'author:xuecrack
'API 自己声明
'用户名保存在 UsrNum 变量,密码放在 UsrKey 变量
Dim hWn As Long '存放窗体句柄
Dim pid As Long '存放进程ID
Dim hProcess As Long '存放进程句柄
Dim Rdata As Long '存放读取数据
Dim RdAddr As Long '存放读取地址
Dim UsrNum As String, UsrKey As String: UsrNum = "": UsrKey = ""
Dim i As Integer 'i作循环用
hWn = FindWindow("#32770", "闪讯") '获取闪讯窗口句柄,可用spy之类的获取到闪讯的窗口类名
If hWn = 0 Then
hWn = FindWindow("#32770", "闪讯宽带")
If hWn = 0 Then
MsgBox "闪讯未运行!!!!!", vbOKOnly + vbInformation, "提示"
Exit Sub
End If
End If
GetWindowThreadProcessId hWn, pid '获取进程标识符
hProcess = OpenProcess(1040, 0, pid) '将进程标识符做为参数,返回目标进程PID的句柄,得到此句柄后即可对目标进行读写操,PROCESS_ALL_ACCESS表示完全控制,权限最大
If hProcess = 0 Then
MsgBox "不能打开闪讯进程!!!!!", vbOKOnly + vbInformation, "打开进程错误"
Exit Sub
End If
'在内存地址130000h~140000h内搜索账号特征"@DZK",此乃经验所得
RdAddr = &H130000
Do
ReadProcessMemory hProcess, RdAddr, Rdata, 4, 0&
RdAddr = RdAddr + 1
Loop While RdAddr < &H140001 And Rdata <> &H4B5A4440
'若超过地址140000h则读取信息失败
If RdAddr > &H140000 Then
MsgBox "读取失败!若有其他程序的标题是“闪讯”的请先关闭后再次运行本软件!", _
vbOKOnly + vbInformation, "提示"
CloseHandle hProcess
Exit Sub
End If
'处理读取到特征的地址与账号开始地址
RdAddr = RdAddr - 13
Rdata = 0
For i = 0 To 11
ReadProcessMemory hProcess, RdAddr + i, Rdata, 1, 0&
UsrNum = UsrNum & Chr(Rdata)
Next
UsrNum = UsrNum & "@DZKD.XY"
RdAddr = RdAddr + 32
Do
ReadProcessMemory hProcess, RdAddr, Rdata, 1, 0&
If Rdata = 0 Then Exit Do
UsrKey = UsrKey & Chr(Rdata)
RdAddr = RdAddr + 1
Loop
CloseHandle hProcess