public void Emit(GameContext context, float X, float Y) { int data = NativeFunctions.VirtualAllocEx(context.HContext.Handle, 0, (int)(32 * Projs.Count), NativeFunctions.AllocationType.Commit, NativeFunctions.MemoryProtection.ExecuteReadWrite); NativeFunctions.WriteProcessMemory(context.HContext.Handle, data, BitConverter.GetBytes(Projs.Count), 4, 0); for (int i = 0; i < Projs.Count; i++) { int t = data + 8 + i * 32; NativeFunctions.WriteProcessMemory(context.HContext.Handle, t, BitConverter.GetBytes(Projs[i].ProjType), 4, 0); NativeFunctions.WriteProcessMemory(context.HContext.Handle, t + 4, BitConverter.GetBytes(context.MyPlayer.X + Projs[i].Location.X), 4, 0); NativeFunctions.WriteProcessMemory(context.HContext.Handle, t + 8, BitConverter.GetBytes(context.MyPlayer.Y + Projs[i].Location.Y), 4, 0); NativeFunctions.WriteProcessMemory(context.HContext.Handle, t + 12, BitConverter.GetBytes(Projs[i].Speed.X), 4, 0); NativeFunctions.WriteProcessMemory(context.HContext.Handle, t + 16, BitConverter.GetBytes(Projs[i].Speed.Y), 4, 0); } AssemblySnippet snippet = AssemblySnippet.FromCode( new AssemblyCode[] { (Instruction)$"pushad", (Instruction)$"mov ebx,{data}", }); snippet.Content.Add(AssemblySnippet.Loop( AssemblySnippet.FromCode( new AssemblyCode[] { (Instruction)$"mov eax,[esp]", //i (Instruction)$"shl eax,5", (Instruction)$"lea eax,[ebx+8+eax]", Projectile.GetSnippet_Call_NewProjectile(context, null, false, "[eax+4]", "[eax+8]", "[eax+12]", "[eax+16]", "[eax]", 0, 0f, context.MyPlayerIndex, 0f, 0f), }), (int)Projs.Count, true)); snippet.Content.Add((Instruction)"popad"); InlineHook.InjectAndWait(context.HContext, snippet, context.HContext.MainAddressHelper["Terraria.Main", "Update"], true); NativeFunctions.VirtualFreeEx(context.HContext.Handle, data, 0); }
public static void SendChat(GameContext Context, string Text) { byte[] bs = Encoding.Unicode.GetBytes(Text); int strEnd = 0; int strMem = NativeFunctions.VirtualAllocEx(Context.HContext.Handle, 0, Text.Length + 10, NativeFunctions.AllocationType.Commit, NativeFunctions.MemoryProtection.ExecuteReadWrite); NativeFunctions.WriteProcessMemory(Context.HContext.Handle, strMem, bs, bs.Length, 0); NativeFunctions.WriteProcessMemory(Context.HContext.Handle, strMem + bs.Length, ref strEnd, 4, 0); var mscorlib_AddrHelper = Context.HContext.GetAddressHelper("mscorlib.dll"); int ctor = mscorlib_AddrHelper.GetFunctionAddress("System.String", "CtorCharPtr"); AssemblySnippet asm = AssemblySnippet.FromCode( new AssemblyCode[] { (Instruction)"push ecx", (Instruction)"push edx", AssemblySnippet.ConstructString(Context.HContext, strMem, Context.HContext.MainAddressHelper.GetStaticFieldAddress("Terraria.Main", "chatText")), (Instruction)$"mov byte ptr [{Context.HContext.MainAddressHelper.GetStaticFieldAddress("Terraria.Main", "drawingPlayerChat")}],1", (Instruction)$"mov byte ptr [{Context.HContext.MainAddressHelper.GetStaticFieldAddress("Terraria.Main", "inputTextEnter")}],1", (Instruction)$"mov byte ptr [{Context.HContext.MainAddressHelper.GetStaticFieldAddress("Terraria.Main", "chatRelease")}],1", (Instruction)"pop edx", (Instruction)"pop ecx" }); InlineHook.InjectAndWait(Context.HContext, asm, Context.HContext.MainAddressHelper.GetFunctionAddress("Terraria.Main", "DoUpdate"), true); NativeFunctions.VirtualFreeEx(Context.HContext.Handle, strMem, 0); }
public static void HarpToTP_E(GameContext Context) { int a = AobscanHelper.Aobscan( Context.HContext.Handle, "8B 8D E4 F9 FF FF FF 15") - 5; byte[] j = new byte[1]; NativeFunctions.ReadProcessMemory(Context.HContext.Handle, a, j, 1, 0); if (j[0] != 0xE9) { var player = Context.MyPlayer; InlineHook.Inject(Context.HContext, AssemblySnippet.FromCode( new AssemblyCode[] { (Instruction)$"pushad", AssemblySnippet.FromClrCall( Context.HContext.MainAddressHelper.GetFunctionAddress("Terraria.Main", "get_LocalPlayer"), null, false), (Instruction)$"mov ebx,eax", (Instruction)$"push 16", (Instruction)$"fild dword ptr [{Context.TileTargetX_Address}]", (Instruction)$"fild dword ptr [esp]", (Instruction)$"fmul", (Instruction)$"fstp dword ptr [ebx+{Entity.OFFSET_Position}]", (Instruction)$"fild dword ptr [{Context.TileTargetY_Address}]", (Instruction)$"fild dword ptr [esp]", (Instruction)$"fmul", (Instruction)$"fstp dword ptr [ebx+{Entity.OFFSET_Position + 0x4}]", (Instruction)$"add esp,4", (Instruction)$"popad", }), a, false); } }
public override void Enable(GameContext ctx) { AssemblySnippet asm = AssemblySnippet.FromEmpty(); asm.Content.Add(Instruction.Create("push ecx")); asm.Content.Add(Instruction.Create("push edx")); asm.Content.Add( AssemblySnippet.Loop( AssemblySnippet.Loop( AssemblySnippet.FromCode( new AssemblyCode[] { (Instruction)"mov edx, [esp+4]", (Instruction)"push [esp]", (Instruction)"push 255", AssemblySnippet.FromClrCall( ctx.GameModuleHelper.GetFunctionAddress("Terraria.Map.WorldMap", "UpdateLighting"), false, ctx.Map.BaseAddress, null, null, Array.Empty <object>()) }), ctx.MaxTilesY, false), ctx.MaxTilesX, false)); asm.Content.Add(Instruction.Create("pop edx")); asm.Content.Add(Instruction.Create("pop ecx")); ctx.RunByHookOnUpdate(asm); ctx.RefreshMap = true; }
public override void Enable(GameContext ctx) { int off = GetOffset(ctx, "Terraria.Entity", "position"); var ass = AssemblySnippet.FromCode( new AssemblyCode[] { Instruction.Create("pushad"), Instruction.Create($"cmp byte ptr [{ctx.MapFullScreen_Address}],0"), Instruction.Create("je _rwualfna"), Instruction.Create($"cmp byte ptr [{ctx.MouseRight_Address}],0"), Instruction.Create("je _rwualfna"), Instruction.Create($"cmp byte ptr [{ctx.MouseRightRelease_Address}],0"), Instruction.Create("je _rwualfna"), AssemblySnippet.FromCode( new AssemblyCode[] { Instruction.Create($"mov byte ptr [{ctx.MapFullScreen_Address}],0"), Instruction.Create($"mov byte ptr [{ctx.MouseRightRelease_Address}],0"), AssemblySnippet.FromClrCall( ctx.GameModuleHelper.GetFunctionAddress("Terraria.Main", "get_LocalPlayer"), false, null, null, null, Array.Empty <object>()), Instruction.Create("mov ebx,eax"), Instruction.Create("push eax"), Instruction.Create("mov dword ptr [esp],2"), Instruction.Create($"fild dword ptr [{ctx.ScreenWidth_Address}]"), Instruction.Create("fild dword ptr [esp]"), Instruction.Create("fdivp"), Instruction.Create($"fild dword ptr [{ctx.MouseX_Address}]"), Instruction.Create("fsubp"), Instruction.Create($"fld dword ptr [{ctx.MapFullScreenScale_Address}]"), Instruction.Create("fdivp"), Instruction.Create($"fld dword ptr [{ctx.MapFullscreenPos_Address + 4}]"), Instruction.Create("fsubrp"), Instruction.Create("mov dword ptr [esp],16"), Instruction.Create("fild dword ptr [esp]"), Instruction.Create("fmulp"), Instruction.Create($"fstp dword ptr [ebx+{off}]"), Instruction.Create("mov dword ptr [esp],2"), Instruction.Create($"fild dword ptr [{ctx.ScreenHeight_Address}]"), Instruction.Create("fild dword ptr [esp]"), Instruction.Create("fdivp"), Instruction.Create($"fild dword ptr [{ctx.MouseY_Address}]"), Instruction.Create("fsubp"), Instruction.Create($"fld dword ptr [{ctx.MapFullScreenScale_Address}]"), Instruction.Create("fdivp"), Instruction.Create($"fld dword ptr [{ctx.MapFullscreenPos_Address + 8}]"), Instruction.Create("fsubrp"), Instruction.Create("mov dword ptr [esp],16"), Instruction.Create("fild dword ptr [esp]"), Instruction.Create("fmulp"), Instruction.Create($"fstp dword ptr [ebx+{off + 0x4}]"), Instruction.Create("pop eax"), }), Instruction.Create("_rwualfna:"), Instruction.Create("popad") }); HookParameters ps = new HookParameters(ctx.GameModuleHelper.GetFunctionAddress("Terraria.Main", "Update") + 5, 4096); InlineHook.Hook(ctx.HContext, ass, ps); }
private static AssemblyCode Imp_AddI2F() { return(AssemblySnippet.FromCode(new AssemblyCode[] { (Instruction)"fild dword ptr [esp+4]", (Instruction)"fild dword ptr [esp+8]", (Instruction)"fadd", (Instruction)"fstp dword ptr [esp-4]", (Instruction)"mov eax,[esp-4]", (Instruction)"ret 8", })); }
/// <summary> /// Calling this is much more effective than calling the two functions separately. /// </summary> /// <param name="type"></param> /// <param name="prefix"></param> public void SetDefaultsAndPrefix(int type, int prefix) { Context.RunByHookOnUpdate(AssemblySnippet.FromCode( new AssemblyCode[] { Instruction.Create("push ecx"), Instruction.Create("push edx"), TypedInternalObject.GetMethodCall("Terraria.Item.SetDefaults(Int32)").Call(false, null, null, new object[] { type }), TypedInternalObject.GetMethodCall("Terraria.Item.Prefix(Int32)").Call(false, null, null, new object[] { prefix }), Instruction.Create("pop edx"), Instruction.Create("pop ecx") })); }
public static void DisableInvisibility_E(GameContext Context) { int a = (int)Context.HContext.MainAddressHelper["Terraria.Player", "UpdateBuffs", 0x21B].StartAddress; int s = 0; NativeFunctions.ReadProcessMemory(Context.HContext.Handle, a + 4, ref s, 4, 0); var code = AssemblySnippet.FromCode(new AssemblyCode[] { (Instruction)"mov byte ptr [esi+0x651],0", }); InlineHook.Inject(Context.HContext, code, a, false, false); }
public static void Call(GameContext Context, nuint targetAddr, params object[] args) { AssemblySnippet snippet = AssemblySnippet.FromCode( new AssemblyCode[] { (Instruction)"pushad", AssemblySnippet.FromClrCall( targetAddr, false, null, null, null, args), (Instruction)"popad" }); Context.RunByHookOnUpdate(snippet); }
public static void InfiniteFly_E(GameContext Context) { int addr = AobscanHelper.Aobscan(Context.HContext.Handle, "89 86 90020000 80 BF"); if (addr <= 0) { return; } InlineHook.Inject(Context.HContext, AssemblySnippet.FromCode( new AssemblyCode[] { (Instruction)"mov dword ptr [esi+0x290],100000" }), addr, false, false); }
public void Emit(GameContext context, MPointF Location) { using MemoryAllocation alloc = new(context.HContext, 32 * (uint)Projs.Count + 64); RemoteMemoryStream stream = new(context.HContext, alloc.AllocationBase, 0); stream.Write <long>(Projs.Count); //8 bytes byte[] bs = new byte[12]; for (int i = 0; i < Projs.Count; i++) { stream.Write(Projs[i].ProjType); //4 stream.Write(Location.X + Projs[i].Location.X); //4 stream.Write(Location.Y + Projs[i].Location.Y); //4 stream.Write(Projs[i].Speed.X); //4 stream.Write(Projs[i].Speed.Y); //4 stream.Write(bs, (uint)bs.Length); } AssemblySnippet snippet = AssemblySnippet.FromCode( new AssemblyCode[] { (Instruction)$"pushad", (Instruction)$"mov ebx,{alloc.AllocationBase}", }); snippet.Content.Add(AssemblySnippet.Loop( AssemblySnippet.FromCode( new AssemblyCode[] { (Instruction)$"mov eax,[esp]", //i (Instruction)$"shl eax,5", //*32 (Instruction)$"lea eax,[ebx+8+eax]", (Instruction)$"xor ecx,ecx", //SpawnSource:IProjectileSource (Instruction)$"push [eax+4]", //X:float (Instruction)$"push [eax+8]", //Y:float (Instruction)$"push [eax+12]", //SpeedX:float (Instruction)$"push [eax+16]", //SpeedY:float (Instruction)$"mov edx,[eax]", //Type:int (Instruction)$"push 0", //Damage:int (Instruction)$"push 0", //KnockBack:float (Instruction)$"push {context.MyPlayerIndex}", //Owner:int (Instruction)$"push 0", //ai0:float (Instruction)$"push 0", //ai1:float (Instruction)$"call {context.GameModuleHelper.GetClrMethodBySignature("Terraria.Projectile", "Terraria.Projectile.NewProjectile(Terraria.DataStructures.IEntitySource, Single, Single, Single, Single, Int32, Int32, Single, Int32, Single, Single)").NativeCode}", }), Projs.Count, true)); snippet.Content.Add((Instruction)"popad"); context.RunByHookOnUpdate(snippet); }
public static void SwingIgnoringTiles_E(GameContext Context) { byte s = 0; NativeFunctions.ReadProcessMemory(Context.HContext.Handle, Context.HContext.MainAddressHelper.GetFunctionAddress("Terraria.Collision", "CanHit"), ref s, 1, 0); if (s != 0x55) //已经被修改,不能再hook { return; } var code = AssemblySnippet.FromCode(new AssemblyCode[] { (Instruction)"mov eax,1", }); InlineHook.Inject(Context.HContext, code, Context.HContext.MainAddressHelper.GetFunctionAddress("Terraria.Collision", "CanHit"), false, false); }
public static void SwingingAttacksAll_E(GameContext Context) { int a = (int)Context.HContext.MainAddressHelper["Terraria.Player", "ItemCheck_MeleeHitNPCs", 0x115].StartAddress - 6; int b = (int)Context.HContext.MainAddressHelper["Terraria.Player", "ItemCheck_MeleeHitNPCs", 0x12B].StartAddress; byte s = 0; NativeFunctions.ReadProcessMemory(Context.HContext.Handle, a, ref s, 1, 0); if (s == 0xE9) //已经被修改,不能再hook { return; } var code = AssemblySnippet.FromCode(new AssemblyCode[] { (Instruction)"mov eax,1", }); InlineHook.Inject(Context.HContext, code, a, false, false); InlineHook.Inject(Context.HContext, code, b, false, false); }
/// <summary> /// This method will make the game create a new object of string. /// </summary> /// <param name="s"></param> public unsafe static GameString New(GameContext ctx, string s) { using var alloc = MemoryAllocation.Alloc(ctx.HContext, (uint)(s.Length * 2 + 2) + (uint) sizeof(nuint)); nuint addr = alloc.AllocationBase; nuint resAddr = addr + (uint)(s.Length * 2 + 2); byte[] data = Encoding.Unicode.GetBytes(s); ctx.HContext.DataAccess.WriteBytes(addr, data); ctx.HContext.DataAccess.Write <short>(addr + (uint)data.Length, 0); var asm = AssemblySnippet.FromCode(new AssemblyCode[] { AssemblySnippet.FromConstructString(ctx.HContext, addr, resAddr) }); var thread = ctx.RunOnManagedThread(asm); if (!Task.Run(() => thread.WaitToDispose()).Wait(2000)) //won't forcefully dispose because that would cause game crashing { throw new Exception("Failed to create string object"); } nuint res = ctx.HContext.DataAccess.Read <nuint>(resAddr); return(new GameString(ctx, new HackObject(ctx.HContext, ctx.HContext.Runtime.Heap.StringType, res))); }
public static void ImmuneDebuffs_E(GameContext Context) { int a = Context.HContext.MainAddressHelper.GetFunctionAddress("Terraria.Player", "AddBuff"); byte[] j = new byte[1]; NativeFunctions.ReadProcessMemory(Context.HContext.Handle, a, j, 1, 0); if (j[0] != 0xE9) { var player = Context.MyPlayer; InlineHook.Inject(Context.HContext, AssemblySnippet.FromCode( new AssemblyCode[] { (Instruction)$"pushad", (Instruction)$"mov ebx,{Context.Debuff_Address}", (Instruction)$"cmp byte ptr [ebx+edx+8],0", (Instruction)$"je end", (Instruction)$"popad", (Instruction)$"ret 8", (Instruction)$"end:", (Instruction)$"popad", }), a, false); } }
public override void Enable(GameContext ctx) { nuint a = GetFunctionAddress(ctx, "Terraria.Player", "AddBuff"); if (Read <byte>(ctx, a) == 0xE9) { return; } var player = ctx.MyPlayer; InlineHook.Hook(ctx.HContext, AssemblySnippet.FromCode( new AssemblyCode[] { (Instruction)$"pushad", (Instruction)$"mov ebx,{ctx.Debuff.BaseAddress}", (Instruction)$"cmp byte ptr [ebx+edx+8],0", (Instruction)$"je end", (Instruction)$"popad", (Instruction)$"ret 8", (Instruction)$"end:", (Instruction)$"popad", }), new HookParameters(a, 0x1000)); this.IsEnabled = true; }
public static void Call(GameContext Context, int targetAddr, int hookAddress, params object[] args) { Dictionary <int, int> strAddrs = new Dictionary <int, int>(); object[] trueArgs = args.Select(t => { if (!(t is string) || !(t as string).TrimStart().StartsWith("@")) { return(t); } string str = t as string; string trueStr = str.Substring(str.IndexOf("@") + 1); int strEnd = 0; byte[] bs = Encoding.Unicode.GetBytes(trueStr); int maddr = NativeFunctions.VirtualAllocEx(Context.HContext.Handle, 0, bs.Length + 4, NativeFunctions.AllocationType.Commit, NativeFunctions.MemoryProtection.ExecuteReadWrite); int taddr = NativeFunctions.VirtualAllocEx(Context.HContext.Handle, 0, 4, NativeFunctions.AllocationType.Commit, NativeFunctions.MemoryProtection.ExecuteReadWrite); NativeFunctions.WriteProcessMemory(Context.HContext.Handle, maddr, bs, bs.Length, 0); NativeFunctions.WriteProcessMemory(Context.HContext.Handle, maddr + bs.Length, ref strEnd, 4, 0); strAddrs[taddr] = maddr; return(taddr); }).ToArray(); for (int i = 0; i < args.Length; i++) { var t = args[i]; if (!(t is string) || !(t as string).TrimStart().StartsWith("@")) { trueArgs[i] = args[i]; continue; } string str = t as string; string trueStr = str.Substring(str.IndexOf("@") + 1); int strEnd = 0; byte[] bs = Encoding.Unicode.GetBytes(trueStr); int maddr = NativeFunctions.VirtualAllocEx(Context.HContext.Handle, 0, bs.Length + 4, NativeFunctions.AllocationType.Commit, NativeFunctions.MemoryProtection.ExecuteReadWrite); int taddr = NativeFunctions.VirtualAllocEx(Context.HContext.Handle, 0, 4, NativeFunctions.AllocationType.Commit, NativeFunctions.MemoryProtection.ExecuteReadWrite); NativeFunctions.WriteProcessMemory(Context.HContext.Handle, maddr, bs, bs.Length, 0); NativeFunctions.WriteProcessMemory(Context.HContext.Handle, maddr + bs.Length, ref strEnd, 4, 0); strAddrs[taddr] = maddr; trueArgs[i] = $"dword ptr [{taddr}]"; } AssemblySnippet snippet = AssemblySnippet.FromCode( new AssemblyCode[] { (Instruction)"pushad", AssemblySnippet.FromCode( strAddrs.Select(t => AssemblySnippet.ConstructString( Context.HContext, t.Value, t.Key ))), AssemblySnippet.FromClrCall( targetAddr, null, false, trueArgs), (Instruction)"popad" }); InlineHook.InjectAndWait(Context.HContext, snippet, hookAddress, true); //Console.WriteLine(snippet.GetCode()); foreach (var addrs in strAddrs) { NativeFunctions.VirtualFreeEx(Context.HContext.Handle, addrs.Key, 0); NativeFunctions.VirtualFreeEx(Context.HContext.Handle, addrs.Value, 0); } }
public static void RightClickToTP(GameContext Context) { byte s = 0; NativeFunctions.ReadProcessMemory(Context.HContext.Handle, Context.HContext.MainAddressHelper.GetFunctionAddress("Terraria.Main", "DoUpdate"), ref s, 1, 0); if (s == 0xE9) //已经被修改,不能再hook { return; } var ass = AssemblySnippet.FromCode( new AssemblyCode[] { Instruction.Create("pushad"), Instruction.Create($"cmp byte ptr [{Context.MapFullScreen_Address}],0"), Instruction.Create("je _rwualfna"), Instruction.Create($"cmp byte ptr [{Context.MouseRight_Address}],0"), Instruction.Create("je _rwualfna"), Instruction.Create($"cmp byte ptr [{Context.MouseRightRelease_Address}],0"), Instruction.Create("je _rwualfna"), AssemblySnippet.FromCode( new AssemblyCode[] { Instruction.Create($"mov byte ptr [{Context.MapFullScreen_Address}],0"), Instruction.Create($"mov byte ptr [{Context.MouseRightRelease_Address}],0"), AssemblySnippet.FromClrCall( Context.HContext.MainAddressHelper.GetFunctionAddress("Terraria.Main", "get_LocalPlayer"), null, false), Instruction.Create("mov ebx,eax"), Instruction.Create("push eax"), Instruction.Create("mov dword ptr [esp],2"), Instruction.Create($"fild dword ptr [{Context.ScreenWidth_Address}]"), Instruction.Create("fild dword ptr [esp]"), Instruction.Create("fdivp"), Instruction.Create($"fild dword ptr [{Context.MouseX_Address}]"), Instruction.Create("fsubp"), Instruction.Create($"fld dword ptr [{Context.MapFullScreenScale_Address}]"), Instruction.Create("fdivp"), Instruction.Create($"fld dword ptr [{Context.MapFullscreenPos_Address + 4}]"), Instruction.Create("fsubrp"), Instruction.Create("mov dword ptr [esp],16"), Instruction.Create("fild dword ptr [esp]"), Instruction.Create("fmulp"), Instruction.Create($"fstp dword ptr [ebx+{Entity.OFFSET_Position}]"), Instruction.Create("mov dword ptr [esp],2"), Instruction.Create($"fild dword ptr [{Context.ScreenHeight_Address}]"), Instruction.Create("fild dword ptr [esp]"), Instruction.Create("fdivp"), Instruction.Create($"fild dword ptr [{Context.MouseY_Address}]"), Instruction.Create("fsubp"), Instruction.Create($"fld dword ptr [{Context.MapFullScreenScale_Address}]"), Instruction.Create("fdivp"), Instruction.Create($"fld dword ptr [{Context.MapFullscreenPos_Address + 8}]"), Instruction.Create("fsubrp"), Instruction.Create("mov dword ptr [esp],16"), Instruction.Create("fild dword ptr [esp]"), Instruction.Create("fmulp"), Instruction.Create($"fstp dword ptr [ebx+{Entity.OFFSET_Position + 0x4}]"), Instruction.Create("pop eax"), }), Instruction.Create("_rwualfna:"), Instruction.Create("popad") }); InlineHook.Inject(Context.HContext, ass, Context.HContext.MainAddressHelper.GetFunctionAddress("Terraria.Main", "DoUpdate") + 5, false); }