这两天有空,就写个文章互相交流吧,嗯......还是写植物大战僵尸的吧,杠精们别喷我,我只是一个小白。
先引用本人所写的上一篇帖子:
Python 实现植物大战僵尸阳光修改 - 『软件调试区』 - 吾爱破解 - LCG - LSG |安卓破解|病毒分析|破解软件|www.52pojie.cn https://www.52pojie.cn/thread-912306-1-1.html
(出处: 吾爱破解论坛)
准备:
- 软件:植物大战僵尸中文版
- 工具:CheatEngine 、Python3.8、PIP、Pywin32、Pycharm等目标:实现植物大战僵尸随意修改阳光,修改金币,修改无冷却,修改小蜗牛巧克力、修改杀虫剂、修改聪明树化肥、修改普通化肥等
开始:
- 关于CE部门,本人不展开详细找地点,直接放出汇编地点:
- [Asm] 纯文本查看 复制代码冷却偏移:第1格:[[[6A9EC0]+768]+144]+70 第2格:[[[6A9EC0]+768]+144]+C0 第3格:[[[6A9EC0]+768]+144]+110 第4格:[[[6A9EC0]+768]+144]+160 第5格:[[[6A9EC0]+768]+144]+1B0 第6格:[[[6A9EC0]+768]+144]+200 第7格:[[[6A9EC0]+768]+144]+250 第8格:[[[6A9EC0]+768]+144]+2A0 第9格:[[[6A9EC0]+768]+144]+2F0 第10格:[[[6A9EC0]+768]+144]+340[Asm] 纯文本查看 复制代码
- 阳光:[[6a9ec0]+768]+5560
- 金币:[[6a9ec0]+82C]+28
- 普通肥料:[[6a9f78]+82C]+1f8
- 聪明树化肥:[[6aa00c]+82C]+230
- 蜗牛巧克力:[[6aa00c]+82C]+228
- 杀虫剂:[[6a9f38]+82C]+1fc
- Python3.8 肯定要安装pywin32,安装命令 :pip install pywin32
如图: 安装完毕即可开工:
打开Pycharm:
- 导入Python库:
[Python] 纯文本查看 复制代码import win32guiimport win32processimport win32apiimport ctypesimport time
- 阳光修改代码:
[Python] 纯文本查看 复制代码def change_sun(Phand, sun_num): sun_date = ctypes.c_long() kernel32.ReadProcessMemory(int(Phand), 0x6A9EC0, ctypes.byref(sun_date), 4, None) kernel32.ReadProcessMemory(int(Phand), sun_date.value + 0x768, ctypes.byref(sun_date), 4, None) new_sun_date = ctypes.c_long(sun_num) kernel32.WriteProcessMemory(int(Phand), sun_date.value + 0x5560, ctypes.byref(new_sun_date), 4, None)
- 款项修改代码:[Python] 纯文本查看 复制代码def change_money(Phand, money): money_date = ctypes.c_long() kernel32.ReadProcessMemory(int(Phand), 0x6A9EC0, ctypes.byref(money_date), 4, None) kernel32.ReadProcessMemory(int(Phand), money_date.value + 0x82C, ctypes.byref(money_date), 4, None) new_money_date = ctypes.c_long(money) kernel32.WriteProcessMemory(int(Phand), money_date.value + 0x28, ctypes.byref(new_money_date), 4, None)
- 冷却时间修改代码:[Python] 纯文本查看 复制代码def change_cooling(Phand, cooling): while 1000: time.sleep(1) cooling_data = ctypes.c_long() kernel32.ReadProcessMemory(int(Phand), 0x6A9EC0, ctypes.byref(cooling_data), 4, None) kernel32.ReadProcessMemory(int(Phand), cooling_data.value + 0x768, ctypes.byref(cooling_data), 4, None) kernel32.ReadProcessMemory(int(Phand), cooling_data.value + 0x144, ctypes.byref(cooling_data), 4, None) # kernel32.ReadProcessMemory(int(Phand),cooling_data.value,ctypes.byref(cooling_data),4,None) new_cooling_date = ctypes.c_long(cooling) kernel32.WriteProcessMemory(int(Phand), cooling_data.value + 0x70, ctypes.byref(new_cooling_date), 4, None) kernel32.WriteProcessMemory(int(Phand), cooling_data.value + 0xC0, ctypes.byref(new_cooling_date), 4, None) kernel32.WriteProcessMemory(int(Phand), cooling_data.value + 0x110, ctypes.byref(new_cooling_date), 4, None) kernel32.WriteProcessMemory(int(Phand), cooling_data.value + 0x160, ctypes.byref(new_cooling_date), 4, None) kernel32.WriteProcessMemory(int(Phand), cooling_data.value + 0x1B0, ctypes.byref(new_cooling_date), 4, None) kernel32.WriteProcessMemory(int(Phand), cooling_data.value + 0x200, ctypes.byref(new_cooling_date), 4, None) kernel32.WriteProcessMemory(int(Phand), cooling_data.value + 0x250, ctypes.byref(new_cooling_date), 4, None) kernel32.WriteProcessMemory(int(Phand), cooling_data.value + 0x2A0, ctypes.byref(new_cooling_date), 4, None) kernel32.WriteProcessMemory(int(Phand), cooling_data.value + 0x2F0, ctypes.byref(new_cooling_date), 4, None) kernel32.WriteProcessMemory(int(Phand), cooling_data.value + 0x340, ctypes.byref(new_cooling_date), 4, None)
- 小蜗牛巧克力修改代码:[Python] 纯文本查看 复制代码def change_chotolate(Phand, chotolate): chotolate_data = ctypes.c_long() kernel32.ReadProcessMemory(int(Phand), 0x6A9F38, ctypes.byref(chotolate_data), 4, None) kernel32.ReadProcessMemory(int(Phand), chotolate_data.value + 0x82C, ctypes.byref(chotolate_data), 4, None) new_chotolate_date = ctypes.c_long(1000 + chotolate) kernel32.WriteProcessMemory(int(Phand), chotolate_data.value + 0x228, ctypes.byref(new_chotolate_date), 4, None)
- 聪明树肥料修改代码:[Python] 纯文本查看 复制代码def change_tree(Phand, tree): tree_data = ctypes.c_long() kernel32.ReadProcessMemory(int(Phand), 0x6AA00C, ctypes.byref(tree_data), 4, None) kernel32.ReadProcessMemory(int(Phand), tree_data.value + 0x82C, ctypes.byref(tree_data), 4, None) new_tree_date = ctypes.c_long(1000 + tree) kernel32.WriteProcessMemory(int(Phand), tree_data.value + 0x230, ctypes.byref(new_tree_date), 4, None)
- 普通化肥修改代码:[Python] 纯文本查看 复制代码def change_fertilizer(Phand,fertilizer): fertilizer_data = ctypes.c_long() kernel32.ReadProcessMemory(int(Phand), 0x6A9F78, ctypes.byref(fertilizer_data), 4, None) kernel32.ReadProcessMemory(int(Phand), fertilizer_data.value + 0x82C, ctypes.byref(fertilizer_data), 4, None) new_fertilizer_date = ctypes.c_long(1000 + fertilizer) kernel32.WriteProcessMemory(int(Phand), fertilizer_data.value + 0x1F8, ctypes.byref(new_fertilizer_date), 4, None)
- 杀虫剂修改代码:[Python] 纯文本查看 复制代码def change_insecticide(Phand,insecticide): insecticide_data = ctypes.c_long() kernel32.ReadProcessMemory(int(Phand), 0x6A9F38, ctypes.byref(insecticide_data), 4, None) kernel32.ReadProcessMemory(int(Phand), insecticide_data.value + 0x82C, ctypes.byref(insecticide_data), 4, None) new_insecticide_data = ctypes.c_long(1000 + insecticide) kernel32.WriteProcessMemory(int(Phand), insecticide_data.value + 0x1FC, ctypes.byref(new_insecticide_data), 4, None)
- 主线程代码:[Python] 纯文本查看 复制代码def change(): # 调用修改函数 number_change = input("请输入序号") if number_change == "1": change_sun(Phand, int(input("请输入所需要的阳光:"))) elif number_change == "2": change_sun(Phand, int(input("请输入所需要的阳光:"))) elif number_change == "3": change_money(Phand,int(input("请输入所需要的金币:"))) elif number_change == "4": change_chotolate(Phand, int(input("请输入所需要的蜗牛巧克力:"))) elif number_change == "5": change_tree(Phand, int(input("请输入所需要的聪明树肥料:"))) elif number_change == "6": change_fertilizer(Phand,int(input("请输入所需要的普通肥料:"))) elif number_change == "7": change_insecticide(Phand,int(input("请输入所需要的杀虫剂:"))) elif number_change == "8": change_cooling(Phand,1) #冷却时间 return change()全局变量:
[Python] 纯文本查看 复制代码if __name__ == '__main__': # 调用动态链接库 kernel32 = ctypes.windll.LoadLibrary('kernel32.dll') # 调用最高权限实行 PROCESS_ALL_ACCESS = (0x000F0000 | 0x00100000 | 0xFFF) # 获取窗口句柄 windos_handle = win32gui.FindWindow(None, "植物大战僵尸中文版") # 获取进程PID read, pid = win32process.GetWindowThreadProcessId(windos_handle) # 获取进程句柄 Phand = win32api.OpenProcess(PROCESS_ALL_ACCESS, False, pid) # 调用修改函数 change()
代码分析:此代码雷同C写法,也是调用win32API来做偏移读写,所以,ctypes 在C语言和Python用法对比如下:
结果:
在Pycharm写完后,我们来验证一下结果:
注:结果按现截图电脑时间修改,无可作假,可看电脑时间!
- 阳光:
- 金币:
- 聪明树肥料 :
 普通化肥,蜗牛巧克力,杀虫剂:
OK修改成功!盼望各位大佬别喷!顺手刷一下小评分呗,谢谢!
来源:http://www.12558.net
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作! |
|Archiver|手机版|小黑屋|12558网页游戏私服论坛
|网站地图
发表于 2020-7-23 03:15:44