创世战车透视自瞄源码

其他 2020-02-07 23:17:26 阅读次数: 0

只包含主程序,比较简陋,仅供参考。

  1 #include <Windows.h>
  2 #include <stdio.h>
  3 #include <WINBASE.H>
  4 #include <string.h>
  5 #include <tchar.h>
  6 #include <psapi.h>
  7 #include <tlhelp32.h>
  8 #include <math.h>
  9 //定义全局变量
 10 COLORREF SnapLineCOLOR;
 11 COLORREF TextCOLOR;
 12 HANDLE _hGameHandle;
 13 RECT m_rect;
 14 DWORD ProcessId;
 15 HDC HDC_Desktop;
 16 HBRUSH EnemyBrush = CreateSolidBrush(RGB(255, 0, 0));
 17 HWND Handle;
 18 HFONT Font;
 19 float cx=1380;
 20 float fovX = 3.1415 * 84 / 180;
 21 float fovY = 3.1415 * 60 / 180;
 22 #define BasePtr 0x204D6D0
 23 #define ArrayPtr 0x2635890
 24 #define mousexptr 0x264AAA4
 25 #define crmeraptr 0x264A4A0
 26 
 27 void DrawFilledRect(int x, int y, int w, int h)
 28 {
 29     //We create our rectangle to draw on screen
 30     RECT rect = { x, y, x + w, y + h };
 31     //We clear that portion of the screen and display our rectangle
 32     FillRect(HDC_Desktop, &rect, EnemyBrush);
 33 }
 34 
 35 
 36 void DrawBorderBox(int x, int y, int w, int h, int thickness)
 37 {
 38     //Top horiz line
 39     DrawFilledRect(x, y, w, thickness);
 40     //Left vertical line
 41     DrawFilledRect(x, y, thickness, h);
 42     //right vertical line
 43     DrawFilledRect((x + w), y, thickness, h);
 44     //bottom horiz line
 45     DrawFilledRect(x, y + h, w + thickness, thickness);
 46 }
 47 
 48 
 49 //Here is where we draw our line from point A to Point B
 50 void DrawLine(float StartX, float StartY, float EndX, float EndY, COLORREF Pen)
 51 {
 52     int a, b = 0;
 53     HPEN hOPen;
 54     // penstyle, width, color
 55     HPEN hNPen = CreatePen(PS_SOLID, 2, Pen);
 56     hOPen = (HPEN)SelectObject(HDC_Desktop, hNPen);
 57     // starting point of line
 58     MoveToEx(HDC_Desktop, StartX, StartY, NULL);
 59     // ending point of line
 60     a = LineTo(HDC_Desktop, EndX, EndY);
 61     DeleteObject(SelectObject(HDC_Desktop, hOPen));
 62 }
 63 
 64 //Draw our text with this function
 65 void DrawString(int x, int y, COLORREF color, const char* text)
 66 {
 67     SetTextAlign(HDC_Desktop, TA_CENTER | TA_NOUPDATECP);
 68 
 69     SetBkColor(HDC_Desktop, RGB(0, 0, 0));
 70     SetBkMode(HDC_Desktop, TRANSPARENT);
 71 
 72     SetTextColor(HDC_Desktop, color);
 73 
 74     SelectObject(HDC_Desktop, Font);
 75 
 76     TextOutA(HDC_Desktop, x, y, text, strlen(text));
 77 
 78     DeleteObject(Font);
 79 }
 80 
 81 //**********************************************************************************************************************************
 82 
 83 //自己封装的函数
 84 
 85 //取进程ID函数
 86 DWORD _GetProcessId(char* ClassName, char* WindowName)
 87 {
 88     //取游戏窗口的句柄
 89     DWORD _pid;
 90     HWND hGameWindow;
 91     hGameWindow = FindWindowA(ClassName, WindowName);
 92     GetWindowThreadProcessId(hGameWindow, &_pid);
 93     return _pid;
 94 }
 95 
 96 //获取进程的句柄
 97 HANDLE _GetProcessHandle(DWORD _pid)
 98 {
 99     HANDLE hGameHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, _pid);
100     return hGameHandle;
101 }
102 
103 //读内存4字节整数型
104 DWORD _ReadMemeryInt(HANDLE hGameHandle, DWORD _address)
105 {
106     DWORD buffer;
107     ReadProcessMemory(hGameHandle, LPCVOID(_address), &buffer, sizeof(buffer), NULL);
108     return buffer;
109 }
110 
111 //读内存小数型
112 FLOAT _ReadMemeryFloat(HANDLE hGameHandle, DWORD _address)
113 {
114     FLOAT buffer;
115     ReadProcessMemory(hGameHandle, LPCVOID(_address), &buffer, sizeof(buffer), NULL);
116     return buffer;
117 }
118 
119 //读内存文本型
120 char* _ReadMemeryString(HANDLE hGameHandle, DWORD _address)
121 {
122     char read[256];
123     char* pa;
124 
125     pa = read;
126 
127     ReadProcessMemory(hGameHandle, LPCVOID(_address), read, sizeof(read), NULL);
128 
129     for (pa; *pa != '\0'; pa++)
130     {
131         return pa;
132     }
133     
134 }
135 
136 //写内存整数型
137 BOOL WriteMemeryInt(HANDLE hGameHandle, DWORD _address, DWORD Data)
138 {
139     return WriteProcessMemory(hGameHandle, LPVOID(_address), &Data, sizeof(Data), NULL);
140 }
141 
142 //写内存小数型
143 BOOL WriteMemeryFloat(HANDLE hGameHandle, DWORD _address, FLOAT Data)
144 {
145     return WriteProcessMemory(hGameHandle, LPVOID(_address), &Data, sizeof(Data), NULL);
146 }
147 
148 //写内存字节数组
149 BOOL WriteMemeryBytes(HANDLE hGameHandle, DWORD _address, BYTE Data[], SIZE_T Bytes)
150 {
151     return WriteProcessMemory(hGameHandle, LPVOID(_address), Data, Bytes, NULL);
152 }
153 
154 //取本程序模块地址
155 DWORD_PTR GetProcessBaseAddress(DWORD processID)
156 {
157     DWORD_PTR   baseAddress = 0;
158     HANDLE      processHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, processID);
159     HMODULE     *moduleArray;
160     LPBYTE      moduleArrayBytes;
161     DWORD       bytesRequired;
162 
163     if (processHandle)
164     {
165         if (EnumProcessModules(processHandle, NULL, 0, &bytesRequired))
166         {
167             if (bytesRequired)
168             {
169                 moduleArrayBytes = (LPBYTE)LocalAlloc(LPTR, bytesRequired);
170 
171                 if (moduleArrayBytes)
172                 {
173                     unsigned int moduleCount;
174 
175                     moduleCount = bytesRequired / sizeof(HMODULE);
176                     moduleArray = (HMODULE *)moduleArrayBytes;
177 
178                     if (EnumProcessModules(processHandle, moduleArray, bytesRequired, &bytesRequired))
179                     {
180                         baseAddress = (DWORD_PTR)moduleArray[0];
181                     }
182                     LocalFree(moduleArrayBytes);
183                 }
184             }
185         }
186         CloseHandle(processHandle);
187     }
188     return baseAddress;
189 }
190 
191 //通杀调用Call
192 void MyCall_All(DWORD Pid, DWORD _CallAddress, LPVOID FuncName)
193 {
194     //获取进程句柄
195     HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, Pid);
196 
197     //有参数的Call
198     if (_CallAddress == NULL)
199     {
200         //申请一块内存给整个Call
201         LPVOID MyCallAddress = VirtualAllocEx(hProcess, NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
202         //写入Call的数据到上一行代码申请的内存中
203         WriteProcessMemory(hProcess, MyCallAddress, FuncName, 0x1000, NULL);
204         //创建远程线程-并获取线程的句柄
205         HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)MyCallAddress, NULL, 0, NULL);
206         //等待线程事件
207         WaitForSingleObject(hThread, 2000);
208         //防止内存泄露
209         CloseHandle(hThread);
210         CloseHandle(hProcess);
211     }
212     else
213     {
214         //创建远程线程-并获取线程的句柄
215         HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)_CallAddress, NULL, 0, NULL);
216         //等待线程事件
217         WaitForSingleObject(hThread, 2000);
218         //防止内存泄露
219         CloseHandle(hThread);
220         CloseHandle(hProcess);
221     }
222 }
223 
224 
225 //**********************************************************************************************************************************
226 
227 
228 //修改口袋西游血量函数
229 BOOL ChangeBlood()
230 {
231     DWORD Address = 0x2e2626b8;
232     BYTE Code[] = { 0x00,0x23,0x24,0x25,0xAE,0x04,0x04,0x04,0x04,0x04 };
233     //字节数组
234     return WriteMemeryBytes(_hGameHandle, Address, Code, 10);
235 }
236 
237 //插件初始化
238 VOID Begin()
239 {
240     SetConsoleTitleA("创世战车人物遍历 cmd版本");
241 
242     //取进程ID
243     ProcessId = _GetProcessId(NULL,(char*)"Crossout 0.10.48.109594");
244 
245     printf("\n进程ID:%d\n", ProcessId);
246 
247     //获取进程的句柄
248     _hGameHandle = _GetProcessHandle(ProcessId);
249 
250     printf("进程句柄:%x\n", (unsigned int)_hGameHandle);
251 
252     //_ReadMemeryString(_hGameHandle, 0x04389308);
253 
254     //printf("\n字符串:%s\n", _ReadMemeryString(_hGameHandle, 0x04389308));
255 
256 
257 }
258 
259 bool worldtosc(float mousex, float mousey, float juli, float nowx, float nowy, float scX, float scY)
260 {
261     int flagX = 0;
262     int entryX = 0;
263     float leftborderX = nowx - 3.14 / 4;
264     if (leftborderX < -3.14) {
265         leftborderX += 3.14;
266         flagX = 1;
267     }
268     float rightborderX = nowx + 3.14 / 4;
269     if (rightborderX > 3.14) {
270         rightborderX -= 3.14;
271         flagX = 1;
272     }
273     if (flagX == 1)
274     {
275         if (mousex > leftborderX || mousex < rightborderX)
276         {
277             entryX = 1;
278         }
279     }
280     else if(mousex>leftborderX&&mousex<rightborderX)
281     {
282         entryX = 1;
283     }
284     if (fabs(nowy - mousey)<=fovY/2&&entryX==1)
285     {
286         //printf("nowx = %f \nnowy= %f\nmousex=%f\nmousey=%f\n宽=%d\n高=%d\n", nowx, nowy, mousex, mousey, m_rect.right - m_rect.left, m_rect.bottom - m_rect.top);
287         //float lineA = juli * sin(mousex-nowx);
288         //float lineB = juli * sin(nowy -mousey);
289         //float lineAA = cos(nowx - mousex)*juli;
290         //float lineBB = cos(nowy - mousey)*juli;
291         //float lineAAA = tan(fovX / 2)*lineAA;
292         //float lineBBB = tan(fovY / 2)*lineBB;
293         float len = (m_rect.right - m_rect.left) / 2;
294         float high = (m_rect.bottom - m_rect.top) / 2;
295         //printf("%f %f", len*2, high*2);
296         //printf("x=%d y=%d\n", m_rect.left, m_rect.top);
297         scX = tan(mousex - nowx)*len / tan(fovX / 2) + len+ m_rect.left;
298         scY = tan(nowy - mousey)*high / tan(fovY / 2) + high + m_rect.top;
299         //printf("scX = %f\nscY = %f \n", scX, scY);
300         //printf("lineA = %f   lineB = %f \n line AA = %f ,lineBB = %f \n line AAA = %f   lineBBB = %f  \n scX = %f  scY = %f \n", lineA, lineB,lineAA,lineBB,lineAAA,lineBBB,scX,scY);
301         //DrawString((int)(scX-cx/juli), (int)(scY - cx / juli - 48), RGB(255, 0, 0), "Miraculous_B");
302         DrawBorderBox((int)(scX-cx/juli), (int)(scY-cx/juli-48), (int)2500.0/juli, (int)2500.0/juli, (int)8.0);
303         //DrawFilledRect((int)scX, (int)scY - 48, (int)2500.0);
304         return 1;
305     }
306 }
307 void SetupDrawing(HDC hDesktop, HWND handle)
308 {
309     HDC_Desktop = hDesktop;
310     Handle = handle;
311     EnemyBrush = CreateSolidBrush(RGB(0, 255, 0));
312     //Color
313     SnapLineCOLOR = RGB(0, 0, 255);
314     TextCOLOR = RGB(0, 255, 0);
315 }
316 VOID ReadValue()
317 {
318     HWND h_wnd = ::FindWindow(_T("Crossout 0.10.48.109594"), NULL);
319     HDC HDC_Desktop = GetDC(h_wnd);
320     SetupDrawing(HDC_Desktop, h_wnd);
321     DWORD_PTR modbase = GetProcessBaseAddress(ProcessId);
322     DWORD TempAddress, RetTemp, GetBase, ObjectAddress, ObjectValue;
323     HWND qwq = FindWindow(NULL, "Crossout 0.10.48.109594");
324     GetWindowRect(qwq, &m_rect);
325     printf("x=%d y=%d\n",m_rect.left, m_rect.top);
326     //基地址
327     //DWORD BaseAddress = modbase + BasePtr;
328     //DWORD BaseAddress = 0x2D5D6D0;
329     DWORD BaseAddress = GetProcessBaseAddress(ProcessId) + BasePtr;
330     //数组基地址
331     //DWORD Address_Array = modbase + ArrayPtr;
332     //DWORD Address_Array = 0x3345890;
333     DWORD Address_Array = GetProcessBaseAddress(ProcessId) + ArrayPtr;
334     printf("%x\n%x\n", BaseAddress, Address_Array);
335     char* Name = NULL;
336     int Count = 1;
337     int n=-1;
338     int duiyou[50];
339     memset(duiyou, 0, sizeof(duiyou));
340     while (1) {
341         float minjuli = 9999999999;
342         float x1 = 0, y1 = 0, z1 = 0; // 最近敌人位置
343         float x0 = 0, y0 = 0, z0 = 0; // 摄像机位置
344         y0 = _ReadMemeryFloat(_hGameHandle, modbase + 0x264A4A8);
345         x0 = _ReadMemeryFloat(_hGameHandle, modbase + 0x264A4A0);
346         z0 = _ReadMemeryFloat(_hGameHandle, modbase + 0x264A4A4);
347         int xiabiao = 0;
348         for (int i = 0; i < 16; i++)
349         {
350             //地址解密
351             TempAddress = i * 0x870 + Address_Array + 0x3638;
352             RetTemp = _ReadMemeryInt(_hGameHandle, TempAddress);
353             //计算数组遍历地址
354             RetTemp = ((RetTemp & 0x0fff) + 0x2AAD) * 0x0c;
355             //基地址
356             GetBase = _ReadMemeryInt(_hGameHandle, BaseAddress);
357             //[[2D5D6D0] + (([03345890 + ((i * 870) + 3638)] & 0fff) + 2aad) * 3 * 4] + 0C0
358             //计算人物对象地址
359             ObjectAddress = GetBase + RetTemp;
360             //读人物对象地址
361             ObjectValue = _ReadMemeryInt(_hGameHandle, ObjectAddress);
362             //判断对象是否存在
363             if (ObjectValue != NULL&&duiyou[i]==0)
364             {
365                 //读取人物血量
366                 float Bloat = _ReadMemeryFloat(_hGameHandle, ObjectValue + 0xc0);
367                 float y = _ReadMemeryFloat(_hGameHandle, ObjectValue + 0x2b8);
368                 float x = _ReadMemeryFloat(_hGameHandle, ObjectValue + 0x2b0);
369                 float z = _ReadMemeryFloat(_hGameHandle, ObjectValue + 0x2b4);
370                 float juli = sqrt((y - y0)*(y - y0) + (x - x0)*(x - x0) + (z - z0)*(z - z0));
371 
372                 if (minjuli > juli&&x!=0&&i!=n&&Bloat>0.00001)//获得最小距离以选中最近敌人自瞄,  不选中自己 , 去噪x2
373                 {
374                     xiabiao = i;
375                     minjuli = juli;
376                     x1 = x;
377                     y1 = y;
378                     z1 = z;
379                 }
380                 if (Bloat != 0&&x!=0) {
381                     if (n == -1) //标记队友
382                     {
383                         duiyou[i] = 0;
384                     }
385                     ObjectAddress = GetBase + RetTemp;
386                     printf("下标:%d  血量:%.3f  坐标:(%.0f,%.0f,%.0f),人物阵营:%x\n",i, Bloat, x, y,z, _ReadMemeryFloat(_hGameHandle, ObjectValue - 0x38));
387                 }
388                 //-------------------------------------------------------------获得mousex,mousez
389                 float x11 = x, y11 = y, z11 = z;
390                 x11 -= x0;
391                 x11 = -x11;
392                 y11 -= y0;
393                 y11 = -y11;
394                 z11 = z11 - z0;
395                 float k = fabs(atan(y11 / x11));
396                 float mousex = 0;
397                 float mousez = 0;
398                 if (x11 > 0 && y11 > 0) //第一向量
399                     mousex = 1.57 - (k * 2 / 3.1415926*1.57);
400                 if (x11 > 0 && y11 < 0)  //4
401                     mousex = 1.57 + (k * 2 / 3.1415926*1.57);
402                 if (x11 < 0 && y11 < 0)  //3
403                     mousex = -1.57 - (k * 2 / 3.1415926*1.57);
404                 if (x11 < 0 && y11 > 0)  //2
405                     mousex = -1.57 + (k * 2 / 3.1415926*1.57);
406                 if (z11 > 0)
407                     mousez = atan(z11 / sqrt((x11*x11 + y11 * y11)));
408                 else
409                     mousez = atan(z11 / sqrt((x11*x11 + y11 * y11)));
410                     //mousez = -fabs(atan(z11 / juli) * 2 / 3.1415926)*1.57;
411                 //-------------------------------------------------------------获得mousex,mousez
412 
413                 //-------------------------------------------------------------方框透视
414                 float nowx = _ReadMemeryFloat(_hGameHandle, modbase + mousexptr);
415                 float nowy = _ReadMemeryFloat(_hGameHandle, modbase + mousexptr + 4);
416                 float scx = 0;
417                 float scy = 0;
418                 worldtosc(mousex, mousez, juli, nowx, nowy,scx, scy);
419                 //-------------------------------------------------------------方框透视
420                 ObjectAddress = NULL;
421                 ObjectValue = NULL;
422             }
423 
424         }
425         //-------------------------------------------------------------获得本人下标
426         if (n == -1)
427         {
428             scanf_s("%d",&n);
429             Sleep(3*1000);
430             continue;
431         }
432         //-------------------------------------------------------------获得本人下标
433         //float y2 = y1;
434         //float x2 = x1;
435         /*
436         //-------------------------------------------------------------获得mousex,mousez
437         x1 -= x0;
438         x1 = -x1;
439         y1 -= y0;
440         y1 = -y1;
441         float k = fabs(atan(y1 / x1));
442         float mousex=0;
443         if (x1 > 0 && y1 > 0) //第一向量
444             mousex = 1.57 - (k * 2 / 3.1415926*1.57);
445         if (x1 > 0 && y1 < 0)  //4
446             mousex = 1.57 + (k * 2 / 3.1415926*1.57);
447         if (x1 < 0 && y1 < 0)  //3
448             mousex = -1.57 - (k * 2 / 3.1415926*1.57);
449         if (x1 < 0 && y1 > 0)  //2
450             mousex = -1.57+(k * 2 / 3.1415926*1.57);
451         float z2 = z1;
452         z1 = z1 - z0;
453         float mousez = 0;
454         if (z1 > 0)
455             mousez = fabs(atan(z1 / minjuli) * 2 / 3.1415926)*1.57;
456         else
457             mousez = -fabs(atan(z1 / minjuli) * 2 / 3.1415926)*1.57;
458         //-------------------------------------------------------------获得mousex,mousez
459 
460         //-------------------------------------------------------------方框透视
461         float nowx = _ReadMemeryFloat(_hGameHandle, modbase + mousexptr);
462         float nowy = _ReadMemeryFloat(_hGameHandle, modbase + mousexptr + 4);
463         float scx = 0;
464         float scy = 0;
465         worldtosc(mousex, mousez, minjuli, nowx, nowy, scx, scy);
466         //-------------------------------------------------------------方框透视
467 
468         //-------------------------------------------------------------自瞄
469         //if (duiyou[xiabiao] == 0&& GetAsyncKeyState(VK_RBUTTON)) {
470         //    WriteMemeryFloat(_hGameHandle, modbase + mousexptr, mousex);
471         //    WriteMemeryFloat(_hGameHandle, modbase + mousexptr + 4, mousez);
472         //}
473         //-------------------------------------------------------------自瞄
474 
475         */
476 
477         //printf("离最近的人的鼠标X值:%f    k=%f ,x1=%f,y1=%f,z1 = %f minjuli=%f\n", mousex,k,x1,y1,z1,minjuli);
478         //printf("最近的那个人的坐标:%f %f %f\n", x2, y2,z2);
479         //printf("我的坐标:%f  , %f  , %f\n ", x0, y0,z0);
480         system("cls");
481     }
482 }
483 
484 
485 int main()
486 {
487     //辅助的初始化
488     //scanf_s("%f", &cx);
489     Begin();
490     ReadValue();
491     getchar();
492     return 0;
493     /*
494     DWORD qwq = _GetProcessId(NULL, (char*)"Crossout 0.10.48.109594");
495     HANDLE pwp = _GetProcessHandle(qwq);
496     printf("%x\n", pwp);
497     */
498 
499 }
View Code

猜你喜欢

转载自www.cnblogs.com/MiraculousB/p/12274991.html
今日推荐
openKylin 社区生态委员会第六次会议圆满召开
阿里云正式发布通义千问 2.5
Python 3.13 发布首个 Beta:实验性自由线程模式和 JIT、改进交互式解释器
Stack Overflow 拿我的代码去训练 AI 大模型,还封了我的账号
Pop!_OS 的 COSMIC 桌面完成 App Store 上架工作
报告:Django 仍然是 74% 开发者的首选
《2024 年一季度互联网投融资运行情况》研究报告
15 年前上了“FFmpeg 耻辱柱”,今天他还得谢谢咱——腾讯QQPlayer一雪前耻?
TIOBE 5 月榜单:Fortran “复活”进入 Top 10
GCC 14.1 发布
面壁智能发布 Eurux-8x22B 开源大模型 —— 堪称「理科状元」
开源日报 | 谷歌扶持鸿蒙上位;开源Rabbit R1;Docker加持的安卓手机;微软的焦虑和野心;海尔电器把开放平台关了
周排行
计算机组成与设计(七)—— 除法器
Integer Approximation(分治+枚举)
大话数据库索引
windows10系统JDK的配置及下载地址
mysql实现秒值转换中原六仔平台搭建
Codeforces Round #556 (Div. 1)
百练1064 网线主管
Codeforces 995F Cowmpany Cowmpensation
子集生成之增量构造法,位向量法,二进制法
ERROR: cmd.exe failed with args /c "/APK\gradle\rungradle.bat...
每日归档
更多
2024-05-10(38)
2024-05-09(35)
2024-05-08(42)
2024-05-07(14)
2024-05-06(40)
2024-05-05(0)
2024-05-04(7)
2024-05-03(19)
2024-05-02(0)
2024-05-01(4)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022