public abstract class Helper { [DllImportAttribute("kernel32.dll", EntryPoint = "ReadProcessMemory")] public static extern bool ReadProcessMemory ( IntPtr hProcess, IntPtr lpBaseAddress, int[] data, int nSize, IntPtr lpNumberOfBytesRead ); [DllImportAttribute("kernel32.dll", EntryPoint = "ReadProcessMemory")] public static extern bool ReadProcessMemory ( IntPtr hProcess, IntPtr lpBaseAddress, byte[] data, int nSize, IntPtr lpNumberOfBytesRead ); [DllImportAttribute("kernel32.dll", EntryPoint = "OpenProcess")] public static extern IntPtr OpenProcess ( int dwDesiredAccess, bool bInheritHandle, int dwProcessId ); [DllImport("kernel32.dll")] private static extern void CloseHandle ( IntPtr hObject ); //写内存 [DllImportAttribute("kernel32.dll", EntryPoint = "WriteProcessMemory")] public static extern bool WriteProcessMemory ( IntPtr hProcess, IntPtr lpBaseAddress, int[] lpBuffer, int nSize, IntPtr lpNumberOfBytesWritten ); [DllImport("user32.DLL")] public static extern bool SetForegroundWindow(IntPtr hWnd); //获取窗体的进程标识ID public static int GetPid(string windowTitle) { int rs = 0; Process[] arrayProcess = Process.GetProcesses(); foreach (Process p in arrayProcess) { if (p.MainWindowTitle.IndexOf(windowTitle) != -1) { rs = p.Id; break; } } return rs; } //根据进程名获取PID public static int GetPidByProcessName(string processName) { Process[] arrayProcess = Process.GetProcessesByName(processName); foreach (Process p in arrayProcess) { return p.Id; } return 0; } //根据进程名获取句柄 public static IntPtr FindWindow(string processName) { Process[] arrayProcess = Process.GetProcessesByName(processName); foreach (Process p in arrayProcess) { return p.MainWindowHandle; } return IntPtr.Zero; } /* //根据窗体标题查找窗口句柄(支持模糊匹配) public static IntPtr FindWindow(string title) { Process[] ps = Process.GetProcesses(); foreach (Process p in ps) { if (p.MainWindowTitle.IndexOf(title) != -1) { return p.MainWindowHandle; } } return IntPtr.Zero; } * */ //读取内存中的值 public static int ReadMemoryValue(int baseAddress, string processName) { try { //byte[] buffer = new byte[1]; //IntPtr byteAddress = Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0); //获取缓冲区地址 int[] addr = new int[1]; byte[] temp = System.BitConverter.GetBytes(baseAddress); IntPtr hProcess = OpenProcess(0x1F0FFF, false, GetPidByProcessName(processName)); ReadProcessMemory(hProcess, (IntPtr)baseAddress, addr, 4, IntPtr.Zero); //将制定内存中的值读入缓冲区 CloseHandle(hProcess); //return BitConverter.ToInt32(buffer,0); return addr[0]; } catch { return 0; } } public static string ReadMemoryString(int baseAddress, string processName) { try { byte[] buffer = new byte[256]; IntPtr byteAddress = Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0); //获取缓冲区地址 byte[] buf = new byte[256]; IntPtr hProcess = OpenProcess(0x1F0FFF, false, GetPidByProcessName(processName)); ReadProcessMemory(hProcess, (IntPtr)baseAddress, buf, 256, IntPtr.Zero); //将制定内存中的值读入缓冲区 string temp = System.Text.Encoding.Default.GetString(buf); string[] str = temp.Split('\0'); CloseHandle(hProcess); return str[0]; } catch { return ""; } } //将值写入指定内存地址中 public static void WriteMemoryValue(int baseAddress, string processName, int value) { IntPtr hProcess = OpenProcess(0x1F0FFF, false, GetPidByProcessName(processName)); //0x1F0FFF 最高权限 WriteProcessMemory(hProcess, (IntPtr)baseAddress, new int[] { value }, 4, IntPtr.Zero); CloseHandle(hProcess); } internal static void Sleep(int p) { throw new NotImplementedException(); } }