2024年5月2日发(作者：错误651的解决办法)

植物大战僵尸外挂c语言源代码

//

// Microsoft Visual C++ generated resource script.

//

#include "resource.h"

#define APSTUDIO_READONLY_SYMBOLS

/////////////////////////////////////////////////////////////////////////////

//

// Generated from the TEXTINCLUDE 2 resource.

//

#include "afxres.h"

/////////////////////////////////////////////////////////////////////////////

#undef APSTUDIO_READONLY_SYMBOLS

/////////////////////////////////////////////////////////////////////////////

// 中文(简体，中国) resources

#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_CHS)

LANGUAGE LANG_CHINESE, SUBLANG_CHINESE_SIMPLIFIED

#ifdef APSTUDIO_INVOKED

/////////////////////////////////////////////////////////////////////////////

//

// TEXTINCLUDE

//

1 TEXTINCLUDE

BEGIN

"resource.h0"

END

2 TEXTINCLUDE

BEGIN

"#include ""afxres.h""rn"

"0"

END

3 TEXTINCLUDE

BEGIN

"rn"

"0"

END

#endif // APSTUDIO_INVOKED

/////////////////////////////////////////////////////////////////////////////

//

// Dialog

//

IDD_DIALOG1 DIALOGEX 0, 0, 76, 164

STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER |

WS_POPUP | WS_CAPTION | WS_SYSMENU

CAPTION "PVZ修改器"

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

EDITTEXT IDC_EDIT1,7,39,62,17,ES_AUTOHSCROLL | ES_NUMBER

PUSHBUTTON "修改阳光",IDC_BUTTON1,7,57,62,16

LTEXT "阳光数值:",IDC_STATIC,7,10,62,8

LTEXT "游戏正在运行",IDC_STATIC2,7,148,55,9,NOT WS_VISIBLE

EDITTEXT IDC_EDIT2,7,20,62,17,ES_AUTOHSCROLL | ES_READONLY

PUSHBUTTON "显示游戏窗口",IDC_BUTTON2,7,102,62,10

PUSHBUTTON "重定位游戏",IDC_BUTTON3,7,88,62,14

PUSHBUTTON "修改金币",IDC_BUTTON4,7,73,62,15

CONTROL "吸附游戏窗口",IDC_CHECK1,"Button",BS_AUTOCHECKBOX

| WS_TABSTOP,7,136,62,9

PUSHBUTTON "隐藏游戏窗口",IDC_BUTTON5,7,112,62,10

CONTROL "无cd模式",IDC_CHECK2,"Button",BS_AUTOCHECKBOX |

WS_TABSTOP,7,124,62,9

END

/////////////////////////////////////////////////////////////////////////////

//

// DESIGNINFO

//

#ifdef APSTUDIO_INVOKED

GUIDELINES DESIGNINFO

BEGIN

IDD_DIALOG1, DIALOG

BEGIN

LEFTMARGIN, 7

RIGHTMARGIN, 69

TOPMARGIN, 7

BOTTOMMARGIN, 157

END

END

#endif // APSTUDIO_INVOKED

#endif // 中文(简体，中国) resources

/////////////////////////////////////////////////////////////////////////////

#ifndef APSTUDIO_INVOKED

/////////////////////////////////////////////////////////////////////////////

//

// Generated from the TEXTINCLUDE 3 resource.

//

/////////////////////////////////////////////////////////////////////////////

#endif // not APSTUDIO_INVOKED

//resource.h

//{{NO_DEPENDENCIES}}

// Microsoft Visual C++ 生成的包含文件。

// 供 使用

//

#define IDD_DIALOG1 101

#define IDC_EDIT1 1001

#define IDC_BUTTON1 1002

#define IDC_STATIC2 1006

#define IDC_EDIT2 1007

#define IDC_BUTTON2

#define IDC_BUTTON3

#define IDC_BUTTON4

#define IDC_CHECK1

#define IDC_BUTTON5

#define IDC_CHECK2

// Next default values for new objects

//

#ifdef APSTUDIO_INVOKED

#ifndef APSTUDIO_READONLY_SYMBOLS

1008

1009

1010

1012

1011

1013

#define _APS_NEXT_RESOURCE_VALUE 102

#define _APS_NEXT_COMMAND_VALUE 40001

#define _APS_NEXT_CONTROL_VALUE 1012

#define _APS_NEXT_SYMED_VALUE

#endif

#endif

//为了方便我直接使用了资源脚本创建的对话框

//以下是cpp文件

#include

#include

#include "resource.h"

#define WM_TIMER1 WM_USER+5

#define WM_TIMER2 WM_USER+6

101

#define WM_TIMER3 WM_USER+7

HWND hwndPVZ;

HWND hwndClient;

bool IsGameRun; //游戏是否运行

DWORD ProcId;

DWORD ThreadId;

HANDLE hProc;

HANDLE hThread;

DWORD cdAddr;//冷却时间的内存地址

const DWORD tmp = 5000;//冷却时间设为5000即无cd

const DWORD BaseAddr = 0x006a9ec0; //基址

bool IsSetTimer = false; //是否使程序窗口吸附于游戏

bool IsNoCD = false; //是否开启无cd模式

HHOOK hHook; //监视游戏窗口钩子的句柄

//RECT WndRect; //窗口的位置大小

BOOL CALLBACK MainProc(HWND hWnd,UINT uMsg,WPARAM

wParam,LPARAM lParam);//主窗口处理函数

DWORD ThreadProc(LPVOID lParam);//修改阳光内存函数

VOID CALLBACK TimerProc(HWND hwnd,UINT uMsg,UINT_PTR

idEvent,DWORD dwTime);//查看阳光函数——用于定时器，每0.5秒函数体执行一次

VOID CALLBACK WndProc(HWND hwnd,UINT uMsg,UINT_PTR

idEvent,DWORD dwTime);

DWORD ChangeMoney(LPVOID lParam);//修改金钱函数

void CalcCDAddr();//计算冷却时间的地址

VOID CALLBACK CDTimer(HWND hwnd,UINT uMsg,UINT_PTR

idEvent,DWORD dwTime);//定时器，用于循环修改冷却时间

int WINAPI WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR

lpCmdLine,int nCmdShow)

{

HANDLE hToken;

if(OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES,&hTok

en)){

TOKEN_PRIVILEGES tp;

egeCount = 1;

eges[0].Attributes = SE_PRIVILEGE_ENABLED;

if(LookupPrivilegeValue(NULL,SE_DEBUG_NAME,&eges[0].Luid)){

AdjustTokenPrivileges(hToken,FALSE,&tp,sizeof(tp),NULL,NULL);

}

CloseHandle(hToken);

}

IsGameRun = false;

DialogBox(hInstance,MAKEINTRESOURCE(IDD_DIALOG1),NULL,MainProc);

return 0;

}

BOOL CALLBACK MainProc(HWND hWnd,UINT uMsg,WPARAM

wParam,LPARAM lParam)

{

switch(uMsg)

{

case WM_INITDIALOG:

{

/////////////////////////////////////////////////////////

hwndPVZ = FindWindow("MainWindow","植物大战僵尸中文版");

if(hwndPVZ == NULL)

{

IsGameRun = false;

break;

}

ShowWindow(GetDlgItem(hWnd,IDC_STATIC2),SW_SHOW);

IsGameRun = true;

ThreadId = GetWindowThreadProcessId(hwndPVZ,&ProcId);

hProc = OpenProcess(PROCESS_ALL_ACCESS,false,ProcId);//获取游戏进程句柄

if(hProc == NULL)

return 0;

SetTimer(hWnd,WM_TIMER1,500,TimerProc);

hwndClient = hWnd;

//获取窗口位置

RECT WndRect;

GetWindowRect(hwndPVZ,&WndRect);

long temp = ;

if((temp|0x0000ffff) == 0xffff)

SetWindowPos(hWnd,HWND_TOP,-125,,0,0,SWP_N

OSIZE|SWP_NOSIZE|SWP_NOZORDER);

//HINSTANCE hPVZinstance =

(HINSTANCE)GetWindowLong(hwndPVZ,GWL_HINSTANCE);

}

break;

case WM_COMMAND:

{

if(LOWORD(wParam) == IDC_BUTTON1 && IsGameRun == true)

{

DWORD nSunny = GetDlgItemInt(hWnd,IDC_EDIT1,NULL,true);

//hThread =

CreateRemoteThread(hProc,NULL,0,ThreadProc,&nSunny,0,NULL);

//本来想创建远程线程到植物大战僵尸的主进程下的，显然多此一举了,这样反而会导

致游戏崩溃...

ThreadProc(&nSunny);

}

else if(LOWORD(wParam) == IDC_BUTTON2)

{

ShowWindow(hwndPVZ,SW_SHOWNORMAL);

SetWindowPos(hwndPVZ,HWND_TOP,0,0,0,0,SWP_NOSIZE|SWP_NOMOVE);

}

else if(LOWORD(wParam) == IDC_BUTTON3)

{

SendMessage(hWnd,WM_INITDIALOG,0,0);

}

else if(LOWORD(wParam) == IDC_BUTTON4)

{

DWORD nMoney = GetDlgItemInt(hWnd,IDC_EDIT1,NULL,true);

ChangeMoney(&nMoney);

}

else if(LOWORD(wParam) == IDC_CHECK1)

{

LRESULT r = SendMessage((HWND)lParam,BM_GETCHECK,0,0);

if(r == BST_CHECKED)

{

IsSetTimer = true;

SetTimer(hWnd,WM_TIMER2,10,WndProc);

ShowWindow(hWnd,SW_SHOWNORMAL);

}

else

{

IsSetTimer = false;

KillTimer(hWnd,WM_TIMER2);

}

}

else if(LOWORD(wParam) == IDC_BUTTON5) //隐藏游戏窗口

{

}

else if(LOWORD(wParam) == IDC_CHECK2) //无CD模式

{

LRESULT r = SendMessage((HWND)lParam,BM_GETCHECK,0,0);

if(r == BST_CHECKED)

{

IsNoCD = true;

CalcCDAddr();

SetTimer(hWnd,WM_TIMER3,500,CDTimer);

}

else

{

KillTimer(hwndClient,WM_TIMER3);

IsNoCD = false;

}

}

break;

}

case WM_CLOSE:

{

EndDialog(hWnd,0);

break;

}

default:

break;

}

return DefWindowProc(hWnd,uMsg,wParam,lParam);

}

DWORD ThreadProc(LPVOID lParam)

{

DWORD ObjAdd = BaseAddr;

DWORD nValue;

ReadProcessMemory(hProc,(void*)ObjAdd,&nValue,4,NULL);

ObjAdd = nValue + 0x768;

ReadProcessMemory(hProc,(void*)ObjAdd,&nValue,4,NULL);

ObjAdd = nValue + 0x5560;

WriteProcessMemory(hProc,(void*)ObjAdd,lParam,4,NULL);

//CloseHandle(hProc);

return 0;

}

VOID CALLBACK TimerProc(HWND hwnd,UINT uMsg,UINT_PTR

idEvent,DWORD dwTime)

{

KillTimer(hwnd,WM_TIMER1);

DWORD ObjAdd = BaseAddr;

DWORD nValue;

ReadProcessMemory(hProc,(void*)ObjAdd,&nValue,4,NULL);

ObjAdd = nValue + 0x768;

ReadProcessMemory(hProc,(void*)ObjAdd,&nValue,4,NULL);

ObjAdd = nValue + 0x5560;

ReadProcessMemory(hProc,(void*)ObjAdd,&nValue,4,NULL);

char szSun[20];

char szTemp[25] = "阳光:";

itoa(nValue,szSun,10);

strcat(szTemp,szSun);

if(nValue > 3430000000)

{

strcpy(szTemp,"游戏停止运行");

IsGameRun = false;

SetWindowPos(hwndClient,HWND_TOP,500,500,0,0,SWP_NOSIZE);

}

SetDlgItemText(hwnd,IDC_EDIT2,szTemp);

SetTimer(hwnd,WM_TIMER1,500,TimerProc);

}

VOID CALLBACK WndProc(HWND hwnd,UINT uMsg,UINT_PTR

idEvent,DWORD dwTime)

{

KillTimer(hwnd,WM_TIMER2);

if(IsSetTimer == true && IsGameRun == true)

{

RECT rect;

GetWindowRect(hwndPVZ,&rect);

SetWindowPos(hwnd,HWND_TOP,-125,,0,0,SWP_NOSIZE|SWP_

NOZORDER);

SetTimer(hwnd,WM_TIMER2,10,WndProc);

}

}

DWORD ChangeMoney(LPVOID lParam)

{

DWORD ObjAdd = BaseAddr;

DWORD nValue;

ReadProcessMemory(hProc,(void*)ObjAdd,&nValue,4,NULL);

ObjAdd = nValue+0x82c;

ReadProcessMemory(hProc,(void*)ObjAdd,&nValue,4,NULL);

ObjAdd = nValue+0x28;

WriteProcessMemory(hProc,(void*)ObjAdd,lParam,4,NULL);

return 0;

}

void CalcCDAddr()

{

DWORD ObjAdd = BaseAddr;

DWORD nValue;

ReadProcessMemory(hProc,(void*)ObjAdd,&nValue,4,NULL);

ObjAdd = nValue+0x768;

ReadProcessMemory(hProc,(void*)ObjAdd,&nValue,4,NULL);

ObjAdd = nValue+0x1C;

ReadProcessMemory(hProc,(void*)ObjAdd,&nValue,4,NULL);

ObjAdd = nValue+0x140;

ReadProcessMemory(hProc,(void*)ObjAdd,&nValue,4,NULL);

ObjAdd = nValue+0x4C;

cdAddr = ObjAdd;

}

VOID CALLBACK CDTimer(HWND hwnd,UINT uMsg,UINT_PTR

idEvent,DWORD dwTime)

{

DWORD tmpAddr = cdAddr - 0x50;

KillTimer(hwndClient,WM_TIMER3);

if(IsGameRun == false)

{

return;

}

for(int i=0;i<10;i++)

{

tmpAddr = tmpAddr + 0x50;

WriteProcessMemory(hProc,(void*)tmpAddr,&tmp,4,NULL);//遍历卡槽写入

cd=5000

}

SetTimer(hwndClient,WM_TIMER3,500,CDTimer);

}