#include <iostream>
#include "windows.h"
#include "tlhelp32.h"
#include "vector"
#include <string>
#include<stdio.h>
#include <stdlib.h>
#include<string.h>
#include <direct.h>
DWORD pID;
HANDLE pHandle;
DWORD64 GlobalPTR;
LPCSTR SigGlobalPTR = "\x4C\x8D\x05\x00\x00\x00\x00\x4D\x8B\x08\x4D\x85\xC9\x74\x11";
LPCSTR MaskGlobalPTR = "xxx????xxxxxxxx";
struct module { DWORD64 dwBase, dwSize; };
module pModule;
module GetModule(const char* moduleName) {
HANDLE hmodule = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pID);
MODULEENTRY32 mEntry;
mEntry.dwSize = sizeof(mEntry);
do {
if (!_stricmp(mEntry.szModule, moduleName)) {
CloseHandle(hmodule);
pModule = { (DWORD64)mEntry.hModule, mEntry.modBaseSize };
return pModule;
}
} while (Module32Next(hmodule, &mEntry));
module mod = { (DWORD64)false, (DWORD64)false };
return mod;
}
HANDLE GetProcess(const char* processName) {
HANDLE handle = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
PROCESSENTRY32 entry;
entry.dwSize = sizeof(entry);
do
if (!_stricmp(entry.szExeFile, processName)) {
pID = entry.th32ProcessID;
CloseHandle(handle);
pHandle = OpenProcess(PROCESS_ALL_ACCESS, false, pID);
return pHandle;
}
while (Process32Next(handle, &entry));
}
bool MemoryCompare(const BYTE* bData, const BYTE* bMask, const char* szMask) {
for (; *szMask; ++szMask, ++bData, ++bMask) {
if (*szMask == 'x' && *bData != *bMask) {
return false;
}
}
return (*szMask == NULL);
}
DWORD64 FindSignature(DWORD64 start, DWORD64 size, const char* sig, const char* mask) {
BYTE* data = new BYTE[size];
SIZE_T bytesRead;
ReadProcessMemory(pHandle, (LPVOID)start, data, size, &bytesRead);
for (DWORD64 i = 0; i < size; i++) {
if (MemoryCompare((const BYTE*)(data + i), (const BYTE*)sig, mask)) {
return start + i;
}
}
delete[] data;
return NULL;
}
template<typename T> T ReadMemory(DWORD64 address) { T r; ReadProcessMemory(pHandle, (void*)address, &r, sizeof(T), 0); return r; };
template<typename T> void WriteMemory(DWORD64 address, T value) { T v = value; WriteProcessMemory(pHandle, (void*)address, &v, sizeof(T), 0); };
DWORD64 GA(int index) { int a = (8 * (index >> 0x12 & 0x3F)), b = (8 * (index & 0x3FFFF)); return ReadMemory<DWORD64>(GlobalPTR + a) + b; }
//DWORD64 GA(int index){ return ReadMemory<DWORD64>(GlobalPTR + (8 * (index >> 0x12 & 0x3F))) + (8 * (index & 0x3FFFF)); }
template <typename T> T GG(int index) { return ReadMemory<T>(GA(index)); };
template <typename T> void SG(int index, T value) { WriteMemory<T>(GA(index), value); };
int main(int argc, char* argv[])
{
if (GetProcess("GTA5.exe"))
{
module mod = GetModule("GTA5.exe");
DWORD64 _Address = FindSignature(mod.dwBase, mod.dwSize, SigGlobalPTR, MaskGlobalPTR);
GlobalPTR = _Address + ReadMemory<int>(_Address + 3) + 7;
SG<int>(1696433 + 1497 + 736 + 92 + 1 + 0, std::stoi(argv[1]));
SG<int>(1696433 + 1497 + 736 + 92 + 1 + 1, std::stoi(argv[2]));
SG<int>(1696433 + 1497 + 736 + 92 + 1 + 2, std::stoi(argv[3]));
SG<int>(1696433 + 1497 + 736 + 92 + 1 + 3, std::stoi(argv[4]));
int Player_1 = GG<int>(1696433 + 1497 + 736 + 92 + 1 + 0); // Global_1696433.f_1497.f_736.f_92[0] -> 1696433+1497+736+92+1+0
int Player_2 = GG<int>(1696433 + 1497 + 736 + 92 + 1 + 1); // Global_1696433.f_1497.f_736.f_92[1] -> 1696433+1497+736+92+1+1
int Player_3 = GG<int>(1696433 + 1497 + 736 + 92 + 1 + 2); // Global_1696433.f_1497.f_736.f_92[2] -> 1696433+1497+736+92+1+2
int Player_4 = GG<int>(1696433 + 1497 + 736 + 92 + 1 + 3); // Global_1696433.f_1497.f_736.f_92[3] -> 1696433+1497+736+92+1+3
}
}
我是一个C初学者,目前这个方面仅仅会用简单的基址+偏移(例如XXX.EXE+1FABCDE+12+45+56)这样来获取计算地址,这个代码是我一个朋友给的,但是我不明白其中含义,有人能帮忙解答一下么?