visual_c++ External Tutorial (more detailed)

The course is divided into four major chapters

Primary, intermediate, progressive, advanced

Primary content: Write a complete, simple plug-in

Data types for C + +: Byte,word,dword,int,float

API function Tuning Mouse_event,getwindowrect,setcursorpos,findwindow,sendmessage)

How to use CE5.4 tools

Intermediate content: The use of debugging tools, the concept of functional call

Debugging tools OD1.1 use techniques such as hardware breakpoints, conditional breakpoints, memory breakpoints.

The conversion of common assembly instruction and corresponding high-level language.

Game function Call Concept

Find the first feature call

Construction of external frame (general)

Advanced content: Analysis of the game's internal data, analysis of common functions call

Game data practice find a variety of functions call (such as playing strange, pick strange, object use, skill bar and so on) and the corresponding code writing

Advanced Content: Write a complete plug-in

Complete a relatively complete plug-in, the realization of automatic hanging machine, playing strange, storing things such as functions

1 Introductory articles.

1.1, one of the simplest plug-in

1.1.1, Game window data analysis (Spy + +)--------------------10

A, get the window relative coordinates

B, read the game window information GetWindowRect

c, move the mouse pointer setcursorpos

1.1.2 with VC + + write the simplest plug-in (to achieve the game start)---12

A, mice mouse click Mouse_event

b, mouse pointer move restore

C, integrated into the Startgame function

1.2, with CE to find board data------------------------14

Data types in 1.2.1 and CE

A, data type: bit,byte,word,dword,float,double

b, with the CE to find out the seat number;

C, Save analysis data

1.2.2, programming read out seat number; ---------------------------15

A, remote read process data

b, open the remote process

c, read remote process data

1.2.3, using CE to detect the chessboard base address;---------------------------16

A, find the board data base

b, analysis of the chessboard data structure

1.2.4, read the current board data--------------------------17

A, programming to read the board data

b, Board data show

1.3, using simulation technology to compile external-------------------------------18

1.3.1 Analysis of Chess and board coordinate relations

A, mouse software simulation, function SendMessage

b, Analysis window pieces relative coordinates x,y

c, software simulation Click the chessboard coordinates x,y at the pawn

1.3.2 Elimination of a pair of pieces of the algorithm frame--------------------20

A, traversing the chessboard with the type of chess pairs

B, build algorithm framework

1.3.3 (CHECK2P) general framework (algorithm core)---------------21

A, in this pair of pieces to find the same path between the principle of

b, (check2p function) frame code

C, (Checkline function) detect whether 2 points are connected.

1.3.4 Checkline Implementation 23

A, Checkline function implementation

B, check2p Core code architecture

1.3.5 check2p Complete code Implementation----------------------25

A, complete ceheck2p code parsing

b, Perfect checkline function

1.3.6 click2p function Realization, single elimination piece function realizes--------33

A, complete the CLICK2P function

B, single elimination of a pair of pieces of the implementation

C, modify the Clearpair function

1.3.7 Hanging Machine/sec kill/----------------------------------35

A, automatic start

b, Hanging machine chess

1.3.8 Game External Interface Landscaping---------------------------38

A, add a progress bar

B, Interface adjustment

C, Slider control property settings

1.3.9 countdown and number of pieces (base search)--------------------40

A, find the number of pieces

B, find the countdown

C, start sign

1.4 Write the complete plug-in--------------------------------40

1.4.1 Optimization automatic start function startgame

A, let the game window high

b, optimize the start function

1.4.2 Remove Game countdown limit----------------------42

A, find the timing code

b, dynamic modification of the game code (OD use Preliminary)

C, remove the timing limit

1.4.3 Write complete Plug-in--------------------------------44

A, functional testing

B, modify and perfect plug

C, read out the current number of pieces

D, second kill to achieve

1.4.4 Primary Summary----------------------------------46

A, Game analysis summary

B, Programming summary

2 Intermediate articles take Xx3d game as an example

2.1, before the analysis of preparation. Call Profile:---------------------------49

The concept of 2.1.1, call (called remotely)

A, write a call example (imaginary game client)

b, use OD to find call, explore (with OD to find our own wrote call)

C, Code injector, Remote call invocation

2.1.2, remote call calling code implementation-------------------------51

A, CreateRemoteThread API functions

b, parameter-free Remote Call invocation (code implementation)

2.1.3, Debugging Tools OD profile (Personas) blood value, magic value, coordinate offset 53

A, CE to find the current blood value offset

b, OD analysis of the magic value, coordinate offset

C, export game key code

2.1.4, game base address concept;---------------------------------54

A, base address + migration concept

b, read and write memory function parameters Introduction

C, Program realization read out (blood value, magic value)

2.1.5, commonly used assembly instructions-------------------------56

A, MOV instructions of several forms

b, compilation refers to the conversion of high-level languages

C, push instructions

2.1.6, inline Assembler programming example-------------------------58

A, addition add

B, Subtraction Sub

C, the pure assembly call function called (parameter transfer)

D, Stack balance

2.2, Skill bar use-game analysis tool OD (ollydbg)

2.2.1, eat gold to create medicine call---------------------------59

A, the use of CE tool skills

B, OD breakpoint F2

c, analysis of call parameters

D, Code injector test Call

2.2.2, write your own call test code 61

A, remote allocation of memory space VirtualAllocEx

b, inject your own code into the game process

C, Remote call "eat gold to create medicine"

2.3, DLL external frame construction

2.3.1, DLL dynamic link library build, and call----------------62

A, the establishment of MFC dynamic link library DLL

b, exe program in the call