主题
搜索二进制数据 - FindData
函数简介
搜索指定的二进制数据,默认步长为1,默认开启多线程,默认搜索全部内存类型。如需定制搜索请用 FindDataEx。
接口名称
FindDataDLL调用
long FindData(long instance, long hwnd, string addr_range, string data);参数说明
| 参数名 | 类型 | 说明 |
|---|---|---|
| instance | 长整数型 | OLAPlug对象的指针,由 CreateCOLAPlugInterFace 接口生成。 |
| hwnd | 长整数型 | 窗口句柄。 |
| addr_range | 字符串 | 地址范围。 |
| data | 字符串 | 要搜索的二进制数据,支持单字节CE数据格式搜索,如"00 01 23 45 * ?? ?b c? * f1"等。 |
CE地址格式示例
<Game.exe>+1234 // 模块基址+偏移
<Game.exe>+1234+8+4 // 多级偏移(非指针)
[<Game.exe>+1234]+8+4 // 一级指针+偏移
[[<Game.exe>+1234]+8]+4 // 二级指针+偏移
[[[<module>+offset1]+offset2]+offset3] // 三级指针
[0x12345678]+10 // 直接地址+偏移示例
SDK 调用
cpp
#include "OLAPlugServer.h"
OLAPlugServer ola;
std::string result = ola.FindData(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1");csharp
using OLAPlug;
var ola = new OLAPlugServer();
string result = ola.FindData(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1");python
from OLAPlugServer import OLAPlugServer
ola = OLAPlugServer()
result = ola.FindData(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1")java
import com.olaplug.OLAPlugServer;
OLAPlugServer ola = new OLAPlugServer();
String result = ola.FindData(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1");cpp
var ola = com("OlaPlug.OlaSoft")
var result = ola.FindData(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1")vbscript
Set ola = CreateObject("OlaPlug.OlaSoft")
result = ola.FindData(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1")text
.局部变量 ola, OLAPlug
ola.创建 ()
result = ola.FindData(hwnd, “value”, “00 01 23 45 * ?? ?b c? * f1”)aardio
import OLAPlugServer;
var ola = OLAPlugServer();
var result = ola.FindData(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1");text
变量 ola <类型 = OLAPlugServer>
ola = 新建 OLAPlugServer
文本型 result = ola.FindData(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1")cpp
#include "OLAPlugServer.h"
OLAPlugServer ola;
std::string result = ola.FindData(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1");原生 DLL 调用
cpp
long instance = CreateCOLAPlugInterFace();
long ptr = FindData(instance, hwnd, "value", "00 01 23 45 * ?? ?b c? * f1");
if (ptr != 0) {
char buffer[512] = {0};
GetStringFromPtr(ptr, buffer, sizeof(buffer));
FreeStringPtr(ptr);
}csharp
using System.Runtime.InteropServices;
using System.Text;
[DllImport("OLAPlug_x64.dll", CallingConvention = CallingConvention.StdCall)]
static extern long CreateCOLAPlugInterFace();
[DllImport("OLAPlug_x64.dll", CallingConvention = CallingConvention.StdCall)]
static extern int GetStringFromPtr(long ptr, StringBuilder lpString, int size);
[DllImport("OLAPlug_x64.dll", CallingConvention = CallingConvention.StdCall)]
static extern int FreeStringPtr(long ptr);
[DllImport("OLAPlug_x64.dll", CallingConvention = CallingConvention.StdCall)]
static extern int GetStringSize(long ptr);
[DllImport("OLAPlug_x64.dll", CallingConvention = CallingConvention.StdCall)]
static extern long FindData(long ola, long hwnd, string addr_range, string data);
long instance = CreateCOLAPlugInterFace();
long ptr = FindData(instance, hwnd, "value", "00 01 23 45 * ?? ?b c? * f1");
if (ptr != 0) {
StringBuilder sb = new StringBuilder(GetStringSize(ptr) + 1);
GetStringFromPtr(ptr, sb, sb.Capacity);
FreeStringPtr(ptr);
string result = sb.ToString();
}python
from ctypes import CDLL, c_int, c_int64, create_string_buffer
ola = CDLL("OLAPlug_x64.dll")
ola.CreateCOLAPlugInterFace.restype = c_int64
instance = ola.CreateCOLAPlugInterFace()
ptr = ola.FindData(instance, hwnd, "value", "00 01 23 45 * ?? ?b c? * f1")
if ptr:
buf = create_string_buffer(512)
ola.GetStringFromPtr(ptr, buf, 512)
ola.FreeStringPtr(ptr)
result = buf.value.decode("utf-8")返回值
| 返回值 | 说明 |
|---|---|
| (返回值) | 返回字符串的指针,格式: "addr1。 |
注意事项
| 项目 | 说明 |
|---|---|
| 释放内存 | 返回的字符串指针需调用 FreeStringPtr 释放内存。 |