热血传奇中找到关键CALL

procedure TForm1.Timer1Timer(Sender: TObject);
var
  WHandle:hwnd;
  hPID:hwnd;
  pHandle:hwnd;
  base,ybase,ybase1,gjms1,num,mapAddr,rnameAddr:dword;
  hp,maxhp,mp,maxmp,px,py,yhp,ymaxhp,ymp,ymaxmp:cardinal;
  map,rname,gjms:array[0..32]of char;
begin
WHandle := FindWindow('TFrmMain', 'legend of mir2');
GetWindowThreadProcessId(WHandle, @hPID);
PHandle := OpenProcess(PROCESS_ALL_ACCESS, False, hPID);
//主号信息
ReadProcessMemory(PHandle,Pointer($59C7CC),@Base, 4, Num);
ReadProcessMemory(PHandle,Pint(base+$4C),@HP,4,Num);
ReadProcessMemory(PHandle,Pint(base+$4C+$4),@maxhP,4,Num) ;
ReadProcessMemory(PHandle,Pint(base+$4C+$8),@mP,4,Num) ;
ReadProcessMemory(PHandle,Pint(base+$4C+$c),@maxmP,4,Num) ;
ReadProcessMemory(PHandle,Pint(base+$4C+$8c),@px,4,Num) ;
ReadProcessMemory(PHandle,Pint(base+$4C+$90),@py,4,Num) ;
//当前坐标
ReadProcessMemory(PHandle,pointer($59C7CC+$10), @mapAddr, 4, Num);
ReadProcessMemory(PHandle,pointer(mapAddr), @map[0], 20, Num);
ReadProcessMemory(PHandle,pointer($59C7CC-$58508), @rnameAddr, 4, Num);
ReadProcessMemory(PHandle,pointer(rnameAddr), @rname[0], 20, Num);
ReadProcessMemory(PHandle,pointer($59C7CC+$2300), @gjms1, 4, Num);
ReadProcessMemory(PHandle,pointer(gjms1), @gjms[0], 14, Num);
//英雄信息
ReadProcessMemory(PHandle, Pointer($59C7CC-$58FF4),@yBase1, 4, Num);
ReadProcessMemory(PHandle, Pointer(ybase1+$2c),@yBase, 4, Num);
ReadProcessMemory(PHandle,Pint(ybase+$4C),@yHP,4,Num);
ReadProcessMemory(PHandle,Pint(ybase+$4C+$4),@ymaxhP,4,Num) ;
ReadProcessMemory(PHandle,Pint(ybase+$4C+$8),@ymP,4,Num) ;
ReadProcessMemory(PHandle,Pint(ybase+$4C+$c),@ymaxmP,4,Num) ;
form1.StaticText1.Caption:='['+string(rname)+' '+String(map)+' '+inttostr(px)+':'+inttostr(py)+'] '+string(gjms);
form1.label1.Caption:='主 HP:'+inttostr(hp)+'/'+inttostr(maxhp)+' MP:'+inttostr(mp)+'/'+inttostr(maxmp)+'  英 HP:'+inttostr(yhp)+'/'+inttostr(ymaxhp)+' MP:'+inttostr(ymp)+'/'+inttostr(ymaxmp);


我个人认为这些地址还蛮重要的,当然包包里的物品也找到了,只是暂时还没想好用做什么,所以先搁置着!

posted @ 2009-11-06 11:51  装配中的脑袋  阅读(2377)  评论(0编辑  收藏  举报