ceclient.pas

这是一段游戏修改工具的源代码.ring3功能由dephi开发,驱动是C开发.希望对大家有帮助

    reg:TRegistry;
    passwordbuffer: array of byte;
begin
  //add the ip to the reg (if it isn't in already)
  found:=false;
  f:=editaddress.text;

  if length(editpassword.text)=0 then raise exception.create('Please give a valid password');

  if (f=a) or (f=b) or (f=c) or (f=d) or (f=e) then found:=true;

  if not found then
  begin
    //add to top and move the rest one down
    g:=a;
    h:=b;
    i:=c;
    j:=d;

    a:=f;
    b:=g;
    c:=h;
    d:=i;
    e:=j;
  end
  else
  begin
    //switch
    if b=f then
    begin
      g:=a;
      a:=b;
      b:=g;
    end;

    if c=f then
    begin
      g:=a;
      h:=b;
      a:=f;
      b:=g;
      c:=h;
    end;

    if d=f then
    begin
      g:=a;
      h:=b;
      i:=c;
      a:=f;
      b:=g;
      c:=h;
      d:=i;
    end;

    if e=f then
    begin
      g:=a;
      h:=b;
      i:=c;
      j:=d;
      a:=f;
      b:=g;
      c:=h;
      d:=i;
      e:=j;
    end;

  end;

  try
    reg:=Tregistry.Create;

    Reg.RootKey := HKEY_CURRENT_USER;
    if Reg.OpenKey('\Software\Cheat Engine\Network',false) then
    begin
      reg.writeString('Connection1',a);
      reg.WriteString('Connection2',b);
      reg.WriteString('Connection3',c);
      reg.WriteString('Connection4',d);
      reg.WriteString('Connection5',e);
    end;

    reg.CloseKey;
    reg.free;

  except
    ;
  end;

  editaddress.Clear;
  if a='' then editaddress.Text:='127.0.0.1'
  else
  begin
    editaddress.Items.Add(a);
    editaddress.Text:=a;
    if b<>'' then editaddress.Items.Add(b);
    if c<>'' then editaddress.Items.Add(c);
    if d<>'' then editaddress.Items.Add(d);
    if e<>'' then editaddress.Items.Add(e);
  end;


  idTCPClient1.Host:=EditAddress.Text;
  idTCPClient1.Port:=StrToInt(editPort.text);

  try
    idTCPClient1.Connect;
    if idtcpclient1.Connected then
    begin
      setlength(passwordbuffer,length(editpassword.text)+2);
      passwordbuffer[0]:=30;
      passwordbuffer[1]:=length(editpassword.Text);
      copymemory(@passwordbuffer[2],@editpassword.text[1],passwordbuffer[1]);

      idTCPClient1.WriteBuffer(passwordbuffer[0],length(passwordbuffer));

      //create a thread that will handle the incomming messages
      timeouttimer.enabled:=true;

      mainform:=tmainform.Create(self);
      mainform.StatusBar1.Panels[0].Text:='Connected to '+idtcpclient1.Host;

      hct:=THandlecommandThread.Create(false);
      Mainform.show;
      connectform.visible:=false;
    end;
  except

  end;
end;


procedure TConnectForm.FormCreate(Sender: TObject);
var reg: TRegistry;
begin
  a:='';
  b:='';
  c:='';
  d:='';
  e:='';

  try
    reg:=Tregistry.Create;

    Reg.RootKey := HKEY_CURRENT_USER;
    if Reg.OpenKey('\Software\Cheat Engine\Network',false) then
    begin
      EditAddress.Items.Clear;
      try
        a:=reg.ReadString('Connection1');
        b:=reg.ReadString('Connection2');
        c:=reg.ReadString('Connection3');
        d:=reg.ReadString('Connection4');
        e:=reg.ReadString('Connection5');
      except
        ;
      end;

      if a='' then editaddress.Text:='127.0.0.1'
      else
      begin
        editaddress.Items.Add(a);
        editAddress.text:=a;
        if b<>'' then editaddress.Items.Add(b);
        if c<>'' then editaddress.Items.Add(c);
        if d<>'' then editaddress.Items.Add(d);
        if e<>'' then editaddress.Items.Add(e);
      end;

    end;

    reg.CloseKey;
    reg.free;

  except
    ;
  end;


  readevents:=0;

  readprocessmemoryevent:=tevent.Create(nil,false,false,'');
  readprocessmemoryeventDone:=tevent.Create(nil,false,false,'');
  Writeprocessmemoryevent:=tevent.Create(nil,false,false,'');
  WriteprocessmemoryeventDone:=tevent.Create(nil,false,false,'');
  Debuggerstatusevent:=tevent.Create(nil,false,false,'');
  DebuggerstatuseventDone:=tevent.Create(nil,false,false,'');
  VirtualProtectExEvent:=TEvent.create(nil,false,false,'');
  VirtualProtectExEventDone:=TEvent.create(nil,false,false,'');
end;

procedure SendBuf(count: integer);
begin
  if count=0 then raise exception.Create('SendBuf was called with a size of 0');

  connectform.IdTCPClient1.writebuffer(output[0],count);
end;

function VirtualProtectExNet(hProcess: THandle; lpAddress: Pointer; dwSize, flNewProtect: DWORD; var OldProtect: DWORD): BOOL;
var address: dword;
    output:array [0..11] of byte;

    status:byte;
begin
  address:=dword(lpAddress);

  result:=true;
  if dwsize=0 then exit;

  output[0]:=CS_VirtualProtectEx;
  pdword(@output[1])^:=address;
  pdword(@output[5])^:=dwsize;
  pdword(@output[9])^:=flNewProtect;
  connectform.IdTCPClient1.writebuffer(output[0],13);

  VirtualProtectExEvent.WaitFor(infinite);
  VirtualProtectExEvent.ResetEvent;

  //a result has been received
  connectform.receivebuf(status,1);
  connectform.ReceiveBuf(oldprotect,4);


  VirtualProtectExeventdone.SetEvent;

  result:=status=1; //last time counts
end;


function WriteProcessMemoryNet(hProcess: THandle; const lpBaseAddress: Pointer; lpBuffer: Pointer;
  nSize: DWORD; var lpNumberOfBytesWritten: DWORD): BOOL;
var position: ^byte;
    address: dword;
    lefttowrite: Dword;

    success: byte;
    byteswritten: word;

    totalwritten: dword;
    output:array [0..800] of byte;
begin
  try
  lpNumberOfBytesWritten:=0;

  position:=lpBuffer;
  address:=dword(lpBaseAddress);

  result:=true;

  if nsize=0 then exit;

  lefttowrite:=nSize;


  while (result) and (lefttowrite>0) do
  begin
    output[0]:=CS_WRITEPROCESSMEMORY;
    pdword(@output[1])^:=address;

    if lefttowrite<2000 then pword(@output[5])^:=lefttowrite else pword(@output[5])^:=2000;

    CopyMemory(@output[7],position,pword(@output[5])^);

    connectform.IdTCPClient1.writebuffer(output[0],7+pword(@output[5])^);

    Writeprocessmemoryevent.WaitFor(infinite);
    Writeprocessmemoryevent.ResetEvent;



    //a result has been received
    connectform.receivebuf(success,1);
    connectform.ReceiveBuf(byteswritten,2);

    writeprocessmemoryeventdone.SetEvent;

    result:=success=1; //last time counts

    inc(position,byteswritten);
    inc(address,byteswritten);
    inc(lpNumberOfBytesWritten,byteswritten);
    dec(lefttowrite,byteswritten);

  end;

  except
    result:=false;
  end;

end;


function ReadProcessMemoryNet(hProcess: THandle; const lpBaseAddress: Pointer; lpBuffer: Pointer;
  nSize: DWORD; var lpNumberOfBytesRead: DWORD): BOOL;
var position: ^byte;
    address: dword;
    lefttoread: Dword;

    success: byte;
    bytesread: word;

    totalread: dword;
    output: array [0..10] of byte;
begin
  try
  lpNumberOfBytesRead:=0;

  position:=lpBuffer;
  address:=dword(lpBaseAddress);

  result:=true;

  if nsize=0 then exit;

  lefttoread:=nSize;


  while (result) and (lefttoread>0) do
  begin
    output[0]:=9;  //1 byte
    pdword(@output[1])^:=address; //4 bytes

    if lefttoread<2000 then pword(@output[5])^:=lefttoread else pword(@output[5])^:=2000; //2 bytes

    connectform.IdTCPClient1.writebuffer(output[0],7);

    if readprocessmemoryevent.WaitFor(30000)=wrTimeOut then
    begin
      result:=false;
      readprocessmemoryevent.ResetEvent;
      exit;
    end;

    readprocessmemoryevent.ResetEvent;


    //a result has been received
    connectform.receivebuf(success,1);
    connectform.ReceiveBuf(bytesread,2);

    result:=success=1; //last time counts

    connectform.ReceiveBuf(position^,bytesread);

    inc(position,bytesread);
    inc(address,bytesread);
    inc(lpNumberOfBytesRead,bytesread);
    dec(lefttoread,bytesread);

    readprocessmemoryeventdone.SetEvent;
  end;

  except
    result:=false;
  end;
end;

procedure TConnectForm.waitforCommand(command:byte);
var rc: byte;
    FDSet: TFDSet;
    TimeVal: TTimeVal;
    i: integer;
begin
  rc:=command+1; //only if the processor is malfunctioning this returns the same
  while rc<>command do
  begin
    idtcpclient1.ReadBuffer(rc,1);
    if rc<>command then handleCommand(rc);
  end;
end;

procedure TConnectForm.ReceiveBuf(var Buf; Count: Integer);
begin
  idtcpclient1.ReadBuffer(buf,count);
end;

procedure TConnectForm.handleCommand(command: byte);
var
    b: byte;
    d: dword;
    i64: int64;

    st: string;
    st2: pchar;

    data: ^tdata;
    data2: pointer;
    send: array[0..10] of byte;
    tempbuf: array of byte;
begin
  case command of
    SC_TELLUPDATESPEED,
    SC_TELLFREEZESPEED,
    SC_StopProcessList,
    SC_OpenProcessSuccess,
    SC_OpenProcessFailed,
    SC_RecordReceived,
    SC_ValueListDone,
    SC_DebugRegsPresent,
    //SC_ScanFailed,
    SC_Disconnect: postmessage(connectform.Handle,wm_user+1,command,0);


    SC_ProcessListItem:
    begin //process list
      receivebuf(d,4);
      receivebuf(b,1);
      receivebuf(output,b);
      output[b]:=0;

      st:=inttohex(d,8)+'-'+pchar(@output[0]);
      getmem(st2,length(st)+1);
      copymemory(st2,@st[1],length(st));
      st2[length(st)]:=#0;
      postmessage(connectform.Handle,wm_user+1,command,dword(st2));
    end;

    SC_ValueUpdated:
    begin
      //record update
      //valuelist(Entry:word; memorysize:word; readmemory: array of bytes)

      receivebuf(output[0],2);
      receivebuf(output[2],2);

      getmem(data2,4+pword(@output[2])^);
      CopyMemory(data2,@output[0],4);

      setlength(tempbuf,pword(@output[2])^);
      Receivebuf(tempbuf[0],pword(@output[2])^);
      copymemory(pointer(dword(data2)+4),tempbuf,pword(@output[2])^);
      setlength(tempbuf,0);

      postmessage(connectform.Handle,wm_user+1,command,dword(data2));
    end;

    SC_ScanResultCount:
    begin
      //done scanning
      receivebuf(i64,8);
      st:=inttostr(i64);
      getmem(st2,length(st)+1);
      copymemory(st2,@st[1],length(st));
      st2[length(st)]:=#0;
      postmessage(connectform.Handle,wm_user+1,command,dword(st2));
    end;

    SC_ScanResult:
    begin
      //address:dword; valuesize:byte; value:array of bytes
      receivebuf(output[0],4);
      receivebuf(output[4],1);
      receivebuf(output[5],output[4]);
      getmem(data2,5+output[4]);
      copymemory(data2,@output[0],5+output[4]);
      postmessage(connectform.Handle,wm_user+1,command,dword(data2));
    end;

    SC_AddressUnfrozen:
    begin
      receivebuf(output[0],2);

      getmem(data,sizeof(tdata));
      data.dw1:=pword(@output[0])^;
      postmessage(connectform.Handle,wm_user+1,command,dword(data));


    end;

    SC_UpdateProgressbar:
    begin
      receivebuf(output[0],8);
      getmem(data,sizeof(tdata));
      data.dw1:=pdword(@output[0])^;
      data.dw2:=pdword(@output[4])^;
      postmessage(connectform.Handle,wm_user+1,command,dword(data));

    end;


    SC_Hyperscanstatus,SC_Speedhackstatus:
    begin
      receivebuf(output[0],1);
      getmem(data,sizeof(tdata));
      data.dw1:=output[0];
      postmessage(connectform.Handle,wm_user+1,command,dword(data));
    end;

    SC_Foundcode:
    begin
      getmem(data2,40);
      receivebuf(data2^,40);
      postmessage(connectform.Handle,wm_user+1,command,dword(data2));
    end;



   253:
   begin
     outputdebugstring('Handled the data command');
   end;

   255:begin //Are you alive? ()
         send[0]:=255;
         connectform.IdTCPClient1.writebuffer(send[0],1);
         //YES....I....AM!!!!!!
         ImAlive:=true;
       end;
  end;
end;


procedure TConnectForm.TimeOutTimerTimer(Sender: TObject);
begin
{  if not imalive then
  begin
    showmessage('Connection Lost...');
    clientsocket1.Close;
  end;
  imalive:=false;}
end;

procedure TConnectForm.FormShow(Sender: TObject);
begin
  with formsettings do
  begin
    rdWriteExceptions.Checked:=true;
    rbDebugRegisters.Enabled:=false;
    label6.Enabled:=false;
    label7.Enabled:=false;
  end;
end;



procedure TConnectForm.Timer1Timer(Sender: TObject);
var c: byte;
begin

end;

procedure TConnectForm.FormClose(Sender: TObject;
  var Action: TCloseAction);
begin
  if hct<>nil then hct.Terminate;
  idtcpclient1.Disconnect;
end;

end.