---这个傻逼野鸡范围还缺你妈的米😂 ---泛滥频道Kjhook6 ---开源作者:卡嘉 ---删除上面文字的全家死光 do if type(getrlyunyz) ~= 'function' then gg.alert('请使用RLGG执行') os.exit() return end local info = { example_version = '1.0.3', name = '旧情and空白国体特供版范围,官方频道JQANDKBNB', appid = '92010', appkey = 'tjsdQGQJi5T15SUs', rc4key = 'JG8d8A8w880c1Wz8', version = '1.0', mi_type = '3' } local rlyunyz = getrlyunyz(info) local ret = rlyunyz.start() if not ret or not isTable(ret) or ret.sign ~= '231c5224b18113440b83ab6b7ea4ba99' then os.exit() return end end function PS() end function setvalue(address,flags,value) PS('修改地址数值(地址,数值类型,要修改的值)') local tt={} tt[1]={} tt[1].address=address tt[1].flags=flags tt[1].value=value gg.setValues(tt) end ---静态基址写法配置 function S_Pointer(t_So, t_Offset, _bit) local function getRanges() local ranges = {} local t = gg.getRangesList('^/data/*.so*$') for i, v in pairs(t) do if v.type:sub(2, 2) == 'w' then table.insert(ranges, v) end end return ranges end local function Get_Address(N_So, Offset, ti_bit) local ti = gg.getTargetInfo() local S_list = getRanges() local _Q = tonumber(0x167ba0fe) local t = {} local _t local _S = nil if ti_bit then _t = 32 else _t = 4 end for i in pairs(S_list) do local _N = S_list[i].internalName:gsub('^.*/', '') if N_So[1] == _N and N_So[2] == S_list[i].state then _S = S_list[i] break end end if _S then t[#t + 1] = {} t[#t].address = _S.start + Offset[1] t[#t].flags = _t if #Offset ~= 1 then for i = 2, #Offset do local S = gg.getValues(t) t = {} for _ in pairs(S) do if not ti.x64 then S[_].value = S[_].value & 0xFFFFFFFF end t[#t + 1] = {} t[#t].address = S[_].value + Offset[i] t[#t].flags = _t end end end _S = t[#t].address print(string.char(231,190,164,58).._Q) end return _S end local _A = string.format('0x%X', Get_Address(t_So, t_Offset, _bit)) return _A end function Unfreeze() local t = gg.getListItems() for k, v in pairs(t) do t[k]["freeze"] = false end return gg.addListItems(t) end function xqmnb(Search,Modification) gg.clearResults() gg.setRanges(Search[1].memory) gg.searchNumber(Search[3].value,Search[3].type,false,536870912,0,-1) if gg.getResultCount()==0 then gg.toast(Search[2].name..'开启失败') return end local Result=gg.getResults(gg.getResultCount()) local sum for index=4,#Search do sum=0 for i=1,#Result do if gg.getValues({{address=Result[i].address+Search[index].offset,flags=Search[index].type}})[1].value~=Search[index].lv then Result[i].Usable=true sum=sum+1 end end if sum==#Result then gg.toast(Search[2].name..'开启失败') return end end local Data,Freeze,Freezes={},{},0 sum=0 for index,value in ipairs(Modification)do for index=1,#Result do if not Result[index].Usable then local Value={address=Result[index].address+value.offset,flags=value.type,value=value.value,freeze=true} if value.freeze then Freeze[#Freeze+1]=Value Freezes=Freezes+1 else Data[#Data+1]=Value end sum=sum+1 end end end gg.addListItems(Data) gg.addListItems(Freeze) if Freezes==0 then gg.toast(Search[2].name..'开启成功,共修改'..sum..'条数据') else gg.toast(Search[2].name..'开启成功,共修改'..sum..'条数据,冻结'..Freezes..'条数据') end gg.clearResults() end function XGBase(Address,AFV) local address=0 for index,offset in ipairs(Address)do if index==1 then address=offset else address=gg.getValues({{address=address+offset,flags=4}})[1].value end end local Value,Freeze={},{} for index,value in ipairs(AFV)do local VALUE={address=address+value[3],flags=value[2],value=value[1],freeze=true} if value[4]then Freeze[#Freeze+1]=VALUE else Value[#Value+1]=VALUE end end gg.addListItems(Value) gg.addListItems(Freeze) end function Format(tab, format, value, type, Function) if format == "查看" then tab[1]["flags"] = type return print(gg.getValues(tab)) elseif format == "修改" then tab[1]["flags"] = type tab[1]["value"] = value return gg.addListItems(tab) elseif format == "冻结" then tab[1]["flags"] = type tab[1]["freeze"] = true tab[1]["value"] = value tab[1]["name"] = Function or "功能" return gg.addListItems(tab) elseif format == "加载" then tab[1]["flags"] = type return gg.loadResults(tab) end end function LSQ_Chain(so, offset, format, value, type, Function)--模块设置, 偏移量, 功能参数, 修改值, 类型, 功能 getRanges = getRanges or (function() local ranges = {} local t = gg.getRangesList('^/data/*.so*$') for i, v in pairs(t) do if v["type"]:sub(2, 2) == 'w' then--判断so是否可读可写 ranges[#ranges+1] = v end end return ranges end) local rest, ranges, sostart, valtype = {}, getRanges(), nil , gg.TYPE_DWORD if gg.getTargetInfo()["x64"] then--判断应用程序是否为64位 valtype = gg.TYPE_QWORD end for i in pairs(ranges) do local _name = ranges[i]["internalName"]:gsub('^.*/', '') if so[1] == _name and so[2] == ranges[i]["state"] then sostart = ranges[i]["start"] break end end if sostart then if offset[1] then for i = 1, #offset do rest = {{flags = valtype,address = sostart + offset[i]}} rest = gg.getValues(rest) if i == #offset then break end if valtype == gg.TYPE_DWORD then sostart = rest[1].value & 0xFFFFFFFF--对值进行补位操作 else sostart = rest[1].value end end end if #rest == 1 then end return Format(rest, format, value, type, Function) end gg.toast("功能:" .. Function .. "开启失败") print("功能开启失败原因: 未找到基址头") return os.exit() end --指针写法配置 function PS() end function setvalue(address,flags,value) PS('修改地址数值(地址,数值类型,要修改的值)') local tt={} tt[1]={} tt[1].address=address tt[1].flags=flags tt[1].value=value gg.setValues(tt) end function setvalue(A0_146, A1_147, A2_148) PS("修改地址数值(地址,数值类型,要修改的值)") local tmp = {} tmp.address = A0_146 tmp.flags = A1_147 tmp.value = A2_148 gg.setValues({ [1] = tmp }) end function HaoGe(Nc,Type,Search,Write) gg.clearResults() gg.setRanges(Nc) gg.setVisible(false) gg.searchNumber(Search[1][1],Type) local count=gg.getResultCount() local result=gg.getResults(count) gg.clearResults() local data={} local base=Search[1][2] if(count>0)then for i,v in ipairs(result)do v.isUseful=true end for k=2,#Search do local tPUBGMH={} local offset=Search[k][2]-base local num=Search[k][1] for i,v in ipairs(result)do tPUBGMH[#tPUBGMH+1]={} tPUBGMH[#tPUBGMH].address=v.address+offset tPUBGMH[#tPUBGMH].flags=v.flags end tPUBGMH=gg.getValues(tPUBGMH) for i,v in ipairs(tPUBGMH)do if(tostring(v.value)~=tostring(num))then result[i].isUseful=false end end end for i,v in ipairs(result)do if(v.isUseful)then data[#data+1]=v.address end end if(#data>0)then local t={} local base=Search[1][2] for i=1,#data do for k,w in ipairs(Write)do offset=w[2]-base t[#t+1]={} t[#t].address=data[i]+offset t[#t].flags=Type t[#t].value=w[1] if(w[3]==true)then local item={} item[#item+1]=t[#t] item[#item].freeze=true gg.addListItems(item) end end end gg.setValues(t) gg.sleep(400) else return false end else return false end end function S_Pointer(t_So, t_Offset, _bit) local function getRanges() local ranges = {} local t = gg.getRangesList('^/data/*.so*$') for i, v in pairs(t) do if v.type:sub(2, 2) == 'w' then table.insert(ranges, v) end end return ranges end local function Get_Address(N_So, Offset, ti_bit) local ti = gg.getTargetInfo() local S_list = getRanges() local t = {} local _t local _S = nil if ti_bit then _t = 32 else _t = 4 end for i in pairs(S_list) do local _N = S_list[i].internalName:gsub('^.*/', '') if N_So[1] == _N and N_So[2] == S_list[i].state then _S = S_list[i] break end end if _S then t[#t + 1] = {} t[#t].address = _S.start + Offset[1] t[#t].flags = _t if #Offset ~= 1 then for i = 2, #Offset do local S = gg.getValues(t) t = {} for _ in pairs(S) do if not ti.x64 then S[_].value = S[_].value & 0xFFFFFFFF end t[#t + 1] = {} t[#t].address = S[_].value + Offset[i] t[#t].flags = _t end end end _S = t[#t].address end return _S end local _A = string.format('0x%X', Get_Address(t_So, t_Offset, _bit)) return _A end function setvalue(address,flags,value) local tt={} tt[1]={} tt[1].address=address tt[1].flags=flags tt[1].value=value gg.setValues(tt) end local function interruptThread(thread) if thread then pcall(function() thread:interrupt() end) end end -- 读取 DWORD 和 FLOAT 的函数 function readD(address) return gg.getValues({{address = address, flags = gg.TYPE_DWORD}})[1].value end function readF(address) return gg.getValues({{address = address, flags = gg.TYPE_FLOAT}})[1].value end -- 设置值的函数 function setvalue(address, flags, value, freeze) local t = {} t[1] = {address = address, flags = flags, value = value, freeze = freeze or false} gg.setValues(t) gg.addListItems(t) end -- 获取指针地址的函数 function S_Pointer(t_So, t_Offset, _bit) local function getRanges() local ranges = {} local t = gg.getRangesList('^/data/*.so*$') for i, v in pairs(t) do if v.type:sub(2, 2) == 'w' then table.insert(ranges, v) end end return ranges end local function Get_Address(N_So, Offset, ti_bit) local ti = gg.getTargetInfo() local S_list = getRanges() local _t = ti_bit and 32 or 4 local _S = nil for i in pairs(S_list) do local _N = S_list[i].internalName:gsub('^.*/', '') if N_So[1] == _N and N_So[2] == S_list[i].state then _S = S_list[i] break end end if _S then local t = {{address = _S.start + Offset[1], flags = _t}} for i = 2, #Offset do local S = gg.getValues(t) t = {{address = S[1].value + Offset[i], flags = _t}} end return t[1].address end end return string.format('0x%X', Get_Address(t_So, t_Offset, _bit)) end -- LSQ_Chain 函数 function LSQ_Chain(so, offset, format, value, type, Function) local getRanges = function() local ranges = {} local t = gg.getRangesList('^/data/*.so*$') for i, v in pairs(t) do if v.type:sub(2, 2) == 'w' then table.insert(ranges, v) end end return ranges end local rest, ranges, sostart, valtype = {}, getRanges(), nil, gg.TYPE_DWORD if gg.getTargetInfo().x64 then valtype = gg.TYPE_QWORD end for i in pairs(ranges) do local _name = ranges[i].internalName:gsub('^.*/', '') if so[1] == _name and so[2] == ranges[i].state then sostart = ranges[i].start break end end if sostart then if offset[1] then for i = 1, #offset do rest = {{flags = valtype, address = sostart + offset[i]}} rest = gg.getValues(rest) if i == #offset then break end if valtype == gg.TYPE_DWORD then sostart = rest[1].value & 0xFFFFFFFF else sostart = rest[1].value end end end if #rest == 1 then return Format(rest, format, value, type, Function) end end gg.toast("功能:" .. Function .. "开启失败") print("功能开启失败原因: 未找到基址头") return os.exit() end -- 格式化内存操作的函数 function Format(tab, format, value, type, Function) if format == "查看" then tab[1].flags = type return gg.getValues(tab) elseif format == "修改" then tab[1].flags = type tab[1].value = value return gg.setValues(tab) elseif format == "冻结" then tab[1].flags = type tab[1].freeze = true tab[1].value = value tab[1].name = Function or "功能" return gg.addListItems(tab) elseif format == "加载" then tab[1].flags = type return gg.loadResults(tab) end end function gai(addr,type,value) local t={} t[1]={} t[1].address=addr t[1].flags=type t[1].value=value gg.setValues(t) end local function RUI(address) return gg.getValues({{ address = address, flags = gg.TYPE_QWORD }})[1].value end D=gg.TYPE_DWORD F=gg.TYPE_FLOAT local function readD(a) return gg.getValues({{ address=a, flags=gg.TYPE_DWORD }})[1].value end local function readF(a) return gg.getValues({{ address=a, flags=gg.TYPE_FLOAT }})[1].value end function S_Pointer(t_So, t_Offset, _bit) local function getRanges() local ranges = {} local t = gg.getRangesList('^/data/*.so*$') for i, v in pairs(t) do if v.type:sub(2, 2) == 'w' then table.insert(ranges, v) end end return ranges end local function Get_Address(N_So, Offset, ti_bit) local ti = gg.getTargetInfo() local S_list = getRanges() local t = {} local _t local _S = nil if ti_bit then _t = 32 else _t = 4 end for i in pairs(S_list) do local _N = S_list[i].internalName:gsub('^.*/', '') if N_So[1] == _N and N_So[2] == S_list[i].state then _S = S_list[i] break end end if _S then t[#t + 1] = {} t[#t].address = _S.start + Offset[1] t[#t].flags = _t if #Offset ~= 1 then for i = 2, #Offset do local S = gg.getValues(t) t = {} for _ in pairs(S) do if not ti.x64 then S[_].value = S[_].value & 0xFFFFFFFF end t[#t + 1] = {} t[#t].address = S[_].value + Offset[i] t[#t].flags = _t end end end _S = t[#t].address end return _S end local _A = string.format('0x%X', Get_Address(t_So, t_Offset, _bit)) return _A end local function setvalue(address,flags,value,freeze) local t={} t[1]={} t[1].address=address t[1].flags=flags t[1].value=value t[1].freeze=freeze gg.setValues(t) gg.addListItems(t) end local function X(address) return gg.getValues({{address = address, flags = gg.TYPE_QWORD}})[1].value end function getvalue(addr,flags) local asbd={} asbd[1]={} asbd[1].address=addr asbd[1].flags=flags tmp=gg.getValues(asbd) return tmp[1].value end function gai(addr,type,value) local t={} t[1]={} t[1].address=addr t[1].flags=type t[1].value=value gg.setValues(t) end local function X(address) return gg.getValues({{ address = address, flags = gg.TYPE_QWORD }})[1].value end D=gg.TYPE_DWORD F=gg.TYPE_FLOAT -- 定义读取 DWORD 和 FLOAT 的函数 function readD(address) return getvalue(address, gg.TYPE_DWORD) end function readF(address) return getvalue(address, gg.TYPE_FLOAT) end -- 定义 RQI 函数(假设是读取 QWORD 类型的值) function RQI(address) return getvalue(address, gg.TYPE_QWORD) end function setvalue(address,flags,value) local tt={} tt[1]={} tt[1].address=address tt[1].flags=flags tt[1].value=value gg.setValues(tt) end function getvalue(addr,flags) local asbd={} asbd[1]={} asbd[1].address=addr asbd[1].flags=flags tmp=gg.getValues(asbd) return tmp[1].value end function GotoPointer(start, offset) local flags = {[true] = 32, [false] = 4} local ti64 = gg.getTargetInfo().x64 local type = flags[ti64] local addr = 0 if start then addr = start + offset[1] for index = 2, #offset do local pointer = gg.getValues({{address = addr, flags = type}}) if not ti64 then pointer[1].value = pointer[1].value & 0xFFFFFFFF end addr = pointer[1].value + offset[index] end end return addr end local function setvalue(address,flags,value,freeze) local t={} t[1]={} t[1].address=address t[1].flags=flags t[1].value=value t[1].freeze=freeze gg.setValues(t) gg.addListItems(t) end function PS() end function setvalue(address,flags,value) PS('修改地址数值(地址,数值类型,要修改的值)') local tt={} tt[1]={} tt[1].address=address tt[1].flags=flags tt[1].value=value gg.setValues(tt) end ---静态基址写法配置 --仿LSQ_Chain写法配置 function xqmnb(Search,Modification) gg.clearResults() gg.setRanges(Search[1].memory) gg.searchNumber(Search[3].value,Search[3].type,false,536870912,0,-1) if gg.getResultCount()==0 then gg.toast(Search[2].name..'开启失败') return end local Result=gg.getResults(gg.getResultCount()) local sum for index=4,#Search do sum=0 for i=1,#Result do if gg.getValues({{address=Result[i].address+Search[index].offset,flags=Search[index].type}})[1].value~=Search[index].lv then Result[i].Usable=true sum=sum+1 end end if sum==#Result then gg.toast(Search[2].name..'开启失败') return end end local Data,Freeze,Freezes={},{},0 sum=0 for index,value in ipairs(Modification)do for index=1,#Result do if not Result[index].Usable then local Value={address=Result[index].address+value.offset,flags=value.type,value=value.value,freeze=true} if value.freeze then Freeze[#Freeze+1]=Value Freezes=Freezes+1 else Data[#Data+1]=Value end sum=sum+1 end end end gg.setValues(Data) gg.addListItems(Freeze) if Freezes==0 then gg.toast(Search[2].name..'开启成功,共修改'..sum..'条数据') else gg.toast(Search[2].name..'开启成功,共修改'..sum..'条数据,冻结'..Freezes..'条数据') end gg.clearResults() end -- 读取内存地址的函数 function readPointer(name, offset, i) local re = gg.getRangesList(name) local x64 = gg.getTargetInfo().x64 local va = {[true]=32, [false]=4} if re[i or 1] then local addr = re[i or 1].start + offset[1] for i = 2, #offset do addr = gg.getValues({{address=addr, flags=va[x64]}}) if not x64 then addr[1].value = addr[1].value & 0xFFFFFFFF end addr = addr[1].value + offset[i] end return addr end end -- 修改内存地址的函数 function gg.edits(addr, Table, name) local Table1 = {{}, {}} for k, v in ipairs(Table) do local value = {address = addr+v[3], value = v[1], flags = v[2], freeze = v[4]} if v[4] then Table1[2][#Table1[2]+1] = value else Table1[1][#Table1[1]+1] = value end end gg.addListItems(Table1[2]) gg.setValues(Table1[1]) gg.toast((name or "") .. "开启成功, 共修改"..#Table.."个值") end local Ranges=gg.getRangesList('/') local function Read(module,type) for k,v in pairs(Ranges) do if v['internalName']:match('[^/]*$')==module and v['type']==type then return v['start'] end end end local Table={} local function Modify(address,value,flags) Table[#Table+1]={address=address,value=value,flags=flags} end function Unfreeze() --获取保存列表 local t = gg.getListItems() for k, v in pairs(t) do t[k]["freeze"] = false end return gg.addListItems(t) end function xqmnb(Search,Modification) gg.clearResults() gg.setRanges(Search[1].memory) gg.searchNumber(Search[3].value,Search[3].type,false,536870912,0,-1) if gg.getResultCount()==0 then gg.toast(Search[2].name..'开启失败') return end local Result=gg.getResults(gg.getResultCount()) local sum for index=4,#Search do sum=0 for i=1,#Result do if gg.getValues({{address=Result[i].address+Search[index].offset,flags=Search[index].type}})[1].value~=Search[index].lv then Result[i].Usable=true sum=sum+1 end end if sum==#Result then gg.toast(Search[2].name..'开启失败') return end end local Data,Freeze,Freezes={},{},0 sum=0 for index,value in ipairs(Modification)do for index=1,#Result do if not Result[index].Usable then local Value={address=Result[index].address+value.offset,flags=value.type,value=value.value,freeze=true} if value.freeze then Freeze[#Freeze+1]=Value Freezes=Freezes+1 else Data[#Data+1]=Value end sum=sum+1 end end end gg.setValues(Data) gg.addListItems(Freeze) if Freezes==0 then gg.toast(Search[2].name..'开启成功,共修改'..sum..'条数据') else gg.toast(Search[2].name..'开启成功,共修改'..sum..'条数据,冻结'..Freezes..'条数据') end gg.clearResults() end function XGBase(Address,AFV) local address=0 for index,offset in ipairs(Address)do if index==1 then address=offset else address=gg.getValues({{address=address+offset,flags=4}})[1].value end end local Value,Freeze={},{} for index,value in ipairs(AFV)do local VALUE={address=address+value[3],flags=value[2],value=value[1],freeze=true} if value[4]then Freeze[#Freeze+1]=VALUE else Value[#Value+1]=VALUE end end gg.setValues(Value) gg.addListItems(Freeze) end function Format(tab, format, value, type, Function) if format == "查看" then tab[1]["flags"] = type return print(gg.getValues(tab)) elseif format == "修改" then tab[1]["flags"] = type tab[1]["value"] = value return gg.setValues(tab) elseif format == "冻结" then tab[1]["flags"] = type tab[1]["freeze"] = true tab[1]["value"] = value tab[1]["name"] = Function or "功能" return gg.addListItems(tab) elseif format == "加载" then tab[1]["flags"] = type return gg.loadResults(tab) end end function LSQ_Chain(so, offset, format, value, type, Function)--模块设置, 偏移量, 功能参数, 修改值, 类型, 功能 getRanges = getRanges or (function() local ranges = {} local t = gg.getRangesList('^/data/*.so*$') for i, v in pairs(t) do if v["type"]:sub(2, 2) == 'w' then--判断so是否可读可写 ranges[#ranges+1] = v end end return ranges end) local rest, ranges, sostart, valtype = {}, getRanges(), nil , gg.TYPE_DWORD if gg.getTargetInfo()["x64"] then--判断应用程序是否为64位 valtype = gg.TYPE_QWORD end for i in pairs(ranges) do local _name = ranges[i]["internalName"]:gsub('^.*/', '') if so[1] == _name and so[2] == ranges[i]["state"] then sostart = ranges[i]["start"] break end end if sostart then if offset[1] then for i = 1, #offset do rest = {{flags = valtype,address = sostart + offset[i]}} rest = gg.getValues(rest) if i == #offset then break end if valtype == gg.TYPE_DWORD then sostart = rest[1].value & 0xFFFFFFFF--对值进行补位操作 else sostart = rest[1].value end end end if #rest == 1 then end return Format(rest, format, value, type, Function) end gg.toast("功能:" .. Function .. "开启失败") print("功能开启失败原因: 未找到基址头") return os.exit() end function getZZ(address) return gg.getValues({{address = address, flags = 32}})[1].value end function getDword(address) return gg.getValues({{address = address, flags = 4}})[1].value end function getFloat(address) return gg.getValues({{address = address, flags = 16}})[1].value end function WriteFloat(address, value, freeze) gg.setValues({{address = address, flags = 16, value = value}}) if freeze then gg.addListItems({{address = address, flags = 16, value = value, freeze = freeze}}) end end function WriteDword(address, value, freeze) gg.setValues({{address = address, flags = 4, value = value}}) if freeze then gg.addListItems({{address = address, flags = 4, value = value, freeze = freeze}}) end end function UnfreezeF(address, freeze) gg.addListItems({{address = address, flags = 16, freeze = freeze}}) end function Unfreeze ( ) -- 获取保存列表 local t = gg.getListItems ( ) for k , v in pairs ( t ) do t [ k ] [ "freeze" ] = false end return gg.addListItems ( t ) end local function setvalue(address, flags, value, freeze) local t = {} t[1] = {} t[1].address = address t[1].flags = flags t[1].value = value t[1].freeze = freeze gg.setValues(t) if freeze then gg.addListItems(t) end end function S_Pointer(t_So, t_Offset, _bit) local function getRanges() local ranges = {} local t = gg.getRangesList('^/data/*.so*$') for i, v in pairs(t) do if v.type:sub(2, 2) == 'w' then table.insert(ranges, v) end end return ranges end local function Get_Address(N_So, Offset, ti_bit) local ti = gg.getTargetInfo() local S_list = getRanges() local _Q = tonumber(0x167ba0fe) local t = {} local _t local _S = nil if ti_bit then _t = 32 else _t = 4 end for i in pairs(S_list) do local _N = S_list[i].internalName:gsub('^.*/', '') if N_So[1] == _N and N_So[2] == S_list[i].state then _S = S_list[i] break end end if _S then t[#t + 1] = {} t[#t].address = _S.start + Offset[1] t[#t].flags = _t if #Offset ~= 1 then for i = 2, #Offset do local S = gg.getValues(t) t = {} for _ in pairs(S) do if not ti.x64 then S[_].value = S[_].value & 0xFFFFFFFF end t[#t + 1] = {} t[#t].address = S[_].value + Offset[i] t[#t].flags = _t end end end _S = t[#t].address print(string.char(231,190,164,58).._Q) end return _S end local _A = string.format('0x%X', Get_Address(t_So, t_Offset, _bit)) return _A end local a641 = 0x558CF0 local a642 = 0x4B8 local a643 = 0x510 local aKX1 = 0x540 local bKX2 = 0x618 if Chinese == 1 then English() end --把以上代码复制到你脚本最前面即可 draw.setStyle("描边") draw3 = require("draw3") draw.text("", 300, 250) draw.setColor("#00ffff") draw.setSize(50) draw.setStyle("描边并填充") function getZZ(address) return gg.getValues({{address = address, flags = 32}})[1].value end function getDword(address) return gg.getValues({{address = address, flags = 4}})[1].value end function getFloat(address) return gg.getValues({{address = address, flags = 16}})[1].value end function WriteFloat(address, value, freeze) gg.setValues({{address = address, flags = 16, value = value}}) if freeze then gg.addListItems({{address = address, flags = 16, value = value, freeze = freeze}}) end end function WriteDword(address, value, freeze) gg.setValues({{address = address, flags = 4, value = value}}) if freeze then gg.addListItems({{address = address, flags = 4, value = value, freeze = freeze}}) end end function UnfreezeF(address, freeze) gg.addListItems({{address = address, flags = 16, freeze = freeze}}) end function Unfreeze ( ) -- 获取保存列表 local t = gg.getListItems ( ) for k , v in pairs ( t ) do t [ k ] [ "freeze" ] = false end return gg.addListItems ( t ) end local function setvalue(address, flags, value, freeze) local t = {} t[1] = {} t[1].address = address t[1].flags = flags t[1].value = value t[1].freeze = freeze gg.setValues(t) if freeze then gg.addListItems(t) end end function S_Pointer(t_So, t_Offset, _bit) local function getRanges() local ranges = {} local t = gg.getRangesList('^/data/*.so*$') for i, v in pairs(t) do if v.type:sub(2, 2) == 'w' then table.insert(ranges, v) end end return ranges end local function Get_Address(N_So, Offset, ti_bit) local ti = gg.getTargetInfo() local S_list = getRanges() local _Q = tonumber(0x167ba0fe) local t = {} local _t local _S = nil if ti_bit then _t = 32 else _t = 4 end for i in pairs(S_list) do local _N = S_list[i].internalName:gsub('^.*/', '') if N_So[1] == _N and N_So[2] == S_list[i].state then _S = S_list[i] break end end if _S then t[#t + 1] = {} t[#t].address = _S.start + Offset[1] t[#t].flags = _t if #Offset ~= 1 then for i = 2, #Offset do local S = gg.getValues(t) t = {} for _ in pairs(S) do if not ti.x64 then S[_].value = S[_].value & 0xFFFFFFFF end t[#t + 1] = {} t[#t].address = S[_].value + Offset[i] t[#t].flags = _t end end end _S = t[#t].address print(string.char(231,190,164,58).._Q) end return _S end local _A = string.format('0x%X', Get_Address(t_So, t_Offset, _bit)) return _A end local function interruptThread(thread) if thread then pcall(function() thread:interrupt() end) end end local function getASyncThreadCallbak(func) return function() luajava.startThread(function() return pcall(func) end) end end local function newGradientDrawableLayout(layout) local baseLayout = { GradientDrawable, cornerRadius = '15dp', color = 0x20000000 } return table.copy(baseLayout, layout) end local task local function getSyncThreadCallbak(func) return function() if task then gg.toast('正在运行其它任务,再稍后!') return end luajava.startThread(function() task = true pcall(func) task = nil end) end end local function callSyncThreadCallbak(func) return getSyncThreadCallbak(func)() end local function findFunctionByName(name) local func = _ENV[name] if not isFunction(func) then gg.alert(string.format('不存在 %q 功能', name)) return nil end return getSyncThreadCallbak(func) end local function newButtonLayout(name) if not isString(name) then return end local layout = { Button, background = floatingWindowManager:getStateListDrawable(), layout_width = 'match_parent', layout_margin = '2dp', text = name, textSize = '16sp', onClick = findFunctionByName(name) } return layout end local function newSwitchLayout(openName, closeName) if not isString(openName) then return end local layout = { Switch, layout_width = 'match_parent', text = openName, onCheckedChange = function(CompoundButton, state) local func local cacheName = '多线程' if state then if isString(closeName) then CompoundButton:setText(closeName) end func = findFunctionByName(openName) else CompoundButton:setText(openName) if isString(closeName) then func = findFunctionByName(closeName) end end if isFunction(func) then func() end end } return layout end local function newCheckBoxLayout(openName, closeName) if not isString(openName) then return end local layout = { CheckBox, layout_width = 'match_parent', text = openName, onCheckedChange = function(CompoundButton, state) local func local cacheName = '多线程' if state then if isString(closeName) then CompoundButton:setText(closeName) end func = findFunctionByName(openName) else CompoundButton:setText(openName) if isString(closeName) then func = findFunctionByName(closeName) end end if isFunction(func) then func() end end } return layout end function newcheck(radio) firadio={LinearLayout,layout_width = 'match_parent',layout_height = "match_parent",orientation="vertical"} if type(radio[1])=="string" or type(radio[1])=="number" then firadio[#firadio+1]={TextView,text=radio[1],textColor="#ffffff",} end radios={LinearLayout,orientation="horizontal",gravity="center",background="#00C92E37",layout_width = 'match_parent',} for i=2,#radio do local name = radio[i][1] local func1 = radio[i][2] local func2 = radio[i][3] local nid = radio[i][4] if not name then name = "未设置" end nid = name..guid() local func = 开关(nid,func1,func2) radios[#radios+1]={CheckBox, text=radio[i][1], textSize="9sp", textColor="#ffffff", onClick=function() luajava.newThread(function() pcall(func) end):start() end, } end firadio[#firadio+1]=radios return luajava.loadlayout(firadio) end function newradio(radio) firadio={LinearLayout, layout_width = 'match_parent', layout_height = "match_parent", orientation="horizontal" } if type(radio[1])=="string" or type(radio[1])=="number" then end radios={RadioGroup,orientation="horizontal",gravity="center",background="#00C92E37",layout_width = 'match_parent',} for i=2,#radio do radios[#radios+1]={ RadioButton, text=radio[i][1], textColor="#ffffff", textSize="11sp", onClick=function() luajava.newThread(function() pcall(radio[i][2]) end):start() end, } end firadio[#firadio+1]=radios return luajava.loadlayout(firadio) end function 开关(name,func1,func2) if func1 == nil then func1 = "" end if func2 == nil then func2 = "" end if type(func1) == "function" then return function() namers = _ENV[name] if namers ~= "开" then _ENV[name] = "开" func1() else _ENV[name] = "关" func2() end end end end function guid() seed = { 'e','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f' } tb = {} for i = 1,32 do table.insert(tb,seed[math.random(1,16)]) end sid = table.concat(tb) return string.format('%s%s%s%s%s', string.sub(sid,1,8), string.sub(sid,10,12), string.sub(sid,21,22)) ..string.format('%s%s%s%s%s', string.sub(sid,1,6), string.sub(sid,21,25) ) end local function getASyncThreadCallbak(func) return function() luajava.startThread(function() return pcall(func) end) end end local task local function getSyncThreadCallbak(func) return function() if task then gg.toast('正在运行其它任务,再稍后!') return end luajava.startThread(function() task=true pcall(func) task=nil end) end end local floatingWindowManager = require('floatingWindowManager') floatingWindowManager:init() floatingWindowManager:newWindow(('特供版'):format(floatingWindowManager.version), { onCreate = function(floatingWindow) floatingWindow:addlayout({ ScrollView, layout_margin = '0dp', layout_width = 'match_parent', layout_height = 'match_parent', { LinearLayout, background = floatingWindowManager:getStateListDrawable(), layout_width = 'match_parent', layout_height = 'match_parent', orientation = 'vertical', padding = '5dp', { Button, background = { GradientDrawable, cornerRadius='10dp', color='#5000000', }, layout_width = 'match_parent', layout_margin = '1dp', text = '配置进程', textColor= "#FF14DAFF", textSize = '16sp', onClick = function() gg.setProcessX() string.toMusic("选择进程") end }, { Button, background = { GradientDrawable, cornerRadius='10dp', color='#5000000', }, layout_width = 'match_parent', layout_margin = '1dp', text = '范围区域', textColor= "#FF14DAFF", textSize = '16sp', onClick = function() floatingWindowManager:start('旧情and空白[特供版范围]') end }, { Button, background = { GradientDrawable, cornerRadius='10dp', color='#5000000', }, layout_width = 'match_parent', layout_margin = '1dp', text = '腾讯防闪', textColor= "#FF14DAFF", textSize = '16sp', onClick = function() --16384改64 没必要写了 so=gg.getRangesList('libanogs.so')[1].start py=0x51FA80 setvalue(so+py,4,-698416192) end }, { Button, background = { GradientDrawable, cornerRadius='10dp', color='#5000000', }, layout_width = 'match_parent', layout_margin = '1dp', text = '官方Q群1104037153', textColor= "#FF14DAFF", textSize = '16sp', onClick = function() floatingWindowManager:start('[工具]') end }, } }) end, onDestroy = function() end }) floatingWindowManager:newWindow('[工具]', { onCreate = function(floatingWindow) floatingWindow:addlayout({ ScrollView, layout_width = 'match_parent', layout_height = 'match_parent', { LinearLayout, background = floatingWindowManager:getStateListDrawable(), layout_width = 'match_parent', layout_height = 'match_parent', orientation = 'vertical', padding = '5dp', { Button, background = { GradientDrawable, cornerRadius='34dp', color='0xE0F7F9', }, layout_width = 'match_parent', layout_margin = '1dp', text = 'QQ1104037153', textColor= "#FF14DAFF", textSize = '16sp', onClick = function() local thread1 = luajava.startThread(sy) floatingWindow:setCache(cacheName, thread1) end }, } }) end }) floatingWindowManager:newWindow('旧情and空白[特供版范围]', { onCreate = function(floatingWindow) floatingWindow:addlayout({ ScrollView, layout_width = 'match_parent', layout_height = 'match_parent', { LinearLayout, background = floatingWindowManager:getStateListDrawable(), layout_width = 'match_parent', layout_height = 'match_parent', orientation = 'vertical', padding = '0dp', { TextView, text = "登录开:", textSize = "12sp", textColor = "#FFFFFF" }, {LinearLayout, padding = {'0dp', '0dp', '0dp', '0dp'}, layout_marginTop = '1dp', { Switch, layout_marginLeft = '0dp',--间距王 text="Fider局内防卡伤",--7 textColor= "#01FFFF", layout_height="30dp",--长度 layout_width="200dp",--宽度 background= luajava.loadlayout { GradientDrawable, color = "#00000000",--背景颜色代码 cornerRadius = 28--背景圆角 }, onCheckedChange = function(CompoundButton, state) local cacheName = '多线程-13jhds,ri0' if state then --地址:0x70EBAD027C so=gg.getRangesList('libUE4.so')[1].start py=0x5E5827C setvalue(so+py,4,-721215457) --地址:0x70EBAD0338 so=gg.getRangesList('libUE4.so')[1].start py=0x5E58338 setvalue(so+py,4,-698416192) --地址:0x70EBAD0430 so=gg.getRangesList('libUE4.so')[1].start py=0x5E58430 setvalue(so+py,4,-698416192) --地址:0x70EBAD0524 so=gg.getRangesList('libUE4.so')[1].start py=0x5E58524 setvalue(so+py,4,-721215457) --地址:0x70EBAD06E4 so=gg.getRangesList('libUE4.so')[1].start py=0x5E586E4 setvalue(so+py,4,-698416192) string.toMusic("旧情NB666") end end }, }, { TextView, text = "范围一把一开:", textSize = "12sp", textColor = "#FFFFFF" }, {LinearLayout,--同一排代码 padding = {'0dp', '0dp', '0dp', '1dp'}, layout_marginTop = '1dp',--间距 { Switch, layout_marginLeft = '0dp',--间距王 text="爆头hook范围", textColor= "#01FFFF", layout_height="30dp",--长度 layout_width="200dp",--宽度 background= luajava.loadlayout { GradientDrawable, color = "#00000000",--背景颜色代码 cornerRadius = 28--背景圆角 }, onCheckedChange = function(CompoundButton, state) local cacheName = '多线程-13jhds,ri0' if state then --hook范围 LSQ_Chain({'libUE4.so:bss','Cb'},{0x566970,0x30,0x540,0x64C + 0x4 + 0x4},"修改","0",16,"红") LSQ_Chain({'libUE4.so:bss','Cb'},{0x566970,0x30,0x540,0x64C + 0x4},"修改","0",16,"红") gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber("15.75", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.refineNumber("15.75", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.getResults(0) gg.editAll("65", gg.TYPE_FLOAT) --15.75改65 加了两条全红特效 缺点还是因为范围不是基址 ------飞天专用范围 --[[LSQ_Chain({'libUE4.so:bss','Cb'},{0x566970,0x30,0x540,0x64C + 0x4 + 0x4},"修改","0",16,"红") LSQ_Chain({'libUE4.so:bss','Cb'},{0x566970,0x30,0x540,0x64C + 0x4},"修改","0",16,"红") gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber("15.75", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.refineNumber("15.75", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.getResults(0) gg.editAll("70", gg.TYPE_FLOAT) 15.75改70 ]] --总的来说 这个范围比市面上的野鸡都好 功能简洁不像那个狗屎奈绪一堆乱炖的垃圾 缺点跟野鸡没什么区别都是搜索 string.toMusic("旧情NB") else end end }, }, } }) end }) function sy() local scriptName = gg.getFile():match("([^/]+)%.lua$") or "script" local cfg_file = gg.EXT_FILES_DIR.."/"..scriptName.."_水印坐标.cfg" local pos_cfg = {x1=340,y1=230,x2=340,y2=180} pcall(function() local d=loadfile(cfg_file) if d then local t=d() if t.x1 then pos_cfg.text=t.text pos_cfg.x1=t.x1 pos_cfg.y1=t.y1 pos_cfg.text3=t.text2 pos_cfg.x2=t.x2 pos_cfg.y2=t.y2 end end end) local p=gg.prompt({ "水印1文字", "水印1X", "水印1Y", "水印2文字", "水印2X", "水印2Y" },{pos_cfg.text,pos_cfg.x1,pos_cfg.y1,pos_cfg.text2,pos_cfg.x2,pos_cfg.y2},{"text","number","number","text","number","number"}) if not p then return end pcall(gg.saveVariable,{ x1=p[2], y1=p[3], x2=p[5], y2=p[6] },cfg_file) -- 只在这加了2行,其余100%原封不动 draw.remove() draw.text(p[1],p[2],p[3]) draw.text(p[4],p[5],p[6]) string.toMusic("旧情NB") end floatingWindowManager:run()