repos_assist/天使插件源码/TSPlug/TSMemoryAPI.cpp

/*
本源码由TC简单软件科技有限公司开源,功能可以自由修改、发布、
长沙简单软件科技有限公司对于源码不做后期维护,,请大家在使用过程中遵循开源协议
*/
#include "StdAfx.h"
#include "TSMemoryAPI.h"
#include <Tlhelp32.h>
#include <psapi.h> 
#include "TSRuntime.h"
#include "TSMyUser32DllFuntion.h"
#include "TSMyKernel32DllFuntion.h"
//#include "TSVIPHookFuntion.h"
#pragma comment ( lib, "psapi.lib" )

extern myOpenProcess my_OpenProcess;
extern myGetWindowThreadProcessId my_GetWindowThreadProcessId;
extern myReadProcessMemory my_ReadProcessMemory;
extern myWriteProcessMemory my_WriteProcessMemory;
extern myTerminateProcess my_TerminateProcess;
extern myVirtualProtect my_VirtualProtect;
extern myVirtualProtectEx my_VirtualProtectEx;
extern myCreateRemoteThread my_CreateRemoteThread;
extern myZwOpenProcess	my_ZwOpenProcess;

typedef LONG(WINAPI* PROCNTQSIP)(HANDLE, UINT, PVOID, ULONG, PULONG);
PROCNTQSIP NtQueryInformationProcess;


//NtReadVirtualMemory(
//					IN HANDLE               ProcessHandle,
//					IN PVOID                BaseAddress,
//					OUT PVOID               Buffer,
//					IN ULONG                NumberOfBytesToRead,
//					OUT PULONG              NumberOfBytesReaded OPTIONAL );


extern DWORD Ntdll_ProtectVirtual;
extern DWORD Ntdll_ProtectVirtualEax;

extern DWORD ZwWriteVirtualMemoryRet;
extern DWORD ZwWriteVirtualMemoryEax;

DWORD GetWindowThreadProcessIdRet = 0;
__declspec(naked) DWORD WINAPI My_GetWindowThreadProcessId(HWND hWnd, LPDWORD lpdwProcessId)
{
	_asm
	{
		mov edi, edi
		push ebp
		mov ebp, esp
		jmp GetWindowThreadProcessIdRet;
	}
}

DWORD ZwOpenProcessRet = 0;
DWORD ZwOpenProcessEax = 0;
__declspec(naked) NTSTATUS WINAPI My_ZwOpenProcess(
	__out PHANDLE  ProcessHandle,
	__in ACCESS_MASK  DesiredAccess,
	__in POBJECT_ATTRIBUTES  ObjectAttributes,
	__in_opt PCLIENT_ID  ClientId
)
{
	_asm
	{
		//MOV EAX,0x23  //win7
		mov eax, ZwOpenProcessEax;
		jmp ZwOpenProcessRet;
	}
}

HANDLE My_OpenProcess(int proid)
{
	HANDLE ProcessHandle = (HANDLE)0;
	OBJECT_ATTRIBUTES ObjectAttribute = { sizeof(OBJECT_ATTRIBUTES), 0,NULL,NULL };
	ObjectAttribute.Attributes = 0;
	CLIENT_ID ClientIds;
	ClientIds.UniqueProcess = (HANDLE)proid;
	ClientIds.UniqueThread = (HANDLE)0;
	My_ZwOpenProcess(&ProcessHandle, PROCESS_ALL_ACCESS, &ObjectAttribute, &ClientIds);
	ProcessHandle;

	return ProcessHandle;
}

int GetProcessNumber()//获取CPU个数 ,CPU核数决定线程个数
{
	SYSTEM_INFO info;
	GetSystemInfo(&info);
	return (int)info.dwNumberOfProcessors;
}

TSMemoryAPI::TSMemoryAPI(void)
{
	nPid = 0;
	retstringlen = 0;
	asmcodearry.clear();
	memset(Asmcalladdr, 0, MAX_PATH);
	allocatememory = NULL;

	int sysvion = TSRuntime::InitialWindowsVersion();

	if (GetWindowThreadProcessIdRet == 0)
	{
		DWORD addr = (DWORD)GetProcAddress(GetModuleHandle(L"user32.dll"), "GetWindowThreadProcessId");
		GetWindowThreadProcessIdRet = addr + 5;
	}

	if (ZwWriteVirtualMemoryRet == 0)
	{
		DWORD addr = (DWORD)GetProcAddress(GetModuleHandle(L"ntdll.dll"), "ZwWriteVirtualMemory");
		ZwWriteVirtualMemoryRet = addr + 5;
		if (sysvion == 4 && TSRuntime::IsWin7X64)//win7X64
			ZwWriteVirtualMemoryEax = 0x37;
		else if (sysvion == 4)//win7x86
			ZwWriteVirtualMemoryEax = 0x18F;
		else if (sysvion == 1)//WINXP
			ZwWriteVirtualMemoryEax = 0x115;
		else if (sysvion == 2)//WIN2003
			ZwWriteVirtualMemoryEax = 0x11f;
		else if (sysvion == 5 && TSRuntime::IsWin8X64)
			ZwWriteVirtualMemoryEax = 0x38;
		else if (sysvion == 5)//win8X86
			ZwWriteVirtualMemoryEax = 0x2;
	}

	if (Ntdll_ProtectVirtual == 0)
	{
		DWORD addr = (DWORD)GetProcAddress(GetModuleHandle(L"ntdll.dll"), "ZwProtectVirtualMemory");
		Ntdll_ProtectVirtual = addr + 5;
		if (sysvion == 4 && TSRuntime::IsWin7X64)//win7X64
			Ntdll_ProtectVirtualEax = 0x4d;
		else if (sysvion == 4)//win7x86
			Ntdll_ProtectVirtualEax = 0xd7;
		else if (sysvion == 1)//WINXP
			Ntdll_ProtectVirtualEax = 0x89;
		else if (sysvion == 2)//WIN2003
			Ntdll_ProtectVirtualEax = 0x8f;
		else if (sysvion == 5 && TSRuntime::IsWin8X64)
			Ntdll_ProtectVirtualEax = 0x4e;
		else if (sysvion == 5)//win8X86
			Ntdll_ProtectVirtualEax = 0xC3;
	}
	if (ZwOpenProcessRet == 0)
	{
		DWORD addr = (DWORD)GetProcAddress(GetModuleHandle(L"ntdll.dll"), "ZwOpenProcess");
		ZwOpenProcessRet = addr + 5;
		if (sysvion == 4 && TSRuntime::IsWin7X64)//win7X64
			ZwOpenProcessEax = 0x23;
		else if (sysvion == 4)//win7x86
			ZwOpenProcessEax = 0xBe;
		else if (sysvion == 1)//WINXP
			ZwOpenProcessEax = 0x7a;
		else if (sysvion == 2)//WIN2003
			ZwOpenProcessEax = 0X80;
		else if (sysvion == 5 && TSRuntime::IsWin8X64)
			ZwOpenProcessEax = 0X24;
		else if (sysvion == 5)//win8X86
			ZwOpenProcessEax = 0XDD;

	}

	// m_mutex=mm_mutex;
}

TSMemoryAPI::~TSMemoryAPI(void)
{

}

void FindDataThread(void* para)
{
	PFindDataInfo info = (PFindDataInfo)para;

	BYTE buffData[4096] = { 0 };
	int retstrlen = 0;
	//DWORD count=0;
	DWORD dwRead = 0;
	DWORD ibegin = 0;
	if (info->FindDataType == FINDDATATYPE_FINDFLOATEX) //FindFloatEx
	{
		for (int n = 0; n < info->dwncount; n++)
		{
			EnterCriticalSection(&info->m_mutex);//临界区保护多线程
			for (int k = 0; k < info->dwncount; k++)
			{
				if (info->bfindindex[k] == true)
					n = k;
				else
				{
					info->bfindindex[k] = true;
					break;
				}
			}
			LeaveCriticalSection(&info->m_mutex);//临界区保护多线程
			int size = info->dwend[n] - info->dwbegin[n];
			if (size <= 4096)
			{
				ibegin = info->dwbegin[n];
				::memset(buffData, 0, size);
				if (ReadProcessMemory(info->hprocess, LPVOID(info->dwbegin[n]), buffData, size, &dwRead))
				{
					int i = 0;
					for (; i < (int)dwRead; i++)
					{
						float* float_value = (float*)&buffData[i];
						if (*float_value >= info->float_value_min && *float_value <= info->float_value_max)
						{
							EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
							if (info->count <= 20000)	//记录找到地址的上限为20000,防止溢出
							{

								wchar_t inx[10] = { 0 };
								if (retstrlen == 0)
									retstrlen = wcslen(info->retstr);
								if (retstrlen == 0)
									swprintf(inx, L"%X", (ibegin + i));
								else
									swprintf(inx, L"|%X", (ibegin + i));
								wcscat(info->retstr, inx);
							}
							else
							{
								LeaveCriticalSection(&info->m_mutex);
								return;
							}
							info->count++;
							LeaveCriticalSection(&info->m_mutex);
						}
					}

				}
			}
			else
			{
				ibegin = info->dwbegin[n];
				int sizen = 4096;
				while (ibegin < info->dwend[n] && info->dwend[n]>0)
				{
					if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
					{
						int i = 0;
						for (; i < (int)dwRead; i++)
						{
							float* float_value = (float*)&buffData[i];
							if (*float_value >= info->float_value_min && *float_value <= info->float_value_max)
							{
								EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
								if (info->count <= 20000)	//记录找到地址的上限为20000,防止溢出
								{
									wchar_t inx[10] = { 0 };
									if (retstrlen == 0)
										retstrlen = wcslen(info->retstr);
									if (retstrlen == 0)
										swprintf(inx, L"%X", (ibegin + i));
									else
										swprintf(inx, L"|%X", (ibegin + i));
									wcscat(info->retstr, inx);
								}
								else
								{
									LeaveCriticalSection(&info->m_mutex);
									return;
								}
								info->count++;
								LeaveCriticalSection(&info->m_mutex);
							}
						}

					}
					if (info->dwend[n] >= ibegin + 4096)
						ibegin = ibegin + 4096;
					else
					{
						sizen = info->dwend[n] - ibegin;
						ibegin = ibegin + 4096;
						::memset(buffData, 0, sizen);
					}
				}
			}
		}
	}
	else if (info->FindDataType == FINDDATATYPE_FINDDOUBLEEX)	//FindDoubleEx
	{
		for (int n = 0; n < info->dwncount; n++)
		{
			EnterCriticalSection(&info->m_mutex);//临界区保护多线程
			for (int k = 0; k < info->dwncount; k++)
			{
				if (info->bfindindex[k] == true)
					n = k;
				else
				{
					info->bfindindex[k] = true;
					break;
				}
			}
			LeaveCriticalSection(&info->m_mutex);//临界区保护多线程
			int size = info->dwend[n] - info->dwbegin[n];
			if (size <= 4096)
			{
				ibegin = info->dwbegin[n];
				::memset(buffData, 0, size);
				if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, size, &dwRead))
				{
					int i = 0;
					for (; i < (int)dwRead; i++)
					{
						double* double_value = (double*)&buffData[i];
						if (*double_value >= info->double_value_min && *double_value <= info->double_value_max)
						{
							EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
							if (info->count <= 20000)	//记录找到地址的上限为20000,防止溢出
							{
								wchar_t inx[10] = { 0 };
								if (retstrlen == 0)
									retstrlen = wcslen(info->retstr);
								if (retstrlen == 0)
									swprintf(inx, L"%X", (ibegin + i));
								else
									swprintf(inx, L"|%X", (ibegin + i));
								wcscat(info->retstr, inx);
								//swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i));
							}
							else
							{
								LeaveCriticalSection(&info->m_mutex);
								return;
							}
							info->count++;
							LeaveCriticalSection(&info->m_mutex);
						}
					}

				}
			}
			else
			{
				ibegin = info->dwbegin[n];
				int sizen = 4096;
				while (ibegin < info->dwend[n] && info->dwend[n]>0)
				{
					if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
					{
						int i = 0;
						for (; i < (int)dwRead; i++)
						{
							double* double_value = (double*)&buffData[i];
							if (*double_value >= info->double_value_min && *double_value <= info->double_value_max)
							{
								EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
								if (info->count <= 20000)	//记录找到地址的上限为20000,防止溢出
								{
									wchar_t inx[10] = { 0 };
									if (retstrlen == 0)
										retstrlen = wcslen(info->retstr);
									if (retstrlen == 0)
										swprintf(inx, L"%X", (ibegin + i));
									else
										swprintf(inx, L"|%X", (ibegin + i));
									wcscat(info->retstr, inx);
									//swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i));
								}
								else
								{
									LeaveCriticalSection(&info->m_mutex);
									return;
								}
								info->count++;
								LeaveCriticalSection(&info->m_mutex);
							}
						}

					}
					if (info->dwend[n] >= ibegin + 4096)
						ibegin = ibegin + 4096;
					else
					{
						sizen = info->dwend[n] - ibegin;
						ibegin = ibegin + 4096;
						::memset(buffData, 0, sizen);
					}
				}
			}
		}
	}
	else if (info->FindDataType == FINDDATATYPE_FINDINTEX)//FindIntEx
	{
		for (int n = 0; n < info->dwncount; n++)
		{
			EnterCriticalSection(&info->m_mutex);//临界区保护多线程
			for (int k = 0; k < info->dwncount; k++)
			{
				if (info->bfindindex[k] == true)
					n = k;
				else
				{
					info->bfindindex[k] = true;
					break;
				}
			}
			LeaveCriticalSection(&info->m_mutex);//临界区保护多线程
			int size = info->dwend[n] - info->dwbegin[n];
			if (size <= 4096)
			{
				ibegin = info->dwbegin[n];
				::memset(buffData, 0, size);
				if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, size, &dwRead))
				{
					int i = 0;
					for (; i < (int)dwRead; i++)
					{
						if (info->FindIntType == 0)//0 : 32位
						{
							int* value = (int*)&buffData[i];
							if (*value >= info->int_value_min && *value <= info->int_value_max)
							{
								EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
								if (info->count <= 20000)	//记录找到地址的上限为20000,防止溢出
								{
									wchar_t inx[10] = { 0 };
									if (retstrlen == 0)
										retstrlen = wcslen(info->retstr);
									if (retstrlen == 0)
										swprintf(inx, L"%X", (ibegin + i));
									else
										swprintf(inx, L"|%X", (ibegin + i));
									wcscat(info->retstr, inx);
									//swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i));
								}
								else
								{
									LeaveCriticalSection(&info->m_mutex);
									return;
								}
								info->count++;
								LeaveCriticalSection(&info->m_mutex);
							}
						}
						else  if (info->FindIntType == 1)  //1 : 16 位
						{
							short* value = (short*)&buffData[i];
							if (*value >= info->int_value_min && *value <= info->int_value_max)
							{
								EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
								if (info->count <= 20000)	//记录找到地址的上限为20000,防止溢出
								{
									wchar_t inx[10] = { 0 };
									if (retstrlen == 0)
										retstrlen = wcslen(info->retstr);
									if (retstrlen == 0)
										swprintf(inx, L"%X", (ibegin + i));
									else
										swprintf(inx, L"|%X", (ibegin + i));
									wcscat(info->retstr, inx);
									//swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i));
								}
								else
								{
									LeaveCriticalSection(&info->m_mutex);
									return;
								}
								info->count++;
								LeaveCriticalSection(&info->m_mutex);
							}
						}
						else if (info->FindIntType == 2)//2 : 8位
						{
							if (buffData[i] >= info->int_value_min && buffData[i] <= info->int_value_max)
							{
								EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
								if (info->count <= 20000)	//记录找到地址的上限为20000,防止溢出
								{
									wchar_t inx[10] = { 0 };
									if (retstrlen == 0)
										retstrlen = wcslen(info->retstr);
									if (retstrlen == 0)
										swprintf(inx, L"%X", (ibegin + i));
									else
										swprintf(inx, L"|%X", (ibegin + i));
									wcscat(info->retstr, inx);
									//swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i));
								}
								else
								{
									LeaveCriticalSection(&info->m_mutex);
									return;
								}
								info->count++;
								LeaveCriticalSection(&info->m_mutex);
							}
						}
					}

				}
			}
			else
			{
				ibegin = info->dwbegin[n];
				int sizen = 4096;
				while (ibegin < info->dwend[n] && info->dwend[n]>0)
				{
					if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
					{
						int i = 0;
						for (; i < (int)dwRead; i++)
						{
							if (info->FindIntType == 0)//0 : 32位
							{
								int* value = (int*)&buffData[i];
								if (*value >= info->int_value_min && *value <= info->int_value_max)
								{
									EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
									if (info->count <= 20000)	//记录找到地址的上限为20000,防止溢出
									{
										wchar_t inx[10] = { 0 };
										if (retstrlen == 0)
											retstrlen = wcslen(info->retstr);
										if (retstrlen == 0)
											swprintf(inx, L"%X", (ibegin + i));
										else
											swprintf(inx, L"|%X", (ibegin + i));
										wcscat(info->retstr, inx);
										//swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i));
									}
									else
									{
										LeaveCriticalSection(&info->m_mutex);
										return;
									}
									info->count++;
									LeaveCriticalSection(&info->m_mutex);
								}
							}
							else  if (info->FindIntType == 1)  //1 : 16 位
							{
								short* value = (short*)&buffData[i];
								if (*value >= info->int_value_min && *value <= info->int_value_max)
								{
									EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
									if (info->count <= 20000)	//记录找到地址的上限为20000,防止溢出
									{
										wchar_t inx[10] = { 0 };
										if (retstrlen == 0)
											retstrlen = wcslen(info->retstr);
										if (retstrlen == 0)
											swprintf(inx, L"%X", (ibegin + i));
										else
											swprintf(inx, L"|%X", (ibegin + i));
										wcscat(info->retstr, inx);
										//swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i));
									}
									else
									{
										LeaveCriticalSection(&info->m_mutex);
										return;
									}
									info->count++;
									LeaveCriticalSection(&info->m_mutex);
								}
							}
							else if (info->FindIntType == 2)//2 : 8位
							{
								if (buffData[i] >= info->int_value_min && buffData[i] <= info->int_value_max)
								{
									EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
									if (info->count <= 20000)	//记录找到地址的上限为20000,防止溢出
									{
										wchar_t inx[10] = { 0 };
										if (retstrlen == 0)
											retstrlen = wcslen(info->retstr);
										if (retstrlen == 0)
											swprintf(inx, L"%X", (ibegin + i));
										else
											swprintf(inx, L"|%X", (ibegin + i));
										wcscat(info->retstr, inx);
										//swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i));
									}
									else
									{
										LeaveCriticalSection(&info->m_mutex);
										return;
									}
									info->count++;
									LeaveCriticalSection(&info->m_mutex);
								}
							}
						}

					}
					if (info->dwend[n] >= ibegin + 4096)
						ibegin = ibegin + 4096;
					else
					{
						sizen = info->dwend[n] - ibegin;
						ibegin = ibegin + 4096;
						::memset(buffData, 0, sizen);
					}
				}
			}
		}
	}
	else if (info->FindDataType == FINDDATATYPE_FINDDATAEX)
	{
		int nindex = 0;
		for (int n = 0; n < info->dwncount; n++)
		{
			EnterCriticalSection(&info->m_mutex);//临界区保护多线程
			for (int k = 0; k < info->dwncount; k++)
			{
				if (info->bfindindex[k] == true)
					n = k;
				else
				{
					info->bfindindex[k] = true;
					break;
				}
			}
			LeaveCriticalSection(&info->m_mutex);//临界区保护多线程
			int size = info->dwend[n] - info->dwbegin[n];
			if (size <= 4096)
			{
				ibegin = info->dwbegin[n];
				::memset(buffData, 0, size);
				if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, size, &dwRead))
				{
					int i = 0;
					for (; i < (int)dwRead; i++)
					{
						if (buffData[i] == info->Finddata[nindex] || info->Finddata[nindex] == 256)// unknow=256;//标记??模糊查询
						{
							if (info->FindIntType == (nindex + 1))   //匹配成功
							{
								EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
								if (info->count <= 20000)	//记录找到地址的上限为20000,防止溢出
								{
									wchar_t inx[10] = { 0 };
									if (retstrlen == 0)
										retstrlen = wcslen(info->retstr);
									if (retstrlen == 0)
										swprintf(inx, L"%X", (ibegin + i) - nindex);
									else
										swprintf(inx, L"|%X", (ibegin + i) - nindex);
									wcscat(info->retstr, inx);
									//swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i)-nindex);
								}
								else
								{
									LeaveCriticalSection(&info->m_mutex);
									return;
								}
								info->count++;
								nindex = 0;
								LeaveCriticalSection(&info->m_mutex);
							}
							nindex++;
						}
						else
							nindex = 0;
					}

				}
			}
			else
			{
				ibegin = info->dwbegin[n];
				int sizen = 4096;
				while (ibegin < info->dwend[n] && info->dwend[n]>0)
				{
					if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
					{
						int i = 0;
						for (; i < (int)dwRead; i++)
						{
							if (buffData[i] == info->Finddata[nindex] || info->Finddata[nindex] == 256)// unknow=256;//标记??模糊查询
							{
								if (info->FindIntType == (nindex + 1))   //匹配成功
								{
									EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
									if (info->count <= 20000)	//记录找到地址的上限为20000,防止溢出
									{
										wchar_t inx[10] = { 0 };
										if (retstrlen == 0)
											retstrlen = wcslen(info->retstr);
										if (retstrlen == 0)
											swprintf(inx, L"%X", (ibegin + i) - nindex);
										else
											swprintf(inx, L"|%X", (ibegin + i) - nindex);
										wcscat(info->retstr, inx);
										//swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i)-nindex);
									}
									else
									{
										LeaveCriticalSection(&info->m_mutex);
										return;
									}
									info->count++;
									nindex = 0;
									LeaveCriticalSection(&info->m_mutex);
								}
								nindex++;
							}
							else
								nindex = 0;
						}

					}
					if (info->dwend[n] >= ibegin + 4096)
						ibegin = ibegin + 4096;
					else
					{
						sizen = info->dwend[n] - ibegin;
						ibegin = ibegin + 4096;
						::memset(buffData, 0, sizen);
					}
				}
			}
		}
	}
	else if (info->FindDataType == FINDDATATYPE_FINDSTRINGEX)
	{
		int nindex = 0;
		//////////////////0：ASCCII编码查找  1：Unicode编码查找//////////////////////////////
		if (info->FindIntType == 1)
		{
			USES_CONVERSION;
			int len = wcslen(info->Findstring);
			char chstr[MAX_PATH * 2] = { 0 };
			strcpy(chstr, W2A(info->Findstring));
			len = strlen(chstr);;

			for (int n = 0; n < info->dwncount; n++)
			{
				EnterCriticalSection(&info->m_mutex);//临界区保护多线程
				for (int k = 0; k < info->dwncount; k++)
				{
					if (info->bfindindex[k] == true)
						n = k;
					else
					{
						info->bfindindex[k] = true;
						break;
					}
				}
				LeaveCriticalSection(&info->m_mutex);//临界区保护多线程
				int size = info->dwend[n] - info->dwbegin[n];
				if (size <= 4096)
				{
					ibegin = info->dwbegin[n];
					::memset(buffData, 0, size);
					if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, size, &dwRead))
					{
						int i = 0;
						for (; i < (int)dwRead; i++)
						{
							if (buffData[i] == chstr[nindex])
							{
								if (len == (nindex + 1))   //匹配成功
								{
									EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
									if (info->count <= 20000)	//记录找到地址的上限为20000,防止溢出
									{
										wchar_t inx[10] = { 0 };
										if (retstrlen == 0)
											retstrlen = wcslen(info->retstr);
										if (retstrlen == 0)
											swprintf(inx, L"%X", (ibegin + i) - nindex);
										else
											swprintf(inx, L"|%X", (ibegin + i) - nindex);
										wcscat(info->retstr, inx);
										//swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i)-nindex);
									}
									else
									{
										LeaveCriticalSection(&info->m_mutex);
										return;
									}
									info->count++;
									nindex = 0;
									LeaveCriticalSection(&info->m_mutex);
								}
								nindex++;
							}
							else
								nindex = 0;
						}

					}
				}
				else
				{
					ibegin = info->dwbegin[n];
					int sizen = 4096;
					while (ibegin < info->dwbegin[n] && info->dwbegin[n]>0)
					{
						if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
						{
							int i = 0;
							for (; i < (int)dwRead; i++)
							{
								if (buffData[i] == chstr[nindex])
								{
									if (len == (nindex + 1))   //匹配成功
									{
										EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
										if (info->count <= 20000)	//记录找到地址的上限为20000,防止溢出
										{
											wchar_t inx[10] = { 0 };
											if (retstrlen == 0)
												retstrlen = wcslen(info->retstr);
											if (retstrlen == 0)
												swprintf(inx, L"%X", (ibegin + i) - nindex);
											else
												swprintf(inx, L"|%X", (ibegin + i) - nindex);
											wcscat(info->retstr, inx);
											//swprintf(info->retstr,L"%s|%X",info->retstr,(ibegin+i)-nindex);
										}
										else
										{
											LeaveCriticalSection(&info->m_mutex);
											return;
										}
										info->count++;
										nindex = 0;
										LeaveCriticalSection(&info->m_mutex);
									}
									nindex++;
								}
								else
									nindex = 0;
							}

						}
						if (info->dwbegin[n] >= ibegin + 4096)
							ibegin = ibegin + 4096;
						else
						{
							sizen = info->dwbegin[n] - ibegin;
							ibegin = ibegin + 4096;
							::memset(buffData, 0, sizen);
						}
					}
				}
			}
		}
		else if (info->FindIntType == 0)
		{
			int len = wcslen(info->Findstring);
			for (int n = 0; n < info->dwncount; n++)
			{
				EnterCriticalSection(&info->m_mutex);//临界区保护多线程
				for (int k = 0; k < info->dwncount; k++)
				{
					if (info->bfindindex[k] == true)
						n = k;
					else
					{
						info->bfindindex[k] = true;
						break;
					}
				}
				LeaveCriticalSection(&info->m_mutex);//临界区保护多线程
				int size = info->dwend[n] - info->dwbegin[n];
				if (size <= 4096)
				{
					ibegin = info->dwbegin[n];
					::memset(buffData, 0, size);
					if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, size, &dwRead))
					{
						int i = 0;
						for (; i < (int)dwRead; i++)
						{
							if (buffData[i] == info->Findstring[nindex])
							{
								if (len == (nindex + 1))   //匹配成功
								{
									EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
									if (info->count <= 20000)	//记录找到地址的上限为20000,防止溢出
									{
										wchar_t inx[10] = { 0 };
										if (retstrlen == 0)
											retstrlen = wcslen(info->retstr);
										if (retstrlen == 0)
											swprintf(inx, L"%X", ibegin + (i - nindex) * 2);
										else
											swprintf(inx, L"|%X", ibegin + (i - nindex) * 2);
										wcscat(info->retstr, inx);
										//swprintf(info->retstr,L"%s|%X",info->retstr,ibegin+(i-nindex)*2);
									}
									else
									{
										LeaveCriticalSection(&info->m_mutex);
										return;
									}
									info->count++;
									nindex = 0;
									LeaveCriticalSection(&info->m_mutex);
								}
								nindex++;
							}
							else
								nindex = 0;
						}

					}
				}
				else
				{
					ibegin = info->dwbegin[n];
					int sizen = 4096;
					while (ibegin < info->dwend[n] && info->dwend[n]>0)
					{
						if (ReadProcessMemory(info->hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
						{
							int i = 0;
							for (; i < (int)dwRead; i++)
							{
								if (buffData[i] == info->Findstring[nindex])
								{
									if (len == (nindex + 1))   //匹配成功
									{
										EnterCriticalSection(&info->m_mutex);//临界区保护多线程对同一个字符串操作
										if (info->count <= 20000)	//记录找到地址的上限为20000,防止溢出
										{
											wchar_t inx[10] = { 0 };
											if (retstrlen == 0)
												retstrlen = wcslen(info->retstr);
											if (retstrlen == 0)
												swprintf(inx, L"%X", ibegin + (i - nindex) * 2);
											else
												swprintf(inx, L"|%X", ibegin + (i - nindex) * 2);
											wcscat(info->retstr, inx);
											//swprintf(info->retstr,L"%s|%X",info->retstr,ibegin+(i-nindex)*2);
										}
										else
										{
											LeaveCriticalSection(&info->m_mutex);
											return;
										}
										info->count++;
										nindex = 0;
										LeaveCriticalSection(&info->m_mutex);
									}
									nindex++;
								}
								else
									nindex = 0;
							}

						}
						if (info->dwend[n] >= ibegin + 4096)
							ibegin = ibegin + 4096;
						else
						{
							sizen = info->dwend[n] - ibegin;
							ibegin = ibegin + 4096;
							::memset(buffData, 0, sizen);
						}
					}
				}
			}
		}
	}
}

bool TSMemoryAPI::TSFindInt(LONG hwnd, wchar_t* addr_range, wchar_t* retstr, LONG int_value_min, LONG int_value_max, LONG type, bool threadtype)
{
	bool bret = false;
	LONG ibegin = 0;
	LONG ipend = 0;
	DWORD MaxAddrs[MAX_PATH * 200] = { 0 };//最大寻址的地址个数
	int naddr = 0;
	if (TSGetaddr_range(addr_range, ibegin, ipend, MaxAddrs, naddr))
	{
		if (ibegin >= ipend && naddr == 0)
			return bret;

		DWORD Pid = 0;
		//if(my_GetWindowThreadProcessId)
		//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
		//else
		My_GetWindowThreadProcessId((HWND)hwnd, &Pid);

		TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
		HANDLE hprocess = NULL;
		//if(my_OpenProcess)
		//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
		//else
		//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
		hprocess = My_OpenProcess(Pid);

		if (hprocess == NULL)
		{
			if (my_ZwOpenProcess)
			{
				CLIENT_ID  Cileid;
				Cileid.UniqueProcess = (HANDLE)Pid;
				my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
			}
			if (hprocess == NULL)
				return bret;
		}


		int retstrlen = 0;
		DWORD dwRead = 0;
		int count = 0;
		if (ibegin >= 0 && naddr == 0)
		{
			if (ibegin < 0x400000)
				ibegin = 0x400000;


			DWORD   nbegin[MAX_PATH * 10] = { 0 };
			DWORD	npend[MAX_PATH * 10] = { 0 };
			int naddr = 0;
			GetFindaddr(hprocess, (LPVOID)ibegin, (LPVOID)ipend, nbegin, npend, naddr);
			if (naddr == 0)
				return bret;

			if (threadtype)//是否多线程模式
			{
				DWORD ncpu = GetProcessNumber();//获取CPU个数,决定多线程的个数
				HANDLE threadhandle[MAX_PATH] = { 0 };
				//双核以下CPU双线程
				if (ncpu <= 2)
					ncpu = 2;
				else if (ncpu >= 8)
					ncpu = 8;

				FindDataInfo info;
				info.FindDataType = FINDDATATYPE_FINDINTEX;
				info.hprocess = hprocess;
				info.int_value_min = int_value_min;
				info.int_value_max = int_value_max;
				info.FindIntType = type;
				info.retstr = retstr;
				info.dwncount = naddr;
				memcpy(info.dwbegin, nbegin, naddr * sizeof(DWORD));
				memcpy(info.dwend, npend, naddr * sizeof(DWORD));
				InitializeCriticalSection(&info.m_mutex);
				for (int i = 0; i < ncpu; i++)
				{
					threadhandle[i] = (HANDLE)_beginthread(FindDataThread, 0, &info);
				}

				::WaitForMultipleObjects(ncpu, threadhandle, TRUE, INFINITE);	//等待所有线程结束后返回
				DeleteCriticalSection(&info.m_mutex);
				return true;

			}

			BYTE buffData[4096] = { 0 };
			for (int n = 0; n < naddr; n++)
			{
				int size = npend[n] - nbegin[n];
				if (size <= 4096)
				{
					::memset(buffData, 0, size);
					if (ReadProcessMemory(hprocess, LPVOID(nbegin[n]), buffData, size, &dwRead))
					{
						int i = 0;
						for (; i < (int)dwRead; i++)
						{
							if (type == 0)//0 : 32位
							{
								int* value = (int*)&buffData[i];
								if (*value >= int_value_min && *value <= int_value_max)
								{
									if (count <= 20000)
									{
										wchar_t inx[10] = { 0 };
										if (retstrlen == 0)
											retstrlen = wcslen(retstr);
										if (retstrlen == 0)
											swprintf(inx, L"%X", (ibegin + i));
										else
											swprintf(inx, L"|%X", (ibegin + i));
										wcscat(retstr, inx);
										//swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
									}
									count++;
									bret = true;
								}
							}
							else  if (type == 1)  //1 : 16 位
							{
								short* value = (short*)&buffData[i];
								if (*value >= int_value_min && *value <= int_value_max)
								{
									if (count <= 20000)
									{
										wchar_t inx[10] = { 0 };
										if (retstrlen == 0)
											retstrlen = wcslen(retstr);
										if (retstrlen == 0)
											swprintf(inx, L"%X", (ibegin + i));
										else
											swprintf(inx, L"|%X", (ibegin + i));
										wcscat(retstr, inx);
										//swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
									}
									count++;
									bret = true;
								}
							}
							else if (type == 2)//2 : 8位
							{
								if (buffData[i] >= int_value_min && buffData[i] <= int_value_max)
								{
									if (count <= 20000)
									{
										wchar_t inx[10] = { 0 };
										if (retstrlen == 0)
											retstrlen = wcslen(retstr);
										if (retstrlen == 0)
											swprintf(inx, L"%X", (ibegin + i));
										else
											swprintf(inx, L"|%X", (ibegin + i));
										wcscat(retstr, inx);
										//swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
									}
									count++;
									bret = true;
								}
							}
						}

					}
				}
				else
				{
					ibegin = nbegin[n];
					int sizen = 4096;
					while (ibegin < npend[n] && npend[n]>0)
					{
						if (ReadProcessMemory(hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
						{
							int i = 0;
							for (; i < (int)dwRead; i++)
							{
								if (type == 0)//0 : 32位
								{
									int* value = (int*)&buffData[i];
									if (*value >= int_value_min && *value <= int_value_max)
									{
										if (count <= 20000)
										{
											wchar_t inx[10] = { 0 };
											if (retstrlen == 0)
												retstrlen = wcslen(retstr);
											if (retstrlen == 0)
												swprintf(inx, L"%X", (ibegin + i));
											else
												swprintf(inx, L"|%X", (ibegin + i));
											wcscat(retstr, inx);
											//swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
										}
										count++;
										bret = true;
									}
								}
								else  if (type == 1)  //1 : 16 位
								{
									short* value = (short*)&buffData[i];
									if (*value >= int_value_min && *value <= int_value_max)
									{
										if (count <= 20000)
										{
											wchar_t inx[10] = { 0 };
											if (retstrlen == 0)
												retstrlen = wcslen(retstr);
											if (retstrlen == 0)
												swprintf(inx, L"%X", (ibegin + i));
											else
												swprintf(inx, L"|%X", (ibegin + i));
											wcscat(retstr, inx);
											//swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
										}
										count++;
										bret = true;
									}
								}
								else if (type == 2)//2 : 8位
								{
									if (buffData[i] >= int_value_min && buffData[i] <= int_value_max)
									{
										if (count <= 20000)
										{
											wchar_t inx[10] = { 0 };
											if (retstrlen == 0)
												retstrlen = wcslen(retstr);
											if (retstrlen == 0)
												swprintf(inx, L"%X", (ibegin + i));
											else
												swprintf(inx, L"|%X", (ibegin + i));
											wcscat(retstr, inx);
											//swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
										}
										count++;
										bret = true;
									}
								}
							}

						}
						if (npend[n] >= ibegin + 4096)
							ibegin = ibegin + 4096;
						else
						{
							sizen = npend[n] - ibegin;
							ibegin = ibegin + 4096;
							::memset(buffData, 0, sizen);
						}
					}
				}
			}

			//BYTE buffData[4096]={0};
			//while(ibegin<ipend&&ibegin>0)
			//	{
			//	::memset(buffData,0,4096);
			//	if(ReadProcessMemory(hprocess,LPVOID(ibegin),buffData,4096,&dwRead))
			//		{
			//		int i=0;
			//		for(;i<(int)dwRead;i++)
			//			{
			//			if(type==0)//0 : 32位
			//				{
			//				int *value=(int *)&buffData[i];
			//				if(*value>=int_value_min&&*value<=int_value_max)
			//					{
			//						if(count<=20000)
			//							{
			//								if(retstrlen==0)
			//									retstrlen=wcslen(retstr);
			//								if(retstrlen==0)
			//									swprintf(retstr,L"%X",(ibegin+i));
			//								else
			//									swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
			//							}
			//					count++;
			//					bret=true;
			//					}
			//				}
			//			else  if(type==1)  //1 : 16 位
			//				{
			//				short *value=(short *)&buffData[i];
			//				if(*value>=int_value_min&&*value<=int_value_max)
			//					{
			//					if(count<=20000)
			//						{
			//							if(retstrlen==0)
			//								retstrlen=wcslen(retstr);
			//							if(retstrlen==0)
			//								swprintf(retstr,L"%X",(ibegin+i));
			//							else
			//								swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
			//						}
			//					count++;
			//					bret=true;
			//					}
			//				}
			//			else if(type==2)//2 : 8位
			//				{
			//				if(buffData[i]>=int_value_min&&buffData[i]<=int_value_max)
			//					{
			//					if(count<=20000)
			//						{
			//							if(retstrlen==0)
			//								retstrlen=wcslen(retstr);
			//							if(retstrlen==0)
			//								swprintf(retstr,L"%X",(ibegin+i));
			//							else
			//								swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
			//						}
			//					count++;
			//					bret=true;
			//					}
			//				}
			//			}

			//		}
			//	ibegin=ibegin+4096;
			//	}
		}
		else
		{
			if (type == 0)//0 : 32位
			{
				int  value = 0;
				for (int i = 0; i < naddr; i++)
				{
					if (ReadProcessMemory(hprocess, LPVOID(MaxAddrs[i]), &value, sizeof(int), &dwRead))
					{
						if (value >= int_value_min && value <= int_value_max)
						{
							if (count <= 2000)
							{
								wchar_t inx[10] = { 0 };
								if (retstrlen == 0)
									retstrlen = wcslen(retstr);
								if (retstrlen == 0)
									swprintf(inx, L"%X", MaxAddrs[i]);
								else
									swprintf(inx, L"|%X", MaxAddrs[i]);
								wcscat(retstr, inx);
								//swprintf(retstr,L"%s|%X",retstr,MaxAddrs[i]);
							}
							bret = true;
							count++;
						}
					}
				}
			}
			else if (type == 1) //1 : 16 位
			{
				short  value = 0;
				for (int i = 0; i < naddr; i++)
				{
					if (ReadProcessMemory(hprocess, LPVOID(MaxAddrs[i]), &value, sizeof(short), &dwRead))
					{
						if (value >= int_value_min && value <= int_value_max)
						{
							if (count <= 2000)
							{
								wchar_t inx[10] = { 0 };
								if (retstrlen == 0)
									retstrlen = wcslen(retstr);
								if (retstrlen == 0)
									swprintf(inx, L"%X", MaxAddrs[i]);
								else
									swprintf(inx, L"|%X", MaxAddrs[i]);
								wcscat(retstr, inx);
								//swprintf(retstr,L"%s|%X",retstr,MaxAddrs[i]);
							}
							bret = true;
							count++;
						}
					}
				}
			}
			else if (type == 2)//2 : 8位
			{
				BYTE  value = 0;
				for (int i = 0; i < naddr; i++)
				{
					if (ReadProcessMemory(hprocess, LPVOID(MaxAddrs[i]), &value, sizeof(BYTE), &dwRead))
					{
						if (value >= int_value_min && value <= int_value_max)
						{
							if (count <= 2000)
							{
								wchar_t inx[10] = { 0 };
								if (retstrlen == 0)
									retstrlen = wcslen(retstr);
								if (retstrlen == 0)
									swprintf(inx, L"%X", MaxAddrs[i]);
								else
									swprintf(inx, L"|%X", MaxAddrs[i]);
								wcscat(retstr, inx);
								//swprintf(retstr,L"%s|%X",retstr,MaxAddrs[i]);
							}
							bret = true;
							count++;
						}
					}
				}
			}

		}
	}
	return bret;
}

bool TSMemoryAPI::TSFindFloat(LONG hwnd, wchar_t* addr_range, wchar_t* retstr, FLOAT float_value_min, FLOAT float_value_max, bool threadtype)
{

	//	TSRuntime::newstr=NULL;

	bool bret = false;
	LONG ibegin = 0;
	LONG ipend = 0;
	DWORD MaxAddrs[MAX_PATH * 200] = { 0 };//最大寻址的地址个数
	int naddr = 0;
	int count = 0;
	if (TSGetaddr_range(addr_range, ibegin, ipend, MaxAddrs, naddr))
	{
		if (ibegin >= ipend && naddr == 0)
			return bret;

		DWORD Pid = 0;
		//if(my_GetWindowThreadProcessId)
		//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
		//else
		My_GetWindowThreadProcessId((HWND)hwnd, &Pid);

		TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
		HANDLE hprocess = NULL;
		//if(my_OpenProcess)
		//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
		//else
		//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
		hprocess = My_OpenProcess(Pid);

		if (hprocess == NULL)
		{
			if (my_ZwOpenProcess)
			{
				CLIENT_ID  Cileid;
				Cileid.UniqueProcess = (HANDLE)Pid;
				my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
			}
			if (hprocess == NULL)
				return bret;
		}

		int retstrlen = 0;
		DWORD dwRead = 0;
		if (ibegin >= 0 && naddr == 0)
		{
			if (ibegin < 0x400000)
				ibegin = 0x400000;

			DWORD   nbegin[MAX_PATH * 10] = { 0 };
			DWORD	npend[MAX_PATH * 10] = { 0 };
			int naddr = 0;
			GetFindaddr(hprocess, (LPVOID)ibegin, (LPVOID)ipend, nbegin, npend, naddr);
			if (naddr == 0)
				return bret;

			if (threadtype)//是否多线程模式
			{
				memset(TSRuntime::membstr, 0, MAX_PATH * 200);
				DWORD ncpu = GetProcessNumber();//获取CPU个数,决定多线程的个数
				HANDLE threadhandle[MAX_PATH] = { 0 };
				//双核以下CPU双线程
				if (ncpu <= 2)
					ncpu = 2;
				else if (ncpu >= 8)
					ncpu = 8;

				FindDataInfo info;
				info.FindDataType = FINDDATATYPE_FINDFLOATEX;
				info.hprocess = hprocess;
				info.float_value_min = float_value_min;
				info.float_value_max = float_value_max;
				info.retstr = retstr;
				info.dwncount = naddr;
				memcpy(info.dwbegin, nbegin, naddr * sizeof(DWORD));
				memcpy(info.dwend, npend, naddr * sizeof(DWORD));
				InitializeCriticalSection(&info.m_mutex);
				for (int i = 0; i < ncpu; i++)
				{
					threadhandle[i] = (HANDLE)_beginthread(FindDataThread, 0, &info);
				}

				::WaitForMultipleObjects(ncpu, threadhandle, TRUE, INFINITE);	//等待所有线程结束后返回
				DeleteCriticalSection(&info.m_mutex);
				return true;

			}

			BYTE buffData[4096] = { 0 };
			for (int n = 0; n < naddr; n++)
			{
				int size = npend[n] - nbegin[n];
				if (size <= 4096)
				{
					::memset(buffData, 0, size);
					if (ReadProcessMemory(hprocess, LPVOID(nbegin[n]), buffData, size, &dwRead))
					{
						int i = 0;
						for (; i < (int)dwRead; i++)
						{
							float* float_value = (float*)&buffData[i];
							if (*float_value >= float_value_min && *float_value <= float_value_max)
							{
								if (count <= 20000)	//记录找到地址的上限为5000,防止溢出
								{
									wchar_t inx[10] = { 0 };
									if (retstrlen == 0)
										retstrlen = wcslen(retstr);
									if (retstrlen == 0)
										swprintf(inx, L"%X", (ibegin + i));
									else
										swprintf(inx, L"|%X", (ibegin + i));
									wcscat(retstr, inx);
									//swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
								}
								count++;
							}
						}

					}
				}
				else
				{
					ibegin = nbegin[n];
					int sizen = 4096;
					while (ibegin < npend[n] && npend[n]>0)
					{
						if (ReadProcessMemory(hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
						{
							int i = 0;
							for (; i < (int)dwRead; i++)
							{
								float* float_value = (float*)&buffData[i];
								if (*float_value >= float_value_min && *float_value <= float_value_max)
								{
									if (count <= 20000)	//记录找到地址的上限为5000,防止溢出
									{
										wchar_t inx[10] = { 0 };
										if (retstrlen == 0)
											retstrlen = wcslen(retstr);
										if (retstrlen == 0)
											swprintf(inx, L"%X", (ibegin + i));
										else
											swprintf(inx, L"|%X", (ibegin + i));
										wcscat(retstr, inx);
										//swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
									}
									count++;
								}
							}

						}
						if (npend[n] >= ibegin + 4096)
							ibegin = ibegin + 4096;
						else
						{
							sizen = npend[n] - ibegin;
							ibegin = ibegin + 4096;
							::memset(buffData, 0, sizen);
						}
					}
				}
			}

			//BYTE buffData[4096]={0};
			//while(ibegin<ipend&&ibegin>0)
			//	{
			//	::memset(buffData,0,4096);
			//	if(ReadProcessMemory(hprocess,LPVOID(ibegin),buffData,4096,&dwRead))
			//		{
			//		int i=0;
			//		for(;i<(int)dwRead;i++)
			//			{
			//				float *float_value=(float *)&buffData[i];
			//				if(*float_value>=float_value_min&&*float_value<=float_value_max)
			//					{
			//					if(count<=10000)
			//						{
			//							if(retstrlen==0)
			//								retstrlen=wcslen(retstr);
			//							if(retstrlen==0)
			//								swprintf(retstr,L"%X",(ibegin+i));
			//							else
			//								swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
			//						}
			//					count++;
			//					bret=true;
			//					}
			//			}

			//		}
			//	ibegin=ibegin+4096;
			//	}
		}
		else
		{
			float buffData = 0;
			for (int i = 0; i < naddr; i++)
			{
				if (ReadProcessMemory(hprocess, LPVOID(MaxAddrs[i]), &buffData, sizeof(float), &dwRead))
				{
					if (buffData >= float_value_min && buffData <= float_value_max)
					{
						if (count <= 10000)
						{
							wchar_t inx[10] = { 0 };
							if (retstrlen == 0)
								retstrlen = wcslen(retstr);
							if (retstrlen == 0)
								swprintf(inx, L"%X", MaxAddrs[i]);
							else
								swprintf(inx, L"|%X", MaxAddrs[i]);
							wcscat(retstr, inx);
							//swprintf(retstr,L"%s|%X",retstr,MaxAddrs[i]);
						}
						bret = true;
						count++;
					}
				}
			}

		}

	}

	//if(bret&&count>1600)
	//	TSRuntime::newstr=::SysAllocString(retstr);

	return bret;
}

bool TSMemoryAPI::TSFindDouble(LONG hwnd, wchar_t* addr_range, wchar_t* retstr, double double_value_min, double double_value_max, bool threadtype)
{
	bool bret = false;
	LONG ibegin = 0;
	LONG ipend = 0;
	DWORD MaxAddrs[MAX_PATH * 200] = { 0 };//最大寻址的地址个数
	int naddr = 0;
	if (TSGetaddr_range(addr_range, ibegin, ipend, MaxAddrs, naddr))
	{

		if (ibegin >= ipend && naddr == 0)
			return bret;

		DWORD Pid = 0;
		//if(my_GetWindowThreadProcessId)
		//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
		//else
		My_GetWindowThreadProcessId((HWND)hwnd, &Pid);

		TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
		HANDLE hprocess = NULL;
		//if(my_OpenProcess)
		//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
		//else
		//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
		hprocess = My_OpenProcess(Pid);

		if (hprocess == NULL)
		{
			if (my_ZwOpenProcess)
			{
				CLIENT_ID  Cileid;
				Cileid.UniqueProcess = (HANDLE)Pid;
				my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
			}
			if (hprocess == NULL)
				return bret;
		}

		int retstrlen = 0;
		DWORD dwRead = 0;
		int count = 0;
		if (ibegin >= 0 && naddr == 0)
		{
			if (ibegin < 0x400000)
				ibegin = 0x400000;

			DWORD   nbegin[MAX_PATH * 10] = { 0 };
			DWORD	npend[MAX_PATH * 10] = { 0 };
			int naddr = 0;
			GetFindaddr(hprocess, (LPVOID)ibegin, (LPVOID)ipend, nbegin, npend, naddr);
			if (naddr == 0)
				return bret;

			if (threadtype)//是否多线程模式
			{
				memset(TSRuntime::membstr, 0, MAX_PATH * 200);
				DWORD ncpu = GetProcessNumber();//获取CPU个数,决定多线程的个数
				HANDLE threadhandle[MAX_PATH] = { 0 };
				//双核以下CPU双线程
				if (ncpu <= 2)
					ncpu = 2;
				else if (ncpu >= 8)
					ncpu = 8;

				FindDataInfo info;
				info.FindDataType = FINDDATATYPE_FINDDOUBLEEX;
				info.hprocess = hprocess;
				info.double_value_min = double_value_min;
				info.double_value_max = double_value_max;
				info.retstr = retstr;
				info.dwncount = naddr;
				memcpy(info.dwbegin, nbegin, naddr * sizeof(DWORD));
				memcpy(info.dwend, npend, naddr * sizeof(DWORD));
				InitializeCriticalSection(&info.m_mutex);
				for (int i = 0; i < ncpu; i++)
				{
					threadhandle[i] = (HANDLE)_beginthread(FindDataThread, 0, &info);
				}

				::WaitForMultipleObjects(ncpu, threadhandle, TRUE, INFINITE);	//等待所有线程结束后返回
				DeleteCriticalSection(&info.m_mutex);
				return true;

			}

			BYTE buffData[4096] = { 0 };
			for (int n = 0; n < naddr; n++)
			{
				int size = npend[n] - nbegin[n];
				if (size <= 4096)
				{
					::memset(buffData, 0, size);
					if (ReadProcessMemory(hprocess, LPVOID(nbegin[n]), buffData, size, &dwRead))
					{
						int i = 0;
						for (; i < (int)dwRead; i++)
						{
							double* double_value = (double*)&buffData[i];
							if (*double_value >= double_value_min && *double_value <= double_value_max)
							{
								if (count <= 20000)	//记录找到地址的上限为5000,防止溢出
								{
									wchar_t inx[10] = { 0 };
									if (retstrlen == 0)
										retstrlen = wcslen(retstr);
									if (retstrlen == 0)
										swprintf(inx, L"%X", (ibegin + i));
									else
										swprintf(inx, L"|%X", (ibegin + i));
									wcscat(retstr, inx);
									//swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
								}
								count++;
							}
						}

					}
				}
				else
				{
					ibegin = nbegin[n];
					int sizen = 4096;
					while (ibegin < npend[n] && npend[n]>0)
					{
						if (ReadProcessMemory(hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
						{
							int i = 0;
							for (; i < (int)dwRead; i++)
							{
								double* double_value = (double*)&buffData[i];
								if (*double_value >= double_value_min && *double_value <= double_value_max)
								{
									if (count <= 20000)	//记录找到地址的上限为5000,防止溢出
									{
										wchar_t inx[10] = { 0 };
										if (retstrlen == 0)
											retstrlen = wcslen(retstr);
										if (retstrlen == 0)
											swprintf(inx, L"%X", (ibegin + i));
										else
											swprintf(inx, L"|%X", (ibegin + i));
										wcscat(retstr, inx);
										//swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
									}
									count++;
								}
							}

						}
						if (npend[n] >= ibegin + 4096)
							ibegin = ibegin + 4096;
						else
						{
							sizen = npend[n] - ibegin;
							ibegin = ibegin + 4096;
							::memset(buffData, 0, sizen);
						}
					}
				}
			}

			//BYTE buffData[4096]={0};
			//while(ibegin<ipend&&ibegin>0)
			//	{
			//	 ::memset(buffData,0,4096);
			//	if(ReadProcessMemory(hprocess,LPVOID(ibegin),buffData,4096,&dwRead))
			//		{
			//		int i=0;
			//		for(;i<(int)dwRead;i++)
			//			{
			//				double *double_value=(double *)&buffData[i];
			//				if(*double_value>=double_value_min&&*double_value<=double_value_max)
			//					{
			//					if(count<=5000)	//记录找到地址的上限为5000,防止溢出
			//						{
			//							if(retstrlen==0)
			//								retstrlen=wcslen(retstr);
			//							if(retstrlen==0)
			//								swprintf(retstr,L"%X",(ibegin+i));
			//							else
			//								swprintf(retstr,L"%s|%X",retstr,(ibegin+i));
			//						}
			//						count++;
			//					}
			//			}

			//		}
			//	ibegin=ibegin+4096;
			//	}
		}
		else
		{
			double buffData = 0;
			for (int i = 0; i < naddr; i++)
			{
				if (ReadProcessMemory(hprocess, LPVOID(MaxAddrs[i]), &buffData, sizeof(double), &dwRead))
				{
					if (buffData >= double_value_min && buffData <= double_value_max)
					{
						if (count <= 20000)	//记录找到地址的上限为5000,防止溢出
						{
							wchar_t inx[10] = { 0 };
							if (retstrlen == 0)
								retstrlen = wcslen(retstr);
							if (retstrlen == 0)
								swprintf(inx, L"%X", MaxAddrs[i]);
							else
								swprintf(inx, L"|%X", MaxAddrs[i]);
							wcscat(retstr, inx);
							//swprintf(retstr,L"%s|%X",retstr,MaxAddrs[i]);
						}
						count++;
					}
				}
			}
		}

	}
	return bret;
}

bool TSMemoryAPI::TSFindData(LONG hwnd, wchar_t* addr_range, wchar_t* data, wchar_t* retstr, bool threadtype)
{
	bool bret = false;
	LONG ibegin = 0;
	LONG ipend = 0;
	DWORD MaxAddrs[MAX_PATH * 200] = { 0 };//最大寻址的地址个数
	int naddr = 0;
	if (wcslen(data) == 0 || wcslen(addr_range) == 0)
		return false;
	if (TSGetaddr_range(addr_range, ibegin, ipend, MaxAddrs, naddr))
	{

		if (ibegin >= ipend && naddr == 0)
			return bret;

		DWORD Pid = 0;
		//if(my_GetWindowThreadProcessId)
		//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
		//else
		My_GetWindowThreadProcessId((HWND)hwnd, &Pid);

		TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
		HANDLE hprocess = NULL;
		//if(my_OpenProcess)
		//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
		//else
		//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
		hprocess = My_OpenProcess(Pid);

		if (hprocess == NULL)
		{
			if (my_ZwOpenProcess)
			{
				CLIENT_ID  Cileid;
				Cileid.UniqueProcess = (HANDLE)Pid;
				my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
			}
			if (hprocess == NULL)
				return bret;
		}

		DWORD dwRead = 0;
		int nindex = 0;
		DWORD Finddata[MAX_PATH] = { 0 };
		int nconut = 0;//返回 data的个数
		TSGetDataValue(data, Finddata, nconut);
		int retstrlen = 0;
		int count = 0;
		if (ibegin >= 0 && naddr == 0)
		{
			if (ibegin < 0x400000)
				ibegin = 0x400000;


			DWORD   nbegin[MAX_PATH * 10] = { 0 };
			DWORD	npend[MAX_PATH * 10] = { 0 };
			int naddr = 0;
			GetFindaddr(hprocess, (LPVOID)ibegin, (LPVOID)ipend, nbegin, npend, naddr);
			if (naddr == 0)
				return bret;

			if (threadtype)//是否多线程模式
			{
				DWORD ncpu = GetProcessNumber();//获取CPU个数,决定多线程的个数
				HANDLE threadhandle[MAX_PATH] = { 0 };
				//双核以下CPU双线程
				if (ncpu <= 2)
					ncpu = 2;
				else if (ncpu >= 8)
					ncpu = 8;

				FindDataInfo info;
				info.FindDataType = FINDDATATYPE_FINDDATAEX;
				info.hprocess = hprocess;
				memcpy(info.Finddata, Finddata, sizeof(DWORD) * nconut);
				info.FindIntType = nconut;
				info.retstr = retstr;
				info.dwncount = naddr;
				memcpy(info.dwbegin, nbegin, naddr * sizeof(DWORD));
				memcpy(info.dwend, npend, naddr * sizeof(DWORD));
				InitializeCriticalSection(&info.m_mutex);
				for (int i = 0; i < ncpu; i++)
				{
					threadhandle[i] = (HANDLE)_beginthread(FindDataThread, 0, &info);
				}

				::WaitForMultipleObjects(ncpu, threadhandle, TRUE, INFINITE);	//等待所有线程结束后返回
				DeleteCriticalSection(&info.m_mutex);
				return true;

			}

			BYTE buffData[4096] = { 0 };
			for (int n = 0; n < naddr; n++)
			{
				int size = npend[n] - nbegin[n];
				if (size <= 4096)
				{
					::memset(buffData, 0, size);
					if (ReadProcessMemory(hprocess, LPVOID(nbegin[n]), buffData, size, &dwRead))
					{
						int i = 0;
						for (; i < (int)dwRead; i++)
						{
							if (buffData[i] == Finddata[nindex] || Finddata[nindex] == 256)// unknow=256;//标记??模糊查询
							{
								if (nconut == (nindex + 1))   //匹配成功
								{
									if (count <= 20000)	//记录找到地址的上限为5000,防止溢出
									{
										wchar_t inx[10] = { 0 };
										if (retstrlen == 0)
											retstrlen = wcslen(retstr);
										if (retstrlen == 0)
											swprintf(inx, L"%X", (ibegin + i) - nindex);
										else
											swprintf(inx, L"|%X", (ibegin + i) - nindex);
										wcscat(retstr, inx);
										//swprintf(retstr,L"%s|%X",retstr,(ibegin+i)-nindex);
									}
									count++;
									nindex = 0;
								}
								nindex++;
							}
							else
								nindex = 0;
						}

					}
				}
				else
				{
					ibegin = nbegin[n];
					int sizen = 4096;
					while (ibegin < npend[n] && npend[n]>0)
					{
						if (ReadProcessMemory(hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
						{
							int i = 0;
							for (; i < (int)dwRead; i++)
							{
								if (buffData[i] == Finddata[nindex] || Finddata[nindex] == 256)// unknow=256;//标记??模糊查询
								{
									if (nconut == (nindex + 1))   //匹配成功
									{
										if (count <= 20000)	//记录找到地址的上限为5000,防止溢出
										{
											wchar_t inx[10] = { 0 };
											if (retstrlen == 0)
												retstrlen = wcslen(retstr);
											if (retstrlen == 0)
												swprintf(inx, L"%X", (ibegin + i) - nindex);
											else
												swprintf(inx, L"|%X", (ibegin + i) - nindex);
											wcscat(retstr, inx);
											//swprintf(retstr,L"%s|%X",retstr,(ibegin+i)-nindex);
										}
										count++;
										nindex = 0;
									}
									nindex++;
								}
								else
									nindex = 0;
							}

						}
						if (npend[n] >= ibegin + 4096)
							ibegin = ibegin + 4096;
						else
						{
							sizen = npend[n] - ibegin;
							ibegin = ibegin + 4096;
							::memset(buffData, 0, sizen);
						}
					}
				}
			}

			//byte buffData[4096]={0};
			//while(ibegin<ipend&&ibegin>0)
			// {
			//	 ::memset(buffData,4096,sizeof(byte)*4096);
			//	 if(ReadProcessMemory(hprocess,LPVOID(ibegin),&buffData,4096,&dwRead))
			//		 { 
			//			 for(int i=0;i<dwRead;i++)
			//				 {
			//					 if(buffData[i]==Finddata[nindex]||Finddata[nindex]==256)// unknow=256;//标记??模糊查询
			//						 {
			//							if(nconut==(nindex+1))   //匹配成功
			//								{	
			//								if(count<=5000)	//记录找到地址的上限为5000,防止溢出
			//									{
			//										if(retstrlen==0)
			//											retstrlen=wcslen(retstr);
			//										if(retstrlen==0)
			//											swprintf(retstr,L"%X",(ibegin+i)-nindex);
			//										else
			//											swprintf(retstr,L"%s|%X",retstr,(ibegin+i)-nindex);
			//									}
			//									count++;
			//									nindex=0;
			//								}
			//							nindex++;
			//						 }
			//					 else
			//						nindex=0;
			//					 
			//				 }
			//		 }
			//	 ibegin=ibegin+4096;
			// }
		}
		else  //地址是地址集合
		{
			byte buffData[MAX_PATH] = { 0 };
			for (int i = 0; i < naddr; i++)
			{
				if (ReadProcessMemory(hprocess, LPVOID(MaxAddrs[i]), &buffData, nconut, &dwRead))
				{
					for (int i = 0; i < nconut; i++)
					{
						if (buffData[i] == Finddata[nindex] || Finddata[nindex] == 256)// unknow=256;//标记??模糊查询
						{
							if (nconut == (nindex + 1))   //匹配成功
							{
								if (count <= 5000)	//记录找到地址的上限为5000,防止溢出
								{
									wchar_t inx[10] = { 0 };
									if (retstrlen == 0)
										retstrlen = wcslen(retstr);
									if (retstrlen == 0)
										swprintf(inx, L"%X", MaxAddrs[i]);
									else
										swprintf(inx, L"|%X", MaxAddrs[i]);
									wcscat(retstr, inx);
									// swprintf(retstr,L"%s|%X",retstr,MaxAddrs[i]);
								}
								count++;
								nindex = 0;
							}
							nindex++;
						}
						else
						{
							nindex = 0;
							break;
						}

					}
				}
			}
		}
	}
	return bret;
}

bool TSMemoryAPI::TSGetDataValue(wchar_t* strs, DWORD* Data_range, int& nconut)
{
	int len = wcslen(strs);
	int index = 0;
	int n = 0;
	int m = 0;
	int unknow = 0;//标记??模糊查询
	wchar_t s[3] = { 0 };
	for (int i = 0; i < len; i++)
	{
		if (strs[i] != ' ')
		{
			s[n] = strs[i];
			if (strs[i] == '?')
				unknow = 256;
			if (n == 1 && strs[i + 1] != ' ' && (i + 1) != len)
			{
				if (unknow == 0)
					Data_range[index] = wcstol(s, 0, 16);
				else
				{
					Data_range[index] = unknow;
					unknow = 0;
				}
				memset(s, 0, n);
				n = 0;
				m = i;
				index++;
				continue;
			}
			n++;
		}
		else if (n != 0)
		{
			if (unknow == 0)
				Data_range[index] = wcstol(s, 0, 16);
			else
			{
				Data_range[index] = unknow;
				unknow = 0;
			}
			memset(s, 0, n);
			n = 0;
			m = i;
			index++;
		}
	}
	Data_range[index] = wcstol(&strs[m + 1], 0, 16);
	nconut = index + 1;
	return true;
}

bool TSMemoryAPI::TSGetaddr_range(wchar_t* strs, LONG& begin, LONG& end, DWORD* addr_range, int& nconut)
{
	bool bret = false;
	int len = wcslen(strs);
	wchar_t strbegin[16] = { 0 };
	wchar_t strend[16] = { 0 };
	bool fistrfind = false;
	begin = -1;
	end = -1;
	int index = 0;
	int n = 0;
	int m = 0;
	for (int i = 0; i < len; i++, n++)
	{
		if (strs[i] != '-' && strs[i] != '|')
			strbegin[n] = strs[i];
		if (strs[i] == '-')
		{
			if (i > 10)//非法地址
				return false;
			fistrfind = true;
			wcscpy(strend, &strs[i + 1]);
			break;
		}
		else if (strs[i] == '|')
		{
			if (index >= (MAX_PATH * 200) - 1)
				return false;

			if (n <= 10)//判断是否是非法地址
			{
				addr_range[index] = wcstol(strbegin, 0, 16);
				index++;
				bret = true;
			}
			memset(strbegin, 0, n);
			n = -1;
			m = i;
		}
	}
	if (fistrfind)
	{
		begin = wcstol(strbegin, 0, 16);
		end = wcstol(strend, 0, 16);
		bret = true;
	}
	else
	{
		addr_range[index] = wcstol(&strs[m + 1], 0, 16);   //拷贝最后一个地址
		nconut = index + 1;
	}

	return bret;
}


bool TSMemoryAPI::TSValueTypeToData(int type, wchar_t* retstr, double dvalue, float fvalue, int ivalue, wchar_t* svalue, int type1)
{
	bool bret = false;
	if (type == 0)//DoubleToData
	{
		BYTE bdouble[8] = { 0 };
		memcpy(bdouble, &dvalue, 8);
		for (int i = 0; i < 8; i++)
		{
			if (i == 0)
			{
				if (bdouble[i] < 0x10)
					swprintf(retstr, L"0%x", bdouble[i]);
				else
					swprintf(retstr, L"%x", bdouble[i]);
			}
			else
			{
				if (bdouble[i] < 0x10)
					swprintf(retstr, L"%s 0%x", retstr, bdouble[i]);
				else
					swprintf(retstr, L"%s %x", retstr, bdouble[i]);
			}
		}
	}
	else if (type == 1) //FloatToData
	{
		BYTE bfolat[4] = { 0 };
		memcpy(bfolat, &fvalue, 4);
		for (int i = 0; i < 4; i++)
		{
			if (i == 0)
			{
				if (bfolat[i] < 0x10)
					swprintf(retstr, L"0%x", bfolat[i]);
				else
					swprintf(retstr, L"%x", bfolat[i]);
			}
			else
			{
				if (bfolat[i] < 0x10)
					swprintf(retstr, L"%s 0%x", retstr, bfolat[i]);
				else
					swprintf(retstr, L"%s %x", retstr, bfolat[i]);
			}
		}
		bret = true;
	}
	else if (type == 2)//IntToData
	{
		//0: 4字节整形数 (一般都选这个)
		//1: 2字节整形数
		//2: 1字节整形数
		int n = 0;
		BYTE bint[4] = { 0 };
		if (type1 == 0)
		{
			memcpy(bint, &ivalue, 4);
			n = 4;
		}
		else if (type1 == 1)
		{
			memcpy(bint, &ivalue, 2);
			n = 2;
		}
		else if (type1 == 2)
		{
			memcpy(bint, &ivalue, 1);
			n = 1;
		}
		if (n == 0)
			return bret;

		for (int i = 0; i < n; i++)
		{
			if (i == 0)
			{
				if (bint[i] < 0x10)
					swprintf(retstr, L"0%x", bint[i]);
				else
					swprintf(retstr, L"%x", bint[i]);
			}
			else
			{
				if (bint[i] < 0x10)
					swprintf(retstr, L"%s 0%x", retstr, bint[i]);
				else
					swprintf(retstr, L"%s %x", retstr, bint[i]);
			}
		}
		bret = true;
	}

	else if (type == 3)//StringToData
	{
		int len = wcslen(svalue);
		USES_CONVERSION;
		if (type1 == 0)//0: 返回Ascii表达的字符串
		{
			char* bstr = new char[len * 2 + 1];
			strcpy(bstr, W2A(svalue));
			for (int i = 0; i < len; i++)
			{
				if (i == 0)
				{
					if (bstr[i] < 0x10)
						swprintf(retstr, L"0%x", bstr[i]);
					else
						swprintf(retstr, L"%x", bstr[i]);
				}
				else
				{
					if (bstr[i] < 0x10)
						swprintf(retstr, L"%s 0%x", retstr, bstr[i]);
					else
						swprintf(retstr, L"%s %x", retstr, bstr[i]);
				}
			}
			delete[] bstr;
			bret = true;
		}
		else if (type1 == 1)//1: 返回Unicode表达的字符串
		{
			for (int i = 0; i < len; i++)
			{
				if (i == 0)
				{
					if (svalue[i] < 0x10)
						swprintf(retstr, L"0%x 00", svalue[i]);
					else
						swprintf(retstr, L"%x 00", svalue[i]);
				}
				else
				{
					if (svalue[i] < 0x10)
						swprintf(retstr, L"%s 0%x 00", retstr, svalue[i]);
					else
						swprintf(retstr, L"%s %x 00", retstr, svalue[i]);
				}
			}
			bret = true;
		}
	}
	return bret;
}


DWORD TSMemoryAPI::TSGetFindDataAddr(wchar_t* strs, DWORD pid)
{
	DWORD readaddr = 0;
	long  longAdd = 0;
	wchar_t module[MAX_PATH] = { 0 };
	int moduleindex = 0;//记录模块长度
	int nindex = 0;//记录指针个数
	int noffset = 0;//
	int index = 0;
	bool subindex[MAX_PATH] = { 0 };//标记"-"号的位置:true,默认是"+":false
	wchar_t offsetaddrstr[MAX_PATH][16] = { 0 };//存储偏移地址
	DWORD	 offsetaddr[MAX_PATH] = { 0 };
	for (int i = 0; i < MAX_PATH; i++)
	{
		memset(offsetaddrstr[i], 0, 16);
	}
	int len = wcslen(strs);
	if (len < 1)
	{
		longAdd = -1;
		return longAdd;
	}
	for (int i = 0; i < len; i++)
	{
		if (strs[i] == '<' || moduleindex > 0)
		{
			if (strs[i] == '>')
			{
				moduleindex = -1;
			}
			else if (strs[i + 1] != '>')
			{
				module[moduleindex] = strs[i + 1];
				moduleindex++;
			}
		}
		if (strs[i] == '>' && moduleindex == 0)
		{
			longAdd = -1;
			return longAdd;
		}
		if (strs[i] == '[')
			nindex++;//记录指针个数
		else if (((strs[i] == '+' || index > 0) || (strs[i] == '-' || index > 0) || moduleindex == 0))
		{
			if (strs[i] == '-')//记录-号的下标
				subindex[noffset] = true;
			if (strs[i] == ']')
			{
				index = 0;
				noffset++;
			}
			else if (strs[i] != ']' && (strs[i] == '+' || strs[i] == '-'))
			{
				offsetaddrstr[noffset][index] = strs[i + 1];
				index++;
				i++;
			}
			else if (strs[i] != ']')
			{
				offsetaddrstr[noffset][index] = strs[i];
				index++;
			}
		}
		else if ((noffset == nindex))//记录最后一个偏移地址
		{
			if (strs[i] == '-')//记录-号的下标
				subindex[noffset] = true;
			if (strs[i] == '+' || strs[i] == '-')
			{
				offsetaddrstr[noffset][index] = strs[i + 1];
				index++;
			}
			else if (index > 0)
			{
				offsetaddrstr[noffset][index] = strs[i + 1];
				index++;
			}

		}


	}
	DWORD Baseaddr = 0;
	if (moduleindex == -1)//说明有传入<modulename>
	{
		HANDLE tlh = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid);
		MODULEENTRY32 modEntry;
		modEntry.dwSize = sizeof(MODULEENTRY32);
		Module32First(tlh, &modEntry);
		do
		{
			if (!wcsicmp(module, modEntry.szModule))
			{
				Baseaddr = (DWORD)modEntry.modBaseAddr;
				DWORD handle = modEntry.th32ModuleID;
				break;
			}
		} while (Module32Next(tlh, &modEntry));
		CloseHandle(tlh);

		if (Baseaddr == 0)
		{
			longAdd = -1;
			return longAdd;
		}
	}

	if (nindex > 0) //说明不是一级指针
	{

		TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
		HANDLE hprocess = NULL;
		//if(my_OpenProcess)
		//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
		//else
		//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
		hprocess = My_OpenProcess(pid);

		if (hprocess == NULL)
		{
			if (my_ZwOpenProcess)
			{
				CLIENT_ID  Cileid;
				Cileid.UniqueProcess = (HANDLE)pid;
				my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
			}
			if (hprocess == NULL)
				return longAdd;
		}

		for (int i = 0; i < nindex; i++)
		{
			offsetaddr[i] = wcstol(offsetaddrstr[i], 0, 16);
			if (i == 0 && Baseaddr > 0)
				readaddr = Baseaddr + offsetaddr[i];
			else if (i == 0)
				readaddr = offsetaddr[i];
			else if (readaddr != 0)
			{
				if (subindex[i])
					readaddr = longAdd - offsetaddr[i];
				else
					readaddr = longAdd + offsetaddr[i];
			}

			longAdd = 0;
			if (my_ReadProcessMemory)
				my_ReadProcessMemory(hprocess, (void*)readaddr, &longAdd, sizeof(longAdd), long(0));
			else
				::ReadProcessMemory(hprocess, (void*)readaddr, &longAdd, sizeof(longAdd), long(0));
			if (longAdd <= 0)//说明读取错误地址
			{
				longAdd = -1;
				return longAdd;
			}


		}
		offsetaddr[nindex] = wcstol(offsetaddrstr[nindex], 0, 16);
		if (subindex[nindex])
			longAdd = longAdd - offsetaddr[nindex];
		else
			longAdd = longAdd + offsetaddr[nindex];
		CloseHandle(hprocess);
	}
	else if (moduleindex != -1)//1367DBC
		longAdd = wcstol(strs, 0, 16);
	else if (moduleindex == -1) //<xx.exe>+1367DBC
	{
		longAdd = wcstol(offsetaddrstr[0], 0, 16);
		longAdd = Baseaddr + longAdd;
	}
	return longAdd;
}

bool TSMemoryAPI::TSFindString(LONG hwnd, wchar_t* addr_range, wchar_t* retstr, wchar_t* string_value, LONG type, bool threadtype)
{
	bool bret = false;
	LONG ibegin = 0;
	LONG ipend = 0;
	DWORD MaxAddrs[MAX_PATH * 200] = { 0 };//最大寻址的地址个数
	int naddr = 0;
	if (TSGetaddr_range(addr_range, ibegin, ipend, MaxAddrs, naddr))
	{
		if (ibegin >= ipend && naddr == 0)
			return bret;

		DWORD Pid = 0;
		//if(my_GetWindowThreadProcessId)
		//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
		//else
		My_GetWindowThreadProcessId((HWND)hwnd, &Pid);

		TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
		HANDLE hprocess = NULL;
		//if(my_OpenProcess)
		//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
		//else
		//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
		hprocess = My_OpenProcess(Pid);

		if (hprocess == NULL)
		{
			if (my_ZwOpenProcess)
			{
				CLIENT_ID  Cileid;
				Cileid.UniqueProcess = (HANDLE)Pid;
				my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
			}
			if (hprocess == NULL)
				return bret;
		}

		int retstrlen = 0;
		DWORD dwRead = 0;
		int count = 0;
		int nindex = 0;
		if (ibegin >= 0 && naddr == 0)
		{
			if (ibegin < 0x400000)
				ibegin = 0x400000;

			DWORD   nbegin[MAX_PATH * 10] = { 0 };
			DWORD	npend[MAX_PATH * 10] = { 0 };
			int naddr = 0;
			GetFindaddr(hprocess, (LPVOID)ibegin, (LPVOID)ipend, nbegin, npend, naddr);
			if (naddr == 0)
				return bret;

			if (threadtype)//是否多线程模式
			{
				DWORD ncpu = GetProcessNumber();//获取CPU个数,决定多线程的个数
				HANDLE threadhandle[MAX_PATH] = { 0 };
				//双核以下CPU双线程
				if (ncpu <= 2)
					ncpu = 2;
				else if (ncpu >= 8)
					ncpu = 8;

				int len = wcslen(string_value);
				if (len >= MAX_PATH || len == 0)
					return bret;

				FindDataInfo info;
				info.FindDataType = FINDDATATYPE_FINDSTRINGEX;
				info.hprocess = hprocess;
				wcscpy(info.Findstring, string_value);
				info.FindIntType = type;	////0：ASCCII编码查找  1：Unicode编码查找
				info.retstr = retstr;
				info.dwncount = naddr;
				memcpy(info.dwbegin, nbegin, naddr * sizeof(DWORD));
				memcpy(info.dwend, npend, naddr * sizeof(DWORD));
				InitializeCriticalSection(&info.m_mutex);
				for (int i = 0; i < ncpu; i++)
				{
					threadhandle[i] = (HANDLE)_beginthread(FindDataThread, 0, &info);
				}

				::WaitForMultipleObjects(ncpu, threadhandle, TRUE, INFINITE);	//等待所有线程结束后返回
				DeleteCriticalSection(&info.m_mutex);
				return true;

			}

			//////////////////0：ASCCII编码查找  1：Unicode编码查找//////////////////////////////
			if (type == 0)
			{
				USES_CONVERSION;
				int len = wcslen(string_value);
				if (len > MAX_PATH || len == 0)
					return bret;
				char chstr[MAX_PATH * 2] = { 0 };
				strcpy(chstr, W2A(string_value));
				len = strlen(chstr);;

				BYTE buffData[4096] = { 0 };
				for (int n = 0; n < naddr; n++)
				{
					int size = npend[n] - nbegin[n];
					if (size <= 4096)
					{
						::memset(buffData, 0, size);
						if (ReadProcessMemory(hprocess, LPVOID(nbegin[n]), buffData, size, &dwRead))
						{
							int i = 0;
							for (; i < (int)dwRead; i++)
							{
								if (buffData[i] == chstr[nindex])
								{
									if (len == (nindex + 1))   //匹配成功
									{
										if (count <= 20000)
										{
											wchar_t inx[10] = { 0 };
											if (retstrlen == 0)
												retstrlen = wcslen(retstr);
											if (retstrlen == 0)
												swprintf(inx, L"%X", ibegin + i - nindex);
											else
												swprintf(inx, L"|%X", ibegin + i - nindex);
											wcscat(retstr, inx);
											//swprintf(retstr,L"%s|%X",retstr,ibegin+i-nindex);
										}
										bret = true;
										count++;
										nindex = 0;
									}
									nindex++;
								}
								else
									nindex = 0;
							}

						}
					}
					else
					{
						ibegin = nbegin[n];
						int sizen = 4096;
						while (ibegin < npend[n] && npend[n]>0)
						{
							if (ReadProcessMemory(hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
							{
								int i = 0;
								for (; i < (int)dwRead; i++)
								{
									if (buffData[i] == chstr[nindex])
									{
										if (len == (nindex + 1))   //匹配成功
										{
											if (count <= 20000)
											{
												wchar_t inx[10] = { 0 };
												if (retstrlen == 0)
													retstrlen = wcslen(retstr);
												if (retstrlen == 0)
													swprintf(inx, L"%X", ibegin + (i - nindex) * 2);
												else
													swprintf(inx, L"|%X", ibegin + (i - nindex) * 2);
												wcscat(retstr, inx);
												//swprintf(retstr,L"%s|%X",retstr,ibegin+i-nindex);
											}
											bret = true;
											count++;
											nindex = 0;
										}
										nindex++;
									}
									else
										nindex = 0;
								}

							}
							if (npend[n] >= ibegin + 4096)
								ibegin = ibegin + 4096;
							else
							{
								sizen = npend[n] - ibegin;
								ibegin = ibegin + 4096;
								::memset(buffData, 0, sizen);
							}
						}
					}
				}

				//while(ibegin<ipend&&ibegin>0)
				//	{
				//	memset(buffData,0,4096);
				//	if(ReadProcessMemory(hprocess,(PVOID)ibegin,buffData,4096,&dwRead))
				//		{ 
				//		for(int i=0;i<dwRead;i++)
				//			{
				//			if(buffData[i]==chstr[nindex])
				//				{
				//				if(len==(nindex+1))   //匹配成功
				//					{	
				//						if(count<=20000)
				//							{
				//							if(retstrlen==0)
				//								retstrlen=wcslen(retstr);
				//							if(retstrlen==0)
				//								swprintf(retstr,L"%X",ibegin+i-nindex);
				//							else
				//								swprintf(retstr,L"%s|%X",retstr,ibegin+i-nindex);
				//							}
				//						bret=true;
				//						count++;
				//						nindex=0;
				//					}
				//				nindex++;
				//				}
				//			else 
				//				nindex=0;
				//			}
				//		}
				//	ibegin=ibegin+4096;
				//	}
			}
			else if (type == 1)
			{
				wchar_t buffData[2048] = { 0 };
				int len = wcslen(string_value);
				if (len > MAX_PATH || len == 0)
					return bret;

				//BYTE buffData[4096]={0};
				for (int n = 0; n < naddr; n++)
				{
					int size = npend[n] - nbegin[n];
					if (size <= 4096)
					{
						::memset(buffData, 0, size);
						if (ReadProcessMemory(hprocess, LPVOID(nbegin[n]), buffData, size, &dwRead))
						{
							int i = 0;
							for (; i < (int)dwRead; i++)
							{
								if (buffData[i] == string_value[nindex])
								{
									if (len == (nindex + 1))   //匹配成功
									{
										if (count <= 20000)
										{
											wchar_t inx[10] = { 0 };
											if (retstrlen == 0)
												retstrlen = wcslen(retstr);
											if (retstrlen == 0)
												swprintf(inx, L"%X", ibegin + (i - nindex) * 2);
											else
												swprintf(inx, L"|%X", ibegin + (i - nindex) * 2);
											wcscat(retstr, inx);
											//swprintf(retstr,L"%s|%X",retstr,ibegin+(i-nindex)*2);
										}
										bret = true;
										count++;
										nindex = 0;
									}
									nindex++;
								}
								else
									nindex = 0;
							}

						}
					}
					else
					{
						ibegin = nbegin[n];
						int sizen = 4096;
						while (ibegin < npend[n] && npend[n]>0)
						{
							if (ReadProcessMemory(hprocess, LPVOID(ibegin), buffData, sizen, &dwRead))
							{
								int i = 0;
								for (; i < (int)dwRead; i++)
								{
									if (buffData[i] == string_value[nindex])
									{
										if (len == (nindex + 1))   //匹配成功
										{
											if (count <= 20000)
											{
												wchar_t inx[10] = { 0 };
												if (retstrlen == 0)
													retstrlen = wcslen(retstr);
												if (retstrlen == 0)
													swprintf(inx, L"%X", ibegin + (i - nindex) * 2);
												else
													swprintf(inx, L"|%X", ibegin + (i - nindex) * 2);
												wcscat(retstr, inx);
												//swprintf(retstr,L"%s|%X",retstr,ibegin+(i-nindex)*2);
											}
											bret = true;
											count++;
											nindex = 0;
										}
										nindex++;
									}
									else
										nindex = 0;
								}

							}
							if (npend[n] >= ibegin + 4096)
								ibegin = ibegin + 4096;
							else
							{
								sizen = npend[n] - ibegin;
								ibegin = ibegin + 4096;
								::memset(buffData, 0, sizen);
							}
						}
					}
				}

				//while(ibegin<ipend&&ibegin>0)
				//	{
				//	dwRead=0;
				//	memset(buffData,0,2048*sizeof(wchar_t));
				//	if(ReadProcessMemory(hprocess,(PVOID)ibegin,buffData,2048*sizeof(wchar_t),&dwRead))
				//		{			
				//		for(int i=0;i<dwRead;i++)
				//			{
				//			if(buffData[i]==string_value[nindex])
				//				{
				//				if(len==(nindex+1))   //匹配成功
				//					{	
				//						if(count<=20000)
				//							{
				//							if(retstrlen==0)
				//								retstrlen=wcslen(retstr);
				//							if(retstrlen==0)
				//								swprintf(retstr,L"%X",ibegin+(i-nindex)*2);
				//							else
				//								swprintf(retstr,L"%s|%X",retstr,ibegin+(i-nindex)*2);
				//							}
				//						bret=true;
				//						count++;
				//						nindex=0;
				//					}
				//				nindex++;
				//				}
				//			else 
				//				nindex=0;
				//			}
				//		}
				//	ibegin=ibegin+2048*sizeof(wchar_t);
				//	//ibegin=ibegin+4096-findLength;
				//	}
			}
		}
		else  //重复查找
		{
			//////////////////0：ASCCII编码查找  1：Unicode编码查找//////////////////////////////
			if (type == 0)//0 : ASCCII
			{
				char buffData[MAX_PATH * 2] = { 0 };
				USES_CONVERSION;
				int len = wcslen(string_value);
				if (len > MAX_PATH)
					return bret;
				char  value[MAX_PATH * 2] = { 0 };
				strcpy(value, W2A(string_value));
				len = strlen(value);
				for (int i = 0; i < naddr; i++)
				{
					if (ReadProcessMemory(hprocess, LPVOID(MaxAddrs[i]), &buffData, len, &dwRead))
					{
						if (::memcmp(buffData, value, len) == 0)
						{
							if (count <= 20000)
							{
								wchar_t inx[10] = { 0 };
								if (retstrlen == 0)
									retstrlen = wcslen(retstr);
								if (retstrlen == 0)
									swprintf(inx, L"%X", MaxAddrs[i]);
								else
									swprintf(inx, L"|%X", MaxAddrs[i]);
								wcscat(retstr, inx);
								//swprintf(retstr,L"%s|%X",retstr,MaxAddrs[i]);
							}
							bret = true;
							count++;
						}
					}
				}
			}
			else if (type == 1) //1 :Unicode
			{
				wchar_t buffData[MAX_PATH] = { 0 };
				int len = wcslen(string_value);
				for (int i = 0; i < naddr; i++)
				{
					if (ReadProcessMemory(hprocess, LPVOID(MaxAddrs[i]), &buffData, len, &dwRead))
					{
						if (::memcmp(buffData, string_value, len) == 0)
						{
							if (count <= 20000)
							{
								wchar_t inx[10] = { 0 };
								if (retstrlen == 0)
									retstrlen = wcslen(retstr);
								if (retstrlen == 0)
									swprintf(inx, L"%X", MaxAddrs[i]);
								else
									swprintf(inx, L"|%X", MaxAddrs[i]);
								wcscat(retstr, inx);
								//swprintf(retstr,L"%s|%X",retstr,MaxAddrs[i]);
							}
							bret = true;
							count++;
						}
					}
				}
			}
		}
	}
	return bret;

}

bool TSMemoryAPI::TSReadData(LONG hwnd, wchar_t* addr, wchar_t* retstr, LONG len)
{
	bool bret = false;

	if (len<0 || len>MAX_PATH)
		return bret;

	DWORD pid = 0;
	//if(my_GetWindowThreadProcessId)
	//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
	//else
	My_GetWindowThreadProcessId((HWND)hwnd, &pid);

	DWORD findaddr = TSGetFindDataAddr(addr, pid);
	if (findaddr == -1)
		return bret;

	TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
	HANDLE hprocess = NULL;
	//if(my_OpenProcess)
	//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	//else
	//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	hprocess = My_OpenProcess(pid);

	if (hprocess == NULL)
	{
		if (my_ZwOpenProcess)
		{
			CLIENT_ID  Cileid;
			Cileid.UniqueProcess = (HANDLE)pid;
			my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
		}
		if (hprocess == NULL)
			return bret;
	}


	BYTE finddata[MAX_PATH] = { 0 };
	DWORD dwread = 0;
	if (my_ReadProcessMemory)
		my_ReadProcessMemory(hprocess, (LPCVOID)findaddr, finddata, len, &dwread);
	else
		::ReadProcessMemory(hprocess, (LPCVOID)findaddr, finddata, len, &dwread);

	if (dwread > 0)
	{
		for (int i = 0; i < len; i++)
		{
			if (i == 0)
			{
				if (finddata[i] < 0x10)
				{
					if (finddata[i] >= 0)
						swprintf(retstr, L"%s 0%X", retstr, finddata[i]);
					else
					{
						LONG val = finddata[i] - 0xffffff00;
						swprintf(retstr, L"%s %X", retstr, val);
					}
				}
				else
					swprintf(retstr, L"%X", finddata[i]);
				bret = true;
			}
			else
			{
				if (finddata[i] < 0x10)
				{
					if (finddata[i] >= 0)
						swprintf(retstr, L"%s 0%X", retstr, finddata[i]);
					else
					{
						LONG val = finddata[i] - 0xffffff00;
						swprintf(retstr, L"%s %X", retstr, val);
					}
				}

				else
					swprintf(retstr, L"%s %X", retstr, finddata[i]);


				bret = true;
			}
		}
	}

	CloseHandle(hprocess);
	return bret;

}

bool TSMemoryAPI::TSReadDouble(LONG hwnd, wchar_t* addr, double& dvalue, float& fvalue, int type)
{
	bool bret = false;

	DWORD pid = 0;
	//if(my_GetWindowThreadProcessId)
	//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
	//else
	My_GetWindowThreadProcessId((HWND)hwnd, &pid);



	DWORD findaddr = TSGetFindDataAddr(addr, pid);
	if (findaddr == -1)
		return bret;

	TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
	HANDLE hprocess = NULL;
	//if(my_OpenProcess)
	//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	//else
	//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	hprocess = My_OpenProcess(pid);

	if (hprocess == NULL)
	{
		if (my_ZwOpenProcess)
		{
			CLIENT_ID  Cileid;
			Cileid.UniqueProcess = (HANDLE)pid;
			my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
		}
		if (hprocess == NULL)
			return bret;
	}

	DWORD dwread = 0;
	if (type == 0)//type0:DOUBLE,1:FLOAT
	{
		double readdouble = 0;
		if (my_ReadProcessMemory)
			my_ReadProcessMemory(hprocess, (LPCVOID)findaddr, &readdouble, sizeof(double), &dwread);
		else
			::ReadProcessMemory(hprocess, (LPCVOID)findaddr, &readdouble, sizeof(double), &dwread);

		dvalue = readdouble;
	}
	else if (type == 1)
	{
		float readfloat = 0;
		if (my_ReadProcessMemory)
			my_ReadProcessMemory(hprocess, (LPCVOID)findaddr, &readfloat, sizeof(float), &dwread);
		else
			::ReadProcessMemory(hprocess, (LPCVOID)findaddr, &readfloat, sizeof(float), &dwread);

		fvalue = readfloat;
	}

	CloseHandle(hprocess);
	if (dwread != 0)
		bret = true;
	return bret;

}

bool TSMemoryAPI::TSReadInt(LONG hwnd, wchar_t* addr, int& ivalue, short& svalue, BYTE& bvalue, int type)
{
	bool bret = false;

	DWORD pid = 0;
	//if(my_GetWindowThreadProcessId)
	//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
	//else
	My_GetWindowThreadProcessId((HWND)hwnd, &pid);


	DWORD findaddr = TSGetFindDataAddr(addr, pid);
	if (findaddr == -1)
		return bret;

	TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
	HANDLE hprocess = NULL;
	//if(my_OpenProcess)
	//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	//else
	//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	hprocess = My_OpenProcess(pid);

	if (hprocess == NULL)
	{
		if (my_ZwOpenProcess)
		{
			CLIENT_ID  Cileid;
			Cileid.UniqueProcess = (HANDLE)pid;
			my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
		}
		if (hprocess == NULL)
			return bret;
	}

	DWORD dwread = 0;

	//0 : 32位
	//1 : 16 位
	//2 : 8位
	if (type == 0)
	{
		int value = 0;
		if (my_ReadProcessMemory)
			my_ReadProcessMemory(hprocess, (LPCVOID)findaddr, &value, sizeof(int), &dwread);
		else
			::ReadProcessMemory(hprocess, (LPCVOID)findaddr, &value, sizeof(int), &dwread);

		ivalue = value;
	}
	else if (type == 1)
	{
		short value = 0;
		if (my_ReadProcessMemory)
			my_ReadProcessMemory(hprocess, (LPCVOID)findaddr, &value, sizeof(short), &dwread);
		else
			::ReadProcessMemory(hprocess, (LPCVOID)findaddr, &value, sizeof(short), &dwread);

		svalue = value;
	}
	else if (type == 2)
	{
		BYTE value = 0;
		if (my_ReadProcessMemory)
			my_ReadProcessMemory(hprocess, (LPCVOID)findaddr, &value, sizeof(BYTE), &dwread);
		else
			::ReadProcessMemory(hprocess, (LPCVOID)findaddr, &value, sizeof(BYTE), &dwread);

		bvalue = value;
	}

	CloseHandle(hprocess);
	if (dwread != 0)
		bret = true;
	return bret;
}

bool TSMemoryAPI::TSReadString(LONG hwnd, wchar_t* addr, wchar_t* retstr, LONG len, int type)
{
	bool bret = false;

	if (len > MAX_PATH)
		return bret;

	DWORD pid = 0;
	//if(my_GetWindowThreadProcessId)
	//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
	//else
	My_GetWindowThreadProcessId((HWND)hwnd, &pid);


	DWORD findaddr = TSGetFindDataAddr(addr, pid);
	if (findaddr == -1)
		return bret;

	TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
	HANDLE hprocess = NULL;
	//if(my_OpenProcess)
	//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	//else
	//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	hprocess = My_OpenProcess(pid);

	if (hprocess == NULL)
	{
		if (my_ZwOpenProcess)
		{
			CLIENT_ID  Cileid;
			Cileid.UniqueProcess = (HANDLE)pid;
			my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
		}
		if (hprocess == NULL)
			return bret;
	}

	DWORD dwread = 0;

	////0 : GBK字符串
	////1 :Unicode字符串

	if (type == 0)
	{
		char strvalue[MAX_PATH] = { 0 };
		if (my_ReadProcessMemory)
			my_ReadProcessMemory(hprocess, (LPCVOID)findaddr, strvalue, len, &dwread);
		else
			::ReadProcessMemory(hprocess, (LPCVOID)findaddr, strvalue, len, &dwread);

		USES_CONVERSION;
		wcscpy(retstr, A2W(strvalue));
	}
	else if (type == 1)
	{
		wchar_t wstrvlue[MAX_PATH] = { 0 };
		if (my_ReadProcessMemory)
			my_ReadProcessMemory(hprocess, (LPCVOID)findaddr, wstrvlue, len * sizeof(wchar_t), &dwread);
		else
			::ReadProcessMemory(hprocess, (LPCVOID)findaddr, wstrvlue, len * sizeof(wchar_t), &dwread);

		wcscpy(retstr, wstrvlue);
	}

	CloseHandle(hprocess);
	if (dwread != 0)
		bret = true;
	return bret;
}

bool TSMemoryAPI::TSTerminateProcess(LONG pid)
{
	bool bret = false;
	TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
	HANDLE hprocess = NULL;
	//if(my_OpenProcess)
	//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	//else
	//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	hprocess = My_OpenProcess(pid);

	if (hprocess == NULL)
	{
		if (my_ZwOpenProcess)
		{
			CLIENT_ID  Cileid;
			Cileid.UniqueProcess = (HANDLE)pid;
			my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
		}
		if (hprocess == NULL)
			return bret;
	}

	if (my_TerminateProcess)
		bret = my_TerminateProcess(hprocess, 0);
	else
		bret = ::TerminateProcess(hprocess, 0);

	CloseHandle(hprocess);
	return bret;
}

bool TSMemoryAPI::TSVirtualAllocEx(LONG hwnd, LONG& addr, LONG size, LONG type)
{
	bool bret = false;

	DWORD pid = 0;
	//if(my_GetWindowThreadProcessId)
	//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
	//else
	My_GetWindowThreadProcessId((HWND)hwnd, &pid);


	TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
	HANDLE hprocess = NULL;
	//if(my_OpenProcess)
	//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	//else
	//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	hprocess = My_OpenProcess(pid);

	if (hprocess == NULL)
	{
		if (my_ZwOpenProcess)
		{
			CLIENT_ID  Cileid;
			Cileid.UniqueProcess = (HANDLE)pid;
			my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
		}
		if (hprocess == NULL)
			return bret;
	}

	DWORD dwtype = 0;
	if (type == 0)//可读可写可执行
	{
		dwtype = PAGE_EXECUTE_READWRITE;
	}
	else//1 : 可读可执行，不可写

	{
		dwtype = PAGE_EXECUTE_READ;
	}
	LPVOID retaddr = NULL;
	if (dwtype != 0)
		retaddr = ::VirtualAllocEx(hprocess, (void*)addr, size, MEM_COMMIT, dwtype);

	CloseHandle(hprocess);
	addr = (DWORD)retaddr;

	return bret;
}

bool TSMemoryAPI::TSVirtualFreeEx(LONG hwnd, LONG addr)
{
	bool bret = false;

	DWORD pid = 0;
	//if(my_GetWindowThreadProcessId)
	//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
	//else
	My_GetWindowThreadProcessId((HWND)hwnd, &pid);

	TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
	HANDLE hprocess = NULL;
	//if(my_OpenProcess)
	//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	//else
	//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	hprocess = My_OpenProcess(pid);

	if (hprocess == NULL)
	{
		if (my_ZwOpenProcess)
		{
			CLIENT_ID  Cileid;
			Cileid.UniqueProcess = (HANDLE)pid;
			my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
		}
		if (hprocess == NULL)
			return bret;
	}

	bret = ::VirtualFreeEx(hprocess, (void*)addr, 0, MEM_RELEASE);

	CloseHandle(hprocess);
	return bret;
}

bool TSMemoryAPI::TSWriteData(LONG hwnd, wchar_t* addr, wchar_t* data)
{
	bool bret = false;

	DWORD pid = 0;
	//if(my_GetWindowThreadProcessId)
	//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
	//else
	My_GetWindowThreadProcessId((HWND)hwnd, &pid);

	DWORD findaddr = TSGetFindDataAddr(addr, pid);
	if (findaddr == -1)
		return bret;

	TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
	HANDLE hprocess = NULL;
	//if(my_OpenProcess)
	//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	//else
	//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	hprocess = My_OpenProcess(pid);

	if (hprocess == NULL)
	{
		if (my_ZwOpenProcess)
		{
			CLIENT_ID  Cileid;
			Cileid.UniqueProcess = (HANDLE)pid;
			my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
		}
		if (hprocess == NULL)
			return bret;
	}
	DWORD dwwrite = 0;
	DWORD Finddata[MAX_PATH] = { 0 };
	int nconut = 0;//返回 data的个数
	TSGetDataValue(data, Finddata, nconut);
	if (nconut <= 0)
		return bret;


	BYTE strvalue[MAX_PATH * 10] = { 0 };
	for (int i = 0; i < nconut; i++)
	{
		strvalue[i] = Finddata[i];
	}

	DWORD dwback;
	if (my_VirtualProtectEx)
		my_VirtualProtectEx(hprocess, (void*)findaddr, nconut, PAGE_EXECUTE_READWRITE, &dwback);
	else
		::VirtualProtectEx(hprocess, (void*)findaddr, nconut, PAGE_EXECUTE_READWRITE, &dwback);

	if (my_WriteProcessMemory)
		bret = my_WriteProcessMemory(hprocess, (void*)findaddr, strvalue, nconut, &dwwrite);
	else
		bret = ::WriteProcessMemory(hprocess, (void*)findaddr, strvalue, nconut, &dwwrite);
	if (my_VirtualProtectEx)
		bret = my_VirtualProtectEx(hprocess, (void*)findaddr, nconut, dwback, &dwback);
	else
		bret = ::VirtualProtectEx(hprocess, (void*)findaddr, nconut, dwback, &dwback);

	CloseHandle(hprocess);
	return bret;
}

bool TSMemoryAPI::TSWriteDouble(LONG hwnd, wchar_t* addr, DOUBLE dvalue, FLOAT fvlaue)
{
	bool bret = false;

	DWORD pid = 0;
	//if(my_GetWindowThreadProcessId)
	//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
	//else
	My_GetWindowThreadProcessId((HWND)hwnd, &pid);

	DWORD findaddr = TSGetFindDataAddr(addr, pid);
	if (findaddr == -1)
		return bret;

	TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
	HANDLE hprocess = NULL;
	//if(my_OpenProcess)
	//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	//else
	//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	hprocess = My_OpenProcess(pid);

	if (hprocess == NULL)
	{
		if (my_ZwOpenProcess)
		{
			CLIENT_ID  Cileid;
			Cileid.UniqueProcess = (HANDLE)pid;
			my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
		}
		if (hprocess == NULL)
			return bret;
	}

	DWORD dwback;
	if (my_VirtualProtectEx)
		my_VirtualProtectEx(hprocess, (void*)findaddr, sizeof(DOUBLE), PAGE_EXECUTE_READWRITE, &dwback);
	else
		::VirtualProtectEx(hprocess, (void*)findaddr, sizeof(DOUBLE), PAGE_EXECUTE_READWRITE, &dwback);

	DWORD dwwrite = 0;
	if (dvalue != 0)
	{
		if (my_WriteProcessMemory)
			bret = my_WriteProcessMemory(hprocess, (void*)findaddr, &dvalue, sizeof(DOUBLE), &dwwrite);
		else
			bret = ::WriteProcessMemory(hprocess, (void*)findaddr, &dvalue, sizeof(DOUBLE), &dwwrite);
	}
	else if (fvlaue != 0)
	{
		if (my_WriteProcessMemory)
			bret = my_WriteProcessMemory(hprocess, (void*)findaddr, &fvlaue, sizeof(FLOAT), &dwwrite);
		else
			bret = ::WriteProcessMemory(hprocess, (void*)findaddr, &fvlaue, sizeof(FLOAT), &dwwrite);
	}

	if (my_VirtualProtectEx)
		bret = my_VirtualProtectEx(hprocess, (void*)findaddr, sizeof(DOUBLE), dwback, &dwback);
	else
		bret = ::VirtualProtectEx(hprocess, (void*)findaddr, sizeof(DOUBLE), dwback, &dwback);

	CloseHandle(hprocess);
	return bret;
}

bool TSMemoryAPI::TSWriteInt(LONG hwnd, wchar_t* addr, int ivalue, short svalue, BYTE bvalue)
{
	bool bret = false;

	DWORD pid = 0;
	//if(my_GetWindowThreadProcessId)
	//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
	//else
	My_GetWindowThreadProcessId((HWND)hwnd, &pid);

	DWORD findaddr = TSGetFindDataAddr(addr, pid);
	if (findaddr == -1)
		return bret;

	TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
	HANDLE hprocess = NULL;
	//if(my_OpenProcess)
	//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	//else
	//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	hprocess = My_OpenProcess(pid);

	if (hprocess == NULL)
	{
		if (my_ZwOpenProcess)
		{
			CLIENT_ID  Cileid;
			Cileid.UniqueProcess = (HANDLE)pid;
			my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
		}
		if (hprocess == NULL)
			return bret;
	}
	DWORD dwwrite = 0;

	DWORD dwback;
	if (my_VirtualProtectEx)
		my_VirtualProtectEx(hprocess, (void*)findaddr, sizeof(int), PAGE_EXECUTE_READWRITE, &dwback);
	else
		::VirtualProtectEx(hprocess, (void*)findaddr, sizeof(int), PAGE_EXECUTE_READWRITE, &dwback);

	if (ivalue != 0)
	{
		if (my_WriteProcessMemory)
			bret = my_WriteProcessMemory(hprocess, (void*)findaddr, &ivalue, sizeof(int), &dwwrite);
		else
			bret = ::WriteProcessMemory(hprocess, (void*)findaddr, &ivalue, sizeof(int), &dwwrite);
	}
	else if (svalue != 0)
	{
		if (my_WriteProcessMemory)
			bret = my_WriteProcessMemory(hprocess, (void*)findaddr, &svalue, sizeof(short), &dwwrite);
		else
			bret = ::WriteProcessMemory(hprocess, (void*)findaddr, &svalue, sizeof(short), &dwwrite);
	}
	else if (bvalue != 0)
	{
		if (my_WriteProcessMemory)
			bret = my_WriteProcessMemory(hprocess, (void*)findaddr, &bvalue, sizeof(BYTE), &dwwrite);
		else
			bret = ::WriteProcessMemory(hprocess, (void*)findaddr, &bvalue, sizeof(BYTE), &dwwrite);
	}

	if (my_VirtualProtectEx)
		bret = my_VirtualProtectEx(hprocess, (void*)findaddr, sizeof(int), dwback, &dwback);
	else
		bret = ::VirtualProtectEx(hprocess, (void*)findaddr, sizeof(int), dwback, &dwback);

	CloseHandle(hprocess);
	return bret;
}

bool TSMemoryAPI::TSWriteString(LONG hwnd, wchar_t* addr, wchar_t* strvalue, LONG type)
{
	bool bret = false;

	int len = wcslen(strvalue);
	if (len == 0 || len > MAX_PATH)
		return bret;

	DWORD pid = 0;
	//if(my_GetWindowThreadProcessId)
	//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
	//else
	My_GetWindowThreadProcessId((HWND)hwnd, &pid);

	DWORD findaddr = TSGetFindDataAddr(addr, pid);
	if (findaddr == -1)
		return bret;

	TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
	HANDLE hprocess = NULL;
	//if(my_OpenProcess)
	//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	//else
	//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	hprocess = My_OpenProcess(pid);

	if (hprocess == NULL)
	{
		if (my_ZwOpenProcess)
		{
			CLIENT_ID  Cileid;
			Cileid.UniqueProcess = (HANDLE)pid;
			my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
		}
		if (hprocess == NULL)
			return bret;
	}
	DWORD dwwrite = 0;

	DWORD dwback;
	if (my_VirtualProtectEx)
		my_VirtualProtectEx(hprocess, (void*)findaddr, len, PAGE_EXECUTE_READWRITE, &dwback);
	else
		::VirtualProtectEx(hprocess, (void*)findaddr, len, PAGE_EXECUTE_READWRITE, &dwback);

	if (type == 0)//Ascii字符串
	{
		USES_CONVERSION;
		char strchar[MAX_PATH * 2] = { 0 };
		strcpy(strchar, W2A(strvalue));
		int len = strlen(strchar);
		if (my_ReadProcessMemory)
			my_WriteProcessMemory(hprocess, (void*)findaddr, strchar, len, &dwwrite);
		else
			::WriteProcessMemory(hprocess, (void*)findaddr, strchar, len, &dwwrite);
	}
	else  if (type == 1)
	{
		if (my_ReadProcessMemory)
			bret = my_WriteProcessMemory(hprocess, (void*)findaddr, strvalue, len, &dwwrite);
		else
			bret = ::WriteProcessMemory(hprocess, (void*)findaddr, strvalue, len, &dwwrite);
	}

	if (my_VirtualProtectEx)
		bret = my_VirtualProtectEx(hprocess, (void*)findaddr, len, dwback, &dwback);
	else
		bret = ::VirtualProtectEx(hprocess, (void*)findaddr, len, dwback, &dwback);

	CloseHandle(hprocess);
	return bret;

}

bool TSMemoryAPI::GetFindaddr(HANDLE hprocess, PVOID  lpbegin, PVOID lpend, DWORD* ibegin, DWORD* ipend, int& ncount)
{
	bool bret = false;
	int index = 0;
	SYSTEM_INFO si_info;
	MEMORY_BASIC_INFORMATION   mbi;
	DWORD   rett;
	GetSystemInfo(&si_info);
	DWORD   len = sizeof(MEMORY_BASIC_INFORMATION);
	PVOID   addr = si_info.lpMinimumApplicationAddress;
	bool bfind = false;
	do
	{
		rett = VirtualQueryEx(hprocess, addr, &mbi, len);
		if (mbi.Type == MEM_IMAGE || mbi.Type == MEM_PRIVATE) //找到了块
		{
			//MessageBox(0,L"找到了块",0,0);
			if (lpbegin == 0)
				lpbegin = LPVOID(mbi.AllocationBase);
			else if (bfind == false)
				lpbegin = addr;
			if (lpend == 0)
			{
				lpend = si_info.lpMaximumApplicationAddress;
			}
			ibegin[index] = int(lpbegin);
			ipend[index] = int(lpend);
			bfind = true;
			//break;
		}
		else
		{
			if (ibegin != 0 && bfind == true)
			{
				ipend[index] = (DWORD)mbi.BaseAddress + mbi.RegionSize;
				bfind = false;
				index++;
				bret = true;
			}
		}
		addr = ((PBYTE)mbi.BaseAddress + mbi.RegionSize);
	} while (rett == len);

	ncount = index;

	for (int i = 0; i < index; i++)
	{
		if (((DWORD)ipend[i] - (DWORD)ibegin[i]) > 0xF00000)
		{
			DWORD end = ipend[i];
			ipend[i] = ibegin[i] + 0xF00000;
			DWORD iend = ipend[i];
			while ((end - (DWORD)iend) > 0xF00000)
			{
				ibegin[ncount] = iend;
				ipend[ncount] = ibegin[ncount] + 0xF00000;
				ncount++;
				iend = iend + 0xF00000;
			}
			ibegin[ncount] = iend;
			ipend[ncount] = end;
			ncount++;
		}
	}

	return bret;
}

bool TSMemoryAPI::TSGetCmdLine(LONG hwnd, wchar_t* retstr)
{
	bool bret = false;

	DWORD dwPID = 0;
	//if(my_GetWindowThreadProcessId)
	//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
	//else
	My_GetWindowThreadProcessId((HWND)hwnd, &dwPID);

	TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
	HANDLE hprocess = NULL;
	//if(my_OpenProcess)
	//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	//else
	//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
	hprocess = My_OpenProcess(dwPID);
	if (hprocess == NULL)
	{
		if (my_ZwOpenProcess)
		{
			CLIENT_ID  Cileid;
			Cileid.UniqueProcess = (HANDLE)dwPID;
			my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
		}
		if (hprocess == NULL)
			return bret;
	}

	NtQueryInformationProcess = (PROCNTQSIP)GetProcAddress(GetModuleHandle(L"ntdll"), "NtQueryInformationProcess");


	PROCESS_BASIC_INFORMATION pbis;
	PEB pebs;
	PROCESS_PARAMETERS ppms;
	TCHAR* text = 0;
	NtQueryInformationProcess(hprocess, 0, &pbis, sizeof(PROCESS_BASIC_INFORMATION), 0);

	ReadProcessMemory(hprocess, pbis.PebBaseAddress, &pebs, sizeof(PEB), 0);

	ReadProcessMemory(hprocess, pebs.ProcessParameters, &ppms, sizeof(PROCESS_PARAMETERS), 0);

	text = (TCHAR*)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, ppms.CommandLine.MaximumLength);

	ReadProcessMemory(hprocess, ppms.CommandLine.Buffer, text, ppms.CommandLine.Length, 0);

	if (text)
	{
		wcscpy(retstr, text);
		bret = true;
	}
	::HeapFree(GetProcessHeap(), HEAP_NO_SERIALIZE, text);
	return bret;
}

bool TSMemoryAPI::TSAsmAdd(wchar_t* asm_ins)
{
	bool bret = false;
	char asmcode[MAX_PATH] = { 0 };
	USES_CONVERSION;
	strcpy(asmcode, W2A(asm_ins));
	char erro[MAX_PATH] = { 0 };
	int len = -1;
	char* charcall = strstr(::CharLowerA(asmcode), "call");
	if (charcall != NULL)//判断是否是Call指令,记住Call地址
	{
		if (strlen(Asmcalladdr) == 0)
			strcpy(Asmcalladdr, charcall);
		return true;
	}
	else
		len = tsasm.Assemble(asmcode, NULL, &am, 0, 0, erro); //将汇编指令转为机器码

	if (len < 0)
		return bret;
	else
		bret = true;

	for (int i = 0; i < len; i++)
	{
		char  asmcodes[10] = { 0 };
		if (am.code[i] >= 0x10)
			sprintf(asmcodes, "%X", am.code[i]);
		else
			sprintf(asmcodes, "0%X", am.code[i]);
		if (am.code[i] != 0)
			asmcodearry = asmcodearry + asmcodes;//这里做拼接
		else
		{
			int serlen = asmcodearry.length();
			serlen = serlen + 1;
			asmcodearry.resize(serlen);
		}
	}
	//int charlen=strlen(asmcode);
	//int serlen=asmcodearry.length();
	//if(charlen<len)
	//	asmcodearry.resize(serlen+(len-charlen));
	return bret;
}

DWORD TSMemoryAPI::GetCallstartData(DWORD Allocaddr, DWORD* startaddr, char* code)//获取CALL地址前的汇编指令
{
	CMgAsmBase::t_asmmodel  tam;
	char erro[MAX_PATH] = { 0 };
	char asmcode[MAX_PATH] = { 0 };
	Allocaddr = Allocaddr + 0x1000;
	if (code == NULL)
		sprintf(asmcode, "push %x", Allocaddr);
	else
		sprintf(asmcode, "%s", code);
	LONG l = tsasm.Assemble(asmcode, Allocaddr, &tam, 0, 0, erro); //将汇编指令转为机器码
	for (int i = 0; i < l; i++)
	{
		startaddr[i] = tam.code[i];
	}
	return l;
}


bool TSMemoryAPI::TSAsmCall(LONG hwnd, LONG mode)
{
	bool bret = false;
	int len = asmcodearry.length();
	if (strlen(Asmcalladdr) <= 0)
		return bret;

	DWORD dwPID = 0;
	DWORD treadid = 0;
	//if(my_GetWindowThreadProcessId)
	//	my_GetWindowThreadProcessId((HWND)hwnd,&Pid);
	//else
	My_GetWindowThreadProcessId((HWND)hwnd, &dwPID);

	TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
	HANDLE hprocess = NULL;
	if (mode == 1)	//1 : 对hwnd指定的进程内执行,注入模式为创建远程线程
	{
		//if(my_OpenProcess)
		//	hprocess=my_OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
		//else
		//	hprocess=::OpenProcess(PROCESS_ALL_ACCESS,false,Pid);
		hprocess = My_OpenProcess(dwPID);
		if (hprocess == NULL)
		{
			if (my_ZwOpenProcess)
			{
				CLIENT_ID  Cileid;
				Cileid.UniqueProcess = (HANDLE)dwPID;
				my_ZwOpenProcess(&hprocess, PROCESS_ALL_ACCESS, false, &Cileid);
			}
			if (hprocess == NULL)
				return bret;
		}
	}
	else if (mode == 0) //0 : 在本进程中进行执行，这时hwnd无效
	{
		hprocess = ::GetCurrentProcess();
		treadid = GetCurrentThreadId();
	}
	else
	{
		return bret;
	}
	if (allocatememory)
	{
		::VirtualFreeEx(hprocess, allocatememory, 0, MEM_RELEASE);
		allocatememory = NULL;
	}

	allocatememory = ::VirtualAllocEx(hprocess, NULL, 0x2000, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);

	if (allocatememory)
	{
		char retstring[MAX_PATH * 10] = { 0 };
		int retstrlen = 0;
		if (len != 0)
		{
			//asmcodearry="9C60"+asmcodearry;//pushfd,pushad;保持堆栈平衡
			len = asmcodearry.length();
			for (int i = 0; i < len; i++)
			{
				int stringlen = 0;
				{
					stringlen = strlen(&asmcodearry.c_str()[i]);
					if (stringlen > 0)
					{
						LONG val = ::strtol(&asmcodearry.c_str()[i], 0, 16);
						if (val >= 0x10)
						{
							if (val <= 0xff)
							{
								if (retstrlen == 0)
									retstrlen = strlen(retstring);
								if (retstrlen == 0)
									sprintf(retstring, "%s", &asmcodearry.c_str()[i]);
								else
									sprintf(retstring, "%s %s", retstring, &asmcodearry.c_str()[i]);
							}
							else
							{
								int len = strlen(&asmcodearry.c_str()[i]);
								char str[16] = { 0 };
								strcpy(str, &asmcodearry.c_str()[i]);
								for (int n = 0; n < len; n = n + 2)
								{
									char nstr[2] = { 0 };
									strncpy(nstr, &str[n], 2);
									int strn = strtol(nstr, 0, 16);
									if (n + 2 != len || n + 2 < len)
									{
										if (retstrlen == 0)
											retstrlen = strlen(retstring);
										if (retstrlen == 0)
										{
											if (strn >= 0x10)
												sprintf(retstring, "%X", strn);
											else
												sprintf(retstring, "0%X", strn);
										}
										else
										{
											if (strn >= 0x10)
												sprintf(retstring, "%s %X", retstring, strn);
											else
												sprintf(retstring, "%s 0%X", retstring, strn);
										}
									}
									else
									{
										if (len % 2 == 0)
										{
											if (strn >= 0x10)
												sprintf(retstring, "%s %X", retstring, strn);
											else
												sprintf(retstring, "%s 0%X", retstring, strn);
										}
										else
										{
											if (strn >= 0x10)
												sprintf(retstring, "%s %X", retstring, strn);
											else
												sprintf(retstring, "%s 0%X", retstring, strn);
										}
									}

								}

							}
						}
						else
							sprintf(retstring, "%s 0%s", retstring, &asmcodearry.c_str()[i]);

						i = i + stringlen - 1;
					}

					else
						sprintf(retstring, "%s 00", retstring);
				}
			}
		}
		DWORD datas[MAX_PATH * 10] = { 0 };
		int count = 0;
		int lenth = 0;
		if (strlen(retstring) > 0)
		{
			DWORD data[10] = { 0 };
			int len = GetCallstartData((DWORD)allocatememory, data);
			for (int i = 0; i < len; i++)
			{
				datas[i] = data[i];
			}
			memset(data, 0, len);
			int l = len;
			lenth = lenth + len;
			len = GetCallstartData((DWORD)allocatememory + l, data, "push dword ptr fs:[0]");
			for (int i = 0; i < len; i++)
			{
				datas[lenth + i] = data[i];
			}
			memset(data, 0, len);
			l = len;
			lenth = lenth + len;
			len = GetCallstartData((DWORD)allocatememory + l, data, "mov dword ptr fs:[0],esp");
			for (int i = 0; i < len; i++)
			{
				datas[lenth + i] = data[i];
			}
			lenth = lenth + len;

			USES_CONVERSION;
			wchar_t wretsting[MAX_PATH * 10] = { 0 };
			wcscpy(wretsting, A2W(retstring));
			TSGetDataValue(wretsting, &datas[lenth], count);

		}

		BYTE helpByte[MAX_PATH * 10] = { 0 };
		for (int i = 0; i < count + lenth; i++)
		{
			helpByte[i] = datas[i];
		}

		char erro[MAX_PATH] = { 0 };
		int calllen = tsasm.Assemble(Asmcalladdr, ((DWORD)allocatememory + count + lenth), &am, 0, 0, erro); //将汇编指令转为机器码
		if (calllen > 0)
		{
			memcpy(&helpByte[count + lenth], am.code, calllen);
			calllen = calllen + count + lenth;

			if (count != 0)
			{
				BYTE CallendData[] = { 0x8b,0x1c,0x24,0x64,0x89,0x1d,0x0,0x0,0x0,0x0,0x81,0xc4,0x08,0x0,0x0,0x0,0xc2,0x04,0x0 };
				//CallendData存储的机器码对应汇编指令
				//mov ebx,dword ptr ss:[esp]
				//mov dword ptr fs:[0],ebx
				//add esp,0x8
				//retn 0x4;
				memcpy(&helpByte[calllen], CallendData, sizeof(CallendData));

				calllen = calllen + sizeof(CallendData) + 1;
			}

			if (my_WriteProcessMemory)
				bret = my_WriteProcessMemory(hprocess, (void*)allocatememory, (void*)helpByte, calllen, 0);
			else
				bret = ::WriteProcessMemory(hprocess, (void*)allocatememory, (void*)helpByte, calllen, 0);

			HANDLE hthread = NULL;

			////判断是否DX绑定窗口
			//char pszMapName[MAX_PATH]={0};
			//DWORD Pid=0;
			//My_GetWindowThreadProcessId((HWND)hwnd,&Pid);
			//sprintf( pszMapName,"%s%d",TS_MAPVIEW_NAME,Pid);
			//HANDLE hFileMap = OpenFileMappingA(FILE_MAP_ALL_ACCESS, FALSE, pszMapName);
			//////如果hFileMap句柄不为空说明DLL绑定注入
			//if(hFileMap!=NULL)  //说明已经DX绑定
			//	hthread=(HANDLE)::SendMessage((HWND)hwnd,TS_ASMCALL,(WPARAM)allocatememory,0);
			//else
			hthread = ::CreateRemoteThread(hprocess, NULL, 0, (LPTHREAD_START_ROUTINE)(allocatememory), 0, 0, &treadid);

			//CloseHandle(hFileMap);
			if (hthread != NULL)
				bret = true;
			DWORD ExitCode = 0;
			//Sleep(50);//等待50毫秒，等待线程执行完毕
			::GetExitCodeThread(hthread, &ExitCode);
			if (ExitCode != STILL_ACTIVE)//判断线程是否退出
			{
				if (allocatememory)
				{
					::VirtualFreeEx(hprocess, allocatememory, 0, MEM_RELEASE);
					allocatememory = NULL;
				}
			}
		}

	}

	asmcodearry.clear();
	memset(Asmcalladdr, 0, MAX_PATH);

	return bret;
}

bool TSMemoryAPI::TSAsmClear()
{
	asmcodearry.clear();
	memset(Asmcalladdr, 0, MAX_PATH);

	return true;
}

bool TSMemoryAPI::TSAsmCode(LONG base_addr, wchar_t* retstr)
{
	bool bret = false;
	int len = asmcodearry.length();
	char retstring[MAX_PATH * 10] = { 0 };
	int retstrlen = 0;
	for (int i = 0; i < len; i++)
	{
		int stringlen = 0;
		{
			stringlen = strlen(&asmcodearry.c_str()[i]);
			if (stringlen > 0)
			{
				LONG val = ::strtol(&asmcodearry.c_str()[i], 0, 16);
				if (val >= 0x10)
				{
					if (val <= 0xff)
					{
						if (retstrlen == 0)
							retstrlen = strlen(retstring);
						if (retstrlen == 0)
							sprintf(retstring, "%s", &asmcodearry.c_str()[i]);
						else
							sprintf(retstring, "%s %s", retstring, &asmcodearry.c_str()[i]);
					}

					else
					{
						int len = strlen(&asmcodearry.c_str()[i]);
						char str[MAX_PATH] = { 0 };
						strcpy(str, &asmcodearry.c_str()[i]);
						for (int n = 0; n < len; n = n + 2)
						{
							char nstr[2] = { 0 };
							strncpy(nstr, &str[n], 2);
							int strn = strtol(nstr, 0, 16);
							if (n + 2 != len || n + 2 < len)
							{
								if (retstrlen == 0)
									retstrlen = strlen(retstring);
								if (retstrlen == 0)
								{
									if (strn >= 0x10)
										sprintf(retstring, "%X", strn);
									else
										sprintf(retstring, "0%X", strn);
								}

								else
								{
									if (strn >= 0x10)
										sprintf(retstring, "%s %X", retstring, strn);
									else
										sprintf(retstring, "%s 0%X", retstring, strn);
								}
							}
							else
							{
								if (len % 2 == 0)
								{
									if (strn >= 0x10)
										sprintf(retstring, "%s %X", retstring, strn);
									else
										sprintf(retstring, "%s 0%X", retstring, strn);
								}
								else
								{
									if (strn >= 0x10)
										sprintf(retstring, "%s %X", retstring, strn);
									else
										sprintf(retstring, "%s 0%X", retstring, strn);
								}
							}

						}

					}
				}
				else
					sprintf(retstring, "%s 0%s", retstring, &asmcodearry.c_str()[i]);

				i = i + stringlen - 1;
			}

			else
				sprintf(retstring, "%s 00", retstring);
		}
		bret = true;
	}
	if (strlen(Asmcalladdr) != 0)
	{
		char erro[MAX_PATH] = { 0 };
		int calllen = tsasm.Assemble(Asmcalladdr, base_addr, &am, 0, 0, erro); //将汇编指令转为机器码
		for (int i = 0; i < calllen; i++)
		{
			if (strlen(retstring) == 0)
			{
				if (am.code[i] >= 0)
					if (am.code[i] >= 0x10)
						sprintf(retstring, "%X", am.code[i]);
					else
						sprintf(retstring, "%s 0%X", retstring, am.code[i]);
				else
				{
					LONG val = am.code[i] - 0xffffff00;
					if (val >= 0x10)
						sprintf(retstring, "%s %X", retstring, val);
					else
						sprintf(retstring, "%s 0%X", retstring, val);

				}
			}
			else
			{
				if (am.code[i] >= 0)
					if (am.code[i] >= 0x10)
						sprintf(retstring, "%s %X", retstring, am.code[i]);
					else
						sprintf(retstring, "%s 0%X", retstring, am.code[i]);
				else
				{
					LONG val = am.code[i] - 0xffffff00;
					if (val >= 0x10)
						sprintf(retstring, "%s %X", retstring, val);
					else
						sprintf(retstring, "%s 0%X", retstring, val);

				}
			};
			bret = true;
		}
	}
	USES_CONVERSION;
	wcscpy(retstr, A2W(retstring));

	return bret;
}

bool TSMemoryAPI::TSAssemble(wchar_t* asm_code, LONG base_addr, LONG is_upper, wchar_t* retstr)
{
	bool bret = false;

	if (wcslen(asm_code) <= 0)
		return bret;
	CMgDisasmBase::t_disasm da;
	tsdsm.m_nIDEAL = 0; tsdsm.m_nLowercase = is_upper; tsdsm.m_nPutDefSeg = 0;

	DWORD datas[MAX_PATH * 10] = { 0 };
	int count = 0;
	TSGetDataValue(asm_code, datas, count);
	if (count <= 0)
		return bret;

	BYTE helpByte[MAX_PATH * 10] = { 0 };
	for (int i = 0; i < count; i++)
	{
		helpByte[i] = datas[i];
	}

	ulong l = tsdsm.Disasm((char*)helpByte, count, 0, &da, DISASM_CODE);
	USES_CONVERSION;
	wcscpy(retstr, A2W(da.result));

	return bret;
}

bool TSMemoryAPI::TSFreeProcessMemory(LONG hwnd)
{
	DWORD nPid = 0;
	My_GetWindowThreadProcessId((HWND)hwnd, &nPid);
	TSRuntime::EnablePrivilege(L"SeDebugPrivilege", true);
	HANDLE hprocess = NULL;
	hprocess = My_OpenProcess(nPid);

	SetProcessWorkingSetSize(hprocess, -1, -1);

	//内存整理
	EmptyWorkingSet(hprocess);
	CloseHandle(hprocess);
	return true;
}