|
|
[VC] 开源C语言手动倍功
- #include<string>
- #include<vector>
- #include<Windows.h>
- #include"BaseAddr.h"
- using namespace std;
- #define Base_NoticeCallAddr 0x002E1F260 //喇叭公告
- #define Base_NoticeCallECXAddr 0x0062E04CC // 商店基质
- CONST INT 技能CALL = 0x28D9EF0;
- void Bulletin(wstring text);
- BOOL Writebyte(int Addr, vector<byte> by)
- {
- int len = by.size();
- byte *address = new byte[len];
- for (int i = 0; i < len; i++)
- {
- address[i] = by[i];
- }
- if (!WriteProcessMemory(GetCurrentProcess(), (LPVOID)Addr, address, len, 0))
- {
- return FALSE;
- }
- else
- {
- return TRUE;
- }
- }
- void 技能Call(int 触发指针, int 代码, int 伤害, int X, int Y, int Z)
- {
-
- int 空白地址, 技能结构[25] = { 0 };
- 技能结构[0] = 触发指针;
- 技能结构[2] = 代码;
- 技能结构[3] = 伤害;
- 技能结构[6] = X;
- 技能结构[7] = Y;
- 技能结构[8] = Z;
- 技能结构[15] = 0;
- 空白地址 = (int)&技能结构;
- __asm
- {
- mov ecx,空白地址
- mov eax,技能CALL
- call eax
- }
- }
- INT ReadIit(INT ADDR)
- {
- INT 结果;
- if (!ReadProcessMemory(GetCurrentProcess(), (LPVOID)ADDR, &结果, 4, 0))
- return 0;
- else
- return 结果;
- }
- void 缓冲Call(int cpy)
- {
- _asm
- {
- push cpy
- mov ecx, 发包基址
- mov ecx, [ecx]
- mov eax, 缓冲CALL
- call eax
- }
- }
- void 发包Call()
- {
- __asm
- {
- mov eax, 发包CALL
- call eax
- }
- }
- void 加密Call(int py, int size)
- {
- int Com;
- if (size == 1)
- {
- Com = 加密包CALL;
- }
- else if (size == 2)
- {
- Com = 加密包CALL + 0x30;
- }
- else if (size == 4)
- {
- Com = 加密包CALL + 0x60;
- }
- else if (size == 8)
- {
- Com = 加密包CALL + 0x90;
- }
- __asm
- {
- push py
- mov ecx, 发包基址
- mov ecx, [ecx]
- call Com
- }
- }
- void 剑歌组包拾取(int 物品地址)
- {
- 缓冲Call(43);
- 加密Call(物品地址, 4);
- 加密Call(0, 1);
- 加密Call(0, 1); //(2,1)
- 加密Call(0, 2);
- 加密Call(0, 2);
- 加密Call(0, 2);
- 加密Call(0, 2);
- 加密Call(0, 2);
- 加密Call(0, 2);
- 加密Call(0, 2);
- 发包Call();
- }
- int 剑歌解密(int addr)
- {
- int eax, esi, edx;
- eax = *(int*)addr;
- esi = *(int*)解密基址;
- edx = eax;
- edx >>= 16;
- edx = *(int*)(esi + edx * 4 + 36);
- eax = eax & 0xffff;
- eax = *(int*)(edx + eax * 4 + 8468);
- edx = WORD(eax);
- esi = edx;
- esi <<= 16;
- esi = esi ^ edx;
- edx = *(int*)(addr + 4);
- eax = esi ^ edx;
- return eax;
- }
- int 剑歌汇编加法(int t1, int t2)
- {
- int sum;
- _asm
- {
- mov eax, t1
- mov ebx, t2
- add eax, ebx
- mov sum, eax
- }
- return sum;
- }
- BOOL 是否开门()
- {
- int 人物指针, sum;
- 人物指针 = *(int*)人物基址;
- sum = *(int*)剑歌汇编加法(人物指针, 地图偏移);
- if (剑歌解密(剑歌汇编加法(sum, 280)) == 0)
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- BOOL 是否在城镇()
- {
- int 人物指针, sum;
- 人物指针 = *(int*)人物基址;
- sum = *(int*)剑歌汇编加法(人物指针, 地图偏移);
- if (sum == 0)
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- void 剑歌拾取遍历()
- {
- int 人物指针, 地图, 首地址1, 尾地址1, 物品数量, 物品计次 = 1, 临时地址, 物品类型, 阵营, 物品ID;
- if (是否在城镇() == TRUE)
- {
- return;
- }
- 人物指针 = *(int*)人物基址;
- 地图 = *(int*)剑歌汇编加法(人物指针, 地图偏移);
- 首地址1 = *(int*)剑歌汇编加法(地图, 首地址);
- 尾地址1 = *(int*)剑歌汇编加法(地图, 尾地址);
- 物品数量 = (尾地址1 - 首地址1) / 4;
- while (物品计次 <= 物品数量)
- {
- 临时地址 = *(int*)剑歌汇编加法(首地址1, 4 * 物品计次);
- 物品类型 = *(int*)剑歌汇编加法(临时地址, 类型偏移);
- 阵营 = *(int*)剑歌汇编加法(临时地址, 阵营偏移);
- if (物品类型 == 289 && 阵营 == 200)
- {
- if (人物指针 != 临时地址)
- {
- 物品ID = 剑歌解密(临时地址 + 188);
- 剑歌组包拾取(物品ID);
- }
- }
- 物品计次++;
- }
- }
- void 撿垃圾()
- {
- if(是否开门()==TRUE)
- {
- 剑歌拾取遍历();
- }
- }
- void Send_发包()
- {
- _asm
- {
- mov eax, 发包CALL
- call eax
- }
- }
- void Send_加密Call(int 参数, int 长度)
- {
- int 加密包Call;
- if (长度 == 1)
- 加密包Call = 加密包CALL;
- if (长度 == 2)
- 加密包Call = 加密包CALL + 48;
- if (长度 == 3)
- 加密包Call = 加密包CALL + 96;
- if (长度 == 4)
- 加密包Call = 加密包CALL + 144;
-
- _asm
- {
- push 参数
- mov ecx, 发包基址
- mov ecx, [ecx]
- mov eax, 加密包Call
- call eax
- }
- }
- void Send_缓冲CALL(int 包头)
- {
- _asm
- { push 0x00000000
- push 包头
- mov ecx, 发包地址
- mov ecx, [ecx]
- mov eax, 缓冲CALL
- call eax
- }
- }
- void 组包拾取(int 物品地址, int x, int y)
- {
- int 物品X = x + 7;
- int 物品Y = y + 5;
- Send_缓冲CALL(43);
- Send_加密Call(物品地址, 4);
- Send_加密Call(0, 1);
- Send_加密Call(2, 1);
- Send_加密Call(x, 2);
- Send_加密Call(y, 2);
- Send_加密Call(0, 2);
- Send_加密Call(物品X, 2);
- Send_加密Call(物品Y, 2);
- Send_加密Call(0, 2);
- Send_加密Call(0, 2);
- Send_发包();
- }
- DWORD WINAPI 按键线程(LPVOID Param)
- {
- int hmodule, Tenrpcs;
- INT P;//人物指针
- MSG msg = { 0 };
- RegisterHotKey(NULL, 0x24, 0, VK_HOME);
- RegisterHotKey(NULL, 0x70, 0, VK_F1);
- RegisterHotKey(NULL, 0x71, 0, VK_F2);
- RegisterHotKey(NULL, 0x72, 0, VK_F3);
- RegisterHotKey(NULL, 0x73, 0, VK_F4);
- RegisterHotKey(NULL, 0x74, 0, VK_END);
- RegisterHotKey(NULL, 0x80, 0, VK_F7);
- while (GetMessage(&msg, 0, 0, 0))
- {
- if (WM_HOTKEY == msg.message)
- {
- if (VK_HOME == HIWORD(msg.lParam))
- {
- RegisterHotKey(NULL, 0x74, 0, VK_F5);
- RegisterHotKey(NULL, 0x75, 0, VK_F6);
- RegisterHotKey(NULL, 0x81, 0, 'V');
- Bulletin(L"内心毫无波澜甚至笑出了声");
- Bulletin(L"F1 全屏钩子");
- Bulletin(L"F2 独家倍功");
- Bulletin(L"F3 技能无CD");
- Bulletin(L"F4 Hook技能");
- Bulletin(L"F6 人物无敌");
- Bulletin(L"F7 释放秒杀");
- Bulletin(L"End 自動入包");
- Bulletin(L"V 直接入包");
- Bulletin(L"Hello My Loneliness");
- //初始化TenRPCS.dll+1A6E90 - C3 - ret
- //TenRPCS.dll+1A6ECB - E9 8D000000 - jmp TenRPCS.dll+1A6F5D
- hmodule = (int)GetModuleHandle(L"dnf.exe");
- Tenrpcs = (int)GetModuleHandle(L"TenRpcs.dll");
- Writebyte(Tenrpcs + 0x1A6E90, { 0xC3 });
- Writebyte(Tenrpcs + 0x1A6ECB, { 0xE9,0x8D,0x00,0x00,0x00 });
- //Writebyte(hmodule + 0x44B9BD2, {0x90 });//注释一条检测试试。
- WritePrivateProfileString(L"剑歌", L"技能代码", L"39002", L"C:\\Users\\Administrator\\Desktop\\剑歌.ini");
- }
- }
- if (VK_END == HIWORD(msg.lParam))
- {
- SetTimer(NULL, 3, 1000, (TIMERPROC)撿垃圾);
- }
- if (VK_F1 == HIWORD(msg.lParam))
- {
- Writebyte(hmodule + 0x4C680, { 0xC3 });
- Bulletin(L"全屏攻击 - Open");
- }
- if (VK_F2 == HIWORD(msg.lParam))
- {
- Writebyte(hmodule + 0x28286F9, { 0xB8,0x99,0x99,0x99 });//独家伤害基质
- Bulletin(L"独家倍功 - Open");
- }
- if (VK_F3 == HIWORD(msg.lParam))
- {
- Writebyte(hmodule + 0x27E6F52, { 0xEB,0x33 });
- Bulletin(L"技能无CD - Open");
- }
- if (VK_F4 == HIWORD(msg.lParam))
- {
- Writebyte(hmodule + 0x32AFC49, { 0xE9,0xB2,0x0B,0xD5,0xFC });
- Writebyte(hmodule + 0x32AFC4E, { 0x90 });
- Writebyte(hmodule + 0x800, { 0xBA,0xD9,0x11,0x01,0x00 });
- Writebyte(hmodule + 0x805, { 0xE9,0x45,0xF4,0x2A,0x03 });
-
- Bulletin(L"HOOK技能 - Open");
- }
- if (VK_F5 == HIWORD(msg.lParam))
- {
-
- }
- if (VK_F6 == HIWORD(msg.lParam))
- {
- P = ReadIit(0x642B240); //人物基质
- P += 0xAA4; //无敌偏移
- Writebyte(P, { 100 });
- Bulletin(L"无敌 - Open");
- }
-
- if (VK_F7 == HIWORD(msg.lParam))
- {
- 技能Call(P, GetPrivateProfileInt(L"剑歌", L"技能代码", NULL, L"C:\\Users\\Administrator\\Desktop\\剑歌.ini"), 999999, 200, 500, 0);
-
- Bulletin(L"释放Call - Open");
- }
-
- if ('V' == HIWORD(msg.lParam))
- {
- 剑歌拾取遍历();
- }
- }
- return 0;
- }
- void Bulletin(wstring text)
- {
- if (text.empty()) {
- return;
- }
- wstring value = L"剑歌:2030757644 ";
- value += text;
- const TCHAR* txtAdr = value.c_str();
- __asm
- {
- PUSH 0
- PUSH 0
- PUSH 0
- PUSH 0
- PUSH 0
- PUSH 0x24//喇叭显示的位置
- PUSH 0xFFFF00FF;//喇叭颜色
- PUSH txtAdr;
- MOV ECX, Base_NoticeCallECXAddr//商店基址
- MOV ECX, [ECX]
- MOV ECX, [ECX + 0x50]
- MOV EAX, Base_NoticeCallAddr//喇叭公告
- CALL EAX
- }
- }
- HANDLE hThreadapp;
- BOOL WINAPI DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
- {
- switch (ul_reason_for_call)
- {
- case DLL_PROCESS_ATTACH:
- {
-
- hThreadapp = CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)按键线程, 0, 0, 0);
- }
- //break;
- case DLL_THREAD_ATTACH:
- //break;
- case DLL_THREAD_DETACH:
- //break;
- case DLL_PROCESS_DETACH:
- break;
- }
- return TRUE;
- }
|
|
|手机版|小黑屋|捡代码论坛-专业源码分享下载
( 陕ICP备15015195号-1 ) 
|网站地图
发表于 2020-8-7 00:05:48
