Attribute VB_Name = "API"
Option Explicit
Public Declare Function GetDesktopWindow Lib "User32.DLL" () As Long
Public Declare Function FindWindow Lib "User32.DLL" Alias "FindWindowA" (ByVal ClassName As String, ByVal Caption As String) As Long
Public Declare Function GetWindow Lib "User32.DLL" (ByVal hwnd As Long, ByVal wCmd As Long) As Long
Public Declare Function GetWindowText Lib "User32.DLL" Alias "GetWindowTextA" (ByVal hwnd As Long, ByVal lpString As String, ByVal cch As Long) As Long
Public Const GW_CHILD = (5)
Public Const GW_HWNDNEXT = (2)

Public Declare Function GetWindowThreadProcessId Lib "User32.DLL" (ByVal hwnd As Long, ProcessId As Long) As Long
'取找線程ID(句柄,返回的線程ID)

Public Declare Function OpenProcess Lib "Kernel32.DLL" (ByVal 操作權(quán)限 As Long, ByVal 繼承句柄 As Long, ByVal 線程ID As Long) As Long
Public Declare Function ReadProcessMemory Lib "Kernel32.DLL" (ByVal 進(jìn)程柄 As Long, ByVal 內(nèi)存位置 As Long, 緩沖區(qū) As Any, ByVal 長(zhǎng)度 As Long, lpNumberOfBytesWritten As Long) As Long
'讀取進(jìn)程(進(jìn)程句柄,ByVal 內(nèi)存區(qū)地址,讀取來(lái)的數(shù)據(jù)存放處,要讀取的長(zhǎng)度,已經(jīng)讀取的長(zhǎng)度[0])
Public Declare Function WriteProcessMemory Lib "Kernel32.DLL" (ByVal 進(jìn)程柄 As Long, 內(nèi)存位置 As Any, 緩沖區(qū) As Any, ByVal 長(zhǎng)度 As Long, lpNumberOfBytesWritten As Long) As Long
'寫內(nèi)存(進(jìn)程句柄,ByVal 內(nèi)存區(qū)地址,數(shù)據(jù),總長(zhǎng)度,已經(jīng)完成長(zhǎng)度[0])
Public Declare Function CloseHandle Lib "Kernel32.DLL" (ByVal 進(jìn)程柄 As Long) As Long
'釋放(進(jìn)程句柄)'不釋放會(huì)出錯(cuò)

Public Const STANDARD_RIGHTS_REQUIRED = &HF0000
Public Const SYNCHRONIZE = &H100000
Public Const RRAD_WRITE = &H1F0FFF
Public Const PROCESS_VM_OPERATION = &H8&
Public Const 讀取 = &H10&
Public Const 寫入 = &H20&

'---------變量轉(zhuǎn)換API
Public Declare Sub MOV Lib "Kernel32.DLL" Alias "RtlMoveMemory" (變量1 As Any, 變量2 As Any, ByVal 長(zhǎng)度 As Long)

'---------內(nèi)存保護(hù)分配釋放
Public Declare Function VPE Lib "Kernel32.DLL" Alias "VirtualProtectEx" (ByVal 進(jìn)程柄 As Long, 地址 As Any, ByVal 長(zhǎng)度 As Long, ByVal flNewProtect As Long, lpflOldProtect As Long) As Long
Public Declare Function VAE Lib "Kernel32.DLL" Alias "VirtualAllocEx" (ByVal 進(jìn)程柄 As Long, ByVal 地址 As Long, ByVal 長(zhǎng)度 As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long
'內(nèi)存分配(進(jìn)程柄,地址[好像只要丟個(gè)0進(jìn)去就行],長(zhǎng)度,權(quán)限1[MEM_COMMIT],權(quán)限2[PAGE_READWRITE])返回:分配到的內(nèi)存起始地址
Public Declare Function VFE Lib "Kernel32.DLL" Alias "VirtualFreeEx" (ByVal 進(jìn)程柄 As Long, ByVal 地址 As Long, ByVal 長(zhǎng)度 As Long, ByVal 釋放類型 As Long) As Long

Public Const MEM_COMMIT = &H1000
Public Const PAGE_READWRITE = &H4
Public Const STILL_ACTIVE = &H103&
Public Const INFINITE = &HFFFF

'---------取模塊函數(shù)位置API
Public Declare Function GetModuleHandle Lib "Kernel32.DLL" Alias "GetModuleHandleA" (ByVal ModuleName As String) As Long
Public Declare Function LoadLibrary Lib "Kernel32.DLL" Alias "LoadLibraryA" (ByVal ModuleName As String) As Long
Public Declare Function GetProcAddress Lib "Kernel32.DLL" (ByVal hModule As Long, ByVal ProcName As String) As Long

Public Declare Function CreateRemoteThread Lib "Kernel32.DLL" (ByVal 進(jìn)程柄 As Long, lpThreadAttributes As Any, ByVal dwStackSize As Long, ByVal lpStartAddress As Long, lpParameter As Any, ByVal dwCreationFlags As Long, lpThreadID As Long) As Long
Public Declare Function GetTickCount Lib "kernel32" () As Long