TwMs AllVer 取得ics數據之esp+xx
本帖最後由 yutsaihsieh 於 2018-11-2 22:04 編輯CT中以人物損血不後退為示範
舉例:
完全無敵ICS
00474861 - FF 15 C42F7003 - call dword ptr { ->0163B260 }
call dword ptr { ->Addr2}
Addr3=020DC99A
//TwMs 211.2 取得ics數據之esp+xx
//Author:yutsaihsieh
alloc(hook,256)
alloc(offset,8)
alloc(find,4)
alloc(count,4)
alloc(found,128)
alloc(reset,128)
alloc(return,128)
registersymbol(offset)
registersymbol(find)
Addr1:
DD hook
hook:
cmp ,1
je return
push eax
push
pop eax
cmp ,Addr3
pop eax
je found
inc
add ,4
cmp ,100 //跳掉可以把這邊改低一點
jl hook
jmp reset
found:
mov ,1
sub ,4
jmp return
reset:
mov ,0
mov ,0
jmp return
return:
jmp Addr2
Addr1:
DD Addr2
頁:
[1]