- 积分
- 1331
- 明经币
- 个
- 注册时间
- 2017-12-23
- 在线时间
- 小时
- 威望
-
- 金钱
- 个
- 贡献
-
- 激情
-
|
发表于 2019-5-9 16:10:15
|
显示全部楼层
本帖最后由 1005100717 于 2019-5-9 16:12 编辑
自从用了net,发现还是net写起来方便,没有c++配置那么复杂我也来贡献一个net版的,2008-2019 32 64通杀
 - Imports Autodesk.AutoCAD.ApplicationServices
- Imports Autodesk.AutoCAD.DatabaseServices
- Imports Autodesk.AutoCAD.PlottingServices
- Imports Autodesk.AutoCAD.EditorInput
- Imports Autodesk.AutoCAD.Geometry
- Imports Autodesk.AutoCAD.Runtime
- Imports Autodesk.AutoCAD.Customization
- Imports System.Collections.Specialized
- Imports System.Runtime.InteropServices
- Public Class cadFunc
- <DllImport("kernel32.dll", CharSet:=CharSet.Auto, SetLastError:=True)> _
- Public Shared Function GetModuleHandle(ByVal lpModuleName As String) As IntPtr
- End Function
- <DllImport("kernel32.dll", SetLastError:=True, CharSet:=CharSet.Ansi, ExactSpelling:=True)> _
- Private Shared Function GetProcAddress(ByVal hModule As IntPtr, ByVal procName As String) As IntPtr
- End Function
- <DllImport("kernel32.dll", SetLastError:=True)> _
- Public Shared Function ReadProcessMemory( _
- ByVal hProcess As IntPtr, _
- ByVal lpBaseAddress As IntPtr, _
- <Out()> ByVal lpBuffer As Byte(), _
- ByVal dwSize As Integer, _
- ByRef lpNumberOfBytesRead As Integer) As Boolean
- End Function
- <DllImport("kernel32.dll", CharSet:=CharSet.Auto, SetLastError:=True)> _
- Public Shared Function VirtualProtect(ByVal lpAddress As IntPtr, ByVal dwSize As IntPtr, ByVal flNewProtect As UInteger, ByRef lpflOldProtect As UInteger) As Boolean
- End Function
- Public Shared Function getAcadVersion() As Double
- Return CDbl(Application.GetSystemVariable("acadver").ToString().Substring(0, 4))
- End Function
- Public Shared Function noEMR() As String
- Dim dllName As String = "acdb" + getAcadVersion().ToString.Substring(0, 2) + ".dll"
- Dim handle As IntPtr = GetModuleHandle(dllName)
- If handle = 0 Then Return "找不到模块:" + dllName
- Dim funcname As String
- If IntPtr.Size = 4 Then
- Dim bin() As Byte = {63}
- funcname = System.Text.Encoding.Unicode.GetString(bin) + "isEMR@AcDbDatabase@@QBE_NXZ"
- Else
- Dim bin() As Byte = {63}
- funcname = System.Text.Encoding.Unicode.GetString(bin) + "isEMR@AcDbDatabase@@QEBA_NXZ"
- End If
- Dim funcAdress As IntPtr = GetProcAddress(handle, funcname)
- If funcAdress = 0 Then Return "无法找指定函数:" + funcname
- '寻找关键字0x33,0x39,0x0f
- Dim ptr As IntPtr
- If IntPtr.Size = 4 Then
- ptr = New IntPtr(funcAdress.ToInt32() + 3)
- Else
- ptr = New IntPtr(funcAdress.ToInt64() + 4)
- End If
- If Not EMRcheckFunc(ptr, 51, 2) Then Return "无法验证函数体:0x33"
- Dim destPtr As IntPtr = ptr
- If Not EMRcheckFunc(ptr, 57, 6) Then Return "无法验证函数体:0x39"
- If Not EMRcheckFunc(ptr, 15, 2) Then Return "无法验证函数体:0x0F"
- '修改内存
- Dim flag As UInteger, tccc As UInteger
- If Not VirtualProtect(destPtr, 100, 64, flag) Then Return "内存模式修改失败!1"
- Marshal.WriteByte(destPtr, 137) '0x89
- VirtualProtect(destPtr, 100, flag, tccc)
- Return ""
- End Function
- Private Shared Function EMRcheckFunc(ByRef adress As IntPtr, ByVal val As Byte, ByVal len As Integer) As Boolean
- '检查是否时跳转,跳转符号 E9
- If Marshal.ReadByte(adress) = 233 Then
- If IntPtr.Size = 4 Then
- Dim pass As Integer = Marshal.ReadInt32(New IntPtr(adress.ToInt32() + 1))
- adress = New IntPtr(adress.ToInt32() + pass + 5)
- Else
- Dim pass As Integer = Marshal.ReadInt32(New IntPtr(adress.ToInt64() + 1))
- adress = New IntPtr(adress.ToInt64() + pass + 5)
- End If
- End If
- '检查是否为指定值,如果不是返回0
- If Marshal.ReadByte(adress) = val Then
- If IntPtr.Size = 4 Then
- adress = New IntPtr(adress.ToInt32() + len)
- Else
- adress = New IntPtr(adress.ToInt64() + len)
- End If
- Return True
- Else
- Return False
- End If
- End Function
- End Class
|
评分
-
查看全部评分
|
[复制链接]
显身卡
楼主
发表于 2019-5-9 15:28:19