热门标签
热门文章
- 1排序进阶----快速排序
- 2Windows 7 开始菜单中没有运行,怎么让运行显示出来?_显示开始运行
- 3Spring Boot + Mybatis Plus实现登录注册_spring boot mybatisplus 登录
- 4从零手写实现 nginx-20-placeholder 占位符 $
- 5阿里云部署cobal strike无法上线/连接解决方法_cobalt strike server 架设在公网为什么不能直接连接
- 6__declspec(dllexport) lib中未导出_深入理解Sqoop的导入与导出—文末赠书
- 7YOLOv3 深入解析:使用C++实现目标检测_yolo c++
- 8计数器简介以及FPGA实现_fpga计数器
- 9关于PC客户端软件开发的一些思考_电脑客户端开发软件
- 10自动驾驶主流芯片及平台架构(一)_自动驾驶 gpu fpga
当前位置: article > 正文
python修改植物大战僵尸阳光值_python 植物大战僵尸 锁死阳光
作者:weixin_40725706 | 2024-06-26 21:58:42
赞
踩
python 植物大战僵尸 锁死阳光
逆向第一课,找个单机游戏,改数据玩玩。
- #!/usr/bin/env python3
- # -*- coding: utf-8 -*-
- # File : 植物大战僵尸修改器.py
- # Author: DaShenHan&道长-----先苦后甜,任凭晚风拂柳颜------
- # Date : 2019/12/28
-
- import win32gui
- import win32process
- import win32api
- import ctypes
- handle = win32gui.FindWindow(None,"植物大战僵尸中文版")
- print(handle)
- pid = win32process.GetWindowThreadProcessId(handle)[1]
- print(pid)
- phwnd = win32api.OpenProcess(0x1F0FFF,False,pid)
- print(phwnd)
- kernerl32 = ctypes.windll.LoadLibrary(r"C:\Windows\System32\kernel32.dll")
- print(kernerl32)
- data1 = ctypes.c_long()
- kernerl32.ReadProcessMemory(int(phwnd),0x006A9EC0,ctypes.byref(data1),4,None)
- print(hex(data1.value))
- data2 = ctypes.c_long()
- kernerl32.ReadProcessMemory(int(phwnd),data1.value+0x768,ctypes.byref(data2),4,None)
- print(hex(data2.value))
- data3 = ctypes.c_long()
- kernerl32.ReadProcessMemory(int(phwnd),data2.value+0x5560,ctypes.byref(data3),4,None)
- print(data3.value)
- sun = int(input("请输入你要的阳光值:"))
- kernerl32.WriteProcessMemory(int(phwnd),data2.value+0x5560,ctypes.byref(ctypes.c_long(sun)),4,None)
优化增强版功能,支持热键启用,无限阳光,无cd;
- #!/usr/bin/env python3
- # -*- coding: utf-8 -*-
- # File : 植物大战僵尸无敌.py
- # Author: DaShenHan&道长-----先苦后甜,任凭晚风拂柳颜------
- # Date : 2019/12/28
- import win32gui
- import win32process
- import win32api
- import ctypes
- from time import sleep
- import ctypes.wintypes
- from threading import Thread,activeCount, enumerate
- import win32con
-
- kernerl32 = ctypes.windll.LoadLibrary(r"C:\Windows\System32\kernel32.dll")
-
- flag_lock = {
- "sun_lock":False,
- "cd_lock":False
- }
- h_ids = [i for i in range(2)] # 创建两个热键序列
- h_keys = {i: False for i in h_ids} # 初始化所有热键序列的标志符为False
- h_dict = {} # 初始化一个空的字典,记录id与func
-
- def thread_it(func, *args):
- t = Thread(target=func, args=args)
- t.setDaemon(True)
- t.start()
-
- class Hotkey(Thread): # 创建一个Thread的扩展类
- user32 = ctypes.windll.user32 # 加载user32.dll
- def regiskey(self, hwnd=None, flagid=0, fnkey=win32con.MOD_ALT, vkey=win32con.VK_F9): # 注册热键,默认一个alt+F9
- return self.user32.RegisterHotKey(hwnd, flagid, fnkey, vkey)
-
- def callback(self, id, func):
- h_dict[id] = func # 这个id对应这个func,没有就是新增,有就是修改
- def inner():
- for key, value in h_dict.items():
- print(f'总的热键池:{h_ids},当前热键序号:{key}, 当前热键功能:{value},当前热键状态:{h_keys[h_ids[key]]}')
- while True:
- for key, value in h_dict.items():
- if h_keys[h_ids[key]]:
- thread_it(value) # 另外开线程执行value
- h_keys[h_ids[key]] = False
- return inner
-
- def run(self):
- if not self.regiskey(None, h_ids[0], win32con.MOD_ALT, win32con.VK_F9): # 注册快捷键alt+F9并判断是否成功,该热键用于执行一次需要执行的内容。
- print(f"热键注册失败! id{h_ids[0]}") # 返回一个错误信息
- if not self.regiskey(None, h_ids[1], 0, win32con.VK_F10): # 注册快捷键F10并判断是否成功,该热键用于结束程序,且最好这么结束,否则影响下一次注册热键。
- print(f"热键注册失败! id{h_ids[1]}")
-
- # 以下为检测热键是否被按下,并在最后释放快捷键
- try:
- msg = ctypes.wintypes.MSG()
- while True:
- if self.user32.GetMessageA(ctypes.byref(msg), None, 0, 0) != 0:
- if msg.message == win32con.WM_HOTKEY:
- if msg.wParam in h_ids:
- h_keys[msg.wParam] = True
- self.user32.TranslateMessage(ctypes.byref(msg))
- self.user32.DispatchMessageA(ctypes.byref(msg))
- finally:
- for i in h_ids:
- self.user32.UnregisterHotKey(None, i)
- # 必须得释放热键,否则下次就会注册失败,所以当程序异常退出,没有释放热键,
- # 那么下次很可能就没办法注册成功了,这时可以换一个热键测试
-
- def modSwitch(flag,msg):
- global flag_lock
- if flag_lock[flag] == True:
- flag_lock[flag] = False
- print(f"{msg}已关闭")
- else:
- flag_lock[flag] = True
- print(f"{msg}已开启")
- def sunSwith():
- modSwitch("sun_lock","锁阳光")
- def cdSwith():
- modSwitch("cd_lock","无CD")
-
- def hotkey_init():
- hotkey = Hotkey()
- hotkey.start()
- hotkey.callback(0, sunSwith)
- fn = hotkey.callback(1, cdSwith)
- thread_it(fn)
- sleep(0.5)
- count = activeCount()
- print(f"当前总线程数量:{count}")
- print('当前线程列表:', enumerate())
- print('热键注册初始化完毕,组合键alt+F9 无限阳光开关 F10 无CD开关')
-
- def main():
- hotkey_init()
- while True:
- handle = win32gui.FindWindow(None,"植物大战僵尸中文版") #找到窗口句柄
- if handle:
- pid = win32process.GetWindowThreadProcessId(handle)[1] #找到进程id
- phwnd = win32api.OpenProcess(0x1F0FFF,False,pid) #找到进程句柄
- if flag_lock["sun_lock"]:
- sunMod(phwnd)
- if flag_lock["cd_lock"]:
- cdMod(phwnd)
- sleep(0.1)
-
-
- def sunMod(phwnd,sun_num=9999):
- data1 = ctypes.c_long()
- kernerl32.ReadProcessMemory(int(phwnd), 0x006A9EC0, ctypes.byref(data1), 4, None)
- data2 = ctypes.c_long()
- kernerl32.ReadProcessMemory(int(phwnd), data1.value + 0x768, ctypes.byref(data2), 4, None)
- data3 = ctypes.c_long()
- kernerl32.ReadProcessMemory(int(phwnd), data2.value + 0x5560, ctypes.byref(data3), 4, None)
- print(f"\r阳光值:{data3.value}",end="")
- kernerl32.WriteProcessMemory(int(phwnd), data2.value + 0x5560, ctypes.byref(ctypes.c_long(int(sun_num))), 4, None)
-
- def cdMod(phwnd):
- data1 = ctypes.c_long()
- kernerl32.ReadProcessMemory(int(phwnd), 0x6A9EC0, ctypes.byref(data1), 4, None)
- data2 = ctypes.c_long()
- kernerl32.ReadProcessMemory(int(phwnd), data1.value + 0x768, ctypes.byref(data2), 4, None)
- data3 = ctypes.c_long()
- kernerl32.ReadProcessMemory(int(phwnd), data2.value + 0x144, ctypes.byref(data3), 4, None)
- for i in range(10):
- #0到10格,全部冷却改为1
- kernerl32.WriteProcessMemory(int(phwnd), data3.value + 0x70+0X50*i, ctypes.byref(ctypes.c_long(1)), 2, None)
- if __name__ == '__main__':
- main()
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/weixin_40725706/article/detail/760568
推荐阅读
相关标签
