0

我在这部分有点挣扎......我想在 CE 中做到这一点!(在我的 c# 应用程序中读取值 20)

CE - 指针

但是我的代码不起作用...

[DllImport("kernel32.dll")]
        public static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, int dwSize, ref IntPtr lpNumberOfBytesRead);

public int ReadInt32(IntPtr address, int[] pointers)
{
    /* FOR REFERENCE ONLY! PSEUDO-CODE
        ReadProcessMemory(..., ModuleBaseAddress + 0x010F418, Temporary, ..., ...); // -> 0x02A917F8
        ReadProcessMemory(..., 0x02A917F8+0x48, Temporary,  .....,.); // -> 0x02A9A488
        [02A9A488] = 20
     */

    IntPtr bytesRead = IntPtr.Zero;
    byte[] _buff = new byte[sizeof(int)]; 
    int offIndex = 0;
    IntPtr finalval = address;
    Console.WriteLine("[BASE] {0:x}", (int)address);
    foreach(int PointerOffs in pointers)
    {
        ReadProcessMemory(hProcess, address, _buff, _buff.Length, ref bytesRead);
        finalval += pointers[offIndex];

        Console.WriteLine("[Curr ADDRESS] {0:x}", finalval);
        offIndex++;
    }

    return BitConverter.ToInt32(_buff, 0);
}

这就是我访问该方法的方式:

 int currAmmo = (int) pReader.ReadInt32((IntPtr)LocalPlayer.BaseAddress, LocalPlayer.oMGAmmo);
            Console.Write("[AMMO] {0}\n", currAmmo);

输出

4

1 回答 1

0

您的功能有足够的问题需要更换,我试图修复它,但重新开始更容易。通过使用前增量而不是后增量,您将在添加理想的偏移量之前取消引用第一个指针。

public static int ReadInt32(IntPtr hProc, IntPtr ptr, int[] offsets)
{
    IntPtr addr = ptr;
    var buffer = new byte[4];

    for (int i = 0; i < offsets.Length; ++i)
    {
        ReadProcessMemory(hProc, addr, buffer, buffer.Length, out var read1);
        addr = IntPtr.Add(new IntPtr(BitConverter.ToInt32(buffer, 0)), offsets[i]);
    }

    ReadProcessMemory(hProc, addr, buffer, 4, out var read);

    return BitConverter.ToInt32(buffer, 0);

}

我今天学习 C# 就是为了回答这个问题 :)

于 2019-05-26T01:05:19.353 回答