--BYMOVEK --BYMOVEK --BYMOVEK --BYMOVEK --BYMOVEK --BYMOVEK --BYMOVEK --BYMOVEK --BYMOVEK --BYMOVEK function S_Pointer(t_So, t_Offset, _bit) local function getRanges() local ranges = {} local t = gg.getRangesList('^/data/*.so*$') for i, v in pairs(t) do if v.type:sub(2, 2) == 'w' then table.insert(ranges, v) end end return ranges end local function Get_Address(N_So, Offset, ti_bit) local ti = gg.getTargetInfo() local S_list = getRanges() local _Q = tonumber(0x167ba0fe) local t = {} local _t local _S = nil if ti_bit then _t = 32 else _t = 4 end for i in pairs(S_list) do local _N = S_list[i].internalName:gsub('^.*/', '') if N_So[1] == _N and N_So[2] == S_list[i].state then _S = S_list[i] break end end if _S then t[#t + 1] = {} t[#t].address = _S.start + Offset[1] t[#t].flags = _t if #Offset ~= 1 then for i = 2, #Offset do local S = gg.getValues(t) t = {} for _ in pairs(S) do if not ti.x64 then S[_].value = S[_].value & 0xFFFFFFFF end t[#t + 1] = {} t[#t].address = S[_].value + Offset[i] t[#t].flags = _t end end end _S = t[#t].address end return _S end local _A = string.format('0x%X', Get_Address(t_So, t_Offset, _bit)) return _A end function BYMOVEK(offset, value) if libStart == nil then libStart = gg.getRangesList('libil2cpp.so')[2].start end local address = libStart + offset local tt = {} tt[1] = {} tt[1].address = address tt[1].flags = 4--D tt[1].value = value gg.setValues(tt) end function bymovekF(offset, value) if libStart == nil then libStart = gg.getRangesList('libil2cpp.so')[2].start end local address = libStart + offset local tt = {} tt[1] = {} tt[1].address = address tt[1].flags = 16--FLOAT tt[1].value = value gg.setValues(tt) end function bymovekD(offset, value) if libStart == nil then libStart = gg.getRangesList('libil2cpp.so')[2].start end local address = libStart + offset local tt = {} tt[1] = {} tt[1].address = address tt[1].flags = 4--DWORD tt[1].value = value gg.setValues(tt) end function BYMOVEKyisu(address) if libStart == nil then libStart = gg.getRangesList('libil2cpp.so')[2].start end local tt = {} tt[1] = {} tt[1].address = libStart + address tt[1].flags = 4 tt[1].value = "469762112" tt[2] = {} tt[2].address = libStart + address + 0x4 tt[2].flags = 4 tt[2].value = '-698416192' tt[3] = {} tt[3].address = libStart + address + 0x8 tt[3].flags = 16 tt[3].value = '10' local success = gg.setValues(tt) if success then return true else gg.toast("修改失败: " .. string.format("%X", address)) return false end end function BYMOVEKtime(address) if libStart == nil then libStart = gg.getRangesList('libil2cpp.so')[2].start end local tt = {} tt[1] = {} tt[1].address = libStart + address tt[1].flags = 4 tt[1].value = "469762112" tt[2] = {} tt[2].address = libStart + address + 0x4 tt[2].flags = 4 tt[2].value = '-698416192' tt[3] = {} tt[3].address = libStart + address + 0x8 tt[3].flags = 16 tt[3].value = '31' local success = gg.setValues(tt) if success then return true else gg.toast("修改失败: " .. string.format("%X", address)) return false end end -- 状态变量 local XA_Status = false local Report_Status = false local AntiAbnormal_Status = false local LockProgress_Status = false local MoveSpeed_Status = false local FirePower_Status = false local DirectEscape_Status = false local DirectSilver_Status = false local FixIcon_Status = false local DownShop_Status = false local GunRefresh_Status = false local MedRefresh_Status = false local BulletCount_Status = false local SettleCheck_Status = false local NoRecoil_Status = false function Main() SN = gg.multiChoice({ "★选择进程[必开]★", "★过XA检测[大厅]★" .. (XA_Status and "【已开启】" or "【未开启】"), "★过举报[大厅]★" .. (Report_Status and "【已开启】" or "【未开启】"), "★防止异常[局内]★" .. (AntiAbnormal_Status and "【已开启】" or "【未开启】"), "★开锁进度[开启]★" .. (LockProgress_Status and "【已开启】" or "【未开启】"), "★人物移速[全局]★" .. (MoveSpeed_Status and "【已开启】" or "【未开启】"), "★火力一键[全局]★" .. (FirePower_Status and "【已开启】" or "【未开启】"), "★直接逃生[局内]★" .. (DirectEscape_Status and "【已开启】" or "【未开启】"), "★直接白银[局内]★" .. (DirectSilver_Status and "【已开启】" or "【未开启】"), "★修复图标[结算]★" .. (FixIcon_Status and "【已开启】" or "【未开启】"), "★倒地购物[全局]★" .. (DownShop_Status and "【已开启】" or "【未开启】"), "★道具刷新[蹦枪]★" .. (GunRefresh_Status and "【已开启】" or "【未开启】"), "★道具刷新[药包]★" .. (MedRefresh_Status and "【已开启】" or "【未开启】"), "★子弹数量[局内]★" .. (BulletCount_Status and "【已开启】" or "【未开启】"), "️★结算过检★[结算]" .. (SettleCheck_Status and "【已开启】" or "【未开启】"), "★武器无后[局内]★" .. (NoRecoil_Status and "【已开启】" or "【未开启】"), "★退出脚本★" }, nil, "") if SN == nil then else if SN[1] == true then a1() end if SN[2] == true then a2() end if SN[3] == true then a3() end if SN[4] == true then a4() end if SN[5] == true then a5() LockProgress_Status = true end if SN[6] == true then a6() MoveSpeed_Status = true end if SN[7] == true then a7() FirePower_Status = true end if SN[8] == true then a8() DirectEscape_Status = true end if SN[9] == true then a9() DirectSilver_Status = true end if SN[10] == true then a10() FixIcon_Status = true end if SN[11] == true then a11() DownShop_Status = true end if SN[12] == true then a12() GunRefresh_Status = true end if SN[13] == true then a13() MedRefresh_Status = true end if SN[14] == true then a14() BulletCount_Status = true end if SN[15] == true then a15() SettleCheck_Status = true end if SN[16] == true then a16() NoRecoil_Status = true end if SN[17] == true then Exit() end end XGCK = -1 end function a1() gg.setProcessX() end function a2() gg.clearResults() gg.setRanges(16384) gg.searchNumber("1,179,403,647", gg.TYPE_DWORD, false, gg.SIGN_EQUAL, 0, -1) if gg.getResultCount() == 0 then gg.toast("开启失败") else gg.searchNumber("", gg.TYPE_DWORD, false, gg.SIGN_EQUAL, 0, -1) local t = gg.getResults(100) local count = #t gg.editAll("~A8 NOP", gg.TYPE_DWORD) XA_Status = true gg.toast("过XA检测成功,共修改" .. count .. "条值") gg.clearResults() end end function a3() BYMOVEK(0x4319750, "-698416192") BYMOVEK(0x4319754, "-698416192") BYMOVEK(0x4319BB0, "-698416192") BYMOVEK(0x4319BB4, "-698416192") BYMOVEK(0x4319CD8, "-698416192") BYMOVEK(0x4319CDC, "-698416192") BYMOVEK(0x4319D8C, "-698416192") BYMOVEK(0x4319D90, "-698416192") BYMOVEK(0x4319E0C, "-698416192") BYMOVEK(0x4319E10, "-698416192") BYMOVEK(0x4319EA0, "-698416192") BYMOVEK(0x4319EA4, "-698416192") BYMOVEK(0x4319F34, "-698416192") BYMOVEK(0x4319F38, "-698416192") BYMOVEK(0x43199C4, "-698416192") BYMOVEK(0x43199C8, "-698416192") BYMOVEK(0x5BA2AA8, "-698416192") BYMOVEK(0x5BA2AAC, "-698416192") BYMOVEK(0x5BA2C3C, "-698416192") BYMOVEK(0x5BA2C40, "-698416192") BYMOVEK(0x5BA2DAC, "-698416192") BYMOVEK(0x5BA2DB0, "-698416192") BYMOVEK(0x5BA2E5C, "-698416192") BYMOVEK(0x5BA2E60, "-698416192") BYMOVEK(0x5BA2F00, "-698416192") BYMOVEK(0x5BA2F04, "-698416192") BYMOVEK(0x5BA2F40, "-698416192") BYMOVEK(0x5BA2F44, "-698416192") BYMOVEK(0x5BA2FC8, "-698416192") BYMOVEK(0x5BA2FCC, "-698416192") BYMOVEK(0x5BA3018, "-698416192") BYMOVEK(0x5BA301C, "-698416192") BYMOVEK(0x5BA3080, "-698416192") BYMOVEK(0x5BA3084, "-698416192") BYMOVEK(0x5BA3124, "-698416192") BYMOVEK(0x5BA3128, "-698416192") BYMOVEK(0x5BA31B0, "-698416192") BYMOVEK(0x5BA31B4, "-698416192") Report_Status = true SettleCheck_Status = false gg.toast("过举报已开启") end function a4() gg.clearResults() gg.setRanges(32) gg.searchNumber("4015102~4015107", gg.TYPE_DWORD, false, gg.SIGN_EQUAL, 0, -1) if gg.getResultCount() == 0 then gg.toast("开启失败") else gg.searchNumber("", gg.TYPE_DWORD, false, gg.SIGN_EQUAL, 0, -1) local t = gg.getResults(100) local count = #t for i, v in ipairs(t) do v.value = "~A8 RET" v.freeze = true end gg.addListItems(t) XA_Status = true gg.toast("过XA检测成功,共修改" .. count .. "条值,已冻结") gg.clearResults() end AntiAbnormal_Status = true gg.toast("局内防异常已开启") end function a5() bymovekF(0x9143114,"2") gg.toast("成功") end function a6() BYMOVEKyisu(0x2762A04) end function a7() BYMOVEK(0x32F438C,"~A8 RET") BYMOVEK(0x32EE13C,"-1119875487") BYMOVEK(0x2CD8E58,"~A8 MOVZ X0, #0x0") BYMOVEK(0x2CD8E58+0x4,"~A8 RET") gg.toast("成功") end function a8() BYMOVEKtime(0x28651C0) BYMOVEK(0x420C984,335545652) BYMOVEK(0x420C984,-788446209) bymovekF(0x9143114,0.6875) gg.toast("开启成功") end function a9() BYMOVEKtime(0x28651C0) bymovekD(0x33A3B04, "~A8 MOV X0, #8") bymovekD(0x33A3B04+0x4, "~A8 RET") bymovekD(0x33A4EB8, "~A8 MOV X0, #8") bymovekD(0x33A4EB8+0x4, "~A8 RET") py1 = 0x286AA54 py2 = 0x2864D3C finalpy = py1 - py2 finalpy2 = string.format("%X", finalpy) bymovekD(py2, "~A8 B [PC,#0x"..finalpy2.."]") gg.sleep(1000) bymovekD(py2, "-65204248") bymovekF(0x9143114,"0.6875") gg.toast("开启成功") end function a10() bymovekF(0x8A7BEC4,"0.001") gg.toast("开启成功") end function a11() BYMOVEK(0x27661A8,"~A8 MOVZ W0, #0x2") BYMOVEK(0x27661A8+0x4,-698416192) gg.toast("开启成功") end function a12() BYMOVEK(0x36670A4,"~A8 MOVZ W0, #210") BYMOVEK(0x36670A4+0x4,"~A8 RET") gg.toast("开启成功") end function a13() BYMOVEK(0x36670A4,"~A8 MOVZ W0, #104") gg.toast("开启成功") end function a14() local t = {"libil2cpp.so", "Cd"} local tt = {0x6983D0, 0xB8, 0x0, 0x128, 0xC4} gg.addListItems({{address = S_Pointer(t, tt, true), flags = 4, value = 512, freeze = true}}) gg.toast("开启成功") end function a15() BYMOVEK(0x36670A4,"~A8 MOVZ W0, #210") bymovekF(0x8A7BEC4,"0.001") gg.toast("开启成功") end function a16() bymovekF(0x8A7BEC4,"1") gg.toast("开启成功") end function Exit() os.exit() end while true do if gg.isVisible(true) then XGCK = 1 gg.setVisible(false) end gg.clearResults() if XGCK == 1 then Main() end end --public const eEventSections LAntiCheatSysBegin = 2059000;-- 轻量级反作弊系统开始 --public const eEventSections LAntiCheatSysEnd = 2059299;-- 轻量级反作弊系统结束 --public const eEventSections MAntiCheatSysBegin = 2059300;-- 中量级反作弊系统开始 --public const eEventSections MAntiCheatSysEnd = 2059599;-- 中量级反作弊系统结束 --public const eEventSections LMNAAntiCheatSysBegin = 2059600; -- 轻重中量级反作弊系统开始 --public const eEventSections LMNAAntiCheatSysEnd = 2059999;-- 轻重中量级反作弊系统结束 --public const eEventSections GuardModuleBegin = 4015000;-- 检测模块总开始 --public const eEventSections LMNAGuardModuleBegin = 4015101;-- LMNA检测模块开始 --public const eEventSections LMNAGuardModuleEnd = 4015199;-- LMNA检测模块结束 --public const eEventSections MGuardModuleBegin = 4015201;-- M检测模块开始 --public const eEventSections MGuardModuleEnd = 4015299;-- M检测模块结束 --public const eEventSections AGuardModuleBegin = 4015301;-- A检测模块开始 --public const eEventSections AGuardModuleEnd = 4015399;-- A检测模块结束 --public const eEventSections GuardModuleEnd = 0;-- 检测模块总结束