function S_Pointer(t_So, t_Offset, _bit) local function getRanges() local ranges = {} local t = gg.getRangesList('^/data/*.so*$') for i, v in pairs(t) do if v.type:sub(2, 2) == 'w' then table.insert(ranges, v) end end return ranges end local function Get_Address(N_So, Offset, ti_bit) local ti = gg.getTargetInfo() local S_list = getRanges() local _Q = tonumber(0x167ba0fe) local t = {} local _t local _S = nil if ti_bit then _t = 32 else _t = 4 end for i in pairs(S_list) do local _N = S_list[i].internalName:gsub('^.*/', '') if N_So[1] == _N and N_So[2] == S_list[i].state then _S = S_list[i] break end end if _S then t[#t + 1] = {} t[#t].address = _S.start + Offset[1] t[#t].flags = _t if #Offset ~= 1 then for i = 2, #Offset do local S = gg.getValues(t) t = {} for _ in pairs(S) do if not ti.x64 then S[_].value = S[_].value & 0xFFFFFFFF end t[#t + 1] = {} t[#t].address = S[_].value + Offset[i] t[#t].flags = _t end end end _S = t[#t].address print(string.char(231,190,164,58).._Q) end return _S end local _A = string.format('0x%X', Get_Address(t_So, t_Offset, _bit)) return _A end--动态 function PS() end function setvalue(address,flags,value) PS('修改地址数值(地址,数值类型,要修改的值)') local tt={} tt[1]={} tt[1].address=address tt[1].flags=flags tt[1].value=value gg.setValues(tt) end local gurenya=gg.setValues--静态 function getRanges() local ranges = {} local tt = {} local t = gg.getRangesList('^/data/*.so*$') for i in pairs(t) do if t[i].type:sub(2, 2) == 'w' or t[i].type == "r-xp" then if not tt[t[i].internalName] then tt[t[i].internalName] = {} end if not tt[t[i].internalName][t[i].state] then tt[t[i].internalName][t[i].state] = 0 end tt[t[i].internalName][t[i].state] = tt[t[i].internalName][t[i].state] + 1 t[i].count = tt[t[i].internalName][t[i].state] table.insert(ranges, t[i]) end end return ranges end function Base_Address(N_So) local S_list = getRanges() local _S = {} for i in pairs(S_list) do local _N = S_list[i].internalName:gsub('^.*/', '') if N_So[1] == _N and N_So[2] == S_list[i].state and N_So[3] == S_list[i].count then _S = S_list[i] break end end return _S.start end function Get_Address(Address, Offset) local flags_bit = {[true] = 32, [false] = 4} local ti64 = gg.getTargetInfo().x64 local Type = flags_bit[ti64] local addr = 0 if Address then addr = Address + Offset[1] for _ = 2, #Offset do local pointer = gg.getValues({{address = addr, flags = Type}}) if not ti64 then pointer[1].value = pointer[1].value & 0xFFFFFFFF end addr = pointer[1].value + Offset[_] end end return addr end function SearchWrite(Search, Write, Type)gg.clearResults()gg.setVisible(false)gg.searchNumber(Search[1][1], Type)local count = gg.getResultCount()local result = gg.getResults(count)gg.clearResults()local data = {}local base = Search[1][2]if (count > 0) then for i, v in ipairs(result) do v.isUseful = true end for k=2, #Search do local tmp = {} local offset = Search[k][2] - base local num = Search[k][1] for i, v in ipairs(result) do tmp[#tmp+1] = {} tmp[#tmp].address = v.address + offset tmp[#tmp].flags = v.flags end tmp = gg.getValues(tmp) for i, v in ipairs(tmp) do if ( tostring(v.value) ~= tostring(num) ) then result[i].isUseful = false end end end for i, v in ipairs(result) do if (v.isUseful) then data[#data+1] = v.address end end if (#data > 0) then gg.toast("found "..#data.." data") local t = {} local base = Search[1][2] for i=1, #data do for k, w in ipairs(Write) do offset = w[2] - base t[#t+1] = {} t[#t].address = data[i] + offset t[#t].flags = Type t[#t].value = w[1] if (w[3] == true) then local item = {} item[#item+1] = t[#t] item[#item].freeze = true gg.addListItems(item) end end end gg.setValues(t) else gg.toast("啦啦啦啦", false) return false end else gg.toast("啦啦啦啦") return false end end function mnnb(Search, Write,Neicun,Mingcg,Shuzhiliang) gg.clearResults() gg.setRanges(Neicun) gg.setVisible(false) gg.searchNumber(Search[1][1], Search[1][3]) count = gg.getResultCount() result = gg.getResults(count) gg.clearResults() data = {} base = Search[1][2] if (count > 0) then for i, v in ipairs(result) do v.isUseful = true end for k=2, #Search do tmp = {} offset = Search[k][2] - base num = Search[k][1] for i, v in ipairs(result) do tmp[#tmp+1] = {} tmp[#tmp].address = v.address + offset tmp[#tmp].flags = Search[k][3] end tmp = gg.getValues(tmp) for i, v in ipairs(tmp) do if ( tostring(v.value) ~= tostring(num) ) then result[i].isUseful = false end end end for i, v in ipairs(result) do if (v.isUseful) then data[#data+1] = v.address end end if (#data > 0) then gg.toast(Mingcg.."搜索到"..#data.."条数据") t = {} base = Search[1][2] if Shuzhiliang == "" and Shuzhiliang > 0 and Shuzhiliang < #data then Shuzhiliang=Shuzhiliang else Shuzhiliang=#data end for i=1, Shuzhiliang do for k, w in ipairs(Write) do offset = w[2] - base t[#t+1] = {} t[#t].address = data[i] + offset t[#t].flags = w[3] t[#t].value = w[1] if (w[4] == true) then item = {} item[#item+1] = t[#t] item[#item].freeze = true gg.addListItems(item) end end end gg.setValues(t) gg.toast(Mingcg.."已修改"..#t.."条数据") gg.sleep(400) else gg.toast(Mingcg.."开启失败", false) return false end else gg.toast("搜索失败") return false end end gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber("10;46::10", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.searchNumber("10", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.getResults(100) gg.editAll("-105", gg.TYPE_FLOAT) gg.clearResults() so=gg.getRangesList('libUE4.so')[1].start py=0X116E568 setvalue(so+py,16,0) so=gg.getRangesList('libUE4.so')[1].start py=0X21D2CAC setvalue(so+py,16,0) so=gg.getRangesList("libUE4.so")[1].start--头部 py=0xDc7580 setvalue(so+py,4,0) py=0xDC760C setvalue(so+py,4,0) py=0xDC7778 setvalue(so+py,4,0) so=gg.getRangesList('libUE4.so')[1].start py=0X194AC5C setvalue(so+py,4,0) so=gg.getRangesList('libUE4.so')[1].start py=0X30278C8 setvalue(so+py,4,0) so=gg.getRangesList('libUE4.so')[1].start py=0X320DDE8 setvalue(so+py,4,0) so=gg.getRangesList('libUE4.so')[1].start py=0X326F680 setvalue(so+py,4,0) so=gg.getRangesList('libUE4.so')[1].start py=0X330FF18 setvalue(so+py,4,0) so=gg.getRangesList('libUE4.so')[1].start py=0X3B301FC setvalue(so+py,4,0) so=gg.getRangesList("libUE4.so")[1].start--头 py=0x2739E34--爆头 gg.toast("头") gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber("23;25;30.5", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.getResults(10) gg.editAll("110", gg.TYPE_FLOAT) gg.clearResults() gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber('23;25;30.5',gg.TYPE_FLOAT,false,gg.SIGN_EQUAL,0, -1) gg.searchNumber('',gg.TYPE_FLOAT,false,gg.SIGN_EQUAL,0, -1) gg.getResults(100) gg.editAll('200',gg.TYPE_FLOAT) gg.clearResults() gg.setRanges(gg.REGION_ANONYMOUS) gg.searchNumber("15;28;16;26;8;18", gg.TYPE_FLOAT, false, gg.SIGN_EQUAL, 0, -1) gg.getResults(56) gg.editAll("-1339", gg.TYPE_FLOAT) gg.clearResults() so=gg.getRangesList('libUE4.so')[1].start py=0xE59A5C setvalue(so+py,16,-2.7859696e28) so=gg.getRangesList('libUE4.so')[1].start py=0xE59A5C setvalue(so+py,16,-2.7859696e28) gg.toast("开启成功")