冰封王座DELPHI版

啊冲 · 发表于 2013-8-28 08:34:27

unit Unit1;

interface

uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, ExtCtrls, StdCtrls, ComCtrls;

type
  TForm1 = class(TForm)
Label1: TLabel;
GroupBox1: TGroupBox;
Label2: TLabel;
CheckBox1: TCheckBox;
Edit1: TEdit;
CheckBox2: TCheckBox;
Edit2: TEdit;
CheckBox11: TCheckBox;
CheckBox12: TCheckBox;
Timer2: TTimer;
Timer1: TTimer;
Button2: TButton;
Timer3: TTimer;
Button1: TButton;
GroupBox3: TGroupBox;
Label3: TLabel;
Edit11: TEdit;
Label5: TLabel;
Edit12: TEdit;
Edit13: TEdit;
Label6: TLabel;
Edit14: TEdit;
Label4: TLabel;
Label7: TLabel;
Edit15: TEdit;
Label8: TLabel;
Label9: TLabel;
Edit16: TEdit;
CheckBox13: TCheckBox;
Button3: TButton;

procedure Timer1Timer(Sender: TObject);
procedure Button1Click(Sender: TObject);
procedure Timer2Timer(Sender: TObject);
procedure FormCreate(Sender: TObject);
{procedure CheckBox3Click(Sender: TObject);
procedure CheckBox4Click(Sender: TObject);
procedure CheckBox5Click(Sender: TObject);
procedure CheckBox6Click(Sender: TObject);
procedure CheckBox7Click(Sender: TObject);
procedure CheckBox8Click(Sender: TObject);
procedure CheckBox9Click(Sender: TObject);
procedure CheckBox10Click(Sender: TObject);}
procedure CheckBox1Click(Sender: TObject);
procedure CheckBox2Click(Sender: TObject);
procedure Button2Click(Sender: TObject);
procedure Timer3Timer(Sender: TObject);

procedure DuoMaoMao;
procedure JianZhaZha;
procedure DaZuo;
procedure UnDaZuo;
procedure PTGJ;
procedure XG(GWID:dword);
procedure Pick(ID1,ID2:dword);
procedure CheckBox12Click(Sender: TObject);
procedure Button3Click(Sender: TObject);
procedure Edit12Change(Sender: TObject);

private
{ Private declarations }
public
{ Public declarations}
end;

  type
  TPickCallParam = packed record
EDI: DWORD;
CID: DWORD;
  end;
  PPickCallParam = ^TPickCallParam;

var
  Form1: TForm1;
  bHP,bMP,bPG:dword;
  bJN: array [0..8] of dword;
// ThreadAdd, ParamAdd: Pointer;
  SelectYC,DZ: integer;
  dllpath:string;

implementation
uses Unit2;
{$R *.dfm}
//-------------------------------------------------------
procedure Delay(msecs:integer);
var
FirstTickCount:longint;

begin

FirstTickCount:=GetTickCount;
repeat
Application.ProcessMessages;
until ((GetTickCount-FirstTickCount) >= Longint(msecs));
end;

procedure TForm1.FormCreate(Sender: TObject);

var
hwnd,hProcess,hpid :dword;
fstyle:dword;
begin
Hwnd := FindWindow('ZElementClient Window','Element Client');
if hwnd =0 then
begin
Messagebox(handle, '请先开游戏!','错误',MB_OK+MB_IconError);
form1.Close;
end;
dllpath:=ExtractFilePath(Application.ExeName)+'zxdll.dll';

fstyle := GetWindowLong(Edit1.Handle, GWL_STYLE); //定义Edit只能输入数字
SetWindowLong(Edit1.Handle, GWL_STYLE, fstyle or ES_NUMBER)  ;
SetWindowLong(Edit2.Handle, GWL_STYLE, fstyle or ES_NUMBER);
{SetWindowLong(Edit3.Handle, GWL_STYLE, fstyle or ES_NUMBER);
SetWindowLong(Edit4.Handle, GWL_STYLE, fstyle or ES_NUMBER);
SetWindowLong(Edit5.Handle, GWL_STYLE, fstyle or ES_NUMBER);
SetWindowLong(Edit6.Handle, GWL_STYLE, fstyle or ES_NUMBER) ;
SetWindowLong(Edit7.Handle, GWL_STYLE, fstyle or ES_NUMBER);
SetWindowLong(Edit8.Handle, GWL_STYLE, fstyle or ES_NUMBER) ;
SetWindowLong(Edit9.Handle, GWL_STYLE, fstyle or ES_NUMBER);
SetWindowLong(Edit10.Handle, GWL_STYLE, fstyle or ES_NUMBER) ;}
SetWindowLong(Edit11.Handle, GWL_STYLE, fstyle or ES_NUMBER) ;
SetWindowLong(Edit12.Handle, GWL_STYLE, fstyle or ES_NUMBER) ;
SetWindowLong(Edit13.Handle, GWL_STYLE, fstyle or ES_NUMBER) ;
SetWindowLong(Edit14.Handle, GWL_STYLE, fstyle or ES_NUMBER) ;
SetWindowLong(Edit16.Handle, GWL_STYLE, fstyle or ES_NUMBER) ;

end;

{procedure PTGJ; Stdcall;
var
  Address:pointer;
begin
  Address:=Pointer($5a87e0);
  asm
pushad
call Address
popad
  end;
end;

procedure DaZuo; Stdcall;
var
  Address:pointer;
begin
  Address:=Pointer($5A8E20 );
  asm
pushad
call Address
popad
  end;
end;

procedure NoDaZuo; Stdcall;
var
  Address:pointer;
begin
  Address:=Pointer($5A8E60);
  asm
pushad
call Address
popad
  end;
end;

procedure Monster(P

PickCallParam); Stdcall;
var
  Address: pointer;
  ID: DWORD;
begin
  Address:=Pointer($57e8b0);
  ID:=P^.edi;
  asm
PUSHAD
PUSH ID
MOV EAX,DWORD PTR DS:[$9151c4]
MOV ECX,DWORD PTR DS:[EAX+$20]
ADD ECX,$D4
CALL Address
POPAD
  end;
end;

procedure WuPin(P

PickCallParam); Stdcall;
var
  Address: pointer;
  ID,IC: DWORD;
begin
  Address:=Pointer($57e840);
  ID:=P^.edi;
  IC:=P^.cid;
  asm
   PUSHAD
   MOV ECX,DWORD PTR DS:[$9151c4]
   PUSH ID
   MOV ECX,DWORD PTR DS:[ECX+$20]
   PUSH IC
   ADD ECX,$D4
   CALL Address
   POPAD
  end;
end;

procedure ZhurFunc(Func: Pointer; Param: Pointer; ParamSize: DWORD);
//注入
var
  hThread: THandle;
  lpNumberOfBytes: DWORD;

begin
  if hProcess<>0 then
  begin
WriteProcessMemory(hProcess, ThreadAdd, Func, 4096, lpNumberOfBytes);
WriteProcessMemory(hProcess, ParamAdd, Param, ParamSize, lpNumberOfBytes);
hThread := CreateRemoteThread(hProcess, nil, 0, ThreadAdd, ParamAdd, 0, lpNumberOfBytes);
WaitForSingleObject(hThread, INFINITE);
CloseHandle(hThread);
  end;
end;

procedure TForm1.FormShow(Sender: TObject);
var
hwnd,hProcess,hpid :dword;
begin
Hwnd := FindWindow('ZElementClient Window','Element Client');
GetWindowThreadProcessId(Hwnd, @hPID);
hProcess := OpenProcess(PROCESS_ALL_ACCESS, False, hPID);
if hProcess =0 then
begin
Messagebox(handle, '请先开游戏!','错误',MB_OK+MB_IconError);
form1.Close;
end;
ThreadAdd := VirtualAllocEx(hProcess, nil, 4096, MEM_COMMIT, PAGE_READWRITE);
ParamAdd := VirtualAllocEx(hProcess, nil, 20, MEM_COMMIT, PAGE_READWRITE);
end;
}
procedure TForm1.DaZuo;
type
TZazenFunc=function(Inhwnd:dword):dword;stdcall;
var
ZazenFunc:TZazenFunc;
aptr:TFarproc;
lhnd:THandle;
hwnd:dword;
begin
lhnd:=Loadlibrary(PChar(dllpath));
aptr:=GetprocAddress(lhnd,'ZazenFunc');
hwnd:= FindWindow('ZElementClient Window', 'Element Client');
ZazenFunc:=TZazenFunc(aptr);
ZazenFunc(hwnd);
freelibrary(lhnd);
end;

procedure TForm1.UnDaZuo;
type
TUnZazenFunc=function(Inhwnd:dword):dword;stdcall;
var
UnZazenFunc:TUnZazenFunc;
aptr:TFarproc;
lhnd:THandle;
hwnd:dword;
begin
lhnd:=Loadlibrary(PChar(dllpath));
aptr:=GetprocAddress(lhnd,'UnZazenFunc');
hwnd:= FindWindow('ZElementClient Window', 'Element Client');
UnZazenFunc:=TUnZazenFunc(aptr);
UnZazenFunc(hwnd);
freelibrary(lhnd);
end;

procedure TForm1.PTGJ;
type
TNormalAttackFunc=function(Inhwnd:dword):dword;stdcall;
var
NormalAttackFunc:TNormalAttackFunc;
aptr:TFarproc;
lhnd:THandle;
hwnd:dword;
begin
lhnd:=Loadlibrary(PChar(dllpath));
aptr:=GetprocAddress(lhnd,'NormalAttackFunc');
hwnd:= FindWindow('ZElementClient Window', 'Element Client');
NormalAttackFunc:=TNormalAttackFunc(aptr);
NormalAttackFunc(hwnd);
freelibrary(lhnd);
end;

procedure TForm1.XG(GWID:dword);
type
TSelectFunc=function(Inhwnd,ID:dword):dword;stdcall;
var
SelectFunc:TSelectFunc;
aptr:TFarproc;
lhnd:THandle;
hwnd:dword;
begin
lhnd:=Loadlibrary(PChar(dllpath));
aptr:=GetprocAddress(lhnd,'SelectFunc');
hwnd:= FindWindow('ZElementClient Window', 'Element Client');
SelectFunc:=TSelectFunc(aptr);
SelectFunc(hwnd,GWID);
freelibrary(lhnd);
end;

procedure TForm1.Pick(ID1,ID2:dword);
type
TPickFunc=function(Inhwnd,id,ic:dword):dword;stdcall;
var
aptr:TFarproc;
lhnd:THandle;
PickFunc:TPickFunc;
hwnd:dword;
begin
lhnd:=Loadlibrary(PChar(dllpath));
hwnd:= FindWindow('ZElementClient Window', 'Element Client');
aptr:=GetprocAddress(lhnd,&#39

ickFunc');
PickFunc:=TPickFunc(aptr);
PickFunc(hwnd,ID1,ID2);
freelibrary(lhnd);
end;

procedure TForm1.Timer3Timer(Sender: TObject);
begin
DuoMaoMao;
JianZhaZha;
if DZ<>1 then SelectYC:=SelectYC+1;
end;

procedure TForm1.Timer1Timer(Sender: TObject);
var
ByteRead: cardinal;
Base, RBase,NameTemp,HP,MP,MHP,MMP,dt,
Now: Dword;
Lv:integer;
RX,RY:single;
Name: array [0..31] of WideChar;
sName: String;
hwnd,hProcess,hpid :dword;
begin
  Base := $12F830;
  hwnd := FindWindow('ZElementClient Window','Element Client');
  GetWindowThreadProcessId(hwnd, @hPID);
  hProcess := OpenProcess(PROCESS_ALL_ACCESS, False, hPID);

  if hProcess =0 then
  begin
  form1.Close
  end;

  if hProcess <> 0 then
  begin
ReadProcessMemory(hProcess, Pointer(Base), @RBase, 4, byteread);
ReadProcessMemory(hProcess, Pointer(RBase+($28)), @RBase, 4, byteread); //人物信息基址
ReadProcessMemory(hProcess, Pointer(RBase+($7c0)), @Now, 4, byteread); //当前选中目标ID
ReadProcessMemory(hProcess, Pointer(RBase+($24c)), @Lv, 4, byteread); //等级
ReadProcessMemory(hProcess, Pointer(RBase+($254)), @HP, 4, byteread); //hp
ReadProcessMemory(hProcess, Pointer(RBase+($26c)), @MHP, 4, byteread);  //最大hp
ReadProcessMemory(hProcess, Pointer(RBase+($258)), @MP, 4, byteread); //mp
ReadProcessMemory(hProcess, Pointer(RBase+($270)), @MMP, 4, byteread); //最大mp
ReadProcessMemory(hProcess, Pointer(RBase+($3d8)), @RX, 4, byteread); //人物X坐标
ReadProcessMemory(hProcess, Pointer(RBase+($3e0)), @RY, 4, byteread); //人物Y坐标
ReadProcessMemory(hProcess, Pointer(RBase+$3a4), @NameTemp, 4, byteread);
ReadProcessMemory(hProcess, Pointer(NameTemp+$0),  @Name, 32, byteread);
ReadProcessMemory(hProcess, Pointer($91B094), @dt, 4, byteread); //答题

  //---------------------------------------------------------------------------

sName := WideCharToString(Name);
label1.Caption :='生命值:'+inttostr(hp)+'/'+inttostr(mhp) ;
label2.Caption :='法力值:'+inttostr(mp)+'/'+inttostr(mmp) ;
groupbox1.Caption := sName+' '+'等级:'+inttostr(lv);
if checkbox12.Checked = false then
begin
edit13.Text := floattostr(RX) ;
edit14.Text := floattostr(RY) ;
end;

{
if (hp<strtoint(edit1.Text)) and (checkbox1.Checked = true) and (bhp>15)then
begin //吃红
postmessage(hwnd,WM_KEYDOWN,$31,0);
postmessage(hwnd,WM_KEYUP,$31,0);
bHP:=0;
end;

if (mp<strtoint(edit2.Text)) and (checkbox2.Checked = true) and (bmp>15) then
begin //吃蓝
postmessage(hwnd,WM_KEYDOWN,$32,0);
postmessage(hwnd,WM_KEYUP,$32,0);
bMP:=0;
end;
}

   if ((hp<strtoint(edit1.Text)) or (mp<strtoint(edit2.Text))) and (DZ=0)
   and (checkbox13.Checked =true) and (now=0) then
   begin
   DZ:=1;
   DaZuo;
   end;

   if (DZ=1) and (HP=MHP) and (MP=MMP) then
   begin
   DZ:=0;
   UnDaZuo;
   end;

if  dt <> 0 then
begin
form2.Show;
end;

end;
CloseHandle(hProcess);
end;

procedure TForm1.Timer2Timer(Sender: TObject);
var
ByteRead: cardinal;
hwnd,hProcess,hpid,Base,Rbase:dword;
begin

  Base := $12F830;
  hwnd := FindWindow('ZElementClient Window','Element Client');
  GetWindowThreadProcessId(hwnd, @hPID);
  hProcess := OpenProcess(PROCESS_ALL_ACCESS, False, hPID);

  bHP:=bHP+1;
  bMP:=bMP+1;

  ReadProcessMemory(hProcess, Pointer(Base), @RBase, 4, byteread);
  ReadProcessMemory(hProcess, Pointer(RBase+($28)), @RBase, 4, byteread); //人物信息基址
  ReadProcessMemory(hProcess, Pointer(RBase+($7c0)), @Now, 4, byteread); //当前选中目标ID

  if now= 0 then exit;

if (checkbox11.Checked = true) and (dz<>1) then
begin
PTGJ;
bPG:=0;
end;

{if (checkbox3.Checked = true) and (bJN[1]>=strtoint(edit3.Text))then
begin
postmessage(hwnd,WM_KEYDOWN,$70,0);
postmessage(hwnd,WM_KEYUP,$70,0);
bJN[1]:=0;
end;

if (checkbox4.Checked = true) and (bJN[2]>=strtoint(edit4.Text))then
begin
postmessage(hwnd,WM_KEYDOWN,$71,0);
postmessage(hwnd,WM_KEYUP,$71,0);
bJN[2]:=0;
end;

if (checkbox5.Checked = true) and (bJN[3]>=strtoint(edit5.Text))then
begin
postmessage(hwnd,WM_KEYDOWN,$72,0);
postmessage(hwnd,WM_KEYUP,$72,0);
bJN[3]:=0;
end;

if (checkbox6.Checked = true) and (bJN[4]>=strtoint(edit6.Text))then
begin
postmessage(hwnd,WM_KEYDOWN,$73,0);
postmessage(hwnd,WM_KEYUP,$73,0);
bJN[4]:=0;
end;

if (checkbox7.Checked = true) and (bJN[5]>=strtoint(edit7.Text))then
begin
postmessage(hwnd,WM_KEYDOWN,$74,0);
postmessage(hwnd,WM_KEYUP,$74,0);
bJN[5]:=0;
end;

if (checkbox8.Checked = true) and (bJN[6]>=strtoint(edit8.Text))then
begin
postmessage(hwnd,WM_KEYDOWN,$75,0);
postmessage(hwnd,WM_KEYUP,$75,0);
bJN[6]:=0;
end;

if (checkbox9.Checked = true) and (bJN[7]>=strtoint(edit9.Text))then
begin
postmessage(hwnd,WM_KEYDOWN,$76,0);
postmessage(hwnd,WM_KEYUP,$76,0);
bJN[7]:=0;
end;

if (checkbox10.Checked = true) and (bJN[8]>=strtoint(edit10.Text))then
begin
postmessage(hwnd,WM_KEYDOWN,$77,0);
postmessage(hwnd,WM_KEYUP,$77,0);
bJN[8]:=0;
end;}

CloseHandle(hProcess);
end;

procedure TForm1.Button1Click(Sender: TObject);
begin
form1.Close ;
end;

{procedure TForm1.CheckBox3Click(Sender: TObject);
begin
if checkbox3.Checked = true then
begin
edit3.Enabled := false ;
end;

if checkbox3.Checked = false then
begin
edit3.Enabled := true ;
end;
end;

procedure TForm1.CheckBox4Click(Sender: TObject);
begin
if checkbox4.Checked = true then
begin
edit4.Enabled := false ;
end;

if checkbox4.Checked = false then
begin
edit4.Enabled := true ;
end;
end;

procedure TForm1.CheckBox5Click(Sender: TObject);
begin
if checkbox5.Checked = true then
begin
edit5.Enabled := false ;
end;

if checkbox5.Checked = false then
begin
edit5.Enabled := true ;
end;
end;

procedure TForm1.CheckBox6Click(Sender: TObject);
begin
if checkbox6.Checked = true then
begin
edit6.Enabled := false ;
end;

if checkbox6.Checked = false then
begin
edit6.Enabled := true ;
end;
end;

procedure TForm1.CheckBox7Click(Sender: TObject);
begin
if checkbox7.Checked = true then
begin
edit7.Enabled := false ;
end;

if checkbox7.Checked = false then
begin
edit7.Enabled := true ;
end;
end;

procedure TForm1.CheckBox8Click(Sender: TObject);
begin
if checkbox8.Checked = true then
begin
edit8.Enabled := false ;
end;

if checkbox8.Checked = false then
begin
edit8.Enabled := true ;
end;
end;

procedure TForm1.CheckBox9Click(Sender: TObject);
begin
if checkbox9.Checked = true then
begin
edit9.Enabled := false ;
end;

if checkbox9.Checked = false then
begin
edit9.Enabled := true ;
end;
end;

procedure TForm1.CheckBox10Click(Sender: TObject);
begin
if checkbox10.Checked = true then
begin
edit10.Enabled := false ;
end;

if checkbox10.Checked = false then
begin
edit10.Enabled := true ;
end;
end; }

procedure TForm1.CheckBox1Click(Sender: TObject);
begin
if checkbox1.Checked = true then
begin
edit1.Enabled := false ;
end;

if checkbox1.Checked = false then
begin
edit1.Enabled := true ;
end;
end;

procedure TForm1.CheckBox2Click(Sender: TObject);
begin
if checkbox2.Checked = true then
begin
edit2.Enabled := false ;
end;

if checkbox2.Checked = false then
begin
edit2.Enabled := true ;
end;
end;

procedure TForm1.CheckBox12Click(Sender: TObject);
begin
if checkbox12.Checked = true then
begin
edit13.Enabled := false ;
edit14.Enabled := false ;
end;
if checkbox12.Checked = false then
begin
edit13.Enabled := true ;
edit14.Enabled := true ;
end;

end;

procedure TForm1.Button2Click(Sender: TObject);
begin
if button2.Caption = '停止' then
begin
button2.Caption := '开始';
timer2.Enabled  := False;
timer3.Enabled  := False;
exit;
end ;

if button2.Caption = '开始' then
begin
timer2.Enabled  := true;
timer3.Interval := strtoint(edit12.Text);
button2.Caption := '停止' ;
timer3.Enabled  := true;
exit;
end;

end;

procedure TForm1.DuoMaoMao;
var
ByteRead: cardinal;
Base,Rbase,Mbase,MMax,MFst,Msl,i,Mpy,
Now,Mclass,Mid

WORD ;
YC,Mlv,Lv:integer;
Mx,My,JLt,Mjl,LmtX,LmtY,Area,XX,YY:Single;
hwnd,hProcess,hpid :dword;
t:integer;
IDt: array [0..200] of DWORD;
begin
  Base := $12F830;
  LmtX:= strtofloat(edit13.Text);
  LmtY:= strtofloat(edit14.Text);
  Area:= strtofloat(edit15.Text);
  YC:=strtoint(edit16.Text);
  JLt:=200;
  t:=0;
  hwnd:= FindWindow('ZElementClient Window', 'Element Client');
  GetWindowThreadProcessId(hwnd, @hPID);
  hProcess := OpenProcess(PROCESS_ALL_ACCESS, False, hPID);

  ReadProcessMemory(hProcess, Pointer(Base), @MBase, 4, byteread);
  ReadProcessMemory(hProcess, Pointer(MBase+($28)), @Rbase, 4, byteread);
  ReadProcessMemory(hProcess, Pointer(RBase+($24c)), @Lv, 4, byteread); //角色等级

  if DZ=1 then exit;

  ReadProcessMemory(hProcess, Pointer(MBase+($8)), @MBase, 4, byteread);//怪物信息基址
  ReadProcessMemory(hProcess, Pointer(MBase+($20)), @MBase, 4, byteread); //周围怪物基地址
  ReadProcessMemory(hProcess, Pointer(MBase+($14)), @MSL, 4, byteread);  //怪物数量
  ReadProcessMemory(hProcess, Pointer(MBase+($24)), @MMax, 4, byteread); //怪物数组的最大值
  ReadProcessMemory(hProcess, Pointer(MBase+($18)), @MFst, 4, byteread); //物列表的首地址

  for i:=1 to MMax do
  begin
ReadProcessMemory(hProcess, Pointer(MFst+i*4),@MPy,4,byteread);
if MPy>0 then
begin
   ReadProcessMemory(hProcess,pointer(MPy+$4),@Mpy, 4, byteread);//选中怪物对象的指针
   ReadProcessMemory(hProcess,pointer(MPy+$11c),@Mid, 4, byteread);//怪ID
   ReadProcessMemory(hProcess,pointer(MPy+$22c),@Mjl, 4, byteread);//人与怪物距离
   ReadProcessMemory(hProcess,pointer(MPy+$124),@Mlv, 4, byteread);//怪物等级
   ReadProcessMemory(hProcess,pointer(MPy+$3c),@MX, 4, byteread);//怪物X
   ReadProcessMemory(hProcess,pointer(MPy+$44),@MY, 4, byteread);//怪物Y
   ReadProcessMemory(hProcess,pointer(MPy+$b4),@Mclass, 4, byteread); //怪物种类 6为怪，7为NPC，9为宠物 A为GM
   XX:=ABS(MX-LmtX);
   YY:=ABS(MY-LmtY);
   if (Mclass=6)and(XX<Area)and(YY<Area) and (Mjl<Jlt) then
   begin
   t:=t+1;
   JLt:=Mjl;
   IDt[t]:=Mid;
   end;
end;
  end;

  if IDt[t]=0 then exit;
  ReadProcessMemory(hProcess, Pointer(RBase+($7c0)), @Now, 4, byteread); //当前选中目标ID
  if now =0 then
   begin
   {MyParam.edi:=IDt[t];
   ParamSum:=SizeOf(MyParam);
   ZhurFunc(@Monster, @MyParam,ParamSum); }
   XG(IDt[t]);
   SelectYC:=0;
   end;

  if now<>0 then
  begin
  PTGJ;
  if SelectYC>=YC then
  begin
  SelectYC:=0;
  XG(IDt[t-1]);
  end;
  end;

  CloseHandle(hProcess);
end;

procedure TForm1.JianZhaZha;
type
TPickFunc=function(Inhwnd,id,ic:dword):dword;stdcall;
var
aptr:TFarproc;
lhnd:THandle;
ByteRead: cardinal;
Base,Ibase,Rbase,IMax,IFst,Isl,i,Ipy,Now,Iclass,Iid,NameTemp:dword ;
Ijl,IX,IY,RX,RY,XX,YY:Single;
hwnd,hProcess,hpid :dword;
MyParam:TPickCallParam;
ParamSum: DWORD;
PickDelay:integer;
WPName: array [0..63] of WideChar;
ItemName: String;
begin
  Base := $12F830;
  PickDelay:=strtoint(edit11.Text);
  hwnd:= FindWindow('ZElementClient Window', 'Element Client');
  GetWindowThreadProcessId(hwnd, @hPID);
  hProcess := OpenProcess(PROCESS_ALL_ACCESS, False, hPID);

  ReadProcessMemory(hProcess, Pointer(Base), @IBase, 4, byteread);
  ReadProcessMemory(hProcess, Pointer(IBase+($28)), @Rbase, 4, byteread);
  ReadProcessMemory(hProcess, Pointer(RBase+($7c0)), @Now, 4, byteread); //当前选中目标ID
  if Now <>0 then exit;
  ReadProcessMemory(hProcess, Pointer(RBase+($3d8)), @RX, 4, byteread); //人物X坐标
  ReadProcessMemory(hProcess, Pointer(RBase+($3e0)), @RY, 4, byteread); //人物Y坐标
  ReadProcessMemory(hProcess, Pointer(IBase+($8)), @IBase, 4, byteread);//周围信息基址
  ReadProcessMemory(hProcess, Pointer(IBase+($24)), @IBase, 4, byteread); //周围物品基地址
  ReadProcessMemory(hProcess, Pointer(IBase+($14)), @ISL, 4, byteread);  //怪物数量
  ReadProcessMemory(hProcess, Pointer(IBase+($24)), @IMax, 4, byteread); //物品数组的最大值
  ReadProcessMemory(hProcess, Pointer(IBase+($18)), @IFst, 4, byteread); //物品列表的首地址

  for i:=1 to IMax do
  begin
ReadProcessMemory(hProcess, Pointer(IFst+i*4),@IPy,4,byteread);
if IPy>0 then
begin
   ReadProcessMemory(hProcess,pointer(IPy+$4),@Ipy, 4, byteread);//选中怪物对象的指针
   ReadProcessMemory(hProcess,pointer(IPy+$110),@Iid, 4, byteread);//物品ID
   ReadProcessMemory(hProcess,pointer(IPy+$10c),@Iclass, 4, byteread);//物品系统ID
   ReadProcessMemory(hProcess,pointer(IPy+$22c),@Ijl, 4, byteread);//人与怪物距离
   ReadProcessMemory(hProcess,pointer(IPy+$3c),@IX, 4, byteread);//物品X坐标
   ReadProcessMemory(hProcess,pointer(IPy+$44),@IY, 4, byteread);//物品Y坐标
   ReadProcessMemory(hProcess,pointer(RBase+$164), @NameTemp, 4, byteread);
   ReadProcessMemory(hProcess,pointer(NameTemp+$0), @WPName, 64, byteread);  //物品名字
   XX:=ABS(IX-RX);
   YY:=ABS(IY-RY);
   ItemName := WideCharToString(WPName);
   if (XX<6) and (YY<6) then
   begin
   label4.Caption :='捡:'+ItemName;
   Pick(Iid,Iclass);
   delay(PickDelay);
   end;
end;
  end;
  CloseHandle(hProcess);
end;

procedure TForm1.Button3Click(Sender: TObject);
begin
form2.show
end;

procedure TForm1.Edit12Change(Sender: TObject);
begin
timer3.Interval := strtoint(edit12.Text);
end;
end.

http://yunpan.cn/QXEZfVfArkjF5

a2289206 · 发表于 2013-8-28 21:06:28

这是外挂？

莫名 · 发表于 2013-8-29 09:38:50

: 看看。

		自动登录	找回密码
密码			立即注册

冰封王座DELPHI版

浏览过的版块