金币13740
积分7338
注册时间2018-11-17
最后登录2024-11-23
|
本帖最后由 Struggle 于 2019-11-26 16:42 编辑
Spirits Abyss得分作弊辅助
main.cpp:
- #include "module.h"
-
- using namespace std;
-
-
- int main() {
- DWORD off1, off2, off3, off4;
- DWORD final_off;
- double new_score = 200000;
- double modified_score;
- char moduleName[] = "Spirits Abyss.exe";
-
- HWND hGameWindow = FindWindow(NULL, "Spirits Abyss (v5.4)");
- if (hGameWindow == NULL) {
- system("Color 4");
- cout << "Can't find Spirits Abyss window?\n";
- Sleep(3000);
- exit(-1);
- }
- else {
- system("Color A");
- cout << "////////////////////\n";
- cout << "Spirits Abyss found!\n";
- Sleep(1500);
- system("cls");
- DWORD procID;
- GetWindowThreadProcessId(hGameWindow, &procID);
- HANDLE handle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, procID);
- if (procID == NULL) {
- system("Color 4");
- cout << "Process ID was not found...\n";
- Sleep(3000);
- exit(-1);
- }
- else {
- system("Color a");
- cout << "Process ID found!\n";
- Sleep(1500);
- DWORD clientBase = dwGetModuleBaseAddress(_T(moduleName), procID);
- ReadProcessMemory(handle, (LPCVOID)(clientBase + 0x4B27F8), &off1, sizeof(double), NULL);
- ReadProcessMemory(handle, (LPCVOID)(off1 + 0x2C), &off2, sizeof(double), NULL);
- ReadProcessMemory(handle, (LPCVOID)(off2 + 0x10), &off3, sizeof(double), NULL);
- ReadProcessMemory(handle, (LPCVOID)(off3 + 0x6C), &off4, sizeof(double), NULL);
- Sleep(5);
- cout << "Found |1| " << hex << off1 << '\n';
- cout << "Found |2| " << hex << off2 << '\n';
- cout << "Found |3| " << hex << off3 << '\n';
- cout << "Found |4| " << hex << off4 << '\n';
- final_off = off4 + 0x30;
- WriteProcessMemory(handle, (LPVOID)(final_off), &new_score, sizeof(double), NULL);
- ReadProcessMemory(handle, (LPCVOID)(final_off), &modified_score, sizeof(modified_score), NULL);
- cout << " * Score Hacked --> " << modified_score << '\n';
- Sleep(3000);
- system("Color 4");
- system("title DONE!");
- system("cls");
- cout << "Finished fucking leaderboards! :)\n";
- Sleep(10000);
- }
- }
- return 0;
- }
module.cpp:
- #include <Windows.h>
- #include <TlHelp32.h>
- #include <iostream>
- #include <vector>
- #include <tchar.h>
-
- DWORD dwGetModuleBaseAddress(TCHAR* lpszModuleName, DWORD pID) {
- DWORD dwModuleBaseAddress = 0;
- HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pID);
- MODULEENTRY32 ModuleEntry32 = { 0 };
- ModuleEntry32.dwSize = sizeof(MODULEENTRY32);
-
- if (Module32First(hSnapshot, &ModuleEntry32)) {
- do {
- if (_tcscmp(ModuleEntry32.szModule, lpszModuleName) == 0) {
- dwModuleBaseAddress = (DWORD)ModuleEntry32.modBaseAddr;
- break;
- }
- } while (Module32Next(hSnapshot, &ModuleEntry32));
-
- }
- CloseHandle(hSnapshot);
- return dwModuleBaseAddress;
- }
module.h:
- #pragma once
- #include <Windows.h>
- #include <TlHelp32.h>
- #include <iostream>
- #include <vector>
- #include <tchar.h>
-
- DWORD dwGetModuleBaseAddress(TCHAR* lpszModuleName, DWORD pID);
|
|
发表于 2019-11-26 16:41
