Shulou(Shulou.com)05/31 Report--

How to use Python to make game plug-ins, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain for you in detail, people with this need can come to learn, I hope you can gain something.

The preface first introduces the types of plug-ins on the market, traditional plug-ins.

Fps games share a common feature. Most of the calculations are done locally, and it is impossible for every action to interact with the server for several reasons:

It will overload the server and increase the operating cost.

Dozens of ms delays may turn the tide of the war when talking to the gun

It will greatly affect the game experience.

One of the basic principles of information security is to never trust the user's input. The input here refers to the result of the local operation. The less local computing and the more interaction with the server, the more difficult it is to use the plug-in. " One of the basic principles of information security is to never trust users' input. The input here refers to the result of the local operation. The less local computing and the more interaction with the server, the more difficult it is to use the plug-in. Because a large number of calculations are done locally, and the game is run in memory, there are many ways to use it. The simplest is to use CE to modify the data in memory, there are regular injection and Hook, as well as a variety of masturbation techniques. Taking injection as an example, there are a variety of injection techniques. Here are some of the methods mentioned in the book "the Art of attack and Defense of Game plug-ins":

Registry injection

Remote thread injection

Rely on trusted process injection

APC injection

Message hook injection

Import table injection

Hijack process to create injection

LSP hijacking injection

Input method injection

ComRes injection

Modify the PUBG plug-in of local files

This article is based on this method, the principle is to modify the local game resources (* .pak) to achieve a variety of functions, and PUBG uses BattlEye to achieve anti-plug, the game is running in the background there is a process called BEservice.exe, after entering the game, you can open the task manager to see two obvious PUBG logo processes, another called TslGame.exe is the game process. BEservice.exe 's detection of PAK changes is very strict and constantly updated, which is one of the main reasons why various aids sometimes fail after the game is updated. And basically a plug failure, but also only need to update under the test (BEservice.exe), can be full of blood resurrected.

scientific research

It is said above that basically by modifying the plug-in failure of the pak file, you only need to update the detection. Since the game big shift a few days ago, many of the testing methods on the market have failed. After checking a lot of data and experimenting many times, we have found a method that is stable at present:

Copy a PUBG directory the following is called the bypass directory, rename the PUBG directory to PUBG1, use the mklink command to create the soft link of the bypass directory, name it PUBG, use the mklink command to create the soft link of the functional pak file, put it into the paks directory in the soft link PUBG, log on the steam, randomly open a game, board the plane, delete the soft link created in the paks directory in step 4, delete the PUBG soft link created in the third step, rename the PUBG1 directory back to PUBG.

In this way, the first four steps are initialized and the last three steps are considered to pass the inspection. The copied bypass directory can not be deleted without a big update, that is, if you quit the game, you need to re-invent technology from step 2. To complete this technology is actually very simple, and it only requires some simple file operations. There is not much bb here. Connect the finished product #! / usr/bin/env python#-*-coding: utf-8-*-""

@ Author: NNNNNaiquan

@ Mail: misitenq@gmail.com

"" import configimport osimport shutilclass bypass (): def _ _ init__ (self, steamapps_path): self.steamapps_path = steamapps_path

Self.pubg_path = steamapps_path + 'PUBG' self.bypass_path = steamapps_path +' bypass' if not os.path.exists (self.bypass_path):

L ('Info',unicode (' initializing', 'utf-8') .encode (' gbk'))

Shutil.copytree (self.pubg_path,self.bypass_path) # step 1 shutil.move (self.pubg_path,self.steamapps_path + 'PUBG1') # step 2 l (' Info',unicode ('initialization complete', 'utf-8'). Encode (' gbk'))

Def make_link (self,): pubg_pak_path = self.pubg_path +'\\ TslGame\\ Content\\ Paks\\ TslGame-WindowsNoEditor_ui1.pak' l ('Info',unicode (' creating soft link', 'utf-8'). Encode (' gbk'))

Os.popen ('mklink / j "' + self.pubg_path +'"''+ self.bypass_path +'') # step 3 os.popen ('mklink "' + pubg_pak_path +'"'+ config.FUNC_PAK_PATH +'"') # step 4 l ('Info',unicode (' soft link created successfully', 'utf-8'). Encode (' gbk'))

Def clean (self,): bypass_pak_path = self.bypass_path +'\\ TslGame\\ Content\\ Paks\\ TslGame-WindowsNoEditor_ui1.pak' l ('Info',unicode (' testing', 'utf-8'). Encode (' gbk'))

Os.remove (bypass_pak_path) # step 5 os.popen ('rd / s / Q "'+ self.pubg_path +'') # step 6 shutil.move (self.steamapps_path + 'PUBG1',self.pubg_path) # step 7 l (' Info',unicode ('successfully tested and unrestrained') 'utf-8') .encode (' gbk') def l (if os.path.exists message): print'[% s]% s% (SMagne message) def main (): steamapps_path = config.STEAM_PATH + 'steamapps\\ common\\' if os.path.exists (steamapps_path + 'PUBG'):

Obj = bypass (steamapps_path)

Obj.make_link ()

L ('Info',unicode (' cut back after getting on the plane and press any key to start the test', 'utf-8'). Encode (' gbk'))

Os.system ('pause')

Obj.clean ()

Else:

L ('Warning',unicode (' Please check whether the game directory in the configuration file is correct', 'utf-8') .encode (' gbk')) if _ _ name__ = ='_ _ main__':

Main ()

Before running the script, you need to create a config.py file in the same directory in which you need to put the path format of steam and function pak: STEAM_PATH ='.\\ Steam\\', FUNC_PAK_PATH ='.\\ * .pak 'Scientific experiment uses a VJ's no-back pak to test

Here I will not provide you with functional pak, although you can find it if you want to, and I dare not guarantee that you will not seal the name and do not encourage you to use plug-ins, that's all. Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.