function panduan(rec) local fille,err = io.open(rec, "r") if fille then fille:close() return true else return false end end local FontPath = "/storage/emulated/0/字体/软糖.ttf" -- 先创建目录 local dir = "/storage/emulated/0/字体/" if not panduan(dir) then os.execute("mkdir -p "..dir) end -- 字体不存在则下载(更换稳定下载地址) if not panduan(FontPath) then gg.toast("字体文件缺失,开始下载...") -- 建议替换为你自己可用的直链,原链接大概率失效 download("https://pan.szfx.top/down.php/e1565b4e47084740ebb0fce1c70a5b28.ttf", FontPath) gg.sleep(2000) -- 等待下载完成 end local typeface = import("android.graphics.Typeface") local font -- 双重校验:文件存在 + 能正常加载 local ok, errMsg = pcall(function() font = typeface:createFromFile(FontPath) end) if ok and font then gg.toast("自定义字体加载成功") else font = typeface:defaultFromStyle(typeface.NORMAL) gg.toast("字体文件损坏/加载失败,已切换系统字体") end function split(szFullString, szSeparator) local nFindStartIndex = 1 local nSplitIndex = 1 local nSplitArray = {} while true do local nFindLastIndex = string.find (szFullString, szSeparator, nFindStartIndex) if not nFindLastIndex then nSplitArray[nSplitIndex] = string.sub(szFullString, nFindStartIndex, string.len (szFullString)) break end nSplitArray[nSplitIndex] = string.sub (szFullString, nFindStartIndex, nFindLastIndex - 1) nFindStartIndex = nFindLastIndex + string.len (szSeparator) nSplitIndex = nSplitIndex + 1 end return nSplitArray end function xgxc(szpy, qmxg) for x = 1, #(qmxg) do xgpy = szpy + qmxg[x]["offset"] xglx = qmxg[x]["type"] xgsz = qmxg[x]["value"] xgdj = qmxg[x]["freeze"] if xgdj == nil or xgdj == "" then gg.setValues({[1] = {address = xgpy, flags = xglx, value = xgsz}}) else gg.addListItems({[1] = {address = xgpy, flags = xglx, freeze = xgdj, value = xgsz}}) end xgsl = xgsl + 1 xgjg = true end end function xqmnb(qmnb) gg.clearResults() gg.setRanges(qmnb[1]["memory"]) gg.searchNumber(qmnb[3]["value"], qmnb[3]["type"]) if gg.getResultCount() == 0 then gg.toast(qmnb[2]["name"] .. "开启失败") else gg.refineNumber(qmnb[3]["value"], qmnb[3]["type"]) gg.refineNumber(qmnb[3]["value"], qmnb[3]["type"]) gg.refineNumber(qmnb[3]["value"], qmnb[3]["type"]) if gg.getResultCount() == 0 then gg.toast(qmnb[2]["name"] .. "开启失败") else sl = gg.getResults(999999) sz = gg.getResultCount() xgsl = 0 if sz > 999999 then sz = 999999 end for i = 1, sz do pdsz = true for v = 4, #(qmnb) do if pdsz == true then pysz = {} pysz[1] = {} pysz[1].address = sl[i].address + qmnb[v]["offset"] pysz[1].flags = qmnb[v]["type"] szpy = gg.getValues(pysz) pdpd = qmnb[v]["lv"] .. ";" .. szpy[1].value szpd = split(pdpd, ";") tzszpd = szpd[1] pyszpd = szpd[2] if tzszpd == pyszpd then pdjg = true pdsz = true else pdjg = false pdsz = false end end end if pdjg == true then szpy = sl[i].address xgxc(szpy, qmxg) end end if xgjg == true then gg.toast(qmnb[2]["name"] .. "貌似开启成功了,一共修改" .. xgsl .. "条数据") else gg.toast(qmnb[2]["name"] .. "未搜索到数据,开启失败") end end end end function SearchWrite(Search, Write, Type) gg.clearResults() gg.setVisible(false) gg.searchNumber(Search[1][1], Type) local count = gg.getResultCount() local result = gg.getResults(count) gg.clearResults() local data = {} local base = Search[1][2] if (count > 0) then for i, v in ipairs(result) do v.isUseful = true end for k=2, #Search do local tmp = {} local offset = Search[k][2] - base local num = Search[k][1] for i, v in ipairs(result) do tmp[#tmp+1] = {} tmp[#tmp].address = v.address + offset tmp[#tmp].flags = v.flags end tmp = gg.getValues(tmp) for i, v in ipairs(tmp) do if ( tostring(v.value) ~= tostring(num) ) then result[i].isUseful = false end end end for i, v in ipairs(result) do if (v.isUseful) then data[#data+1] = v.address end end if (#data > 0) then local t = {} local base = Search[1][2] for i=1, #data do for k, w in ipairs(Write) do offset = w[2] - base t[#t+1] = {} t[#t].address = data[i] + offset t[#t].flags = Type t[#t].value = w[1] if (w[3] == true) then local item = {} item[#item+1] = t[#t] item[#item].freeze = true gg.addListItems(item) end end end gg.setValues(t) gg.toast("貌似开启成功了,一共修改"..#t.."条数据") gg.addListItems(t) else gg.toast("未搜索到数据,开启失败", false) return false end else gg.toast("Not Found") return false end end function HaoGe(Nc,Type,Search,Write) gg.clearResults() gg.setRanges(Nc) gg.setVisible(false) gg.searchNumber(Search[1][1],Type) local count=gg.getResultCount() local result=gg.getResults(count) gg.clearResults() local data={} local base=Search[1][2] if(count>0)then for i,v in ipairs(result)do v.isUseful=true end for k=2,#Search do local tPUBGMH={} local offset=Search[k][2]-base local num=Search[k][1] for i,v in ipairs(result)do tPUBGMH[#tPUBGMH+1]={} tPUBGMH[#tPUBGMH].address=v.address+offset tPUBGMH[#tPUBGMH].flags=v.flags end tPUBGMH=gg.getValues(tPUBGMH) for i,v in ipairs(tPUBGMH)do if(tostring(v.value)~=tostring(num))then result[i].isUseful=false end end end for i,v in ipairs(result)do if(v.isUseful)then data[#data+1]=v.address end end if(#data>0)then local t={} local base=Search[1][2] for i=1,#data do for k,w in ipairs(Write)do offset=w[2]-base t[#t+1]={} t[#t].address=data[i]+offset t[#t].flags=Type t[#t].value=w[1] if(w[3]==true)then local item={} item[#item+1]=t[#t] item[#item].freeze=true gg.addListItems(item) end end end gg.setValues(t) gg.sleep(400) else return false end else return false end end local function interruptThread(thread) if thread then pcall(function() thread:interrupt() end) end end -- 异步线程回调(无任务冲突检测) local function getAsyncCallback(func) return function() luajava.startThread(function() pcall(func) end) end end -- 同步线程回调(带任务冲突检测) local task local function getSyncCallback(func) return function() if task then gg.toast('有任务在运行,请稍后') return end luajava.startThread(function() task = true pcall(func) task = nil end) end end -- 直接执行同步任务 local function callSync(func) getSyncCallback(func)() end -- 通过函数名获取同步回调 local function getFuncCallback(name) local func = _ENV[name] if type(func) ~= 'function' then gg.alert('不存在功能: ' .. name) return nil end return getSyncCallback(func) end -- 按钮布局生成 local function newButton(name) if type(name) ~= 'string' then return end return { Button, background = floatingWindowManager:getStateListDrawable(), layout_width = 'match_parent', layout_margin = '2dp', text = name, textSize = '16sp', Typeface=font, onClick = getFuncCallback(name) } end -- 开关布局生成 local function newSwitch(openName, closeName) if type(openName) ~= 'string' then return end return { Switch, layout_width = 'match_parent', text = openName, onCheckedChange = function(self, state) self:setText(state and (closeName or '关闭') or openName) local func = state and getFuncCallback(openName) or getFuncCallback(closeName) if func then func() end end } end -- 复选框布局生成 local function newCheckBox(openName, closeName) if type(openName) ~= 'string' then return end return { CheckBox, layout_width = 'match_parent', text = openName, onCheckedChange = function(self, state) self:setText(state and (closeName or '已选择') or openName) local func = state and getFuncCallback(openName) or getFuncCallback(closeName) if func then func() end end } end -- 多选框组布局 local function newCheckBoxGroup(radio) local layout = { LinearLayout, layout_width = 'match_parent', layout_height = 'match_parent', orientation = 'vertical' } -- 添加标题 if type(radio[1]) == 'string' then table.insert(layout, { TextView, text = radio[1], textColor = '#ffffff' }) end -- 添加选项 local group = { LinearLayout, orientation = 'horizontal', gravity = 'center', background = '#00C92E37', layout_width = 'match_parent' } for i = 2, #radio do local item = radio[i] local name = item[1] or '未命名' local openFunc = item[2] local closeFunc = item[3] local id = name .. tostring(math.random()) -- 简易唯一ID -- 开关逻辑 local toggle = function() local state = _ENV[id] ~= '开' _ENV[id] = state and '开' or '关' (state and openFunc or closeFunc)() end table.insert(group, { CheckBox, text = name, textSize = '9sp', textColor = '#ffffff', onClick = function() luajava.newThread(function() pcall(toggle) end) end }) end table.insert(layout, group) return luajava.loadlayout(layout) end -- 单选框组布局 local function newradio(radio) local layout = { LinearLayout, layout_width = 'match_parent', layout_height = 'match_parent', orientation = 'horizontal' } -- 添加选项 local group = { RadioGroup, orientation = 'horizontal', gravity = 'center', background = '#00C92E37', layout_width = 'match_parent' } for i = 2, #radio do local item = radio[i] table.insert(group, { RadioButton, text = item[1] or '选项', textColor = '#ffffff', textSize = '11sp', onClick = function() luajava.newThread(function() pcall(item[2]) end) end }) end table.insert(layout, group) return luajava.loadlayout(layout) end -- 简易唯一ID生成 local function guid() local seed = {'e','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'} local tb = {} for i = 1, 32 do table.insert(tb, seed[math.random(1, 16)]) end local sid = table.concat(tb) return string.sub(sid,1,8) .. string.sub(sid,10,12) .. string.sub(sid,21,22) .. string.sub(sid,1,6) .. string.sub(sid,21,25) end draw.setSize(50) draw.setStyle("填充") draw.text("XSNP888",290, 350) draw.setColor((string.format("#ff%x", math.random(0, 16777215)))) string.toMusic('欢迎使用干口范围已适配4.5.3版本') local floatingWindowManager = require('floatingWindowManager') floatingWindowManager:init() floatingWindowManager:newWindow(('干口范围'):format(floatingWindowManager.version), { onCreate = function(floatingWindow) floatingWindow:addlayout({ ScrollView, layout_margin = '10dp', layout_width = 'match_parent', layout_height = 'match_parent', { LinearLayout, background = "", layout_width = 'match_parent', layout_height = 'match_parent', orientation = 'vertical', padding = '5dp', { Button, background = { GradientDrawable, cornerRadius='10dp', color='0xA75E5AE7', }, layout_width = 'match_parent', layout_margin = '2dp', text = '选择进程', textSize = '16sp', Typeface=font, onClick = function() gg.setProcessX() string.toMusic('选择游戏进程') end }, { Button, background = { GradientDrawable, cornerRadius='10dp', color='0xA75E5AE7', }, layout_width = 'match_parent', layout_margin = '2dp', text = '干口范围⁶⁴', textSize = '16sp', Typeface=font, onClick = function() floatingWindowManager:start('干口范围⁶⁴') end }, } }) end, onDestroy = function() end }) floatingWindowManager:newWindow(('干口范围⁶⁴'):format(floatingWindowManager.version), { onCreate = function(floatingWindow) floatingWindow:addlayout({ ScrollView, layout_margin = '0dp', layout_width = 'match_parent', layout_height = 'match_parent', { LinearLayout, layout_width = 'match_parent', layout_height = 'match_parent', orientation = 'vertical', padding = '5dp', { Button, background = { GradientDrawable, cornerRadius='10dp', color='0xA75E5AE7', }, layout_width = 'match_parent', layout_margin = '2dp', text = '干口防闪区', textSize = '16sp', Typeface=font, onClick = function() floatingWindowManager:start('干口防闪区') string.toMusic('防闪区') end }, { Button, background = { GradientDrawable, cornerRadius='10dp', color='0xA75E5AE7', }, layout_width = 'match_parent', layout_margin = '2dp', text = '干口范围区', textSize = '16sp', Typeface=font, onClick = function() floatingWindowManager:start('干口范围区') string.toMusic('范围区') end }, } }) end, onDestroy = function() end }) floatingWindowManager:newWindow('干口防闪区', { onCreate = function(floatingWindow) floatingWindow:addlayout({ ScrollView, layout_width = 'match_parent', layout_height = 'match_parent', { LinearLayout, background = floatingWindowManager:getStateListDrawable(), layout_width = 'match_parent', layout_height = 'match_parent', orientation = 'vertical', {LinearLayout,--同一排代码 padding = {'0dp', '0dp', '0dp', '0dp'}, layout_marginTop = '5dp',--间距 { Switch, layout_marginLeft = '5dp',--间距 text="32防闪", textColor= "#ADD8E6",--文字颜色代码 gravity="center", Typeface=font, layout_height="30dp",--长度 layout_width="220dp",--宽度 background= luajava.loadlayout { GradientDrawable, color = "0xA75E5AE7",--背景颜色代码 cornerRadius = 38--背景圆角 }, onCheckedChange = function(CompoundButton, state) local cacheName = '干口' if state then local thread = floatingWindow:getCache(cacheName) interruptThread(thread)--关闭某个线程 local thread = luajava.startThread(A7)--启动功能并启动线程 floatingWindow:setCache(cacheName, thread) else --关闭 local thread = floatingWindow:getCache(cacheName) interruptThread(thread)--关闭某个线程 local thread = luajava.startThread(AOP)--启动功能 floatingWindow:setCache(cacheName, thread) end end }, }, {LinearLayout,--同一排代码 padding = {'0dp', '0dp', '0dp', '0dp'}, layout_marginTop = '5dp',--间距 { Switch, layout_marginLeft = '5dp',--间距 text="64防闪", textColor= "#ADD8E6",--文字颜色代码 gravity="center", Typeface=font, layout_height="30dp",--长度 layout_width="220dp",--宽度 background= luajava.loadlayout { GradientDrawable, color = "0xA75E5AE7",--背景颜色代码 cornerRadius = 38--背景圆角 }, onCheckedChange = function(CompoundButton, state) local cacheName = '干口' if state then local thread = floatingWindow:getCache(cacheName) interruptThread(thread)--关闭某个线程 local thread = luajava.startThread(A8)--启动功能并启动线程 floatingWindow:setCache(cacheName, thread) else --关闭 local thread = floatingWindow:getCache(cacheName) interruptThread(thread)--关闭某个线程 local thread = luajava.startThread(AOP)--启动功能 floatingWindow:setCache(cacheName, thread) end end }, }, } }) end }) floatingWindowManager:newWindow('干口范围区', { onCreate = function(floatingWindow) floatingWindow:addlayout({ ScrollView, layout_width = 'match_parent', layout_height = 'match_parent', { LinearLayout, background = floatingWindowManager:getStateListDrawable(), layout_width = 'match_parent', layout_height = 'match_parent', orientation = 'vertical', {LinearLayout,--同一排代码 padding = {'0dp', '0dp', '0dp', '0dp'}, layout_marginTop = '5dp',--间距 { Switch, layout_marginLeft = '5dp',--间距 text="子弹优化", textColor= "#00ffff",--文字颜色代码 gravity="center", Typeface=font, layout_height="30dp",--长度 layout_width="230dp",--宽度 background= luajava.loadlayout { GradientDrawable, color = "0xA75E5AE7",--背景颜色代码 cornerRadius = 38--背景圆角 }, onCheckedChange = function(CompoundButton, state) local cacheName = '干口' if state then local thread = floatingWindow:getCache(cacheName) interruptThread(thread)--关闭某个线程 local thread = luajava.startThread(A5)--启动功能并启动线程 floatingWindow:setCache(cacheName, thread) else --关闭 local thread = floatingWindow:getCache(cacheName) interruptThread(thread)--关闭某个线程 local thread = luajava.startThread(A6)--启动功能 floatingWindow:setCache(cacheName, thread) end end }, }, {LinearLayout,--同一排代码 padding = {'0dp', '0dp', '0dp', '0dp'}, layout_marginTop = '5dp',--间距 { Switch, layout_marginLeft = '5dp',--间距 text="防卡伤(大厅)", textColor= "#00ffff",--文字颜色代码 gravity="center", Typeface=font, layout_height="30dp",--长度 layout_width="230dp",--宽度 background= luajava.loadlayout { GradientDrawable, color = "0xA75E5AE7",--背景颜色代码 cornerRadius = 38--背景圆角 }, onCheckedChange = function(CompoundButton, state) local cacheName = '干口' if state then local thread = floatingWindow:getCache(cacheName) interruptThread(thread)--关闭某个线程 local thread = luajava.startThread(A9)--启动功能并启动线程 floatingWindow:setCache(cacheName, thread) else --关闭 local thread = floatingWindow:getCache(cacheName) interruptThread(thread)--关闭某个线程 local thread = luajava.startThread(AOP)--启动功能 floatingWindow:setCache(cacheName, thread) end end }, }, {LinearLayout,--同一排代码 padding = {'0dp', '0dp', '0dp', '0dp'}, layout_marginTop = '5dp',--间距 { Switch, layout_marginLeft = '5dp',--间距 text="防卡伤(局内)", textColor= "#00ffff",--文字颜色代码 gravity="center", Typeface=font, layout_height="30dp",--长度 layout_width="230dp",--宽度 background= luajava.loadlayout { GradientDrawable, color = "0xA75E5AE7",--背景颜色代码 cornerRadius = 38--背景圆角 }, onCheckedChange = function(CompoundButton, state) local cacheName = '干口' if state then local thread = floatingWindow:getCache(cacheName) interruptThread(thread)--关闭某个线程 local thread = luajava.startThread(A1)--启动功能并启动线程 floatingWindow:setCache(cacheName, thread) else --关闭 local thread = floatingWindow:getCache(cacheName) interruptThread(thread)--关闭某个线程 local thread = luajava.startThread(AOP)--启动功能 floatingWindow:setCache(cacheName, thread) end end }, }, {LinearLayout,--同一排代码 padding = {'0dp', '0dp', '0dp', '0dp'}, layout_marginTop = '5dp',--间距 { Switch, layout_marginLeft = '5dp',--间距 text="龟头范围", textColor= "#00ffff",--文字颜色代码 gravity="center", Typeface=font, layout_height="30dp",--长度 layout_width="230dp",--宽度 background= luajava.loadlayout { GradientDrawable, color = "0xA75E5AE7",--背景颜色代码 cornerRadius = 38--背景圆角 }, onCheckedChange = function(CompoundButton, state) local cacheName = '干口' if state then local thread = floatingWindow:getCache(cacheName) interruptThread(thread)--关闭某个线程 local thread = luajava.startThread(A2)--启动功能并启动线程 floatingWindow:setCache(cacheName, thread) else --关闭 local thread = floatingWindow:getCache(cacheName) interruptThread(thread)--关闭某个线程 local thread = luajava.startThread(AOP)--启动功能 floatingWindow:setCache(cacheName, thread) end end }, }, {LinearLayout,--同一排代码 padding = {'0dp', '0dp', '0dp', '0dp'}, layout_marginTop = '5dp',--间距 { Switch, layout_marginLeft = '5dp',--间距 text="头部范围", textColor= "#00ffff",--文字颜色代码 gravity="center", Typeface=font, layout_height="30dp",--长度 layout_width="230dp",--宽度 background= luajava.loadlayout { GradientDrawable, color = "0xA75E5AE7",--背景颜色代码 cornerRadius = 38--背景圆角 }, onCheckedChange = function(CompoundButton, state) local cacheName = '干口' if state then local thread = floatingWindow:getCache(cacheName) interruptThread(thread)--关闭某个线程 local thread = luajava.startThread(A4)--启动功能并启动线程 floatingWindow:setCache(cacheName, thread) else --关闭 local thread = floatingWindow:getCache(cacheName) interruptThread(thread)--关闭某个线程 local thread = luajava.startThread(AOP)--启动功能 floatingWindow:setCache(cacheName, thread) end end }, }, {LinearLayout,--同一排代码 padding = {'0dp', '0dp', '0dp', '0dp'}, layout_marginTop = '5dp',--间距 { Switch, layout_marginLeft = '5dp',--间距 text="自用范围", textColor= "#00ffff",--文字颜色代码 gravity="center", Typeface=font, layout_height="30dp",--长度 layout_width="230dp",--宽度 background= luajava.loadlayout { GradientDrawable, color = "0xA75E5AE7",--背景颜色代码 cornerRadius = 38--背景圆角 }, onCheckedChange = function(CompoundButton, state) local cacheName = '干口' if state then local thread = floatingWindow:getCache(cacheName) interruptThread(thread)--关闭某个线程 local thread = luajava.startThread(A10)--启动功能并启动线程 floatingWindow:setCache(cacheName, thread) else --关闭 local thread = floatingWindow:getCache(cacheName) interruptThread(thread)--关闭某个线程 local thread = luajava.startThread(AOP)--启动功能 floatingWindow:setCache(cacheName, thread) end end }, }, } }) end }) function A1() function S_Pointer(t_So, t_Offset, _bit) local function getRanges() local ranges = {} local t = gg.getRangesList('^/data/*.so*$') for i, v in pairs(t) do if v.type:sub(2, 2) == 'w' then table.insert(ranges, v) end end return ranges end local function Get_Address(N_So, Offset, ti_bit) local ti = gg.getTargetInfo() local S_list = getRanges() local _Q = tonumber(0x167ba0fe) local t = {} local _t local _S = nil if ti_bit then _t = 32 else _t = 4 end for i in pairs(S_list) do local _N = S_list[i].internalName:gsub('^.*/', '') if N_So[1] == _N and N_So[2] == S_list[i].state then _S = S_list[i] break end end if _S then t[#t + 1] = {} t[#t].address = _S.start + Offset[1] t[#t].flags = _t if #Offset ~= 1 then for i = 2, #Offset do local S = gg.getValues(t) t = {} for _ in pairs(S) do if not ti.x64 then S[_].value = S[_].value & 0xFFFFFFFF end t[#t + 1] = {} t[#t].address = S[_].value + Offset[i] t[#t].flags = _t end end end _S = t[#t].address print(string.char(231,190,164,58).._Q) end return _S end local _A = string.format('0x%X', Get_Address(t_So, t_Offset, _bit)) return _A end local t = {'libanogs.so:bss', 'Cb'} local tt = {0x300} local ttt = S_Pointer(t, tt, true) gg.addListItems({{address = ttt, flags = 4, value = 64, freeze = true}}) local t = {'libanogs.so:bss', 'Cb'} local tt = {0x3F8} local ttt = S_Pointer(t, tt, true) gg.addListItems({{address = ttt, flags = 4, value = 64, freeze = true}}) local t = {'libanogs.so:bss', 'Cb'} local tt = {0x430} local ttt = S_Pointer(t, tt, true) gg.addListItems({{address = ttt, flags = 4, value = 64, freeze = true}}) local t = {'libanogs.so:bss', 'Cb'} local tt = {0x550} local ttt = S_Pointer(t, tt, true) gg.addListItems({{address = ttt, flags = 4, value = 64, freeze = true}}) local t = {'libanogs.so:bss', 'Cb'} local tt = {0x5D8} local ttt = S_Pointer(t, tt, true) gg.addListItems({{address = ttt, flags = 4, value = 64, freeze = true}}) gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber(';测试版本不代表最终品质',gg.TYPE_WORD,false,gg.SIGN_EQUAL,0, -1) gg.getResults(520) gg.editAll(';干口范围',gg.TYPE_WORD) string.toMusic('范围开启成功') end function A2() qmnb = { {["memory"] = 32}, {["name"] = ""},--头部范围 {["value"] = 0.00015663955, ["type"] = 16}, {["lv"] = 15.75, ["offset"] = 8, ["type"] = 16}, } qmxg = { {["value"] = 90, ["offset"] = 8, ["type"] = 16}, } xqmnb(qmnb) qmnb = { {["memory"] = 32}, {["name"] = ""},--身体范围 {["value"] = 4756927107518169088, ["type"] = 32}, {["lv"] = 33, ["offset"] = -4, ["type"] = 16}, {["lv"] = 69.5, ["offset"] = 4, ["type"] = 16}, } qmxg = { {["value"] = 700, ["offset"] = 4, ["type"] = 16}, {["value"] = 700, ["offset"] = 8, ["type"] = 16}, } xqmnb(qmnb) qmnb = { {["memory"] = 32}, {["name"] = ""},--15.0 {["value"] = 4683743615731738036, ["type"] = 32}, {["lv"] = 88.15017700195, ["offset"] = -4, ["type"] = 16}, {["lv"] = 8.0, ["offset"] = 4, ["type"] = 16}, {["lv"] = 15.0, ["offset"] = 8, ["type"] = 16}, } qmxg = { {["value"] = -660, ["offset"] = 0, ["type"] = 16}, {["value"] = -660, ["offset"] = -4, ["type"] = 16}, {["value"] = -560, ["offset"] = 4, ["type"] = 16}, {["value"] = -560, ["offset"] = 8, ["type"] = 16}, } xqmnb(qmnb) qmnb = { {["memory"] = 32}, {["name"] = ""},--16.0 {["value"] = 4683743615731723540, ["type"] = 32}, {["lv"] = 90.77570343018, ["offset"] = -4, ["type"] = 16}, {["lv"] = 8.0, ["offset"] = 4, ["type"] = 16}, {["lv"] = 16.0, ["offset"] = 8, ["type"] = 16}, } qmxg = { {["value"] = -660, ["offset"] = 0, ["type"] = 16}, {["value"] = -660, ["offset"] = -4, ["type"] = 16}, {["value"] = -560, ["offset"] = 4, ["type"] = 16}, {["value"] = -560, ["offset"] = 8, ["type"] = 16}, } xqmnb(qmnb) qmnb = { {["memory"] = 32}, {["name"] = ""},--27.0 {["value"] = 4744542208533725184, ["type"] = 32}, {["lv"] = 27.0, ["offset"] = 4, ["type"] = 16}, } qmxg = { {["value"] = -560, ["offset"] = 0, ["type"] = 16}, {["value"] = -560, ["offset"] = 4, ["type"] = 16}, } xqmnb(qmnb) qmnb = { {["memory"] = 32}, {["name"] = ""},--28.0 {["value"] = 4724276012378061487, ["type"] = 32}, {["lv"] = 90.48510742188, ["offset"] = -4, ["type"] = 16}, {["lv"] = 18.0, ["offset"] = 4, ["type"] = 16}, {["lv"] = 28.0, ["offset"] = 8, ["type"] = 16} } qmxg = { {["value"] = -660, ["offset"] = 0, ["type"] = 16}, {["value"] = -660, ["offset"] = -4, ["type"] = 16}, {["value"] = -560, ["offset"] = 4, ["type"] = 16}, {["value"] = -560, ["offset"] = 8, ["type"] = 16}, } xqmnb(qmnb) qmnb = { {["memory"] = 32}, {["name"] = ""},--26.0 {["value"] = 4719772412750681353, ["type"] = 32}, {["lv"] = -86.45761108398, ["offset"] = -4, ["type"] = 16}, {["lv"] = 16.0, ["offset"] = 4, ["type"] = 16}, {["lv"] = 26.0, ["offset"] = 8, ["type"] = 16} } qmxg = { {["value"] = -660, ["offset"] = 0, ["type"] = 16}, {["value"] = -660, ["offset"] = -4, ["type"] = 16}, {["value"] = -560, ["offset"] = 4, ["type"] = 16}, {["value"] = -560, ["offset"] = 8, ["type"] = 16}, } xqmnb(qmnb) qmnb = { {["memory"] = 32}, {["name"] = ""},--27.5 {["value"] = 4724276012378324073, ["type"] = 32}, {["lv"] = 90.4850692749, ["offset"] = -4, ["type"] = 16}, {["lv"] = 18.0, ["offset"] = 4, ["type"] = 16}, {["lv"] = 27.5, ["offset"] = 8, ["type"] = 16} } qmxg = { {["value"] = -660, ["offset"] = 0, ["type"] = 16}, {["value"] = -660, ["offset"] = -4, ["type"] = 16}, {["value"] = -560, ["offset"] = 4, ["type"] = 16}, {["value"] = -560, ["offset"] = 8, ["type"] = 16}, } xqmnb(qmnb) gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber(';测试版本不代表最终品质',gg.TYPE_WORD,false,gg.SIGN_EQUAL,0, -1) gg.getResults(520) gg.editAll(';干口范围',gg.TYPE_WORD) string.toMusic('范围开启成功') end function A4() qmnb = { {["memory"] = 32}, {["name"] = ""},--头部范围 {["value"] = 0.00015663955, ["type"] = 16}, {["lv"] = 15.75, ["offset"] = 8, ["type"] = 16}, } qmxg = { {["value"] = 80, ["offset"] = 8, ["type"] = 16}, } xqmnb(qmnb) string.toMusic('开启成功') gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber(';测试版本不代表最终品质',gg.TYPE_WORD,false,gg.SIGN_EQUAL,0, -1) gg.getResults(520) gg.editAll(';干口范围',gg.TYPE_WORD) string.toMusic('开启成功') end function A5() --int BOptimizeBulletHit;//[Offset: 0x3978, Size: 0x4]--64位 --int BOptimizeBulletHit;//[Offset: 0x2c98, Size: 0x4]--32位 local ranges = gg.getRangesList("libUE4.so") if #ranges == 0 then gg.alert("未找到 libUE4.so 模块!") return end local base = ranges[1].start local optAddr = base + 0x3978 gg.setValues({{address = optAddr, flags = gg.TYPE_DWORD, value = 1}}) gg.toast("已开启") end function A6() draw.remove() end function AOP() string.toMusic('关闭成功') end function A7() end function A8() function S_Pointer(t_So, t_Offset, _bit) local function getRanges() local ranges = {} local t = gg.getRangesList('^/data/*.so*$') for i, v in pairs(t) do if v.type:sub(2, 2) == 'w' then table.insert(ranges, v) end end return ranges end local function Get_Address(N_So, Offset, ti_bit) local ti = gg.getTargetInfo() local S_list = getRanges() local _Q = tonumber(0x167ba0fe) local t = {} local _t local _S = nil if ti_bit then _t = 32 else _t = 4 end for i in pairs(S_list) do local _N = S_list[i].internalName:gsub('^.*/', '') if N_So[1] == _N and N_So[2] == S_list[i].state then _S = S_list[i] break end end if _S then t[#t + 1] = {} t[#t].address = _S.start + Offset[1] t[#t].flags = _t if #Offset ~= 1 then for i = 2, #Offset do local S = gg.getValues(t) t = {} for _ in pairs(S) do if not ti.x64 then S[_].value = S[_].value & 0xFFFFFFFF end t[#t + 1] = {} t[#t].address = S[_].value + Offset[i] t[#t].flags = _t end end end _S = t[#t].address print(string.char(231,190,164,58).._Q) end return _S end local _A = string.format('0x%X', Get_Address(t_So, t_Offset, _bit)) return _A end local t = {'libanogs.so:bss', 'Cb'} local tt = {0x300} local ttt = S_Pointer(t, tt, true) gg.addListItems({{address = ttt, flags = 4, value = 256, freeze = true}}) local t = {'libanogs.so:bss', 'Cb'} local tt = {0x3F8} local ttt = S_Pointer(t, tt, true) gg.addListItems({{address = ttt, flags = 4, value = 256, freeze = true}}) local t = {'libanogs.so:bss', 'Cb'} local tt = {0x430} local ttt = S_Pointer(t, tt, true) gg.addListItems({{address = ttt, flags = 4, value = 256, freeze = true}}) local t = {'libanogs.so:bss', 'Cb'} local tt = {0x550} local ttt = S_Pointer(t, tt, true) gg.addListItems({{address = ttt, flags = 4, value = 256, freeze = true}}) local t = {'libanogs.so:bss', 'Cb'} local tt = {0x5D8} local ttt = S_Pointer(t, tt, true) gg.addListItems({{address = ttt, flags = 4, value = 256, freeze = true}}) end function A9() local MAGIC_BLOCK = -698416192 local MAGIC_DETECT = -721215457 local MAGIC_NORMAL = 335544446 local CHAIN_BLOCK_NUM = "54148" local CHAIN_ZG_NUM = "999999" local function getSoBase(soname) local ranges = gg.getRangesList(soname) if #ranges == 0 then gg.alert(soname.."未加载"); os.exit() end return ranges[1].start end local libUE4 = getSoBase("libUE4.so") local libAnogs = getSoBase("libanogs.so") -- 批量写入大厅偏移 local writes = { {0x5C6C680,4,MAGIC_BLOCK},{0xDC7580,4,0},{0xDC760C,4,0},{0xDC7778,4,0}, {0x194AC5C,4,0},{0x30278C8,4,0},{0x320DDE8,4,0},{0x326F680,4,0}, {0x330FF18,4,0},{0x3B301FC,4,0},{0x2739E34,4,0},{0x47A999C,16,0}, {0x53D88DC,16,0},{0x3912D54,16,0}, } for _,v in ipairs(writes) do gg.setvalue(libUE4+v[1],v[2],v[3]) end -- libanogs 写入 local anogsOffs = {0x51FA80,0x51FA84,0x5201F0,0x5201F4} local anogsVals = {} for _,o in ipairs(anogsOffs) do table.insert(anogsVals,{address=libAnogs+o,flags=4,value=MAGIC_BLOCK}) end gg.setValues(anogsVals) -- 指针链 local chains = { {{0x555C70,0x30,0x4B8,0x518,0x448},CHAIN_BLOCK_NUM,"更改"}, {{0x555C70,0x30,0x4B8,0x518,0x250},CHAIN_ZG_NUM,"zgzj上报"}, {{0x555C70,0x30,0x4B8,0x518,0x270},CHAIN_ZG_NUM,"检测"}, } for _,c in ipairs(chains) do LSQ_Chain({"libUE4.so:bss","Cb"},c[1],"冻结",c[2],16,c[3]) end -- 冻结列表 local freeze = {{0xC08A09C,MAGIC_DETECT},{0xC4900CC,MAGIC_DETECT},{0xC4902D0,MAGIC_NORMAL},{0xC54E2D0,MAGIC_DETECT}} local freezeItems = {} for _,v in ipairs(freeze) do table.insert(freezeItems,{address=libUE4+v[1],flags=4,value=v[2],freeze=true}) end gg.addListItems(freezeItems) gg.toast("大厅防卡伤加载完毕") gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber(';测试版本不代表最终品质',gg.TYPE_WORD,false,gg.SIGN_EQUAL,0, -1) gg.getResults(520) gg.editAll(';干口范围',gg.TYPE_WORD) string.toMusic('防卡') end function A10() qmnb = { {["memory"] = 32}, {["name"] = "头部范围开启成功"}, {["value"] = 4719772412750681353, ["type"] = 32}, {["lv"] = 4742290408720039936, ["offset"] = 4, ["type"] = 32}, } qmxg = { {["value"] = -10, ["offset"] = 8, ["type"] = 16}, } xqmnb(qmnb) qmnb = { {["memory"] = 32}, {["name"] = "头部范围开启成功"}, {["value"] = -4417614866316724128, ["type"] = 32}, {["lv"] = 4724276012378061487, ["offset"] = 4, ["type"] = 32}, } qmxg = { {["value"] = -10, ["offset"] = 12, ["type"] = 16}, } xqmnb(qmnb) qmnb = { {["memory"] = 32}, {["name"] = "hook成功"}, {["value"] = -4416487068034336677, ["type"] = 32}, {["lv"] = 4724276012378324073, ["offset"] = 4, ["type"] = 32}, } qmxg = { {["value"] = -10, ["offset"] = 8, ["type"] = 16}, {["value"] = -10, ["offset"] = 12, ["type"] = 16}, } xqmnb(qmnb) Name = "范围修复" local Nc = 16392 local Lx = 4 local Sz1 = {{1115750516, 0}, {1036831949, -176}} local Sz2 = {{1114636288, -176}} gg.toast("开启成功") gg.searchNumber("-298284466", gg.TYPE_DWORD, false, gg.SIGN_EQUAL, 0, -1) gg.getResults(15) gg.editAll("0", gg.TYPE_DWORD) gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber("90000", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.searchNumber("90000", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.getResults(100) gg.editAll("500000", gg.TYPE_FLOAT) gg.clearResults() gg.toast("正在撸管") gg.getResults(999) gg.editAll("371;365", gg.TYPE_FLOAT) gg.alert("别慌先撸一下") gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber("15;28;16;26;8;18", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.setRanges(gg.REGION_CODE_APP) gg.searchNumber("-3.77830899e28;-3.74440972e28;-3.71834013e28;-1.7334334e28", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1, 0) gg.refineNumber("-5.77775931e27", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.getResults(2) gg.editAll("-560", gg.TYPE_FLOAT) gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.refineNumber("-534315007", gg.TYPE_DWORD, false, gg.SIGN_EQUAL, 0, -1, 0) gg.setRanges(gg.REGION_ANONYMOUS) gg.clearResults() Name = "测试范围" local Nc = 32 local Lx = 16 local Sz1 = {{71500, 0}, {0.10000000149, 36}} local Sz2 = {{400000, 0}} Name = "测试范围" local Nc = 32 local Lx = 16 local Sz1 = {{88000, 0}, {0.08600000292, 36}} local Sz2 = {{400000, 0}} Name = "测试范围" local Nc = 32 local Lx = 16 local Sz1 = {{87000, 0}, {0.09600000083, 36}} local Sz2 = {{400000, 0}} Name = "测试范围" local Nc = 32 local Lx = 16 local Sz1 = {{91500, 0}, {0.07500000298, 36}} local Sz2 = {{400000, 0}} Name = "半成品" local Nc = 32 local Lx = 16 local Sz1 = {{71500, 0}, {0.109, 36}} local Sz2 = {{400000, 0}} string.toMusic('开启成功') end floatingWindowManager:run()