以下是用VB做外挂的一些知识

2024年3月21日发(作者：)

以下是用VB做外挂的一些知识.我个人认为是入门的一

些知识.不敢独享.贴出来给大家!~

有时间随时补充~呵呵

1.查找目标窗口.需要做外挂,就需要查找目标窗口.然后

才做一些其他的动作.比如说鼠标键盘模拟啦.内存修改啦.

封包型发送与替换啦什么什么的

-------------------------------------------------------------------------

'定义模块

Declare Function FindWindow Lib "user32" Alias "FindWin

dowA" (ByVal lpClassName As String, ByVal lpWindowNa

me As String) As Long

'在窗口中建立一timer(时间控制器),然后在代码窗口输入

如下代码:

Private Sub Form_Load()

al = 500

End Sub

时间控制器的代码如下:

Private Sub Timer1_Timer()

Dim hwnd As Long

hwnd = FindWindow(vbNullString, "计算器") '抓取"计

算器"这个窗口名称.

If (hwnd = 0) Then

If MsgBox("你没有打开[计算器]程序！点击“确定”退出。

点“取消”继续。", 49, "错误！") = 1 Then End

ElseIf (hwnd <> 0) Then

MsgBox "你已经打开了[计算器]程序.点“确定”退出本程

序", , "退出"

End

End If

End Sub

2.以下为模拟键盘事件.比如模拟"r"键.

'在模块中定义

Public Declare Sub keybd_event Lib "user32" (ByVal bV

k As Byte, ByVal Scan As Byte, ByVal dwFlags As Long, B

yVal dwExtraInfo As Long)

在窗口中建立一timer.时间间隔随意.只要不是0就可以了

Private Sub Timer1_Timer()

Call keybd_event(82, 0, 0, 0) '模拟按下"R"键

End Sub

3.以下为快捷键例子.比如按下"ctrl+A"就退出!

'可以设置Form的KeyPreview属性为True，然后在For

m_KeyDown事件中添加代码：

Private Sub Form_KeyDown(KeyCode As Integer, Shift A

s Integer)

If KeyCode = Asc("A") And Shift = vbCtrlMask Then unloa

d me '如果ctrl+A键被按下就退出

End Sub

例二:

在Form中加入

Private Declare Function GetAsyncKeyState Lib "user32" (B

yVal vkey As Long) As Integer

Private Function MyHotKey(vKeyCode) As Boolean

MyHotKey = (GetAsyncKeyState(vKeyCode) < 0)

End Function

'然后在循环中或Timer的Timer事件中检测:

Private Sub Timer1_Timer()

If MyHotKey(vbKeyA) And vbKeyControl Then 'ctrl+A

End '关闭

End If

'其中vbkeyA是键盘〃A〃的常数，其他键可按F1查得。

End Sub

取得窗口的句柄.类.名称等

建立三个label1/label2/lebel3/

名称分别为窗口句柄/类/标题/

建立一个text窗口

建立二个command按钮，一为开始抓取。一为退出

声明：

Private Type POINTAPI

x As Long

y As Long

End Type

Private Declare Function GetCursorPos Lib "user32" (lpPoin

t As POINTAPI) As Long

Private Declare Function SetWindowPos Lib "user32" (ByV

al hwnd As Long, ByVal hWndInsertAfter As Long, ByVa

l x As Long, ByVal y As Long, ByVal cx As Long, ByVal c

y As Long, ByVal wFlags As Long) As Long

Private Declare Function GetClassName Lib "user32" Alia

s "GetClassNameA" (ByVal hwnd As Long, ByVal lpClassN

ame As String, ByVal nMaxCount As Long) As Long

Private Declare Function SendMessage Lib "user32" Alias "

SendMessageA" (ByVal hwnd As Long, ByVal wMsg As Lo

ng, ByVal wParam As Long, lParam As Any) As Long

Private Declare Function WindowFromPoint Lib "user32" (B

yVal xPoint As Long, ByVal yPoint As Long) As Long

1

Private Declare Function GetWindowLong Lib "user32" Alia

s "GetWindowLongA" (ByVal hwnd As Long, ByVal nInde

x As Long) As Long

Private Declare Function GetWindowText Lib "user32" Alia

s "GetWindowTextA" (ByVal hwnd As Long, ByVal lpStrin

g As String, ByVal cch As Long) As Long

Private Sub Command1_Click()

If n = "开始抓取(&S)" Then

d = True

n = "停止抓取(&S)"

Else

d = False

n = "开始抓取(&S)"

End If

End Sub

Private Sub Command2_Click()

End

End Sub

Private Sub Form_Load()

SetWindowPos , -1, 0, 0, 0, 0, &H1 Or &H2 '使窗

体位于最顶端

End Sub

Private Sub Timer1_Timer()

On Error Resume Next

Dim tPoint As POINTAPI

Dim hWin As Long

Dim str As String * 255

Dim Abc As String * 64000

Dim Txt(64000) As Byte

GetCursorPos tPoint '获得当前鼠标位置

hWin = WindowFromPoint(tPoint.x, tPoint.y) '获得窗口名

柄

If hWin = Or hWin = Or hWi

n = Or hWin = Then Exit Su

b '确定窗口不在 Form1 中

GetClassName hWin, str, 255 '获得窗口类

SendMessage hWin, &HD, 64000, Txt(0) '获得窗口标题(也

可使用 API 函数:GetWindowText,但效果不佳)

n = "窗口名柄: " & hWin

n = "窗口类: " & str

= StrConv(Txt, vbUnicode)

End Sub

Option Explicit

Private Declare Function FindWindow Lib "user32" Alias "F

indWindowA" (ByVal lpClassName As String, ByVal lpWin

dowName As String) As Long

Private Declare Function GetWindowThreadProcessId Lib "

user32" (ByVal hWnd As Long, lpdwProcessId As Long) A

s Long

Private Declare Function OpenProcess Lib "kernel32" (ByVa

l dwDesiredAccess As Long, ByVal bInheritHandle As Lon

g, ByVal dwProcessId As Long) As Long

Private Declare Function WriteProcessMemory Lib "kernel3

2" (ByVal hProcess As Long, ByVal lpBaseAddress As An

y, lpBuffer As Any, ByVal nSize As Long, lpNumberOfByte

sWritten As Long) As Long

Private Declare Function ReadProcessMemory Lib "kernel32

" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, l

pBuffer As Any, ByVal nSize As Long, lpNumberOfBytesW

ritten As Long) As Long

Private Declare Function CloseHandle Lib "kernel32" (ByVa

l hObject As Long) As Long

Private Const PROCESS_ALL_ACCESS = &H1F0FFF

Private hProcess As Long

'下面的函数用于查找游戏

Function FindGame() As Boolean

Dim PID As Long, Gamehwnd As Long

FindGame = False

Gamehwnd = FindWindow(vbNullString, "蜘蛛") '查找游戏

的句柄

If (Gamehwnd = 0) Then '如果找不到(例如游戏未运行)就

退出函数

MsgBox "没有找到蜘蛛游戏"

Exit Function

End If

GetWindowThreadProcessId Gamehwnd, PID '取得进程ID

hProcess = OpenProcess(PROCESS_ALL_ACCESS, Fals

e, PID) '以全部权力打开进程

If (hProcess = 0) Then '打开进程失败

MsgBox "没有打开进程"

2