|
|
分享源码
| 界面截图: |
- |
| 是否带模块: |
- |
| 备注说明: |
- |
using System;
using System.Diagnostics;
using System.Linq;
using System.Runtime.InteropServices;
using Microsoft.Win32;
class Program
{
static readonly int[] Offsets = new[] { 0x22300E0, 0x223D90C, 0x223D9E8, 0x2253E4C, 0x22585D4, 0x2255AA4 };
const string RegistryPath = @"SOFTWARE\Tencent\WeChat";
const string RegistryValueName = "Version";
const uint RegistryNewValue = 0x63090C33;
[DllImport("kernel32.dll", SetLastError = true)]
public static extern IntPtr OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool CloseHandle(IntPtr hObject);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, uint nSize, out int lpNumberOfBytesRead);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, uint nSize, out int lpNumberOfBytesWritten);
static void Main(string[] args)
{
try
{
Console.WriteLine("开始处理...");
// 总步骤数:内存地址数 + 注册表操作
int totalSteps = Offsets.Length + 1;
int currentStep = 0;
// 修改内存部分
ModifyWeChatMemory(
(offset, success, errorMsg) => {
if (!success) LogError($"内存地址 0x{offset:X8} 修改失败: {errorMsg}");
UpdateProgress(++currentStep, totalSteps);
});
// 修改注册表部分
ModifyWeChatRegistry(
(success, errorMsg) => {
if (!success) LogError($"注册表修改失败: {errorMsg}");
UpdateProgress(++currentStep, totalSteps);
});
Console.WriteLine("\n操作完成!");
}
catch (Exception ex)
{
LogError($"严重错误: {ex.Message}");
}
Console.WriteLine("\n按回车键退出...");
Console.ReadLine(); // 等待用户按回车
}
static void ModifyWeChatMemory(Action<int, bool, string> onStepComplete)
{
try
{
Process[] wechatProcesses = Process.GetProcessesByName("WeChat");
if (wechatProcesses.Length == 0)
{
foreach (var offset in Offsets)
onStepComplete(offset, false, "未找到VX进程");
return;
}
byte[] newValueBytes = BitConverter.GetBytes(RegistryNewValue);
foreach (var wechatProcess in wechatProcesses)
{
IntPtr processHandle = OpenProcess(0x001F0FFF, false, wechatProcess.Id);
if (processHandle == IntPtr.Zero)
{
foreach (var offset in Offsets)
onStepComplete(offset, false, "无法打开VX进程");
continue;
}
try
{
ProcessModule wechatModule = GetWeChatModule(wechatProcess);
if (wechatModule == null)
{
foreach (var offset in Offsets)
onStepComplete(offset, false, "未找到WeChatWin.dll模块");
continue;
}
foreach (int offset in Offsets)
{
IntPtr targetAddress = (IntPtr)(wechatModule.BaseAddress.ToInt64() + offset);
bool success = WriteMemory(processHandle, targetAddress, newValueBytes);
string errorMsg = success ? "" : GetLastErrorMessage();
onStepComplete(offset, success, errorMsg);
}
}
finally
{
CloseHandle(processHandle);
}
}
}
catch (Exception ex)
{
foreach (var offset in Offsets)
onStepComplete(offset, false, ex.Message);
}
}
static void ModifyWeChatRegistry(Action<bool, string> onComplete)
{
try
{
using (RegistryKey key = Registry.CurrentUser.OpenSubKey(RegistryPath, true))
{
if (key == null)
{
onComplete(false, $"未找到注册表项: {RegistryPath}");
return;
}
key.SetValue(RegistryValueName, RegistryNewValue, RegistryValueKind.DWord);
onComplete(true, "");
}
}
catch (Exception ex)
{
onComplete(false, ex.Message);
}
}
static ProcessModule GetWeChatModule(Process wechatProcess)
{
try
{
return wechatProcess.Modules.Cast<ProcessModule>().FirstOrDefault(module => module.ModuleName == "WeChatWin.dll");
}
catch (Exception ex)
{
Console.WriteLine($"获取模块错误: {ex.Message}");
return null;
}
}
static bool ReadMemory(IntPtr processHandle, IntPtr address, byte[] buffer)
{
int bytesRead;
return ReadProcessMemory(processHandle, address, buffer, (uint)buffer.Length, out bytesRead);
}
static bool WriteMemory(IntPtr processHandle, IntPtr address, byte[] buffer)
{
int bytesWritten;
return WriteProcessMemory(processHandle, address, buffer, (uint)buffer.Length, out bytesWritten);
}
static string GetLastErrorMessage()
{
int errorCode = Marshal.GetLastWin32Error();
return $"错误代码: {errorCode}";
}
static void LogError(string message)
{
ConsoleColor originalColor = Console.ForegroundColor;
Console.ForegroundColor = ConsoleColor.Red;
// 清除当前行(进度条)
Console.SetCursorPosition(0, Console.CursorTop);
Console.Write(new string(' ', Console.WindowWidth));
Console.SetCursorPosition(0, Console.CursorTop);
Console.WriteLine($"[错误] {message}");
Console.ForegroundColor = originalColor;
}
static void UpdateProgress(int current, int total)
{
const int progressBarWidth = 50;
float percent = (float)current / total;
int completedWidth = (int)(percent * progressBarWidth);
ConsoleColor originalColor = Console.ForegroundColor;
Console.ForegroundColor = ConsoleColor.Gray;
Console.SetCursorPosition(0, Console.CursorTop);
Console.Write("[");
Console.ForegroundColor = ConsoleColor.Green;
Console.Write(new string('=', completedWidth));
Console.ForegroundColor = ConsoleColor.Gray;
Console.Write(new string(' ', progressBarWidth - completedWidth));
Console.Write($"] {current}/{total}");
Console.ForegroundColor = originalColor;
}
}
|
评分
-
查看全部评分
|
粤公网安备 44522102000125 增值电信业务经营许可证 粤B2-20192173
发表于 2025-7-29 23:28:21
主题置顶卡
沉默卡
变色卡
扫一扫,关注易界动态