使用系统;
使用System.Collections.Generic;
使用System.Text;
使用System.Runtime.InteropServices; //这个肯定要的
命名空间WindowsApplication1
{
类win32API
{
public const int OPEN_PROCESS_ALL = 2035711;
public const int PAGE_READWRITE = 4;
public const int PROCESS_CREATE_THREAD = 2;
public const int PROCESS_HEAP_ENTRY_BUSY = 4;
public const int PROCESS_VM_OPERATION = 8;
public const int PROCESS_VM_READ = 256;
public const int PROCESS_VM_WRITE = 32;
私有const int PAGE_EXECUTE_READWRITE = 0x4;
私有常量int MEM_COMMIT = 4096;
私有const int MEM_RELEASE = 0x8000;
私有const int MEM_DECOMMIT = 0x4000;
私有const int PROCESS_ALL_ACCESS = 0x1F0FFF;
//查找常规
[DllImp ort(“ User32.dll”,EntryPoint =“ FindWindow”)]
公共外部静态IntPtr FindWindow(
string lpClassName,
string lpWindowName
);
//获得目标程序句柄的函数
[DllImp ort(“ USER32.DLL”)]
public extern static int GetWindowThreadProcessId(
int hwnd,
ref int lpdwProcessId
);
[DllImp ort(“ USER32.DLL”)]
公共外部静态int GetWindowThreadProcessId(
IntPtr hwnd,
ref int lpdwProcessId
);
//打开进程
[DllImp ort(“ kernel32.dll”)]
公共外部静态int OpenProcess(
int dwDesiredAccess,
int bInheritHandle,
int dwProcessId
);
[DllImp ort(“ kernel32.dll”)]
公共外部静态IntPtr OpenProcess(
uint dwDesiredAccess,
int bInheritHandle,
uint dwProcessId
);
//关闭句柄的函数
[DllImp ort(“ kernel32.dll”,EntryPoint =“ CloseHandle”)]
public static extern int CloseHandle(
int hObject
);
//读内存
[DllImp ort(“ Kernel32.dll”)]
公共静态外部Int32 ReadProcessMemory(
IntPtr hProcess,
IntPtr lpBaseAddress,
[In,Out] byte [] buffer,
int size,
out IntPtr lpNumberOfBytesWritten
); 复制代码
[DllImp ort(“ Kernel32.dll”)]
公共静态外部Int32 ReadProcessMemory(
int hProcess,
int lpBaseAddress,
ref int缓冲区,
// byte []缓冲区,
int大小,
int lpNumberOfBytesWritten
);
[DllImp ort(“ Kernel32.dll”)]
公共静态外部Int32 ReadProcessMemory(
int hProcess,
int lpBaseAddress,
byte []缓冲区,
int size,
int lpNumberOfBytesWritten
);
//写内存
[DllImp ort(“ kernel32.dll”)]
公共静态外部Int32 WriteProcessMemory(
IntPtr hProcess,
IntPtr lpBaseAddress,
[In,Out] byte []缓冲区,
int大小,
out IntPtr lpNumberOfBytesWritten
);
[DllImp ort(“ kernel32.dll”)]
公共静态外部Int32 WriteProcessMemory(
int hProcess,
int lpBaseAddress,
byte [] buffer,
int size,
int lpNumberOfBytesWritten
);
//创建线程
[DllImp ort(“ kernel32”,EntryPoint =“ CreateRemoteThread”)]
公共静态外部int CreateRemoteThread(
int hProcess,
int lpThreadAttributes,
int dwStackSize,
int lpStartAddress,
int lpParameter,
int dwCreationFlags,
ref int lpThreadId
);
//开辟指定进程的内存空间
[DllImp ort(“ Kernel32.dll”)]
公共静态外部System.Int32 VirtualAllocEx(
System.IntPtr hProcess,
System.Int32 lpAddress,
System.Int32 dwSize,
System.Int16 flAllocationType,
System.Int16 flProtect
);
[DllImp ort(“ Kernel32.dll”)]
公共静态外部System.Int32 VirtualAllocEx(
int hProcess,
int lpAddress,
int dwSize,
int flAllocationType,
int flProtect
);
//释放内存空间
[DllImp ort(“ Kernel32.dll”)]
公共静态外部System.Int32 VirtualFreeEx(
int hProcess,
int lpAddress,
int dwSize,
int flAllocationType
);
}
}广州代孕[电13802269370] 北京代孕咨询电13802269370 代孕[微13802269370]+
来源:https://www.cnblogs.com/bbc2020/p/12503379.html