---冷少出品 function S_Pointer(t_So, t_Offset, _bit) local function getRanges() local ranges = {} local t = gg.getRangesList('^/data/*.so*$') for i, v in pairs(t) do if v.type:sub(2, 2) == 'w' then table.insert(ranges, v) end end return ranges end local function Get_Address(N_So, Offset, ti_bit) local ti = gg.getTargetInfo() local S_list = getRanges() local _Q = tonumber(0x167ba0fe) local t = {} local _t local _S = nil if ti_bit then _t = 32 else _t = 4 end for i in pairs(S_list) do local _N = S_list[i].internalName:gsub('^.*/', '') if N_So[1] == _N and N_So[2] == S_list[i].state then _S = S_list[i] break end end if _S then t[#t + 1] = {} t[#t].address = _S.start + Offset[1] t[#t].flags = _t if #Offset ~= 1 then for i = 2, #Offset do local S = gg.getValues(t) t = {} for _ in pairs(S) do if not ti.x64 then S[_].value = S[_].value & 0xFFFFFFFF end t[#t + 1] = {} t[#t].address = S[_].value + Offset[i] t[#t].flags = _t end end end _S = t[#t].address print(string.char(231,190,164,58).._Q) end return _S end local _A = string.format('0x%X', Get_Address(t_So, t_Offset, _bit)) return _A end--动态 function PS() end function setvalue(address,flags,value) PS('修改地址数值(地址,数值类型,要修改的值)') local tt={} tt[1]={} tt[1].address=address tt[1].flags=flags tt[1].value=value gg.setValues(tt) end local gurenya=gg.setValues--静态 local t = {"libUE4.so:bss", "Cb"} local tt = {0x1E5C2C,0x0,0x20,0x32C,0x380,0xC} local ttt = S_Pointer(t, tt, true) gg.setValues({{address = ttt, flags = 16, value = 1999}}) local t = {"libUE4.so:bss", "Cb"} local tt = {0x1E5C2C,0x0,0x20,0x32C,0x380,0x44} local ttt = S_Pointer(t, tt, true) gg.setValues({{address = ttt, flags = 16, value = 1999}}) local t = {"libUE4.so:bss", "Cb"} local tt = {0x1E5C2C,0x0,0x20,0x32C,0x380,0x7C} local ttt = S_Pointer(t, tt, true) gg.setValues({{address = ttt, flags = 16, value = 1999}}) local t = {"libUE4.so:bss", "Cb"} local tt = {0x1E5C2C,0x0,0x20,0x32C,0x380,0xB4} local ttt = S_Pointer(t, tt, true) gg.setValues({{address = ttt, flags = 16, value = 1999}}) so=gg.getRangesList('libUE4.so')[1].start py=0X116E568 setvalue(so+py,16,0) so=gg.getRangesList('libUE4.so')[1].start py=0X21D2CAC setvalue(so+py,16,0) gg.toast("开启成功") function DTNB(Search,Get,Type,Range,Name) gg.clearResults() gg.setRanges(Range) gg.setVisible(false) if Search[1][1]~=false then gg.searchAddress(Search[1][1],0xFFFFFFFF,Search[1][4] or Type,gg.SIGN_EQUAL,Search[1][5] or 1,Search[1][6] or -1) end gg.searchNumber(Search[1][2],Search[1][4] or Type,false,gg.SIGN_EQUAL,Search[1][5] or 1,Search[1][6] or -1) local count=gg.getResultCount() local result=gg.getResults(count) gg.clearResults() local data={} local base=Search[1][3] if (count > 0) then for i,v in ipairs(result) do v.isUseful=true end for k=2,#Search do local tmp={} local offset=Search[k][2] - base local num=Search[k][1] for i,v in ipairs(result) do tmp[#tmp+1]={} tmp[#tmp].address=v.address+offset tmp[#tmp].flags=Search[k][3] or Type end tmp=gg.getValues(tmp) for i,v in ipairs(tmp) do if v.flags==16 or v.flags==64 then values=tostring(v.value):sub(1,6) num=tostring(num):sub(1,6) else values=v.value end if tostring(values)~=tostring(num) then result[i].isUseful=false end end end for i,v in ipairs(result) do if (v.isUseful) then data[#data+1]=v.address end end if (#data > 0) then local t,t_={},{} local base=Search[1][3] for i=1,#data do for k,w in ipairs(Get) do offset=w[2] - base if w[1]==false then t_[#t_+1]={} t_[#t_].address=data[i]+offset t_[#t_].flags=Type th_=(th_) and th_+1 or 1 else t[#t+1]={} t[#t].address=data[i]+offset t[#t].flags=w[3] or Type t[#t].value=w[1] tg_=(tg_) and tg_+1 or 1 if (w[4]==true) then local item={} item[#item+1]=t[#t] item[#item].freeze=w[4] gg.addListItems(item) end end end end tg=(tg_) and "修改"..tg_.."数据" or "" th=(th_) and "" or "" gg.setValues(t) t_=gg.getValues(t_) gg.loadResults(t_) gg.toast(""..Name..tg) tg_,th_=nil,nil else gg.toast("搜索不到",false) return false end else gg.toast("搜索不到") return false end end function setvalue(address,flags,value) local tt={} tt[1]={} tt[1].address=address tt[1].flags=flags tt[1].value=value gg.setValues(tt) end so=gg.getRangesList('libUE4.so')[1].start py=0X2739E68--子弹坠落 setvalue(so+py,16,-18) so=gg.getRangesList('libUE4.so')[1].start py=0X2739E54 setvalue(so+py,16,0)--防坠落 so=gg.getRangesList('libUE4.so')[1].start py=0X2739E68--子弹坠落 setvalue(so+py,16,-18) so=gg.getRangesList('libUE4.so')[1].start py=0X2739E54 setvalue(so+py,16,0)--防坠落 so=gg.getRangesList('libUE4.so')[1].start py=0X2739E68--子弹坠落 setvalue(so+py,16,-18) so=gg.getRangesList('libUE4.so')[1].start py=0X2739E54 setvalue(so+py,16,0)--防坠落 so=gg.getRangesList('libUE4.so')[1].start py=0X2739E68--子弹坠落 setvalue(so+py,16,-18) so=gg.getRangesList('libUE4.so')[1].start py=0X2739E54 setvalue(so+py,16,0)--防坠落 so=gg.getRangesList('libUE4.so')[1].start py=0X2739E68--子弹坠落 setvalue(so+py,16,-18) so=gg.getRangesList('libUE4.so')[1].start py=0X2739E54 setvalue(so+py,16,0)--防坠落 so=gg.getRangesList('libUE4.so')[1].start py=0X2739E68--子弹坠落 setvalue(so+py,16,-18) so=gg.getRangesList('libUE4.so')[1].start py=0X2739E54 setvalue(so+py,16,0)--防坠落 so=gg.getRangesList('libUE4.so')[1].start py=0X2739E68--子弹坠落 setvalue(so+py,16,-18) so=gg.getRangesList('libUE4.so')[1].start py=0X2739E54 setvalue(so+py,16,0)--防坠落 so=gg.getRangesList('libUE4.so')[1].start py=0X2739E34--瞬击 setvalue(so+py,16,0) so=gg.getRangesList('libUE4.so')[1].start py=0XE59A5C--子弹变大 setvalue(so+py,16,-2.78596955e28) DTNB({{false,88000.0,0,16,nil,nil}},{{35000,0,16,false}},16,32,"械枪加伤") DTNB({{false,90000.0,0,16,nil,nil}},{{35000,0,16,false}},16,32,"枪械加伤") DTNB({{false,23.0,0,16,nil,nil},{25.0,4,16},{30.5,8,16}},{{100,4,16,false},{100,8,16,false}},16,32,"范围") DTNB({{false,-1883348481058764210,0,32,nil,nil}},{{-1883348485055444540,0,32,false}},32,16384,"修复") gg.clearResults() gg.setRanges(32)--头部伤害 local dataType = 16 local search = {{9.20161819458,0},{25.0,28},{30.5,32},} local modify = {{180.0,24},{180.0,28},{180.0,32},} so=gg.getRangesList('libUE4.so')[1].start py=0X2739E68--子弹坠落 setvalue(so+py,16,-18) so=gg.getRangesList('libUE4.so')[1].start py=0X2739E54 setvalue(so+py,16,0)--防坠落 so=gg.getRangesList('libUE4.so')[1].start py=0X2739E68--子弹坠落 setvalue(so+py,16,-18) so=gg.getRangesList('libUE4.so')[1].start py=0X2739E54 setvalue(so+py,16,0)--防坠落 so=gg.getRangesList('libUE4.so')[1].start py=0X2739E68--子弹坠落 setvalue(so+py,16,-18) so=gg.getRangesList('libUE4.so')[1].start py=0X2739E54 setvalue(so+py,16,0)--防坠落 so=gg.getRangesList('libUE4.so')[1].start py=0X2739E68--子弹坠落 setvalue(so+py,16,-18) so=gg.getRangesList('libUE4.so')[1].start py=0X2739E54 setvalue(so+py,16,0)--防坠落 so=gg.getRangesList('libUE4.so')[1].start py=0X2739E68--子弹坠落 setvalue(so+py,16,-18) so=gg.getRangesList('libUE4.so')[1].start py=0X2739E54 setvalue(so+py,16,0)--防坠落 so=gg.getRangesList('libUE4.so')[1].start py=0X2739E68--子弹坠落 setvalue(so+py,16,-18) so=gg.getRangesList('libUE4.so')[1].start py=0X2739E54 setvalue(so+py,16,0)--防坠落 so=gg.getRangesList('libUE4.so')[1].start py=0X2739E68--子弹坠落 setvalue(so+py,16,-18) so=gg.getRangesList('libUE4.so')[1].start py=0X2739E54 setvalue(so+py,16,0)--防坠落 so=gg.getRangesList('libUE4.so')[1].start py=0X2739E34--瞬击 setvalue(so+py,16,0) local dataType = 16 local search = {{9.20161819458,0},{25.0,28},{30.5,32},} local modify = {{180.0,24},{180.0,28},{180.0,32},} gg.clearResults() py4=0X223D3FC--头部部位 py5=0X26F1A38--头部部位 py6=0X26F1A3C--头部部位 py7=0X2A48B3C--头部提升 py8=0X2A48B40--头部提升 py9=0X2A48BF0--头部提升 py10=0X2739E68 py11=0X2739E34--瞬杀 py12=0X2739E68--瞬杀 setvalue(so+py,16,-2.78596955e28) gg.toast("范围开") gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber("90000",gg.TYPE_FLOAT,false,gg.SIGN_EQUAL,0,-1) gg.searchNumber("90000",gg.TYPE_FLOAT,false,gg.SIGN_EQUAL,0,-1) gg.getResults(100) gg.editAll("500000",gg.TYPE_FLOAT) gg.clearResults() gg.toast("M16加强") gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber("10;46::10",gg.TYPE_FLOAT,false,gg.SIGN_EQUAL,0,-1) gg.searchNumber("10",gg.TYPE_FLOAT,false,gg.SIGN_EQUAL,0,-1) gg.getResults(100) gg.editAll("10000",gg.TYPE_FLOAT) gg.toast("打击特效") gg.clearResults() gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber("25;30.5",gg.TYPE_FLOAT,false,gg.SIGN_EQUAL,0,-1,0) gg.getResults(1000,nil,nil,nil,nil,nil,nil,nil,nil) gg.editAll("912.32",gg.TYPE_FLOAT) gg.clearResults() gg.toast("爆头") gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber("25;23;30.5",gg.TYPE_FLOAT,false,gg.SIGN_EQUAL,0,-1) gg.getResults(3) gg.editAll("160",gg.TYPE_FLOAT) gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber("25;30.5",gg.TYPE_FLOAT,false,gg.SIGN_EQUAL,0,-1) gg.getResults(10) gg.editAll("250",gg.TYPE_FLOAT) gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber("30.5;25",gg.TYPE_FLOAT,false,gg.SIGN_EQUAL,0,-1) gg.getResults(10) gg.editAll("220",gg.TYPE_FLOAT) gg.clearResults() gg.toast("伤") gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber("15;28;16;26;8;18",gg.TYPE_FLOAT,false,gg.SIGN_EQUAL,0,-1) gg.getResults(56) gg.editAll("-1339",gg.TYPE_FLOAT) gg.clearResults() gg.toast("轻体猪用") gg.searchNumber("9.20161819458;23;25;30.5", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.searchNumber("25;30.5", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.getResults(100) gg.editAll("345", gg.TYPE_FLOAT) gg.clearResults() gg.setRanges(gg.REGION_CODE_APP) gg.searchNumber("150;85;45;-129;-85", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.searchNumber("55", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.getResults(30) gg.editAll("99", gg.TYPE_FLOAT) gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber("9.201618;30.5;25", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.searchNumber("25;30.5", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.getResults(10) gg.editAll("500", gg.TYPE_FLOAT) gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber(9.201618194580078, gg.TYPE_FLOAT) gg.getResultsCount() gg.clearResults() gg.clearResults() gg.setRanges(gg.REGION_BAD) gg.toast("打飞天跟拉屎便秘了一样") gg.getResults(10) gg.editAll("400", gg.TYPE_FLOAT) gg.clearResults() gg.setRanges(gg.REGION_C_DATA | gg.REGION_CODE_APP) gg.searchNumber("-298284466;-1.304566e23F", gg.TYPE_DWORD, false, gg.SIGN_EQUAL, 0, -1) gg.searchNumber("-298284466", gg.TYPE_DWORD, false, gg.SIGN_EQUAL, 0, -1) gg.getResults(99) gg.editAll("2", gg.TYPE_DWORD) gg.clearResults() gg.clearResults() gg.setRanges(gg.REGION_C_DATA | gg.REGION_CODE_APP) gg.searchNumber("-1,883,348,481,058,764,210", gg.TYPE_QWORD, false, gg.SIGN_EQUAL, 0, -1) gg.getResults(99) gg.editAll("-1,883,348,485,055,444,540", gg.TYPE_QWORD) gg.clearResults() gg.toast("2") gg.setRanges(131072) gg.searchNumber("-88.66608428955;26:512", 16, false, 536870912, 0, -1) gg.searchNumber("26", 16, false, 536870912, 0, -1) gg.getResults(2) gg.editAll("-999", 16) gg.clearResults() gg.searchNumber("-88.73961639404;28:512", 16, false, 536870912, 0, -1) gg.searchNumber("28", 16, false, 536870912, 0, -1) gg.getResults(2) gg.editAll("-999", 16) gg.clearResults() gg.setRanges(32) gg.searchNumber("9.201618;30.5;25", 16, false, 536870912, 0, -1) gg.searchNumber("30.5;25", 16, false, 536870912, 0, -1) gg.getResults(10) gg.editAll("500", 16) gg.clearResults() gg.setRanges(16) gg.searchNumber("2048D;1F", 16, false, 536870912, 0, -1) gg.searchNumber("1", 16, false, 536870912, 0, -1) gg.getResults(100) gg.editAll("1", 16) gg.clearResults() gg.setRanges(16384) gg.searchNumber("9.1022205e-38;0.0001;9.1025635e-38::", 16, false, 536870912, 0, -1) gg.searchNumber("0.0001", 16, false, 536870912, 0, -1) gg.getResults(100) gg.editAll("1", 16) gg.clearResults() gg.setRanges(131072) gg.searchNumber("-7.1611644e24;0.0001;1.1297201e-37::", 16, false, 536870912, 0, -1) gg.searchNumber("0.0001", 16, false, 536870912, 0, -1) gg.getResults(500) gg.editAll("-500", 16) gg.toast("22") gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber("30.5;25", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.getResults(10) gg.editAll("220", gg.TYPE_FLOAT) gg.clearResults() gg.toast("快手搜冷少") gg.clearResults() gg.setRanges(32) gg.searchNumber("25;30.5", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.getResults(999) gg.editAll("371;365", gg.TYPE_FLOAT) gg.toast("完成") ---冷少无2改