Attribute VB_Name = "API"Option ExplicitPublic Declare Function GetDesktopWindow Lib "User32.DLL" () As LongPublic Declare Function FindWindow Lib "User32.DLL" Alias "FindWindowA" (ByVal ClassName As String, ByVal Caption As String) As LongPublic Declare Function GetWindow Lib "User32.DLL" (ByVal hwnd As Long, ByVal wCmd As Long) As LongPublic Declare Function GetWindowText Lib "User32.DLL" Alias "GetWindowTextA" (ByVal hwnd As Long, ByVal lpString As String, ByVal cch As Long) As LongPublic Const GW_CHILD = (5)Public Const GW_HWNDNEXT = (2)Public Declare Function GetWindowThreadProcessId Lib "User32.DLL" (ByVal hwnd As Long, ProcessId As Long) As Long'取找線程ID(句柄,返回的線程ID)Public Declare Function OpenProcess Lib "Kernel32.DLL" (ByVal 操作權(quán)限 As Long, ByVal 繼承句柄 As Long, ByVal 線程ID As Long) As LongPublic Declare Function ReadProcessMemory Lib "Kernel32.DLL" (ByVal 進(jìn)程柄 As Long, ByVal 內(nèi)存位置 As Long, 緩沖區(qū) As Any, ByVal 長(zhǎng)度 As Long, lpNumberOfBytesWritten As Long) As Long'讀取進(jìn)程(進(jìn)程句柄,ByVal 內(nèi)存區(qū)地址,讀取來的數(shù)據(jù)存放處,要讀取的長(zhǎng)度,已經(jīng)讀取的長(zhǎng)度[0])Public Declare Function WriteProcessMemory Lib "Kernel32.DLL" (ByVal 進(jìn)程柄 As Long, 內(nèi)存位置 As Any, 緩沖區(qū) As Any, ByVal 長(zhǎng)度 As Long, lpNumberOfBytesWritten As Long) As Long'寫內(nèi)存(進(jìn)程句柄,ByVal 內(nèi)存區(qū)地址,數(shù)據(jù),總長(zhǎng)度,已經(jīng)完成長(zhǎng)度[0])Public Declare Function CloseHandle Lib "Kernel32.DLL" (ByVal 進(jìn)程柄 As Long) As Long'釋放(進(jìn)程句柄)'不釋放會(huì)出錯(cuò)Public Const STANDARD_RIGHTS_REQUIRED = &HF0000Public Const SYNCHRONIZE = &H100000Public Const RRAD_WRITE = &H1F0FFFPublic Const PROCESS_VM_OPERATION = &H8&Public Const 讀取 = &H10&Public Const 寫入 = &H20&'---------變量轉(zhuǎn)換APIPublic Declare Sub MOV Lib "Kernel32.DLL" Alias "RtlMoveMemory" (變量1 As Any, 變量2 As Any, ByVal 長(zhǎng)度 As Long)'---------內(nèi)存保護(hù)分配釋放Public Declare Function VPE Lib "Kernel32.DLL" Alias "VirtualProtectEx" (ByVal 進(jìn)程柄 As Long, 地址 As Any, ByVal 長(zhǎng)度 As Long, ByVal flNewProtect As Long, lpflOldProtect As Long) As LongPublic Declare Function VAE Lib "Kernel32.DLL" Alias "VirtualAllocEx" (ByVal 進(jìn)程柄 As Long, ByVal 地址 As Long, ByVal 長(zhǎng)度 As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long'內(nèi)存分配(進(jìn)程柄,地址[好像只要丟個(gè)0進(jìn)去就行],長(zhǎng)度,權(quán)限1[MEM_COMMIT],權(quán)限2[PAGE_READWRITE])返回:分配到的內(nèi)存起始地址Public Declare Function VFE Lib "Kernel32.DLL" Alias "VirtualFreeEx" (ByVal 進(jìn)程柄 As Long, ByVal 地址 As Long, ByVal 長(zhǎng)度 As Long, ByVal 釋放類型 As Long) As LongPublic Const MEM_COMMIT = &H1000Public Const PAGE_READWRITE = &H4Public Const STILL_ACTIVE = &H103&Public Const INFINITE = &HFFFF'---------取模塊函數(shù)位置APIPublic Declare Function GetModuleHandle Lib "Kernel32.DLL" Alias "GetModuleHandleA" (ByVal ModuleName As String) As LongPublic Declare Function LoadLibrary Lib "Kernel32.DLL" Alias "LoadLibraryA" (ByVal ModuleName As String) As LongPublic Declare Function GetProcAddress Lib "Kernel32.DLL" (ByVal hModule As Long, ByVal ProcName As String) As LongPublic Declare Function CreateRemoteThread Lib "Kernel32.DLL" (ByVal 進(jìn)程柄 As Long, lpThreadAttributes As Any, ByVal dwStackSize As Long, ByVal lpStartAddress As Long, lpParameter As Any, ByVal dwCreationFlags As Long, lpThreadID As Long) As LongPublic Declare Function GetTickCount Lib "kernel32" () As Long