PDA

View Full Version : 2011-1-20


steve8n3i
06-10-2011, 12:00 AM
PS: 12 floor, brother, can not return to select character screen, then you try to change the map, you can also see Xiapian to find the memory base address method (b), http://bbs.vrbrothers.com/viewthread. php? tid = 94578 & extra = page% 3D1


automatic was asked how the blood is not a post where I have a bench, reading the code of blood memory address it?

to share code, you use twice, first read the value out of the blood as the largest value, and then one to read, the current blood.

then you add a judge

if the current red <* Set the maximum percentage of red

then wash down medicine shortcut (the comrades who are interested can own use CALL)

ENd if

other supplement. . I rarely write linked to, unless it is not linked to the game (with Chinese characteristics is impossible to estimate.) . Are to buy, buy 30-50 a month.. . . Although there is a template, but must write their own light debugging N days. . To find base address to find CALL. A fast volume to 5 minutes, half an hour are likely to slow. . Have that spare time to write slowly. . Do not know how much work has been earned. .


in this area because I can no longer edit the post made map of the

here for so that we can understand, so I spent a lot of the vernacular. . . (Looks like a little unworthy of the university teacher... Talking about are not standardized... I was not out of the computer system. No way...) I can not think of a simpler method. Do not spray manure fields and then read. . Debating that less bad. Themselves to write a tutorial. Edition version can not add a cream, ah, ah ~ very hard to write nothing else to write power


brothers have always wanted to write a lot of simulated hang, but do not know where to start, and here I will take you from 0 to learn from, how to write a simulation of the hanging. Here I am biased in favor of tutorials focused on the simulation running in the background hanging. So they used to look for less color. In fact, I would not look for color. . . I used to read memory. . Wizard button is in fact how to read difficult memory, the memory will get, as long as the memory address directly copied to the universal template on the line. Recently started to write within the linked transfer E language, so put the universal template open, and a full set of tutorial reading, you can write a simulation of the shortest possible time hanging out (as long as you find yourself on behalf of several parameters into the line...) Basically, most of the script is simple and only travel this level. Of course, I find strange hanging Daguai only simple functions, nothing abnormal function. Because I always own use, was doing anything exciting game to bring my interest to write. What those tasks automatically. . . Khan. . You find someone else now. . .

basic requirements: a high level of VB level, not how much you know, constants, variables, what is the decimal, hexadecimal, and simple flow control if do while what is on the line, as well as know how to hook Unit Theorem (hang up when the range is used.) Do not say you do not understand. . High school there. . PEP high school math, elective (b), before these things while I was still teaching, which places students can be very easy. . Re not. . The book to see for yourself. . Three hours will be able to read. Read

Preface:

talk about the teaching program in this tutorial:

Basics:

(a) to find the memory base address (red and blue)

(b) linked to the main frame and the red and blue analog automatic wash down medicine

(c) to read people and blame game coordinates (memory type)

(d) automatically look for blame, is divided into two teaching

(1) time to find blame game reception

(2) time to find blame game background

(e) specify the range of hook

Advanced Posts:

(f) ** verification code (not compilation do not learn)



recommendations on learning: (only for novices, veterans do not look)


1, Chart Wizard button is the easy way, there are things that can be ready, so you often do not know a lot of theory, as long as people know how to plug-in basis, together with their parameters, and then a combination of . So I explain the process, I think the principle is not no need to explain that, as long as you know how to set the formula on the line. Unless some of the principles you use, I just explained, when speaking as popular, take life way of example. Each time the principles are clear, this time enough to get you to write a good simulation of hanging. In fact, these should be clear. . . VIS a C, not a year or two of obscenity and practice. No one dare not say that they are completely a beginning.


2, you will find most of my teaching speaking memory address. Because write back hanging, the basic memory address to be used. Know the address, you can just copy the address to me the code which can be directly used, key codes, and I also added an explanation. Of course, some code in the previous tutorial I explained why to use, the time up later, not to explain. Since my computer to a Web site last month, poisoning, the results of hard waste,Nike Shox (http://www.shoxairmaxshoes.com), so now my code is not in stock, when the temporary rush of writing tutorials, so what's wrong with no way to test one by one, so if there is something wrong, I hope that understanding . . Can change it on their own reform.


3, may be hit to some people, but do it anyway. . . Math bad people, they do not look down my tutorial, and is likely to be a waste of time


4, the brothers have no basis in the tutorial before. Some essential to self-knowledge. C language teaching is not recommended entry, or a certain entry video, because there are a lot less than what we do, or too deep or too shallow. Recommended to take high school math textbooks directly. Mathematics textbooks, there are now two chapters specifically about entry-level VB, learn simple programming after school to teach these two units, only half a day one, after taking class time to practice, the actual on a regular school hours, to 5, a total of 400 minutes to finish teaching, but also to the class, the students also pay attention to some aspects, even if the self-saving, adult 3 hours should be enough. I think the book for the novice to the master to write something good. These will be, the key entry you'll get it.


5, must be master of things are: constant, variable, basic process control. Other array, looking through books, simple to understand on the line. How many game used, according to the progress of learning how much.


6, I have sent to the code, not to throw away after reading it, it has to write again, not to say that the time to write all the letters in your dictation again, I do not work. But to sort out each line of thought. What is the code used in each step and then again under investigation, to bring into their parameters. Finally finished plug in some places when people should pay attention to where their next mark (for example, what is the character or hexadecimal), and frankly, key code, I would not have been, what function is used subroutines, to search under the help, and then copy the code into it. And I have a special notebook to record commonly used code formats. Looking for once, since then,RayBan Sunglasses (http://www.popsunglassesonline.com), and went inside to find the information collated format. After all, I was learning math, not so much back space formats and codes, not so much time spent on the computer.



7,


8, if I have sent aid, and antivirus software may report drug. Because these tools to write E, many wai hung all with his writing, so a lot of software, this software is reported to regard the drug treatment, because I always own use, not take it profitable, did not do anything to avoid killing treatment. The module I have only bought a genuine super-module, workshop version is ** (too expensive. Can not afford.), So I'm not sure I use the program must not poison. So clearly their thinking before downloading, if the computer is really poisoning, I assume no liability.

Well, now tutorial. First of all, to write hanging, need to know how much data the game, we can decide what action. Therefore, the content of this lesson is to solve some simple data --- the game (red and blue). For online games, the dynamic memory must be used. So now we make it clear first principles, about the time I try to avoid less use of jargon, using simple language to explain.

not understand why some people have the memory location every time the blood is changed, but since it is changed, and why we can find it through the regular process? Here I use the following graph, and then explained with some popular









Download (172.32 KB)

2009-8-5 14:08

therefore the amount of blood to find the game, the key is to the red road map to find the three numbers the same, which is the base address of an address (referred to below base to 1 out), offset 1, offset 2. Blood and then get the following equation

base 2 = base number 1 to put 1 + offset

blood base memory address = 2 to put the numbers + offset 2

HP value = blood by putting the number of memory address

seen from above, the memory address each time the game will become the reason of blood, the key is that every time you start the game when the base 1 of the figure is different.

Here we have just two days before the public beta of the game Number 27 ratings

, first open the CE, which is set to make use of kernel-mode debugger

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/09080514238ac2b74bb3319f90.jpg [/ img] Download (65.16 KB)

2009-8-5 14:23

2, click the Computer icon on the upper left corner

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/090805142589943c29d19f94ad.jpg [/ img] Download (30.68 KB)

2009-8-5 14:25

3, select the game process, press OK

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/090805142796d567b8b512b4bb.jpg [/ img] Download (29.57 KB)

2009-8-5 14:27

4, you can see the amount of blood is 220 characters, so the input 220, the first search point. The other with the default

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/090805143771ee1dd0afef7297.jpg [/ img] Download (96.37 KB)

2009-8-5 14:37

5, the following are the search results, you can see the results of many

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/09080514412e5900d5259a797e.jpg [/ img] Download (67.21 KB)

2009-8-5 14:41

6, strange cut out to make your DOT and CE in the drop-down box to select the type of scan to reduce the value of

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/0908051444292658c3e4b34ea3.jpg [/ img] Download (49.32 KB)

2009-8-5 14:44

7, the results of the search found a lot of finish. . . .

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/0908051450d855ccedc9b1e317.jpg [/ img] Download (97.32 KB)

2009-8-5 14:50

8, nothing more we search several times, until the relatively small numbers so far, look for an address by now

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/090805145000f8c9d8b524c577.jpg [/ img] Download (66.57 KB)

2009-8-5 14:50

9, double-click to find the address, put him to join the box below

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/0908051453820fc0a49236b648.jpg [/ img] Download (63.44 KB)

2009-8-5 14:53

10, described as a modification. memory address (the first game to find that the memory address), right-click the address, select the

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/0908051457d22fc5ccd790051f.jpg [/ img] Download (78.02 KB)

2009-8-5 14:57

11, the following is the result, and double-click the results found

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/0908051500e42ad9c2d2ed5da5.jpg [/ img] Download (26.23 KB)

2009-8-5 15:00

12, and then there are pictures, red expert says ecx +000001 e0, ecx here on behalf of two base by putting the value, 1e0 behalf offset 2. CE box is good to help us calculate the value of the secondary base, we just need to him. Write down this number friends. Through it to find the location of the secondary base

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/090805151315513dbd3886727c.jpg [/ img] Download (63.25 KB)

2009-8-5 15:13

13, point a new search, then enter just found the two values ​​within the base, and the hook 16 on the front of the band (because the data is 16 hexadecimal), then click the first search ( look for the value of which address and meet the above figure), obtained, the following two results, and then double-click the two results,GUCCI Sunglasses (http://www.popsunglassesonline.com), put them into the box below. A second, and add comments into the game to get the first possible second base.

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/0908051521d2ece13b6f142b92.jpg [/ img] Download (79.22 KB)

2009-8-5 15:21

14, second base is only one, so this is really only one of two results, (generally the first one is the real address, but not absolute. touch the RP,Prada Sunglasses (http://www.popsunglassesonline.com), you can also directly with the first), so next step is to determine what is really secondary base address. Just said, retreated to the game screen and then select the character into the game, a base change, two base the same, but placed second in the number of base changes, which result in blood at this time also changed the memory address the. So next thing is to retreat to the character selection screen, then enter the game by just methods (1 --- 13 steps), find time second base, he should be found before a return to the same second base.

I described as the following diagram (B may be the second base address) of the East, is the second time I get the search base may be secondary

. A comparison of the two get into the game second base address, the address is not only the red change, that he is the second base address.

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/09080515413e40e370d2349a6e.jpg [/ img] Download (94.08 KB)

2009-8-5 15:41

15, find the second base, through the panel on the map you found

second base address (10822D20) = a base value () + offset 1 ( )

So now we are looking for a base value and offset 1.

we said two base values ​​do not just go to the official game will not change, only enter the character selection screen when it changes, here we have to do is keep track of the second base, back to character selection screen to see who is inside the base address to write this stuff ~

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/09080516012df53f08e080b341.jpg [/ img] Download (73.72 KB)

2009-8-5 16:01

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/090805160137f8d0c04f38d80c.jpg [/ img] Download (154.2 KB)

2009-8-5 16:01

16, formally entered the game, we detected several results found that in the end, what is the true?

that we chose red, because he has mov

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/0908051605be2e47126b6f8ee3.jpg [/ img] Download (102.91 KB)

2009-8-5 16:05

17, double-click the red, and then obtain the following diagram. The red line that reads eax + ecx * 4, eax here in front of representatives of a base value of the put, ecx * 4 on behalf of the offset 1. CE box is a good one to help us calculate the value base, we just need to him. Write down this number friends. Through it to find a base address location. We also found ecx represent 4 (hexadecimal), 4 (hexadecimal) * 4 = 10 (hex). 10 is offset 1

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/0908051614f988fdb1112c0246.jpg [/ img] Download (128.72 KB)

2009-8-5 16:14

18, search for a value within the base 10822D10, to see which address is that he built. The result is a

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/0908051618b2a67248326a0e6e.jpg [/ img] Download (59.14 KB)

2009-8-5 16:18

19, Well, now we know everything, and the red part is that no matter what time into the game are the same. Find them, and now the memory can be carried out to find the location of the blood.

a base address (012BAB94)

second base address (10822D20) = a base value (10822D10) + offset 1 (10)

blood memory address (055FCE18) = two base values ​​(055FCC38) + offset 2 (1e0)

response rate reported with reference to props TOP

smilehack

Send PM Add to friends smilehack offline

UID236235 essence 2 points 47 160 posts egg -1 of 28 flowers were 44 silver 27 copper coins online 62 Reading Access 40 Registered 2009-3-31 time of 25 hours Last Login 2010-8-17 [img] images / newblue / userinfo.gif [/ img ]






first-year junior high school

[img] images/newblue/star_level2.gif [/ img] [img] images/newblue/star_level1.gif [/ img]

post 47 points in 28 of 160 flowers, a copper egg -1 of 27 gold 44 silver 62 Registered 2009-3-31 Last Login 2010-8-17 [img] images / magics / rtk_s.gif [/ img]

bench

[img] images / common / online_member.gif [/ img] Posted at 2009-8-5 13:03 |

look at the author of this post Last edited by the smilehack at 2009-8-5 16:50

under the following we want to test whether we get the correct idea is:

representatives of the following red part: no matter what plays into the game not going to change the amount of

base by putting the number 1 = read data (base 1)

base 2 = base 1 of the figures put a base address + offset 2 to put the figures = read data (base 2)

blood base memory address = 2 to put the 2 HP Digital + offset value = read data (blood memory address)

Based on the above ideas, write the code wizard buttons are as follows:

/ / next line is for the purpose of the game window handle. . To this parameter to use because of the following

Plugin jzs = Window.MousePoint ()

/ / define variables

VBS Dim hp base py1 py2 hpjz1 hpjz2

Rem program begins

/ / base, py1, py2, respectively, a base address of the building, offset 1, offset 2

/ / make changes to, the following three parameters for your own, you can directly get the number of your own blood the game, please note that all hexadecimal numbers will be inserted before & H, so that the computer know the number you enter is a hexadecimal, or as second line py2 without decimal & H became 10, in fact, representatives of 10 hex is 16 decimal

base = & H012BAB94

py1 = & H10

py2 = & H1e0

/ / hpjz1 on behalf of a number placed within the base, the next word meaning from a base in the data into hpjz1. Incidentally, all of the following additional sentence of the data obtained are Memory.Read32Bit hex

Plugin hpjz1 = Memory.Read32Bit (jzs, base)

/ / hpjz2 second base in place on behalf of the figures,Nike Air Max (http://www.shoxairmaxshoes.com), hpjz1 + py1 means to base a built-in digital + offset 1, get 2 base building, the next words mean, 2 to calculate the base building, and then from the second base in the read data into hpjz2

Plugin hpjz2 = Memory.Read32Bit (jzs, hpjz1 + py1)

/ / hp representative. . . Everyone knows what that means. . . hpjz2 + py2 means that the built-in base 2 number + offset 2, get HP memory location of the building, the next word which means to calculate the memory location of the building HP, HP memory address from the read data stored in the into the hp in

Plugin hp = Memory.Read32Bit (jzs, hpjz2 + py2)

/ / prevent the HP value is not decimal, so I converted to decimal all

hp = int (hp)

/ / pop-up message box how much HP is

MessageBox hp
Copy the code


then completely shut down the game and re-login, run the script to see how much blood to read:

[img] images / newblue / attachimg.gif [/ img] [img] attachments/month_0908/0908051642e9f867abbd1e7f7c.jpg [/ img] Download (131.47 KB)

2009-8-5 16:42

OK, that we found is correct. Tutorial (a) to this end. Amount. . Do not know if this look. . I m way to the hungry. Written by someone else to bring along a few graphics to find the base address of the Raiders. . You have to refer to the next. . http://bbs.vrbrothers.com/viewthread.php?tid=93836&highlight =% D5% D2% 2B% C4% DA% B4% E6

http://bbs.vrbrothers.com/viewthread.php?tid=33291&highlight =% C4% DA% B4% E6% BB% F9% D6% B7

next class we learn the background automatic blood, plus blue