CE搜索
1 初始化数值搜索
2 选中目标时 搜索>0
3 未选中目标 精确搜索0
4 重复 2,3步骤直到找到 选中目标的偏移值
检没地址,这个地址在选中怪物时,(如果不换怪或取消选择)之后是固定的。
记下这个数值 8010506E 然后锁定这个地址 把地址改为 8010506E 如果有目标被选中了则正确
找到这个偏移的基址
选中目标的ID=[[[924E0C]+1C]+20]+0A18
{此段代码需要hook的支持}
/// <summary>
/// {人物是在游戏当中还是小退}
/// </summary>
function InGame():Boolean;
var gameretn:DWORD;
begin
asm
mov eax,[$00924D48]
mov gameretn,eax
end;
if gameretn=0 then Result:=true{在游戏当中}
else if gameretn>=1 then Result:=False; {人物在角色选择界面}
end;
procedure TForm1.Button1Click(Sender: TObject);
{显示选中的目标信息}
{怪物 玩家}
var
I: Integer;
pMonster : PDWORD;
Mon_id : PDWORD;
Mon_kind : PDWORD;
Monbase : DWORD;
SelObjId : DWORD;
Mon_amount : PDWORD;
Mon_hpMin : PDWORD;
Mon_hpMax : PDWORD;
Mon_level : PDWORD;
Mon_distance: PSingle;
Mon_name : PDWORD;
Mon_name1 : PWideChar;
Mon_name2 : string;
pPlayer : PDWORD;
playerBase : DWORD;
Player_id : pDWORD;
SelObjIdtmp : DWORD;
Player_amount : DWORD;
Player_hpMin : pDWORD;
player_hpTmp : DWORD;
Player_hpMax : pDWORD;
Player_level : pDWORD;
Player_distance: pSingle;
monAmount : PDWORD;
Player_name : PDWORD;
Player_name1 : PWideChar;
begin
if InGame=False then Exit;
asm //选中的目标
mov eax,[$924E0C]
mov eax,[eax+$1c]
mov eax,[eax+$20]
mov ecx,[eax+$A18]
mov selobjId,ecx
end;
asm //怪物
mov eax,[$924E0C]
mov eax,[eax+$1c]
mov eax,[eax+$8]
mov eax,[eax+$24]
mov ecx,[eax+$18]
mov Monbase,ecx
end;
//玩家
asm
mov eax,[$924E0C]
mov eax,[eax+$1c]
mov eax,[eax+$8]
mov eax,[eax+$20]
mov ecx,[eax+$14]
mov Player_amount,ecx
mov ecx,[eax+$18]
mov playerBase,ecx
end;
//怪物的
if selobjId = 0 then Self.Caption := '0';{update}
for I := 0 to 768 do
begin
{怪物}
pMonster := pointer(Monbase + I*4);
if pMonster^ > 0 then //当对象数组列表不为0的时候才添加
begin
pMonster := Pointer(pMonster^ + $4); // 怪物对象指针=[怪物列表基址]+04
Mon_hpMin := Pointer(pMonster^ + $12C);
Mon_hpMax := Pointer(pMonster^ + $154);
Mon_level := Pointer(pMonster^ + $124);
Mon_id := Pointer(pMonster^ + $11C);
Mon_kind := Pointer(pMonster^ + $0B4);
Mon_name := Pointer(pMonster^ + $230); //名称
Mon_name1 := Pointer(Mon_name^ + $0);
Mon_name2 := WideCharTostring(Mon_name1);
Mon_distance := Pointer(pMonster^ + $254); //距离
if Mon_id^ <> selobjId then Continue;
Self.Caption := format('%s %d/%d %d %f', [Mon_name2,Mon_hpMin^, Mon_hpMax^,Mon_level^, Mon_distance^]);
end;
{玩家}
if Player_amount=0 then Exit;
pPlayer := pointer(playerBase + I*4); //
if pPlayer^ > 0 then //当对象数组列表不为0的时候才添加
begin
pPlayer := Pointer(pPlayer^ + $4); // 玩家对象指针=[玩家列表基址]+04
Player_hpMin := Pointer(pPlayer^ + $450);
Player_hpMax := Pointer(pPlayer^ + $478);
Player_level := Pointer(pPlayer^ + $448);
Player_id := Pointer(pPlayer^ + $43C);
Player_name := Pointer(pPlayer^ + $5CC); //名称
Player_name1 := Pointer(Player_name^ + $0);
Player_distance := Pointer(pPlayer^ + $700); //距离
if Player_id^ <> selobjId then Continue;
Self.Caption := format('%s %d/%d %d %f', [Player_name1,Player_hpMin^, Player_hpMax^,Player_level^, Player_distance^]);
end;
end;
end;
/// <summary>
/// {人物是在游戏当中还是小退}
/// </summary>
function InGame():Boolean;
var gameretn:DWORD;
begin
asm
mov eax,[$00924D48]
mov gameretn,eax
end;
if gameretn=0 then Result:=true{在游戏当中}
else if gameretn>=1 then Result:=False; {人物在角色选择界面}
end;
procedure TForm1.Button1Click(Sender: TObject);
{显示选中的目标信息}
{怪物 玩家}
var
I: Integer;
pMonster : PDWORD;
Mon_id : PDWORD;
Mon_kind : PDWORD;
Monbase : DWORD;
SelObjId : DWORD;
Mon_amount : PDWORD;
Mon_hpMin : PDWORD;
Mon_hpMax : PDWORD;
Mon_level : PDWORD;
Mon_distance: PSingle;
Mon_name : PDWORD;
Mon_name1 : PWideChar;
Mon_name2 : string;
pPlayer : PDWORD;
playerBase : DWORD;
Player_id : pDWORD;
SelObjIdtmp : DWORD;
Player_amount : DWORD;
Player_hpMin : pDWORD;
player_hpTmp : DWORD;
Player_hpMax : pDWORD;
Player_level : pDWORD;
Player_distance: pSingle;
monAmount : PDWORD;
Player_name : PDWORD;
Player_name1 : PWideChar;
begin
if InGame=False then Exit;
asm //选中的目标
mov eax,[$924E0C]
mov eax,[eax+$1c]
mov eax,[eax+$20]
mov ecx,[eax+$A18]
mov selobjId,ecx
end;
asm //怪物
mov eax,[$924E0C]
mov eax,[eax+$1c]
mov eax,[eax+$8]
mov eax,[eax+$24]
mov ecx,[eax+$18]
mov Monbase,ecx
end;
//玩家
asm
mov eax,[$924E0C]
mov eax,[eax+$1c]
mov eax,[eax+$8]
mov eax,[eax+$20]
mov ecx,[eax+$14]
mov Player_amount,ecx
mov ecx,[eax+$18]
mov playerBase,ecx
end;
//怪物的
if selobjId = 0 then Self.Caption := '0';{update}
for I := 0 to 768 do
begin
{怪物}
pMonster := pointer(Monbase + I*4);
if pMonster^ > 0 then //当对象数组列表不为0的时候才添加
begin
pMonster := Pointer(pMonster^ + $4); // 怪物对象指针=[怪物列表基址]+04
Mon_hpMin := Pointer(pMonster^ + $12C);
Mon_hpMax := Pointer(pMonster^ + $154);
Mon_level := Pointer(pMonster^ + $124);
Mon_id := Pointer(pMonster^ + $11C);
Mon_kind := Pointer(pMonster^ + $0B4);
Mon_name := Pointer(pMonster^ + $230); //名称
Mon_name1 := Pointer(Mon_name^ + $0);
Mon_name2 := WideCharTostring(Mon_name1);
Mon_distance := Pointer(pMonster^ + $254); //距离
if Mon_id^ <> selobjId then Continue;
Self.Caption := format('%s %d/%d %d %f', [Mon_name2,Mon_hpMin^, Mon_hpMax^,Mon_level^, Mon_distance^]);
end;
{玩家}
if Player_amount=0 then Exit;
pPlayer := pointer(playerBase + I*4); //
if pPlayer^ > 0 then //当对象数组列表不为0的时候才添加
begin
pPlayer := Pointer(pPlayer^ + $4); // 玩家对象指针=[玩家列表基址]+04
Player_hpMin := Pointer(pPlayer^ + $450);
Player_hpMax := Pointer(pPlayer^ + $478);
Player_level := Pointer(pPlayer^ + $448);
Player_id := Pointer(pPlayer^ + $43C);
Player_name := Pointer(pPlayer^ + $5CC); //名称
Player_name1 := Pointer(Player_name^ + $0);
Player_distance := Pointer(pPlayer^ + $700); //距离
if Player_id^ <> selobjId then Continue;
Self.Caption := format('%s %d/%d %d %f', [Player_name1,Player_hpMin^, Player_hpMax^,Player_level^, Player_distance^]);
end;
end;
end;