#pragma once #include #include "MinHook.h" #include "inlinehook.h" #include "RegisterSquirrel.hpp" #include "IO_Ex.hpp" #include "Verify.hpp" //游戏初始化完毕Flag static bool InitGameFlag = false; //宽屏百级UI static bool Yosin百级UIFlag = false; //StringBin文件缓存 extern std::vector StringBin; //脚本是否请求到的Flag extern bool jiaoben; //脚本文件数组 extern std::vector BaseData; struct BufState { const wchar_t* buf; int ptr; int size; }; //加载脚本的逻辑 int Sq_mycompilebuffer(HSQUIRRELVM v, const wchar_t* s, int size, const wchar_t* filename, BOOL printerror) { BufState buf; buf.buf = s; buf.size = size; buf.ptr = 0; return SQ_Compile(v, (LSQLEXREADFUNC)0x1359AD0, &buf, filename, printerror); } void Suxn() { size_t Ds = BaseData.size(); HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; for (size_t i = 0; i < Ds; i++) { std::string filenamebuf = "BaseData" + std::to_string(i) + BaseData[i].substr(0,50); std::string strbuf = BaseData[i]; std::wstring filename = DNFTOOL::charTowchar_t((char*)filenamebuf.c_str()); std::wstring str = DNFTOOL::charTowchar_t((char*)strbuf.c_str()); SQInteger Top = Sq_gettop(v); #ifdef SELL if (Sq_mycompilebuffer(v, str.c_str(), str.length(), filename.c_str(), false) >= 0) { Sq_pushroottable(v); Sq_call(v, 1, SQFalse, SQTrue); Sq_pop(v, 1); //std::cout << "加载了: " << strbuf.substr(0, 100) << std::endl; } #else if (Sq_mycompilebuffer(v, str.c_str(), str.length(), filename.c_str(), false) >= 0) { Sq_pushroottable(v); Sq_call(v, 1, SQFalse, SQTrue); Sq_pop(v, 1); } #endif // SELL Sq_settop(v, Top); } BaseData.clear(); jiaoben = false; } typedef struct REG { DWORD EAX; DWORD EBX; DWORD ECX; DWORD EDX; DWORD ESI; DWORD EDI; DWORD ESP; DWORD EBP; DWORD VmAddress; BYTE Cl; } REG; REG PlayerEach = { 0 }; void __declspec(naked)PlayerEach2() { static int address = 0x11B34E0; static int address1 = 0x001004B59; _asm { pushad pushfd mov PlayerEach.ECX, ecx mov PlayerEach.EDI, edi } if (PlayerEach.EDI == 2) { PlayerEach.VmAddress = Sq_gettop(*(HSQUIRRELVM*)0x1AF3544); Sq_pushroottable(*(HSQUIRRELVM*)0x1AF3544); Sq_pushstring(*(HSQUIRRELVM*)0x1AF3544, L"Sq_PlayerEachPos", -1); if (SQ_SUCCEEDED(Sq_get(*(HSQUIRRELVM*)0x1AF3544, -2))) { Sq_pushroottable(*(HSQUIRRELVM*)0x1AF3544); Sq_pushinteger(*(HSQUIRRELVM*)0x1AF3544, *(int*)(PlayerEach.ECX + 0x14)); Sq_pushinteger(*(HSQUIRRELVM*)0x1AF3544, *(int*)(PlayerEach.ECX + 0x18)); Sq_call(*(HSQUIRRELVM*)0x1AF3544, 3, 0, 1); } Sq_settop(*(HSQUIRRELVM*)0x1AF3544, PlayerEach.VmAddress); } _asm { popfd popad call address test al, al jmp address1 } } REG MouseAsm = { 0 }; void __declspec(naked)MouseWheelUp() { static int address = 0x11BDE12; static int address1 = 0x0011BDEEE; static int address2 = 0x0011BDEDF; static int address3 = 0x0011BDECE; _asm { pushad pushfd mov MouseAsm.EDI, edi mov MouseAsm.ECX, ecx } if ((int)*(BYTE*)0x1B46886 == 0) { _asm { popfd popad jmp address } } else { if (MouseAsm.EDI == 0x20A) { if (MouseAsm.ECX == 0x780000) { _asm { popfd popad jmp address3 } } else { _asm { popfd popad jmp address2 } } } else { _asm { popfd popad jmp address1 } } } } REG DrawWindow_BAsm = { 0 }; void __declspec(naked)DrawWindow_B_Hook() { static int address = 0xFFDA10; static int address1 = 0x66BEA1; _asm { pushad pushfd } if (InitGameFlag) { DrawWindow_BAsm.VmAddress = Sq_gettop(*(HSQUIRRELVM*)0x1AF3544); Sq_pushroottable(*(HSQUIRRELVM*)0x1AF3544); Sq_pushstring(*(HSQUIRRELVM*)0x1AF3544, L"L_DrawWindow_B", -1); if (SQ_SUCCEEDED(Sq_get(*(HSQUIRRELVM*)0x1AF3544, -2))) { Sq_pushroottable(*(HSQUIRRELVM*)0x1AF3544); Sq_call(*(HSQUIRRELVM*)0x1AF3544, 1, 0, 1); } Sq_settop(*(HSQUIRRELVM*)0x1AF3544, DrawWindow_BAsm.VmAddress); } _asm { popfd popad mov ecx, eax call address jmp address1 } } REG BuffIconHookAsm = { 0 }; void __declspec(naked)BuffIcon_Hook() { static int address = 0x4C8C1D; static int address2 = 0x4C8C5B; _asm { pushad pushfd } _asm { popfd popad add esi,0x88 sub edi,eax mov BuffIconHookAsm.Cl, cl pushad pushfd } if (BuffIconHookAsm.Cl == 1) { _asm { popfd popad jmp address } } else { _asm { popfd popad jmp address2 } } } REG BuffIconHookBAsm = { 0 }; void __declspec(naked)BuffIcon_Hook_B() { static int address = 0x4BF566; //static int address2 = 0x4C8C5B; _asm { pushad pushfd } _asm { popfd popad sub edi,eax add esi, 0x88 mov [ebp-40],esi jmp address } } void __declspec(naked)HudBloodBackground() { static int address = 0x4CA03D; _asm { pushad pushfd } if (InitGameFlag) { DrawWindow_BAsm.VmAddress = Sq_gettop(*(HSQUIRRELVM*)0x1AF3544); Sq_pushroottable(*(HSQUIRRELVM*)0x1AF3544); Sq_pushstring(*(HSQUIRRELVM*)0x1AF3544, L"L_HUD_BloodBackground", -1); if (SQ_SUCCEEDED(Sq_get(*(HSQUIRRELVM*)0x1AF3544, -2))) { Sq_pushroottable(*(HSQUIRRELVM*)0x1AF3544); Sq_call(*(HSQUIRRELVM*)0x1AF3544, 1, 0, 1); } Sq_settop(*(HSQUIRRELVM*)0x1AF3544, DrawWindow_BAsm.VmAddress); } _asm { popfd popad mov ecx,[esi+0xa94] push 0 jmp address } } REG Damage_HookAsm = { 0 }; void __declspec(naked)Damage_Hook() { static int address = 0xE5A2E5; _asm { pushad pushfd mov Damage_HookAsm.EDI, edi mov Damage_HookAsm.EBX, ebx mov Damage_HookAsm.EBP, ebp } Damage_HookAsm.EAX = *(int*)0x1AB7CDC; if (InitGameFlag) { int Address = Damage_HookAsm.EBX;//只要等于 read 或者等于0 就说明是我自己的伤害 int Damage = *(DWORD*)(Damage_HookAsm.EBP - 0x17c); Damage_HookAsm.VmAddress = Sq_gettop(*(HSQUIRRELVM*)0x1AF3544); Sq_pushroottable(*(HSQUIRRELVM*)0x1AF3544); Sq_pushstring(*(HSQUIRRELVM*)0x1AF3544, L"Sq_PushDamageData", -1); if (SQ_SUCCEEDED(Sq_get(*(HSQUIRRELVM*)0x1AF3544, -2))) { Sq_pushroottable(*(HSQUIRRELVM*)0x1AF3544); Sq_pushinteger(*(HSQUIRRELVM*)0x1AF3544, Address); Sq_pushinteger(*(HSQUIRRELVM*)0x1AF3544, Damage_HookAsm.EAX); Sq_pushinteger(*(HSQUIRRELVM*)0x1AF3544, Damage); Sq_call(*(HSQUIRRELVM*)0x1AF3544, 4, 0, 1); } Sq_settop(*(HSQUIRRELVM*)0x1AF3544, Damage_HookAsm.VmAddress); Damage_HookAsm.EBX = 0; Damage_HookAsm.EBP = 0; } _asm { popfd popad mov eax, Damage_HookAsm.EAX xor ecx,ecx jmp address } } typedef struct REG1 { DWORD EAX; DWORD EBX; DWORD ECX; DWORD EDX; DWORD ESI; DWORD EDI; DWORD ESP; DWORD EBP; DWORD VmAddress; BYTE Cl; SQBool flag; int vm_data1; } REG1; REG1 DiscardItem_HookAsm = { 0 }; void __declspec(naked)DiscardItem_Hook() { static int address = 0xE71EAB; static int func = 0xE6E070; _asm { pushad pushfd mov DiscardItem_HookAsm.ESI, esi mov DiscardItem_HookAsm.EBX, ebx } if (InitGameFlag) { DiscardItem_HookAsm.VmAddress = Sq_gettop(*(HSQUIRRELVM*)0x1AF3544); Sq_pushroottable(*(HSQUIRRELVM*)0x1AF3544); Sq_pushstring(*(HSQUIRRELVM*)0x1AF3544, L"Sq_DiscardItem", -1); if (SQ_SUCCEEDED(Sq_get(*(HSQUIRRELVM*)0x1AF3544, -2))) { Sq_pushroottable(*(HSQUIRRELVM*)0x1AF3544); Sq_pushinteger(*(HSQUIRRELVM*)0x1AF3544, DiscardItem_HookAsm.ESI); Sq_call(*(HSQUIRRELVM*)0x1AF3544, 2, 1, 1); Sq_getbool(*(HSQUIRRELVM*)0x1AF3544, -1, &DiscardItem_HookAsm.flag); } Sq_settop(*(HSQUIRRELVM*)0x1AF3544, DiscardItem_HookAsm.VmAddress); if (!DiscardItem_HookAsm.flag) { _asm { popfd popad mov eax,0 jmp address } } } _asm { popfd popad push 1 push DiscardItem_HookAsm.ESI push 0xFB mov ecx, DiscardItem_HookAsm.EBX call func jmp address } } REG1 DiscardItem_HookBAsm = { 0 }; void __declspec(naked)DiscardItemB_Hook() { static int address = 0xE71E95; static int func = 0x10086C0; _asm { pushad pushfd mov DiscardItem_HookBAsm.EAX, eax mov DiscardItem_HookBAsm.ESI, esi mov DiscardItem_HookBAsm.ECX, ecx } if (InitGameFlag) { DiscardItem_HookBAsm.VmAddress = Sq_gettop(*(HSQUIRRELVM*)0x1AF3544); Sq_pushroottable(*(HSQUIRRELVM*)0x1AF3544); Sq_pushstring(*(HSQUIRRELVM*)0x1AF3544, L"Sq_DiscardItem", -1); if (SQ_SUCCEEDED(Sq_get(*(HSQUIRRELVM*)0x1AF3544, -2))) { Sq_pushroottable(*(HSQUIRRELVM*)0x1AF3544); Sq_pushinteger(*(HSQUIRRELVM*)0x1AF3544, DiscardItem_HookBAsm.ESI); Sq_call(*(HSQUIRRELVM*)0x1AF3544, 2, 1, 1); Sq_getbool(*(HSQUIRRELVM*)0x1AF3544, -1, &DiscardItem_HookBAsm.flag); } Sq_settop(*(HSQUIRRELVM*)0x1AF3544, DiscardItem_HookBAsm.VmAddress); if (!DiscardItem_HookBAsm.flag) { _asm { popfd popad mov eax, 0 jmp address } } } _asm { popfd popad push 0 push 0 push 0 push 0x1C push DiscardItem_HookBAsm.EAX push 0 push 0 call func jmp address } } void __declspec(naked)SelectCharacter_Hook() { static int address = 0x10F79D1; _asm { imul edx,edx,0x7a xor eax, eax add edx, 0xA1 pushad pushfd } _asm { popfd popad jmp address } } void __declspec(naked)SelectCharacter_Hook1() { static int address = 0x10F7B4B; _asm { imul eax, eax, 0x7a xor edx, edx add eax, 0xA1 pushad pushfd } _asm { popfd popad jmp address } } void __declspec(naked)SelectCharacter_Hook2() { static int address = 0x10F7F91; _asm { imul ecx, ecx, 0x7a add ecx, 0xA1 xor edx, edx pushad pushfd } _asm { popfd popad jmp address } } void __declspec(naked)SelectCharacter_Hook3() { static int address = 0x10F8319; _asm { imul edx, edx, 0x7a xor eax, eax add edx, 0xA1 pushad pushfd } _asm { popfd popad jmp address } } void __declspec(naked)SelectCharacter_Hook4() { static int address = 0x10F843E; _asm { imul eax, eax, 0x7a xor ecx, ecx add eax, 0xA1 pushad pushfd } _asm { popfd popad jmp address } } void __declspec(naked)SelectCharacter_Hook5() { static int address = 0x10F85F2; _asm { imul eax, eax, 0x7a xor ecx, ecx add eax, 0xA1 pushad pushfd } _asm { popfd popad jmp address } } void __declspec(naked)SelectCharacter_Hook6() { static int address = 0x10F2C74; _asm { imul eax, eax, 0x7a add eax, 0xA1 pushad pushfd } _asm { popfd popad jmp address } } void __declspec(naked)SelectCharacter_Hook7() { static int address = 0x10F3480; _asm { imul eax, eax, 0x7a xor edx, edx add eax, 0xA1 pushad pushfd } _asm { popfd popad jmp address } } REG ReadStringBin_HookAsm = { 0 }; void InserBinStr(char* src, int size) { StringBin.push_back(std::string(src, size)); } void __declspec(naked)ReadStringBin_HookA() { static int address = 0x119F303; _asm { pushad pushfd } InserBinStr("error str",10); _asm { popfd popad mov ecx,0xff lea edi,[ebp - 0x410] jmp address } } void __declspec(naked)ReadStringBin_HookB() { static int address = 0x119F2C8; _asm { pushad pushfd mov ReadStringBin_HookAsm.EBX, ebx mov ReadStringBin_HookAsm.ESI, esi mov ReadStringBin_HookAsm.ECX ,ecx } InserBinStr((char*)ReadStringBin_HookAsm.ESI, ReadStringBin_HookAsm.EBX); _asm { popfd popad mov eax,[ebp + 450] add eax,ebx jmp address } } REG1 MonsetrRace_HookAsm = { 0 }; void __declspec(naked)MonsetrRace_Hook() { static int address = 0x43A8BA; static int address1 = 0x43A86A; _asm { mov MonsetrRace_HookAsm.EBX, ebx mov MonsetrRace_HookAsm.EDX, edx xor ebx, ebx push edi mov edi, [ebp + 0x8] test eax, eax pushad pushfd mov MonsetrRace_HookAsm.ESI, esi mov MonsetrRace_HookAsm.vm_data1, 34 } MonsetrRace_HookAsm.VmAddress = Sq_gettop(*(HSQUIRRELVM*)0x1AF3544); Sq_pushroottable(*(HSQUIRRELVM*)0x1AF3544); Sq_pushstring(*(HSQUIRRELVM*)0x1AF3544, L"L_Rindro_MonsterEXControl_Race", -1); if (SQ_SUCCEEDED(Sq_get(*(HSQUIRRELVM*)0x1AF3544, -2))) { Sq_pushroottable(*(HSQUIRRELVM*)0x1AF3544); Sq_pushinteger(*(HSQUIRRELVM*)0x1AF3544, MonsetrRace_HookAsm.ESI); Sq_pushinteger(*(HSQUIRRELVM*)0x1AF3544, MonsetrRace_HookAsm.EBX); Sq_pushinteger(*(HSQUIRRELVM*)0x1AF3544, MonsetrRace_HookAsm.EDX); Sq_call(*(HSQUIRRELVM*)0x1AF3544, 4, 1, 1); Sq_getinteger(*(HSQUIRRELVM*)0x1AF3544, -1, &MonsetrRace_HookAsm.vm_data1); } else { Sq_settop(*(HSQUIRRELVM*)0x1AF3544, MonsetrRace_HookAsm.VmAddress); _asm { popfd popad jmp address1 } } Sq_settop(*(HSQUIRRELVM*)0x1AF3544, MonsetrRace_HookAsm.VmAddress); _asm { popfd popad mov edi, MonsetrRace_HookAsm.vm_data1 jmp address } } //窗口打开事件Hook typedef void(__fastcall _OpenWindow)(DWORD thisc, DWORD Seat, DWORD a1, DWORD a2, DWORD a3); static _OpenWindow* OldOpenWindow; void __fastcall NewOpenWindow(DWORD thisc, DWORD Seat, DWORD a1, DWORD a2, DWORD a3) { if (InitGameFlag) { if (*(DWORD*)0x1A5FB20 == thisc) { HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"L_OpenOldWindowCallBack", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, a1); Sq_call(v, 2, SQFalse, SQTrue); } Sq_settop(v, Top); } } OldOpenWindow(thisc, 0, a1, a2, a3); } //鼠标事件 typedef void(_11BDC90)(int a1, unsigned int a2, int a3); static _11BDC90* Old11BDC90; void New11BDC90(int a1, unsigned int a2, int a3) { if (InitGameFlag) { int X = *(int*)0x1B4686C; int Y = *(int*)0x1B46870; if ((X | Y) >= 0) { HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"L_MouseCallBack", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, a1); Sq_pushinteger(v, a2); Sq_pushinteger(v, X); Sq_pushinteger(v, Y); Sq_call(v, 5, SQFalse, SQTrue); } Sq_settop(v, Top); } } Old11BDC90(a1, a2, a3); return; } //N键大地图 typedef int(_fastcall _1030C30)(int a1, int a2, BYTE* a3); static _1030C30* Old1030C30; int _fastcall New1030C30(int a1, int a2, BYTE* a3) { int ret = Old1030C30(a1, a2, a3); HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_DrawMiniMapUI", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, 111); Sq_call(v, 2, SQFalse, SQTrue); } Sq_settop(v, Top); return ret; } //官方的组合NutHook typedef int(_fastcall _674030)(wchar_t* thisc, DWORD Seat, wchar_t* a2, int a3); static _674030* Old674030; int _fastcall New674030(wchar_t* thisc, DWORD Seat, wchar_t* a2, int a3) { int ret = Old674030(thisc, Seat, a2, a3); return ret; } //他人信息Hook typedef int(_fastcall _FA42D0)(int a1, int seat, int a2, int a3); static _FA42D0* OldFA42D0; int _fastcall NewFA42D0(int a1, int seat, int a2, int a3) { //OtherPlayerInfoType = a2 + 1; HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); SQBool Flag; Sq_pushroottable(v); Sq_pushstring(v, L"L_Other_Character_Info_Window", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, *(int*)(a1 + 0xc)); Sq_call(v, 2, SQTrue, SQTrue); Sq_getbool(v, -1, &Flag); } Sq_settop(v, Top); if (!Flag)return OldFA42D0(a1, seat, a2, a3); return 0; } //伤害字体 HOOK typedef DWORD(_cdecl _7EEED0)(DWORD a1, DWORD a2, DWORD a3, DWORD a4, DWORD a5, DWORD a6); static _7EEED0* Old7EEED0; DWORD _cdecl New7EEED0(DWORD a1, DWORD a2, DWORD a3, DWORD a4, DWORD a5, DWORD a6) { HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); SQBool Flag; Sq_pushroottable(v); Sq_pushstring(v, L"Sq_PushDamageFontData", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, a1); Sq_pushinteger(v, a2); Sq_pushinteger(v, a3); Sq_pushinteger(v, a4); Sq_pushinteger(v, a5); Sq_pushinteger(v, a6); Sq_pushinteger(v, Damage_HookAsm.EDI); Sq_pushinteger(v, Damage_HookAsm.EBX); Sq_call(v, 9, SQTrue, SQTrue); Sq_getbool(v, -1, &Flag); } Sq_settop(v, Top); if (Flag) { return Old7EEED0(a1, a2, a3, a4, a5, a6); } return 0; } //注册收包 typedef void(__fastcall* init_pack_handler_t)(void* Ecx); static init_pack_handler_t Lpfn_Init = nullptr; typedef void(__cdecl* pack_handler_t)(int idx, int err, void*, void*); typedef void(__cdecl* register_pack_handler_t)(int idx, pack_handler_t handler, int zero); typedef bool(__cdecl* _Net_Get_Dword)(DWORD*); static _Net_Get_Dword Net_Get_Dword = reinterpret_cast<_Net_Get_Dword>(0x011AEA60); typedef bool(__cdecl* _Net_Get_Buffer)(void*, int); static _Net_Get_Buffer Net_Get_Buffer = reinterpret_cast<_Net_Get_Buffer>(0x011AEA90); //130号收包 void Pack_Control(int idx, int code, void* p3, void* p4) { if (InitGameFlag) { DWORD Size; Net_Get_Dword(&Size); char* Buffer = new char[Size + 1]; Net_Get_Buffer(Buffer, Size); Buffer[Size] = '\0'; std::wstring ss = DNFTOOL::charTowchar_t(Buffer); delete[]Buffer; HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); #if defined(SELL) || defined(EXPRESS) Sq_pushstring(v, L"Sq_Pack_Control", -1); #else Sq_pushstring(v, L"Sq_Pack_ControlLocal", -1); #endif // SELL if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushstring(v, ss.c_str(), -1); Sq_call(v, 2, SQFalse, SQTrue); } Sq_settop(v, Top); } } void Pack_Control2(int idx, int code, void* p3, void* p4) { if (InitGameFlag) { DWORD Size; Net_Get_Dword(&Size); void* Buffer = malloc(Size); Net_Get_Buffer(Buffer, Size); HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_BlobPack_Control", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, Size); Sq_pushuserpointer(v,Buffer); Sq_call(v, 3, SQFalse, SQTrue); } Sq_settop(v, Top); free(Buffer); //Buffer[Size] = '\0'; // std::wstring ss = DNFTOOL::charTowchar_t(Buffer); // // HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; // SQInteger Top = Sq_gettop(v); // Sq_pushroottable(v); //#if defined(SELL) || defined(EXPRESS) // Sq_pushstring(v, L"Sq_Pack_Control", -1); //#else // Sq_pushstring(v, L"Sq_Pack_ControlLocal", -1); //#endif // SELL // // if (SQ_SUCCEEDED(Sq_get(v, -2))) { // Sq_pushroottable(v); // Sq_pushstring(v, ss.c_str(), -1); // Sq_call(v, 2, SQFalse, SQTrue); // } // Sq_settop(v, Top); } else { DWORD Size; Net_Get_Dword(&Size); void* Buffer = malloc(Size); Net_Get_Buffer(Buffer, Size); std::string StringBuffer((char*)Buffer, Size); //std::cout << "base64: " << StringBuffer << std::endl; std::vector StrBuf = Base64::decode(StringBuffer); char* strip = reinterpret_cast(StrBuf.data());; int RealKey[5] = { 5,7,8,1,6 }; Cutecode(strip, RealKey, StrBuf.size(), 5);//解密 std::string Ip(strip, StrBuf.size()); #ifdef SELL VerifyThreadParams* params = new VerifyThreadParams; params->data = Ip; //多线程验证 DWORD threadID; HANDLE Thand = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)VerifyThread, params, 0, &threadID); #endif //std::cout << "IP++++++++:" << Ip << std::endl; //std::cout << "IP++++++++:" << Ip.length() << std::endl; } } void H_Register_Pack(void* Ecx) { Lpfn_Init(Ecx); auto Registerfunc = reinterpret_cast(0x7186D0); //Registerfunc(130, Pack_Control, 0); //Registerfunc(131, Pack_Control2,0); //std::cout << "注册1" << std::endl; } //DrawMain HOOK typedef DWORD(_fastcall _4C61F0)(DWORD thisc, DWORD Seat); static _4C61F0* Old4C61F0; DWORD _fastcall New4C61F0(DWORD thisc, DWORD Seat) { //选择频道调用 static bool RegisterPackFlag = false; if (DNFTOOL::GetHook(0x1A5FB4C, "0x14+0x28+", 0) == 6 && !RegisterPackFlag) { RegisterPackFlag = true; //注册包控制（很多煞笔登录器不让开始注册） auto Registerfunc = reinterpret_cast(0x7186D0); Registerfunc(130, Pack_Control, 0); Registerfunc(131, Pack_Control2, 0); //std::cout << "注册2" << std::endl; } DWORD Ret = Old4C61F0(thisc, Seat); if (BaseData.size() > 0 && jiaoben == true && InitGameFlag) { Suxn(); ////注册包控制（很多煞笔登录器不让开始注册） //auto Registerfunc = reinterpret_cast(0x7186D0); //Registerfunc(130, Pack_Control, 0); } static bool mouseInit = false; //进入角色调用 if (DNFTOOL::GetHook(0x1A5FB4C, "0x14+0x28+", 0) == 0) { if (!InitGameFlag) { InitGameFlag = true; } } if (InitGameFlag) { HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); //std::cout << "A: " << Sq_gettop(v) << std::endl; //Old1359130(v, *(int*)((char*)0x19E364 + (4 * 5)), *(int*)((char*)0x19E364 + (4 * 6))); //Old1359130(v, *(int*)((char*)0x19E364 + (4 * 2)), *(int*)((char*)0x19E364 + (4 * 3))); //std::cout << "Q: " << Sq_gettop(v) << std::endl; Sq_pushroottable(v); Sq_pushstring(v, L"L_DrawWindow_A", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_call(v, 1, SQFalse, SQTrue); } Sq_settop(v, Top); Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"L_drawMainCustomUI_All", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_call(v, 1, SQFalse, SQTrue); } Sq_settop(v, Top); //std::cout << "H: " << Sq_gettop(v) << std::endl; } return Ret; } static void InitBin() { void* buf = malloc(81443744); int readsize; typedef bool(_59E3D0)(wchar_t* path, void* buffer, int a3, int* a4); _59E3D0* SUB_59E3D0 = (_59E3D0*)0x59E3D0; bool a = SUB_59E3D0(L"stringtable.bin", buf, 81443744, &readsize); if (a) { IO_Ex pvf((char*)buf, readsize); int Count = pvf.GetInt(); int CurrentIndex = 0; for (int i = 0; i < Count; i++) { pvf.seek(CurrentIndex * 4 + 4); int StartPos = pvf.GetInt(); int EndPos = pvf.GetInt(); int Len = EndPos - StartPos; pvf.seek(StartPos + 4); std::string Str = pvf.GetString(Len); StringBin.push_back(Str); CurrentIndex++; } } free(buf); } // 捕获函数 void CaptureSQPrint(HSQUIRRELVM v, const SQChar* format, ...) { va_list args; va_start(args, format); int requiredSize = _vscwprintf(format, args) + 1; // 计算所需长度 static wchar_t* capturedWString = new wchar_t[requiredSize]; // 安全地格式化字符串 vswprintf(capturedWString, requiredSize, format, args); va_end(args); std::wcout << capturedWString << std::endl; } //HookNut函数注册 typedef void(__cdecl _Register_Nut)(); static _Register_Nut* Register_Nut_Old; void __cdecl H_Register_Nut() { //原始注册逻辑 Register_Nut_Old(); static bool init = false; if (!init) { init = true; HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; //读取bin文件字符串 InitBin(); //注册我自己的nut函数 R_Register_Nut(); sq_setprintfunc(v,CaptureSQPrint); //本地逻辑直接读取配置文件来加载nut #ifndef SELL Sq_pushroottable(v); Sq_pushstring(v, L"RINDROLOCAL", -1); Sq_pushbool(v, true); sq_newslot(v, -3, SQFalse); Sq_pop(v, 1); std::ifstream f("sqr/FileConfig.json"); nlohmann::json Jso = nlohmann::json::parse(f); f.close(); //加载基础脚本 for (const auto& elem : Jso["BaseScript"]) { if (elem.is_string()) { std::string line = elem.get(); std::string ContentString = ""; std::fstream F; F.open(("sqr/" + line).c_str(), std::ios::in); if (F.is_open()) { std::stringstream ContentStringStream; ContentStringStream << F.rdbuf(); ContentString = (ContentStringStream.str()); F.close(); } std::wstring filename = DNFTOOL::charTowchar_t((char*)line.c_str(), line.length()); std::wstring str = DNFTOOL::charTowchar_t((char*)ContentString.c_str(), ContentString.length()); if (sq_mycompilebuffer(v, str.c_str(), str.length(), filename.c_str(), false) >= 0) { Sq_pushroottable(v); Sq_call(v, 1, SQTrue, SQFalse); Sq_pop(v, 1); } } } //加载项目脚本 for (const auto& elem : Jso["ProjectScript"]) { if (!Jso.contains("Enabled") || Jso["ProjectScript"] == true) { for (const auto& path : elem["Script"]) { if (path.is_string()) { std::string line = path.get(); std::string ContentString = ""; std::fstream F; F.open(("sqr/" + line).c_str(), std::ios::in); if (F.is_open()) { std::stringstream ContentStringStream; ContentStringStream << F.rdbuf(); ContentString = (ContentStringStream.str()); F.close(); } std::wstring filename = DNFTOOL::charTowchar_t((char*)line.c_str(), line.length()); std::wstring str = DNFTOOL::charTowchar_t((char*)ContentString.c_str(), ContentString.length()); if (sq_mycompilebuffer(v, str.c_str(), str.length(), filename.c_str(), false) >= 0) { Sq_pushroottable(v); Sq_call(v, 1, SQTrue, SQFalse); Sq_pop(v, 1); } } } } else { std::cout << "weiqiyong" << std::endl; } } #endif // !SELL } } //HOOK绘制字体 typedef void(__fastcall* DrawCode)(DWORD thisc, int Seat, int a3, int a4, int a5, int a6); static DrawCode DrawCodeF; typedef int(_fastcall _DrawOtherPlayer_Img)(int thisc, void*, int X, int Y, int Img); static _DrawOtherPlayer_Img* DrawOtherPlayer_Img = (_DrawOtherPlayer_Img*)0x11A8F60; void _fastcall H_Register_DrawCode(DWORD thisc, int Seat, int a3, int a4, int a5, int a6) { //std::cout << std::hex << a6 << std::endl; wchar_t* strbuffer = (wchar_t*)a6; if (strbuffer == NULL)return; wchar_t* clone = new wchar_t[wcslen(strbuffer) + 2]; wcscpy(clone, strbuffer); std::string GameStr; DNFTOOL::Wchar_tToString(GameStr, clone); delete[]clone; return DrawCodeF(thisc, Seat, a3, a4, a5, a6); } //HOOK Item颜色 extern std::map< int, int>ItemColorMap; typedef DWORD(_cdecl _OldHookEquNameColor)(int rarity); static _OldHookEquNameColor* OldHookEquNameColor; DWORD _cdecl HookEquNameColor(int rarity) { DWORD OldColor = OldHookEquNameColor(rarity); switch (rarity) { case 6: return 0xFF0055FF; case 7: return 0xFF9314FF; case 8: return 0xFF1CBC0C; case 9: return 0xFFACFF08; } return OldColor; } typedef DWORD(_fastcall _OldHookItemColor)(DWORD thisc, DWORD Seat); static _OldHookItemColor* OldHookItemColor; DWORD _fastcall HookItemColor(DWORD thisc, DWORD Seat) { int ItemCode = *(int*)(thisc + 0x1C); if (ItemColorMap.count(ItemCode) == 1) { return ItemColorMap[ItemCode]; } //不在注册项目颜色map里就执行原颜色获取 int Rarity = *(int*)(thisc + 0xF4); int color = HookEquNameColor(Rarity); return color; } //Hook发包相关 static SendPacksType _OldSendPackType; int __fastcall NewSendPacksType(DWORD thisc, int Seat, int Parm) { if (InitGameFlag) { HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_SendPackType_Event", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, Parm); Sq_call(v, 2, SQFalse, SQTrue); } Sq_settop(v, Top); return _OldSendPackType(thisc, 0, Parm); } return _OldSendPackType(thisc, 0, Parm); } static SendPacksByte _OldSendPackByte; int __fastcall NewSendPacksByte(DWORD thisc, int Seat, int Parm) { if (InitGameFlag) { HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_SendPackByte_Event", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, Parm); Sq_call(v, 2, SQFalse, SQTrue); } Sq_settop(v, Top); } return _OldSendPackByte(thisc, 0, Parm); } static SendPacksWORD _OldSendPackWord; int __fastcall NewSendPacksWord(DWORD thisc, int Seat, int Parm) { if (InitGameFlag) { HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_SendPackWord_Event", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, Parm); Sq_call(v, 2, SQFalse, SQTrue); } Sq_settop(v, Top); } return _OldSendPackWord(thisc, 0, Parm); } static SendPacksDWORD _OldSendPackDWord; int __fastcall NewSendPacksDWord(DWORD thisc, int Seat, int Parm) { if (InitGameFlag) { HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_SendPackDWord_Event", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, Parm); Sq_call(v, 2, SQFalse, SQTrue); } Sq_settop(v, Top); } return _OldSendPackDWord(thisc, 0, Parm); } static SendPacksChar _OldSendPackChar; int __fastcall NewSendPacksChar(DWORD thisc, int Seat, char* Parm, int Size) { if (InitGameFlag) { HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_SendPackChar_Event", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushstring(v, (SQChar*)Parm, Size); Sq_call(v, 2, SQFalse, SQTrue); } Sq_settop(v, Top); } return _OldSendPackChar(thisc, 0, Parm, Size); } static SendPacks* _OldSend; int NewSend() { if (InitGameFlag) { HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_SendPack_Event", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_call(v, 1, SQFalse, SQTrue); } Sq_settop(v, Top); } return _OldSend(); } //Exe索引字符串函数Hook typedef int(_cdecl _sub1220590)(int a1); static _sub1220590* sub1220590 = (_sub1220590*)0x1220590; int _cdecl Newsub1220590(int a1) { if (InitGameFlag) { SQInteger StrIndex = a1; HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_GetExeStr_Event", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, a1); Sq_call(v, 2, SQTrue, SQTrue); Sq_getinteger(v, -1, &StrIndex); } Sq_settop(v, Top); return sub1220590(StrIndex); } return sub1220590(a1); } //绘制Item_图标 typedef int(_fastcall _sub11A8F60)(DWORD a1, DWORD Seat, int a2, int a3, int a4); static _sub11A8F60* sub11A8F60; int _fastcall newsub11A8F60(DWORD a1, DWORD Seat, int a2, int a3, int a4) { if (InitGameFlag) { HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_DrawItemBack", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, a2); Sq_pushinteger(v, a3); Sq_pushinteger(v, a4); Sq_call(v, 4, SQFalse, SQTrue); } Sq_settop(v, Top); int ret = sub11A8F60(a1, 0, a2, a3, a4); Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_DrawItemFront", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, a2); Sq_pushinteger(v, a3); Sq_pushinteger(v, a4); Sq_call(v, 4, SQFalse, SQTrue); } Sq_settop(v, Top); return ret; } return sub11A8F60(a1, 0, a2, a3, a4); } //活动图标 typedef DWORD** (_fastcall _Event)(DWORD thisc, DWORD Seat, DWORD a2, DWORD** a3, char a4); static _Event* OldEvent; DWORD** _fastcall NewEvent(DWORD thisc, DWORD Seat, DWORD a2, DWORD** a3, char a4) { if ((int)a4 == 1 && (int)a3 == 96527 /*&& a2 <= 536 && ((a2 - 456)%20 == 0)*/)//事先修改了活动图标的Y轴在进行HOOK以便修改 { int X, Y; HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_Get_Event_Pos_X", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_call(v, 1, SQTrue, SQTrue); Sq_getinteger(v, -1, &X); } Sq_settop(v, Top); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_Get_Event_Pos_Y", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_call(v, 1, SQTrue, SQTrue); Sq_getinteger(v, -1, &Y); } Sq_settop(v, Top); a2 += X; a3 = (DWORD**)Y; } return OldEvent(thisc, Seat, a2, a3, a4); } //选择频道 typedef void(_fastcall _10F2700)(DWORD thisc, DWORD Seat, int a2); static _10F2700* Old10F2700; void _fastcall New10F2700(DWORD thisc, DWORD Seat, int a2) { Old10F2700(thisc, Seat, a2); static bool Flag = false; if (!Flag && thisc) { for (size_t i = 0; i < 28; i++) { int addr = *(int*)(thisc + (0x4 * i) + 0x1c); int value = *(int*)(addr + 0x14); *(int*)(addr + 0x14) = value + 133; } Flag = true; } return; } //选择服务器 typedef void (_fastcall _FC9440)(DWORD thisc, DWORD Seat,int a2); static _FC9440* OldFC9440; void _fastcall NewFC9440(DWORD thisc, DWORD Seat,int a2) { OldFC9440(thisc, Seat, a2); //游戏开始按钮 *(int*)((*(int*)(thisc + 0x1c0)) + 0x14) = 470; return; } //选择角色 typedef void(_fastcall _10F7660)(DWORD thisc, DWORD Seat,int a3); static _10F7660* Old10F7660; void _fastcall New10F7660(DWORD thisc, DWORD Seat, int a3) { Old10F7660(thisc, Seat, a3); static bool Flag = false; if (!Flag && thisc) { //其他按钮 for (size_t i = 0; i < 5; i++) { int addr = *(int*)(thisc + (0x4 * i) + 0x70); int value = *(int*)(addr + 0x14); *(int*)(addr + 0x14) = value + 133; } //选择频道按钮 { int addr = *(int*)(thisc + 0x15c); int value = *(int*)(addr + 0x14); *(int*)(addr + 0x14) = value + 133; } //滚轮进度条 for (size_t i = 0; i < 8; i++) { int addr = *(int*)(thisc + (0x4 * i) + 0xA0); int value = *(int*)(addr + 0x14); *(int*)(addr + 0x14) = value + 133; } //滚轮上下按钮 for (size_t i = 0; i < 2; i++) { int addr = *(int*)(thisc + (0x4 * i) + 0x16c); int value = *(int*)(addr + 0x14); *(int*)(addr + 0x14) = value + 133; } //冒险团描述和进度按钮 { int addr = *(int*)(thisc + 0x34c); int value = *(int*)(addr + 0x14); *(int*)(addr + 0x14) = value + 133; addr = *(int*)(addr + 0x2c0); value = *(int*)(addr + 0x14); *(int*)(addr + 0x14) = value + 133; } Flag = true; } return ; } //HOOK PushString typedef uint32_t(__cdecl* LSqPushStringFunc)(uint32_t v, const wchar_t* s, uint32_t l); LSqPushStringFunc LrealSqPushString; uint32_t __cdecl LMySqPushString(uint32_t v, const wchar_t* s, uint32_t l) { //获取技能攻击力 if (!wcscmp(s, L"getCurrentModuleDamageRate")) { return LrealSqPushString(v, L"L_getCurrentModuleDamageRate", l); } return LrealSqPushString(v, s, l); } //GetIntData typedef DWORD(_fastcall _908510)(DWORD thisc, DWORD Seat, DWORD a2, int a3); static _908510* Old908510; DWORD _fastcall New908510(DWORD thisc, DWORD Seat, DWORD a2, int a3) { if (a3 != *(int*)0x1AB7CDC)return Old908510(thisc, Seat, a2, a3); SQInteger NutAddValue = 0; HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_Get_Ex_IntData", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, thisc); Sq_pushinteger(v, a2); Sq_pushinteger(v, a3); Sq_call(v, 4, SQTrue, SQTrue); Sq_getinteger(v, -1, &NutAddValue); } Sq_settop(v, Top); return NutAddValue + Old908510(thisc, Seat, a2, a3); } //读取冷却 typedef DWORD(_fastcall _909020)(DWORD thisc, DWORD Seat, DWORD a2, int a3); static _908510* Old909020; DWORD _fastcall New909020(DWORD thisc, DWORD Seat, DWORD a2, int a3) { if (a3 != *(int*)0x1AB7CDC)return Old909020(thisc, Seat, a2, a3); SQInteger NutAddValue = 0; HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_Get_Ex_IntData", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, thisc); Sq_pushinteger(v, a2); Sq_pushinteger(v, a3); Sq_call(v, 4, SQTrue, SQTrue); Sq_getinteger(v, -1, &NutAddValue); } Sq_settop(v, Top); return NutAddValue + Old909020(thisc, Seat, a2, a3); } //原生角色Get typedef DWORD(_fastcall _90A4A0)(DWORD thisc, DWORD Seat, DWORD a2, int a3); static _90A4A0* Old90A4A0; DWORD _fastcall New90A4A0(DWORD thisc, DWORD Seat, DWORD a2, int a3) { if (!InitGameFlag)return Old90A4A0(thisc, Seat, a2, a3); if (a3 != *(int*)0x1AB7CDC)return Old90A4A0(thisc, Seat, a2, a3); SQInteger NutAddValue = 0; HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_Get_Ex_IntData", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, thisc); Sq_pushinteger(v, a2); Sq_pushinteger(v, a3); Sq_call(v, 4, SQTrue, SQTrue); Sq_getinteger(v, -1, &NutAddValue); } Sq_settop(v, Top); int ret = NutAddValue + Old90A4A0(thisc, Seat, a2, a3); return ret; } //获取技能对象 typedef int __fastcall sub_TTTTTT(int a1, int a2, int a3); static sub_TTTTTT* TFuncsub_GetSkillAddress = (sub_TTTTTT*)0x8406C0; //Nut角色Get1 typedef DWORD(_fastcall _BA89D0)(DWORD thisc, DWORD Seat, DWORD a2, DWORD a3, DWORD a4); static _BA89D0* OldBA89D0; DWORD _fastcall NewBA89D0(DWORD thisc, DWORD Seat, DWORD a2, DWORD a3, DWORD a4) { if (!InitGameFlag)return OldBA89D0(thisc, Seat, a2, a3, a4); if (a3 != *(int*)0x1AB7CDC)return OldBA89D0(thisc, Seat, a2, a3, a4); DWORD ADDRESS = TFuncsub_GetSkillAddress(thisc, 0, a3); SQInteger NutAddValue = 0; HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_Get_Ex_LevelData", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, ADDRESS); Sq_pushinteger(v, a2); Sq_pushinteger(v, thisc); Sq_call(v, 4, SQTrue, SQTrue); Sq_getinteger(v, -1, &NutAddValue); } Sq_settop(v, Top); int ret = NutAddValue + OldBA89D0(thisc, Seat, a2, a3, a4); return ret; } //Nut角色Get2 typedef DWORD(_5A40E0)(DWORD a1, DWORD a2, DWORD a3, DWORD a4); static _5A40E0* Old5A40E0; DWORD New5A40E0(DWORD a1, DWORD a2, DWORD a3, DWORD a4) { if (!InitGameFlag)return Old5A40E0(a1, a2, a3, a4); if (a3 != *(int*)0x1AB7CDC)return Old5A40E0(a1, a2, a3, a4); DWORD ADDRESS = TFuncsub_GetSkillAddress(a1, 0, a2); SQInteger NutAddValue = 0; HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_Get_Ex_LevelData", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, ADDRESS); Sq_pushinteger(v, a3); Sq_pushinteger(v, a1); Sq_call(v, 4, SQTrue, SQTrue); Sq_getinteger(v, -1, &NutAddValue); } Sq_settop(v, Top); int ret = NutAddValue + Old5A40E0(a1, a2, a3, a4); return ret; } //描述对象HOOK typedef struct LevelDataBuffer { DWORD SkillAddresss; DWORD SkillIdx; DWORD ObjectAddress; } RELevelDataBufferG; LevelDataBuffer _LevelDataBuffer = { 0 }; typedef DWORD(_75D1F0)(DWORD thisc); static _75D1F0* Old75D1F0; DWORD New75D1F0(DWORD thisc) { if (!InitGameFlag)return Old75D1F0(thisc); if (_LevelDataBuffer.ObjectAddress != *(int*)0x1AB7CDC)return Old75D1F0(thisc); SQInteger NutAddValue = 0; HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"Sq_Get_Ex_LevelData", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, _LevelDataBuffer.SkillAddresss); Sq_pushinteger(v, _LevelDataBuffer.SkillIdx); Sq_pushinteger(v, _LevelDataBuffer.ObjectAddress); Sq_call(v, 4, SQTrue, SQTrue); Sq_getinteger(v, -1, &NutAddValue); } Sq_settop(v, Top); if (NutAddValue != 0) { int ret = NutAddValue + Old75D1F0(thisc); _LevelDataBuffer.SkillAddresss = 0; _LevelDataBuffer.SkillIdx = 0; _LevelDataBuffer.ObjectAddress = 0; return ret; } return Old75D1F0(thisc); } typedef DWORD(__fastcall _44E620)(void* thisc,DWORD Seat); static _44E620* Old44E620; DWORD __fastcall New44E620(void* thisc, DWORD Seat) { //*(int*)((char*)thisc + 0xC) = 256; DWORD Ret = Old44E620(thisc, Seat); HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"L_Old_Window_Get", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, (int)thisc); Sq_call(v, 2, SQFalse, SQTrue); } Sq_settop(v, Top); return Ret; } typedef char(__fastcall _11B3B70)(void* thisc, DWORD Seat,char Flag); static _11B3B70* Old11B3B70; char __fastcall New11B3B70(void* thisc, DWORD Seat, char Flag) { char Ret = Old11B3B70(thisc, Seat, Flag); HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"L_Old_Window_Visible", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, (int)thisc); Sq_pushinteger(v, (int)Flag); Sq_call(v, 3, SQFalse, SQTrue); } Sq_settop(v, Top); return Ret; } typedef char(__fastcall _11D43A0)(void* thisc, DWORD Seat); static _11D43A0* Old11D43A0; char __fastcall New11D43A0(void* thisc, DWORD Seat) { //char Ret = Old11D43A0(thisc, Seat); HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); SQBool Flag; Sq_pushroottable(v); Sq_pushstring(v, L"L_Character_Info_Window", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, (int)thisc); Sq_call(v, 2, SQTrue, SQTrue); Sq_getbool(v, -1, &Flag); } Sq_settop(v, Top); if(!Flag)return Old11D43A0(thisc, Seat); return 0; } typedef DWORD(__fastcall _7CDA30)(void* thisc, DWORD Seat, DWORD*a2, DWORD a3, DWORD a4, DWORD a5, DWORD a6); static _7CDA30* Old7CDA30; DWORD __fastcall New7CDA30(void* thisc, DWORD Seat, DWORD* a2, DWORD a3, DWORD a4, DWORD a5, DWORD a6) { DWORD Ret = Old7CDA30(thisc, Seat, a2, a3, a4, a5, a6); //std::cout << "相机坐标: " << *(int*)((int)thisc + 0x638) << std::endl; HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); SQBool Flag; Sq_pushroottable(v); Sq_pushstring(v, L"L_Sync_Camera_Pos", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v,(int)thisc); Sq_call(v, 2, SQFalse, SQTrue); } Sq_settop(v, Top); return Ret; } typedef int(_fastcall _Get_Img)(int thisc, void*, int a2); static _Get_Img* OldGet_Img; int _fastcall NewGet_Img(int thisc, void*, int a2) { return OldGet_Img(thisc, 0, a2); } typedef int(_fastcall _4294A0)(int thisc, void*,int a2); static _4294A0* Old4294A0; int _fastcall New4294A0(int thisc, void*,int a2) { return 0; return Old4294A0(thisc, 0,a2); } typedef int(_fastcall _FFDC60)(int thisc, void*, int a2,int a3 ,int a4); static _FFDC60* OldFFDC60; int _fastcall NewFFDC60(int thisc, void*, int a2, int a3, int a4) { //return 0; int X = *(int*)0x1B4686C; int Y = *(int*)0x1B46870; SQInteger Flag = 0; HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"SyncRindro_Cursor", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, X); Sq_pushinteger(v, Y); Sq_call(v,3, SQTrue, SQTrue); Sq_getinteger(v, -1, &Flag); } Sq_settop(v, Top); if (Flag == 1)return 0; return OldFFDC60(thisc, 0, a2,a3,a4); } typedef int(_fastcall _4017F0)(int thisc, void* a2, char* str, int a3); static _4017F0* Old4017F0; int _fastcall New4017F0(int thisc, void* a2, char* str, int a3) { static int idx = 0; std::string Buf(str, a3); StringBin.push_back(Buf); idx++; return Old4017F0(thisc, a2, str,a3); } //怪物头像绘制HOOK typedef int(__fastcall _43A1B0)(DWORD thisc, DWORD Seat, int Xpos , int Ypos); static _43A1B0* Old43A1B0; int __fastcall New43A1B0(DWORD thisc, DWORD Seat, int Xpos, int Ypos) { SQBool Flag = true; HSQUIRRELVM v = *(HSQUIRRELVM*)0x1AF3544; SQInteger Top = Sq_gettop(v); Sq_pushroottable(v); Sq_pushstring(v, L"L_Rindro_MonsterEXControl_Face", -1); if (SQ_SUCCEEDED(Sq_get(v, -2))) { Sq_pushroottable(v); Sq_pushinteger(v, *(DWORD*)(thisc + 8)); Sq_pushinteger(v, Xpos); Sq_pushinteger(v, Ypos); Sq_call(v, 4, SQTrue, SQTrue); Sq_getbool(v, -1, &Flag); } Sq_settop(v, Top); if(Flag)return Old43A1B0(thisc, Seat, Xpos, Ypos); return 0; } // 原函数指针类型定义 typedef DWORD*(__stdcall _744CB0)(DWORD thisc, DWORD Address, DWORD S); static _744CB0* Old744CB0; DWORD* __stdcall New744CB0(DWORD Idx, DWORD Address, DWORD S) { if (Idx == 370) { std::cout << std::hex << Address << std::endl; } //std::cout << "regist： " << *(int*)Idx << std::endl; return Old744CB0(Idx, Address, S); } void RegisterHook() { //InlineHook// //玩家菜单选项HOOK 有回调 inlinehook SSS(0x001004B52, (int)&PlayerEach2); SSS.Motify_address(); //修复滚轮 //inlinehook MMM(0x011BDE05, (int)&MouseWheelUp); //MMM.Motify_address(); //窗口绘制HOOK inlinehook WindowDrawHook(0x066BE9A, (int)&DrawWindow_B_Hook); WindowDrawHook.Motify_address(); //伤害HOOK inlinehook DamageHook(0xE5A2DE, (int)&Damage_Hook); DamageHook.Motify_address(); //丢弃道具的HOOK inlinehook DiscardItemHook(0xE71E9C, (int)&DiscardItem_Hook); DiscardItemHook.Motify_address(); inlinehook DiscardItemHookB(0xE71E83, (int)&DiscardItemB_Hook); DiscardItemHookB.Motify_address(); //怪物种族绘制HOOK inlinehook MonsetrRaceHook(0x43A862, (int)&MonsetrRace_Hook); MonsetrRaceHook.Motify_address(); //血槽背景层Hook （图标绘制也在这里） inlinehook HudBloodBackgroundHook(0x04CA035, (int)&HudBloodBackground); HudBloodBackgroundHook.Motify_address(); ////读取StringBin文件 //inlinehook ReadStringBinHookA(0x119F2F8, (int)&ReadStringBin_HookA); //ReadStringBinHookA.Motify_address(); //inlinehook ReadStringBinHookB(0x119F2C0, (int)&ReadStringBin_HookB); //ReadStringBinHookB.Motify_address(); //Fundction Hook// MH_Initialize(); //FILE* mengyiqufile = fopen("mengyiqukey.dll", "rb"); //if (!mengyiqufile) //{ // MH_CreateHook(&connect, &HookedConnect, reinterpret_cast(&pOriginalConnect)); // MH_EnableHook(&connect); //} //else fclose(mengyiqufile); //MH_CreateHook(&sendto, &HookedSendTo, reinterpret_cast(&originalSendTo)); //MH_EnableHook(&sendto); //关闭原版商城 //MH_CreateHook((void*)0x4294A0, &New4294A0, reinterpret_cast(&Old4294A0)); //MH_EnableHook((void*)0x4294A0); // hook注册包 //MH_CreateHook((void*)0x744CB0, &New744CB0, reinterpret_cast(&Old744CB0)); //MH_EnableHook((void*)0x744CB0); //绘制鼠标 MH_CreateHook((void*)0xFFDC60, &NewFFDC60, reinterpret_cast(&OldFFDC60)); MH_EnableHook((void*)0xFFDC60); //MH_CreateHook((void*)0x11AA190, &NewGet_Img, reinterpret_cast(&OldGet_Img)); //MH_EnableHook((void*)0x11AA190); //镜头坐标HOOK MH_CreateHook((void*)0x7CDA30, &New7CDA30, reinterpret_cast(&Old7CDA30)); MH_EnableHook((void*)0x7CDA30); //窗口遍历事件 MH_CreateHook((void*)0x44E620, &New44E620, reinterpret_cast(&Old44E620)); MH_EnableHook((void*)0x44E620); //窗口打开事件Hook 为了写UI框架打开原生窗口将渲染队列切换为下层 MH_CreateHook((void*)0xE6E070, &NewOpenWindow, reinterpret_cast(&OldOpenWindow)); MH_EnableHook((void*)0xE6E070); //鼠标事件HOOK MH_CreateHook((void*)0x11BDC90, &New11BDC90, reinterpret_cast(&Old11BDC90)); MH_EnableHook((void*)0x11BDC90); //N键大地图 MH_CreateHook((void*)0x1030C30, &New1030C30, reinterpret_cast(&Old1030C30)); MH_EnableHook((void*)0x1030C30); //官方的组合NutHook MH_CreateHook((void*)0x674030, &New674030, reinterpret_cast(&Old674030)); MH_EnableHook((void*)0x674030); //DrawMain HOOK MH_CreateHook((void*)0x4C61F0, &New4C61F0, reinterpret_cast(&Old4C61F0)); MH_EnableHook((void*)0x4C61F0); //伤害字体 HOOK MH_CreateHook((void*)0x7EEED0, &New7EEED0, reinterpret_cast(&Old7EEED0)); MH_EnableHook((void*)0x7EEED0); //Hook收包 MH_CreateHook((void*)0x721EA0, &H_Register_Pack, reinterpret_cast(&Lpfn_Init)); MH_EnableHook((void*)0x721EA0); //HookNut函数注册 MH_CreateHook((void*)0x67B910, &H_Register_Nut, reinterpret_cast(&Register_Nut_Old)); MH_EnableHook((void*)0x67B910); //Hook绘制字符 //MH_CreateHook((void*)0x1206BD0, &H_Register_DrawCode, reinterpret_cast(&DrawCodeF)); //MH_EnableHook((void*)0x1206BD0); //HOOK获取绘制颜色 MH_CreateHook((void*)0x7AB080, &HookItemColor, reinterpret_cast(&OldHookItemColor)); MH_EnableHook((void*)0x7AB080); //HOOK根据品级得到颜色 MH_CreateHook((void*)0x7AAD00, &HookEquNameColor, reinterpret_cast(&OldHookEquNameColor)); MH_EnableHook((void*)0x7AAD00); //Hook发包相关 //HOOK发包类型 //MH_CreateHook((void*)0x1127D60, &NewSendPacksType, reinterpret_cast(&_OldSendPackType)); //MH_EnableHook((void*)0x1127D60); //MH_CreateHook((void*)0x1128550, &NewSendPacksByte, reinterpret_cast(&_OldSendPackByte)); //MH_EnableHook((void*)0x1128550); //MH_CreateHook((void*)0x1128580, &NewSendPacksWord, reinterpret_cast(&_OldSendPackWord)); //MH_EnableHook((void*)0x1128580); //MH_CreateHook((void*)0x11285B0, &NewSendPacksDWord, reinterpret_cast(&_OldSendPackDWord)); //MH_EnableHook((void*)0x11285B0); //MH_CreateHook((void*)0x11285E0, &NewSendPacksChar, reinterpret_cast(&_OldSendPackChar)); //MH_EnableHook((void*)0x11285E0); //MH_CreateHook((void*)0x1127EC0, &NewSend, reinterpret_cast(&_OldSend)); //MH_EnableHook((void*)0x1127EC0); //exe字符串索引 MH_CreateHook((void*)0x1220590, &Newsub1220590, reinterpret_cast(&sub1220590)); MH_EnableHook((void*)0x1220590); //绘制Item_图标 MH_CreateHook((void*)0x11A8F60, &newsub11A8F60, reinterpret_cast(&sub11A8F60)); MH_EnableHook((void*)0x11A8F60); //如果加载了百级UI FILE* file = fopen("ImagePacks2/!HUD_Yosin百级UI.NPK", "rb"); if (file) { Yosin百级UIFlag = true; //BUFF图标显示 inlinehook BuffIconHook(0x04C8C14, (int)&BuffIcon_Hook); BuffIconHook.Motify_address(); //BUFF图标文字标识 inlinehook BuffIconHookB(0x04BF55E, (int)&BuffIcon_Hook_B); BuffIconHookB.Motify_address(); //活动图标 MH_CreateHook((void*)0x11B4030, &NewEvent, reinterpret_cast(&OldEvent)); MH_EnableHook((void*)0x11B4030); //选择服务器 //MH_CreateHook((void*)0xFC9440, &NewFC9440, reinterpret_cast(&OldFC9440)); //MH_EnableHook((void*)0xFC9440); //选择频道界面 MH_CreateHook((void*)0x10F2700, &New10F2700, reinterpret_cast(&Old10F2700)); MH_EnableHook((void*)0x10F2700); //选择角色 MH_CreateHook((void*)0x10F7660, &New10F7660, reinterpret_cast(&Old10F7660)); MH_EnableHook((void*)0x10F7660); inlinehook SelectCharacter(0x10F79C9, (int)&SelectCharacter_Hook); SelectCharacter.Motify_address(); inlinehook SelectCharacter1(0x10F7B43, (int)&SelectCharacter_Hook1); SelectCharacter1.Motify_address(); inlinehook SelectCharacter2(0x10F7F89, (int)&SelectCharacter_Hook2); SelectCharacter2.Motify_address(); inlinehook SelectCharacter3(0x10F8311, (int)&SelectCharacter_Hook3); SelectCharacter3.Motify_address(); inlinehook SelectCharacter4(0x10F8436, (int)&SelectCharacter_Hook4); SelectCharacter4.Motify_address(); inlinehook SelectCharacter5(0x10F85EA, (int)&SelectCharacter_Hook5); SelectCharacter5.Motify_address(); inlinehook SelectCharacter6(0x10F2C6E, (int)&SelectCharacter_Hook6); SelectCharacter6.Motify_address(); inlinehook SelectCharacter7(0x10F3478, (int)&SelectCharacter_Hook7); SelectCharacter7.Motify_address(); fclose(file); } //HOOK PushString MH_CreateHook((void*)0x1358A60, &LMySqPushString, reinterpret_cast(&LrealSqPushString)); MH_EnableHook((void*)0x1358A60); //读取静态数据 MH_CreateHook((void*)0x908510, &New908510, reinterpret_cast(&Old908510)); MH_EnableHook((void*)0x908510); //读取冷却 MH_CreateHook((void*)0x909020, &New909020, reinterpret_cast(&Old909020)); MH_EnableHook((void*)0x909020); //读取动态数据 MH_CreateHook((void*)0x090A4A0, &New90A4A0, reinterpret_cast(&Old90A4A0)); MH_EnableHook((void*)0x090A4A0); MH_CreateHook((void*)0x0BA89D0, &NewBA89D0, reinterpret_cast(&OldBA89D0)); MH_EnableHook((void*)0x0BA89D0); MH_CreateHook((void*)0x05A40E0, &New5A40E0, reinterpret_cast(&Old5A40E0)); MH_EnableHook((void*)0x05A40E0); //技能描述对象HOOK MH_CreateHook((void*)0x075D1F0, &New75D1F0, reinterpret_cast(&Old75D1F0)); MH_EnableHook((void*)0x075D1F0); //窗口设置显示与隐藏 MH_CreateHook((void*)0x11B3B70, &New11B3B70, reinterpret_cast(&Old11B3B70)); MH_EnableHook((void*)0x11B3B70); //个人面板的属性信息遍历 //MH_CreateHook((void*)0x11D43A0, &New11D43A0, reinterpret_cast(&Old11D43A0)); //MH_EnableHook((void*)0x11D43A0); //怪物头像绘制 Hook MH_CreateHook((void*)0x43A1B0, &New43A1B0, reinterpret_cast(&Old43A1B0)); MH_EnableHook((void*)0x43A1B0); //他人信息Hook 数值 //MH_CreateHook((void*)0xFA42D0, &NewFA42D0, reinterpret_cast(&OldFA42D0)); //MH_EnableHook((void*)0xFA42D0); //他人信息Hook 图标 //MH_CreateHook((void*)0xFA8230, &NewFA8230, reinterpret_cast(&OldFA8230)); //MH_EnableHook((void*)0xFA8230); }