getprochandle.asm

蜘蛛纸牌作弊器,采用汇编编写,能够在运行蜘蛛纸牌的时候将所有牌透视.

;
;假设一般用户不会去改变SPIDER.EXE在SYSTEM32文件夹中的位置
;
;@echo off
;goto make


.486
.model flat, stdcall
option casemap :none   ; case sensitive

include WINDOWS.INC
include kernel32.inc
includelib kernel32.lib
include user32.inc
includelib user32.lib
include gdi32.inc
includelib gdi32.lib
includelib MSVCRT.LIB
include SpiderPoker.inc

_assert PROTO C :DWORD,:DWORD,:DWORD

szText MACRO Name, Text:VARARG
        LOCAL lbl
          jmp lbl
            Name db Text,0
          lbl:
        ENDM


.data
stProcessEntry                  PROCESSENTRY32                 {sizeof PROCESSENTRY32}
hProcSnapshort                  DD                             INVALID_HANDLE_VALUE

.code 
GetProcID  PROC
		pushad
		szText szModule,"spider.exe"
		invoke CreateToolhelp32Snapshot,TH32CS_SNAPPROCESS,0
		
		.IF   eax == INVALID_HANDLE_VALUE
					invoke _assert,0,0,0
		.ENDIF
		mov   hProcSnapshort,eax
		
		invoke 	Process32First,hProcSnapshort,offset stProcessEntry
		or    eax,eax
		jne   search
		invoke _assert,0,0,0

notfind:
		xor    eax,eax
		jmp    @F
againproc:
		invoke Process32Next,hProcSnapshort,offset stProcessEntry
		or     eax,eax
		je     notfind
search:
		invoke lstrcmpi,offset stProcessEntry.szExeFile,offset szModule
		or     eax,eax
		jne    againproc
		invoke CreateToolhelp32Snapshot,TH32CS_SNAPMODULE,stProcessEntry.th32ProcessID   
	  invoke OpenProcess,PROCESS_ALL_ACCESS,0,stProcessEntry.th32ProcessID   ;equal,so find
	  or     eax,eax
	  jne    @F
	  popad
		invoke _assert,0,0,0
@@:
		mov _hProcHandle,eax
		mov _lpModuleBase,01000000H
		popad
		ret    
GetProcID         endp
END



;:make

;set include=E:\masm32\masm32\Include;%include%
;set lib=E:\masm32\masm32\lib;%lib%
;set Path=E:\masm\masm32\bin;%Path%
;set exe=SpiderPoker2
;set mbin=E:\masm32\masm32\bin

;%mbin%\ML /c /coff %exe%.bat
;%mbin%\LINK /out:.\%exe%.exe /subsystem:windows  %exe%.obj

;del %exe%.obj

;echo.
;pause