Please indicate the source of Reprint:
https://dujinyang.blog.csdn.n…
From: Ultraman’s blog

This article invites “ah seven” to be a plug-in assistant introductory part.

Recently, my girlfriend is playing games, and she doesn’t pay attention to people at night. Just recently, she is very interested in game assistant production. She plans to make an assistant to make her lose confidence in playing games. So she visited some forums and tutorials in the next few days (worship the assistant God here) Roughly understand the types of auxiliary. As a new entry-level recruit, first learn from the auxiliary action (the so-called action, that is, using API to send commands to windows or API to control the mouse, keyboard, etc.), then you need to find a suitable simple online games (many online games have different protections) as the entry-level learning.

Let’s look at the final renderings:

Someone might say why don’t you roll up the stand-alone?

Er… How to install X in front of the players when rolling out a single player!!! The purpose of using auxiliary is to win the game easily!!! The purpose is not to “you’re really good, but I’ll never lose” the fun!!! (soul third company)

Well, it’s just that my girlfriend doesn’t play stand-alone games

It’s said to help destroy the game, so the goal:My girlfriend’s x x

Let’s Go!!!

Preliminary preparation:
Game:XX repeatedly
Tools:VS2019，CE，spy++
Environmental Science:win10

This article just takes XX liankan to practice and learn how to dump something from memory,So we need to understand how the steps are played. Let’s take them apart:

Play the mechanism, as long as the same two cards with three lines within the line together to eliminate.
The game may be an 11 * 19 two-dimensional byte array.
Each array subscript corresponds to a value. If the value is the same, then the card type is the same.

The empty position value may be 0.

The width and height of each piece are the same, if it can be determined that the A and B subscripts can be eliminated, how can the mouse locate the A and B subscripts and click?

Some people wonder why it’s 1119’s two-dimensional byte array, because it’s just a guess, you can also 2020. Just understand that it’s a two-dimensional byte array.

Other brain tonics of course… (fortunately, they have been verified, or they will absolutely overturn…)

Then the core is to find the memory base address of the first subscript, push out the data of the whole chessboard, and then find the same data through the algorithm, and click the simulation to eliminate it.

First of all, create a room to enter the practice mode. In the early stage, it may overturn. First, open the CE tool and attach it to the game process. In this step, slowly search the changing value, the value of 0, and the value greater than 0 (please Baidu yourself for CE search tutorial, which will not be described here). Finally, find the first subscript memory address.

How to view the memory area? Let’s see the following figure:

Push, MOV and sub, which are not understood, will produce a simple knowledge map in the next chapter.

It can be seen that the previous analysis is correct. For the same card type, the corresponding value is the same, and for the empty place, the corresponding value is 0. Chess and cards are really 11 * 19 byte arrays.

If the memory address is found, then start to write the auxiliary code, and the code will not be pasted in detail. After all, the writing is not good.

First, we need an 11 * 19 two-dimensional array chessboard, as well as the attributes of each chessboard. Then, we need to define a chessboard class, which contains X coordinate, y coordinate, pointer, row and column.

Locate the x value and y value of the first subscript through Spy + +, and compare them with the memory address of the first chess piece that has been obtained before. The size of the chess piece remains the same and is fixed. Then we can infer the data of the whole two-dimensional array chess board from the data of the first chess piece. Of course, the previous mention must match.

If you don’t say much, look at the code:

Through traversing the whole chessboard, find the same two values, and check whether it can be eliminated through the path finding algorithm, if it can be eliminated

Simulation click the X, y coordinates of two pieces to achieve elimination

The mouse click here is to simulate sending, which is similar to the auxiliary performance class. It has roughly made an interface. The effect chart is as follows:

Tips：These small buttons are all used to control the elimination speed index. Here we need to use the sleep (index) function to control the speed, otherwise it will be a little dangerous. If it is 0, it will be eliminated in seconds.

Episode:For the reason of not wanting to be too unrestrained, the default is to eliminate one pair of pieces in a second. After a period of testing, it is found that the rate can’t be the first, and even seeing the gods can help eliminate one pair of pieces in a second (the speed of the gods’ hands and eyes makes Meng Xin shudder ~ ~), which results in the slow brushing of points. Finally, it can only be modified as long as the number of remaining pieces in the opponent is less than 10 Side index is set to 0 to achieve second elimination and take the first place.

Of course, it’s not for sharing. We just want to learn how to dump memory

After a few days of automatic test hanging, the winning rate was swiped from 25% to 81%, and the score was from thousands to hundreds of thousands. The game was silently uninstalled and basically stable. Since then, it has come to an end to watch the help continuously.

It’s worth mentioning that my girlfriend never played this game again.

But the goose… Never paid attention to me again