type
status
date
slug
summary
tags
category
icon
password
Property
Nov 17, 2022 10:15 AM
一、找到上述要求的宝箱
在军事基地找到目标宝箱
![notion image](https://www.notion.so/image/https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2F69a9d647-1c38-4e5d-87e1-340305c85d8b%2FScreenshot_2022-04-29-14-53-10-407_com.tencent.tmgp.projectg.jpg?table=block&id=cd3197f0-a77c-4c19-a2df-f35490651770&t=cd3197f0-a77c-4c19-a2df-f35490651770&width=2340&cache=v2)
二、分析宝箱透明的原因
在SDK中寻找相关字段
- bool bBoxVisibility;//(ByteOffset: 0, ByteMask: 1, FieldMask: 255)[Offset: 0x650, Size: 1]
- bool bHidden;//(ByteOffset: 0, ByteMask: 2, FieldMask: 2)[Offset: 0x8d, Size: 1]
以上字段均错误
猜测使用了透明材质
三、实现寻找宝箱的方法
思路
通过遍历 GWorld → UWorld → ULevel → ActorList 找到对应宝箱坐标,并绘制在屏幕上
实现
寻找GName和GWorld基址
GName:
- 搜索 MulticastDelegateProperty
- 保存结果(三个0x77)
- 三个结果附近搜索 None ,找到000结尾地址,搜索指针
结果:
libUE4 + 0xa8ed8b8 或 libUE4 + 0xab12c60
GWorld:
- 使用UE4Dumper dump strings
- 找到大厅的世界名 Lobby_Main
- 搜索对应的id
- 搜索指针
结果:
libUE4 + 0xaceb340
导出SDK
寻找宝箱的ClassName
在宝箱边上dump actors,搜索关键词Box,找到 BP_3thPickupBox_C
根据坐标地址进一步确认,可知该猜测正确
BP_3thPickupBox_C
实现绘制
![notion image](https://www.notion.so/image/https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2F1dc55062-bec6-4cc9-808c-ca63e2f352a0%2FScreenshot_2022-05-01-12-37-04-350_com.tencent.tmgp.projectg.jpg?table=block&id=2eeb057b-ac8b-492d-be3c-3a743271d22e&t=2eeb057b-ac8b-492d-be3c-3a743271d22e&width=2340&cache=v2)
![notion image](https://www.notion.so/image/https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2F90dcced3-5583-4b8d-bf88-6092a4766c6a%2FScreenshot_2022-05-01-12-36-33-987_com.tencent.tmgp.projectg.jpg?table=block&id=84382e34-31e2-4d21-9a65-c92ab7305db7&t=84382e34-31e2-4d21-9a65-c92ab7305db7&width=2340&cache=v2)
![notion image](https://www.notion.so/image/https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2Fb043a941-9546-4fc1-a102-42ed34c92cd2%2FScreenshot_2022-05-01-12-36-40-864_com.tencent.tmgp.projectg.jpg?table=block&id=725c9d19-55df-4bd6-9d7c-4f914edd1d62&t=725c9d19-55df-4bd6-9d7c-4f914edd1d62&width=2340&cache=v2)
![notion image](https://www.notion.so/image/https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2F3ca655b2-5243-4461-921b-3ddc9743fa51%2FScreenshot_2022-05-01-12-36-45-525_com.tencent.tmgp.projectg.jpg?table=block&id=cd5f57ca-57d5-496a-ab38-660d0bcd959f&t=cd5f57ca-57d5-496a-ab38-660d0bcd959f&width=2340&cache=v2)