I mainly analyze the technology of plug-in technology. It is not the same for each of the internal structures in the game. I don't have it, I am not so powerful, all know, huh, huh! 1 First, the original game plug-in principle plug-in now For a variety of, such as analog keyboard, mouse, modify the packet, and modify local memory, but it seems that there is no modification of the server memory, huh, it is actually a way to modify the server, but there is no way technology too much. Start! (For example, please go to night club, gift, money, money, etc. can modify server data, haha) modifying the game is nothing more than modifying the data of local memory, or intercepting API functions, etc., here I think Methods made a presentation. I hope everyone can make good plughers to make the game manufacturers better improve their own technology. I have seen an article is the theoretical analysis of magic baby. It is probably that look. I will explain the technical things to make the use of the jade 2 Technical Analysis section 1 Analog Keyboard or Mouse Response We Generally use uint sendinput (uint ninputs, // count of infut events lpint pinputs, // array of infut events INT CBSIZE // Size Of Structure); The first parameter of the API function is the dimension of the matrix of the second parameter. The second parameter contains a response event. This is the size of this structure, and finally this structure. Very simple, this is the easiest way to simulate the keyboard mouse, huh, huh, there is an alternative function: void keybd_event (byte bvk, // virtual key code BYTE BSCAN, // Scan code DWORD DWFLAGS, ULONG_PTR DWEXTRAINFO /// Additional key status); and void mouse_event (DWORD DWFLAGS, // Motion and Click Options DWord DX, // Horizontal Position or Change Dword Dy, // Vertical Position Or Change Dword Dwdata, // Wheel Movement Ulong_ptr DWEXTRAINFO / / AP PiCATION-Defined Information;
These two functions are very simple. I think that click on the button elves are this. Oh, the above is the analog keyboard, the following is analog mouse. This is just an analog part, you have to contact the game We need to find the game. The window is only line, or contains shortcuts, just like the activation key of the button fake, we can use the getWindow function to enumerate the window, or use the FindWindow function to find the set window (note still a findwindowex), FindWindowEx can Find the child window of the window, such as buttons, what to wait for. When the game switches the scene, we can use FindWindowEx to determine some of the characteristics of the current window, thus judge whether it is still in this scene, such as getWindowInfo to determine something For example, when you find a button, the game scene has been switched, and so on. Some games have no controls, which is to change the image to the image, this method is limited. This Just need to use other ways to assist the analysis. As for the shortcuts, we have to use the dynamic connection library. It is also very simple to use, this is also very simple, it is a global HOOK object then SetwindowHook is OK, the callback function is ready, and now the online example is much like a cattle, this implementation is already very common in plug-in. If there is anyone who doesn't understand, then go see MSDN Find SetWindowHook. This dynamic The connection library is very large, don't underestim, it can cut into all the process space, that is, you can load it in all games, as long as you use it, you will find it! You need to review Win32 programming Basic knowledge, huh, huh, hurry to read! 2 Intercept messages Some game response mechanisms are relatively simple, is based on messages, or what timer, this time you can use intercept messages to implement some interesting features It is also the hook technology, including keyboard messages, mouse messages, system messages, logs, etc., there is nothing big for us, and we only use the callback function of the intercept message. This is not Will let me write an example, in fact, this is the same as the above, it is very simple to use SetWindowHook. I will understand it very simple. As for it, I will do what is your thing, such as in each timer message. Treated some of our data judgment, or in the timer in the timer to simulate a timer, then some data will handle twice, huh, huh, the consequences, not necessarily a good thing, huh, huh, but if the data is placed on the client The game can really change the data, huh, try it! Use a lot of use, you think it can be thought out, huh, huh! 3 intercepting the socket package This technology is much more difficult than the original Oh, there must be ideas. First we have to replace Winsock.dll or Winsock32.dll, we write the replacement function to be consistent with the original function, that is, what is the function of its function, what we have to output The function, but also the parameter, the parameter order must be the same, then call the function in the true Winsock32.dll in our function. First: We can replace the dynamic library to the system path: We can start when our application starts Load the original dynamic library, use this function loadlibary and locate the entry to get the entry address of each real socket function with the getProcAddress function When the game is going, it will call our dynamic library, then process it from our dynamic library. Jump to the function address of the real dynamic library so that we can handle your own data inside, it should be all data. Oh! Excited, intercept the packet, we have to analyze the correct response, don't think This is done, huh, huh! It's still early, wait until the analysis, we must simulate the answer mechanism to communicate with the server, one is not careful, will be sealed, huh, oh ~~~~~~~~ I was blocked A lot! Analytical data is the source of workload, and the game will have a change in the game. Therefore, we have written out the people who are desperate, and they are not known, huh, huh! (Declare that I have no money, I am free), give you a good starting point, here there is a complete replacement Socket source code, huh,!
http://www.vchelp.net/vchelp/zsrc/wsock32_sub.zip 4 Intercept API The technology can be used flexibly, we don't have to intercept the API function. In fact, this technology is a supplementary technology. For example, we need to interceise Socket is our use, we have to use this technology, in fact, we can also use it directly to directly intercept the function in the socket, which is more direct. Now intercepting the tutorial of the API is everywhere, I will not enumerate, The method of comparative habits is to intercept according to the input festival, this method can be used on any operating system, such as 98/2000, etc., some methods are not cross-platform, I don't recommend it. This technology can be referred to Windows core programming in the 545 page of the 545 pages to learn, if it is 98 system, you can use the last chapter of the WINDOW system to learn. The way is so much, see how you use it, other targeted skills I will not say this here, or someone will kill me, huh, huh! Remember that each game is different, if a game data is all in the server, then you still don't write out, huh, huh Up to the automatic walking, haha! Everyone must pay attention to the data analysis, don't try to connect to the server, because it is very dangerous, avoid! Waiting for you to master a lot of data analysis results, more grasp Try, see if your luck is good, it is very likely that it will succeed, huh, it is true that the simulation client of the net gold is also very good. It is very suitable for the people of office, just see everyone. The product is positioned. Well, don't say it, do you have to work hard! Don't be enriching by the game manufacturer, so that we have damage our image, we don't want to make the game better, and you don't want to chaos the balance of the game. , Oh, it seems that it is not the same now! Don't say it, it's natural! QQ: 16055393 What technical problems can be found. The anti-wind in Net Jin is the organization of my sister, the author blog:
http://blog.9cbs.net/mcom/
