冰楓論壇

標題: TwMS v222.2 技能注入Call分析 [打印本頁]
作者: yutsaihsieh    時間: 2020-2-6 15:57
標題: TwMS v222.2 技能注入Call分析
  1. //TwMS v222.2 技能注入Call分析
  2. Alloc(temp,128) //temp:[ebp-14]
  3. Label(Label1)
  4. Alloc(switch,4)

  6. switch:
  7. dd 0
  8. temp:
  9. db 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

  11. Main:
  12. mov dword ptr [temp+08],00000000
  13. mov dword ptr [temp+10],00000000
  14. cmp [switch],01
  15. jne originalcode
  16. mov [switch],00
  17. pushad
  18. //------------------------------------
  19. mov edi,[03DD1540]
  20. mov ecx,[03DCF228]
  21. lea eax,[temp]
  22. push eax
  23. call 02A01D90
  24. cmp dword ptr [temp+04],00
  25. mov eax,[eax+04]
  26. mov [temp+08],eax
  27. je Label1
  28. push 00
  29. lea ecx,[temp]
  30. call 0047F170
  31. mov [temp+04],00000000
  32. //------------------------------------
  33. Label1:
  34. mov dword ptr [edi+00016660],技能代碼
  35. //------------------------------------
  36. mov ecx,[03DCF220]
  37. lea eax,[temp+10]
  38. push 01
  39. push 00
  40. push 00
  41. push 00
  42. push eax
  43. push [edi+00016660]
  44. mov [temp+10],00000000
  45. push [temp+08]
  46. call 0084ECF0
  47. //------------------------------------
  48. push 00
  49. push 00
  50. push 00
  51. push 00
  52. push 00
  53. push 00
  54. push 00
  55. push 00
  56. push 00
  57. push 00
  58. push 00
  59. push 00
  60. push 00
  61. push 00
  62. push 00
  63. push 00
  64. push 00
  65. push eax
  66. push [temp+10]
  67. mov ecx,edi
  68. call 02657970
  69. mov dword ptr [edi+00016660],00000000
  70. //------------------------------------
  71. popad
複製代碼
懂得用法的歡迎使用
作者: 唔係車大炮    時間: 2020-3-23 09:58
不明覺厲,哈哈



歡迎光臨 冰楓論壇 (https://bingfong.com/) Powered by 冰楓