Last active
March 23, 2022 10:07
-
-
Save lingsamuel/f776cf7172fbfe0c0e4ab7e060e41c54 to your computer and use it in GitHub Desktop.
eldenring dataviewer, original created by Wulf2K
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# $ErrorActionPreference= 'silentlycontinue' | |
$procname = "eldenring" | |
cls | |
Function RBytes | |
{ | |
Param ( | |
$addr, | |
$sizetoread | |
) | |
[Byte[]] $buff = New-Object Byte[]($sizetoread) | |
$read = $rpm::ReadProcessMemory($proc,$addr,$buff,$buff.length,$null); | |
$buff | |
} | |
Function RAsciiStr | |
{ | |
Param ( | |
$addr | |
) | |
([System.Text.Encoding]::ASCII.GetString($(RBytes $addr 30))).Split([char]0)[0] | |
} | |
Function RInt32 | |
{ | |
Param ( | |
$addr | |
) | |
$sizetoread = 4 | |
[Byte[]] $buff = New-Object Byte[]($sizetoread) | |
$read = $rpm::ReadProcessMemory($proc,$addr,$buff,$buff.length,$null); | |
[bitconverter]::ToInt32($(RBytes $addr 4),0) | |
} | |
Function RInt64 | |
{ | |
Param ( | |
$addr | |
) | |
$sizetoread = 8 | |
[Byte[]] $buff = New-Object Byte[]($sizetoread) | |
$read = $rpm::ReadProcessMemory($proc,$addr,$buff,$buff.length,$null); | |
[bitconverter]::ToInt64($(RBytes $addr 8),0) | |
} | |
Function RSingle | |
{ | |
Param ( | |
$addr | |
) | |
$sizetoread = 4 | |
[Byte[]] $buff = New-Object Byte[]($sizetoread) | |
$read = $rpm::ReadProcessMemory($proc,$addr,$buff,$buff.length,$null); | |
[bitconverter]::ToSingle($(RBytes $addr 4),0) | |
} | |
Function RUniStr | |
{ | |
Param ( | |
$addr | |
) | |
([System.Text.Encoding]::Unicode.GetString($(RBytes $addr 60))).Split("`0")[0] | |
} | |
$signature = @" | |
[DllImport("kernel32.dll")] public static extern IntPtr OpenProcess( | |
uint h,bool b ,uint p); | |
[DllImport("kernel32.dll")] public static extern bool ReadProcessMemory( | |
IntPtr hp,IntPtr Base,[Out]Byte[] buff,int Size,[Out]int bread); | |
"@ | |
$rpm = Add-Type -MemberDefinition $signature -Name rpm -PassThru | |
$access = 0x001F0FFF | |
$signature = @' | |
[DllImport("user32.dll")] | |
public static extern bool SetWindowPos( | |
IntPtr hWnd, | |
IntPtr hWndInsertAfter, | |
int X, | |
int Y, | |
int cx, | |
int cy, | |
uint uFlags); | |
'@ | |
$type = Add-Type -MemberDefinition $signature -Name SetWindowPosition -Namespace SetWindowPos -Using System.Text -PassThru | |
$handle = (Get-Process -id $Global:PID).MainWindowHandle | |
$alwaysOnTop = New-Object -TypeName System.IntPtr -ArgumentList (-1) | |
$type::SetWindowPos($handle, $alwaysOnTop, 0, 0, 0, 0, 0x0003) | |
$lastTargetHandle = 0 | |
$lastTargetArea = 0 | |
$lastEnemyIns = 0 | |
while ($true) { | |
$ba = (get-Process $procname).MainModule.BaseAddress.ToInt64() | |
$procid = (get-Process $procname).ID | |
$proc = $rpm::OpenProcess($access, $false, $procid) | |
$enemyins = 0 | |
$worldchrman = RInt64 ($ba + 0x3c64e38) | |
$playerins = RInt64 ($worldchrman + 0x18468) | |
$targethandle = RInt32 ($playerins + 0x6a8) | |
$targetarea = RInt32 ($playerins + 0x6ac) | |
if($targethandle -le 0 -or $targetarea -le 0) { | |
"No target" | |
Sleep 0.75 | |
continue | |
} | |
if($lastTargetHandle -ne 0 -and $lastTargetArea -ne 0) { | |
# Try load cache EnemyIns | |
if($lastTargetHandle -eq $targethandle -and $lastTargetArea -eq $targetarea -and $lastEnemyIns -ne 0) { | |
"load cache" | |
$enemyins = $lastEnemyIns | |
} else { | |
# clear cache | |
$lastTargetHandle = 0 | |
$lastTargetArea = 0 | |
$lastEnemyIns = 0 | |
} | |
} | |
#numworldblockchr = RInt32 ($worldchrman + 0xb528) | |
$worldblockchrStart = $worldchrman + 0x330 | |
$worldblockchr = $worldblockchrStart | |
$worldblockOffset = 0x160 | |
if ($enemyins -eq 0) { | |
while($true) { | |
$numchrs = RInt32 ($worldblockchr + 0x88) | |
$chrset = RInt64 ($worldblockchr + 0x90) | |
for ($i=0; $i -le $numchrs; $i++) { | |
$enemyins = RInt64 ($chrset + $i * 0x10) | |
$enemyhandle = RInt32 ($enemyins + 8) | |
$enemyarea = RInt32 ($enemyins + 0xc) | |
if (($targethandle -eq $enemyhandle) -and ($targetarea -eq $enemyarea)) { | |
break | |
} else { | |
$enemyins = 0 | |
} | |
} | |
if ($enemyins -ne 0) { | |
break | |
} | |
# Try next block | |
# I don't know exactly what assertVal is, but it always seems to be -1. | |
$assertVal = RInt64($worldblockchr + 0x80) | |
if ($assertVal -eq -1) { | |
$worldblockchr = $worldblockchr + $worldblockOffset | |
} else { | |
break | |
} | |
} | |
} | |
# return | |
# TryLoad loads charset obejct from baseAddr and offset | |
Function TryLoad { | |
Param ( | |
$base_addr, | |
$addr_offset | |
) | |
$chrset1 = RInt64 ($base_addr + $addr_offset) | |
$numentries1 = RInt32 ($chrset1 + 0x20) | |
if($numentries1 -le 0){ | |
return 0 | |
} | |
if($numentries1 -ge 1000){ | |
return 0 | |
} | |
for ($i=0; $i -le $numentries1; $i++) { | |
$enemyhandle = RInt32 ($chrset1 + 0x78 + ($i * 0x10)) | |
$enemyarea = RInt32 ($chrset1 + 0x78 + 4 + ($i * 0x10)) | |
if (($targethandle -eq $enemyhandle) -and ($targetarea -eq $enemyarea)) { | |
$enemyins = RInt64 ($chrset1 + 0x78 + 8 + ($i * 0x10)) | |
} | |
if ($enemyins -ne 0) { | |
return $enemyins | |
} | |
} | |
return 0 | |
} | |
if ($enemyins -eq 0) { | |
$enemyins = TryLoad $worldchrman 0x17420 | |
if ($enemyins -eq 0) { | |
$enemyins = TryLoad $worldchrman 0x17438 | |
} | |
} | |
if ($enemyins -ne 0) { | |
$lastTargetHandle = $targethandle | |
$lastTargetArea = $targetarea | |
$lastEnemyIns = $enemyins | |
} else { | |
"Failed to find enemyins" | |
continue | |
} | |
cls | |
$enedata = RInt64 (RInt64 ($enemyins + 0x190)) | |
$resdata = RInt64 ((RInt64 ($enemyins + 0x190)) + 0x20) | |
$stagdata = RInt64 ((RInt64 ($enemyins + 0x190)) + 0x40) | |
$model = RUniStr ($enedata + 0xc8) | |
$name = RUniStr ($enedata + 0x1a0) | |
$currhp = RInt32 ($enedata + 0x138) | |
$maxhp = RInt32 ($enedata + 0x140) | |
$currfp = RInt32 ($enedata + 0x148) | |
$maxfp = RInt32 ($enedata + 0x14c) | |
$currstam = RInt32 ($enedata + 0x154) | |
$maxstam = RInt32 ($enedata + 0x158) | |
$currpoison = RInt32 ($resdata + 0x10) | |
$maxpoison = RInt32 ($resdata + 0x2c) | |
$currrot = RInt32 ($resdata + 0x14) | |
$maxrot = RInt32 ($resdata + 0x30) | |
$currbleed = RInt32 ($resdata + 0x18) | |
$maxbleed = RInt32 ($resdata + 0x34) | |
$currblight = RInt32 ($resdata + 0x1c) | |
$maxblight = RInt32 ($resdata + 0x38) | |
$currfrost = RInt32 ($resdata + 0x20) | |
$maxfrost = RInt32 ($resdata + 0x3c) | |
$currsleep = RInt32 ($resdata + 0x24) | |
$maxsleep = RInt32 ($resdata + 0x40) | |
$currmad = RInt32 ($resdata + 0x28) | |
$maxmad = RInt32 ($resdata + 0x44) | |
$currstag = RSingle ($stagdata + 0x10) | |
$maxstag = RSingle ($stagdata + 0x14) | |
$enedata_addr = ($enemyins + 0x190) | |
"" | |
# "Model: " + $model | |
# $name | |
"" | |
"HP: " + $currhp + " / " + $maxhp | |
"FP: " + $currfp + " / " + $maxfp | |
"SP: " + $currstam + " / " + $maxstam | |
"" | |
"Stagger: " + $currstag + " / " + $maxstag | |
"" | |
"Poison: " + $currpoison + " / " + $maxpoison | |
"Rot: " + $currrot + " / " + $maxrot | |
"Bleed: " + $currbleed + " / " + $maxbleed | |
"Blight: " + $currblight + " / " + $maxblight | |
"Frost: " + $currfrost + " / " + $maxfrost | |
"Sleep: " + $currsleep + " / " + $maxsleep | |
"Madness: " + $currmad + " / " + $maxmad | |
Sleep 0.5 | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment