LOL人物基址特征码
#include <windows.h>#include <vector>
ObjectStruct *Player;
struct ObjectStruct {
char name;
};
void FindOffsets() {
DWORD *LocalPlayerPtr = NULL;
HANDLE handle = GetModuleHandle(NULL);
byte *start = (byte*)handle;
byte *end = (byte*)0x00900000;
byte LocalPlayerPattern[] = { 0xFF, 0x50, 0x10, 0x3B, 0x30, 0x74, 0x05, 0x5F, 0x32, 0xC0 };
/*
007123E4 FF50 10 CALL NEAR DWORD PTR DS:
007123E7 3B30 CMP ESI, DWORD PTR DS:
007123E9 74 05 JE SHORT Dumped.007123F0
007123EB 5F POP EDI
007123EC 32C0 XOR AL, AL
007123EE 5E POP ESI
007123EF C3 RETN
*/
/*
00861CA4 FF50 10 CALL NEAR DWORD PTR DS:
00861CA7 3B30 CMP ESI, DWORD PTR DS:
00861CA9 74 05 JE SHORT Dumped.00861CB0
00861CAB 5F POP EDI
00861CAC 32C0 XOR AL, AL
00861CAE 5E POP ESI
00861CAF C3 RETN
*/
while (start != end){
if (!memcmp(start, LocalPlayerPattern, sizeof(LocalPlayerPattern))){
LocalPlayerPtr = (DWORD*)(*(int*)(start - 0x1E));
printf("人物基址=0x%06X\n", LocalPlayerPtr);
Player = (ObjectStruct*)*LocalPlayerPtr;
}
if (LocalPlayerPtr )
{
return;
}
start++;
}
}
BOOL APIENTRY DllMain(HMODULE hModule, DWORD dwReason, LPVOID lpReserved) {
switch (dwReason) {
case DLL_PROCESS_ATTACH:
AllocConsole();
SetConsoleTitleA("LOL 人物基址獲取");
FILE* fh;
freopen_s(&fh, "CONOUT[ DISCUZ_CODE_0 ]quot;, "wb", stdout);
FindOffsets();
printf("當前玩家名稱=%s\n",Player->name);
//LocalPlayerPtr + 0x24 = 玩家名 文本型(text) 長度16
//LocalPlayerPtr + 0x18 = 當前團隊陣營 默認100(4字節)
// 修改0 隊友變敵人 敵人依然是敵人
// 修改200 隊友變敵人 敵人變隊友
// 各位大牛 用CE試試吧
// 期待各位大牛 找到其他偏移 嘎嘎
// 附CT一份 CE直接加載
case DLL_PROCESS_DETACH:
//FreeConsole();
;
}
}
感谢楼主的无私奉献
现在玩LOL还真多
好是好,但是就是看不懂
看不懂啊。。。。。。。。。
感谢楼主的无私奉献{:5_188:}
看来楼主是FZ高手啊 找基址大神
找到这有什么用啊?
膜拜楼主大大!辛苦了