Salve raga ho preso questo script da epvp e vorrei capire bene come funziona, è diverso dal solito.. è geniale secondo me
Codice:
#RequireAdmin
#include <ButtonConstants.au3>
#include <EditConstants.au3>
#include <GUIConstantsEx.au3>
#include <StaticConstants.au3>
#include <WindowsConstants.au3>
#include <NomadMemory.au3>
ToolTip("Waiting for S4Client.exe", 10, 10)
While Not ProcessExists("S4Client.exe")
Sleep(10)
WEnd
ToolTip("")
$ADDYJUMP = 2249497
$ADDYWALLJUMP = 2128504
$BASE = _MEMORYMODULEGETBASEADDRESS(ProcessExists("S4Client.exe"), "S4Client.exe")
$ADDYJUMP = $BASE + $ADDYJUMP
$ADDYWALLJUMP = $BASE + $ADDYWALLJUMP
Dim $BYTE[5]
$PAGEWALLJUMP = _ALLOCMEM(ProcessExists("S4Client.exe"), 256)
$MYWALLJUMP = _ALLOCMEM(ProcessExists("S4Client.exe"), 256)
$PAGEJUMP = _ALLOCMEM(ProcessExists("S4Client.exe"), 256)
$MYJUMP = _ALLOCMEM(ProcessExists("S4Client.exe"), 256)
msgbox(0,"",$pagejump)
#region ### START Koda GUI section ### Form=
$FORM1 = GUICreate("Milky_way! statistique changer", 400, 121, 192, 124)
$CHECKBOX1 = GUICtrlCreateCheckbox("Jump", 8, 8, 49, 17)
$INPUT1 = GUICtrlCreateInput("1", 64, 8, 121, 21)
$CHECKBOX2 = GUICtrlCreateCheckbox("Walljump sp consume", 8, 32, 129, 17)
$INPUT2 = GUICtrlCreateInput("20", 144, 32, 121, 21)
$CHECKBOX3 = GUICtrlCreateCheckbox("More to come !!!!!", 8, 64, 105, 17)
$LABEL1 = GUICtrlCreateLabel("special thanks to Shinzuya and alexmen10 :):):):)", 8, 88, 232, 17)
GUISetState(@SW_SHOW)
#endregion ### END Koda GUI section ###
While 1
$NMSG = GUIGetMsg()
Switch $NMSG
Case $GUI_EVENT_CLOSE
Exit
Case $CHECKBOX1
If GUICtrlRead($CHECKBOX1) = 1 Then
_JUMP()
Else
_JUMPDISABLE()
EndIf
Case $CHECKBOX2
If GUICtrlRead($CHECKBOX2) = 1 Then
_WALLJUMP()
Else
_WALLJUMPDISABLE()
EndIf
EndSwitch
WEnd
Func _JUMP()
$PROCESS = _MEMORYOPEN(ProcessExists("S4Client.exe"))
$HEX = Hex($MYJUMP, 8)
$BYTE[0] = 4
$STEP = 1
For $I = 1 To 8
$BYTE[$STEP] = StringRight($HEX, 2)
$I += 1
$HEX = StringLeft($HEX, 8 - $I)
$STEP += 1
Next
_MEMORYWRITE($ADDYJUMP, $PROCESS, "0xE9" & BYTE_REVERSE(CALC($PAGEJUMP, $ADDYJUMP)) & "90", "byte[6]")
_MEMORYWRITE($PAGEJUMP, $PROCESS, "0xD99D3CFEFFFFA1" & $BYTE[1] & $BYTE[2] & $BYTE[3] & $BYTE[4] & "89853CFEFFFF", "byte[17]")
_MEMORYWRITE($PAGEJUMP + 17, $PROCESS, "0xE9" & BYTE_REVERSE(CALC($PAGEJUMP + 17, $ADDYJUMP + 5, 1)), "byte[5]")
_MEMORYWRITE($MYJUMP, $PROCESS, GUICtrlRead($INPUT1), "float")
EndFunc
Func _JUMPDISABLE()
$PROCESS = _MEMORYOPEN(ProcessExists("S4Client.exe"))
_MEMORYWRITE($ADDYJUMP, $PROCESS, "0xD99D3CFEFFFF", "byte[6]")
EndFunc
Func _WALLJUMP()
$PROCESS = _MEMORYOPEN(ProcessExists("S4Client.exe"))
$HEX = Hex($MYWALLJUMP, 8)
$BYTE[0] = 4
$STEP = 1
For $I = 1 To 8
$BYTE[$STEP] = StringRight($HEX, 2)
$I += 1
$HEX = StringLeft($HEX, 8 - $I)
$STEP += 1
Next
_MEMORYWRITE($ADDYWALLJUMP, $PROCESS, "0xE9" & BYTE_REVERSE(CALC($PAGEWALLJUMP, $ADDYWALLJUMP)) & "9090909090", "byte[10]")
_MEMORYWRITE($PAGEWALLJUMP, $PROCESS, "0xD95DDCC745FCFFFFFFFFA1" & $BYTE[1] & $BYTE[2] & $BYTE[3] & $BYTE[4] & "8945DC", "byte[18]")
_MEMORYWRITE($PAGEWALLJUMP + 18, $PROCESS, "0xE9" & BYTE_REVERSE(CALC($PAGEWALLJUMP + 18, $ADDYWALLJUMP + 5, 1)), "byte[5]")
_MEMORYWRITE($MYWALLJUMP, $PROCESS, GUICtrlRead($INPUT2), "float")
EndFunc
Func _WALLJUMPDISABLE()
$PROCESS = _MEMORYOPEN(ProcessExists("S4Client.exe"))
_MEMORYWRITE($ADDYWALLJUMP, $PROCESS, "0xD95DDCC745FCFFFFFFFF", "byte[10]")
EndFunc
Func _MEMORYMODULEGETBASEADDRESS($IPID, $SMODULE)
If Not ProcessExists($IPID) Then Return SetError(1, 0, 0)
If Not IsString($SMODULE) Then Return SetError(2, 0, 0)
Local $PSAPI = DllOpen("psapi.dll")
Local $HPROCESS
Local $PERMISSION = BitOR(2, 1024, 8, 16, 32)
If $IPID > 0 Then
Local $HPROCESS = DllCall("kernel32.dll", "ptr", "OpenProcess", "dword", $PERMISSION, "int", 0, "dword", $IPID)
If $HPROCESS[0] Then
$HPROCESS = $HPROCESS[0]
EndIf
EndIf
Local $MODULES = DllStructCreate("ptr[1024]")
Local $ACALL = DllCall($PSAPI, "int", "EnumProcessModules", "ptr", $HPROCESS, "ptr", DllStructGetPtr($MODULES), "dword", DllStructGetSize($MODULES), "dword*", 0)
If $ACALL[4] > 0 Then
Local $IMODNUM = $ACALL[4] / 4
Local $ATEMP
For $I = 1 To $IMODNUM
$ATEMP = DllCall($PSAPI, "dword", "GetModuleBaseNameW", "ptr", $HPROCESS, "ptr", Ptr(DllStructGetData($MODULES, 1, $I)), "wstr", "", "dword", 260)
If $ATEMP[3] = $SMODULE Then
DllClose($PSAPI)
Return Ptr(DllStructGetData($MODULES, 1, $I))
EndIf
Next
EndIf
DllClose($PSAPI)
Return SetError(-1, 0, 0)
EndFunc
Func CALC($DWCALL, $DWADDRESS, $I = 0)
If Not IsInt($DWCALL) Then $DWCALL = Dec(StringReplace($DWCALL, "0x", ""))
If Not IsInt($DWADDRESS) Then $DWADDRESS = Dec(StringReplace($DWADDRESS, "0x", ""))
If $I = 1 Then
Local $TMP = $DWCALL
$DWCALL = $DWADDRESS
$DWADDRESS = $TMP
EndIf
Return Hex($DWCALL - $DWADDRESS - 5, 8)
EndFunc
Func BYTE_REVERSE($SBYTES)
Local $SREVERSED = ""
For $I = StringLen($SBYTES) - 1 To 1 Step -2
$SREVERSED &= StringMid($SBYTES, $I, 2)
Next
Return $SREVERSED
EndFunc
Func _ALLOCMEM($PROCESSID, $SIZE)
If $PROCESSID == 0 Then Return SetError(1, "", False)
$KERNEL32 = DllOpen("kernel32.dll")
If @error Then Return SetError(4, "", False)
$HPROCESS = DllCall($KERNEL32, "DWORD", "OpenProcess", "DWORD", 2035711, "int", 0, "DWORD", $PROCESSID)
If @error Then Return SetError(6, "", False)
$HMODULE = DllCall($KERNEL32, "DWORD", "GetModuleHandleA", "str", "kernel32.dll")
If @error Then Return SetError(7, "", False)
$LPSTARTADDRESS = DllCall($KERNEL32, "DWORD", "GetProcAddress", "DWORD", $HMODULE[0], "str", "LoadLibraryA")
If @error Then Return SetError(8, "", False)
$LPPARAMETER = DllCall($KERNEL32, "DWORD", "VirtualAllocEx", "int", $HPROCESS[0], "int", 0, "int", $SIZE, "DWORD", 12288, "int", 4)
If @error Then Return SetError(9, "", False)
DllCall($KERNEL32, "BOOL", "CloseHandle", "DWORD", $HPROCESS[0])
DllClose($KERNEL32)
Return $LPPARAMETER[0]
EndFunc