当前位置:首页 -> 基础 -> c++编程基础

教你编写DOTA外挂(二)

2014-11-24 12:22:31 · 作者: · 浏览: 1
标签: 编写 DOTA 外挂
EMORY_INFORMATION_CLASS
{
MemoryBasicInformation,
MemoryWorkingSetList,
MemorySectionName,
MemoryBasicVlmInformation
} MEMORY_INFORMATION_CLASS;

typedef long (NTAPI * PF_ZwQueryVirtualMemory)
( IN HANDLE ProcessHandle,
IN PVOID BaseAddress,
IN MEMORY_INFORMATION_CLASS MemoryInformationClass,
OUT PVOID MemoryInformation,
IN ULONG MemoryInformationLength,
OUT PULONG ReturnLength OPTIONAL
);
typedef struct _UNICODE_STRING
{
USHORT Length;
USHORT MaximumLength;
PWSTR Buffer;
} UNICODE_STRING, *PUNICODE_STRING;
DWORD GetGameDLLAddr(HANDLE hWar3Handle,WCHAR * ModuleName)
{
DWORD startAddr;
BYTE buffer[MAX_PATH*2+4];
MEMORY_BASIC_INFORMATION memBI;
PUNICODE_STRING secName;
PF_ZwQueryVirtualMemory ZwQueryVirtualMemory;

startAddr = 0x00000000;
ZwQueryVirtualMemory = (PF_ZwQueryVirtualMemory)GetProcAddress(GetModuleHandleA("ntdll"),"ZwQueryVirtualMemory");
do{
if(ZwQueryVirtualMemory(hWar3Handle,(PVOID)startAddr,MemoryBasicInformation,&memBI,sizeof(memBI),0 ) >= 0 &&
(memBI.Type == MEM_IMAGE))
{
if( ZwQueryVirtualMemory(hWar3Handle,(PVOID)startAddr,MemorySectionName,buffer,sizeof(buffer),0 ) >= 0 )
{
secName = (PUNICODE_STRING)buffer;
if(wcsicmp(ModuleName, wcsrchr(secName->Buffer,'\\')+1) == 0)
{
return startAddr;
}
}
// 递增基址,开始下一轮查询!
}
startAddr += 0x10000;
}
while( startAddr < 0x80000000 );
return 0;
};

这里也需要注意的是game.dll的大小写或者名称,如有的平台为game124.dll。然后用下面两个方法获得版本。定义全局变量WC3VER g_War3Ver,enum WC3VER{_UN,_120E,_124B,_124E,_125B,_126B}。

void GetWar3Ver()
{
TCHAR FileVer[64];
ODV(TEXT("%s"),LastDLLPath);
GetFileVer(LastDLLPath,FileVer,64);
ODV(TEXT("%s"),FileVer);
if(lstrcmpi(FileVer,TEXT("1, 20, 4, 6074")) ==0)
{
g_War3Ver=_120E;
}
else if(lstrcmpi(FileVer,TEXT("1, 24, 1, 6374")) ==0)
{
g_War3Ver=_124B;
}
else if(lstrcmpi(FileVer,TEXT("1, 24, 4, 6387")) ==0)
{
g_War3Ver=_124E;
}
else if(lstrcmpi(FileVer,TEXT("1, 25, 1, 6397")) ==0)
{
g_War3Ver=_125B;
}
else if(lstrcmpi(FileVer,TEXT("1, 26, 0, 6401")) ==0)
{
g_War3Ver=_126B;
}
else
{
g_War3Ver=_UN;
}
}
DWORD GetFileVer(__in LPTSTR FileName, __out LPTSTR lpVersion, __in DWORD nSize)
{
TCHAR SubBlock[64];
DWORD InfoSize;
InfoSize = GetFileVersionInfoSize(FileName,NULL); if(InfoSize==0) return 0;
TCHAR *InfoBuf = new TCHAR[InfoSize];
GetFileVersionInfo(FileName,0,InfoSize,InfoBuf);
unsigned int cbTranslate = 0;
struct LANGANDCODEPAGE
{
WORD wLanguage;
WORD wCodePage;
}
*lpTranslate;
VerQueryValue(InfoBuf, TEXT("\\VarFileInfo\\Translation"),