1. FindWindow
2. GetWindowThreadProcessID
3. OpenProcess
4. ReadProcessMemory
5. WriteProcessMemory //
6. CloseHandle

---

unit Unit1;

 

interface

 

uses

  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,

  Dialogs, ExtCtrls, StdCtrls;

 

type

  TForm1 = class(TForm)

    Label1: TLabel;

    Timer1: TTimer;

    procedure Timer1Timer(Sender: TObject);

  private

    { Private declarations }

  public

    { Public declarations }

  end;

 

var

  Form1: TForm1;

 

implementation

 

{$R *.dfm}

 

procedure TForm1.Timer1Timer(Sender: TObject);

var

 myHwnd:HWND;//

 myPid:dword;//dword的表现形式是什么样子的

 myProcess:Thandle;//

 MyPointer:integer;//

 readByte:Cardinal;//readByte:SIZE_T;// 实际读取字节

 displayValue:integer;

  // [[[[0057C3A0]+1c]+14]+0]+18 =>dsplyValue

  const BaseAddress=$0057C3A0;

 

begin

   myHwnd:=FindWindow(nil,'Step 8'); //01

   if myHwnd <> 0 then

   begin

     GetWindowThreadProcessID(myHwnd,@myPid); //02

     myProcess:=OpenProcess(PROCESS_ALL_ACCESS,false,myPid); //03

     ReadProcessMemory(myProcess,Pointer(BaseAddress),@MyPointer,4,readByte); //04

     ReadProcessMemory(myProcess,Pointer(MyPointer+$c),@MyPointer,4,readByte);

     ReadProcessMemory(myProcess,Pointer(MyPointer+$14),@MyPointer,4,readByte);

     ReadProcessMemory(myProcess,Pointer(MyPointer+$0),@MyPointer,4,readByte);

     ReadProcessMemory(myProcess,Pointer(MyPointer+$18),@displayValue,4,readByte);

     label1.Caption:=inttostr(displayValue); //showValue

     CloseHandle(myProcess) ;//05

   end

   else if myHwnd = 0 then

            self.Caption :='no found object!';

end;

 

end.