【C++】从零开始的CS:GO逆向分析3——写出一个透视( 四 ) _生活百科

GetImformation.cpp
#include<Windows.h>#include<TlHelp32.h>#include"GetIMformation.h"DWORD g_process_id = NULL;HANDLE g_process_handle = NULL;UINT_PTR g_local_player = NULL;UINT_PTR g_player_list_address = NULL;UINT_PTR g_matrix_address = NULL;UINT_PTR g_angle_address = NULL;HWND g_game_hwnd = NULL;module_information engine_module;module_information client_module;module_information server_module;float g_client_width;float g_client_height;#define dwViewMatrix 0x4DCF254#define dwLocalPlayer 0xDC14CC#define dwClientState 0x58CFDC#define dwEntityList 0x4DDD93C#define dwClientState_ViewAngles 0x4D90#define m_vecOrigin 0x138#define m_bDormant 0xED#define m_lifeState 0x25F#define m_iHealth 0x100#define m_iTeamNum 0xF4//获取模块信息void get_moduel_info(DWORD process_id, const char *name, OUT module_information&info){HANDLE snap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, process_id);if (is_error())error("创建快照错误");MODULEENTRY32 module_info;ZeroMemory(&module_info, sizeof(module_info));module_info.dwSize = sizeof(module_info);char target[1024];ZeroMemory(target, 1024);strncpy(target, name, strlen(name));_strupr(target);bool status = Module32First(snap, &module_info);while (status){if (strncmp(_strupr(module_info.szModule), target, sizeof(target)) == 0){info.module_address = (UINT_PTR)module_info.modBaseAddr;info.module_handle = module_info.hModule;info.alloc(module_info.modBaseSize);//DWORD size = read_memory(g_process_handle, info.module_address);//TODODWORD size = read_memory(g_process_handle, info.module_address, info.module_data, info.module_size);//TODOCloseHandle(snap);return;}status = Module32Next(snap, &module_info);}error("未找到模块");return;}void error(const char*text){MessageBoxA(nullptr, text, nullptr, MB_OK);exit(-1);}bool is_error(){return GetLastError() != 0;}DWORD read_memory(HANDLE process, DWORD address, void *recv, int size){DWORD readsize;ReadProcessMemory(process, (LPVOID)address, recv, size, &readsize);return readsize;if (is_error())error("读取内存失败");}HANDLE get_process_handle(DWORD process_id){HANDLE process_handle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, process_id);if (is_error())error("get_process_handle失败");std::cout << "进程句柄为：" << std::hex << process_handle << std::endl;return process_handle;}DWORD get_process_id(const char*process_name){HANDLE snap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);if (is_error()) error("CreateToolhelp32Snapshot失败");PROCESSENTRY32 process_info;ZeroMemory(&process_info, sizeof(process_info));process_info.dwSize = sizeof(process_info);char target[1024];ZeroMemory(target, 1024);strncpy_s(target, process_name, strlen(process_name));_strupr(target);bool state = Process32First(snap, &process_info);while (state){if (strncmp(_strupr(process_info.szExeFile), target, strlen(target)) == 0){CloseHandle(snap);return process_info.th32ProcessID;}state = Process32Next(snap, &process_info);}CloseHandle(snap);MessageBoxA(NULL, "查找进程id失败", "提示", MB_OK);return 0;}void GetWindowSize(){HDC hdc = GetDC(nullptr);g_client_width = GetDeviceCaps(hdc, DESKTOPHORZRES);g_client_height = GetDeviceCaps(hdc, DESKTOPVERTRES);ReleaseDC(nullptr, hdc);}void init_address(const char*process_name){std::cout << "请先启动游戏"<< std::endl;DWORD process_id = get_process_id(process_name);HANDLE process_handle = get_process_handle(process_id);g_process_id = process_id;//获取模块信息g_process_handle = process_handle;get_moduel_info(process_id, "engine.dll", engine_module);get_moduel_info(process_id, "client.dll", client_module);get_moduel_info(process_id, "server.dll", server_module);//TODO 要写一个特征码寻址，获取视角矩阵信息UINT_PTR temp_address;float Matrix[16];UINT_PTR matrix_address = client_module.module_address + dwViewMatrix;g_matrix_address = matrix_address;//获取人物视角地址ReadProcessMemory(g_process_handle, (LPVOID)(engine_module.module_address + 0x58CFDC), &temp_address, 4, NULL);//[engine.dll + 58CFDC]+00004D90g_angle_address = temp_address + 0x00004D90;//获取本地人物地址 [client.dll+0xDC04CC]+100 = 生命值ReadProcessMemory(g_process_handle, (LPVOID)(client_module.module_address + dwLocalPlayer), &temp_address, 4, NULL);g_local_player = temp_address; //[g_local_player+100] = 生命值temp_address = 0;//获得ENtitylist地址[client.dll+0x4DDC90C + i *0x10]+100 = 敌人生命值g_player_list_address = client_module.module_address + dwEntityList;}bool WorldToScreen(const Vec3& VecOrgin, Vec2& VecScreen, float* Matrix){VecScreen.x = VecOrgin.x *Matrix[0] + VecOrgin.y*Matrix[1] + VecOrgin.z*Matrix[2] + Matrix[3];VecScreen.y = VecOrgin.x *Matrix[4] + VecOrgin.y*Matrix[5] + VecOrgin.z*Matrix[6] + Matrix[7];float w = VecOrgin.x*Matrix[12] + VecOrgin.y*Matrix[13] + VecOrgin.z*Matrix[14] + Matrix[15];if (w < 0.01f){return false;}Vec2 NDC;NDC.x = VecScreen.x / w;NDC.y = VecScreen.y / w;VecScreen.x = (g_client_width / 2 * NDC.x) + (NDC.x + g_client_width / 2);VecScreen.y = (g_client_height / 2 * NDC.y) + (NDC.y + g_client_height / 2);ConvertToRange(VecScreen);return true;}void ConvertToRange(Vec2 &Point){Point.x /= g_client_width;Point.x *= 2.0f;Point.x -= 1.0f;Point.y /= g_client_height;Point.y *= 2.0f;Point.y -= 1.0f;}

【C++】从零开始的CS:GO逆向分析3——写出一个透视( 四 )

经验总结扩展阅读

森蚺吉尼斯世界纪录最大的蛇

外婆菜到底是什么菜?

2022年7月取蜂蜜黄道吉日 2022年7月哪天适合取蜂蜜

什么芒果没有核

梦见笼中之鸟是什么意思

柿饼吃多了得结石吗

吴越国浙江“无名皇墓”：村民守墓千年，08年专家来访，才揭开墓主身份

青茶有哪些品种名称

极度自私的星座男高冷腹黑自我为中心

赌徒出生，被高力士叫进宫，高调办婚礼的大太监

27日至29日新疆北部有雨雪天气华北华南受冷空气影响气温下降

这几个星座绝对理智不沉迷于爱情

荷花的寓意和象征荷花的象征意义

趁热过滤的原因

植物护肤选择太多眼花缭乱？植物鲜颜新理念邀您体验

娃娃脾气暴躁易怒怎么办

提前还贷款,房贷提前还款流程

大米什么品牌最好吃又香又软珍珠米几大品牌排行榜,什么大米好吃排行榜

小孩沉迷游戏无法自拔该怎么办呢

千金芳|?吃一口等于5斤燕麦，心血管医生直言：若你常吃，远离脑梗，血管一通到底