分亨某遊戲外掛，喫紅，喫藍，自動打怪源碼

 

C/C++ code

HWND hwnd= ::FindWindow(NULL,"YB_OnlineClient"); if(hwnd==NULL) { ::AfxMessageBox("獲取窗口句柄失敗"); return; } DWORD pid=0; ::GetWindowThreadProcessId(hwnd,&pid); CString cs; OpenProcessPrivate(pid,cs); HANDLE hpid=OpenProcess(PROCESS_CREATE_THREAD| //允許遠程創建線程 PROCESS_VM_OPERATION | //VM操作 PROCESS_VM_READ| PROCESS_VM_WRITE,FALSE,pid); if(hpid==NULL) { DWORD errid=::GetLastError(); LPSTR lpBuffer; FormatMessage ( FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_IGNORE_INSERTS | FORMAT_MESSAGE_FROM_SYSTEM, NULL, errid, // 此乃錯誤代碼，通常在程序中可由 GetLastError()得之 LANG_NEUTRAL, (LPTSTR) & lpBuffer, 0 , NULL ); CString strErrorCause = lpBuffer ? _T(lpBuffer) : _T( " Sorry, cannot find this error info. " ); this->SetWindowTextA(strErrorCause); } LPVOID paddress=::VirtualAllocEx(hpid,NULL,0x3000,MEM_COMMIT|MEM_RESERVE,PAGE_EXECUTE_READWRITE); BOOL iReturnCode=WriteProcessMemory (hpid,paddress,AddBloog,0x3000,NULL); if (!iReturnCode) { //::AfxMessageBox("寫入內存失敗"); } else { //::AfxMessageBox("寫入內存成功"); DWORD tid=0; HANDLE htid=CreateRemoteThread(hpid,NULL,0,(LPTHREAD_START_ROUTINE )paddress,0,0,&tid); if(htid==NULL) { ::CloseHandle(htid); DWORD errid=::GetLastError(); LPSTR lpBuffer; FormatMessage ( FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_IGNORE_INSERTS | FORMAT_MESSAGE_FROM_SYSTEM, NULL, errid, // 此乃錯誤代碼，通常在程序中可由 GetLastError()得之 LANG_NEUTRAL, (LPTSTR) & lpBuffer, 0 , NULL ); CString strErrorCause = lpBuffer ? _T(lpBuffer) : _T( " Sorry, cannot find this error info. " ); this->SetWindowTextA(strErrorCause); } } VirtualFreeEx(hpid,paddress,0x3000,MEM_RELEASE);

 

打怪的源碼

C/C++ code

void CRMainDialog::EMon(void)
{
    UpdateData(false);
    
    int *p;
    int max=MONLISTBASE+0xffff*4;
    float *pt;
    int *p2e;
    int *p380;
    int md=-1;
    float ptt=-1;
    for(int i=MONLISTBASE;i<max;i+=4)
    {
        p=(int *)i;
        p2e=(int *)(*p+8);
        if(*p2e==0x2e)
        {
            pt=(float *)(*p+0x31);
            if (*pt<this->m_mon_dis)
            {
                p380=(int *)(*p+0x18);
                if(*p380==0)
                {   
                    if(ptt<0)
                    {
                        ptt=*pt;
                        int *monid=(int *)(*p+0xc);
                        md=*monid;
                        //::AfxMessageBox("if(ptt<-1)");
                    }
                    else
                    { 
                        if(ptt>*pt)
                        {
                            ptt=*pt;
                            int *monid=(int *)(*p+0xc);
                            md=*monid;
                            //::AfxMessageBox("if(ptt>*pt)");
                        }
                    }
                }
            }
        }
    }

    
    int *pbasese=(int *)(CURRENTMON);
    int base=*pbasese;
    int* psel;
    psel=(int *)(base+0x1cb0);
    *psel=md;
}