Now I can only use c + + with CE pointer scanning to XXX. EXE + XXXXXX + + + XX XX XX this form to cheating, as the following, by CE scan results, only through the change, but I don't understand its meaning, can someone help me to read it?
#include
H # include "Windows."
# include "tlhelp32. H"
# include "vector"
#include
# include
#include
# include
#include
DWORD pID;
HANDLE pHandle;
DWORD64 GlobalPTR;
LPCSTR SigGlobalPTR="\ x4C \ x8D \ x05 \ x00 \ x00 \ x00 \ x00 \ x4D \ x8B \ x08 \ x4D \ x85 \ xC9 \ x74 \ x11";
LPCSTR MaskGlobalPTR="XXX???? XXXXXXXX ";
Struct module {DWORD64 dwBase dwSize; };
The module pModule;
The module GetModule (const char * moduleName) {
HANDLE hmodule=CreateToolhelp32Snapshot (TH32CS_SNAPMODULE, pID);
MODULEENTRY32 mEntry;
MEntry. DwSize=sizeof (mEntry);
Do {
if (! _stricmp (mEntry szModule moduleName)) {
The CloseHandle (hmodule);
PModule={(DWORD64) mEntry. HModule, mEntry modBaseSize};
Return pModule;
}
} while (Module32Next (hmodule, & amp; MEntry));
The module mod={(DWORD64) false, (DWORD64) false};
Return the mod.
}
HANDLE GetProcess (const char * processName) {
HANDLE HANDLE=CreateToolhelp32Snapshot (TH32CS_SNAPPROCESS, NULL);
PROCESSENTRY32 entry;
Entry. DwSize=sizeof (entry);
Do
if (! _stricmp (entry. SzExeFile, processName)) {
PID=entry. Th32ProcessID;
The CloseHandle (handle);
PHandle=OpenProcess (PROCESS_ALL_ACCESS, false, pID);
Return pHandle;
}
While (Process32Next (handle, & amp; Entry));
}
Bool MemoryCompare (const BYTE * bData, const BYTE * bMask, const char * szMask) {
For (; * szMask; , and a + + + + szMask bData, + + bMask) {
If (* szMask=='x' & amp; & * bData!={
* bMask)return false;
}
}
Return (* szMask==NULL);
}
DWORD64 FindSignature (DWORD64 start, DWORD64 size, const char * sig, const char * mask) {
BYTE * BYTE data=https://bbs.csdn.net/topics/new [size];
SIZE_T bytesRead;
ReadProcessMemory (pHandle, (LPVOID) start, data, and the size, & amp; BytesRead);
For (DWORD64 I=0; I & lt; The size; I++) {
If (MemoryCompare (const BYTE *) (data + I), (const BYTE *) sig, mask)) {
Return the start + I;
}
}
The delete [] data;
return NULL;
}
TemplateT ReadMemory (DWORD64 address) {T r. ReadProcessMemory (pHandle, (void *) address, & amp; R, sizeof (T), 0); return r; };
TemplateVoid WriteMemory (DWORD64 address, T value) {T v=value; WriteProcessMemory (pHandle, (void *) address, & amp; V, sizeof (T), 0); };
DWORD64 GA (int index) {int a=(8 * (index & gt;> 0 x12 & amp; 0 x3f)), b=(8 * (index & amp; 0 x3ffff)); Return ReadMemory//DWORD64 GA (int index) {return ReadMemory 0 x12 & amp; 0 x3f))) + (8 * (index & amp; 0 x3ffff)); }
The template & lt; Typename T> T GG (int index) {return ReadMemory(GA (index)); };
The template & lt; Typename T> Void SG (int index, T value) {WriteMemory(GA (index), value); };
Int main (int arg c, char * argv [])
{
If (GetProcess (" GTA5. Exe "))
{
GTA5. Exe module mod=GetModule (" ");
DWORD64 _Address=FindSignature (mod. DwBase, mod. DwSize SigGlobalPTR, MaskGlobalPTR);
GlobalPTR=_Address + ReadMemory(_Address + 3) + 7;
SG(1696433 + 1497 + 736 + 92 + 1 + 0, STD: : stoi (argv [1]));
SG(1696433 + 1497 + 736 + 92 + 1 + 1, STD: : stoi (argv [2]));
SG(1696433 + 1497 + 736 + 92 + 1 + 2, STD: : stoi (argv [3]));
SG(1696433 + 1497 + 736 + 92 + 1 + 3, STD: : stoi (argv [4]));
Int Player_1=GG(1696433 + 1497 + 736 + 92 + 1 + 0);//Global_1696433 f_1497. F_736. F_92 [0] - & gt; 1696433 + 1497 + 736 + 92 + 1 + 0
Int Player_2=GG(1696433 + 1497 + 736 + 92 + 1 + 1);//Global_1696433 f_1497. F_736. F_92 [1] - & gt; 1696433 + 1497 + 736 + 92 + 1 + 1
Int Player_3=GG(1696433 + 1497 + 736 + 92 + 1 + 2);//Global_1696433 f_1497. F_736. F_92 [2] - & gt; 1696433 + 1497 + 736 + 92 + 1 + 2
Int Player_4=GG(1696433 + 1497 + 736 + 92 + 1 + 3);//Global_1696433 f_1497. F_736. F_92 [3] - & gt; 1696433 + 1497 + 736 + 92 + 1 + 3
}
}
CodePudding user response:
VS the IDE in don't understand the symbol on the right mouse button, choose to define,And then there are the assembly language and the knowledge of the machine instructions to the bottom,