新手求教delphi外挂调用dll的问题
求教: dll远程注入到宿主程序,通过热键呼出内置窗体调用dll的函数一切正常,但如果通过外部应用程序调用嵌入汇编的函数就有问题了,主要是访问地址违规,请好心人指点.一、以下是CALL单元的函数
1.如果是这样就没问题
Function addHp():boolean;stdcall;//
var
begin
showMessage('开始外部调用dll');
asm
mov edx,$00d947e4
mov eax,$00d91f74
end;
showMessage('调用结束');
end;
2.如果是这样就有问题了
Function addHp():boolean;stdcall;//
var
begin
showMessage('开始外部调用dll');
asm
mov edx,[$00d947e4]
mov eax,[$00d91f74]
end;
showMessage('调用结束');
end;
3.这样也有问题
Function addHp():boolean;stdcall;//
var
begin
showMessage('开始外部调用dll');
asm
mov edx,$00d947e4
mov eax,$00d91f74
mov ecx,$00453014
call ecx end;
showMessage('调用结束');
end;
总结了下,就是使用寄存器没问题,但访问内存地址就不行,使用CALL指令也不行,求老师指点了!
二、以下是DLL代码
library Gamedll;
{ 省略 }
uses
SysUtils,
Windows,
Classes,
Messages,
dllForm in 'dllForm.pas' {Form1},
CALL in 'CALL.pas';
{$R *.res}
var
keyhhk:HHOOK;
phWnd:HWND;
Function keyproc(icode,wp,lp:integer):DWORD;stdcall; //键盘钩子HOOK回调函数
begin
if (icode=HC_ACTION) then
begin
if (wp=VK_Insert) and ((1 shl 31) and lp=0) then
begin
if Form1=nil then
Form1:=TForm1.Create(nil);
end;
end;
keyProc:=CallNextHookEx(keyhhk,icode,wp,lp);
end;
Function installKeyProc(Gameh:hWnd):boolean;stdcall; //安装函数 installkeyProc
var
GameTid:Thandle;
begin
Result:=false;
phWnd:=Gameh;
if Gameh=0 then
begin
messageBox(0,'未找到目标','Eorro',0);
exit;
end;
GameTid:=GetWindowThreadProcessId(Gameh);
keyhhk:=SetWindowsHookEx(WH_KEYBOARD,@Keyproc,GetModuleHandle('Gamedll.dll'),GameTid);
if keyhhk>0 then
begin
//messageBox(0,'安装钩子成功,可以正常使用!','调用提示',0);
Result:=true;
end;
end;
Procedure DllEnterProc(reason:integer); //卸载函数窗体
begin
case reason of
windows.DLL_PROCESS_ATTACH : begin end;
windows.DLL_PROCESS_DETACH :begin Form1.Free ;Form1:=nil; end;
end;
end;
exports
addHp,
installKeyProc;
begin
dllProc:=@DllEnterProc;
end.
三、以下是调用单元代码
unit exeForm;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, ExtCtrls;
type
TForm1 = class(TForm)
Edit1: TEdit;
Button1: TButton;
Edit2: TEdit;
Button2: TButton;
Timer1: TTimer;
Button3: TButton;
procedure Button1Click(Sender: TObject);
procedure Button2Click(Sender: TObject);
procedure Timer1Timer(Sender: TObject);
procedure Button3Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
Gameh: hWnd=0;
addHpA:Function():boolean;stdcall;
installkeyProc:Function(Gameh:hWnd):boolean;stdcall; //
implementation
{$R *.dfm}
procedure TForm1.Button3Click(Sender: TObject);
var
hModule:Thandle;
GamePid:Thandle; //进程ID
begin
try
hModule:=LoadLibrary('Gamedll.dll');
addHpA:=GetProcAddress(hModule,'addHp');
addHpA();
except
MessageBox(0,'读取数据错误','出错警告',0);
exit;
end;
end;
end.
注入的代码我就不发了,注入是没问题的,因为通过HOME热键呼出窗体调用函数是没有问题的,经过多次验证。
现在的问题是,凡是访问地址就出现问题,凡是使用汇编CALL指令就出问题,是我的调用代码有问题?还是函数写的有问题?敬请教导!先谢了。
