diff --git a/test/dllmain.cpp b/test/dllmain.cpp
index f5c4e2f..83cf46f 100644
--- a/test/dllmain.cpp
+++ b/test/dllmain.cpp
@@ -2,29 +2,106 @@
 #include "pch.h"
 #include <iostream>
 #include <Windows.h>
+#include <string>
+
+
+int Nut头地址;
+int 属性头地址;
+int 可开始执行判断;
 
 
 
 
-typedef int func(int a , int b);
-func* f = (func*)0x401000;
-
 
 
+//获取EXE使用头 号位数据
 int GetExeNutWrtNum(int Pos)
 {
     int num = *(int*)(0x40079F  + (Pos *  4));
     return num;
 }
 
+//写EXE使用头 号位数据
+void SetExeNutWrtNum(int Pos , int num)
+{
+    int *p = (int*)(0x40079F + (Pos * 4));
+    *p = num;
+}
+
+//获取Nut头 号位数据
+int GetNutArrNum(int Pos)
+{
+    int num = *(int*)(Nut头地址 + (Pos * 8));
+    return num;
+}
+
+//写Nut头 号位数据
+void SetNutArrNum(int Pos, int num)
+{
+    int* p = (int*)(Nut头地址 + (Pos * 8));
+    *p = num;
+}
+
+//读内存偏移地址
+int GetHook(int Addr , std::string 地址)
+{
+    size_t pos = 地址.find("+");
+    size_t size = 地址.size();
+    int GetHookArr[] = { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 };
+    int i = 0;
+
+    while (pos != std::string::npos)
+    {
+        std::string x = 地址.substr(0, pos);
+        GetHookArr[i] = stoi(x, 0, 16);
+        i++;
+        地址 = 地址.substr(pos + 1, size);
+        pos = 地址.find("+");
+    }
+    
+    int num;
+    num = *(int*)(Addr);
+    
+    if (num != 0)
+    {
+        for (int z = 0; z < i; z++)
+        {
+            num = *(int*)(num + GetHookArr[z]);
+        }
+    }
+    
+    std::cout << num << std::endl;
+
+    return num;
+    
+}
+
 void ThreadFun(void)
 {
-    
     while (true)
     {
-        std::cout << GetExeNutWrtNum(40) << std::endl;;
+        Sleep(500);
+
+        if (GetHook(0x1A5FB4C, "0x14+0x28+") == 6)可开始执行判断 = 1;
+        if (可开始执行判断 == 1)
+        {
+            while (true)
+            {
+                Sleep(10);
+
+                if (GetExeNutWrtNum(61) != 0 && Nut头地址 == 0)Nut头地址 = GetExeNutWrtNum(61);
+                //if (GetExeNutWrtNum(61 != 0))属性头地址 = GetExeNutWrtNum(61);
+
+                //std::cout << GetExeNutWrtNum(0) << std::endl;;
+                if (GetExeNutWrtNum(0) == 666)
+                {
+                    std::cout << u8"写成功" << std::endl;;
+                    SetExeNutWrtNum(0, 0);
+                    SetNutArrNum(20, 0);
+                }
+            }
+        }
     }
-    Sleep(10);
 }
 
 
@@ -34,19 +111,6 @@ __declspec(dllexport) void Lenheart()
     CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)ThreadFun, NULL, 0, &threadID);
 }
 
-/*
-extern "C" __declspec(dllexport) int Sub(int a, int b) {
-
-    int i = f(160, 80);
-    std::cout << i << std::endl;
-    getchar();
-
-    std::cout << "注入成功\n";
-
-    return a - b;
-
-}
-*/
 
 BOOL APIENTRY DllMain( HMODULE hModule,
                        DWORD  ul_reason_for_call,
diff --git a/test/test.vcxproj b/test/test.vcxproj
index 5f11bef..16417d5 100644
--- a/test/test.vcxproj
+++ b/test/test.vcxproj
@@ -73,10 +73,11 @@
   <PropertyGroup Label="UserMacros" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
     <LinkIncremental>true</LinkIncremental>
+    <OutDir>D:\BaiduNetdiskWorkspace\DOF-Lenheart\Plugins</OutDir>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
     <LinkIncremental>false</LinkIncremental>
-    <OutDir>D:\DOF\DOF-Lenheart\Plugins\</OutDir>
+    <OutDir>D:\BaiduNetdiskWorkspace\DOF-Lenheart\Plugins</OutDir>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
     <LinkIncremental>true</LinkIncremental>