完整的DELPHI内存修改验证码函数

来源: 作者: 点击:
入口参数为一个16位的字符串,MU主程序文件名,返回修改成功或失败[True,False]
PS:
var ModiOK:Bool;
begin
ModiOK:=HellFishMEMWrite('1234567890123456','main.exe');
end;

////////////////////mem write
function HellFishMEMWrite(VerCode:String;MuMain:String):bool;
var
s:string;
byte1: array[0..15] of byte;
Found:boolean;
ii,byte2:integer;
HProcess,HSnapshot:THandle;
lpNumberOfBytesWritten: DWORD;
appe:TProcessEntry32;
begin
for ii:=0 to 15 do
begin
byte1[ii]:=Ord(vercode[ii+1]);
end;
byte2:=$00554668;
HSnapshot:=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
appe.dwSize:= SizeOf(appe);
found:= Process32First(HSnapshot, appe);
while integer(Found)<>0 do
begin
try
s:=ExtractFileName(appe.szExeFile);
if AnsiUpperCase(s)=AnsiUpperCase(mumain) then
begin
HProcess:=OpenProcess(PROCESS_ALL_ACCESS,true,appe.th32ProcessID);
WriteProcessMemory(HProcess,ptr(byte2),@byte1,16,lpNumberOfBytesWritten);
result:=True;
exit;
end;
except
end;
Found:=Process32Next(HSnapshot,appe);
end;
CloseHandle(HSnapshot);
end;
////////////////////mem write
栏目列表