[Quote title="引用"]unit Unit1;

interface

uses
   Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
   Dialogs, StdCtrls;

type
   TForm1 = class(TForm)
     Button1: TButton;
     Button2: TButton;
     Button3: TButton;
     procedure Button1Click(Sender: TObject);
     procedure Button2Click(Sender: TObject);
     procedure Button3Click(Sender: TObject);
     procedure FormCreate(Sender: TObject);
     procedure FormDestroy(Sender: TObject);
   private
     { Private declarations }
   public
     { Public declarations }
   end;

var
   Form1: TForm1;

implementation

{$R *.dfm}
var
   pHandle:Thandle;

function FunIn(Hid:cardinal;FunName:pointer):cardinal;
var
{要注入线程的窗口句柄和临时存放的句柄}
TmpHandle: THandle;
ThreadID: Thandle;
ThreadAdd:pointer;
WriteCount: DWORD;
begin
ThreadAdd := VirtualAllocEx(Hid, nil, 4096, MEM_COMMIT, PAGE_EXECUTE_READWRITE);//在目标进程建立内存空间
WriteProcessMemory(Hid, ThreadAdd, FunName , 4096, WriteCount);//将要注入的过程写到上面建立的内存空间中
TmpHandle := CreateRemoteThread(Hid, nil, 0, ThreadAdd, nil, CREATE_SUSPENDED, ThreadID);//获得注入后过程的句柄ID
result:=TmpHandle;//返回句柄ID
end;


procedure DaZuo; //打坐CALL过程
   var
     Address:pointer;
   begin
     Address:=Pointer($005ACCE0); //函数入口地址
       asm
         pushad
           CALL Address
         popad
       end;
   end;
procedure QXDaZuo; //取消打坐CALL过程
   var
     Address:pointer;
   begin
     Address:=Pointer($005ACCA0); //函数入口地址
       asm
         pushad
           CALL Address
         popad
       end;
   end;

procedure PTGJ; //普通攻击CALL过程
   var
     Address:pointer;
   begin
     Address:=Pointer($005AC660); //函数入口地址
       asm
         pushad
           CALL Address
         popad
       end;
   end;

procedure TForm1.Button1Click(Sender: TObject); //打坐按钮
var
   HomeAdd:cardinal;
begin
HomeAdd:= FunIn(pHandle, @DaZuo);//调用注入函数
   ResumeThread( HomeAdd)); //运行注入的CALL线程
end;

procedure TForm1.Button2Click(Sender: TObject);   //取消打坐按钮
var
   HomeAdd:cardinal;
begin
   HomeAdd:=FunIn(pHandle, @QXDaZuo );//调用注入函数
   ResumeThread(HomeAdd)); //运行注入的CALL线程
end;

procedure TForm1.Button3Click(Sender: TObject);     //普通攻击按钮
var
   HomeAdd:cardinal;
begin
   HomeAdd:=FunIn(pHandle, @PTGJ);//调用注入函数
   ResumeThread( HomeAdd)); //运行注入的CALL线程
end;

procedure TForm1.FormCreate(Sender: TObject);
var
   thwnd :Thandle ;   //声明变量 窗口句柄
   pid:Thandle;       //进程句柄

begin
   thWnd := FindWindow(nil,'Element Client'); //得窗口句柄
       GetWindowThreadProcessId(thwnd,@pid);//得进程ID
         phandle := OpenProcess(PROCESS_ALL_ACCESS,False,pid); //打开进程
   if phandle=0 then
       begin
         Application.MessageBox ('请先运行游戏再打开本程序','友情提示',MB_OK);
         Application.Terminate;
       end;

end;

procedure TForm1.FormDestroy(Sender: TObject);
begin
   CloseHandle(pHandle);//关闭句柄
end;

end.[/Quote]