原神帧率解锁工具
当前可支持游戏版本 5.2
技术栈
使用MSVC17编译CMake+Ninja构建生成的在Win32环境的Qt GUI应用
资源
Tech
获取Unity-Player模块相关信息
do{ if (mod32.th32ProcessID != game.pid)
continue;
if (mod32.szModule == "yuanshen.exe")//unityplayer.dll
{
*pEntry = mod32;
CloseHandle(snap);
return true;
}
} while (Module32NextW(snap, &mod32));补丁注入
特征搜索得到
根据得到的模块基址等信息,进行shellcode真正的初始化
WriteProcessMemory
LPVOID __Tar_proc_buffer = VirtualAllocEx(Tar_handle, _text_base_addr_Moved, size, type, PAGE_EXECUTE_READWRITE);
if (__Tar_proc_buffer)
{
if (WriteProcessMemory(Tar_handle, __Tar_proc_buffer, (LPVOID)_shellcode_buffer, sizeof(shellCode_Patch), 0))
{
VirtualFree((void *)_shellcode_buffer, 0, MEM_RELEASE);
//Create in-game(mem) sync thread
HANDLE temp = CreateRemoteThread(Tar_handle, 0, 0, routine, 0, 0, 0);
if (temp)
CloseHandle(temp);
else
return 0;
return ((quint64)__Tar_proc_buffer + 0x1A0);
}
//write-mem fail,权限不够等情况可能导致,使用GetLastError()可尝试解决
VirtualFree((void *)_shellcode_buffer, 0, MEM_RELEASE);
return 0;
}