早些年用纯汇编写的一个自用的《征途》外挂(一)
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; Project Name: < Ver >
; by Ma YongQiang
; Copyright (C) StrongSoft 2006-2008. All rights reserved.
; E-Mail:0576Soft@gmail.com
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.386
.model flat, stdcall
option casemap :none
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; Include 文件定义
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
include windows.inc
include user32.inc
includelib user32.lib
include kernel32.inc
includelib kernel32.lib
include gdi32.inc
includelib gdi32.lib
include advapi32.inc
includelib advapi32.lib
include comctl32.inc
includelib comctl32.lib
include shell32.inc
includelib shell32.lib
_T MACRO text:VARARG ;This is a good macro
LOCAL _text
const segment
IFIDNI <text>,<>
_text db 0
ELSE
_text db text,0
ENDIF
const ends
EXITM <offset _text>
ENDM
_PROCVAR1 typedef proto :DWORD
PROCVAR1 typedef ptr _PROCVAR1
_PROCVAR2 typedef proto :DWORD, :DWORD
PROCVAR2 typedef ptr _PROCVAR2
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 方法声明
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
SaveOption PROTO
LoadOption PROTO
InitKeyList PROTO
CreateStatusBar PROTO
ReSize PROTO
CreateBarGround PROTO barID:DWORD
DrawBar PROTO position:DWORD, max:DWORD, barID:DWORD, bmpID:DWORD
ABS_32Bit PROTO number:DWORD
_EnablePrivilege PROTO lpPrivilegeVal:DWORD, flag:DWORD ; 提升本身进程的权限
GetSelfAddr PROTO
GetObjectAddr PROTO
GetSelfName PROTO lpBaseAddr:DWORD
GetSelfLifeInfo PROTO lpBaseAddr:DWORD
GetSelfMagicInfo PROTO lpBaseAddr:DWORD
GetSelfExpInfo PROTO lpBaseAddr:DWORD
GetSelfMapInfo PROTO
GetObjectInfo PROTO
GetSitState PROTO lpBaseAddr:DWORD
ShowSelfInfo PROTO lpBaseAddr:DWORD
ShowObjectInfo PROTO lpBaseAddr:DWORD
SafeSelf PROTO
HelpeSelf PROTO
AutoAssoilSkill PROTO
XianSafeObject PROTO
CopyMemory PROTO target:DWORD, source:DWORD, dwSize:DWORD
InitEventQueue PROTO lpEvtQueue:DWORD
EnterEventQueue PROTO lpEvtQueue:DWORD, lpEvt:DWORD
GetEventQueue PROTO lpEvtQueue:DWORD, lpEvt:DWORD
IsEmptyEventQueue PROTO lpEvtQueue:DWORD
AddKeyEventToQueue PROTO skillKeyIndex:DWORD, skillLevel:DWORD, time:DWORD, skillState:DWORD
MemSet PROTO dest:DWORD, char:BYTE, _dwSize:DWORD
SearchGameProcess PROTO lpProcessName:DWORD, lpPidFilterList:DWORD
IsExistGameProcess PROTO
EnumWindowProc PROTO hWnd:DWORD, lParam:DWORD
ShowTrayTimerProc PROTO hWnd:DWORD, uMsg:DWORD, idEvent:DWORD, dwTimer:DWORD
PickupTimerProc PROTO hWnd:DWORD, uMsg:DWORD, idEvent:DWORD, dwTimer:DWORD
DialogProc PROTO hWnd:DWORD, wMsg:DWORD, wParam:DWORD, lParam:DWORD
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; Equ 等值定义
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
include ControlID.asm
GAME_FAIRY_BASE_ADDRESS EQU 011F08E8H
COLOR_WHITE EQU 0FFFFFFH
NIF_INFO EQU 00000010H
MAX_KEY_EVENT EQU 0FFH
NIIF_NONE EQU 00000000H
NIIF_INFO EQU 00000001H
NIIF_WARNING EQU 00000002H
NIIF_ERROR EQU 00000003H
WM_SHELLNOTIFY EQU WM_USER + 5
MAX_GAME_PROCESS_INFO EQU 20
GPI_MAPFILE_SIZE EQU sizeof GAME_PROCESS_INFO * MAX_GAME_PROCESS_INFO
SIT_STATE_DOWN EQU 00000002H
SIT_STATE_UP EQU 00000000H
SKILL_LVEVL_LOW EQU 00000000H
SKILL_LVEVL_HIGH EQU 00000001H
SKILL_STATE_CODE_1 EQU 00000001H
SKILL_STATE_CODE_2 EQU 00000002H
SKILL_STATE_CODE_3 EQU 00000004H
SKILL_STATE_CODE_4 EQU 00000008H
SKILL_STATE_CODE_5 EQU 00000010H
SKILL_STATE_CODE_6 EQU 00000020H
SKILL_STATE_CODE_7 EQU 00000040H
SKILL_STATE_CODE_8 EQU 00000080H
SKILL_STATE_CODE_9 EQU 00000100H
SKILL_STATE_CODE_10 EQU 00000200H
SKILL_STATE_CODE_11 EQU 00000400H
SKILL_STATE_CODE_12 EQU 00000800H
SKILL_STATE_CODE_13 EQU 00001000H
SKILL_STATE_CODE_14 EQU 00002000H
SKILL_STATE_CODE_15 EQU 00004000H
SKILL_STATE_CODE_16 EQU 00008000H
SKILL_STATE_CODE_17 EQU 00010000H
SKILL_STATE_CODE_18 EQU 00020000H
SKILL_STATE_CODE_19 EQU 00040000H
SKILL_STATE_CODE_20 EQU 00080000H
SKILL_STATE_CODE_21 EQU 00100000H
SKILL_STATE_CODE_22 EQU 00200000H
SKILL_STATE_CODE_23 EQU 00400000H
SKILL_STATE_CODE_24 EQU 00800000H
SKILL_STATE_CODE_25 EQU 01000000H
SKILL_STATE_CODE_26 EQU 02000000H
SKILL_STATE_CODE_27 EQU 04000000H
SKILL_STATE_CODE_28 EQU 08000000H
SKILL_STATE_CODE_29 EQU 10000000H
SKILL_STATE_CODE_30 EQU 20000000H
SKILL_STATE_CODE_31 EQU 40000000H
SKILL_STATE_CODE_32 EQU 80000000H
SKILL_STATE_MASK_1 EQU 0
SKILL_STATE_MASK_2 EQU 1
SKILL_STATE_MASK_3 EQU 2
SKILL_STATE_MASK_4 EQU 3
SKILL_STATE_MASK_5 EQU 4
SKILL_STATE_MASK_6 EQU 5
SKILL_STATE_MASK_7 EQU 6
SKILL_STATE_MASK_8 EQU 7
SKILL_STATE_MASK_9 EQU 8
SKILL_STATE_MASK_10 EQU 9
SKILL_STATE_MASK_11 EQU 10
SKILL_STATE_MASK_12 EQU 11
SKILL_STATE_MASK_13 EQU 12
SKILL_STATE_MASK_14 EQU 13
SKILL_STATE_MASK_15 EQU 14
SKILL_STATE_MASK_16 EQU 15
SKILL_STATE_MASK_17 EQU 16
SKILL_STATE_MASK_18 EQU 17
SKILL_STATE_MASK_19 EQU 18
SKILL_STATE_MASK_20 EQU 19
SKILL_STATE_MASK_21 EQU 20
SKILL_STATE_MASK_22 EQU 21
SKILL_STATE_MASK_23 EQU 22
SKILL_STATE_MASK_24 EQU 23
SKILL_STATE_MASK_25 EQU 24
SKILL_STATE_MASK_26 EQU 25
SKILL_STATE_MASK_27 EQU 26
SKILL_STATE_MASK_28 EQU 27
SKILL_STATE_MASK_29 EQU 28
SKILL_STATE_MASK_30 EQU 29
SKILL_STATE_MASK_31 EQU 30
SKILL_STATE_MASK_32 EQU 31
KEYEVENTF_UNICODE EQU 0004H
;INPUT_MOUSE EQU 0
;INPUT_KEYBOARD EQU 1
;INPUT_HARDWARE EQU 2
;游戏进程信息
GAME_PROCESS_INFO STRUCT
PID DWORD ? ; 当前辅助的游戏进程PID
IsRunning DWORD ? ; 当前辅助是否在运行
GAME_PROCESS_INFO ENDS
;新的托盘图标信息
NEWNOTIFYICONDATA STRUCT
cbSize DWORD ?
hWnd DWORD ?
uID DWORD ?
uFlags DWORD ?
uCallbackMessage DWORD ?
hIcon DWORD ?
szTip BYTE 128 DUP(?)
dwState DWORD ?
dwStateMask DWORD ?
szInfo BYTE 256 DUP(?)
UNION
uTimeout DWORD ?
uVersion DWORD ?
ENDS
szInfoTitle BYTE 64 dup(?)
dwInfoFlags DWORD ?
;guidItem GUID <?>
NEWNOTIFYICONDATA ENDS
;键盘输入
KEYBOARDINPUT STRUCT
wVk DWORD ?
wScan DWORD ?
dwFlags DWORD ?
dwTime DWORD ?
dwExtrainfo DWORD ?
KEYBOARDINPUT ENDS
;鼠标输入
MOUSEINPUT STRUCT
X DWORD ?
Y DWORD ?
mouseData DWORD ?
dwFlags DWORD ?
dwTime DWORD ?
dwExtraninfo DWORD ?
MOUSEINPUT ENDS
;其他硬件输入
HARDWAREINPUT STRUCT
uMsg DWORD ?
wParamL WORD ?
wParamH WORD ?
HARDWAREINPUT ENDS
;输入结构
INPUT STRUCT
dwType DWORD ?
UNION
ki KEYBOARDINPUT <>
mi MOUSEINPUT <>
hi HARDWAREINPUT <>
ENDS
INPUT ENDS
;事件队列的节点
EVENTDATA STRUCT
EvtInput INPUT <>
dwDelay dd ? ; 进入下一事件的等待时间
dwLevel dd ? ; 当前事件的优先级
dwCurWnd dd ? ; 当前事件的目标窗口句柄
dwEvtMask dd ? ; 事件屏蔽码
EVENTDATA ENDS
;事件队列
EVENTQUEUE STRUCT
evt EVENTDATA MAX_KEY_EVENT dup(<>)
front db ?
rear db ?
EVENTQUEUE ENDS
EL_MAPFILE_SIZE EQU sizeof EVENTQUEUE
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 数据段
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.DATA?
g_EvtQueue EVENTQUEUE <>
;g_GameInfo GAME_PROCESS_INFO MAX_GAME_PROCESS_INFO dup(<>)
.DATA
g_InstanceHandle dd ? ; 本进程的实例句柄
g_MainWnd dd ? ; 本进程的主窗体句柄
g_ZTCurWnd dd ? ; 游戏主窗体
g_StatusBarWnd dd ? ; 本进程的状态栏句柄
g_GPIHandle dd ? ; 内存映射文件句柄
g_MapFileMemoryAddr dd ? ; 指向内存映射到的内存的首地址指针
;g_IndexOfMapFile dd ? ; 内存映射中没有使用的索引
;系统托盘图标
g_stNIF NEWNOTIFYICONDATA <>
g_ShowTrayInfoLastTime dd ? ; 上一次显示托盘信息时间
lpShell_NotifyIcon PROCVAR2 ?
g_lpShellNotifyDll dd ?
g_lpInstallApiHookDll dd ?
lpInstallApiHook PROCVAR2 ?
lpSetKeyData PROCVAR2 ?
g_IsRunning dd ? ; 是否有多个辅助程序正在运行
;g_EvtQueueOfMapAddr dd ? ; 事件队列在映射文件中的地址
g_stCS CRITICAL_SECTION <>
g_hMutex dd ? ; 事件执行互斥体
g_ZTProcess dd ? ; OpenProcess 返回的游戏句柄
g_ZTCurPID dd ? ; 游戏进程PID
g_PidFilter dd MAX_GAME_PROCESS_INFO dup(?) ; 要过滤得游戏进程ID
g_FairyAddr dd ? ; 由游戏人物在内存中的基地址获取的人物信息地址
g_ObjectAddr dd ? ; 由游戏人物在内存中的基地址获取的怪物信息地址
;角色信息
g_SelfName db 32 dup(?)
g_SelfCurLife dd ?
g_SelfMaxLife dd ?
g_SelfCurMagic dd ?
g_SelfMaxMagic dd ?
g_SelfCurExp dq ?
g_SelfMaxExp dq ?
g_SelfPosX dd ?
g_SelfPosY dd ?
g_SelfCountryName db 5 dup(?)
g_SelfMapName db 32 dup(?)
;经验速率计算方法,(当前经验-开始经验) * (60 / 流逝时间)
;开始经验计算方法:如果当前的获取的经验连续10次都处在递增状态,并且每次间隔小于5秒
;流逝时间:当前时刻 - 开始经验的起始时刻
g_StartExp dd ? ; 计算经验速率的起始经验
g_StartCalcTime dd ? ; 计算经验速率的起始时间
g_LastPointTime dd ? ; 上一点经验递增时间,用于计算间隔时间
g_ExpIncCount dd ? ; 经验递增计数
g_ExpSpeed dd ? ; 经验速率
g_ExpUpdateTimeI dd ? ; 预计升级时间整数部分
g_ExpUpdateTimeF dd ? ; 预计升级时间浮点数部分
g_OldSelfCurLife dd ?
g_OldSelfMaxLife dd ?
g_OldSelfCurMagic dd ?
g_OldSelfMaxMagic dd ?
g_OldSelfCurExp dd ?
g_OldSelfMaxExp dd ?
g_OldSelfPosXY db 32 dup(?)
g_OldSelfMapName db 32 dup(?)
g_OldSelfName db 64 dup(?)
;*************** 自身辅助
;生命百分比
g_Self_Safe_Life_Percent_1 dd ?
g_Self_Safe_Life_Percent_2 dd ?
g_Self_Safe_Life_Percent_3 dd ?
g_Self_Safe_Life_Percent_4 dd ?
;魔法
g_Self_Safe_Magic_Percent dd ?
;**************** 自身技能释放间隔时间
g_Set_Skill_Interval_Time_1 dd ?
g_Set_Skill_Interval_Time_2 dd ?
g_Set_Skill_Interval_Time_3 dd ?
g_Set_Skill_Interval_Time_4 dd ?
g_SkillAssoilBackTime_1 dd ?
g_SkillAssoilBackTime_2 dd ?
g_SkillAssoilBackTime_3 dd ?
g_SkillAssoilBackTime_4 dd ?
g_Skill_Assoil_1 db ?
g_Skill_Assoil_2 db ?
g_Skill_Assoil_3 db ?
g_Skill_Assoil_4 db ?
g_Skill_Interval_1 dd ?
g_Skill_Interval_2 dd ?
g_Skill_Interval_3 dd ?
g_Skill_Interval_4 dd ?
;目标信息
g_ObjectName db 32 dup(?)
g_ObjectCurLife dd ?
g_ObjectMaxLife dd ?
g_ObjectCurMagic dd ?
g_ObjectMaxMagic dd ?
g_ObjectPosX dd ?
g_ObjectPosY dd ?
g_OldObjectName db 32 dup(?)
g_OldObjectLifeInfo db 32 dup(?)
g_OldObjectMagicInfo db 32 dup(?)
g_OldObjectPosInfo db 32 dup(?)
;*************** 目标
;生命百分比
g_Object_Safe_Life_Percent_1 dd ?
g_Object_Safe_Life_Percent_2 dd ?
;法力百分比
g_Object_Safe_Magic_Percent dd ?
g_SS_sTime dd ?
g_ZS_sTime dd ?
g_AutoPickupState dd ? ; 是否自动捡取垃圾
g_ObjectNotInRangle dd ? ; 目标是否在施法范围之内
g_Timer dd ?
g_PopupMenu dd ?
g_stInput INPUT 2 dup(<>)
g_GameFairyBaseAddress dd GAME_FAIRY_BASE_ADDRESS ; 游戏人物在内存中的基地址
g_IndexOfMapFile dd 0FFFFFFFFH ; 内存映射中没有使用的索引
g_HelpStop dd TRUE ; 是否停止线程
g_SitState dd 0FFFFFFFFH ; 角色是否是打坐/站立
g_SectionName db 'option', 0
g_IsLoadOption dd FALSE ; 是否已经载入了设置项
g_SSAssoiled dd FALSE ; 是否释放了神圣祝福技能
g_ZSAssoiled dd FALSE ; 是否释放了战神祝福技能
g_ObjectIsPlayer dd FALSE ; 目标是否是玩家
g_SkillAssoilState dd 00000000H ; 要释放的技能是否入队标志
.CONST
g_PITEM_SM db '显示主窗体(&S)', 0
g_PITEM_SG db '显示游戏窗体(&G)', 0
g_PITEM_HG db '隐藏游戏窗体(&H)', 0
g_PITEM_AP db '自动捡取垃圾(&P)', 0
g_PITEM_EA db '退出辅助(&X)', 0
mySE_DEBUG_NAME db 'SeDebugPrivilege', 0
g_GPIMapFile db 'GAME_PROCESS_INFO', 0
g_ELMapFile db 'EVENT_LIST', 0
g_ZTProcessName db 'zhengtu.dat', 0
g_OptionFileName db '.\option.ini', 0
g_Num2StrFormat db '%d', 0
g_ComboBoxData db '0;1;2;3;4;5;6;7;8;9;F1;F2;F3;F4;F5;F6;F7;F8;F9;F10;F11;F12;', 0
g_StatusWidth dd 140, 240, 380, -1
g_ShowTrayInfo db '角色:%s', 0DH, 0AH
db '经验:%ld/%ld', 0DH, 0AH
db '生命:%ld/%ld', 0DH, 0AH
db '法力:%ld/%ld', 0DH, 0AH
db '位置:%s', 0DH,0AH
db '坐标:(%ld,%ld)', 0DH, 0AH
db '升级速率:%ld/小时', 0DH, 0AH
db '升级预计剩余:%d.%d小时', 0DH, 0AH
db '目标:%s', 0
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 代码段
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.CODE
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 保存设置
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
SaveOption proc uses ebx edi esi
local _buff1[32]:BYTE
local _buff2[32]:BYTE
invoke lstrcpy, addr g_SectionName, addr g_SelfName
mov ebx, IDC_CHECK_AUTO_LIFE
_save_check_state:
.if ebx == IDC_CHECK_HIDE_GAME_WINDOW
inc ebx
jmp _save_check_state
.endif
;push ecx
invoke wsprintf, addr _buff1, addr g_Num2StrFormat, ebx
;pop ecx
invoke IsDlgButtonChecked, g_MainWnd, ebx
.if eax == BST_CHECKED
mov eax, TRUE
.elseif eax == BST_UNCHECKED
mov eax, FALSE
.endif
invoke wsprintf, addr _buff2, addr g_Num2StrFormat, eax
invoke WritePrivateProfileString, addr g_SectionName, \
addr _buff1, addr _buff2, offset g_OptionFileName
inc ebx
cmp ebx, IDC_CHECK_CLOSE_TRAYINFO
jbe _save_check_state
mov ebx, IDC_EDIT_FAIRYNAME
_save_edit_value:
invoke wsprintf, addr _buff1, addr g_Num2StrFormat, ebx
invoke GetDlgItemText, g_MainWnd, ebx, addr _buff2, 32
invoke WritePrivateProfileString, addr g_SectionName, \
addr _buff1, addr _buff2, offset g_OptionFileName
inc ebx
cmp ebx, IDC_EDIT_SELF_MAGIC
jbe _save_edit_value
mov ebx, IDC_COMBO_AUTO_LIFE_KEY
_save_keylist_index:
invoke wsprintf, addr _buff1, addr g_Num2StrFormat, ebx
invoke SendDlgItemMessage, g_MainWnd, ebx, CB_GETCURSEL, 0, 0
invoke wsprintf, addr _buff2, addr g_Num2StrFormat, eax
invoke WritePrivateProfileString, addr g_SectionName, \
addr _buff1, addr _buff2, offset g_OptionFileName
inc ebx
cmp ebx, IDC_COMBO_SKILL_KEY_11
jbe _save_keylist_index
; invoke wsprintf, addr _buff1, addr g_Num2StrFormat, g_GameFairyBaseAddress
; invoke WritePrivateProfileString, _T('GAMEFAIRY'), \
; _T('Address'), addr _buff1, offset g_OptionFileName
xor eax, eax
ret
SaveOption endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 载入设置
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
LoadOption proc uses ebx edi esi
local _buff1[32]:BYTE
local _buff2[32]:BYTE
invoke lstrcpy, addr g_SectionName, addr g_SelfName
mov ebx, IDC_CHECK_AUTO_LIFE
_load_check_state:
.if ebx == IDC_CHECK_HIDE_GAME_WINDOW
inc ebx
jmp _load_check_state
.endif
invoke wsprintf, addr _buff1, addr g_Num2StrFormat, ebx
invoke GetPrivateProfileInt, addr g_SectionName, addr _buff1, \
FALSE, addr g_OptionFileName
.if eax
invoke SendDlgItemMessage, g_MainWnd, ebx, BM_SETCHECK,\
BST_CHECKED, 0
.if ebx == IDC_CHECK_SELF_SETTOP
invoke SetWindowPos, g_MainWnd, HWND_TOPMOST, 0, 0, 0, 0, \
SWP_NOMOVE or SWP_NOSIZE
.endif
.else
invoke SendDlgItemMessage, g_MainWnd, ebx, BM_SETCHECK,\
BST_UNCHECKED, 0
.endif
inc ebx
cmp ebx, IDC_CHECK_CLOSE_TRAYINFO
jbe _load_check_state
mov ebx, IDC_EDIT_FAIRYNAME
_load_edit_value:
invoke wsprintf, addr _buff1, addr g_Num2StrFormat, ebx
.if ebx == IDC_EDIT_FAIRYNAME
invoke GetPrivateProfileString, addr g_SectionName, addr _buff1, \
NULL, addr _buff2, 32, addr g_OptionFileName
invoke SendDlgItemMessage, g_MainWnd, ebx, WM_SETTEXT, 0, addr _buff2
inc ebx
jmp _load_edit_value
.endif
invoke GetPrivateProfileInt, addr g_SectionName, addr _buff1, \
50, addr g_OptionFileName
invoke SetDlgItemInt, g_MainWnd, ebx, eax, FALSE
inc ebx
cmp ebx, IDC_EDIT_SELF_MAGIC
jbe _load_edit_value
mov ebx, IDC_COMBO_AUTO_LIFE_KEY
_load_combo_keylist_index:
invoke wsprintf, addr _buff1, addr g_Num2StrFormat, ebx
invoke GetPrivateProfileInt, addr g_SectionName, addr _buff1, \
0, addr g_OptionFileName
.if eax >=0
invoke SendDlgItemMessage, g_MainWnd, ebx, CB_SETCURSEL, eax, 0
.endif
inc ebx
cmp ebx, IDC_COMBO_SKILL_KEY_11
jbe _load_combo_keylist_index
xor eax, eax
ret
LoadOption endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 初始化快捷键列表
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
InitKeyList proc uses ebx edi esi
local _szTemp[5]:BYTE
_start_addstring:
mov esi, offset g_ComboBoxData
lea edi, _szTemp
invoke RtlZeroMemory, addr _szTemp, 5
_next_addstring:
lodsb
and al, al
jz _exit_addstring
cmp al, ';'
je _send_addstring
stosb
jmp _next_addstring
_send_addstring:
mov ebx, IDC_COMBO_AUTO_LIFE_KEY
_loop_addstring_combos:
invoke SendDlgItemMessage, g_MainWnd, ebx, CB_ADDSTRING, 0, addr _szTemp
;invoke SendDlgItemMessage, g_MainWnd, ebx, CB_SETCURSEL, 0, 0
test eax, eax
inc ebx
cmp ebx, IDC_COMBO_SKILL_KEY_11
jbe _loop_addstring_combos
invoke RtlZeroMemory, addr _szTemp, 5
lea edi, _szTemp
jmp _next_addstring
_exit_addstring:
xor eax, eax
ret
InitKeyList endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 创建状态栏
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
CreateStatusBar proc uses ebx edi esi
invoke CreateStatusWindow, WS_CHILD or WS_VISIBLE or \
SBARS_SIZEGRIP, NULL, g_MainWnd, IDC_STATUSBAR
mov g_StatusBarWnd, eax
invoke SendMessage, g_StatusBarWnd, SB_SETPARTS, 4, \
offset g_StatusWidth
xor eax, eax
ret
CreateStatusBar endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 改变状态栏大小
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
ReSize proc
local _stRect1:RECT, _stRect2:RECT
invoke MoveWindow, g_StatusBarWnd, 0, 0, 0, 0, TRUE
invoke GetWindowRect, g_StatusBarWnd, addr _stRect1
invoke GetClientRect, g_MainWnd, addr _stRect2
mov ecx, _stRect2.right
sub ecx, _stRect2.left
mov eax, _stRect2.bottom
sub eax, _stRect2.top
sub eax, _stRect1.bottom
add eax, _stRect1.top
invoke MoveWindow, g_StatusBarWnd, 0, 0, ecx, eax, TRUE
xor eax, eax
ret
ReSize endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 创建进度条背景
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
CreateBarGround proc uses ebx edx esi edi barID:DWORD
local _hDC
local _hWnd
local _backDC, _groundDC
local _backBmp, _groundBmp
local _stRect:RECT
local _width, _height
invoke GetDlgItem, g_MainWnd, barID
mov _hWnd, eax
invoke GetClientRect, _hWnd, addr _stRect
;invoke ScreenToClient, _hWnd, addr _stRect
mov ecx, _stRect.right
sub ecx, _stRect.left
mov _width, ecx
mov ecx, _stRect.bottom
sub ecx, _stRect.top
mov _height, ecx
invoke GetDC, _hWnd
mov _hDC, eax
;创建后台位图缓冲区背景DC
invoke CreateCompatibleDC, _hDC
mov _backDC, eax
invoke CreateCompatibleBitmap, _hDC, _width, _height
mov _backBmp, eax
invoke SelectObject, _backDC, _backBmp
;载入背景图片并建立ID
invoke CreateCompatibleDC, _hDC
mov _groundDC, eax
invoke LoadBitmap, g_InstanceHandle, BMP_GROUND
mov _groundBmp, eax
invoke SelectObject, _groundDC, eax
;画上背景图
invoke BitBlt, _backDC, 0, 0, _width, _height, \
_groundDC, 0, 0, SRCCOPY
invoke BitBlt, _hDC, 0, 0, _width, _height, _backDC, \
0, 0, SRCCOPY
;清理
invoke ReleaseDC, _hWnd, _hDC
invoke DeleteDC, _backDC
invoke DeleteDC, _groundDC
invoke DeleteObject, _backBmp
invoke DeleteObject, _groundBmp
xor eax, eax
ret
CreateBarGround endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 绘制进度条
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
DrawBar proc uses ebx edi esi position:DWORD, max:DWORD, barID:DWORD, bmpID
local _Result
local _hWnd
local _bmpDC
local _hDC
local _bmp
local _stRect:RECT, _stNewRect:RECT
local _W, _H, _newW
local _stBmp:BITMAP
local _bmpW, _bmpH
local _stLF:LOGFONT
local _newFont, _oldFont
local _len
local _caption[255]:BYTE
mov _hDC, NULL
mov _bmpDC, NULL
mov _bmp, NULL
mov eax, position
cmp eax, max
ja _exit_draw_bar
invoke GetDlgItem, g_MainWnd, barID
mov _hWnd, eax
invoke GetDC, _hWnd
mov _hDC, eax
invoke GetClientRect, _hWnd, addr _stRect
mov ecx, _stRect.right
sub ecx, _stRect.left
mov _W, ecx
mov ecx, _stRect.bottom
sub ecx, _stRect.top
mov _H, ecx
;计算进度条位置
fninit
fild position
fild max
fdiv
fild _W
fmul
fist _Result
mov eax, _Result
cmp eax, 0
jle _draw_bar_string
mov _newW, eax
;画进度条
invoke CreateCompatibleDC, _hDC
mov _bmpDC, eax
invoke LoadBitmap, g_InstanceHandle, bmpID
mov _bmp, eax
invoke SelectObject, _bmpDC, _bmp
invoke GetObject, _bmp, sizeof BITMAP, addr _stBmp
push _stBmp.bmWidth
pop _bmpW
push _stBmp.bmHeight
pop _bmpH
invoke StretchBlt, _hDC, 0, 0, _newW, _H, _bmpDC, 0, 0, \
_bmpW, _bmpH, SRCCOPY
;绘制文字
_draw_bar_string:
invoke RtlZeroMemory, addr _stLF, sizeof LOGFONT
mov _stLF.lfWeight, FW_HEAVY
mov _stLF.lfCharSet, ANSI_CHARSET
mov eax, _H
sub eax, 2
mov _stLF.lfHeight, eax
invoke lstrcpy, addr _stLF.lfFaceName, _T('Arial')
invoke CreateFontIndirect, addr _stLF
mov _newFont, eax
invoke SelectObject, _hDC, _newFont
mov _oldFont, eax
invoke wsprintf, addr _caption, _T('%ld/%ld'), position, max
invoke lstrlen, addr _caption
mov _len, eax
invoke SetBkMode, _hDC, TRANSPARENT
invoke SetTextColor, _hDC, COLOR_WHITE
invoke DrawTextEx, _hDC, addr _caption, _len, addr _stRect, \
DT_CENTER, NULL
invoke InvalidateRect, _hWnd, NULL, FALSE
;清理资源
.if _oldFont
invoke DeleteObject, _oldFont
.endif
.if _newFont
invoke DeleteObject, _newFont
.endif
.if _hDC
invoke ReleaseDC, g_MainWnd, _hDC
.endif
.if _bmpDC
invoke DeleteDC, _bmpDC
.endif
.if _bmp
invoke DeleteObject, _bmp
.endif
_exit_draw_bar:
xor eax, eax
ret
DrawBar endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 取绝对值
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
ABS_32Bit proc uses edx edi esi number:DWORD
mov eax, number
or eax, eax
jns _nosign
sub eax, 1
not eax
ret
_nosign:
mov eax, number
ret
ABS_32Bit endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 提升进程权限
; 参数: privilegeValeAddr 要提升的权限类型
; flag 是否提升该权限类型
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_EnablePrivilege PROC lpPrivilegeVal:DWORD, flag:DWORD
local _stTP:TOKEN_PRIVILEGES
local _hToken:DWORD
local _hProcess:DWORD
invoke RtlZeroMemory,addr _stTP,sizeof _stTP
invoke GetCurrentProcess
mov _hProcess,EAX
invoke OpenProcessToken,_hProcess,\
TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY or TOKEN_READ,addr _hToken
invoke LookupPrivilegeValue,NULL,lpPrivilegeVal,addr _stTP.Privileges[0].Luid
mov _stTP.PrivilegeCount,1;
mov eax, flag
test al, al
jz Disabled_Privilege
mov _stTP.Privileges[0].Attributes, SE_PRIVILEGE_ENABLED
jmp Adjust_Privilege
Disabled_Privilege:
mov _stTP.Privileges[0].Attributes, 0
Adjust_Privilege:
invoke AdjustTokenPrivileges,_hToken, FALSE,\
addr _stTP,0,NULL,0
invoke CloseHandle, _hToken
ret
_EnablePrivilege endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 获取角色信息首地址
; Result: eax(TRUE, 成功;FALSE,失败)
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
GetSelfAddr proc uses ebx edi esi
invoke ReadProcessMemory, g_ZTProcess, g_GameFairyBaseAddress, \
addr g_FairyAddr, 4, NULL
test eax, eax
jz _get_self_addr_err
mov eax, TRUE
ret
_get_self_addr_err:
xor eax, eax
ret
GetSelfAddr endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 获取目标信息首地址
; Result: eax(TRUE, 成功;FALSE,失败)
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
GetObjectAddr proc uses ebx edi esi
mov ebx, g_GameFairyBaseAddress
add ebx, 04H
invoke ReadProcessMemory, g_ZTProcess, ebx, \
addr g_ObjectAddr, 4, NULL
test eax, eax
jz _get_object_addr_err
mov eax, TRUE
ret
_get_object_addr_err:
xor eax,eax
ret
GetObjectAddr endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 获取角色名称
; Result: eax(TRUE, 成功;FALSE, 失败)
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
GetSelfName proc uses ebx edi esi lpBaseAddr:DWORD
cmp lpBaseAddr, NULL
jne _get_self_name_start
push g_FairyAddr
pop lpBaseAddr
_get_self_name_start:
mov ebx, lpBaseAddr
add ebx, 04H
invoke RtlZeroMemory, addr g_SelfName, 32
invoke ReadProcessMemory, g_ZTProcess, ebx, addr g_SelfName, 32, NULL
test eax, eax
jz _get_self_name_err
mov eax, TRUE
ret
_get_self_name_err:
invoke RtlZeroMemory, addr g_SelfName, 32
xor eax, eax
ret
GetSelfName endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 获取角色生命信息
; Result: eax(TRUE, 成功;FALSE, 失败)
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
GetSelfLifeInfo proc uses ebx edi esi lpBaseAddr:DWORD
cmp lpBaseAddr, NULL
jne _get_self_life_info_start
push g_FairyAddr
pop lpBaseAddr
_get_self_life_info_start:
mov ebx, lpBaseAddr
add ebx, 40H
invoke ReadProcessMemory, g_ZTProcess, ebx, addr g_SelfCurLife, 4, NULL
test eax, eax
jz _get_self_life_info_err
mov ebx, lpBaseAddr
add ebx, 44H
invoke ReadProcessMemory, g_ZTProcess, ebx, addr g_SelfMaxLife, 4, NULL
test eax, eax
jz _get_self_life_info_err
mov eax, TRUE
ret
_get_self_life_info_err:
mov g_SelfCurLife, 0
mov g_SelfMaxLife, 0
xor eax, eax
ret
GetSelfLifeInfo endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 获取角色魔法值信息
; Result: eax(TRUE, 成功;FALSE, 失败)
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
GetSelfMagicInfo proc uses ebx edi esi lpBaseAddr:DWORD
cmp lpBaseAddr, NULL
jne _get_self_magic_info_start
push g_FairyAddr
pop lpBaseAddr
_get_self_magic_info_start:
mov ebx, lpBaseAddr
add ebx, 8BAH
invoke ReadProcessMemory, g_ZTProcess, ebx, addr g_SelfCurMagic, 4, NULL
test eax, eax
jz _get_self_magic_info_err
mov ebx, lpBaseAddr
add ebx, 8BEH
invoke ReadProcessMemory, g_ZTProcess, ebx, addr g_SelfMaxMagic, 4, NULL
test eax, eax
jz _get_self_magic_info_err
mov eax, TRUE
ret
_get_self_magic_info_err:
mov g_SelfCurMagic, 0
mov g_SelfMaxMagic, 0
xor eax,eax
ret
GetSelfMagicInfo endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 获取角色经验值信息
; Result: eax(TRUE, 成功;FALSE, 失败)
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
GetSelfExpInfo proc uses ebx edi esi lpBaseAddr:DWORD
cmp lpBaseAddr, NULL
jne _get_self_exp_info_start
push g_FairyAddr
pop lpBaseAddr
_get_self_exp_info_start:
mov ebx, lpBaseAddr
add ebx, 8EAH
invoke ReadProcessMemory, g_ZTProcess, ebx, addr g_SelfCurExp, 8, NULL
test eax, eax
jz _get_self_exp_info_err
mov ebx, lpBaseAddr
add ebx, 8F2H
invoke ReadProcessMemory, g_ZTProcess, ebx, addr g_SelfMaxExp, 8, NULL
mov eax, eax
jz _get_self_exp_info_err
mov eax, TRUE
ret
_get_self_exp_info_err:
push 0
pop DWORD ptr g_SelfCurExp
push 0
pop DWORD ptr g_SelfMaxExp
xor eax, eax
ret
GetSelfExpInfo endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 获取角色所在地图信息
; Result: eax(TRUE, 成功;FALSE, 失败)
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
GetSelfMapInfo proc uses ebx edi esi
;国家C4H
;地图104H
invoke RtlZeroMemory, addr g_SelfCountryName, 5
invoke RtlZeroMemory, addr g_SelfMapName, 32
mov ebx, g_GameFairyBaseAddress
sub ebx, 0C4H
invoke ReadProcessMemory, g_ZTProcess, ebx, addr g_SelfCountryName, 4, NULL
test eax, eax
jz _get_map_info_err
mov ebx, g_GameFairyBaseAddress
sub ebx, 104H
invoke ReadProcessMemory, g_ZTProcess, ebx, addr g_SelfMapName, 32, NULL
test eax, eax
jz _get_map_info_err
mov ebx, g_FairyAddr
add ebx, 02CH
invoke ReadProcessMemory, g_ZTProcess, ebx, addr g_SelfPosX, 4, NULL
test eax, eax
jz _get_map_info_err
mov ebx, g_FairyAddr
add ebx, 030H
invoke ReadProcessMemory, g_ZTProcess, ebx, addr g_SelfPosY, 4, NULL
test eax, eax
jz _get_map_info_err
mov eax, TRUE
ret
_get_map_info_err:
invoke RtlZeroMemory, addr g_SelfCountryName, 5
invoke RtlZeroMemory, addr g_SelfMapName, 32
mov g_SelfPosX, 0
mov g_SelfPosY, 0
xor eax, eax
ret
GetSelfMapInfo endp