口袋Delphi源码
unit WgUnit;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms, IniFiles,
Dialogs, StdCtrls, ExtCtrls, SHELLAPI, StrUtils, Grids, ComCtrls, Math;
//*********************** 游戏功能内CALL部分类型定义 *****************************//
type
TNomalCallParam = packed record //通用参数,用于所有无参数调用传递地址
add1 : DWORD;
add2 : DWORD;
add3 : DWORD;
add4 : DWORD;
add5 : DWORD;
end;
NomalCallParam=^TNomalCallParam;
type
TPGetGwCallParam = packed record //ID选怪参数
xgid : Cardinal; //怪物ID
add1 : DWORD; //callbasc
add2 : DWORD; //idxg
end;
PGetGwCallParam=^TPGetGwCallParam ;
type
TPGetRwJNParam = packed record //使用技能
sid : DWORD; //技能ID
add1: DWORD; //callbase
add2: DWORD; //syjn
end;
PGetRwJNParam=^TPGetRwJNParam;
type
TPPickCallParam = packed record //ID捡物
wpid : Cardinal; //物品ID
xtid : Cardinal; //物品系统ID
add1: DWORD; //callbase
add2: DWORD; //jqwp
end;
PPickCallParam=^TPPickCallParam;
type
TUsewpCallParam = packed record //使用物品ID
wpid : Cardinal ; //物品ID
wppos: Cardinal ; //物品格数
add1: DWORD; //callbase
add2: DWORD; //sywp
end;
UsewpCallParam=^TUsewpCallParam;
type
TAutogo=packed record //自动寻路类
x:single; //x坐标
z:single; //y坐标
y:single; //z坐标
add1: DWORD; //Baseadr
add2: DWORD; //AutogoPush
add3: DWORD; //AutogoMove
add4: DWORD; //AutogoCall
end;
Autogo=^TAutogo; //自动寻路指针
type
TUseBBWpCallParam = packed record //喂宠物
bbid : Cardinal; //宝宝ID
bbwpgs : Cardinal; //宝宝物品格数
add1 : DWORD; //sybbw
end;
UseBBWpCallParam = ^TUseBBWpCallParam;
type
TOpenNPCCallParam = packed record //激活NPC
selnpcid : Cardinal; //NPC ID
add1: DWORD; //callbase
add2: DWORD; //jhnpc
end;
OpenNPCCallParam=^TOpenNPCCallParam;
type
TAnswerCallParam=packed record //答题
dtmid:DWORD; //
daid:DWORD; //
end;
AnswerCallParam=^TAnswerCallParam ;
type
TBuyThingCallParam = packed record //购买物品CALL
mwid : Cardinal; //物品ID
mwgs : Cardinal; //物品格数
mwsl : Cardinal; //物品数量
add1 : DWORD; //gmwp
end;
BuyThingCallParam=^TBuyThingCallParam;
type
TsellThingCallParam = packed record //出售物品CALL
mcwid : Cardinal; //物品ID
mcwgs : Cardinal; //物品格数
mcwsl : Cardinal; //物品数量
add1 : DWORD; //cswp
end;
sellThingCallParam=^TsellThingCallParam;
//*********************** 游戏功能内CALL部分类型定义 *****************************//
type
TWgForm = class(TForm)
rwhp: TLabel;
Label2: TLabel;
Label3: TLabel;
rwmp: TLabel;
Label4: TLabel;
live: TLabel;
Label5: TLabel;
money: TLabel;
Label6: TLabel;
rwzbx: TLabel;
Label7: TLabel;
rwzby: TLabel;
ZtTime: TTimer;
SearchCK: TButton;
SearchSD: TButton;
SearchGw: TButton;
SearchWp: TButton;
StarBut: TButton;
StrGridSpt: TStringGrid;
Label1: TLabel;
gwhp: TLabel;
SearchBg: TButton;
GjTime: TTimer;
Button7: TButton;
Button6: TButton;
GuaJie: TButton;
Button1: TButton;
ReadINI: TButton;
Label8: TLabel;
SearchJN: TButton; //保存变量
procedure StarButClick(Sender: TObject);
procedure FormCreate(Sender: TObject);
procedure OpenFileButClick(Sender: TObject);
procedure GuaJieClick(Sender: TObject);
procedure ZtTimeTimer(Sender: TObject);
procedure SearchCKClick(Sender: TObject);
procedure SearchGwClick(Sender: TObject);
procedure SearchWpClick(Sender: TObject);
procedure SearchSDClick(Sender: TObject);
procedure Button6Click(Sender: TObject);
procedure Button7Click(Sender: TObject);
procedure SearchBgClick(Sender: TObject);
procedure GjTimeTimer(Sender: TObject);
procedure Button1Click(Sender: TObject);
procedure ReadINIClick(Sender: TObject);
procedure SearchJNClick(Sender: TObject);
private
{ Private declarations }
function readInifile(fileName,section,Ident:string):string; //读配置文件
procedure writeInifile(const fileName,Section, Ident, Value: string); //写配置文件
procedure ReadStupINI(); //读取挂机设置
function FlashBug(GwName:string;RsType:integer):boolean; //查找地面怪物及NPC,GwName怪名,RsType执行类型
procedure FlashWp(RsType:integer); //查找地面物品,捡物,RsType执行类型
function SearchBao(WpName:string;RsType:integer):string; //查找包裹物品 //回城卖物
function SearchJnID(JnName:string;RsType:integer):integer; //查找技能ID
procedure ReCityBuy(WpName:string;WpNum:integer); //回城买物
public
{ Public declarations }
end;
var
//*********************** 人物挂机处理 *******************************************//
oldxg,DqNPC:integer; //判断前面是否在打怪
DzStop:boolean; //打坐时暂停打怪
HcStop:integer; //0=检测;1=回城;2=回挂机点;3=挂机
RwGjx,RwGjy,RwGjz,RwGjL:integer; //挂机点及范围
BuyNPCx,BuyNPCy,BuyNPCz:integer; //买药点
CKNPCx,CKNPCy,CKNPCz:integer; //仓库点
HPscal,MPscal:single; //生命保护处理
HPact,MPact:string; //生命保护处理
HitType:string; //打怪方式
BmRcity,SyRcity,DeRcity:string; //回城条件
BuyHPmc,BuyMPmc:string; //红蓝药名
BuyHPsl,BuyMPsl:integer; //红蓝数量
BlWpStr,GwFilet,WpFilet:string; //物品过滤
//*********************** 人物挂机处理 *******************************************//
//*********************** 游戏功能内CALL部分变量定义 *****************************//
hProcess_N: THandle;
ThreadAdd, ParamAdd: Pointer;
InProcessID: HWND;
Baseadr:DWORD; //$9851CC; 游戏基地址
callbase:DWORD; //$9816DC; call 地址
Question:DWORD; //$9816DC; 星星地址
AutogoCall:DWORD; //$42B2C0; 自动寻路 428D00
AutogoPush:DWORD; //$988220; PUSH
AutogoMove:DWORD; //$981688; MOV 地址
dazuo:DWORD; //$5DAE90; 打坐
undazuo:DWORD; //$5DAE50; 取消打坐
Tabxg:DWORD; //$461F30; tab选怪
unchoosexg:DWORD; //$5DAF70; 取消选怪
idxg:DWORD; //$5AE210; ID选怪 5921E0
pAttack:DWORD; //$5DA810; 普通***
jqwp:DWORD; //$5AE1A0; 捡东西
syjn:DWORD; //$468CE0; 使用技能
sywp:DWORD; //$5ADFD0; 使用物品
sybbw:DWORD; //$40FD40; 使用BB物品call
swhc:DWORD; //$5DAC30; 死亡回城
jhnpc:DWORD; //$5AE520; 激活NPC 592320
qxnpc:DWORD; //$6F6820; 取消NPC
qxnpcpush:DWORD; //$92D4C4; 取消NPC push
gmwp:DWORD; //$5DC160; 购买物品
cswp:DWORD; //$5DC1E0; 出售物品
dkck:DWORD; //$5DC660; 打开仓库
dkckpush:DWORD; //$981404; 打开仓库push
bcwp:DWORD; //$5DAAD0; 保存物品
//*********************** 游戏功能内CALL部分变量定义 *****************************//
implementation
{$R *.dfm}
procedure TWgForm.FormCreate(Sender: TObject);
begin
oldxg:=0; //未选怪
DzStop:=false; //非打坐状态
HcStop:=0; //默认为检测状态
DqNPC:=0; //未指定任何NPC
SptTime.Enabled := false;
ZtTime.Enabled := false;
Randomize;
AppPath := ExtractFilePath(Application.ExeName); //取得应用程序当前路径
ReadStupINI();
end;
function TWgForm.readInifile(fileName,section,Ident:string):string; //读配置文件,USES IniFiles
var
ini:tinifile;
begin
ini:=tinifile.Create(fileName);
result:=ini.ReadString(section,ident,'');
ini.Free;
end;
//******************************* 不带参call 原形 *******************************//
procedure CallAttack(p:NomalCallParam);stdcall; //普通***call pAttack
var
Address1:DWORD;
begin
Address1:=P^.add1 ; //pAttack
asm
pushad
mov edx, Address1
call edx //call pAttack
popad
end;
end;
procedure CallMeditation(p:NomalCallParam);stdcall; //打坐Call dazuo
var
Address1:DWORD;
begin
Address1:=P^.add1 ; //dazuo
asm
pushad
mov edx, Address1
call edx //call dazuo
popad
end;
end;
procedure CallUnMeditation(p:NomalCallParam);stdcall; //停止打坐call undazuo
var
Address1:DWORD;
begin
Address1:=P^.add1 ; //undazuo
asm
pushad
mov edx, Address1
call edx //call undazuo
popad
end;
end;
procedure CallTab(p:NomalCallParam);stdcall; //Tab选怪call callbase Tabxg
var
Address1,Address2:DWORD;
begin
Address1:=P^.add1 ; //callbase
Address2:=P^.add2 ; //Tabxg
asm
pushad
mov eax, Address1
mov eax,dword ptr ds:[eax] //mov eax,dword ptr ds:[callbase]
mov eax,dword ptr ds:[eax+$1c]
mov eax,dword ptr ds:[eax+$28]
mov ecx, eax;
push 0
mov edx, Address2
call edx //call Tabxg
popad
end;
end;
procedure CallUnChooseGW(p:NomalCallParam);stdcall //取消选怪call unchoosexg
var
Address1:DWORD;
begin
Address1:=P^.add1 ; //unchoosexg
asm
pushad
mov edx, Address1
call edx //call unchoosexg
popad
end;
end;
procedure CallRetCity(p:NomalCallParam);stdcall; //死亡回城call
var
Address1:DWORD;
begin
Address1:=P^.add1 ; //swhc
asm
pushad
mov edx, Address1
call edx //call swhc
popad
end;
end;
procedure CallCloseNPC(p:NomalCallParam);stdcall; //关闭NPC call
var
Address1,Address2,Address3:DWORD;
begin
Address1:=P^.add1 ; //qxnpcpush
Address2:=P^.add2 ; //callbase
Address3:=P^.add3 ; //qxnpc
asm
pushad
mov eax, Address1
push eax //push qxnpcpush
mov esi, Address2
mov esi, dword ptr [esi] //mov esi, dword ptr [callbase]
mov esi, dword ptr [esi+$1c]
mov esi, dword ptr [esi+$4]
mov esi, dword ptr [esi+$8]
mov esi, dword ptr [esi+$14]
mov ecx, esi //对话框地址
mov edx, Address3
call edx //call qxnpc
popad
end;
end;
procedure CallOpenStore(p:NomalCallParam);stdcall; //打开仓库call
var
Address1,Address2:DWORD;
begin
Address1:=P^.add1 ; //dkckpush
Address2:=P^.add2 ; //dkck
asm
pushad
push 0
mov eax, Address1
push eax //push dkckpush
mov edx, Address2
call edx //call dkck
add esp,8
popad
end;
end;
//******************************* 不带参call 原形 *******************************//
//******************************* 带参call 原形 *******************************//
procedure CallSelmonFromID(p: PGetGwCallParam);stdcall; //ID选怪call callbase idxg
var
gid,Address1,Address2: DWORD;
begin
gid := p^.xgid;
Address1:=p^.add1; //callbase
Address2:=p^.add2; //idxg
asm
pushad
mov esi, gid
push esi
mov eax, Address1
mov eax, dword ptr [eax] //mov eax, dword ptr [callbase]
mov ecx, dword ptr [eax+$20]
add ecx,$D4
mov edx, Address2
call edx //call idxg
popad;
end;
end;
procedure CallSkill(p: PGetRwJNParam);stdcall; //使用技能call callbase syjn
var
skillid,Address1,Address2: dword;
begin
skillid := p^.sid;
Address1:= p^.add1; //callbase
Address2:= p^.add2; //syjn
asm
pushad
mov eax, skillid
mov ecx, Address1
mov ecx, dword ptr [ecx] //mov ecx, dword ptr [callbase]
mov ecx, dword ptr [ecx + $1C]
mov ecx, dword ptr [ecx + $28]
push -1
push 0
push 0
push eax
mov edx, Address2
call edx //call syjn
popad;
end;
end;
procedure CallPickMatter(p: PPickCallParam);stdcall; //捡物call callbase jqwp
var
id,xtbh,Address1,Address2: DWORD;
begin
id := p^.wpid;
xtbh := p^.xtid;
Address1:= p^.add1; //callbase
Address2:= p^.add2; //jqwp
asm
pushad
mov ecx, Address1
mov ecx, dword ptr [ecx] //mov ecx, dword ptr [callbase]
mov edx, id
push edx
mov ecx, dword ptr [ecx+$20]
mov eax, xtbh
push eax
add ecx, $D4
mov edx, Address2
call edx //call jqwp
popad
end;
end;
procedure CallUseMatter(p: UsewpCallParam);stdcall; //使用物品call callbase sywp
var
id,pos,Address1,Address2: DWORD;
begin
id := p^.wpid;
pos := p^.wppos;
Address1:= p^.add1; //callbase
Address2:= p^.add2; //sywp
asm
pushad
mov edx, id
mov eax, pos
push 1
push edx
push eax
push 0
mov esi,Address1
mov esi,dword ptr [esi] //mov esi,dword ptr [callbase]
mov esi,dword ptr [esi+$20]
lea ecx,dword ptr [esi+$d4]
mov ebx, Address2
call ebx //call sywp
popad
end;
end;
procedure CallAutoWalk(p: Autogo);stdcall; //自动寻路call Baseadr AutogoPush AutogoMove AutogoCall
var
gox,goy,goz:Single;
Address1,Address2,Address3,Address4: DWORD;
begin
gox:=p^.x;
goy:=p^.y;
goz:=p^.z;
Address1:=p^.add1; //Baseadr
Address2:=p^.add2; //AutogoPush
Address3:=p^.add3; //AutogoMove
Address4:=p^.add4; //AutogoCall
try
asm
pushad
mov eax, Address1
mov eax, [eax] //Baseadr
mov eax, [eax+$8]
mov eax, [eax+$88]
push 1
push eax //地图代码
mov eax, gox
mov ebx, Address2
mov [ebx], eax //AutogoPush
mov eax, goz
mov [ebx+4], eax //AutogoPush+4
mov eax, goy
mov [ebx+8], eax //AutogoPush+8
mov eax, Address1
mov eax, dword ptr [eax] //Baseadr
mov eax, dword ptr [eax+$28]
lea eax, dword ptr [eax+$3c]
push ebx //AutogoPush
push eax
mov ecx, Address3 //AutogoMove
mov ebx, Address4 //AutogoCall
call ebx //AutogoCall
popad
end;
except
exit;
end;
end;
procedure CallUseMatterBB(p : useBBWpCallParam);stdcall; //喂BBcall sybbw
var
cwid,wpgs : DWORD;
Address1: DWORD;
begin
cwid := P^.bbid;
wpgs := P^.bbwpgs;
Address1:=P^.add1;
asm
pushad
mov edx,dword ptr [wpgs]
lea ecx,dword ptr [cwid]
push ecx
push edx
mov ecx,ebp
mov ebx, Address1 //sybbw
call ebx //sybbw
popad
end;
end;
procedure CallOpenNPC(p: OpenNPCCallParam);stdcall; //激活NPC call callbase jhnpc
var
ID : DWORD;
Address1,Address2: DWORD;
begin
ID := P^.selnpcid;
Address1:=p^.add1; //callbase
Address2:=p^.add2; //jhnpc
asm
pushad
mov edx, Address1
mov edx, dword ptr [edx] //mov edx, dword ptr [callbase]
push ID
mov ecx, dword ptr [edx+$20]
add ecx, $d4
mov ebx, Address2 //jhnpc
call ebx //jhnpc
popad
end;
end;
procedure CallBuyThing(p: BuyThingCallParam);stdcall; //买物call gmwp
var
Address1: DWORD;
begin
Address1:=p^.add1; //gmwp
asm
pushad
mov eax,P
push eax
push 1
mov ebx, Address1 //gmwp
call ebx
add esp, $8
popad
end;
end;
procedure CallSaleThing(p: sellThingCallParam);stdcall; //卖物call cswp
var
Address1: DWORD;
begin
Address1:=p^.add1; //cswp
asm
pushad
mov eax,p //压入数据结构
push eax
push 1 //出售组数
mov ebx, Address1 //cswp
call ebx
add esp, $8
popad
end;
end;
//******************************* 带参call 原形 *******************************//
//*************************** 注入函数 *****************************************************//
procedure InjectFunc(InHWND: HWND; Func: Pointer; Param: Pointer; ParamSize: DWORD);stdcall; //远程注入
var
hThread: THandle;
lpNumberOfBytes: DWORD;
begin
if (InProcessID<>0) and (InHWND<>0) then
begin
//申请注入空间
ThreadAdd:= VirtualAllocEx(InProcessID, nil, 2048, MEM_COMMIT, PAGE_READWRITE); //申请写入代码空间
ParamAdd := VirtualAllocEx(InProcessID, nil, 80, MEM_COMMIT, PAGE_READWRITE); //申请写入代码参数空间
WriteProcessMemory(InProcessID, ThreadAdd, Func, 2048, lpNumberOfBytes); //写入函数地址
WriteProcessMemory(InProcessID, ParamAdd, Param, ParamSize, lpNumberOfBytes); //写入参数地址
hThread:= CreateRemoteThread(InProcessID, nil, 0, ThreadAdd, ParamAdd, 0, lpNumberOfBytes); //创建远程线程
WaitForSingleObject(hThread, INFINITE); //等待线程执行
CloseHandle(hThread); //关闭线程
//释放注入空间
VirtualFreeEx(InProcessID, ThreadAdd, 2048, MEM_RELEASE); //释放申请的地址
VirtualFreeEx(InProcessID, ParamAdd, 80, MEM_RELEASE);
end;
end;
//*************************** 注入函数 *****************************************************//
//*************************** 所有不带参call 引用 *******************************//
procedure BaseCall(GameHwnd:DWORD;Action:DWORD);stdcall;
var
CallParam:TNomalCallParam;
begin
if GameHwnd <> 0 then
begin
if Action = 0 then //普通***call pAttack
begin
CallParam.add1:=pAttack;
InjectFunc(GameHwnd,@CallAttack,@CallParam,SizeOf(CallParam));
end;
if Action = 1 then //打坐call dazuo
begin
CallParam.add1:=dazuo;
InjectFunc(GameHwnd,@CallMeditation,@CallParam,SizeOf(CallParam));
end;
if Action = 2 then //停止打坐call undazuo
begin
CallParam.add1:=undazuo;
InjectFunc(GameHwnd,@CallUnMeditation,@CallParam,SizeOf(CallParam));
end;
if Action = 3 then //Tab选怪call callbase Tabxg
begin
CallParam.add1:=callbase;
CallParam.add2:=Tabxg;
InjectFunc(GameHwnd,@CallTab,@CallParam,SizeOf(CallParam));
end;
if Action = 4 then //取消选怪call unchoosexg
begin
CallParam.add1:=unchoosexg;
InjectFunc(GameHwnd,@CallUnChooseGW,@CallParam,SizeOf(CallParam));
end;
if Action = 5 then //死亡回城
begin
CallParam.add1:=swhc;
InjectFunc(GameHwnd,@CallRetCity,@CallParam,SizeOf(CallParam));
end;
if Action = 6 then //关闭NPC
begin
CallParam.add1:=qxnpcpush;
CallParam.add2:=callbase;
CallParam.add3:=qxnpc;
InjectFunc(GameHwnd,@CallCloseNPC,@CallParam,SizeOf(CallParam));
end;
if Action = 7 then //打开仓库
begin
CallParam.add1:=dkckpush;
CallParam.add2:=dkck;
InjectFunc(GameHwnd,@CallOpenStore,@CallParam,SizeOf(CallParam));
end;
end;
end;
//*************************** 所有不带参call 引用 *******************************//
//******************************* 带参call 引用 *******************************//
procedure SkillCall(GameHwnd:DWORD;skillid:DWORD);stdcall; //使用技能call callbase syjn
var
CallParam:TPGetRwJNParam;
begin
if GameHwnd <> 0 then
begin
CallParam.sid := skillid;
CallParam.add1:= callbase;
CallParam.add2:= syjn;
InjectFunc(GameHwnd,@CallSkill,@CallParam,SizeOf(CallParam));
end;
end;
procedure SelmonFromIDCall(GameHwnd:DWORD;id:DWORD);stdcall; //ID选怪call callbase idxg
var
CallParam:TPGetGwCallParam;
begin
if GameHwnd <> 0 then
begin
CallParam.xgid:= id;
CallParam.add1:= callbase;
CallParam.add2:= idxg;
InjectFunc(GameHwnd,@CallSelmonFromID,@CallParam,SizeOf(CallParam));
end;
end;
procedure PickMatterCall(GameHwnd:DWORD;id:DWORD;pos:DWORD);stdcall; //捡物call callbase jqwp
var
CallParam:TPPickCallParam;
begin
if GameHwnd <> 0 then
begin
CallParam.wpid := id;
CallParam.xtid := pos;
CallParam.add1 := callbase;
CallParam.add2 := jqwp;
InjectFunc(GameHwnd,@CallPickMatter,@CallParam,SizeOf(CallParam));
end;
end;
procedure UseMatterCall(GameHwnd:DWORD;id:DWORD;pos:DWORD);stdcall; //使用物品call callbase sywp
var
CallParam:TUsewpCallParam;
begin
if GameHwnd <> 0 then
begin
CallParam.wpid := id;
CallParam.wppos := pos;
CallParam.add1 := callbase;
CallParam.add2 := sywp;
InjectFunc(GameHwnd,@CallUseMatter,@CallParam,SizeOf(CallParam));
end;
end;
procedure AutoWalkCall(GameHwnd:DWORD;x:single;y:single;z:single);stdcall; //自动寻路call Baseadr AutogoPush AutogoMove AutogoCall
var
CallParam:TAutogo;
begin
if GameHwnd <> 0 then
begin
CallParam.x := x;
CallParam.y := y;
CallParam.z := z;
CallParam.add1:=Baseadr;
CallParam.add2:=AutogoPush;
CallParam.add3:=AutogoMove;
CallParam.add4:=AutogoCall;
InjectFunc(GameHwnd,@CallAutoWalk,@CallParam,SizeOf(CallParam));
end;
end;
procedure UseMatterBBCall(GameHwnd:DWORD;id:DWORD;pos:DWORD);stdcall; //喂BBcall sybbw
var
CallParam:TUseBBWpCallParam;
begin
if GameHwnd <> 0 then
begin
CallParam.bbid := id;
CallParam.bbwpgs := pos;
CallParam.add1 :=sybbw;
InjectFunc(GameHwnd,@CallUseMatterBB,@CallParam,SizeOf(CallParam));
end;
end;
procedure ActiveNpcCall(GameHwnd:DWORD;id:DWORD);stdcall; //激活NPC call callbase jhnpc
var
CallParam:TOpenNPCCallParam;
begin
if GameHwnd <> 0 then
begin
CallParam.selnpcid := id;
CallParam.add1 :=callbase;
CallParam.add2 :=jhnpc;
InjectFunc(GameHwnd,@CallOpenNPC,@CallParam,SizeOf(CallParam));
end;
end;
procedure BuyCall(GameHwnd:DWORD;id:DWORD;pos:DWORD;num:DWORD);stdcall; //买物call gmwp
var
CallParam:TBuyThingCallParam;
begin
if GameHwnd <> 0 then
begin
CallParam.mwid := id;
CallParam.mwgs := pos;
CallParam.mwsl := num;
CallParam.add1 := gmwp;
InjectFunc(GameHwnd,@CallBuyThing,@CallParam,SizeOf(CallParam));
end;
end;
procedure SaleCall(GameHwnd:DWORD;id:DWORD;pos:DWORD;num:DWORD);stdcall; //卖物call cswp
var
CallParam:TSellThingCallParam;
begin
if GameHwnd <> 0 then
begin
CallParam.mcwid := id;
CallParam.mcwgs := pos;
CallParam.mcwsl := num;
CallParam.add1 := cswp;
InjectFunc(GameHwnd,@CallSaleThing,@CallParam,SizeOf(CallParam));
end;
end;
//******************************* 带参call 引用 *******************************//
//*********************** 游戏内CALL过程实现 *******************************//
procedure TWgForm.GuaJieClick(Sender: TObject); //挂接游戏
var
ProcID: HWND;
offic:dword; //偏移
Num: Cardinal; //占位,用于打开进程内存
Utext:array[0..16] of WideChar;
rwname:string;
begin
Ghwnd:=findwindow(nil,pchar('口袋西游'));
if Ghwnd=0 then
begin
Ghwnd:=findwindow(nil,pchar('剑不枫流'));
end;
if Ghwnd>0 then
begin
GetWindowThreadProcessId(Ghwnd,@ProcID); //取得窗口相应进程ID
InProcessID:=OpenProcess(PROCESS_ALL_ACCESS, False, ProcID); //进程句柄
GuaJie.Enabled :=false;
ZtTime.Enabled :=True;
end;
end;
procedure TWgForm.ZtTimeTimer(Sender: TObject); //检测当前人物状态
var
offic:dword; //偏移
rwz1,rwz2:DWORD;
rwzx,rwzy:single;
Num: Cardinal; //占位,用于打开进程内存
begin
ZtTime.Enabled :=false;
if InProcessID>0 then
begin
//rw
ReadProcessMemory(InProcessID, Pointer(Baseadr), @offic, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$28), @offic, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$278), @rwz1, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$2B0), @rwz2, 4, Num);
rwhp.Caption :=inttostr(rwz1)+'/'+inttostr(rwz2);
ReadProcessMemory(InProcessID, Pointer(offic+$27C), @rwz1, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$2B4), @rwz2, 4, Num);
rwmp.Caption :=inttostr(rwz1)+'/'+inttostr(rwz2);
ReadProcessMemory(InProcessID, Pointer(offic+$270), @rwz1, 4, Num);
live.Caption :=inttostr(rwz1);
ReadProcessMemory(InProcessID, Pointer(offic+$348), @rwz1, 4, Num);
money.Caption :=inttostr(rwz1);
ReadProcessMemory(InProcessID, Pointer(offic+$498), @rwzx, 4, Num);
rwzbx.Caption :=IntToStr(trunc(rwzx));
ReadProcessMemory(InProcessID, Pointer(offic+$4A0), @rwzy, 4, Num);
rwzby.Caption :=inttostr(trunc(rwzy));
end;
ZtTime.Enabled :=true;
end;
//**************************** 定点挂机实现部分 **********************************//
procedure TWgForm.GjTimeTimer(Sender: TObject);
var
RwCuHp,RwMaxHp,RwCuMp,RwMaxMp:DWORD;
offic:DWORD; //偏移
RwPoint:DWORD; //人物状态
XgPoint:DWORD; //选怪状态
rwzx,rwzy:single;
gjx,gjy,gjl:integer;
Num: Cardinal; //占位,用于打开进程内存
lnum1,lnum2,BaoID,BaoPos,BaoNum:integer;
BaoStr:string;
BugBase,BugArrayCount,BugArrayBase,BugDestPoint,BugNumCount:DWORD;
BugXue,BugMaxXue:DWORD;
BugNameBase:DWORD;
BugLeave:DWORD;
Utext:array[0..16] of WideChar;
BugName:string;
begin
GjTime.Enabled :=false; //进入循环后暂停计时
if InProcessID>0 then
begin
//rw
ReadProcessMemory(InProcessID, Pointer(Baseadr), @offic, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$28), @offic, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$278), @RwCuHp, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$2B0), @RwMaxHp, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$27C), @RwCuMp, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$2B4), @RwMaxMp, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$498), @rwzx, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$4A0), @rwzy, 4, Num);
//人物状态
ReadProcessMemory(InProcessID, Pointer(offic+$A00), @RwPoint, 4, Num);
ReadProcessMemory(InProcessID, Pointer(RwPoint+$14), @RwPoint, 4, Num);
ReadProcessMemory(InProcessID, Pointer(RwPoint+$4), @RwPoint, 4, Num);
//是否选中怪物
ReadProcessMemory(InProcessID, Pointer(offic+$8D8), @XgPoint, 4, Num);
if DzStop or (HcStop<>3) then
begin
XgPoint:=0;
end;
if (XgPoint=0) then //未选中怪时
begin
//memo1.Lines.Add('未选中怪');
if DzStop then //打坐状态
begin
if (RwCuHp=RwMaxHp) and (RwCuMp=RwMaxMp) then
begin
DzStop:=false;
BaseCall(Ghwnd,2); //取消打坐
Sleep(500);
end;
end
else //非打坐状态
begin
if ((RwCuHp/RwMaxHp) begin
if (HPact='打坐') then
begin
DzStop:=true;
BaseCall(Ghwnd,1); //打坐
Sleep(500);
end
else
begin
BaoStr:=SearchBao(HPact,1);//扫苗红药,找到就吃,少就回城
if BaoStr<>'' then
begin
lnum1:=AnsiPos(',', BaoStr);
lnum2:=length(BaoStr);
BaoId:=StrToInt(leftstr(BaoStr,lnum1-1));
BaoStr:=rightstr(BaoStr,lnum2-lnum1);
lnum1:=AnsiPos(',', BaoStr);
lnum2:=length(BaoStr);
BaoPos:=StrToInt(leftstr(BaoStr,lnum1-1));
BaoNum:=StrToInt(rightstr(BaoStr,lnum2-lnum1));
end
else
begin
BaoId:=0;
BaoPos:=0;
BaoNum:=0;
end;
if (BaoNum=0) and (SyRcity='是') then
begin
AutoWalkCall(Ghwnd,CKNPCx,CKNPCy,CKNPCz); //回城存仓库,买药
HcStop:=1; //回城
memo1.Lines.Add('少药回城');
end
else
begin
UseMatterCall(Ghwnd,BaoId,BaoPos); //吃药
Sleep(200);
end;
end;
end
else if ((RwCuMp/RwMaxMp) begin
if (MPact='打坐') then
begin
DzStop:=true;
BaseCall(Ghwnd,1); //打坐
Sleep(500);
end
else
begin
BaoStr:=SearchBao(MPact,1);//扫苗蓝药,找到就吃,少就回城
if BaoStr<>'' then
begin
lnum1:=AnsiPos(',', BaoStr);
lnum2:=length(BaoStr);
BaoId:=StrToInt(leftstr(BaoStr,lnum1-1));
BaoStr:=rightstr(BaoStr,lnum2-lnum1);
lnum1:=AnsiPos(',', BaoStr);
lnum2:=length(BaoStr);
BaoPos:=StrToInt(leftstr(BaoStr,lnum1-1));
BaoNum:=StrToInt(rightstr(BaoStr,lnum2-lnum1));
end
else
begin
BaoId:=0;
BaoPos:=0;
BaoNum:=0;
end;
if (BaoNum=0) and (SyRcity='是') then
begin
AutoWalkCall(Ghwnd,CKNPCx,CKNPCy,CKNPCz); //回城存仓库,买药
HcStop:=1; //回城
memo1.Lines.Add('少药回城');
end
else
begin
UseMatterCall(Ghwnd,BaoId,BaoPos); //吃药
Sleep(200);
end;
end;
end;
if HcStop=0 then //启动挂后检测是回城还是去挂机
begin
gjx:=trunc(rwzx-RwGjx);
gjy:=trunc(rwzy-RwGjy);
gjl:=trunc(sqrt(gjx*gjx+gjy*gjy)); //计算挂机点距离
if (gjl>30) then //如果超出挂机范围
begin
AutoWalkCall(Ghwnd,CKNPCx,CKNPCy,CKNPCz); //回城存仓库
sleep(1000);
HcStop:=1;
memo1.Lines.Add('启动检测回城');
end
else
begin
AutoWalkCall(Ghwnd,RwGjx,RwGjy,RwGjz); //返回挂机点
sleep(1000);
HcStop:=2;
memo1.Lines.Add('启动检测挂机');
end;
end;
if HcStop=1 then //回城买卖途中
begin
if DqNPC=0 then
begin
DqNPC:=1;
end;
if DqNPC=1 then //回城存仓库
begin
gjx:=trunc(rwzx-CKNPCx);
gjy:=trunc(rwzy-CKNPCy);
gjl:=trunc(sqrt(gjx*gjx+gjy*gjy)); //计算挂机点距离
if (gjl<3) then //到达NPC仓库
begin
if FlashBug('仓库',3) then //打开NPC仓库
begin
//ReCityMat(CKNPCx,CKNPCy,CKNPCz); //开始存物,不好意思,暂时还没实现,有实现的朋友告诉下
sleep(2000);
memo1.Lines.Add('打开仓库');
BaseCall(Ghwnd,6); //关闭NPC
sleep(500);
memo1.Lines.Add('关闭NPC');
end;
AutoWalkCall(Ghwnd,BuyNPCx,BuyNPCy,BuyNPCz); //自动寻径到NPC药师
sleep(1000);
DqNPC:=2; //切换到下一个NPC
end;
end;
if DqNPC=2 then //回城买药
begin
gjx:=trunc(rwzx-BuyNPCx);
gjy:=trunc(rwzy-BuyNPCy);
gjl:=trunc(sqrt(gjx*gjx+gjy*gjy)); //计算挂机点距离
if (gjl<3) then //到达NPC
begin
if FlashBug('药师',3) then //打开NPC药师
begin
memo1.Lines.Add('打开NPC药师');
sleep(1000);
SearchBao('',2); //开始卖物
sleep(1000);
memo1.Lines.Add('开始卖物');
ReCityBuy(HPact,BuyHPsl); //开始买红
sleep(1000);
memo1.Lines.Add('开始买红');
ReCityBuy(MPact,BuyMPsl); //开始买蓝
sleep(1000);
memo1.Lines.Add('开始买蓝');
BaseCall(Ghwnd,6); //关闭NPC
memo1.Lines.Add('关闭NPC');
end;
AutoWalkCall(Ghwnd,RwGjx,RwGjy,RwGjz); //返回挂机点
sleep(1000);
DqNPC:=0; //切换到下一个NPC
HcStop:=2; //切换到回挂机点状态
memo1.Lines.Add('买药结束回挂机点');
end;
end;
if DqNPC=3 then
begin
//ReCityMil(); //邮寄
AutoWalkCall(Ghwnd,RwGjx,RwGjy,RwGjz); //返回挂机点
sleep(1000);
DqNPC:=0; //切换到下一个NPC
HcStop:=2; //切换到回挂机点状态
end;
end;
if HcStop=2 then //回挂机点途中
begin
gjx:=trunc(rwzx-RwGjx);
gjy:=trunc(rwzy-RwGjy);
gjl:=trunc(sqrt(gjx*gjx+gjy*gjy)); //计算挂机点距离
if (gjl<5) then //进入挂机点
begin
HcStop:=3; //切换到挂机状态
end;
end;
if HcStop=3 then //开始挂机
begin
if (oldxg=1) then //如果前次选了怪,表示刚打完一个怪
begin
FlashWp(2); //扫描地面物品 ,捡物
oldxg:=0;
if (SearchBao('',3)='1') then //判断包裹是否满
begin
AutoWalkCall(Ghwnd,CKNPCx,CKNPCy,CKNPCz); //回城存仓库,买药
sleep(1000);
HcStop:=1; //回城
memo1.Lines.Add('包裹满回城');
end
else
begin
gjx:=trunc(rwzx-RwGjx);
gjy:=trunc(rwzy-RwGjy);
gjl:=trunc(sqrt(gjx*gjx+gjy*gjy)); //计算挂机点距离
if (gjl>RwGjL) then //如果超出挂机范围
begin
AutoWalkCall(Ghwnd,RwGjx,RwGjy,RwGjz); //返回挂机点
HcStop:=2; //切换到走路状态
end;
end;
end //前面未选过怪,进入选怪
else
begin
FlashBug('',1); //刷新怪,选最近的怪,将oldxg:=1;
end;
end;
end; //非打坐状态处理结束
end //未选中怪状态处理结束
else //如果选中了怪
begin
if (HitType='普通***') then
begin
BaseCall(Ghwnd,0); //普通***call
end
else
begin
SkillCall(Ghwnd,SearchJnID(HitType,1)); //技能***
sleep(500);
end;
end;
end;
//label8.Caption :='挂机状态:'+inttostr(HcStop)+';人物状态:'+inttostr(RwPoint);
GjTime.Enabled :=true;
end;
procedure TWgForm.ReadStupINI();
begin
//***************** 从配置文件中读取各基址 ****************************************************
Baseadr:=StrToInt(readinifile(AppPath+'setup.ini','basic','基址')); //游戏基地址
callbase:=StrToInt(readinifile(AppPath+'setup.ini','basic','CALL基址')); //call 地址
Question:=StrToInt(readinifile(AppPath+'setup.ini','basic','星星地址')); //call 地址
AutogoCall:=StrToInt(readinifile(AppPath+'setup.ini','basic','自动寻径CALL')); //自动寻路 428D00
AutogoPush:=StrToInt(readinifile(AppPath+'setup.ini','basic','自动寻径PUSH')); //PUSH
AutogoMove:=StrToInt(readinifile(AppPath+'setup.ini','basic','自动寻径MOVE')); //MOV 地址
dazuo:=StrToInt(readinifile(AppPath+'setup.ini','basic','开始打坐')); //打坐
undazuo:=StrToInt(readinifile(AppPath+'setup.ini','basic','取消打坐')); //取消打坐
Tabxg:=StrToInt(readinifile(AppPath+'setup.ini','basic','TAB')); //tab选怪
unchoosexg:=StrToInt(readinifile(AppPath+'setup.ini','basic','基址')); //取消选怪
idxg:=StrToInt(readinifile(AppPath+'setup.ini','basic','ID选怪')); //ID选怪 5921E0
pAttack:=StrToInt(readinifile(AppPath+'setup.ini','basic','普通***')); //普通***
jqwp:=StrToInt(readinifile(AppPath+'setup.ini','basic','拾取物品')); //捡东西
syjn:=StrToInt(readinifile(AppPath+'setup.ini','basic','使用技能')); //使用技能
sywp:=StrToInt(readinifile(AppPath+'setup.ini','basic','使用物品')); //使用物品
sybbw:=StrToInt(readinifile(AppPath+'setup.ini','basic','喂宠call')); //使用BB物品call
swhc:=StrToInt(readinifile(AppPath+'setup.ini','basic','死亡回城')); //死亡回城
jhnpc:=StrToInt(readinifile(AppPath+'setup.ini','basic','激活NPC')); //激活NPC 592320
qxnpc:=StrToInt(readinifile(AppPath+'setup.ini','basic','关闭NPC_CALL')); //取消NPC
qxnpcpush:=StrToInt(readinifile(AppPath+'setup.ini','basic','关闭NPC_PUSH')); //取消NPC push
gmwp:=StrToInt(readinifile(AppPath+'setup.ini','basic','购买物品')); //购买物品
cswp:=StrToInt(readinifile(AppPath+'setup.ini','basic','贩卖物品')); //出售物品
dkck:=StrToInt(readinifile(AppPath+'setup.ini','basic','开启仓库CALL')); //打开仓库
dkckpush:=StrToInt(readinifile(AppPath+'setup.ini','basic','开启仓库PUSH')); //打开仓库push
bcwp:=StrToInt(readinifile(AppPath+'setup.ini','basic','保存物品')); //保存物品
//为使用动态调用地址,需在调用原形中使用参数传递地址,并通过寄存器中转地址,因此,所用调用都要带参数
//***************** 从配置文件中读取挂机设置 ****************************************************
RwGjx:=StrToInt(readinifile(AppPath+'setup.ini','1','挂机X'));
RwGjy:=StrToInt(readinifile(AppPath+'setup.ini','1','挂机Y'));
RwGjz:=StrToInt(readinifile(AppPath+'setup.ini','1','挂机Z'));
RwGjL:=StrToInt(readinifile(AppPath+'setup.ini','1','挂机范围'));
BuyNPCx:=StrToInt(readinifile(AppPath+'setup.ini','1','买药X'));
BuyNPCy:=StrToInt(readinifile(AppPath+'setup.ini','1','买药Y'));
BuyNPCz:=StrToInt(readinifile(AppPath+'setup.ini','1','买药Z'));
CKNPCx:=StrToInt(readinifile(AppPath+'setup.ini','1','仓库X'));
CKNPCy:=StrToInt(readinifile(AppPath+'setup.ini','1','仓库Y'));
CKNPCz:=StrToInt(readinifile(AppPath+'setup.ini','1','仓库Z'));
HPscal:=StrToFloat(readinifile(AppPath+'setup.ini','1','红比例'));
MPscal:=StrToFloat(readinifile(AppPath+'setup.ini','1','蓝比例'));
HPact:=trim(readinifile(AppPath+'setup.ini','1','红处理'));
MPact:=trim(readinifile(AppPath+'setup.ini','1','蓝处理'));
HitType:=trim(readinifile(AppPath+'setup.ini','1','***方式'));
BmRcity:=trim(readinifile(AppPath+'setup.ini','1','包满回城'));
SyRcity:=trim(readinifile(AppPath+'setup.ini','1','少药回城'));
DeRcity:=trim(readinifile(AppPath+'setup.ini','1','死亡回城'));
BuyHPmc:=trim(readinifile(AppPath+'setup.ini','1','买红药'));
BuyHPsl:=StrToInt(readinifile(AppPath+'setup.ini','1','买红数量'));
BuyMPmc:=trim(readinifile(AppPath+'setup.ini','1','买蓝药'));
BuyMPsl:=StrToInt(readinifile(AppPath+'setup.ini','1','买蓝数量'));
BlWpStr:=trim(readinifile(AppPath+'setup.ini','1','保留物品'));
GwFilet:=trim(readinifile(AppPath+'setup.ini','1','指定打怪'));
WpFilet:=trim(readinifile(AppPath+'setup.ini','1','过滤捡物'));
end;
procedure TWgForm.ReadINIClick(Sender: TObject); //重读配置按钮
begin
ReadStupINI();
end;
procedure TWgForm.Button6Click(Sender: TObject); //暂停
begin
GjTime.Enabled:=false;
//ZtTime.Enabled:=false;
end;
procedure TWgForm.Button7Click(Sender: TObject); //开始
begin
GjTime.Enabled:=true;
//ZtTime.Enabled:=true;
HcStop:=0;
end;
//****************************** 挂机所需数据检测 ******************************//
//同一功能尽量用同一模块完成
function TWgForm.FlashBug(GwName:string;RsType:integer):boolean; //查找地面怪物及NPC,GwName怪名,RsType执行类型
var //0=显示所有怪,1=最近怪,2=附近指定怪,3=打开指定NPC,
BugBase,BugArrayCount,BugArrayBase,BugDestPoint,BugNumCount:DWORD;
BugXue,BugMaxXue,BugType:DWORD;
BugX,BugY,BugDistance:single;
BugID,BugDis:integer;
BugNameBase:DWORD;
BugLeave:DWORD;
i:DWORD;
Num: Cardinal; //占位,用于打开进程内存
Utext:array[0..16] of WideChar;
BugStDis,BugStID:integer;
BugName,BugStName:string;
begin
BugStDis:=12; //初始距离
BugStID:=0;
if InProcessID>0 then
begin
//怪物结构体 rwz1:=[[[call基址+$1C]+$8]+$20]
ReadProcessMemory(InProcessID,pointer(Baseadr),@BugBase, 4, Num);//一级基址
ReadProcessMemory(InProcessID,pointer(BugBase+$8),@BugBase, 4, Num);//
ReadProcessMemory(InProcessID,pointer(BugBase+$20),@BugBase, 4, Num);//怪物结构体基址,即怪物数组对象ECX
ReadProcessMemory(InProcessID,pointer(BugBase+$14),@BugNumCount, 4, Num); //怪物数量
ReadProcessMemory(InProcessID,pointer(BugBase+$24),@BugArrayCount, 4, Num); //怪物数组最大值
ReadProcessMemory(InProcessID,pointer(BugBase+$18),@BugArrayBase, 4, Num); //怪物数组首地址
if (BugArrayCount>1000) or (BugArrayCount=0) then
begin
GjTime.Enabled :=false; //停止挂机计时
memo1.Lines.Clear; //清除列表
memo1.Lines.Add('怪物结构体发生变化,请重新查找基址') ;
result:=false;
exit;
end;
For i:= 0 to BugArrayCount-1 do
begin
ReadProcessMemory(InProcessID, Pointer(BugArrayBase+i*4),@BugDestPoint,4,Num);
if BugDestPoint>0 then
begin
Utext[0]:=' ';
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$4),@BugDestPoint, 4, Num);//选中怪物对象的指针
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$3c),@BugX, 4, Num);//怪X坐标***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$44),@BugY, 4, Num);//怪Y坐标***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$124),@BugID, 4, Num);//怪ID***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$128),@BugType, 4, Num);//怪物类型***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$130),@BugLeave, 4, Num);//怪等级***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$138),@BugXue, 4, Num);//怪物血***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$170),@BugMaxXue, 4, Num);//怪物最大血***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$284),@BugDistance, 4, Num);//人与怪物距离***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$260),@BugNameBase, 4, Num);//怪物名称地址***
ReadProcessMemory(InProcessID,pointer(BugNameBase),@Utext, 32, Num);//怪物名称***
BugDis:=Trunc(BugDistance); //BugLeave:=BugLeave-7000;
BugName:=Trim(string(Utext));
Case RsType of
0: //0=显示所有怪
begin
memo1.Lines.Add('怪物名称:'+string(Utext)); //BugName;
memo1.Lines.Add('怪物ID:'+IntToStr(BugID));
memo1.Lines.Add('怪物血:'+IntToStr(BugXue)+'/'+IntToStr(BugMaxXue));
memo1.Lines.Add('怪物坐标:'+IntToStr(trunc(BugX))+','+IntToStr(trunc(BugY)));
memo1.Lines.Add('怪物等级:'+IntToStr(BugLeave));
memo1.Lines.Add('怪物距离:'+IntToStr(BugDis));
memo1.Lines.Add('怪物类型:'+IntToStr(BugType));
BugStID:=0;
end;
1: //1=选最近怪
begin
if (BugLeave<>99) and (BugDis<12) then //过滤99级和远距离的怪
begin
if (BugDis begin
BugStDis:=BugDis;
BugStName:=BugName;
BugStID:=BugID; //循环后得出最近怪ID
end;
end;
end;
2: //2=附近指定怪
begin
if (BugLeave<>99) and (BugDis<12) then //过滤99级和远距离的怪
begin
if (BugDis0) then //过滤怪,选最近指定的怪
begin
BugStDis:=BugDis;
BugStName:=BugName;
BugStID:=BugID; //循环后得出最近怪ID
end;
end;
end;
3: //3=打开指定NPC,
begin
if (BugLeave=99) and (BugDis<10) then //过滤99级和远距离的怪
begin
if (AnsiPos(GwName, BugName)>0) then //查找指定NPC
begin
BugStID:=BugID;
break;
end;
end;
end;
else
end;
end;
end;
if (BugStID=0) then
begin
result:=false;
end
else
begin
if (RsType=3) then
begin
SelmonFromIDCall(Ghwnd,BugStID); //选中指定NPC
sleep(500);
ActiveNpcCall(Ghwnd,BugStID); //激活NPC
sleep(500);
result:=true;
end
else
begin
oldxg:=1; //表示选中了一个怪,用于判断是否打了怪
gwhp.Caption :=BugStName;
SelmonFromIDCall(Ghwnd,BugStID); //ID选怪call
result:=true;
end;
end;
end
else
begin
result:=false;
end;
end;
procedure TWgForm.FlashWp(RsType:integer); //查找地面物品,捡物,RsType执行类型
var //0=显示所有物品,1=捡指定物,2=不捡指定物
WpBase,WpArrayCount,WpArrayBase,WpDestPoint:DWORD;
WpType,WpNumCount:DWORD;
WpDistance:single;
WpID,WpXtID:DWORD;
WpNameBase:DWORD;
i:DWORD;
Num: Cardinal; //占位,用于打开进程内存
Utext:array[0..16] of WideChar;
WpName:string;
begin
if InProcessID>0 then
begin
//物品结构体 Wpz1:=[[[call基址+$1C]+$8]+$20]
ReadProcessMemory(InProcessID,pointer(Baseadr),@WpBase, 4, Num);//一级基址
ReadProcessMemory(InProcessID,pointer(WpBase+$8),@WpBase, 4, Num);//
ReadProcessMemory(InProcessID,pointer(WpBase+$24),@WpBase, 4, Num);//物品结构体基址,即物品数组对象ECX
ReadProcessMemory(InProcessID,pointer(WpBase+$14),@WpNumCount, 4, Num); //物品数量
ReadProcessMemory(InProcessID,pointer(WpBase+$24),@WpArrayCount, 4, Num); //物品数组最大值
ReadProcessMemory(InProcessID,pointer(WpBase+$18),@WpArrayBase, 4, Num); //物品数组首地址
if (WpArrayCount>1000) or (WpArrayCount=0) then
begin
GjTime.Enabled :=false; //停止挂机计时
memo1.Lines.Clear; //清除列表
memo1.Lines.Add('物品结构体发生变化,请重新查找基址') ;
exit;
end;
For i:= 0 to WpArrayCount-1 do
begin
ReadProcessMemory(InProcessID, Pointer(WpArrayBase+i*4),@WpDestPoint,4,Num);
if WpDestPoint>0 then
begin
Utext[0]:=' ';
ReadProcessMemory(InProcessID,pointer(WpDestPoint+$4),@WpDestPoint, 4, Num);//选中物品对象的指针
ReadProcessMemory(InProcessID,pointer(WpDestPoint+$10C),@WpXtID, 4, Num);//物品系统ID
ReadProcessMemory(InProcessID,pointer(WpDestPoint+$110),@WpID, 4, Num);//物品ID***
ReadProcessMemory(InProcessID,pointer(WpDestPoint+$150),@WpType, 4, Num);//物品类型
ReadProcessMemory(InProcessID,pointer(WpDestPoint+$158),@WpDistance, 4, Num);//人与物品距离
ReadProcessMemory(InProcessID,pointer(WpDestPoint+$168),@WpNameBase, 4, Num);//物品名称地址
ReadProcessMemory(InProcessID,pointer(WpNameBase),@Utext, 32, Num);//物品名称
WpName:=Trim(string(Utext));
Case RsType of
0: //0=显示所有物品,1=捡指定物,2=不捡指定物
begin
Memo1.Lines.Add('物品名称:'+string(Utext)); //WpName;
Memo1.Lines.Add('物品ID:'+IntToStr(WpID));
Memo1.Lines.Add('物品系统ID:'+IntToStr(WpXtID));
Memo1.Lines.Add('物品距离:'+IntToStr(trunc(WpDistance)));
Memo1.Lines.Add('物品类型:'+IntToStr(WpType));
end;
1: //0=显示所有物品,1=捡指定物,2=不捡指定物
begin
if (WpType=1) and (WpDistance<10) then //过滤物品 1=物品,2=矿产
begin
if (AnsiPos(WpName,WpFilet)>0) then
begin
PickMatterCall(Ghwnd,WpID,WpXtID);
sleep(100);
end;
end;
end;
2: //0=显示所有物品,1=捡指定物,2=不捡指定物
begin
if (WpType=1) and (WpDistance<10) then //过滤物品 1=物品,2=矿产
begin
if (AnsiPos(WpName,WpFilet)=0) then
begin
PickMatterCall(Ghwnd,WpID,WpXtID);
sleep(100);
end;
end;
end;
else
end;
end;
end;
end;
end;
function TWgForm.SearchJnID(JnName:string;RsType:integer):integer; //查找技能ID
var //0=显示所有技能,1=查找指定技能
JnBase,JnArrayBase,JnDestPoint:DWORD;
JnNumCount,JnNameBase:DWORD;
JnID:integer;
i:DWORD;
Num: Cardinal; //占位,用于打开进程内存
Utext:array[0..16] of WideChar;
NoFound:Boolean;
JnMc:string;
begin
if InProcessID>0 then
begin
NoFound:=true;
//技能结构体 Jnz1:=[[[call基址+$1C]+$8]+$20]
ReadProcessMemory(InProcessID,pointer(Baseadr),@JnBase, 4, Num);//一级基址
ReadProcessMemory(InProcessID,pointer(JnBase+$28),@JnBase, 4, Num);//技能结构体基址
ReadProcessMemory(InProcessID,pointer(JnBase+$A38),@JnNumCount, 4, Num); //技能数量
ReadProcessMemory(InProcessID,pointer(JnBase+$A34),@JnArrayBase, 4, Num); //技能数组首地址
if (JnNumCount>1000) or (JnNumCount=0) then
begin
GjTime.Enabled :=false; //停止挂机计时
memo1.Lines.Clear; //清除列表
memo1.Lines.Add('技能结构体发生变化,请重新查找基址') ;
result:=1;
exit;
end;
For i:= 0 to JnNumCount-1 do
begin
ReadProcessMemory(InProcessID, Pointer(JnArrayBase+i*4),@JnDestPoint,4,Num);
if JnDestPoint>0 then
begin
Utext[0]:=' ';
ReadProcessMemory(InProcessID,pointer(JnDestPoint+$4),@JnDestPoint, 4, Num);//技能基址指针
ReadProcessMemory(InProcessID,pointer(JnDestPoint+$4),@JnDestPoint, 4, Num);//技能基址指针
ReadProcessMemory(InProcessID,pointer(JnDestPoint+$4),@JnID, 4, Num);//技能ID
ReadProcessMemory(InProcessID,pointer(JnDestPoint+$C),@JnNameBase, 4, Num);//技能名称地址
ReadProcessMemory(InProcessID,pointer(JnNameBase),@Utext, 32, Num);//技能名称
JnMc:=trim(string(Utext));
Case RsType of
0: //0=显示所有技能,1=查找指定技能
begin
Memo1.Lines.Add('技能名称:'+string(Utext)); //JnName;
Memo1.Lines.Add('技能ID:'+IntToStr(JnID));
NoFound:=true;
end;
1: //0=显示所有技能,1=查找指定技能
begin
if (AnsiPos(JnName,JnMc)>0) then //查找技能
begin
NoFound:=false;
break;
end;
end;
else
end;
end;
end;
if NoFound then
begin
result:=1;
end
else
begin
result:=JnID;
end;
end
else
begin
result:=1;
end;
end;
function TWgForm.SearchBao(WpName:string;RsType:integer):string; //查找包裹物品
var //0=显示所有物品,1=查找指定物品(吃药),2=卖出包中物品,3=检查包裹满否
BugBase,BugArrayBase,BugDestPoint,BugNumCount:DWORD;
BugNum,BugMaxNum,BugType:DWORD;
BugID:integer;
BugNameBase,BugPy1,BugPy2:DWORD;
i:DWORD;
Num:Cardinal; //占位,用于打开进程内存
Utext:array[0..16] of WideChar;
NoFound:Boolean;
WpMc:string;
begin
NoFound:=true;
if InProcessID>0 then
begin
//包裹结构体 rwz1:=[[[call基址+$1C]+$8]+$20]
ReadProcessMemory(InProcessID,pointer(Baseadr),@BugBase, 4, Num);//一级基址
ReadProcessMemory(InProcessID,pointer(BugBase+$28),@BugBase, 4, Num);//
ReadProcessMemory(InProcessID,pointer(BugBase+$994),@BugBase, 4, Num);//包裹结构体基址,即怪物数组对象ECX
ReadProcessMemory(InProcessID,pointer(BugBase+$10),@BugNumCount, 4, Num); //包裹最大格数
ReadProcessMemory(InProcessID,pointer(BugBase+$C),@BugArrayBase, 4, Num); //包裹数组首地址
if (BugNumCount>200) or (BugNumCount=0) then
begin
GjTime.Enabled :=false; //停止挂机计时
memo1.Lines.Clear; //清除列表
memo1.Lines.Add('包裹结构体发生变化,请重新查找基址') ;
result:='';
exit;
end;
For i:= 0 to BugNumCount-1 do
begin
ReadProcessMemory(InProcessID, Pointer(BugArrayBase+i*4),@BugDestPoint,4,Num);
if BugDestPoint<>0 then
begin
Utext[0]:=' ';
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$8),@BugID, 4, Num);//物品ID***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$4),@BugType, 4, Num);//物品类型***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$14),@BugNum, 4, Num);//物品的数量
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$18),@BugMaxNum, 4, Num);//物品最大数量
if (BugType<=6) then
begin
BugPy1:=104;
BugPy2:=12;
end
else if (BugType<27) then
begin
BugPy1:=96;
BugPy2:=4;
end
else if (BugType<31) then
begin
BugPy1:=140;
BugPy2:=4;
end
else
begin
BugPy1:=96;
BugPy2:=4;
end;
ReadProcessMemory(InProcessID,pointer(BugDestPoint+BugPy1),@BugNameBase, 4, Num);//物品名称地址***
ReadProcessMemory(InProcessID,pointer(BugNameBase+BugPy2),@Utext, 32, Num);//物品名称***
WpMc:=trim(string(Utext));
Case RsType of
0: //0=显示所有物品,1=查找指定物品(吃药),2=卖出包中物品,3=检查包裹满否
begin
Memo1.Lines.Add('物品格子:'+IntToStr(i));
Memo1.Lines.Add('物品 ID :'+IntToStr(BugID));
Memo1.Lines.Add('物品名称:'+WpMc); //WpMc
NoFound:=true;
end;
1: //0=显示所有物品,1=查找指定物品(吃药),2=卖出包中物品,3=检查包裹满否
begin
if (AnsiPos(WpName,WpMc)>0) then //过滤
begin
NoFound:=false;
result:=IntToStr(BugID)+','+IntToStr(i)+','+IntToStr(BugNum);
break;
end;
end;
2: //0=显示所有物品,1=查找指定物品(吃药),2=卖出包中物品,3=检查包裹满否
begin
if (AnsiPos(WpMc, BlWpStr)=0) then //过滤,保留列表中的物品留下不卖
begin
SaleCall(Ghwnd,BugID,i,BugNum); //卖物CALL
sleep(200);
end;
NoFound:=false;
end;
else
end;
end
else
begin
if (RsType=3) then
begin
NoFound:=false; //有空格子,包未满
result:='0';
break;
end;
end;
end;
if NoFound then //无空格子,包满
begin
result:='1';
end;
end
else
begin
result:='2';
end;
end;
procedure TWgForm.ReCityBuy(WpName:string;WpNum:integer); //回城买物
var
WpID,WpPos:DWORD;
begin
if (WpName='活血丸') then
begin
WpID:=$04C2;
WpPos:=0;
end
else if (WpName='正心丸') then
begin
WpID:=$04C3;
WpPos:=1;
end
else if (WpName='五石散') then
begin
WpID:=$04CD;
WpPos:=6;
end
else if (WpName='甘露散') then
begin
WpID:=$04CE;
WpPos:=7;
end
else
begin
WpID:=0;
WpPos:=11;
end;
BuyCall(Ghwnd,WpID,WpPos,WpNum);
end;
end.
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms, IniFiles,
Dialogs, StdCtrls, ExtCtrls, SHELLAPI, StrUtils, Grids, ComCtrls, Math;
//*********************** 游戏功能内CALL部分类型定义 *****************************//
type
TNomalCallParam = packed record //通用参数,用于所有无参数调用传递地址
add1 : DWORD;
add2 : DWORD;
add3 : DWORD;
add4 : DWORD;
add5 : DWORD;
end;
NomalCallParam=^TNomalCallParam;
type
TPGetGwCallParam = packed record //ID选怪参数
xgid : Cardinal; //怪物ID
add1 : DWORD; //callbasc
add2 : DWORD; //idxg
end;
PGetGwCallParam=^TPGetGwCallParam ;
type
TPGetRwJNParam = packed record //使用技能
sid : DWORD; //技能ID
add1: DWORD; //callbase
add2: DWORD; //syjn
end;
PGetRwJNParam=^TPGetRwJNParam;
type
TPPickCallParam = packed record //ID捡物
wpid : Cardinal; //物品ID
xtid : Cardinal; //物品系统ID
add1: DWORD; //callbase
add2: DWORD; //jqwp
end;
PPickCallParam=^TPPickCallParam;
type
TUsewpCallParam = packed record //使用物品ID
wpid : Cardinal ; //物品ID
wppos: Cardinal ; //物品格数
add1: DWORD; //callbase
add2: DWORD; //sywp
end;
UsewpCallParam=^TUsewpCallParam;
type
TAutogo=packed record //自动寻路类
x:single; //x坐标
z:single; //y坐标
y:single; //z坐标
add1: DWORD; //Baseadr
add2: DWORD; //AutogoPush
add3: DWORD; //AutogoMove
add4: DWORD; //AutogoCall
end;
Autogo=^TAutogo; //自动寻路指针
type
TUseBBWpCallParam = packed record //喂宠物
bbid : Cardinal; //宝宝ID
bbwpgs : Cardinal; //宝宝物品格数
add1 : DWORD; //sybbw
end;
UseBBWpCallParam = ^TUseBBWpCallParam;
type
TOpenNPCCallParam = packed record //激活NPC
selnpcid : Cardinal; //NPC ID
add1: DWORD; //callbase
add2: DWORD; //jhnpc
end;
OpenNPCCallParam=^TOpenNPCCallParam;
type
TAnswerCallParam=packed record //答题
dtmid:DWORD; //
daid:DWORD; //
end;
AnswerCallParam=^TAnswerCallParam ;
type
TBuyThingCallParam = packed record //购买物品CALL
mwid : Cardinal; //物品ID
mwgs : Cardinal; //物品格数
mwsl : Cardinal; //物品数量
add1 : DWORD; //gmwp
end;
BuyThingCallParam=^TBuyThingCallParam;
type
TsellThingCallParam = packed record //出售物品CALL
mcwid : Cardinal; //物品ID
mcwgs : Cardinal; //物品格数
mcwsl : Cardinal; //物品数量
add1 : DWORD; //cswp
end;
sellThingCallParam=^TsellThingCallParam;
//*********************** 游戏功能内CALL部分类型定义 *****************************//
type
TWgForm = class(TForm)
rwhp: TLabel;
Label2: TLabel;
Label3: TLabel;
rwmp: TLabel;
Label4: TLabel;
live: TLabel;
Label5: TLabel;
money: TLabel;
Label6: TLabel;
rwzbx: TLabel;
Label7: TLabel;
rwzby: TLabel;
ZtTime: TTimer;
SearchCK: TButton;
SearchSD: TButton;
SearchGw: TButton;
SearchWp: TButton;
StarBut: TButton;
StrGridSpt: TStringGrid;
Label1: TLabel;
gwhp: TLabel;
SearchBg: TButton;
GjTime: TTimer;
Button7: TButton;
Button6: TButton;
GuaJie: TButton;
Button1: TButton;
ReadINI: TButton;
Label8: TLabel;
SearchJN: TButton; //保存变量
procedure StarButClick(Sender: TObject);
procedure FormCreate(Sender: TObject);
procedure OpenFileButClick(Sender: TObject);
procedure GuaJieClick(Sender: TObject);
procedure ZtTimeTimer(Sender: TObject);
procedure SearchCKClick(Sender: TObject);
procedure SearchGwClick(Sender: TObject);
procedure SearchWpClick(Sender: TObject);
procedure SearchSDClick(Sender: TObject);
procedure Button6Click(Sender: TObject);
procedure Button7Click(Sender: TObject);
procedure SearchBgClick(Sender: TObject);
procedure GjTimeTimer(Sender: TObject);
procedure Button1Click(Sender: TObject);
procedure ReadINIClick(Sender: TObject);
procedure SearchJNClick(Sender: TObject);
private
{ Private declarations }
function readInifile(fileName,section,Ident:string):string; //读配置文件
procedure writeInifile(const fileName,Section, Ident, Value: string); //写配置文件
procedure ReadStupINI(); //读取挂机设置
function FlashBug(GwName:string;RsType:integer):boolean; //查找地面怪物及NPC,GwName怪名,RsType执行类型
procedure FlashWp(RsType:integer); //查找地面物品,捡物,RsType执行类型
function SearchBao(WpName:string;RsType:integer):string; //查找包裹物品 //回城卖物
function SearchJnID(JnName:string;RsType:integer):integer; //查找技能ID
procedure ReCityBuy(WpName:string;WpNum:integer); //回城买物
public
{ Public declarations }
end;
var
//*********************** 人物挂机处理 *******************************************//
oldxg,DqNPC:integer; //判断前面是否在打怪
DzStop:boolean; //打坐时暂停打怪
HcStop:integer; //0=检测;1=回城;2=回挂机点;3=挂机
RwGjx,RwGjy,RwGjz,RwGjL:integer; //挂机点及范围
BuyNPCx,BuyNPCy,BuyNPCz:integer; //买药点
CKNPCx,CKNPCy,CKNPCz:integer; //仓库点
HPscal,MPscal:single; //生命保护处理
HPact,MPact:string; //生命保护处理
HitType:string; //打怪方式
BmRcity,SyRcity,DeRcity:string; //回城条件
BuyHPmc,BuyMPmc:string; //红蓝药名
BuyHPsl,BuyMPsl:integer; //红蓝数量
BlWpStr,GwFilet,WpFilet:string; //物品过滤
//*********************** 人物挂机处理 *******************************************//
//*********************** 游戏功能内CALL部分变量定义 *****************************//
hProcess_N: THandle;
ThreadAdd, ParamAdd: Pointer;
InProcessID: HWND;
Baseadr:DWORD; //$9851CC; 游戏基地址
callbase:DWORD; //$9816DC; call 地址
Question:DWORD; //$9816DC; 星星地址
AutogoCall:DWORD; //$42B2C0; 自动寻路 428D00
AutogoPush:DWORD; //$988220; PUSH
AutogoMove:DWORD; //$981688; MOV 地址
dazuo:DWORD; //$5DAE90; 打坐
undazuo:DWORD; //$5DAE50; 取消打坐
Tabxg:DWORD; //$461F30; tab选怪
unchoosexg:DWORD; //$5DAF70; 取消选怪
idxg:DWORD; //$5AE210; ID选怪 5921E0
pAttack:DWORD; //$5DA810; 普通***
jqwp:DWORD; //$5AE1A0; 捡东西
syjn:DWORD; //$468CE0; 使用技能
sywp:DWORD; //$5ADFD0; 使用物品
sybbw:DWORD; //$40FD40; 使用BB物品call
swhc:DWORD; //$5DAC30; 死亡回城
jhnpc:DWORD; //$5AE520; 激活NPC 592320
qxnpc:DWORD; //$6F6820; 取消NPC
qxnpcpush:DWORD; //$92D4C4; 取消NPC push
gmwp:DWORD; //$5DC160; 购买物品
cswp:DWORD; //$5DC1E0; 出售物品
dkck:DWORD; //$5DC660; 打开仓库
dkckpush:DWORD; //$981404; 打开仓库push
bcwp:DWORD; //$5DAAD0; 保存物品
//*********************** 游戏功能内CALL部分变量定义 *****************************//
implementation
{$R *.dfm}
procedure TWgForm.FormCreate(Sender: TObject);
begin
oldxg:=0; //未选怪
DzStop:=false; //非打坐状态
HcStop:=0; //默认为检测状态
DqNPC:=0; //未指定任何NPC
SptTime.Enabled := false;
ZtTime.Enabled := false;
Randomize;
AppPath := ExtractFilePath(Application.ExeName); //取得应用程序当前路径
ReadStupINI();
end;
function TWgForm.readInifile(fileName,section,Ident:string):string; //读配置文件,USES IniFiles
var
ini:tinifile;
begin
ini:=tinifile.Create(fileName);
result:=ini.ReadString(section,ident,'');
ini.Free;
end;
//******************************* 不带参call 原形 *******************************//
procedure CallAttack(p:NomalCallParam);stdcall; //普通***call pAttack
var
Address1:DWORD;
begin
Address1:=P^.add1 ; //pAttack
asm
pushad
mov edx, Address1
call edx //call pAttack
popad
end;
end;
procedure CallMeditation(p:NomalCallParam);stdcall; //打坐Call dazuo
var
Address1:DWORD;
begin
Address1:=P^.add1 ; //dazuo
asm
pushad
mov edx, Address1
call edx //call dazuo
popad
end;
end;
procedure CallUnMeditation(p:NomalCallParam);stdcall; //停止打坐call undazuo
var
Address1:DWORD;
begin
Address1:=P^.add1 ; //undazuo
asm
pushad
mov edx, Address1
call edx //call undazuo
popad
end;
end;
procedure CallTab(p:NomalCallParam);stdcall; //Tab选怪call callbase Tabxg
var
Address1,Address2:DWORD;
begin
Address1:=P^.add1 ; //callbase
Address2:=P^.add2 ; //Tabxg
asm
pushad
mov eax, Address1
mov eax,dword ptr ds:[eax] //mov eax,dword ptr ds:[callbase]
mov eax,dword ptr ds:[eax+$1c]
mov eax,dword ptr ds:[eax+$28]
mov ecx, eax;
push 0
mov edx, Address2
call edx //call Tabxg
popad
end;
end;
procedure CallUnChooseGW(p:NomalCallParam);stdcall //取消选怪call unchoosexg
var
Address1:DWORD;
begin
Address1:=P^.add1 ; //unchoosexg
asm
pushad
mov edx, Address1
call edx //call unchoosexg
popad
end;
end;
procedure CallRetCity(p:NomalCallParam);stdcall; //死亡回城call
var
Address1:DWORD;
begin
Address1:=P^.add1 ; //swhc
asm
pushad
mov edx, Address1
call edx //call swhc
popad
end;
end;
procedure CallCloseNPC(p:NomalCallParam);stdcall; //关闭NPC call
var
Address1,Address2,Address3:DWORD;
begin
Address1:=P^.add1 ; //qxnpcpush
Address2:=P^.add2 ; //callbase
Address3:=P^.add3 ; //qxnpc
asm
pushad
mov eax, Address1
push eax //push qxnpcpush
mov esi, Address2
mov esi, dword ptr [esi] //mov esi, dword ptr [callbase]
mov esi, dword ptr [esi+$1c]
mov esi, dword ptr [esi+$4]
mov esi, dword ptr [esi+$8]
mov esi, dword ptr [esi+$14]
mov ecx, esi //对话框地址
mov edx, Address3
call edx //call qxnpc
popad
end;
end;
procedure CallOpenStore(p:NomalCallParam);stdcall; //打开仓库call
var
Address1,Address2:DWORD;
begin
Address1:=P^.add1 ; //dkckpush
Address2:=P^.add2 ; //dkck
asm
pushad
push 0
mov eax, Address1
push eax //push dkckpush
mov edx, Address2
call edx //call dkck
add esp,8
popad
end;
end;
//******************************* 不带参call 原形 *******************************//
//******************************* 带参call 原形 *******************************//
procedure CallSelmonFromID(p: PGetGwCallParam);stdcall; //ID选怪call callbase idxg
var
gid,Address1,Address2: DWORD;
begin
gid := p^.xgid;
Address1:=p^.add1; //callbase
Address2:=p^.add2; //idxg
asm
pushad
mov esi, gid
push esi
mov eax, Address1
mov eax, dword ptr [eax] //mov eax, dword ptr [callbase]
mov ecx, dword ptr [eax+$20]
add ecx,$D4
mov edx, Address2
call edx //call idxg
popad;
end;
end;
procedure CallSkill(p: PGetRwJNParam);stdcall; //使用技能call callbase syjn
var
skillid,Address1,Address2: dword;
begin
skillid := p^.sid;
Address1:= p^.add1; //callbase
Address2:= p^.add2; //syjn
asm
pushad
mov eax, skillid
mov ecx, Address1
mov ecx, dword ptr [ecx] //mov ecx, dword ptr [callbase]
mov ecx, dword ptr [ecx + $1C]
mov ecx, dword ptr [ecx + $28]
push -1
push 0
push 0
push eax
mov edx, Address2
call edx //call syjn
popad;
end;
end;
procedure CallPickMatter(p: PPickCallParam);stdcall; //捡物call callbase jqwp
var
id,xtbh,Address1,Address2: DWORD;
begin
id := p^.wpid;
xtbh := p^.xtid;
Address1:= p^.add1; //callbase
Address2:= p^.add2; //jqwp
asm
pushad
mov ecx, Address1
mov ecx, dword ptr [ecx] //mov ecx, dword ptr [callbase]
mov edx, id
push edx
mov ecx, dword ptr [ecx+$20]
mov eax, xtbh
push eax
add ecx, $D4
mov edx, Address2
call edx //call jqwp
popad
end;
end;
procedure CallUseMatter(p: UsewpCallParam);stdcall; //使用物品call callbase sywp
var
id,pos,Address1,Address2: DWORD;
begin
id := p^.wpid;
pos := p^.wppos;
Address1:= p^.add1; //callbase
Address2:= p^.add2; //sywp
asm
pushad
mov edx, id
mov eax, pos
push 1
push edx
push eax
push 0
mov esi,Address1
mov esi,dword ptr [esi] //mov esi,dword ptr [callbase]
mov esi,dword ptr [esi+$20]
lea ecx,dword ptr [esi+$d4]
mov ebx, Address2
call ebx //call sywp
popad
end;
end;
procedure CallAutoWalk(p: Autogo);stdcall; //自动寻路call Baseadr AutogoPush AutogoMove AutogoCall
var
gox,goy,goz:Single;
Address1,Address2,Address3,Address4: DWORD;
begin
gox:=p^.x;
goy:=p^.y;
goz:=p^.z;
Address1:=p^.add1; //Baseadr
Address2:=p^.add2; //AutogoPush
Address3:=p^.add3; //AutogoMove
Address4:=p^.add4; //AutogoCall
try
asm
pushad
mov eax, Address1
mov eax, [eax] //Baseadr
mov eax, [eax+$8]
mov eax, [eax+$88]
push 1
push eax //地图代码
mov eax, gox
mov ebx, Address2
mov [ebx], eax //AutogoPush
mov eax, goz
mov [ebx+4], eax //AutogoPush+4
mov eax, goy
mov [ebx+8], eax //AutogoPush+8
mov eax, Address1
mov eax, dword ptr [eax] //Baseadr
mov eax, dword ptr [eax+$28]
lea eax, dword ptr [eax+$3c]
push ebx //AutogoPush
push eax
mov ecx, Address3 //AutogoMove
mov ebx, Address4 //AutogoCall
call ebx //AutogoCall
popad
end;
except
exit;
end;
end;
procedure CallUseMatterBB(p : useBBWpCallParam);stdcall; //喂BBcall sybbw
var
cwid,wpgs : DWORD;
Address1: DWORD;
begin
cwid := P^.bbid;
wpgs := P^.bbwpgs;
Address1:=P^.add1;
asm
pushad
mov edx,dword ptr [wpgs]
lea ecx,dword ptr [cwid]
push ecx
push edx
mov ecx,ebp
mov ebx, Address1 //sybbw
call ebx //sybbw
popad
end;
end;
procedure CallOpenNPC(p: OpenNPCCallParam);stdcall; //激活NPC call callbase jhnpc
var
ID : DWORD;
Address1,Address2: DWORD;
begin
ID := P^.selnpcid;
Address1:=p^.add1; //callbase
Address2:=p^.add2; //jhnpc
asm
pushad
mov edx, Address1
mov edx, dword ptr [edx] //mov edx, dword ptr [callbase]
push ID
mov ecx, dword ptr [edx+$20]
add ecx, $d4
mov ebx, Address2 //jhnpc
call ebx //jhnpc
popad
end;
end;
procedure CallBuyThing(p: BuyThingCallParam);stdcall; //买物call gmwp
var
Address1: DWORD;
begin
Address1:=p^.add1; //gmwp
asm
pushad
mov eax,P
push eax
push 1
mov ebx, Address1 //gmwp
call ebx
add esp, $8
popad
end;
end;
procedure CallSaleThing(p: sellThingCallParam);stdcall; //卖物call cswp
var
Address1: DWORD;
begin
Address1:=p^.add1; //cswp
asm
pushad
mov eax,p //压入数据结构
push eax
push 1 //出售组数
mov ebx, Address1 //cswp
call ebx
add esp, $8
popad
end;
end;
//******************************* 带参call 原形 *******************************//
//*************************** 注入函数 *****************************************************//
procedure InjectFunc(InHWND: HWND; Func: Pointer; Param: Pointer; ParamSize: DWORD);stdcall; //远程注入
var
hThread: THandle;
lpNumberOfBytes: DWORD;
begin
if (InProcessID<>0) and (InHWND<>0) then
begin
//申请注入空间
ThreadAdd:= VirtualAllocEx(InProcessID, nil, 2048, MEM_COMMIT, PAGE_READWRITE); //申请写入代码空间
ParamAdd := VirtualAllocEx(InProcessID, nil, 80, MEM_COMMIT, PAGE_READWRITE); //申请写入代码参数空间
WriteProcessMemory(InProcessID, ThreadAdd, Func, 2048, lpNumberOfBytes); //写入函数地址
WriteProcessMemory(InProcessID, ParamAdd, Param, ParamSize, lpNumberOfBytes); //写入参数地址
hThread:= CreateRemoteThread(InProcessID, nil, 0, ThreadAdd, ParamAdd, 0, lpNumberOfBytes); //创建远程线程
WaitForSingleObject(hThread, INFINITE); //等待线程执行
CloseHandle(hThread); //关闭线程
//释放注入空间
VirtualFreeEx(InProcessID, ThreadAdd, 2048, MEM_RELEASE); //释放申请的地址
VirtualFreeEx(InProcessID, ParamAdd, 80, MEM_RELEASE);
end;
end;
//*************************** 注入函数 *****************************************************//
//*************************** 所有不带参call 引用 *******************************//
procedure BaseCall(GameHwnd:DWORD;Action:DWORD);stdcall;
var
CallParam:TNomalCallParam;
begin
if GameHwnd <> 0 then
begin
if Action = 0 then //普通***call pAttack
begin
CallParam.add1:=pAttack;
InjectFunc(GameHwnd,@CallAttack,@CallParam,SizeOf(CallParam));
end;
if Action = 1 then //打坐call dazuo
begin
CallParam.add1:=dazuo;
InjectFunc(GameHwnd,@CallMeditation,@CallParam,SizeOf(CallParam));
end;
if Action = 2 then //停止打坐call undazuo
begin
CallParam.add1:=undazuo;
InjectFunc(GameHwnd,@CallUnMeditation,@CallParam,SizeOf(CallParam));
end;
if Action = 3 then //Tab选怪call callbase Tabxg
begin
CallParam.add1:=callbase;
CallParam.add2:=Tabxg;
InjectFunc(GameHwnd,@CallTab,@CallParam,SizeOf(CallParam));
end;
if Action = 4 then //取消选怪call unchoosexg
begin
CallParam.add1:=unchoosexg;
InjectFunc(GameHwnd,@CallUnChooseGW,@CallParam,SizeOf(CallParam));
end;
if Action = 5 then //死亡回城
begin
CallParam.add1:=swhc;
InjectFunc(GameHwnd,@CallRetCity,@CallParam,SizeOf(CallParam));
end;
if Action = 6 then //关闭NPC
begin
CallParam.add1:=qxnpcpush;
CallParam.add2:=callbase;
CallParam.add3:=qxnpc;
InjectFunc(GameHwnd,@CallCloseNPC,@CallParam,SizeOf(CallParam));
end;
if Action = 7 then //打开仓库
begin
CallParam.add1:=dkckpush;
CallParam.add2:=dkck;
InjectFunc(GameHwnd,@CallOpenStore,@CallParam,SizeOf(CallParam));
end;
end;
end;
//*************************** 所有不带参call 引用 *******************************//
//******************************* 带参call 引用 *******************************//
procedure SkillCall(GameHwnd:DWORD;skillid:DWORD);stdcall; //使用技能call callbase syjn
var
CallParam:TPGetRwJNParam;
begin
if GameHwnd <> 0 then
begin
CallParam.sid := skillid;
CallParam.add1:= callbase;
CallParam.add2:= syjn;
InjectFunc(GameHwnd,@CallSkill,@CallParam,SizeOf(CallParam));
end;
end;
procedure SelmonFromIDCall(GameHwnd:DWORD;id:DWORD);stdcall; //ID选怪call callbase idxg
var
CallParam:TPGetGwCallParam;
begin
if GameHwnd <> 0 then
begin
CallParam.xgid:= id;
CallParam.add1:= callbase;
CallParam.add2:= idxg;
InjectFunc(GameHwnd,@CallSelmonFromID,@CallParam,SizeOf(CallParam));
end;
end;
procedure PickMatterCall(GameHwnd:DWORD;id:DWORD;pos:DWORD);stdcall; //捡物call callbase jqwp
var
CallParam:TPPickCallParam;
begin
if GameHwnd <> 0 then
begin
CallParam.wpid := id;
CallParam.xtid := pos;
CallParam.add1 := callbase;
CallParam.add2 := jqwp;
InjectFunc(GameHwnd,@CallPickMatter,@CallParam,SizeOf(CallParam));
end;
end;
procedure UseMatterCall(GameHwnd:DWORD;id:DWORD;pos:DWORD);stdcall; //使用物品call callbase sywp
var
CallParam:TUsewpCallParam;
begin
if GameHwnd <> 0 then
begin
CallParam.wpid := id;
CallParam.wppos := pos;
CallParam.add1 := callbase;
CallParam.add2 := sywp;
InjectFunc(GameHwnd,@CallUseMatter,@CallParam,SizeOf(CallParam));
end;
end;
procedure AutoWalkCall(GameHwnd:DWORD;x:single;y:single;z:single);stdcall; //自动寻路call Baseadr AutogoPush AutogoMove AutogoCall
var
CallParam:TAutogo;
begin
if GameHwnd <> 0 then
begin
CallParam.x := x;
CallParam.y := y;
CallParam.z := z;
CallParam.add1:=Baseadr;
CallParam.add2:=AutogoPush;
CallParam.add3:=AutogoMove;
CallParam.add4:=AutogoCall;
InjectFunc(GameHwnd,@CallAutoWalk,@CallParam,SizeOf(CallParam));
end;
end;
procedure UseMatterBBCall(GameHwnd:DWORD;id:DWORD;pos:DWORD);stdcall; //喂BBcall sybbw
var
CallParam:TUseBBWpCallParam;
begin
if GameHwnd <> 0 then
begin
CallParam.bbid := id;
CallParam.bbwpgs := pos;
CallParam.add1 :=sybbw;
InjectFunc(GameHwnd,@CallUseMatterBB,@CallParam,SizeOf(CallParam));
end;
end;
procedure ActiveNpcCall(GameHwnd:DWORD;id:DWORD);stdcall; //激活NPC call callbase jhnpc
var
CallParam:TOpenNPCCallParam;
begin
if GameHwnd <> 0 then
begin
CallParam.selnpcid := id;
CallParam.add1 :=callbase;
CallParam.add2 :=jhnpc;
InjectFunc(GameHwnd,@CallOpenNPC,@CallParam,SizeOf(CallParam));
end;
end;
procedure BuyCall(GameHwnd:DWORD;id:DWORD;pos:DWORD;num:DWORD);stdcall; //买物call gmwp
var
CallParam:TBuyThingCallParam;
begin
if GameHwnd <> 0 then
begin
CallParam.mwid := id;
CallParam.mwgs := pos;
CallParam.mwsl := num;
CallParam.add1 := gmwp;
InjectFunc(GameHwnd,@CallBuyThing,@CallParam,SizeOf(CallParam));
end;
end;
procedure SaleCall(GameHwnd:DWORD;id:DWORD;pos:DWORD;num:DWORD);stdcall; //卖物call cswp
var
CallParam:TSellThingCallParam;
begin
if GameHwnd <> 0 then
begin
CallParam.mcwid := id;
CallParam.mcwgs := pos;
CallParam.mcwsl := num;
CallParam.add1 := cswp;
InjectFunc(GameHwnd,@CallSaleThing,@CallParam,SizeOf(CallParam));
end;
end;
//******************************* 带参call 引用 *******************************//
//*********************** 游戏内CALL过程实现 *******************************//
procedure TWgForm.GuaJieClick(Sender: TObject); //挂接游戏
var
ProcID: HWND;
offic:dword; //偏移
Num: Cardinal; //占位,用于打开进程内存
Utext:array[0..16] of WideChar;
rwname:string;
begin
Ghwnd:=findwindow(nil,pchar('口袋西游'));
if Ghwnd=0 then
begin
Ghwnd:=findwindow(nil,pchar('剑不枫流'));
end;
if Ghwnd>0 then
begin
GetWindowThreadProcessId(Ghwnd,@ProcID); //取得窗口相应进程ID
InProcessID:=OpenProcess(PROCESS_ALL_ACCESS, False, ProcID); //进程句柄
GuaJie.Enabled :=false;
ZtTime.Enabled :=True;
end;
end;
procedure TWgForm.ZtTimeTimer(Sender: TObject); //检测当前人物状态
var
offic:dword; //偏移
rwz1,rwz2:DWORD;
rwzx,rwzy:single;
Num: Cardinal; //占位,用于打开进程内存
begin
ZtTime.Enabled :=false;
if InProcessID>0 then
begin
//rw
ReadProcessMemory(InProcessID, Pointer(Baseadr), @offic, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$28), @offic, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$278), @rwz1, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$2B0), @rwz2, 4, Num);
rwhp.Caption :=inttostr(rwz1)+'/'+inttostr(rwz2);
ReadProcessMemory(InProcessID, Pointer(offic+$27C), @rwz1, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$2B4), @rwz2, 4, Num);
rwmp.Caption :=inttostr(rwz1)+'/'+inttostr(rwz2);
ReadProcessMemory(InProcessID, Pointer(offic+$270), @rwz1, 4, Num);
live.Caption :=inttostr(rwz1);
ReadProcessMemory(InProcessID, Pointer(offic+$348), @rwz1, 4, Num);
money.Caption :=inttostr(rwz1);
ReadProcessMemory(InProcessID, Pointer(offic+$498), @rwzx, 4, Num);
rwzbx.Caption :=IntToStr(trunc(rwzx));
ReadProcessMemory(InProcessID, Pointer(offic+$4A0), @rwzy, 4, Num);
rwzby.Caption :=inttostr(trunc(rwzy));
end;
ZtTime.Enabled :=true;
end;
//**************************** 定点挂机实现部分 **********************************//
procedure TWgForm.GjTimeTimer(Sender: TObject);
var
RwCuHp,RwMaxHp,RwCuMp,RwMaxMp:DWORD;
offic:DWORD; //偏移
RwPoint:DWORD; //人物状态
XgPoint:DWORD; //选怪状态
rwzx,rwzy:single;
gjx,gjy,gjl:integer;
Num: Cardinal; //占位,用于打开进程内存
lnum1,lnum2,BaoID,BaoPos,BaoNum:integer;
BaoStr:string;
BugBase,BugArrayCount,BugArrayBase,BugDestPoint,BugNumCount:DWORD;
BugXue,BugMaxXue:DWORD;
BugNameBase:DWORD;
BugLeave:DWORD;
Utext:array[0..16] of WideChar;
BugName:string;
begin
GjTime.Enabled :=false; //进入循环后暂停计时
if InProcessID>0 then
begin
//rw
ReadProcessMemory(InProcessID, Pointer(Baseadr), @offic, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$28), @offic, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$278), @RwCuHp, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$2B0), @RwMaxHp, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$27C), @RwCuMp, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$2B4), @RwMaxMp, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$498), @rwzx, 4, Num);
ReadProcessMemory(InProcessID, Pointer(offic+$4A0), @rwzy, 4, Num);
//人物状态
ReadProcessMemory(InProcessID, Pointer(offic+$A00), @RwPoint, 4, Num);
ReadProcessMemory(InProcessID, Pointer(RwPoint+$14), @RwPoint, 4, Num);
ReadProcessMemory(InProcessID, Pointer(RwPoint+$4), @RwPoint, 4, Num);
//是否选中怪物
ReadProcessMemory(InProcessID, Pointer(offic+$8D8), @XgPoint, 4, Num);
if DzStop or (HcStop<>3) then
begin
XgPoint:=0;
end;
if (XgPoint=0) then //未选中怪时
begin
//memo1.Lines.Add('未选中怪');
if DzStop then //打坐状态
begin
if (RwCuHp=RwMaxHp) and (RwCuMp=RwMaxMp) then
begin
DzStop:=false;
BaseCall(Ghwnd,2); //取消打坐
Sleep(500);
end;
end
else //非打坐状态
begin
if ((RwCuHp/RwMaxHp)
if (HPact='打坐') then
begin
DzStop:=true;
BaseCall(Ghwnd,1); //打坐
Sleep(500);
end
else
begin
BaoStr:=SearchBao(HPact,1);//扫苗红药,找到就吃,少就回城
if BaoStr<>'' then
begin
lnum1:=AnsiPos(',', BaoStr);
lnum2:=length(BaoStr);
BaoId:=StrToInt(leftstr(BaoStr,lnum1-1));
BaoStr:=rightstr(BaoStr,lnum2-lnum1);
lnum1:=AnsiPos(',', BaoStr);
lnum2:=length(BaoStr);
BaoPos:=StrToInt(leftstr(BaoStr,lnum1-1));
BaoNum:=StrToInt(rightstr(BaoStr,lnum2-lnum1));
end
else
begin
BaoId:=0;
BaoPos:=0;
BaoNum:=0;
end;
if (BaoNum=0) and (SyRcity='是') then
begin
AutoWalkCall(Ghwnd,CKNPCx,CKNPCy,CKNPCz); //回城存仓库,买药
HcStop:=1; //回城
memo1.Lines.Add('少药回城');
end
else
begin
UseMatterCall(Ghwnd,BaoId,BaoPos); //吃药
Sleep(200);
end;
end;
end
else if ((RwCuMp/RwMaxMp)
if (MPact='打坐') then
begin
DzStop:=true;
BaseCall(Ghwnd,1); //打坐
Sleep(500);
end
else
begin
BaoStr:=SearchBao(MPact,1);//扫苗蓝药,找到就吃,少就回城
if BaoStr<>'' then
begin
lnum1:=AnsiPos(',', BaoStr);
lnum2:=length(BaoStr);
BaoId:=StrToInt(leftstr(BaoStr,lnum1-1));
BaoStr:=rightstr(BaoStr,lnum2-lnum1);
lnum1:=AnsiPos(',', BaoStr);
lnum2:=length(BaoStr);
BaoPos:=StrToInt(leftstr(BaoStr,lnum1-1));
BaoNum:=StrToInt(rightstr(BaoStr,lnum2-lnum1));
end
else
begin
BaoId:=0;
BaoPos:=0;
BaoNum:=0;
end;
if (BaoNum=0) and (SyRcity='是') then
begin
AutoWalkCall(Ghwnd,CKNPCx,CKNPCy,CKNPCz); //回城存仓库,买药
HcStop:=1; //回城
memo1.Lines.Add('少药回城');
end
else
begin
UseMatterCall(Ghwnd,BaoId,BaoPos); //吃药
Sleep(200);
end;
end;
end;
if HcStop=0 then //启动挂后检测是回城还是去挂机
begin
gjx:=trunc(rwzx-RwGjx);
gjy:=trunc(rwzy-RwGjy);
gjl:=trunc(sqrt(gjx*gjx+gjy*gjy)); //计算挂机点距离
if (gjl>30) then //如果超出挂机范围
begin
AutoWalkCall(Ghwnd,CKNPCx,CKNPCy,CKNPCz); //回城存仓库
sleep(1000);
HcStop:=1;
memo1.Lines.Add('启动检测回城');
end
else
begin
AutoWalkCall(Ghwnd,RwGjx,RwGjy,RwGjz); //返回挂机点
sleep(1000);
HcStop:=2;
memo1.Lines.Add('启动检测挂机');
end;
end;
if HcStop=1 then //回城买卖途中
begin
if DqNPC=0 then
begin
DqNPC:=1;
end;
if DqNPC=1 then //回城存仓库
begin
gjx:=trunc(rwzx-CKNPCx);
gjy:=trunc(rwzy-CKNPCy);
gjl:=trunc(sqrt(gjx*gjx+gjy*gjy)); //计算挂机点距离
if (gjl<3) then //到达NPC仓库
begin
if FlashBug('仓库',3) then //打开NPC仓库
begin
//ReCityMat(CKNPCx,CKNPCy,CKNPCz); //开始存物,不好意思,暂时还没实现,有实现的朋友告诉下
sleep(2000);
memo1.Lines.Add('打开仓库');
BaseCall(Ghwnd,6); //关闭NPC
sleep(500);
memo1.Lines.Add('关闭NPC');
end;
AutoWalkCall(Ghwnd,BuyNPCx,BuyNPCy,BuyNPCz); //自动寻径到NPC药师
sleep(1000);
DqNPC:=2; //切换到下一个NPC
end;
end;
if DqNPC=2 then //回城买药
begin
gjx:=trunc(rwzx-BuyNPCx);
gjy:=trunc(rwzy-BuyNPCy);
gjl:=trunc(sqrt(gjx*gjx+gjy*gjy)); //计算挂机点距离
if (gjl<3) then //到达NPC
begin
if FlashBug('药师',3) then //打开NPC药师
begin
memo1.Lines.Add('打开NPC药师');
sleep(1000);
SearchBao('',2); //开始卖物
sleep(1000);
memo1.Lines.Add('开始卖物');
ReCityBuy(HPact,BuyHPsl); //开始买红
sleep(1000);
memo1.Lines.Add('开始买红');
ReCityBuy(MPact,BuyMPsl); //开始买蓝
sleep(1000);
memo1.Lines.Add('开始买蓝');
BaseCall(Ghwnd,6); //关闭NPC
memo1.Lines.Add('关闭NPC');
end;
AutoWalkCall(Ghwnd,RwGjx,RwGjy,RwGjz); //返回挂机点
sleep(1000);
DqNPC:=0; //切换到下一个NPC
HcStop:=2; //切换到回挂机点状态
memo1.Lines.Add('买药结束回挂机点');
end;
end;
if DqNPC=3 then
begin
//ReCityMil(); //邮寄
AutoWalkCall(Ghwnd,RwGjx,RwGjy,RwGjz); //返回挂机点
sleep(1000);
DqNPC:=0; //切换到下一个NPC
HcStop:=2; //切换到回挂机点状态
end;
end;
if HcStop=2 then //回挂机点途中
begin
gjx:=trunc(rwzx-RwGjx);
gjy:=trunc(rwzy-RwGjy);
gjl:=trunc(sqrt(gjx*gjx+gjy*gjy)); //计算挂机点距离
if (gjl<5) then //进入挂机点
begin
HcStop:=3; //切换到挂机状态
end;
end;
if HcStop=3 then //开始挂机
begin
if (oldxg=1) then //如果前次选了怪,表示刚打完一个怪
begin
FlashWp(2); //扫描地面物品 ,捡物
oldxg:=0;
if (SearchBao('',3)='1') then //判断包裹是否满
begin
AutoWalkCall(Ghwnd,CKNPCx,CKNPCy,CKNPCz); //回城存仓库,买药
sleep(1000);
HcStop:=1; //回城
memo1.Lines.Add('包裹满回城');
end
else
begin
gjx:=trunc(rwzx-RwGjx);
gjy:=trunc(rwzy-RwGjy);
gjl:=trunc(sqrt(gjx*gjx+gjy*gjy)); //计算挂机点距离
if (gjl>RwGjL) then //如果超出挂机范围
begin
AutoWalkCall(Ghwnd,RwGjx,RwGjy,RwGjz); //返回挂机点
HcStop:=2; //切换到走路状态
end;
end;
end //前面未选过怪,进入选怪
else
begin
FlashBug('',1); //刷新怪,选最近的怪,将oldxg:=1;
end;
end;
end; //非打坐状态处理结束
end //未选中怪状态处理结束
else //如果选中了怪
begin
if (HitType='普通***') then
begin
BaseCall(Ghwnd,0); //普通***call
end
else
begin
SkillCall(Ghwnd,SearchJnID(HitType,1)); //技能***
sleep(500);
end;
end;
end;
//label8.Caption :='挂机状态:'+inttostr(HcStop)+';人物状态:'+inttostr(RwPoint);
GjTime.Enabled :=true;
end;
procedure TWgForm.ReadStupINI();
begin
//***************** 从配置文件中读取各基址 ****************************************************
Baseadr:=StrToInt(readinifile(AppPath+'setup.ini','basic','基址')); //游戏基地址
callbase:=StrToInt(readinifile(AppPath+'setup.ini','basic','CALL基址')); //call 地址
Question:=StrToInt(readinifile(AppPath+'setup.ini','basic','星星地址')); //call 地址
AutogoCall:=StrToInt(readinifile(AppPath+'setup.ini','basic','自动寻径CALL')); //自动寻路 428D00
AutogoPush:=StrToInt(readinifile(AppPath+'setup.ini','basic','自动寻径PUSH')); //PUSH
AutogoMove:=StrToInt(readinifile(AppPath+'setup.ini','basic','自动寻径MOVE')); //MOV 地址
dazuo:=StrToInt(readinifile(AppPath+'setup.ini','basic','开始打坐')); //打坐
undazuo:=StrToInt(readinifile(AppPath+'setup.ini','basic','取消打坐')); //取消打坐
Tabxg:=StrToInt(readinifile(AppPath+'setup.ini','basic','TAB')); //tab选怪
unchoosexg:=StrToInt(readinifile(AppPath+'setup.ini','basic','基址')); //取消选怪
idxg:=StrToInt(readinifile(AppPath+'setup.ini','basic','ID选怪')); //ID选怪 5921E0
pAttack:=StrToInt(readinifile(AppPath+'setup.ini','basic','普通***')); //普通***
jqwp:=StrToInt(readinifile(AppPath+'setup.ini','basic','拾取物品')); //捡东西
syjn:=StrToInt(readinifile(AppPath+'setup.ini','basic','使用技能')); //使用技能
sywp:=StrToInt(readinifile(AppPath+'setup.ini','basic','使用物品')); //使用物品
sybbw:=StrToInt(readinifile(AppPath+'setup.ini','basic','喂宠call')); //使用BB物品call
swhc:=StrToInt(readinifile(AppPath+'setup.ini','basic','死亡回城')); //死亡回城
jhnpc:=StrToInt(readinifile(AppPath+'setup.ini','basic','激活NPC')); //激活NPC 592320
qxnpc:=StrToInt(readinifile(AppPath+'setup.ini','basic','关闭NPC_CALL')); //取消NPC
qxnpcpush:=StrToInt(readinifile(AppPath+'setup.ini','basic','关闭NPC_PUSH')); //取消NPC push
gmwp:=StrToInt(readinifile(AppPath+'setup.ini','basic','购买物品')); //购买物品
cswp:=StrToInt(readinifile(AppPath+'setup.ini','basic','贩卖物品')); //出售物品
dkck:=StrToInt(readinifile(AppPath+'setup.ini','basic','开启仓库CALL')); //打开仓库
dkckpush:=StrToInt(readinifile(AppPath+'setup.ini','basic','开启仓库PUSH')); //打开仓库push
bcwp:=StrToInt(readinifile(AppPath+'setup.ini','basic','保存物品')); //保存物品
//为使用动态调用地址,需在调用原形中使用参数传递地址,并通过寄存器中转地址,因此,所用调用都要带参数
//***************** 从配置文件中读取挂机设置 ****************************************************
RwGjx:=StrToInt(readinifile(AppPath+'setup.ini','1','挂机X'));
RwGjy:=StrToInt(readinifile(AppPath+'setup.ini','1','挂机Y'));
RwGjz:=StrToInt(readinifile(AppPath+'setup.ini','1','挂机Z'));
RwGjL:=StrToInt(readinifile(AppPath+'setup.ini','1','挂机范围'));
BuyNPCx:=StrToInt(readinifile(AppPath+'setup.ini','1','买药X'));
BuyNPCy:=StrToInt(readinifile(AppPath+'setup.ini','1','买药Y'));
BuyNPCz:=StrToInt(readinifile(AppPath+'setup.ini','1','买药Z'));
CKNPCx:=StrToInt(readinifile(AppPath+'setup.ini','1','仓库X'));
CKNPCy:=StrToInt(readinifile(AppPath+'setup.ini','1','仓库Y'));
CKNPCz:=StrToInt(readinifile(AppPath+'setup.ini','1','仓库Z'));
HPscal:=StrToFloat(readinifile(AppPath+'setup.ini','1','红比例'));
MPscal:=StrToFloat(readinifile(AppPath+'setup.ini','1','蓝比例'));
HPact:=trim(readinifile(AppPath+'setup.ini','1','红处理'));
MPact:=trim(readinifile(AppPath+'setup.ini','1','蓝处理'));
HitType:=trim(readinifile(AppPath+'setup.ini','1','***方式'));
BmRcity:=trim(readinifile(AppPath+'setup.ini','1','包满回城'));
SyRcity:=trim(readinifile(AppPath+'setup.ini','1','少药回城'));
DeRcity:=trim(readinifile(AppPath+'setup.ini','1','死亡回城'));
BuyHPmc:=trim(readinifile(AppPath+'setup.ini','1','买红药'));
BuyHPsl:=StrToInt(readinifile(AppPath+'setup.ini','1','买红数量'));
BuyMPmc:=trim(readinifile(AppPath+'setup.ini','1','买蓝药'));
BuyMPsl:=StrToInt(readinifile(AppPath+'setup.ini','1','买蓝数量'));
BlWpStr:=trim(readinifile(AppPath+'setup.ini','1','保留物品'));
GwFilet:=trim(readinifile(AppPath+'setup.ini','1','指定打怪'));
WpFilet:=trim(readinifile(AppPath+'setup.ini','1','过滤捡物'));
end;
procedure TWgForm.ReadINIClick(Sender: TObject); //重读配置按钮
begin
ReadStupINI();
end;
procedure TWgForm.Button6Click(Sender: TObject); //暂停
begin
GjTime.Enabled:=false;
//ZtTime.Enabled:=false;
end;
procedure TWgForm.Button7Click(Sender: TObject); //开始
begin
GjTime.Enabled:=true;
//ZtTime.Enabled:=true;
HcStop:=0;
end;
//****************************** 挂机所需数据检测 ******************************//
//同一功能尽量用同一模块完成
function TWgForm.FlashBug(GwName:string;RsType:integer):boolean; //查找地面怪物及NPC,GwName怪名,RsType执行类型
var //0=显示所有怪,1=最近怪,2=附近指定怪,3=打开指定NPC,
BugBase,BugArrayCount,BugArrayBase,BugDestPoint,BugNumCount:DWORD;
BugXue,BugMaxXue,BugType:DWORD;
BugX,BugY,BugDistance:single;
BugID,BugDis:integer;
BugNameBase:DWORD;
BugLeave:DWORD;
i:DWORD;
Num: Cardinal; //占位,用于打开进程内存
Utext:array[0..16] of WideChar;
BugStDis,BugStID:integer;
BugName,BugStName:string;
begin
BugStDis:=12; //初始距离
BugStID:=0;
if InProcessID>0 then
begin
//怪物结构体 rwz1:=[[[call基址+$1C]+$8]+$20]
ReadProcessMemory(InProcessID,pointer(Baseadr),@BugBase, 4, Num);//一级基址
ReadProcessMemory(InProcessID,pointer(BugBase+$8),@BugBase, 4, Num);//
ReadProcessMemory(InProcessID,pointer(BugBase+$20),@BugBase, 4, Num);//怪物结构体基址,即怪物数组对象ECX
ReadProcessMemory(InProcessID,pointer(BugBase+$14),@BugNumCount, 4, Num); //怪物数量
ReadProcessMemory(InProcessID,pointer(BugBase+$24),@BugArrayCount, 4, Num); //怪物数组最大值
ReadProcessMemory(InProcessID,pointer(BugBase+$18),@BugArrayBase, 4, Num); //怪物数组首地址
if (BugArrayCount>1000) or (BugArrayCount=0) then
begin
GjTime.Enabled :=false; //停止挂机计时
memo1.Lines.Clear; //清除列表
memo1.Lines.Add('怪物结构体发生变化,请重新查找基址') ;
result:=false;
exit;
end;
For i:= 0 to BugArrayCount-1 do
begin
ReadProcessMemory(InProcessID, Pointer(BugArrayBase+i*4),@BugDestPoint,4,Num);
if BugDestPoint>0 then
begin
Utext[0]:=' ';
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$4),@BugDestPoint, 4, Num);//选中怪物对象的指针
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$3c),@BugX, 4, Num);//怪X坐标***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$44),@BugY, 4, Num);//怪Y坐标***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$124),@BugID, 4, Num);//怪ID***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$128),@BugType, 4, Num);//怪物类型***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$130),@BugLeave, 4, Num);//怪等级***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$138),@BugXue, 4, Num);//怪物血***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$170),@BugMaxXue, 4, Num);//怪物最大血***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$284),@BugDistance, 4, Num);//人与怪物距离***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$260),@BugNameBase, 4, Num);//怪物名称地址***
ReadProcessMemory(InProcessID,pointer(BugNameBase),@Utext, 32, Num);//怪物名称***
BugDis:=Trunc(BugDistance); //BugLeave:=BugLeave-7000;
BugName:=Trim(string(Utext));
Case RsType of
0: //0=显示所有怪
begin
memo1.Lines.Add('怪物名称:'+string(Utext)); //BugName;
memo1.Lines.Add('怪物ID:'+IntToStr(BugID));
memo1.Lines.Add('怪物血:'+IntToStr(BugXue)+'/'+IntToStr(BugMaxXue));
memo1.Lines.Add('怪物坐标:'+IntToStr(trunc(BugX))+','+IntToStr(trunc(BugY)));
memo1.Lines.Add('怪物等级:'+IntToStr(BugLeave));
memo1.Lines.Add('怪物距离:'+IntToStr(BugDis));
memo1.Lines.Add('怪物类型:'+IntToStr(BugType));
BugStID:=0;
end;
1: //1=选最近怪
begin
if (BugLeave<>99) and (BugDis<12) then //过滤99级和远距离的怪
begin
if (BugDis
BugStDis:=BugDis;
BugStName:=BugName;
BugStID:=BugID; //循环后得出最近怪ID
end;
end;
end;
2: //2=附近指定怪
begin
if (BugLeave<>99) and (BugDis<12) then //过滤99级和远距离的怪
begin
if (BugDis
begin
BugStDis:=BugDis;
BugStName:=BugName;
BugStID:=BugID; //循环后得出最近怪ID
end;
end;
end;
3: //3=打开指定NPC,
begin
if (BugLeave=99) and (BugDis<10) then //过滤99级和远距离的怪
begin
if (AnsiPos(GwName, BugName)>0) then //查找指定NPC
begin
BugStID:=BugID;
break;
end;
end;
end;
else
end;
end;
end;
if (BugStID=0) then
begin
result:=false;
end
else
begin
if (RsType=3) then
begin
SelmonFromIDCall(Ghwnd,BugStID); //选中指定NPC
sleep(500);
ActiveNpcCall(Ghwnd,BugStID); //激活NPC
sleep(500);
result:=true;
end
else
begin
oldxg:=1; //表示选中了一个怪,用于判断是否打了怪
gwhp.Caption :=BugStName;
SelmonFromIDCall(Ghwnd,BugStID); //ID选怪call
result:=true;
end;
end;
end
else
begin
result:=false;
end;
end;
procedure TWgForm.FlashWp(RsType:integer); //查找地面物品,捡物,RsType执行类型
var //0=显示所有物品,1=捡指定物,2=不捡指定物
WpBase,WpArrayCount,WpArrayBase,WpDestPoint:DWORD;
WpType,WpNumCount:DWORD;
WpDistance:single;
WpID,WpXtID:DWORD;
WpNameBase:DWORD;
i:DWORD;
Num: Cardinal; //占位,用于打开进程内存
Utext:array[0..16] of WideChar;
WpName:string;
begin
if InProcessID>0 then
begin
//物品结构体 Wpz1:=[[[call基址+$1C]+$8]+$20]
ReadProcessMemory(InProcessID,pointer(Baseadr),@WpBase, 4, Num);//一级基址
ReadProcessMemory(InProcessID,pointer(WpBase+$8),@WpBase, 4, Num);//
ReadProcessMemory(InProcessID,pointer(WpBase+$24),@WpBase, 4, Num);//物品结构体基址,即物品数组对象ECX
ReadProcessMemory(InProcessID,pointer(WpBase+$14),@WpNumCount, 4, Num); //物品数量
ReadProcessMemory(InProcessID,pointer(WpBase+$24),@WpArrayCount, 4, Num); //物品数组最大值
ReadProcessMemory(InProcessID,pointer(WpBase+$18),@WpArrayBase, 4, Num); //物品数组首地址
if (WpArrayCount>1000) or (WpArrayCount=0) then
begin
GjTime.Enabled :=false; //停止挂机计时
memo1.Lines.Clear; //清除列表
memo1.Lines.Add('物品结构体发生变化,请重新查找基址') ;
exit;
end;
For i:= 0 to WpArrayCount-1 do
begin
ReadProcessMemory(InProcessID, Pointer(WpArrayBase+i*4),@WpDestPoint,4,Num);
if WpDestPoint>0 then
begin
Utext[0]:=' ';
ReadProcessMemory(InProcessID,pointer(WpDestPoint+$4),@WpDestPoint, 4, Num);//选中物品对象的指针
ReadProcessMemory(InProcessID,pointer(WpDestPoint+$10C),@WpXtID, 4, Num);//物品系统ID
ReadProcessMemory(InProcessID,pointer(WpDestPoint+$110),@WpID, 4, Num);//物品ID***
ReadProcessMemory(InProcessID,pointer(WpDestPoint+$150),@WpType, 4, Num);//物品类型
ReadProcessMemory(InProcessID,pointer(WpDestPoint+$158),@WpDistance, 4, Num);//人与物品距离
ReadProcessMemory(InProcessID,pointer(WpDestPoint+$168),@WpNameBase, 4, Num);//物品名称地址
ReadProcessMemory(InProcessID,pointer(WpNameBase),@Utext, 32, Num);//物品名称
WpName:=Trim(string(Utext));
Case RsType of
0: //0=显示所有物品,1=捡指定物,2=不捡指定物
begin
Memo1.Lines.Add('物品名称:'+string(Utext)); //WpName;
Memo1.Lines.Add('物品ID:'+IntToStr(WpID));
Memo1.Lines.Add('物品系统ID:'+IntToStr(WpXtID));
Memo1.Lines.Add('物品距离:'+IntToStr(trunc(WpDistance)));
Memo1.Lines.Add('物品类型:'+IntToStr(WpType));
end;
1: //0=显示所有物品,1=捡指定物,2=不捡指定物
begin
if (WpType=1) and (WpDistance<10) then //过滤物品 1=物品,2=矿产
begin
if (AnsiPos(WpName,WpFilet)>0) then
begin
PickMatterCall(Ghwnd,WpID,WpXtID);
sleep(100);
end;
end;
end;
2: //0=显示所有物品,1=捡指定物,2=不捡指定物
begin
if (WpType=1) and (WpDistance<10) then //过滤物品 1=物品,2=矿产
begin
if (AnsiPos(WpName,WpFilet)=0) then
begin
PickMatterCall(Ghwnd,WpID,WpXtID);
sleep(100);
end;
end;
end;
else
end;
end;
end;
end;
end;
function TWgForm.SearchJnID(JnName:string;RsType:integer):integer; //查找技能ID
var //0=显示所有技能,1=查找指定技能
JnBase,JnArrayBase,JnDestPoint:DWORD;
JnNumCount,JnNameBase:DWORD;
JnID:integer;
i:DWORD;
Num: Cardinal; //占位,用于打开进程内存
Utext:array[0..16] of WideChar;
NoFound:Boolean;
JnMc:string;
begin
if InProcessID>0 then
begin
NoFound:=true;
//技能结构体 Jnz1:=[[[call基址+$1C]+$8]+$20]
ReadProcessMemory(InProcessID,pointer(Baseadr),@JnBase, 4, Num);//一级基址
ReadProcessMemory(InProcessID,pointer(JnBase+$28),@JnBase, 4, Num);//技能结构体基址
ReadProcessMemory(InProcessID,pointer(JnBase+$A38),@JnNumCount, 4, Num); //技能数量
ReadProcessMemory(InProcessID,pointer(JnBase+$A34),@JnArrayBase, 4, Num); //技能数组首地址
if (JnNumCount>1000) or (JnNumCount=0) then
begin
GjTime.Enabled :=false; //停止挂机计时
memo1.Lines.Clear; //清除列表
memo1.Lines.Add('技能结构体发生变化,请重新查找基址') ;
result:=1;
exit;
end;
For i:= 0 to JnNumCount-1 do
begin
ReadProcessMemory(InProcessID, Pointer(JnArrayBase+i*4),@JnDestPoint,4,Num);
if JnDestPoint>0 then
begin
Utext[0]:=' ';
ReadProcessMemory(InProcessID,pointer(JnDestPoint+$4),@JnDestPoint, 4, Num);//技能基址指针
ReadProcessMemory(InProcessID,pointer(JnDestPoint+$4),@JnDestPoint, 4, Num);//技能基址指针
ReadProcessMemory(InProcessID,pointer(JnDestPoint+$4),@JnID, 4, Num);//技能ID
ReadProcessMemory(InProcessID,pointer(JnDestPoint+$C),@JnNameBase, 4, Num);//技能名称地址
ReadProcessMemory(InProcessID,pointer(JnNameBase),@Utext, 32, Num);//技能名称
JnMc:=trim(string(Utext));
Case RsType of
0: //0=显示所有技能,1=查找指定技能
begin
Memo1.Lines.Add('技能名称:'+string(Utext)); //JnName;
Memo1.Lines.Add('技能ID:'+IntToStr(JnID));
NoFound:=true;
end;
1: //0=显示所有技能,1=查找指定技能
begin
if (AnsiPos(JnName,JnMc)>0) then //查找技能
begin
NoFound:=false;
break;
end;
end;
else
end;
end;
end;
if NoFound then
begin
result:=1;
end
else
begin
result:=JnID;
end;
end
else
begin
result:=1;
end;
end;
function TWgForm.SearchBao(WpName:string;RsType:integer):string; //查找包裹物品
var //0=显示所有物品,1=查找指定物品(吃药),2=卖出包中物品,3=检查包裹满否
BugBase,BugArrayBase,BugDestPoint,BugNumCount:DWORD;
BugNum,BugMaxNum,BugType:DWORD;
BugID:integer;
BugNameBase,BugPy1,BugPy2:DWORD;
i:DWORD;
Num:Cardinal; //占位,用于打开进程内存
Utext:array[0..16] of WideChar;
NoFound:Boolean;
WpMc:string;
begin
NoFound:=true;
if InProcessID>0 then
begin
//包裹结构体 rwz1:=[[[call基址+$1C]+$8]+$20]
ReadProcessMemory(InProcessID,pointer(Baseadr),@BugBase, 4, Num);//一级基址
ReadProcessMemory(InProcessID,pointer(BugBase+$28),@BugBase, 4, Num);//
ReadProcessMemory(InProcessID,pointer(BugBase+$994),@BugBase, 4, Num);//包裹结构体基址,即怪物数组对象ECX
ReadProcessMemory(InProcessID,pointer(BugBase+$10),@BugNumCount, 4, Num); //包裹最大格数
ReadProcessMemory(InProcessID,pointer(BugBase+$C),@BugArrayBase, 4, Num); //包裹数组首地址
if (BugNumCount>200) or (BugNumCount=0) then
begin
GjTime.Enabled :=false; //停止挂机计时
memo1.Lines.Clear; //清除列表
memo1.Lines.Add('包裹结构体发生变化,请重新查找基址') ;
result:='';
exit;
end;
For i:= 0 to BugNumCount-1 do
begin
ReadProcessMemory(InProcessID, Pointer(BugArrayBase+i*4),@BugDestPoint,4,Num);
if BugDestPoint<>0 then
begin
Utext[0]:=' ';
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$8),@BugID, 4, Num);//物品ID***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$4),@BugType, 4, Num);//物品类型***
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$14),@BugNum, 4, Num);//物品的数量
ReadProcessMemory(InProcessID,pointer(BugDestPoint+$18),@BugMaxNum, 4, Num);//物品最大数量
if (BugType<=6) then
begin
BugPy1:=104;
BugPy2:=12;
end
else if (BugType<27) then
begin
BugPy1:=96;
BugPy2:=4;
end
else if (BugType<31) then
begin
BugPy1:=140;
BugPy2:=4;
end
else
begin
BugPy1:=96;
BugPy2:=4;
end;
ReadProcessMemory(InProcessID,pointer(BugDestPoint+BugPy1),@BugNameBase, 4, Num);//物品名称地址***
ReadProcessMemory(InProcessID,pointer(BugNameBase+BugPy2),@Utext, 32, Num);//物品名称***
WpMc:=trim(string(Utext));
Case RsType of
0: //0=显示所有物品,1=查找指定物品(吃药),2=卖出包中物品,3=检查包裹满否
begin
Memo1.Lines.Add('物品格子:'+IntToStr(i));
Memo1.Lines.Add('物品 ID :'+IntToStr(BugID));
Memo1.Lines.Add('物品名称:'+WpMc); //WpMc
NoFound:=true;
end;
1: //0=显示所有物品,1=查找指定物品(吃药),2=卖出包中物品,3=检查包裹满否
begin
if (AnsiPos(WpName,WpMc)>0) then //过滤
begin
NoFound:=false;
result:=IntToStr(BugID)+','+IntToStr(i)+','+IntToStr(BugNum);
break;
end;
end;
2: //0=显示所有物品,1=查找指定物品(吃药),2=卖出包中物品,3=检查包裹满否
begin
if (AnsiPos(WpMc, BlWpStr)=0) then //过滤,保留列表中的物品留下不卖
begin
SaleCall(Ghwnd,BugID,i,BugNum); //卖物CALL
sleep(200);
end;
NoFound:=false;
end;
else
end;
end
else
begin
if (RsType=3) then
begin
NoFound:=false; //有空格子,包未满
result:='0';
break;
end;
end;
end;
if NoFound then //无空格子,包满
begin
result:='1';
end;
end
else
begin
result:='2';
end;
end;
procedure TWgForm.ReCityBuy(WpName:string;WpNum:integer); //回城买物
var
WpID,WpPos:DWORD;
begin
if (WpName='活血丸') then
begin
WpID:=$04C2;
WpPos:=0;
end
else if (WpName='正心丸') then
begin
WpID:=$04C3;
WpPos:=1;
end
else if (WpName='五石散') then
begin
WpID:=$04CD;
WpPos:=6;
end
else if (WpName='甘露散') then
begin
WpID:=$04CE;
WpPos:=7;
end
else
begin
WpID:=0;
WpPos:=11;
end;
BuyCall(Ghwnd,WpID,WpPos,WpNum);
end;
end.