冰楓論壇

標題: TwMS v233.2 ICS 亞克-自動變身&能量不消耗&移除變身警告 [打印本頁]
作者: 麗麗    時間: 2021-4-13 21:47
標題: TwMS v233.2 ICS 亞克-自動變身&能量不消耗&移除變身警告
  1. // TwMS v233.2 ICS Ark_NoConsumption_Automatic_transformation

  3. [ENABLE]
  4. Alloc(Ark_NoConsumption_Automatic_transformationICS,2048)
  5. Alloc(Ark_NoConsumption_Automatic_transformationSW,4)
  6. RegisterSymbol(Ark_NoConsumption_Automatic_transformationSW)
  7. Label(Ark_NoConsumption_Automatic_transformation)
  8. Label(Ark_NoConsumption)
  9. Label(Hook)
  10. Label(fakecall)
  11. Label(L11)
  12. Label(L22)

  14. Alloc(Ark_NoTransformation_warning_ICS,512)
  15. Alloc(Ark_NoTransformation_warningSW,4)
  16. RegisterSymbol(Ark_NoTransformation_warningSW)
  17. Label(Ark_NoTransformation_warning)

  19. Ark_NoConsumption_Automatic_transformationSW:
  20. DD 1

  22. Ark_NoTransformation_warningSW:
  23. DD 1

  25. Ark_NoConsumption_Automatic_transformationICS:
  26. cmp [esp],02F19923 //8B ? ? ? ? ? 89 ? ? 85 ? 74 ? 8B ? 2B ? 81 ? ? ? ? ? 7C
  27. jne timeGetTime
  28. cmp [Ark_NoConsumption_Automatic_transformationSW],1
  29. jne timeGetTime
  30. mov [esp],Ark_NoConsumption_Automatic_transformation
  31. jmp timeGetTime

  33. Ark_NoTransformation_warning_ICS:
  34. cmp [esp+124],02F43CF4 //6A 03 8B CE E8 ? ? ? ? 8B 3D
  35. jne VariantInit
  36. cmp [Ark_NoTransformation_warningSW],1
  37. jne VariantInit
  38. mov [esp+124],Ark_NoTransformation_warning
  39. jmp VariantInit

  41. Ark_NoConsumption_Automatic_transformation:
  42. // Automatic_transformation
  43. pushad
  44. cmp [0448B638],0
  45. je Ark_NoConsumption
  46. mov eax,[0473ADE0]
  47. mov eax,[eax+04]
  48. cmp eax,2
  49. jne Ark_NoConsumption
  50. mov eax,[0473A268]
  51. mov eax,[eax+14]
  52. mov eax,[eax+019218]
  53. cmp eax,1
  54. jb Ark_NoConsumption
  55. mov eax,[0448B638]
  56. mov eax,[eax+61C]
  57. cmp eax,FFFFFFFF
  58. jne Ark_NoConsumption
  59. mov edi,[0448B638]
  60. push 00
  61. push 00
  62. push 00
  63. sub esp,08
  64. mov ecx,edi
  65. mov eax,esp
  66. push -01
  67. push 00
  68. push 00
  69. push 00
  70. push 00
  71. push 00
  72. push 00
  73. push 00
  74. push 00
  75. push 00
  76. mov [eax+04],00000000
  77. mov eax,[edi]
  78. push 093EA74E
  79. call dword ptr [eax+00000084]
  80. // Automatic_transformation

  82. Ark_NoConsumption:
  83. popad
  84. mov edx,[edi+00003638]
  85. mov [ebp-10],eax
  86. test edx,edx
  87. je Hook
  88. mov ecx,eax
  89. sub ecx,edx
  90. cmp ecx,00001F40
  91. jl Hook
  92. mov [edi+00003638],00000000

  94. Hook:
  95. push eax
  96. mov ecx,edi
  97. call fakecall
  98. jmp 02F1994E

  100. fakecall:
  101. push ebp
  102. mov ebp,esp
  103. push -01
  104. push 03A9CE16
  105. mov eax,fs:[00000000]
  106. push eax
  107. sub esp,3C
  108. push ebx
  109. push esi
  110. push edi
  111. mov eax,[04472154]
  112. xor eax,ebp
  113. push eax
  114. lea eax,[ebp-0C]
  115. mov fs:[00000000],eax
  116. mov esi,ecx
  117. call 02EEAAB0
  118. cmp eax,00003A99
  119. je L11
  120. add eax,FFFFC374
  121. cmp eax,64
  122. jae 02F43FCC

  124. L11:
  125. mov edi,[0448B638]
  126. test edi,edi
  127. je 02F43FCC
  128. lea ecx,[edi+000000C0]
  129. call 011DCA00
  130. test eax,eax
  131. jne 02F43FCC
  132. push 093D20B0
  133. mov ecx,esi
  134. call 02F1BEF0
  135. mov ebx,eax
  136. test ebx,ebx
  137. je L22
  138. call dword ptr [03BDA5D0]
  139. sub ebx,eax
  140. xor ecx,ecx
  141. test ebx,ebx
  142. setg cl
  143. test ecx,ecx
  144. jne 02F43FCC

  146. L22:
  147. mov ecx,edi
  148. call 0297BE40
  149. test al,al
  150. je 02F43ECF
  151. mov ecx,esi
  152. call 02EEF910
  153. mov ecx,eax
  154. call 00CE8E80
  155. test eax,eax
  156. je 02F43FCC
  157. jmp 02F43ECF

  159. Ark_NoTransformation_warning:
  160. push 03
  161. mov ecx,esi
  162. call 02FD7F80
  163. mov edi,[0448B638]
  164. mov bl,al
  165. push 093D1CC7
  166. lea eax,[ebp-2C]
  167. push esi
  168. push eax
  169. call 00B0A1D0
  170. add esp,0C
  171. lea ecx,[ebp-2C]
  172. call 00B0A1A0
  173. test al,al
  174. je 02F43DF5
  175. test edi,edi
  176. je 02F43DF5
  177. mov ecx,edi
  178. call 0297BE40
  179. test al,al
  180. je 02F43DA1
  181. mov ecx,[ebp-20]
  182. mov edi,[esi+00003814]
  183. call 0064EB90
  184. cmp edi,eax
  185. jmp 02F43DA1

  187. 03BDA5D0:
  188. DD Ark_NoConsumption_Automatic_transformationICS

  190. 03BDA458:
  191. DD Ark_NoTransformation_warning_ICS

  193. [DISABLE]
  194. 03BDA5D0:
  195. DD timeGetTime

  197. 03BDA458:
  198. DD VariantInit
複製代碼
作者: qweads    時間: 2021-4-14 13:41
提示: 作者被禁止或刪除 內容自動屏蔽
作者: qq255500    時間: 2021-4-14 14:54
只有能量不消耗的ICS能提供下麽?
作者: qq255500    時間: 2021-4-14 20:19
不知道怎麽拆解這個三合一的數據,Ark_NoConsumption 我知道是我想要的數據,但是開頭和尾巴我不會處理。
作者: btb    時間: 2021-4-15 09:51
本帖最後由 btb 於 2021-4-15 09:55 編輯
qq255500 發表於 2021-4-14 20:19
不知道怎麽拆解這個三合一的數據,Ark_NoConsumption 我知道是我想要的數據,但是開頭和尾巴我不會處理。 ...

// TwMS v233.2 ICS Ark_NoConsumption_Automatic_transformation

[ENABLE]
Alloc(Ark_NoConsumption_Automatic_transformationICS,2048)
Alloc(Ark_NoConsumption_Automatic_transformationSW,4)
RegisterSymbol(Ark_NoConsumption_Automatic_transformationSW)
Label(Ark_NoConsumption_Automatic_transformation)
Label(Ark_NoConsumption)
Label(Hook)
Label(fakecall)
Label(L11)
Label(L22)


Ark_NoConsumption_Automatic_transformationSW:
DD 1



Ark_NoConsumption_Automatic_transformationICS:
cmp [esp],02F19923 //8B ? ? ? ? ? 89 ? ? 85 ? 74 ? 8B ? 2B ? 81 ? ? ? ? ? 7C
jne timeGetTime
cmp [Ark_NoConsumption_Automatic_transformationSW],1
jne timeGetTime
mov [esp],Ark_NoConsumption_Automatic_transformation
jmp timeGetTime



Ark_NoConsumption_Automatic_transformation:
// Automatic_transformation
pushad
cmp [0448B638],0
je Ark_NoConsumption
mov eax,[0473ADE0]
mov eax,[eax+04]
cmp eax,2
jne Ark_NoConsumption
mov eax,[0473A268]
mov eax,[eax+14]
mov eax,[eax+019218]
cmp eax,1
jb Ark_NoConsumption
mov eax,[0448B638]
mov eax,[eax+61C]
cmp eax,FFFFFFFF
jne Ark_NoConsumption
mov edi,[0448B638]
push 00
push 00
push 00
sub esp,08
mov ecx,edi
mov eax,esp
push -01
push 00
push 00
push 00
push 00
push 00
push 00
push 00
push 00
push 00
mov [eax+04],00000000
mov eax,[edi]
push 093EA74E
call dword ptr [eax+00000084]
// Automatic_transformation

Ark_NoConsumption:
popad
mov edx,[edi+00003638]
mov [ebp-10],eax
test edx,edx
je Hook
mov ecx,eax
sub ecx,edx
cmp ecx,00001F40
jl Hook
mov [edi+00003638],00000000

Hook:
push eax
mov ecx,edi
call fakecall
jmp 02F1994E

fakecall:
push ebp
mov ebp,esp
push -01
push 03A9CE16
mov eax,fs:[00000000]
push eax
sub esp,3C
push ebx
push esi
push edi
mov eax,[04472154]
xor eax,ebp
push eax
lea eax,[ebp-0C]
mov fs:[00000000],eax
mov esi,ecx
call 02EEAAB0
cmp eax,00003A99
je L11
add eax,FFFFC374
cmp eax,64
jae 02F43FCC

L11:
mov edi,[0448B638]
test edi,edi
je 02F43FCC
lea ecx,[edi+000000C0]
call 011DCA00
test eax,eax
jne 02F43FCC
push 093D20B0
mov ecx,esi
call 02F1BEF0
mov ebx,eax
test ebx,ebx
je L22
call dword ptr [03BDA5D0]
sub ebx,eax
xor ecx,ecx
test ebx,ebx
setg cl
test ecx,ecx
jne 02F43FCC

L22:
mov ecx,edi
call 0297BE40
test al,al
je 02F43ECF
mov ecx,esi
call 02EEF910
mov ecx,eax
call 00CE8E80
test eax,eax
je 02F43FCC
jmp 02F43ECF



03BDA5D0:
DD Ark_NoConsumption_Automatic_transformationICS

[DISABLE]
03BDA5D0:
DD timeGetTime
//能量不消耗+自動變身
作者: dinmaxfo    時間: 2021-4-15 18:24
想問一下
三合一使用下去好像沒反應?
還是不太穩定
作者: 麗麗    時間: 2021-4-16 10:37
dinmaxfo 發表於 2021-4-15 18:24
想問一下
三合一使用下去好像沒反應?
還是不太穩定

我使用是正常的,沒反應可以使用crc的。
因爲ics很多hook點都是這個api,你不會整合的話會衝突失效。



歡迎光臨 冰楓論壇 (https://bingfong.com/) Powered by 冰楓