}
152 | }
153 | 
154 | //使用示例：MyOutputDebugStringW(L"%d,%s",456,L"world!");
155 | VOID _DebugStringW(const wchar_t* lpcwszOutputString, ...) {
156 | 	wstring strResult;
157 | 	if (NULL != lpcwszOutputString)
158 | 	{
159 | 		va_list marker = NULL;
160 | 		va_start(marker, lpcwszOutputString); //初始化变量参数
161 | 		size_t nLength = (__int64)_vscwprintf(lpcwszOutputString, marker) + 1; //获取格式化字符串长度
162 | 		std::vector<wchar_t> vBuffer(nLength, '\0'); //创建用于存储格式化字符串的字符数组
163 | 		int nWritten = _vsnwprintf_s(&vBuffer[0], vBuffer.size(), nLength, lpcwszOutputString, marker);
164 | 		if (nWritten > 0)
165 | 		{
166 | 			strResult = &vBuffer[0];
167 | 		}
168 | 		va_end(marker); //重置变量参数
169 | 	}
170 | 	if (!strResult.empty())
171 | 	{
172 | 		wstring strFormated = L"[WeGame] ";
173 | 		strFormated.append(strResult);
174 | 		OutputDebugStringW(strFormated.c_str());
175 | 	}
176 | }
177 | 
178 | // _IntToBytes(5527029768);
179 | vector<byte> _IntToBytes(DWORD64 num,int lenght)
180 | {
181 | 	vector<byte>bytes;
182 | 	for (int i = 0; i < lenght; i++)
183 | 	{
184 | 		int offset = i * 8;
185 | 		byte byteTmp = (num >> offset) & 0xFF;
186 | 		bytes.push_back(byteTmp);
187 | 	}
188 | 	return bytes;
189 | }
190 | 
191 | // byte数组转int：
192 | DWORD64 _BytesToInt64(const BYTE* bytes, int lenght)
193 | {
194 | 	DWORD64 num = 0;
195 | 	for (__int64 i = 0; i < lenght; i++)
196 | 	{
197 | 		DWORD64 offset = i * (__int64)8;
198 | 		num |= (bytes[i] & 0xFF) << offset;
199 | 	}
200 | 	return num;
201 | }
202 | 
203 | // byte数组转16进制字符串：
204 | string _BytesToHexStr(const unsigned char* bytes, const int length)
205 | {
206 | 	string buff = "";
207 | 	for (int i = 0; i < length; i++)
208 | 	{
209 | 		int high = bytes[i] / 16;
210 | 		int low = bytes[i] % 16;
211 | 		buff += (high < 10) ? ('0' + high) : ('A' + high - 10);
212 | 		buff += (low < 10) ? ('0' + low) : ('A' + low - 10);
213 | 	}
214 | 	return buff;
215 | }
216 | 
217 | 
218 | // 16进制字符串转byte数组：
219 | void _HexToBytes(const string hex, unsigned char* bytes)
220 | {
221 | 	int len = (int)hex.length() / 2;
222 | 	string strByte;
223 | 	unsigned int num;
224 | 	for (__int64 i = 0; i < len; i++)
225 | 	{
226 | 		strByte = hex.substr(i * 2, 2);
227 | 		sscanf_s(strByte.c_str(), "%x", &num);
228 | 		bytes[i] = num;
229 | 	}
230 | }
231 | 
232 | // 追加字节集 
233 | // vector<byte> oldBytes = { 255, 37, 0, 0, 0, 0 };
234 | // vector<byte> newBytes = { 144, 144, 144, 144, 144 };
235 | // vector<byte> Bytes = _AppendToBytes(oldBytes, newBytes);
236 | // vector<byte> Bytes1 = _AppendToBytes(Bytes, _IntToBytes(1111111111111, 4));
237 | ByteArr _AppendToBytes(ByteArr oldBytes, ByteArr newBytes)
238 | {
239 | 	ByteArr bytes = oldBytes;
240 | 	//if (oldBytes.size() == 0)
241 | 	//{
242 | 	//	return bytes;
243 | 	//}
244 | 	if (newBytes.size() == 0)
245 | 	{
246 | 		return bytes;
247 | 	}
248 | 
249 | 	for (u_int64 i = 1; i <= newBytes.size(); i++)
250 | 	{
251 | 		bytes.push_back(newBytes[i - (u_int64)1]);
252 | 	}
253 | 
254 | 	return bytes;
255 | }
256 | 
257 | ByteArr 取空白ByteArr(int num)
258 | {
259 | 	ByteArr res;
260 | 	for (size_t i = 0; i < num; i++)
261 | 	{
262 | 		res.push_back(0);
263 | 	}
264 | 	return res;
265 | }
266 | 
267 | ByteArr AnsiToUnicode(string str)
268 | {
269 | 	ByteArr Ret;
270 | 	DWORD dwNum = MultiByteToWideChar(936, 0, str.c_str(), -1, NULL, 0);
271 | 	byte* pwText;
272 | 	pwText = new  byte[dwNum * 2];
273 | 	MultiByteToWideChar(936, 0, str.c_str(), -1, (LPWSTR)pwText, dwNum * 2);
274 | 
275 | 	for (size_t i = 0; i < dwNum * 2; i++)
276 | 	{
277 | 		Ret.push_back(pwText[i]);
278 | 	}
279 | 	Ret.push_back(0);
280 | 	Ret.push_back(0);
281 | 	return Ret;
282 | }


--------------------------------------------------------------------------------
/WeGame/WeGame.vcxproj:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup Label="ProjectConfigurations">
  4 |     <ProjectConfiguration Include="Debug|Win32">
  5 |       <Configuration>Debug</Configuration>
  6 |       <Platform>Win32</Platform>
  7 |     </ProjectConfiguration>
  8 |     <ProjectConfiguration Include="Release|Win32">
  9 |       <Configuration>Release</Configuration>
 10 |       <Platform>Win32</Platform>
 11 |     </ProjectConfiguration>
 12 |     <ProjectConfiguration Include="Debug|x64">
 13 |       <Configuration>Debug</Configuration>
 14 |       <Platform>x64</Platform>
 15 |     </ProjectConfiguration>
 16 |     <ProjectConfiguration Include="Release|x64">
 17 |       <Configuration>Release</Configuration>
 18 |       <Platform>x64</Platform>
 19 |     </ProjectConfiguration>
 20 |   </ItemGroup>
 21 |   <PropertyGroup Label="Globals">
 22 |     <VCProjectVersion>16.0</VCProjectVersion>
 23 |     <ProjectGuid>{B9DC800B-E4B5-4E2A-A346-4B191FBDED85}</ProjectGuid>
 24 |     <Keyword>MFCProj</Keyword>
 25 |     <RootNamespace>WeGame</RootNamespace>
 26 |     <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
 27 |   </PropertyGroup>
 28 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
 29 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
 30 |     <ConfigurationType>Application</ConfigurationType>
 31 |     <UseDebugLibraries>true</UseDebugLibraries>
 32 |     <PlatformToolset>v142</PlatformToolset>
 33 |     <CharacterSet>Unicode</CharacterSet>
 34 |     <UseOfMfc>Dynamic</UseOfMfc>
 35 |   </PropertyGroup>
 36 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
 37 |     <ConfigurationType>Application</ConfigurationType>
 38 |     <UseDebugLibraries>false</UseDebugLibraries>
 39 |     <PlatformToolset>v142</PlatformToolset>
 40 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 41 |     <CharacterSet>Unicode</CharacterSet>
 42 |     <UseOfMfc>Dynamic</UseOfMfc>
 43 |   </PropertyGroup>
 44 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
 45 |     <ConfigurationType>Application</ConfigurationType>
 46 |     <UseDebugLibraries>true</UseDebugLibraries>
 47 |     <PlatformToolset>v142</PlatformToolset>
 48 |     <CharacterSet>Unicode</CharacterSet>
 49 |     <UseOfMfc>Dynamic</UseOfMfc>
 50 |   </PropertyGroup>
 51 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
 52 |     <ConfigurationType>Application</ConfigurationType>
 53 |     <UseDebugLibraries>false</UseDebugLibraries>
 54 |     <PlatformToolset>v142</PlatformToolset>
 55 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 56 |     <CharacterSet>Unicode</CharacterSet>
 57 |     <UseOfMfc>Dynamic</UseOfMfc>
 58 |   </PropertyGroup>
 59 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
 60 |   <ImportGroup Label="ExtensionSettings">
 61 |   </ImportGroup>
 62 |   <ImportGroup Label="Shared">
 63 |   </ImportGroup>
 64 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 65 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 66 |   </ImportGroup>
 67 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 68 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 69 |   </ImportGroup>
 70 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 71 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 72 |   </ImportGroup>
 73 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 74 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 75 |   </ImportGroup>
 76 |   <PropertyGroup Label="UserMacros" />
 77 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 78 |     <LinkIncremental>true</LinkIncremental>
 79 |   </PropertyGroup>
 80 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 81 |     <LinkIncremental>true</LinkIncremental>
 82 |   </PropertyGroup>
 83 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 84 |     <LinkIncremental>false</LinkIncremental>
 85 |   </PropertyGroup>
 86 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 87 |     <LinkIncremental>false</LinkIncremental>
 88 |   </PropertyGroup>
 89 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 90 |     <ClCompile>
 91 |       <PrecompiledHeader>Use</PrecompiledHeader>
 92 |       <WarningLevel>Level3</WarningLevel>
 93 |       <SDLCheck>true</SDLCheck>
 94 |       <PreprocessorDefinitions>WIN32;_WINDOWS;_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
 95 |       <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
 96 |     </ClCompile>
 97 |     <Link>
 98 |       <SubSystem>Windows</SubSystem>
 99 |     </Link>
100 |     <Midl>
101 |       <MkTypLibCompatible>false</MkTypLibCompatible>
102 |       <ValidateAllParameters>true</ValidateAllParameters>
103 |       <PreprocessorDefinitions>_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
104 |     </Midl>
105 |     <ResourceCompile>
106 |       <Culture>0x0804</Culture>
107 |       <PreprocessorDefinitions>_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
108 |       <AdditionalIncludeDirectories>$(IntDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
109 |     </ResourceCompile>
110 |   </ItemDefinitionGroup>
111 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
112 |     <ClCompile>
113 |       <PrecompiledHeader>Use</PrecompiledHeader>
114 |       <WarningLevel>Level3</WarningLevel>
115 |       <SDLCheck>true</SDLCheck>
116 |       <PreprocessorDefinitions>_WINDOWS;_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
117 |       <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
118 |     </ClCompile>
119 |     <Link>
120 |       <SubSystem>Windows</SubSystem>
121 |     </Link>
122 |     <Midl>
123 |       <MkTypLibCompatible>false</MkTypLibCompatible>
124 |       <ValidateAllParameters>true</ValidateAllParameters>
125 |       <PreprocessorDefinitions>_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
126 |     </Midl>
127 |     <ResourceCompile>
128 |       <Culture>0x0804</Culture>
129 |       <PreprocessorDefinitions>_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
130 |       <AdditionalIncludeDirectories>$(IntDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
131 |     </ResourceCompile>
132 |   </ItemDefinitionGroup>
133 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
134 |     <ClCompile>
135 |       <PrecompiledHeader>Use</PrecompiledHeader>
136 |       <WarningLevel>Level3</WarningLevel>
137 |       <FunctionLevelLinking>true</FunctionLevelLinking>
138 |       <IntrinsicFunctions>true</IntrinsicFunctions>
139 |       <SDLCheck>true</SDLCheck>
140 |       <PreprocessorDefinitions>WIN32;_WINDOWS;NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
141 |       <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
142 |     </ClCompile>
143 |     <Link>
144 |       <SubSystem>Windows</SubSystem>
145 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
146 |       <OptimizeReferences>true</OptimizeReferences>
147 |     </Link>
148 |     <Midl>
149 |       <MkTypLibCompatible>false</MkTypLibCompatible>
150 |       <ValidateAllParameters>true</ValidateAllParameters>
151 |       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
152 |     </Midl>
153 |     <ResourceCompile>
154 |       <Culture>0x0804</Culture>
155 |       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
156 |       <AdditionalIncludeDirectories>$(IntDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
157 |     </ResourceCompile>
158 |   </ItemDefinitionGroup>
159 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
160 |     <ClCompile>
161 |       <PrecompiledHeader>Use</PrecompiledHeader>
162 |       <WarningLevel>Level3</WarningLevel>
163 |       <FunctionLevelLinking>true</FunctionLevelLinking>
164 |       <IntrinsicFunctions>true</IntrinsicFunctions>
165 |       <SDLCheck>true</SDLCheck>
166 |       <PreprocessorDefinitions>_WINDOWS;NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
167 |       <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
168 |     </ClCompile>
169 |     <Link>
170 |       <SubSystem>Windows</SubSystem>
171 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
172 |       <OptimizeReferences>true</OptimizeReferences>
173 |     </Link>
174 |     <Midl>
175 |       <MkTypLibCompatible>false</MkTypLibCompatible>
176 |       <ValidateAllParameters>true</ValidateAllParameters>
177 |       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
178 |     </Midl>
179 |     <ResourceCompile>
180 |       <Culture>0x0804</Culture>
181 |       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
182 |       <AdditionalIncludeDirectories>$(IntDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
183 |     </ResourceCompile>
184 |   </ItemDefinitionGroup>
185 |   <ItemGroup>
186 |     <ClInclude Include="Address.h" />
187 |     <ClInclude Include="结构.h" />
188 |     <ClInclude Include="游戏Call.h" />
189 |     <ClInclude Include="framework.h" />
190 |     <ClInclude Include="寻路.h" />
191 |     <ClInclude Include="组包.h" />
192 |     <ClInclude Include="判断.h" />
193 |     <ClInclude Include="Ioc.h" />
194 |     <ClInclude Include="遍历.h" />
195 |     <ClInclude Include="pch.h" />
196 |     <ClInclude Include="Resource.h" />
197 |     <ClInclude Include="targetver.h" />
198 |     <ClInclude Include="WeGame.h" />
199 |     <ClInclude Include="WeGameDlg.h" />
200 |     <ClInclude Include="公告.h" />
201 |     <ClInclude Include="公用.h" />
202 |     <ClInclude Include="功能.h" />
203 |     <ClInclude Include="VuDriver.h" />
204 |     <ClInclude Include="自动.h" />
205 |     <ClInclude Include="读写.h" />
206 |     <ClInclude Include="Api读写.h" />
207 |     <ClInclude Include="Driver.h" />
208 |   </ItemGroup>
209 |   <ItemGroup>
210 |     <ClCompile Include="游戏Call.cpp" />
211 |     <ClCompile Include="寻路.cpp" />
212 |     <ClCompile Include="组包.cpp" />
213 |     <ClCompile Include="判断.cpp" />
214 |     <ClCompile Include="遍历.cpp" />
215 |     <ClCompile Include="pch.cpp">
216 |       <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
217 |       <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader>
218 |       <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>
219 |       <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">Create</PrecompiledHeader>
220 |     </ClCompile>
221 |     <ClCompile Include="WeGame.cpp" />
222 |     <ClCompile Include="WeGameDlg.cpp" />
223 |     <ClCompile Include="公告.cpp" />
224 |     <ClCompile Include="公用.cpp" />
225 |     <ClCompile Include="功能.cpp" />
226 |     <ClCompile Include="VuDriver.cpp" />
227 |     <ClCompile Include="自动.cpp" />
228 |     <ClCompile Include="读写.cpp" />
229 |     <ClCompile Include="Api读写.cpp" />
230 |     <ClCompile Include="Driver.cpp" />
231 |   </ItemGroup>
232 |   <ItemGroup>
233 |     <ResourceCompile Include="WeGame.rc" />
234 |   </ItemGroup>
235 |   <ItemGroup>
236 |     <None Include="res\WeGame.rc2" />
237 |   </ItemGroup>
238 |   <ItemGroup>
239 |     <Image Include="res\WeGame.ico" />
240 |   </ItemGroup>
241 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
242 |   <ImportGroup Label="ExtensionTargets">
243 |   </ImportGroup>
244 | </Project>


--------------------------------------------------------------------------------
/WeGame/VuDriver.cpp:
--------------------------------------------------------------------------------
  1 | #include "pch.h"
  2 | #include "VuDriver.h"
  3 | 
  4 | /*
  5 | BOOL CWeGameDlg::无忧驱动() {
  6 | 
  7 | 	if (!drive.OpenDriver(L"\\\\.\\vuDrv")) {
  8 | 		//MessageBoxW(L"Vu驱动文件打开异常");
  9 | 		return FALSE;
 10 | 	}
 11 | 
 12 | 	Vu驱动* vuDrive = new Vu驱动();
 13 | 
 14 | 	vuDrive->设置驱动句柄(drive.hDriver);
 15 | 	CHAR* key = "";
 16 | 
 17 | 	//激活驱动->校验驱动有效性(激活驱动)
 18 | 	LONG64 结果 = vuDrive->效验有效性(key);
 19 | 
 20 | 	if (结果 <= 0)
 21 | 	{
 22 | 		CString resMsg;
 23 | 		switch (结果)
 24 | 		{
 25 | 		case 0:
 26 | 			resMsg = "参数错误";
 27 | 			break;
 28 | 		case -1:
 29 | 			resMsg = "激活码不存在";
 30 | 			break;
 31 | 		case -2:
 32 | 			resMsg = "账户余额不足";
 33 | 			break;
 34 | 		case -3:
 35 | 			resMsg = "扣费失败";
 36 | 			break;
 37 | 		case -4:
 38 | 			resMsg = "网络错误";
 39 | 			break;
 40 | 		case -5:
 41 | 			resMsg = "驱动安装失败";
 42 | 			break;
 43 | 		case -6:
 44 | 			resMsg = "有效性效验失败";
 45 | 			break;
 46 | 		default:
 47 | 			resMsg = "未知错误";
 48 | 		}
 49 | 		return FALSE;
 50 | 	}
 51 | 
 52 | 	// 获取自身句柄
 53 | 	//HANDLE hWnd = AfxGetMainWnd()->GetSafeHwnd();
 54 | 
 55 | 	// VU_保护_安装();
 56 | 	// VU_保护_进程_开始(GetCurrentProcessId(), true);
 57 | 	// VU_保护_窗口_开始((DWORD64)hWnd, GetCurrentProcessId());
 58 | 	// VU_保护_游戏_开始((DWORD64)窗口句柄, 进程ID);
 59 | 
 60 | 	vuDrive->VU_内存_置读写模式(2, 0);
 61 | 
 62 | 	// 停止驱动服务
 63 | 	//CloseHandle(drive.hDriver);
 64 | 	//drive.hDriver = INVALID_HANDLE_VALUE;
 65 | 
 66 | 	return TRUE;
 67 | }*/
 68 | 
 69 | static HANDLE g_hDrv = INVALID_HANDLE_VALUE;
 70 | 
 71 | VOID Vu驱动::设置驱动句柄(HANDLE hDrv)
 72 | {
 73 | 	g_hDrv = hDrv;
 74 | 	return;
 75 | }
 76 | 
 77 | ULONG64 Vu驱动::效验有效性(const char* key)
 78 | {
 79 | 	IOCTL_BUFFER		pInfo = { 0 };
 80 | 	pInfo.Buf = (ULONG64)key;
 81 | 	ULONG64 返回数据 = 0;
 82 | 	DWORD				returnLegth = 0;
 83 | 
 84 | 	DeviceIoControl(g_hDrv, IOCTL_IO_FILE_CHECK, &pInfo, sizeof(pInfo), &返回数据, sizeof(返回数据), &returnLegth, NULL);
 85 | 
 86 | 	return 返回数据;
 87 | 
 88 | 	/*
 89 | 	返回数据 > 0 = (“载入驱动成功!”)
 90 | 	0 = (“参数错误 - 请检查DLL路径是否真实存在以及您的激活码是否正确”)
 91 | 	-1= (“激活码不存在”)
 92 | 	-2=(“账户余额不足”)
 93 | 	-3=(“扣费失败”)
 94 | 	-4=(“网络错误”)
 95 | 	-5=(“驱动安装失败”)
 96 | 	-6=(“有效性效验失败”)
 97 | 	其他(“未知错误”)
 98 | 	*/
 99 | 
100 | }
101 | 
102 | 
103 | ULONG64 Vu驱动::VU_内存_置读写模式(DWORD 模式, DWORD 类型)
104 | {
105 | 	BOOL				bResult = FALSE;
106 | 	ULONG64             returnCode = 0;
107 | 	DWORD				returnLegth = 0;
108 | 	IOCTL_BUFFER		pInfo = { 0 };
109 | 	pInfo.Addr = 模式;
110 | 	pInfo.Size = 类型;
111 | 	bResult = DeviceIoControl(g_hDrv, IOCTL_IO_MEMORY_MOD, &pInfo, sizeof(pInfo), &returnCode, sizeof(returnCode), &returnLegth, NULL);
112 | 	return returnCode;
113 | }
114 | 
115 | //枚举指定进程模块 
116 | DWORD64	Vu驱动::VU_内存_取模块基址(DWORD pid, const char* moduleName)
117 | {
118 | 	BOOL				bResult = FALSE;
119 | 	DWORD				returnLegth = 0;
120 | 	IOCTL_BUFFER_GetBase		pInfo = { 0 };
121 | 	ALLOCATE_FREE_MEMORY_RESULT result = { 0 };
122 | 
123 | 	pInfo.ModelAddr = 0;
124 | 	pInfo.PID = (ULONG)pid;
125 | 	sprintf_s(pInfo.ModelName, "%s", moduleName);
126 | 
127 | 	bResult = DeviceIoControl(g_hDrv, IOCTL_IO_MEMORY_GETMODULEBASE, &pInfo, sizeof(pInfo), &result, sizeof(result), &returnLegth, NULL);
128 | 
129 | 	return result.address;
130 | 
131 | }
132 | 
133 | 
134 | //读内存函数，自己封装
135 | BOOL Vu驱动::VU_内存_读字节集(DWORD pid, PVOID addr, PVOID pBuf, INT32 size)
136 | {
137 | 	BOOL				bResult = FALSE;
138 | 	DWORD				returnLegth = 0;
139 | 	IOCTL_BUFFER		pInfo = { 0 };
140 | 
141 | 	pInfo.PID = pid;
142 | 	pInfo.Addr = (ULONG64)addr;
143 | 	pInfo.Size = size;
144 | 
145 | 	bResult = DeviceIoControl(g_hDrv, IOCTL_IO_MEMORY_READ, &pInfo, sizeof(pInfo), pBuf, size, &returnLegth, NULL);
146 | 
147 | 	return bResult;
148 | }
149 | 
150 | //写内存函数，自己封装
151 | BOOL Vu驱动::VU_内存_写字节集(DWORD pid, PVOID addr, PVOID pBuf, INT32 size)
152 | {
153 | 
154 | 	BOOL				bResult = FALSE;
155 | 	DWORD				returnLegth = 0;
156 | 
157 | 
158 | 	DWORD len = sizeof(IOCTL_BUFFER_Write) + size;
159 | 	IOCTL_BUFFER_Write* pInfo = (IOCTL_BUFFER_Write*)malloc(len);
160 | 	if (!pInfo)
161 | 		return FALSE;
162 | 
163 | 	ZeroMemory(pInfo, len);
164 | 
165 | 
166 | 	pInfo->PID = pid;
167 | 	pInfo->Addr = (ULONG64)addr;
168 | 	pInfo->Size = size;
169 | 	memcpy(pInfo->Buf, pBuf, size);
170 | 
171 | 	bResult = DeviceIoControl(g_hDrv, IOCTL_IO_MEMORY_WRITE, pInfo, len, 0, 0, &returnLegth, NULL);
172 | 
173 | 	free(pInfo);
174 | 	return bResult;
175 | }
176 | 
177 | 
178 | DWORD64 Vu驱动::VU_内存_申请(DWORD 进程ID, DWORD64 进程地址, DWORD64 申请长度, DWORD64 内存属性, BOOL 是否物理)
179 | {
180 | 
181 | 
182 | 	DWORD					returnLegth = 0;
183 | 	ALLOCATE_FREE_MEMORY	msgInfo = { 0 };
184 | 	ALLOCATE_FREE_MEMORY_RESULT result = { 0 };
185 | 	msgInfo.pid = 进程ID;
186 | 	msgInfo.base = 进程地址;
187 | 	msgInfo.size = 申请长度;
188 | 	msgInfo.protection = 内存属性;
189 | 	msgInfo.allocate = TRUE;
190 | 	msgInfo.physical = 是否物理;
191 | 	msgInfo.type = MEM_COMMIT;
192 | 
193 | 	DeviceIoControl(g_hDrv, IOCTL_IO_MEMORY_ALLOC, &msgInfo, sizeof(msgInfo), &result, sizeof(result), &returnLegth, NULL);
194 | 	return result.address;
195 | }
196 | 
197 | 
198 | DWORD64 Vu驱动::VU_内存_释放(DWORD 进程ID, DWORD64 进程地址, DWORD64 内存长度, BOOL 是否物理)
199 | {
200 | 
201 | 
202 | 	DWORD					returnLegth = 0;
203 | 	ALLOCATE_FREE_MEMORY	msgInfo = { 0 };
204 | 	ALLOCATE_FREE_MEMORY_RESULT result = { 0 };
205 | 	msgInfo.pid = 进程ID;
206 | 	msgInfo.base = 进程地址;
207 | 	msgInfo.size = 内存长度;
208 | 	msgInfo.protection = 0;
209 | 	msgInfo.allocate = FALSE;
210 | 	msgInfo.physical = 是否物理;
211 | 	msgInfo.type = MEM_RELEASE;
212 | 
213 | 	DeviceIoControl(g_hDrv, IOCTL_IO_MEMORY_ALLOC, &msgInfo, sizeof(msgInfo), &result, sizeof(result), &returnLegth, NULL);
214 | 	return result.address;
215 | }
216 | 
217 | 
218 | DWORD64 Vu驱动::VU_内存_修改属性(DWORD 进程ID, DWORD64 地址, DWORD64 长度, DWORD64 内存属性)
219 | {
220 | 	DWORD64 pAddr = 0;
221 | 
222 | 	DWORD					returnLegth = 0;
223 | 	ALLOCATE_FREE_MEMORY	msgInfo = { 0 };
224 | 	msgInfo.pid = 进程ID;
225 | 	msgInfo.base = 地址;
226 | 	msgInfo.size = 长度;
227 | 	msgInfo.protection = 内存属性;
228 | 	msgInfo.allocate = TRUE;
229 | 	msgInfo.physical = 1;
230 | 	msgInfo.type = MEM_RELEASE;
231 | 
232 | 	DeviceIoControl(g_hDrv, IOCTL_IO_MEMORY_PROTECT, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
233 | 	return pAddr;
234 | }
235 | 
236 | 
237 | DWORD64 Vu驱动::VU_内存_查询属性(DWORD 进程ID, DWORD64 地址)
238 | {
239 | 	DWORD64 pAddr = 0;
240 | 
241 | 	DWORD					returnLegth = 0;
242 | 	ALLOCATE_FREE_MEMORY	msgInfo = { 0 };
243 | 	msgInfo.pid = 进程ID;
244 | 	msgInfo.base = 地址;
245 | 	msgInfo.size = 4096;
246 | 	msgInfo.protection = 64;
247 | 	msgInfo.allocate = FALSE;
248 | 	msgInfo.physical = 1;
249 | 	msgInfo.type = 0;
250 | 
251 | 	DeviceIoControl(g_hDrv, IOCTL_IO_MEMORY_QUERY, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
252 | 	return pAddr;
253 | }
254 | 
255 | 
256 | DWORD64 Vu驱动::VU_超级注入CALL_置主线程获取模式(DWORD64 模式)
257 | {
258 | 
259 | 	BOOL				bResult = FALSE;
260 | 	DWORD64				pAddr = 0;
261 | 	DWORD				returnLegth = 0;
262 | 	IOCTL_BUFFER				msgInfo = { 0 };
263 | 	msgInfo.Addr = 模式;
264 | 
265 | 	DeviceIoControl(g_hDrv, IOCTL_IO_INJECT_SET_THREADMOD, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
266 | 	return pAddr;
267 | }
268 | 
269 | DWORD64 Vu驱动::VU_远程注入CALL(DWORD 进程ID, PBYTE CALL代码, DWORD CALL代码长度, BOOL 硬件物理执行)
270 | {
271 | 	DWORD len = sizeof(IOCTL_BUFFER_InjectCode) + CALL代码长度;
272 | 	IOCTL_BUFFER_InjectCode* pInfo = (IOCTL_BUFFER_InjectCode*)malloc(len);
273 | 	if (!pInfo)
274 | 		return FALSE;
275 | 	ZeroMemory(pInfo, len);
276 | 	pInfo->PID = 进程ID;
277 | 	pInfo->isPhyMem = 硬件物理执行;
278 | 	pInfo->Size = CALL代码长度;
279 | 
280 | 	memcpy(pInfo->Buf, CALL代码, CALL代码长度);
281 | 
282 | 	DWORD64 pAddr = 0;
283 | 	DWORD	returnLegth = 0;
284 | 
285 | 	DeviceIoControl(g_hDrv, IOCTL_IO_INJECT_REMOTE_CALL, pInfo, len, &pAddr, sizeof(pAddr), &returnLegth, NULL);
286 | 	free(pInfo);
287 | 	return pAddr;
288 | 
289 | }
290 | 
291 | 
292 | DWORD64 Vu驱动::VU_远程执行CALL(DWORD 进程ID, DWORD64 目标地址, DWORD64 参数地址)
293 | {
294 | 	DWORD64 pAddr = 0;
295 | 	DWORD	returnLegth = 0;
296 | 	IOCTL_BUFFER_InjectCode	msgInfo = { 0 };
297 | 	msgInfo.PID = 进程ID;
298 | 	msgInfo.Size = 参数地址;
299 | 	msgInfo.Addr = 目标地址;
300 | 
301 | 	DeviceIoControl(g_hDrv, IOCTL_IO_INJECT_REMOTE_CALLEX, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
302 | 	return pAddr;
303 | }
304 | 
305 | DWORD64 Vu驱动::VU_超级注入CALL(DWORD 进程ID, PBYTE CALL代码, DWORD CALL代码长度, DWORD 线程ID, BOOL 硬件物理执行)
306 | {
307 | 	DWORD len = sizeof(IOCTL_BUFFER_InjectCode) + CALL代码长度;
308 | 	IOCTL_BUFFER_InjectCode* pInfo = (IOCTL_BUFFER_InjectCode*)malloc(len);
309 | 	if (!pInfo)
310 | 		return FALSE;
311 | 	ZeroMemory(pInfo, len);
312 | 
313 | 	pInfo->PID = 进程ID;
314 | 	pInfo->isPhyMem = 硬件物理执行;
315 | 	pInfo->Size = CALL代码长度;
316 | 
317 | 	memcpy(pInfo->Buf, CALL代码, CALL代码长度);
318 | 	pInfo->Addr = 线程ID;
319 | 
320 | 
321 | 	DWORD64 pAddr = 0;
322 | 	DWORD	returnLegth = 0;
323 | 
324 | 
325 | 	DeviceIoControl(g_hDrv, IOCTL_IO_INJECT_SUPER_CALL, pInfo, len, &pAddr, sizeof(pAddr), &returnLegth, NULL);
326 | 	free(pInfo);
327 | 	return pAddr;
328 | 
329 | }
330 | 
331 | 
332 | DWORD64 Vu驱动::VU_超级执行CALL(DWORD 进程ID, DWORD64 目标地址, DWORD64 参数地址, DWORD 线程ID)
333 | {
334 | 	DWORD64 pAddr = 0;
335 | 	DWORD	returnLegth = 0;
336 | 	IOCTL_BUFFER_InjectCode	msgInfo = { 0 };
337 | 	msgInfo.PID = 进程ID;
338 | 	msgInfo.Addr = 目标地址;
339 | 	msgInfo.Size = 参数地址;
340 | 	msgInfo.isPhyMem = 线程ID;
341 | 
342 | 
343 | 	DeviceIoControl(g_hDrv, IOCTL_IO_INJECT_SUPER_CALLEX, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
344 | 	return pAddr;
345 | }
346 | 
347 | 
348 | BOOL Vu驱动::VU_键鼠_安装()
349 | {
350 | 	BOOL				bResult = FALSE;
351 | 	DWORD				returnLegth = 0;
352 | 
353 | 	return DeviceIoControl(g_hDrv, IOCTL_IO_INPUT_INIT, 0, 0, 0, 0, &returnLegth, NULL);
354 | 
355 | }
356 | 
357 | BOOL Vu驱动::VU_隐藏文件_安装()
358 | {
359 | 	DWORD				returnLegth = 0;
360 | 
361 | 	return DeviceIoControl(g_hDrv, IOCTL_IO_FILTER_INIT, 0, 0, 0, 0, &returnLegth, NULL);
362 | }
363 | 
364 | BOOL Vu驱动::VU_隐藏文件_卸载()
365 | {
366 | 	DWORD				returnLegth = 0;
367 | 
368 | 	return DeviceIoControl(g_hDrv, IOCTL_IO_FILTER_UNINIT, 0, 0, 0, 0, &returnLegth, NULL);
369 | }
370 | 
371 | 
372 | DWORD64 Vu驱动::VU_隐藏文件_文件(CHAR* 文件路径)
373 | {
374 | 	DWORD64 pAddr = 0;
375 | 	DWORD				returnLegth = 0;
376 | 	IOCTL_BUFFER				msgInfo = { 0 };
377 | 	CHAR strPath[MAX_PATH] = { 0 };
378 | 	sprintf_s(strPath, "\\??\\%s", 文件路径);
379 | 	msgInfo.Buf = (DWORD64)&strPath;
380 | 	DeviceIoControl(g_hDrv, IOCTL_IO_FILTER_FILE, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
381 | 	return pAddr;
382 | }
383 | 
384 | DWORD64 Vu驱动::VU_隐藏文件_目录(CHAR* 目录路径)
385 | {
386 | 	DWORD64 pAddr = 0;
387 | 	DWORD				returnLegth = 0;
388 | 	IOCTL_BUFFER				msgInfo = { 0 };
389 | 
390 | 	CHAR strPath[MAX_PATH] = { 0 };
391 | 	sprintf_s(strPath, "\\??\\%s", 目录路径);
392 | 	msgInfo.Buf = (DWORD64)&strPath;
393 | 	DeviceIoControl(g_hDrv, IOCTL_IO_FILTER_DIR, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
394 | 	return pAddr;
395 | }
396 | 
397 | 
398 | 
399 | 
400 | 
401 | BOOL Vu驱动::VU_保护_安装()
402 | {
403 | 	DWORD64 pAddr = 0;
404 | 	DWORD				returnLegth = 0;
405 | 	IOCTL_BUFFER				msgInfo = { 0 };
406 | 	msgInfo.PID = 1;
407 | 
408 | 	return DeviceIoControl(g_hDrv, IOCTL_IO_PROTECT_BEGIN_OR_END, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
409 | }
410 | 
411 | BOOL Vu驱动::VU_保护_卸载()
412 | {
413 | 	DWORD64 pAddr = 0;
414 | 	DWORD				returnLegth = 0;
415 | 	IOCTL_BUFFER				msgInfo = { 0 };
416 | 	msgInfo.PID = 0;
417 | 
418 | 	return DeviceIoControl(g_hDrv, IOCTL_IO_PROTECT_BEGIN_OR_END, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
419 | }
420 | 
421 | BOOL Vu驱动::VU_保护_进程_开始(DWORD64 进程ID, BOOL 是否保护驱动)
422 | {
423 | 	DWORD64 pAddr = 0;
424 | 	DWORD				returnLegth = 0;
425 | 	IOCTL_BUFFER				msgInfo = { 0 };
426 | 	msgInfo.PID = 进程ID;
427 | 	if (是否保护驱动)
428 | 		msgInfo.Size = 100;
429 | 
430 | 	return DeviceIoControl(g_hDrv, IOCTL_IO_PROTECT_PROCESS_BEGIN, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
431 | }
432 | 
433 | BOOL Vu驱动::VU_保护_进程_结束(DWORD64 进程ID)
434 | {
435 | 	DWORD64 pAddr = 0;
436 | 	DWORD				returnLegth = 0;
437 | 	IOCTL_BUFFER				msgInfo = { 0 };
438 | 	msgInfo.PID = 进程ID;
439 | 
440 | 	return DeviceIoControl(g_hDrv, IOCTL_IO_PROTECT_PROCESS_END, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
441 | }
442 | 
443 | 
444 | BOOL Vu驱动::VU_保护_窗口_开始(DWORD64 窗口句柄, DWORD64 进程ID)
445 | {
446 | 	DWORD64 pAddr = 0;
447 | 	DWORD				returnLegth = 0;
448 | 	IOCTL_BUFFER				msgInfo = { 0 };
449 | 	msgInfo.Buf = 窗口句柄;
450 | 	msgInfo.PID = 进程ID;
451 | 
452 | 	return DeviceIoControl(g_hDrv, IOCTL_IO_PROTECT_WINDOW_BEGIN, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
453 | }
454 | 
455 | BOOL Vu驱动::VU_保护_窗口_结束(DWORD64 窗口句柄, DWORD64 进程ID)
456 | {
457 | 	DWORD64 pAddr = 0;
458 | 	DWORD				returnLegth = 0;
459 | 	IOCTL_BUFFER				msgInfo = { 0 };
460 | 	msgInfo.Buf = 窗口句柄;
461 | 	msgInfo.PID = 进程ID;
462 | 
463 | 	return DeviceIoControl(g_hDrv, IOCTL_IO_PROTECT_WINDOW_END, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
464 | }
465 | 
466 | BOOL Vu驱动::VU_保护_游戏_开始(DWORD64 窗口句柄, DWORD64 进程ID)
467 | {
468 | 	DWORD64 pAddr = 0;
469 | 	DWORD				returnLegth = 0;
470 | 	IOCTL_BUFFER				msgInfo = { 0 };
471 | 	msgInfo.Buf = 窗口句柄;
472 | 	msgInfo.PID = 进程ID;
473 | 
474 | 	return DeviceIoControl(g_hDrv, IOCTL_IO_PROTECT_GAME_BEGIN, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
475 | }
476 | 
477 | BOOL Vu驱动::VU_保护_游戏_结束(DWORD64 窗口句柄, DWORD64 进程ID)
478 | {
479 | 	DWORD64 pAddr = 0;
480 | 	DWORD				returnLegth = 0;
481 | 	IOCTL_BUFFER				msgInfo = { 0 };
482 | 	msgInfo.Buf = 窗口句柄;
483 | 	msgInfo.PID = 进程ID;
484 | 
485 | 	return DeviceIoControl(g_hDrv, IOCTL_IO_PROTECT_GAME_END, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
486 | }
487 | 
488 | 
489 | 
490 | BOOL Vu驱动::VU_硬件_修改硬盘序号(CHAR* 序号, DWORD64 文本长度)
491 | {
492 | 	DWORD64 pAddr = 0;
493 | 	DWORD				returnLegth = 0;
494 | 	IOCTL_BUFFER				msgInfo = { 0 };
495 | 	msgInfo.Buf = (DWORD64)序号;
496 | 	msgInfo.Size = 文本长度;
497 | 
498 | 	return DeviceIoControl(g_hDrv, IOCTL_IO_HARDWARE_DISK, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
499 | }
500 | 
501 | 
502 | BOOL Vu驱动::VU_硬件_修改声卡序号(CHAR* 序号, DWORD64 文本长度)
503 | {
504 | 	DWORD64 pAddr = 0;
505 | 	DWORD				returnLegth = 0;
506 | 	IOCTL_BUFFER				msgInfo = { 0 };
507 | 	msgInfo.Buf = (DWORD64)序号;
508 | 	msgInfo.Size = 文本长度;
509 | 
510 | 	return DeviceIoControl(g_hDrv, IOCTL_IO_HARDWARE_VOLUMES, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
511 | }
512 | 
513 | 
514 | BOOL Vu驱动::VU_硬件_修改网卡序号(CHAR* 序号, DWORD64 文本长度)
515 | {
516 | 	DWORD64 pAddr = 0;
517 | 	DWORD				returnLegth = 0;
518 | 	IOCTL_BUFFER				msgInfo = { 0 };
519 | 	msgInfo.Buf = (DWORD64)序号;
520 | 	msgInfo.Size = 文本长度;
521 | 
522 | 	return DeviceIoControl(g_hDrv, IOCTL_IO_HARDWARE_MAC, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
523 | }
524 | 
525 | 
526 | BOOL Vu驱动::VU_硬件_修改主板序号(CHAR* 序号, DWORD64 文本长度)
527 | {
528 | 	DWORD64 pAddr = 0;
529 | 	DWORD				returnLegth = 0;
530 | 	IOCTL_BUFFER				msgInfo = { 0 };
531 | 	msgInfo.Buf = (DWORD64)序号;
532 | 	msgInfo.Size = 文本长度;
533 | 
534 | 	return DeviceIoControl(g_hDrv, IOCTL_IO_HARDWARE_SMBOIS, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
535 | }
536 | 
537 | 
538 | BOOL Vu驱动::VU_硬件_修改显卡序号(CHAR* 序号, DWORD64 文本长度)
539 | {
540 | 	DWORD64 pAddr = 0;
541 | 	DWORD				returnLegth = 0;
542 | 	IOCTL_BUFFER		msgInfo = { 0 };
543 | 	msgInfo.Buf = (DWORD64)序号;
544 | 	msgInfo.Size = 文本长度;
545 | 
546 | 	return DeviceIoControl(g_hDrv, IOCTL_IO_HARDWARE_GPU, &msgInfo, sizeof(msgInfo), &pAddr, sizeof(pAddr), &returnLegth, NULL);
547 | }


--------------------------------------------------------------------------------