📄 call.pas
字号:
{******************************************************************************}
{ 编码比较混乱,不符合规则,如果伤到你眼睛,还请见谅 ^_^ }
{ -----DeepBlue 12/11/2008 }
{ 如果有什么问题或者疑问,请与我联系 }
{ -----deepblueemail@163.com }
{******************************************************************************}
unit Call;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, ComCtrls, StdCtrls,MainForm;
type
ZuoBiao_STR=record
x:Single;
z:Single;
y:Single;
end;
PZuoBiao_STR=^ZuoBiao_STR;
Sell_STR=record
Param1:DWORD;
Param2:DWORD;
Param3:DWORD;
Param4:DWORD;
Param5:DWORD;
Param6:DWORD;
Param7:DWORD;
Param8:DWORD;
end;
PSell_STR=^Sell_STR;
Speak_STR=packed record
SpeakWhat:array[0..255] of Byte;
SpeakLen:Integer;
end;
PSpeak_STR=^Speak_STR;
const
SendAddr=$409C70; //明文发包地址
SendEcx=$848520; //辅助地址
procedure Test;stdcall;
procedure JiNeng(JiNengID:Integer);stdcall; //14
procedure XuanGuai(GuaiID:Integer);stdcall; // 14
procedure KuaiJieJian(KeyPos:Integer);stdcall; //14
procedure Sell(WuPos:Integer);stdcall; //14
procedure Buy(WuPinID:Integer;BuyNum:Integer);stdcall; //14
procedure EatYao(YaoPos:Integer);stdcall ;//14
procedure XiuLiZhuangBei;stdcall;//14
procedure AotoSay(Say:string);stdcall;
procedure OpenNpc(NpcID:Integer);stdcall; //14
procedure JianWu(WuPosInList:Integer;XiangZiID:Integer);stdcall; //14
procedure CleanBeiBao(WuPos:Integer);stdcall; // 13
procedure OpenPickUpDlg(DlgID:Integer);stdcall; //未用
procedure ClosePickUpDlg(DlgID:Integer);stdcall;//未用
procedure NpcListMove(NpcListA:Integer);stdcall; //11 未用
procedure AotoMove(x,z,y:single);stdcall; // 未用 已在DLL中实现
implementation
//******************远程注入*********************//
procedure InjectFunc(Func: Pointer; Param: Pointer; ParamSize: DWORD);stdcall;
var
hRemoteThread: THandle;
lpNumberOfBytes: DWORD;
begin
if hProcess <> 0 then
begin
// ---- 写入函数地址
WriteProcessMemory(hProcess, ThreadAddr, Func, MemSize, lpNumberOfBytes);
// ---- 写入参数地址
WriteProcessMemory(hProcess, ParamAddr, Param, ParamSize, lpNumberOfBytes);
// ---- 创建远程线程
hRemoteThread := CreateRemoteThread(hProcess, nil, 0, ThreadAddr, ParamAddr, 0, lpNumberOfBytes);
// ---- 等待线程结束
WaitForSingleObject(hRemoteThread, INFINITE);
CloseHandle(hRemoteThread);
end;
end;
//*************************测试********************************//
procedure TestA(P:PZuoBiao_STR);stdcall
var
Address:pointer;
begin
Address:=Pointer($5F8230);
asm
pushad
push $960
call Address
add esp,4
popad
end;
end;
procedure Test;stdcall;
var
MyParam:P1_STR;
ParamSum:DWORD;
begin
ParamSum:=0;
InjectFunc(@TestA, @MyParam,ParamSum);
end;
//***********************坐标自动寻路********************//
procedure AotoMoveA(P:PZuoBiao_STR);stdcall
var
Address:pointer;
ZuoBiao:ZuoBiao_STR;
begin
Address:=Pointer($42F380);
ZuoBiao.x :=P.x;
ZuoBiao.z :=P.z;
ZuoBiao.y :=P.y;
asm
pushad
lea eax,ZuoBiao
push eax
mov ecx,dword ptr[GameBase]
call Address
popad
end;
end;
procedure AotoMove(x,z,y:single);stdcall;
var
MyParam:ZuoBiao_STR;
ParamSum:DWORD;
begin
MyParam.x :=x;
MyParam.z :=z;
MyParam.y :=y;
ParamSum:=sizeof(ParamSum);
InjectFunc(@AotoMoveA, @MyParam,ParamSum);
end;
//*******************快捷键CALL**************************************
procedure KuaiJieJianA(P:PP1_STR);stdcall
var
Address:pointer;
KeyPos:Integer;
begin
Address:=Pointer($4DCA80);
KeyPos:=P.Param1;
asm
pushad
push KeyPos
call Address
add esp,4
popad
end;
end;
procedure KuaiJieJian(KeyPos:Integer);stdcall;
var
MyParam:P1_STR;
ParamSum:DWORD;
begin
MyParam.Param1 :=KeyPos;
ParamSum:=sizeof(MyParam);
InjectFunc(@KuaiJieJianA, @MyParam,ParamSum);
end;
//*******************技能CALL**************************************
procedure JiNengA(P:PP1_STR);stdcall
var
Address:pointer;
JiNengAddr:Integer;
begin
Address:=Pointer($5DDE60);
JiNengAddr:=P.Param1;
asm
pushad
push 2
mov ecx,JiNengAddr
call Address
popad
end;
end;
procedure JiNeng(JiNengID:Integer);stdcall;
var
MyParam:P1_STR;
ParamSum:DWORD;
Head:Integer;
begin
MyParam.Param1:=Integer(JiNengAddr);
ParamSum:=sizeof(MyParam);
Head:=$784140;
WriteProcessMemory(hProcess,JiNengAddr, @Head, 4, ByteRead);
WriteProcessMemory(hProcess,Pointer(Integer(JiNengAddr)+$14), @JiNengID, 4, ByteRead);
InjectFunc(@JiNengA, @MyParam,ParamSum);
end;
//***********************选怪*********************************//
procedure XuanGuaiA(P:PP1_STR);stdcall
var
Address:pointer;
GuaiID:Integer;
begin
Address:=Pointer($5FBC50);
GuaiID:=P.Param1;
asm
pushad
mov eax,GuaiID
mov dword ptr [XuanZhongGuaiBase],eax
push eax
call Address
add esp,4
popad
end;
end;
procedure XuanGuai(GuaiID:Integer);stdcall;
var
MyParam:P1_STR;
ParamSum:DWORD;
begin
MyParam.Param1 :=GuaiID;
ParamSum:=sizeof(MyParam);
InjectFunc(@XuanGuaiA, @MyParam,ParamSum);
end;
//*******************NPC列表寻路************************//
procedure NpcListMoveA(P:PP1_STR);stdcall
var
Address:pointer;
NpcListBase:Integer;
begin
Address:=Pointer($455550);
NpcListBase:=P.Param1;
asm
pushad
mov ecx,NpcListBase
call Address
popad
end;
end;
procedure NpcListMove(NpcListA:Integer);stdcall;
var
MyParam:P1_STR;
ParamSum:DWORD;
begin
MyParam.Param1 :=NpcListA;
ParamSum:=sizeof(MyParam);
InjectFunc(@NpcListMoveA, @MyParam,ParamSum);
end;
//************************出售物品*********************//
procedure SellA(P:PP1_STR);stdcall
var
RealAddress,Addr:pointer;
WuPos:Integer;
SellParam:Sell_STR;
begin
RealAddress:=Pointer(SendAddr); //真正CALL地址
Addr:=Pointer($41EF90); //辅助CALL地址
WuPos:=P.Param1;
asm
pushad
push 0
push WuPos //位置
push 2
lea ecx,SellParam
Call Addr
push eax
mov ecx, SendEcx
call RealAddress
popad
end;
end;
procedure Sell(WuPos:Integer);stdcall;
var
MyParam:P1_STR;
ParamSum:DWORD;
begin
MyParam.Param1 :=WuPos;
ParamSum:=sizeof(MyParam);
InjectFunc(@SellA, @MyParam,ParamSum);
end;
//*************************物品购买*********************************//
procedure BuyA(P:PP1_STR);stdcall //购买和出售的CALL一样//
var
RealAddress,Addr:pointer;
WuPinID,BuyNum:Integer;
SellParam:Sell_STR;
begin
RealAddress:=Pointer(SendAddr); //真正CALL地址
Addr:=Pointer($41EF90); //辅助CALL地址
WuPinID:=P.Param1;
BuyNum:=P.Param2;
asm
pushad
push 0
push WuPinID
mov ecx,BuyNum
shl ecx,$10
or ecx,1
push ecx
lea ecx,SellParam
Call Addr
push eax
mov ecx, SendEcx
call RealAddress
popad
end;
end;
procedure Buy(WuPinID:Integer;BuyNum:Integer);stdcall;
var
MyParam:P1_STR;
ParamSum:DWORD;
begin
MyParam.Param1 :=WuPinID;
MyParam.Param2 :=BuyNum;
ParamSum:=sizeof(MyParam);
InjectFunc(@BuyA, @MyParam,ParamSum);
end;
//*************************吃药*************************************//
procedure EatYaoA(P:PP1_STR);stdcall //购买和出售的CALL一样//
var
RealAddress,Addr:pointer;
YaoPinPos:Integer;
SellParam:Sell_STR;
begin
RealAddress:=Pointer(SendAddr); //真正CALL地址
Addr:=Pointer($409420); //辅助CALL地址
YaoPinPos:=P.Param1;
asm
pushad
mov edx,dword ptr[$833BD0]
push edx
push YaoPinPos
lea ecx,SellParam
Call Addr
push eax
mov ecx, SendEcx
call RealAddress
popad
end;
end;
procedure EatYao(YaoPos:Integer);stdcall ;
var
MyParam:P1_STR;
ParamSum:DWORD;
begin
MyParam.Param1 :=YaoPos;
ParamSum:=sizeof(MyParam);
InjectFunc(@EatYaoA, @MyParam,ParamSum);
end;
//*************************捡物************************************//
procedure JianWuA(P:PP1_STR);stdcall
var
RealAddress,Addr:pointer;
WuPos:Integer;
XiangZiID:Integer;
SellParam:Sell_STR;
begin
RealAddress:=Pointer(SendAddr); //真正CALL地址
Addr:=Pointer($41F670); //辅助CALL地址
WuPos:=P.Param1;
XiangZiID:=P.Param2;
asm
pushad
push WuPos
push XiangZiID
lea ecx,SellParam
Call Addr
push eax
mov ecx, SendEcx
call RealAddress
mov byte ptr [$833AA5],0
popad
end;
end;
procedure JianWu(WuPosInList:Integer;XiangZiID:Integer);stdcall;
var
MyParam:P1_STR;
ParamSum:DWORD;
begin
MyParam.Param1 :=WuPosInList;
MyParam.Param2 := XiangZiID;
ParamSum:=sizeof(MyParam);
InjectFunc(@JianWuA, @MyParam,ParamSum);
end;
//************************维修装备***********************//
procedure XiuLiZhuangBeiA(P:PP1_STR);stdcall
var
RealAddress,Addr:pointer;
SellParam:Sell_STR;
begin
RealAddress:=Pointer(SendAddr); //真正CALL地址
Addr:=Pointer($41F060); //辅助CALL地址
asm
pushad
push -1
lea ecx,SellParam
Call Addr
push eax
mov ecx, SendEcx
call RealAddress
popad
end;
end;
procedure XiuLiZhuangBei;stdcall;
var
MyParam:P1_STR;
ParamSum:DWORD;
begin
ParamSum:=0;
InjectFunc(@XiuLiZhuangBeiA, @MyParam,ParamSum);
end;
//************************打开捡物对话框*****************//
procedure OpenPickUpDlgA(P:PP1_STR);stdcall
var
RealAddress,Addr:pointer;
DlgID:Integer;
SellParam:Sell_STR;
begin
RealAddress:=Pointer(SendAddr); //真正CALL地址
Addr:=Pointer($5F58E0); //辅助CALL地址
DlgID:=P.Param1;
asm
pushad
push DlgID
lea ecx,SellParam
Call Addr
push eax
mov ecx, SendEcx
call RealAddress
popad
end;
end;
procedure OpenPickUpDlg(DlgID:Integer);stdcall;
var
MyParam:P1_STR;
ParamSum:DWORD;
begin
MyParam.Param1 :=DlgID;
ParamSum:=sizeof(MyParam);
InjectFunc(@OpenPickUpDlgA, @MyParam,ParamSum);
end;
//***********************关闭捡物对话框*******************//
procedure ClosePickUpDlgA(P:PP1_STR);stdcall
var
RealAddress,Addr:pointer;
DlgID:Integer;
SellParam:Sell_STR;
begin
RealAddress:=Pointer(SendAddr); //真正CALL地址
Addr:=Pointer($41E7B0); //辅助CALL地址
DlgID:=P.Param1;
asm
pushad
push DlgID
lea ecx,SellParam
Call Addr
push eax
mov ecx, SendEcx
call RealAddress
popad
end;
end;
procedure ClosePickUpDlg(DlgID:Integer);stdcall;
var
MyParam:P1_STR;
ParamSum:DWORD;
begin
MyParam.Param1 :=DlgID;
ParamSum:=sizeof(MyParam);
InjectFunc(@OpenPickUpDlgA, @MyParam,ParamSum);
end;
//************************清理背包***********************//
procedure CleanBeiBaoA(P:PP1_STR);stdcall
var
RealAddress,Addr:pointer;
WuPos:Integer;
SellParam:Sell_STR;
begin
RealAddress:=Pointer(SendAddr); //真正CALL地址
Addr:=Pointer($41F110); //辅助CALL地址
WuPos:=P.Param1;
asm
pushad
push WuPos //位置
lea ecx,SellParam
Call Addr
push eax
mov ecx, SendEcx
call RealAddress
popad
end;
end;
procedure CleanBeiBao(WuPos:Integer);stdcall;
var
MyParam:P1_STR;
ParamSum:DWORD;
begin
MyParam.Param1 :=WuPos;
ParamSum:=sizeof(MyParam);
InjectFunc(@CleanBeiBaoA, @MyParam,ParamSum);
end;
//*************************打开NPC*****************************//
procedure OpenNpcA(P:PP1_STR);stdcall
var
RealAddress,Addr:pointer;
NpcID:Integer;
SellParam:Sell_STR;
begin
RealAddress:=Pointer(SendAddr); //真正CALL地址
Addr:=Pointer($51B1F0); //辅助CALL地址
NpcID:=P.Param1;
asm
pushad
push 0
push 8
push NpcID // NPC ID
lea ecx,SellParam
Call Addr
push eax
mov ecx, SendEcx
call RealAddress
popad
end;
end;
procedure OpenNpc(NpcID:Integer);stdcall;
var
MyParam:P1_STR;
ParamSum:DWORD;
begin
MyParam.Param1 :=NpcID;
ParamSum:=sizeof(MyParam);
InjectFunc(@OpenNpcA, @MyParam,ParamSum);
end;
//*************************喊话***************************//
procedure AotoSayA(P:PSpeak_STR);stdcall
var
RealAddress,Addr,SpeakAddr:pointer;
SellParam:Sell_STR;
SpeakLen:Integer;
begin
RealAddress:=Pointer(SendAddr); //真正CALL地址
Addr:=Pointer($48EE20); //辅助CALL地址
SpeakLen:=P.SpeakLen;
SpeakAddr:=@(P.SpeakWhat);
asm
pushad
push 0
push SpeakLen //长度
push SpeakAddr //内容
lea eax,SellParam
push eax
mov eax,dword ptr[GameBase]
add eax,$AC
push eax
push 2
call Addr
add esp,$18
push eax
mov ecx, SendEcx
call RealAddress
popad
end;
end;
procedure AotoSay(Say:string);stdcall;
var
MyParam:Speak_STR;
ParamSum,i:DWORD;
SayNeiRong:String;
begin
SayNeiRong:=Say;
MyParam.SpeakLen:=Length(SayNeiRong)+2;
MyParam.SpeakWhat[0]:=Byte(0); //这个游戏喊话的内容第一个字节必须是0 ,否则乱码
For i := 1 to Length(SayNeiRong) do
begin
MyParam.SpeakWhat[i]:=Byte(SayNeiRong[i]);
end;
ParamSum:=sizeof(MyParam);
InjectFunc(@AotoSayA, @MyParam,ParamSum);
end;
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -