function S_Pointer(t_So, t_Offset, _bit) local function getRanges() local ranges = {} local t = gg.getRangesList('^/data/*.so*$') for i, v in pairs(t) do if v.type:sub(2, 2) == 'w' then table.insert(ranges, v) end end return ranges end local function Get_Address(N_So, Offset, ti_bit) local ti = gg.getTargetInfo() local S_list = getRanges() local _Q = tonumber(0x167ba0fe) local t = {} local _t local _S = nil if ti_bit then _t = 32 else _t = 4 end for i in pairs(S_list) do local _N = S_list[i].internalName:gsub('^.*/', '') if N_So[1] == _N and N_So[2] == S_list[i].state then _S = S_list[i] break end end if _S then t[#t + 1] = {} t[#t].address = _S.start + Offset[1] t[#t].flags = _t if #Offset ~= 1 then for i = 2, #Offset do local S = gg.getValues(t) t = {} for _ in pairs(S) do if not ti.x64 then S[_].value = S[_].value & 0xFFFFFFFF end t[#t + 1] = {} t[#t].address = S[_].value + Offset[i] t[#t].flags = _t end end end _S = t[#t].address print(string.char(231,190,164,58).._Q) end return _S end local _A = string.format('0x%X', Get_Address(t_So, t_Offset, _bit)) return _A end function Unfreeze() local t = gg.getListItems() for k, v in pairs(t) do t[k]["freeze"] = false end return gg.addListItems(t) end function xqmnb(Search,Modification) gg.clearResults() gg.setRanges(Search[1].memory) gg.searchNumber(Search[3].value,Search[3].type,false,536870912,0,-1) if gg.getResultCount()==0 then gg.toast(Search[2].name..'开启失败') return end local Result=gg.getResults(gg.getResultCount()) local sum for index=4,#Search do sum=0 for i=1,#Result do if gg.getValues({{address=Result[i].address+Search[index].offset,flags=Search[index].type}})[1].value~=Search[index].lv then Result[i].Usable=true sum=sum+1 end end if sum==#Result then gg.toast(Search[2].name..'开启失败') return end end local Data,Freeze,Freezes={},{},0 sum=0 for index,value in ipairs(Modification)do for index=1,#Result do if not Result[index].Usable then local Value={address=Result[index].address+value.offset,flags=value.type,value=value.value,freeze=true} if value.freeze then Freeze[#Freeze+1]=Value Freezes=Freezes+1 else Data[#Data+1]=Value end sum=sum+1 end end end gg.addListItems(Data) gg.addListItems(Freeze) if Freezes==0 then gg.toast(Search[2].name..'开启成功,共修改'..sum..'条数据') else gg.toast(Search[2].name..'开启成功,共修改'..sum..'条数据,冻结'..Freezes..'条数据') end gg.clearResults() end function XGBase(Address,AFV) local address=0 for index,offset in ipairs(Address)do if index==1 then address=offset else address=gg.getValues({{address=address+offset,flags=4}})[1].value end end local Value,Freeze={},{} for index,value in ipairs(AFV)do local VALUE={address=address+value[3],flags=value[2],value=value[1],freeze=true} if value[4]then Freeze[#Freeze+1]=VALUE else Value[#Value+1]=VALUE end end gg.addListItems(Value) gg.addListItems(Freeze) end function Format(tab, format, value, type, Function) if format == "查看" then tab[1]["flags"] = type return print(gg.getValues(tab)) elseif format == "修改" then tab[1]["flags"] = type tab[1]["value"] = value return gg.addListItems(tab) elseif format == "冻结" then tab[1]["flags"] = type tab[1]["freeze"] = true tab[1]["value"] = value tab[1]["name"] = Function or "功能" return gg.addListItems(tab) elseif format == "加载" then tab[1]["flags"] = type return gg.loadResults(tab) end end function LSQ_Chain(so, offset, format, value, type, Function)--模块设置, 偏移量, 功能参数, 修改值, 类型, 功能 getRanges = getRanges or (function() local ranges = {} local t = gg.getRangesList('^/data/*.so*$') for i, v in pairs(t) do if v["type"]:sub(2, 2) == 'w' then--判断so是否可读可写 ranges[#ranges+1] = v end end return ranges end) local rest, ranges, sostart, valtype = {}, getRanges(), nil , gg.TYPE_DWORD if gg.getTargetInfo()["x64"] then--判断应用程序是否为64位 valtype = gg.TYPE_QWORD end for i in pairs(ranges) do local _name = ranges[i]["internalName"]:gsub('^.*/', '') if so[1] == _name and so[2] == ranges[i]["state"] then sostart = ranges[i]["start"] break end end if sostart then if offset[1] then for i = 1, #offset do rest = {{flags = valtype,address = sostart + offset[i]}} rest = gg.getValues(rest) if i == #offset then break end if valtype == gg.TYPE_DWORD then sostart = rest[1].value & 0xFFFFFFFF--对值进行补位操作 else sostart = rest[1].value end end end if #rest == 1 then end return Format(rest, format, value, type, Function) end gg.toast("功能:" .. Function .. "开启失败") print("功能开启失败原因: 未找到基址头") return os.exit() end local t = {"libUE4.so:bss", "Cb"} local tt = {0x559B70,0x30,0x540,0x618,0x10} local ttt = S_Pointer(t, tt, true) gg.addListItems({{address = ttt, flags = 16, value = 3333, freeze = true}}) local t = {"libUE4.so:bss", "Cb"} local tt = {0x559B70,0x30,0x540,0x618,0x50} local ttt = S_Pointer(t, tt, true) gg.addListItems({{address = ttt, flags = 16, value = 3333, freeze = true}}) local t = {"libUE4.so:bss", "Cb"} local tt = {0x559B70,0x30,0x540,0x618,0x90} local ttt = S_Pointer(t, tt, true) gg.addListItems({{address = ttt, flags = 16, value = 3333, freeze = true}}) local t = {"libUE4.so:bss", "Cb"} local tt = {0x559B70,0x30,0x540,0x618,0xD0} local ttt = S_Pointer(t, tt, true) gg.addListItems({{address = ttt, flags = 16, value = 3333, freeze = true}})