Attribute VB_Name = "API"Option ExplicitPublic Declare Function GetDesktopWindow Lib "User32.DLL" () As LongPublic Declare Function FindWindow Lib "User32.DLL" Alias "FindWindowA" (ByVal ClassName As String, ByVal Caption As String) As LongPublic Declare Function GetWindow Lib "User32.DLL" (ByVal hwnd As Long, ByVal wCmd As Long) As LongPublic Declare Function GetWindowText Lib "User32.DLL" Alias "GetWindowTextA" (ByVal hwnd As Long, ByVal lpString As String, ByVal cch As Long) As LongPublic Const GW_CHILD = (5)Public Const GW_HWNDNEXT = (2)Public Declare Function GetWindowThreadProcessId Lib "User32.DLL" (ByVal hwnd As Long, ProcessId As Long) As Long'取找線程ID(句柄,返回的線程ID)Public Declare Function OpenProcess Lib "Kernel32.DLL" (ByVal 操作權限 As Long, ByVal 繼承句柄 As Long, ByVal 線程ID As Long) As LongPublic Declare Function ReadProcessMemory Lib "Kernel32.DLL" (ByVal 進程柄 As Long, ByVal 內存位置 As Long, 緩沖區 As Any, ByVal 長度 As Long, lpNumberOfBytesWritten As Long) As Long'讀取進程(進程句柄,ByVal 內存區地址,讀取來的數據存放處,要讀取的長度,已經讀取的長度[0])Public Declare Function WriteProcessMemory Lib "Kernel32.DLL" (ByVal 進程柄 As Long, 內存位置 As Any, 緩沖區 As Any, ByVal 長度 As Long, lpNumberOfBytesWritten As Long) As Long'寫內存(進程句柄,ByVal 內存區地址,數據,總長度,已經完成長度[0])Public Declare Function CloseHandle Lib "Kernel32.DLL" (ByVal 進程柄 As Long) As Long'釋放(進程句柄)'不釋放會出錯Public Const STANDARD_RIGHTS_REQUIRED = &HF0000Public Const SYNCHRONIZE = &H100000Public Const RRAD_WRITE = &H1F0FFFPublic Const PROCESS_VM_OPERATION = &H8&Public Const 讀取 = &H10&Public Const 寫入 = &H20&'---------變量轉換APIPublic Declare Sub MOV Lib "Kernel32.DLL" Alias "RtlMoveMemory" (變量1 As Any, 變量2 As Any, ByVal 長度 As Long)'---------內存保護分配釋放Public Declare Function VPE Lib "Kernel32.DLL" Alias "VirtualProtectEx" (ByVal 進程柄 As Long, 地址 As Any, ByVal 長度 As Long, ByVal flNewProtect As Long, lpflOldProtect As Long) As LongPublic Declare Function VAE Lib "Kernel32.DLL" Alias "VirtualAllocEx" (ByVal 進程柄 As Long, ByVal 地址 As Long, ByVal 長度 As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long'內存分配(進程柄,地址[好像只要丟個0進去就行],長度,權限1[MEM_COMMIT],權限2[PAGE_READWRITE])返回:分配到的內存起始地址Public Declare Function VFE Lib "Kernel32.DLL" Alias "VirtualFreeEx" (ByVal 進程柄 As Long, ByVal 地址 As Long, ByVal 長度 As Long, ByVal 釋放類型 As Long) As LongPublic Const MEM_COMMIT = &H1000Public Const PAGE_READWRITE = &H4Public Const STILL_ACTIVE = &H103&Public Const INFINITE = &HFFFF'---------取模塊函數位置APIPublic Declare Function GetModuleHandle Lib "Kernel32.DLL" Alias "GetModuleHandleA" (ByVal ModuleName As String) As LongPublic Declare Function LoadLibrary Lib "Kernel32.DLL" Alias "LoadLibraryA" (ByVal ModuleName As String) As LongPublic Declare Function GetProcAddress Lib "Kernel32.DLL" (ByVal hModule As Long, ByVal ProcName As String) As LongPublic Declare Function CreateRemoteThread Lib "Kernel32.DLL" (ByVal 進程柄 As Long, lpThreadAttributes As Any, ByVal dwStackSize As Long, ByVal lpStartAddress As Long, lpParameter As Any, ByVal dwCreationFlags As Long, lpThreadID As Long) As LongPublic Declare Function GetTickCount Lib "kernel32" () As Long