主题
搜索二进制数据 - FindDataEx
函数简介
搜索指定的二进制数据,可定制步长、多线程、内存类型等。
接口名称
FindDataExDLL调用
long FindDataEx(long instance, long hwnd, string addr_range, string data, int step, int multi_thread, int mode);参数说明
| 参数名 | 类型 | 说明 |
|---|---|---|
| instance | 长整数型 | OLAPlug对象的指针,由 CreateCOLAPlugInterFace 接口生成。 |
| hwnd | 长整数型 | 窗口句柄。 |
| addr_range | 字符串 | 地址范围。 |
| data | 字符串 | 要搜索的二进制数据,支持单字节CE数据格式搜索,如"00 01 23 45 * ?? ?b c? * f1"等。 |
| step | 整数型 | 步长。 |
| multi_thread | 整数型 | 是否开启多线程。 |
| mode | 整数型 | 搜索模式(0:全部,1:可写,2:不可写,4:可执行,8:不可执行,16:写时复制,32:不写时复制)。 |
CE地址格式示例
<Game.exe>+1234 // 模块基址+偏移
<Game.exe>+1234+8+4 // 多级偏移(非指针)
[<Game.exe>+1234]+8+4 // 一级指针+偏移
[[<Game.exe>+1234]+8]+4 // 二级指针+偏移
[[[<module>+offset1]+offset2]+offset3] // 三级指针
[0x12345678]+10 // 直接地址+偏移示例
SDK 调用
cpp
#include "OLAPlugServer.h"
OLAPlugServer ola;
std::string result = ola.FindDataEx(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1", 0, 0, 0);csharp
using OLAPlug;
var ola = new OLAPlugServer();
string result = ola.FindDataEx(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1", 0, 0, 0);python
from OLAPlugServer import OLAPlugServer
ola = OLAPlugServer()
result = ola.FindDataEx(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1", 0, 0, 0)java
import com.olaplug.OLAPlugServer;
OLAPlugServer ola = new OLAPlugServer();
String result = ola.FindDataEx(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1", 0, 0, 0);cpp
var ola = com("OlaPlug.OlaSoft")
var result = ola.FindDataEx(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1", 0, 0, 0)vbscript
Set ola = CreateObject("OlaPlug.OlaSoft")
result = ola.FindDataEx(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1", 0, 0, 0)text
.局部变量 ola, OLAPlug
ola.创建 ()
result = ola.FindDataEx(hwnd, “value”, “00 01 23 45 * ?? ?b c? * f1”, 0, 0, 0)aardio
import OLAPlugServer;
var ola = OLAPlugServer();
var result = ola.FindDataEx(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1", 0, 0, 0);text
变量 ola <类型 = OLAPlugServer>
ola = 新建 OLAPlugServer
文本型 result = ola.FindDataEx(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1", 0, 0, 0)cpp
#include "OLAPlugServer.h"
OLAPlugServer ola;
std::string result = ola.FindDataEx(hwnd, "value", "00 01 23 45 * ?? ?b c? * f1", 0, 0, 0);原生 DLL 调用
cpp
long instance = CreateCOLAPlugInterFace();
long ptr = FindDataEx(instance, hwnd, "value", "00 01 23 45 * ?? ?b c? * f1", 0, 0, 0);
if (ptr != 0) {
char buffer[512] = {0};
GetStringFromPtr(ptr, buffer, sizeof(buffer));
FreeStringPtr(ptr);
}csharp
using System.Runtime.InteropServices;
using System.Text;
[DllImport("OLAPlug_x64.dll", CallingConvention = CallingConvention.StdCall)]
static extern long CreateCOLAPlugInterFace();
[DllImport("OLAPlug_x64.dll", CallingConvention = CallingConvention.StdCall)]
static extern int GetStringFromPtr(long ptr, StringBuilder lpString, int size);
[DllImport("OLAPlug_x64.dll", CallingConvention = CallingConvention.StdCall)]
static extern int FreeStringPtr(long ptr);
[DllImport("OLAPlug_x64.dll", CallingConvention = CallingConvention.StdCall)]
static extern int GetStringSize(long ptr);
[DllImport("OLAPlug_x64.dll", CallingConvention = CallingConvention.StdCall)]
static extern long FindDataEx(long ola, long hwnd, string addr_range, string data, int step, int multi_thread, int mode);
long instance = CreateCOLAPlugInterFace();
long ptr = FindDataEx(instance, hwnd, "value", "00 01 23 45 * ?? ?b c? * f1", 0, 0, 0);
if (ptr != 0) {
StringBuilder sb = new StringBuilder(GetStringSize(ptr) + 1);
GetStringFromPtr(ptr, sb, sb.Capacity);
FreeStringPtr(ptr);
string result = sb.ToString();
}python
from ctypes import CDLL, c_int, c_int64, create_string_buffer
ola = CDLL("OLAPlug_x64.dll")
ola.CreateCOLAPlugInterFace.restype = c_int64
instance = ola.CreateCOLAPlugInterFace()
ptr = ola.FindDataEx(instance, hwnd, "value", "00 01 23 45 * ?? ?b c? * f1", 0, 0, 0)
if ptr:
buf = create_string_buffer(512)
ola.GetStringFromPtr(ptr, buf, 512)
ola.FreeStringPtr(ptr)
result = buf.value.decode("utf-8")返回值
| 返回值 | 说明 |
|---|---|
| (返回值) | 返回字符串的指针,格式: "addr1。 |
注意事项
| 项目 | 说明 |
|---|---|
| 释放内存 | 返回的字符串指针需调用 FreeStringPtr 释放内存。 |