#include "pch.h" //获取EXE使用头 号位数据 int GetExeNutWrtNum(int Pos) { int num = *(int*)(0x40079F + (Pos * 4)); return num; } //写EXE使用头 号位数据 void SetExeNutWrtNum(int Pos, int num) { int* p = (int*)(0x40079F + (Pos * 4)); *p = num; } //获取Nut头 号位数据 int GetNutArrNum(int Nut头地址, int Pos ) { int num = *(int*)(Nut头地址 + (Pos * 8)); return num; } //写Nut头 号位数据 void SetNutArrNum(int Nut头地址, int Pos, int num) { int* p = (int*)(Nut头地址 + (Pos * 8)); *p = num; } //读内存偏移地址 int GetHook(int Addr, std::string 地址) { size_t pos = 地址.find("+"); size_t size = 地址.size(); int GetHookArr[] = { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 }; int i = 0; while (pos != std::string::npos) { std::string x = 地址.substr(0, pos); GetHookArr[i] = stoi(x, 0, 16); i++; 地址 = 地址.substr(pos + 1, size); pos = 地址.find("+"); } int num; num = *(int*)(Addr); if (num != 0) { for (int z = 0; z < i; z++) { num = *(int*)(num + GetHookArr[z]); } } return num; } //解密读取 句柄 地址 int DNFDeCode(int Address) { DWORD nEax, nEcx8, nEsi, nEdx, nTmp; nEax = *(int*)(Address); if (nEax == -1) return nEax; nEcx8 = *(int*)(Address + 8); if (nEcx8 == -1) return nEcx8; nEsi = *(int*)(0x1AF8D78); nEdx = nEax >> 16; nTmp = (nEdx << 2) + nEsi + 36; nEdx = *(int*)(nTmp); if (nEdx == -1) return nEdx; nEax = nEax & 65535; nTmp = (nEax << 2) + nEdx + 8468; nEax = *(int*)(nTmp); if (nEax == -1) return nEax; _asm { mov eax, nEax movzx edx, ax mov nEdx, edx } nEsi = nEdx << 16; nEsi = nEsi | nEdx; nEax = nEsi ^ nEcx8; return nEax; return 0; } //加密写入 void DNFEnCode(int AddreSs, int Data) { long JEdi, JEcx, JEax, JEsi, JEdx, JSs; JEcx = AddreSs; JEax = *(int*)(0x1AF8DB8); JEax = JEax + 1; *(int*)(0x1AF8DB8) = JEax; JEdx = JEax; JEdx = JEdx >> 8; JEdx = JEdx << 24; JEdx = JEdx >> 24; JEdx = *(int*)(JEdx * 2 + 0x1843F58); JEdx = JEdx & 0xFFFF; JEax = JEax << 24; JEax = JEax >> 24; JSs = *(int*)(JEax * 2 + 0x1844158); JSs = JSs & 0xFFFF; JEdx = JEdx ^ JSs; JEax = JEdx; JEax = JEax & 0xFFFF; JEsi = Data; JEdx = JEsi >> 16; Sleep(10); JSs = JEsi & 0xFFFF; JEdx = JEdx + JSs; JEdx = JEdx ^ JEax; JEdi = JEdx; JEdx = JEax; JEax = JEax << 16; JEax = JEax + JEdx; JEsi = Data; JEax = JEax ^ JEsi; JEsi = AddreSs + 8; *(int*)(JEsi) = JEax; JEax = *(int*)(AddreSs); JEsi = *(int*)(0x1AF8D78); JEcx = JEdi; JEcx = JEcx << 16; JEcx = JEcx + JEdx; JEdx = JEax; JEdx = JEdx >> 16; JEdx = *(int*)(JEsi + JEdx * 4 + 36); JEax = JEax & 0xFFFF; *(int*)(JEdx + JEax * 4 + 8468) = JEcx; } int GetEquAddr(int addr) { switch (addr) { case 1: return 0x3038; break; case 2: return 0x304C; break; case 3: return 0x3048; break; case 4: return 0x3050; break; case 5: return 0x3044; break; case 6: return 0x3040; break; case 7: return 0x3058; break; case 8: return 0x305C; break; case 9: return 0x3054; break; case 10: return 0x3060; break; case 11: return 0x3064; break; case 12: return 0x3038; break; case 13: return 0x3008; break; case 14: return 0x300C; break; case 15: return 0x3010; break; case 16: return 0x3014; break; case 17: return 0x3018; break; case 18: return 0x301C; break; case 19: return 0x3020; break; case 20: return 0x3024; break; case 21: return 0x3028; break; case 22: return 0x302C; break; case 23: return 0x3030; break; case 24: return 0x3068; break; case 25: return 0x306C; break; case 26: return 0x3070; break; case 27: return 0x3074; break; } return -1; } //-------------------------------------------------------------------------------------------Squirrel //获取Squirrel v 基址 inline uint32_t GetSqVm() { return *(uint32_t*)0x1AF3544; } //新增nut接口funcName绑定C语言函数funcAddr void RegisterNutApi(const wchar_t* funcName, void* funcAddr, uint32_t v) { if (!v) v = GetSqVm(); SQPushRootTable(v); RealSqPushString(v, funcName, -1); RealSqNewClosure(v, funcAddr, 0); SQNewSlot(v, -3, false); SQPopTop(v); } //读人物 或 装备属性 static SQInteger GetCharacterAttribute(HSQUIRRELVM v) { SQInteger n1 ,n2 ; sq_getinteger(v, 2, &n1); sq_getinteger(v, 3, &n2); int CharAddr = *(int*)(0x1AB7CDC); if (n1 > 0 && n2 > 0 && n2 <= 27) { int TValue = *(int*)(CharAddr + GetEquAddr(n2)); int SValue = (TValue + n1); if (n1 != 0x8 && n1 != 0x1C && n1 != 0xF4) sq_pushinteger(v, (SQInteger)(DNFDeCode(SValue))); else sq_pushinteger(v, (SQInteger)(*(int*)(SValue))); } else if (n1 > 0) { int Value = (CharAddr + n1); sq_pushinteger(v, (SQInteger)(DNFDeCode(Value))); } else { sq_pushinteger(v, -1); } return 1; } //写人物 或 装备属性 static SQInteger SetCharacterAttribute(HSQUIRRELVM v) { SQInteger n1, n2,n3; sq_getinteger(v, 2, &n1); sq_getinteger(v, 3, &n2); sq_getinteger(v, 4, &n3); std::cout << n1 << std::endl; std::cout << n2 << std::endl; std::cout << n3 << std::endl; int CharAddr = *(int*)(0x1AB7CDC); if (n1 > 0 && n2 > 0 && n3 > 0) { int TValue = *(int*)(CharAddr + GetEquAddr(n2)); int SValue = (TValue + n1); if (n1 != 0x8 && n1 != 0x1C && n1 != 0xF4) //sq_pushinteger(v, (SQInteger)(DNFDeCode(SValue))); DNFEnCode(SValue, n3); else //sq_pushinteger(v, (SQInteger)(*(int*)(SValue))); *(int*)SValue = n3; sq_pushinteger(v, (SQInteger)1); } else if (n1 > 0 && n2 >0) { int Value = (CharAddr + n1); DNFEnCode(Value, n2); sq_pushinteger(v, (SQInteger)1); } else { sq_pushinteger(v, -1); } sq_pushinteger(v, -1); return 1; } //获取城镇编号 static SQInteger GetTownIndex(HSQUIRRELVM v) { sq_pushinteger(v, GetHook(0x1A5E258, "0xAC+0xD4+")); return 1; } //获取城镇区域编号 static SQInteger GetRegionIndex(HSQUIRRELVM v) { sq_pushinteger(v, *(int*)(GetHook(0x1A5E258, "0xAC+0xD8+"))); return 1; } //获取城镇X坐标 static SQInteger GetTownXpos(HSQUIRRELVM v) { sq_pushinteger(v, GetHook(0x1AB7CE0, "0x2BC+")); return 1; } //获取城镇Y坐标 static SQInteger GetTownYpos(HSQUIRRELVM v) { sq_pushinteger(v, GetHook(0x1AB7CE0, "0x2C0+")); return 1; } //发包类型 static SQInteger SendPackType(HSQUIRRELVM v) { SQInteger n1; sq_getinteger(v, 2, &n1); _SendpacksType(*_SendClass, 0, n1); sq_pushinteger(v, 1); return 1; } //发包Byte static SQInteger SendPackByte(HSQUIRRELVM v) { SQInteger n1; sq_getinteger(v, 2, &n1); _SendPacksByte(*_SendClass, 0, n1); sq_pushinteger(v, 1); return 1; } //发包Word static SQInteger SendPackWord(HSQUIRRELVM v) { SQInteger n1; sq_getinteger(v, 2, &n1); _SendPacksWord(*_SendClass, 0, n1); sq_pushinteger(v, 1); return 1; } //发包DWord static SQInteger SendPackDWord(HSQUIRRELVM v) { SQInteger n1; sq_getinteger(v, 2, &n1); _SendPacksDWord(*_SendClass, 0, n1); sq_pushinteger(v, 1); return 1; } //发包 static SQInteger SendPack(HSQUIRRELVM v) { _SendPacks(); sq_pushinteger(v, 1); return 1; } void RegisterNut() { RegisterNutApi(L"L_sq_GetCharacterAttribute", GetCharacterAttribute); RegisterNutApi(L"L_sq_SetCharacterAttribute", SetCharacterAttribute); RegisterNutApi(L"L_sq_GetTownIndex", GetTownIndex); RegisterNutApi(L"L_sq_GetRegionIndex", GetRegionIndex); RegisterNutApi(L"L_sq_GetTownXpos", GetTownXpos); RegisterNutApi(L"L_sq_GetTownYpos", GetTownYpos); RegisterNutApi(L"L_sq_SendPackType", SendPackType); RegisterNutApi(L"L_sq_SendPackByte", SendPackByte); RegisterNutApi(L"L_sq_SendPackWord", SendPackWord); RegisterNutApi(L"L_sq_SendPackDWord", SendPackDWord); RegisterNutApi(L"L_sq_SendPack", SendPack); }