Plug-in analysis
I mainly analyze the technology of plug-in technology. It is not the same for each of the internal structures in the game. I don't have it, I am not so powerful, all know, huh, huh! 1 First, the original game plug-in principle plug-in now For a variety of, such as analog keyboard, mouse, modify the packet, and modify local memory, but it seems that there is no modification of the server memory, huh, it is actually a way to modify the server, but there is no way technology too much. Start! (For example, please go to night club, gift, money, money, etc. can modify server data, haha) modifying the game is nothing more than modifying the data of local memory, or intercepting API functions, etc., here I think Methods made a presentation. I hope everyone can make good plughers to make the game manufacturers better improve their own technology. I have seen an article is the theoretical analysis of magic baby. It is probably that look. I will explain the technical things to make the use of the jade 2 Technical Analysis section 1 Analog Keyboard or Mouse Response We Generally use uint sendinput (uint ninputs, // count of infut events lpint pinputs, // array of infut events INT CBSIZE // Size Of Structure); The first parameter of the API function is the dimension of the matrix of the second parameter. The second parameter contains a response event. This is the size of this structure, and finally this structure. Very simple, this is the easiest way to simulate the keyboard mouse, huh, huh, there is an alternative function: void keybd_event (byte bvk, // virtual key code BYTE BSCAN, // Scan code DWORD DWFLAGS, ULONG_PTR DWEXTRAINFO /// Additional key status); and void mouse_event (DWORD DWFLAGS, // Motion and Click Options DWord DX, // Horizontal Position or Change Dword Dy, // Vertical Position Or Change Dword Dwdata, // Wheel Movement Ulong_ptr DWEXTRAINFO / / AP PiCATION-defined information; these two functions are very simple, I think that click on the button elf is this, huh, hi, the above is the simulation keyboard, below is analog mouse. This is just analog part, you want to contact the game. We also need to find the window of the game, or contain shortcuts, just like the activation key of the button, we can use the getWindow function to enumerate the window, or use the FindWindow function to find the set window (note] A FindWindowEx, find you can find the sub-window of the window, such as buttons, what to do. We can use FindWindowEx when you play the scene, we can use FindWindowEx to determine the characteristics of some current windows, thus judge whether it is still in this scenario, such as You can get some things, for example, when you find a button, you will explain that the game scene has been switched, and so on. Some games have no controls, this is the change of the image, this method is It is necessary to be limited. This requires us to use other ways to assist the analysis. As for the shortcuts, we have to implement the dynamic connection library, and it is very simple to use, this is also very simple, but everyone maybe, actually A global hook object then setwindowhook, and the callback function is ready, and now the example is more popular, this implementation is already very common in plug-in. If anyone doesn't understand, let's take a look at MSDN Find SetwindowHook Yes.
This dynamic connection library has a lot, don't underestim, it can cut into all the process space, that is, you can load it in all games, as long as you use it, you will find it! You need you to review it. Win32 programming basic knowledge, huh, hurry to read the book!
2 Intercept messages Some game response mechanisms are relatively simple, is based on messages, or what timer's things, this time you can use intercept messages to implement some interesting features. We intercept messages are also hook technology, inside Including keyboard messages, mouse messages, system messages, logs, etc., others have no big use, we only use the callback function of intercepting the message, this will not let me write an example, in fact this and the above Same, it is written in SETWINDOWHOOK. If you look at it, you will understand very simple. As for it, you will do what is your business, such as handling some of our data judgments in each timer message, or at the timer In the simulated timer, then some data will handle twice, huh, huh, consequences, not necessarily a good thing, huh, huh, but if the data is calculated on the client, you can really change the data, huh, huh, try Try to see it! There are still many uses, you think you can think of it, huh, huh! 3 Intercepting the socket package This technology is much more difficult to have much higher, you have to prepare. First we have to replace Winsock.dll or Winsock32.dll, The replacement function we write is consistent with the original function, that is, what is the function output, we also have to output a function, but also the parameters, parameter order, then in our functions Call the function in the true Winsock32.dll. First: We can replace the dynamic library to the system path: We can load the original dynamic library when our application starts, use this function loadLibary and locate the entry to get the getProcAddress function. Each of the entrance addresses of each true socket function will call our dynamic library when the game is processed, and then jump to the function address of the real dynamic library after processing from our dynamic library so we can handle yourself inside. The data should be all data. Oh! Excited, intercept the packet, we have to analyze after analyzing, don't think that this work is completed, huh, huh! It's still early, wait for the analysis, we still have to The simulation response mechanism is in communication with the server, and it will be sealed, huh, huh, oh ~~~~~~~~ I will have a lot! Analyze data is the source of work, the game is upgraded each time It may change the way, so we are writing outside the people are desperate, they are not known, huh, huh! (Declaring I have no money, I am free), give you a good one. The starting point, there is a complete replacement Socket source code, huh! Http://www.vchelp.net/vchelp/zsrc/wsock32_sub.zip 4 Intercept API The above technology If you can use it, we don't have to intercept the API function. In fact, this technology is one A supplementary technology. For example, we need to intercept the function outside Socket as our use, we have to use this technology, in fact, we can also use it directly to directly intercept the function in socket, which is more direct. Now intercepting the API tutorial everywhere Yes, I don't listed, the method of comparative habits is to intercept according to the input festival, this method can be used on any operating system, such as 98/2000, etc., some methods are not cross-platform, I don't It is recommended to use. This technology can be used to learn from the content of 545 pages in Windows core programming. If it is 98 system, you can use the WINDOW system mystery to learn. Good method is so much, see how everyone can use it. Some of the other targeted skills, I will not say this, or someone will kill me, huh, huh!
Remember that the modification method of each game is different. If a game data is all in the server, then you don't know how to hang it, huh, you write up to the automatic walking, haha! Everyone must Note, don't touch the server easily, because it is very dangerous, don't! Wait for you to master a lot of data analysis results, it is more important to try it, see your luck, it is very likely to succeed. Oh, huh, huh! It is also true like a web that is also crazy. It is very good. It is very suitable for office, you will be able to locate you. Well, don't say it, don't worry! Don't be played Vendor enrollment, so that we have damage our image, we are better and developed to make the game, and you don't want to chaos the balance of the game, oh, it seems that it is not the same now! Don't say it. QQ! QQ : 16055393 What technical problems can be found. The anti-wind in the net gold is flying is the organization of my sister.