(5). Add the ActiveKey.h header in the ActiveKey project to the Simulate project and add #include in stdafx.h.
ActiveKey.h.
(6). In the button Click the event function to enter the following code:
Void csimulatedlg :: onbutton1 () {// Todo: add your control notification handler code hereif (! bsetup) {m_hook.start (); // Activate global hooks. } else {m_hook.stop (); // Undo the global hook. } bsetup =! bsetup;
}
(7). Compile the project, and run the program, click the button to activate the plug-in.
(8). Start the brush program, select the text tool and set the color of the pen to red, put the mouse after any position, press the F10 key, the brush program is automatically transferred
Mouse and write a red uppercase R. Figure 1 shows the status of the brush program before the F10 key, and Figure 2 shows the status of the brush program after pressing the F10 key.
Figure 1: Press the F10 state (001.jpg)
Figure 2: Press F10 Post Status (002.jpg)
V. Packet technology
Through the introduction of action simulation technology, we have a certain degree of understanding of the game, and also learned to use action simulation technology to achieve simple.
Action analog game plug-in production. This action simulation game has a certain limitations, it can only solve the use of computers to completing the human being
What is regular, cumbersome and boring game action. However, with the prevalence and complexity of online games, many games require information and
When the feedback back the server, after paying these action information, then send the next game action information to the client, so that the action is simulated.
Technology will lose its original effect. In order to better "plug" these games, the game plug-in procedures have also been upgraded, they will previously target the game users.
The simulation of the interface layer advances to the data communication layer, and the packet control packet is controlled by the package technology to control the data package and repair
Change the packet; at the same time, you need to create a packet according to the game data package structure, and then simulate the client to send to the game server. This process is actually a package.
the process of.
The technique of packet is the core technique for implementing the second type of game plug-in. The knowledge involved in the package technology is very extensive, and there are many realization methods, such as blocking
Winsock, blocking API functions, block messages, VXD drivers, etc. Here we are not a detailed introduction to all packet technologies in this article.
Therefore, two methods most commonly used in the game plug-in program: blocking the Winsock and the Block API function.
1. Shirts Winsock
As we all know, Winsock is a Windows network programming interface, which works in a Windows application layer, providing high-level data transmission that is independent of the underlying transport protocol
Transputation interface. In the Windows system, use the Winsock interface to provide an application-based network access service based on TCP / IP protocol, which is
The WSOCK32.DLL Dynamic Link Library is done.
From the above, any Windows TCP / IP-based application must access the network through the Winsock interface, and of course the online game program is an example.
outer. From this we can imagine, if we can control the Winsock interface, control the packet between the game client program and the server is also
Will be easy. According to this idea, the following work is how to complete the control Winsock interface. It is known from the above introduction that the Winsock interface is actually
A range of functions provided by a dynamic link library, which is accessed by these functions. With this level of understanding, the problem is good, we can
Making a similar dynamic link library instead of the original Winsock interface library, implements all functions implemented in Winsock32.dll, and assumes the number of parameters and sequences of all functions, and the return value type should be the same as the original library. In this self-made dynamic library, you can interested in functions (such as send, pick up
The result is a function of the block, put the plug-in control code, and finally continues to call the corresponding functional function provided in the original Winsock library so that the network can be implemented.
Clipping, modification, and sending sealing capabilities of the data packet.
The following focuses on the basic steps to create a shutdown Winsock plug-in:
(1) Create a DLL project, select Win32 Dynamic-Link Library, select An Empty DllProject.
(2) New files WSOCK32.H, enter the code as follows:
1 Add related variable declaration:
HModule HModule = NULL; // Module Handle Char Buffer [1000]; // Buffer FarProc Proc; // Function Inlet Pointer
2 Define the pointer variable to all of the function addresses in the Winsock library, because the Winsock library provides more than 70 functions, limited to space, here only choose
Select several common functions to list, instructions for these library functions can be referred to MSDN related content.
/ / Define the pointer variable to the original Winsock library function address. Socket (__stdcall * socket1) (int, int, int); // Create a SOCK function. INT (__stdcall * wsastartup1) (Word, LPWSADATA); // Initialize the Winsock library function. INT (__stdcall * wsacleanup1) (); // Clear the Winsock library function. INT (__stdcall * rv1) (socket, char far *, int, int); // receives data functions. INT (__stdcall * send1) (socket, const char *, int, int); // Send a data function. INT (_STDCALL * Connect1) (socket, const struct sockaddr *, int); // Create a connection function. INT (_STDCALL * BIND1) (socket, const struct sockaddr *, int); // binding function. ... Other function address pointers are defined.
(3) New WSOCK32.CPP file, enter the code as follows:
1 Add related header file statement:
#include
2 Add a DLLMAIN function, first you need to load the original Winsock library in this function and get the address of all functions in this library. code show as below:
BOOL WINAPI DLLMAIN (Handle Hinst, Ulong Ul_reason_for_call, lpvoidpreserved) {if (hmodule == null) {// The original Winsock library has been copied to WSOCK32.001. HModule = loadLibrary ("wsock32.001");} else return 1; // Get the address of all functions in the original Winsock library and save, only part of the code is listed below. if (hmodule! = null) {// Gets the address of the original Winsock library initialization function and saves to WSAStartup1. Proc = GetProcaddress (HModule, "WSAStartup"); WSAStartup1 = (int (_stdcall *) (word, lpwsadata)) proc; // Gets the address of the original Winsock library and saves to WSacleanup1. Proc = getProcaddress (HModule i, "wsacleanup); wsacleanup1 = (int (_stdcall *)) proc; // Gets the original creating SOCK function and saves to Socket1. Proc = getProcaddress (HModule, "Socket"); socket1 = (intend (_stdcall *) (int, int, int)) proc; // Get the original creation of the connection function and saved to Connect1. Proc = getProcaddress (HMODULE, "" Connect "); connection1 = (int)) proc; // Gets the address of the original send function and saves to Send1. Proc = getProcadDress (HModule, "Send"); send1 = (int (_stdcall *) (interste, const char *, int, int)) proc; // Gets the address of the original reception function and saves to RECV1. Proc = GetProcaddress (HModule, "RECV"); Recv1 = (int (_stdcall *) (socket, char far *, int, int)) proc; ... other acquisition function address code slightly. } Else return 0; Return 1;} 3 Define the library output function, you can add plug-in control code to our interested function, and call the original in all the output functions
The same name function for the Winsock library. Part of the output function definition code is as follows:
// The library output function is defined. // Winsock initialization function. INT Pascal Far WSAStartup (Word WVersionRequired, LPWSADATALPWSADATA) {// Call the original Winsock library initialization function Return WSAStartup1 (WVersionRequired, LPWSADATA);} // Winsock End Clear function. INT Pascal Far Wsacleanup (void) {Return WSacleanup1 (); // Call the original Winsock library end cleaning function. } // Create a Socket function. Socket Pascal Far Socket (int Af, int type, int protocol) {// calls the original Winsock library to create a socket function. Return Socket1 (AF, TYPE, Protocol);} // Send Packet Function Int Pascal Far Send (Socket S, Const Char * BUF, INT LEN, INT FLAGS) {// This can be performed on the content of the transmitted buffer BUF Modify to achieve a deception server. Plug-in code ... // call the original Winsock library to send packet functions. Return Send1 (S, BUF, LEN, FLAGS);} // receives the packet function. INT Pascal Far Recv (Socket S, CHAR FAR * BUF, INT LEN, INT FLAGS) {// This can stop the server side to send to the client, first saved it into the buffer. STRCPY (BUFFER, BUF); // After analyzing the buffer packet data, it is modified according to the player's instruction. Plug-in code ... // finally calls the received packet function in the original Winsock. Return Recv1 (S, Buffer, Len, Flags);} ....... other function definition code slightly. (4) New WSOCK32.DEF configuration file, in which the declaration of all library output functions is added, some declarative code is as follows:
Library "wsock32" exports wsastartup @ 1 wsacleanup @ 2 Recv @ 3 send @ 4 socket @ 5 bind @ 6 closeSocket @ 7 connect @ 8
... Other output functions declaration code slightly.
