测试 在Windows窗口 放个Timer用于读取扫雷游戏的计时。
按钮点击讲设置 计时为0;
先可看怎么找内存地址: http://jingyan.baidu.com/article/93f9803fe721f1e0e56f5572.html
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
timer1.Interval= 500;
}
private int baseAddress = 0x006A9EC0; //游戏内存基址
private string processName = "PlantsVsZombies"; //游戏进程名字
//读取制定内存中的值
public int ReadMemoryValue(int baseAdd)
{
return Helper.ReadMemoryValue(baseAdd, processName);
}
//将值写入指定内存中
public void WriteMemory(int baseAdd, int value)
{
Helper.WriteMemoryValue(baseAdd, processName, value);
}
private void button1_Click(object sender, EventArgs e)
{
try
{
baseAddress = 0x0100579C;
// int.Parse(txtBaseAddress.Text.Trim());
processName = txtProcessName.Text.Trim();
processName = "winmine";//干脆设置为扫雷的进程名
Text = "" + baseAddress;
WriteMemory(baseAddress, 0);//设置地址值为0,本例子为扫雷计时值
}
catch(Exception ex) {
MessageBox.Show(ex.Message );
}
}
private void Form1_Load(object sender, EventArgs e)
{
timer1.Start();
}
private void timer1_Tick(object sender, EventArgs e)
{
try
{
baseAddress = 0x0100579C;
// int.Parse(txtBaseAddress.Text.Trim());
processName = txtProcessName.Text.Trim();
processName = "winmine";
Text = "" + baseAddress;
Text =""+ ReadMemoryValue(baseAddress);
}
catch {
}
}
}
Helper class
using System;
using System.Text;
using System.Diagnostics;
using System.Runtime.InteropServices;
namespace ReadMem
{
public abstract class Helper
{
[DllImportAttribute("kernel32.dll", EntryPoint = "ReadProcessMemory")]
public static extern bool ReadProcessMemory
(
IntPtr hProcess,
IntPtr lpBaseAddress,
IntPtr lpBuffer,
int nSize,
IntPtr lpNumberOfBytesRead
);
[DllImportAttribute("kernel32.dll", EntryPoint = "OpenProcess")]
public static extern IntPtr OpenProcess
(
int dwDesiredAccess,
bool bInheritHandle,
int dwProcessId
);
[DllImport("kernel32.dll")]
private static extern void CloseHandle
(
IntPtr hObject
);
//写内存
[DllImportAttribute("kernel32.dll", EntryPoint = "WriteProcessMemory")]
public static extern bool WriteProcessMemory
(
IntPtr hProcess,
IntPtr lpBaseAddress,
int[] lpBuffer,
int nSize,
IntPtr lpNumberOfBytesWritten
);
//获取窗体的进程标识ID
public static int GetPid(string windowTitle)
{
int rs = 0;
Process[] arrayProcess = Process.GetProcesses();
foreach (Process p in arrayProcess)
{
if (p.MainWindowTitle.IndexOf(windowTitle) != -1)
{
rs = p.Id;
break;
}
}
return rs;
}
//根据进程名获取PID
public static int GetPidByProcessName(string processName)
{
Process[] arrayProcess = Process.GetProcessesByName(processName);
foreach (Process p in arrayProcess)
{
return p.Id;
}
return 0;
}
//根据窗体标题查找窗口句柄(支持模糊匹配)
public static IntPtr FindWindow(string title)
{
Process[] ps = Process.GetProcesses();
foreach (Process p in ps)
{
if (p.MainWindowTitle.IndexOf(title) != -1)
{
return p.MainWindowHandle;
}
}
return IntPtr.Zero;
}
//读取内存中的值
public static int ReadMemoryValue(int baseAddress,string processName)
{
try
{
byte[] buffer = new byte[4];
IntPtr byteAddress = Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0); //获取缓冲区地址
IntPtr hProcess = OpenProcess(0x1F0FFF, false, GetPidByProcessName(processName));
ReadProcessMemory(hProcess, (IntPtr)baseAddress, byteAddress, 4, IntPtr.Zero); //将制定内存中的值读入缓冲区
CloseHandle(hProcess);
return Marshal.ReadInt32(byteAddress);
}
catch
{
return 0;
}
}
//将值写入指定内存地址中
public static void WriteMemoryValue(int baseAddress, string processName, int value)
{
IntPtr hProcess = OpenProcess(0x1F0FFF, false, GetPidByProcessName(processName)); //0x1F0FFF 最高权限
WriteProcessMemory(hProcess, (IntPtr)baseAddress, new int[] { value }, 4, IntPtr.Zero);
CloseHandle(hProcess);
}
}
}