超级模仿秀~~
我刚学会开机那会,就爱玩"扫雷"游戏,可是总是破不了寝室里一位舍友的记录.于是,(不知道从哪听说来的)就偷偷打开注册表:HKEY_CURRENT_USER\Software\Microsoft\Winmine ,将里面的Name1,Name2,Name3都改成了自己的大名,同时,把Time1,Time2,Time3的值都改成了1秒!呵呵~~后来被大家发现了,竟成了笑柄~~
现在学了Win32汇编才知道,可以给"扫雷"游戏打一个内存补丁的,呵呵~~总算比直接修改注册表高明点儿了~~
这个程序是模仿罗云彬的例子程序的,所以说"超级模仿秀"~~增加一点儿学习的乐趣罢了~~高手见笑了.
;超级模仿秀:模仿罗云彬的例子程序
;扫雷游戏内存补丁:把计时器改为每10秒增1
;当然,如果你愿意,还可以修改为更大值.
;
;所使用的编译器:MASMPlus
;=========================================
.386
.model flat,stdcall
option casemap:none
include windows.inc
include user32.inc
includelib user32.lib
include kernel32.inc
includelib kernel32.lib
PATCH_POSITION equ 0100383eh
.data?
dbOldBytes db 2 dup (?)
stStartUp STARTUPINFO <?>
stProcInfo PROCESS_INFORMATION <?>
.const
dbPatch db 0e8h,03h
dbPatched db 10h,27h
szExecFilename db 'winmine.exe',0
szErrExec db '无法装载执行文件!',0
szErrVersion db '执行文件的版本不正确,无法修正!',0
.code
start:
invoke GetStartupInfo,addr stStartUp
invoke CreateProcess,offset szExecFilename,NULL,NULL,NULL,NULL,NORMAL_PRIORITY_CLASS or CREATE_SUSPENDED,0,0,offset stStartUp,offset stProcInfo
.if eax
invoke ReadProcessMemory,stProcInfo.hProcess,PATCH_POSITION,addr dbOldBytes,2,NULL
.if eax
mov ax,WORD ptr dbOldBytes
.if ax == WORD ptr dbPatch
invoke WriteProcessMemory,stProcInfo.hProcess,PATCH_POSITION,addr dbPatched,2,NULL
invoke ResumeThread,stProcInfo.hThread
.else
invoke TerminateProcess,stProcInfo.hProcess,-1
invoke MessageBox,NULL,addr szErrVersion,NULL,MB_OK or MB_ICONSTOP
.endif
.endif
invoke CloseHandle,stProcInfo.hProcess
invoke CloseHandle,stProcInfo.hThread
.else
invoke MessageBox,NULL,addr szErrExec,NULL,MB_OK or MB_ICONSTOP
.endif
invoke ExitProcess,NULL
end start
;==================================================
winminePatch.rar
(65.36 KB)
学习学习
