冰楓論壇
標題:
TwMS v270.1 定點生怪
[打印本頁]
作者:
prt
時間:
2025-5-19 05:57
標題:
TwMS v270.1 定點生怪
// TwMS v270.1 定點生怪
//太長了
[ENABLE]
Alloc(shengguaiics, 5200,145796967)
label(shengguaihook)
shengguaiics:
push rax
mov rax,145796967
cmp [rsp+68],rax
jne return
mov rax,shengguaihook
mov [rsp+68],rax
jmp return
return:
pop rax
jmp GetLastError
shengguaihook:
mov [r12+00001054],405 //X-Point
mov [r12+00001058],9b //Y-Point
lea ecx,[r12-00003760]
add ecx,eax
mov [r12+000008A8],ecx
mov rcx,[r12+000008A0]
movzx eax,byte ptr [r12+0000089C]
mov [rcx+05],al
mov rcx,[r12+000008A0]
movzx eax,byte ptr [r12+000008A8]
mov [rcx+06],al
mov [rbp+50],r13d
mov ecx,[r12+00000898]
inc ecx
mov [r12+00000898],ecx
mov eax,939A85C5
imul ecx
add edx,ecx
sar edx,06
mov eax,edx
shr eax,1F
add edx,eax
imul eax,edx,6F
cmp ecx,eax
//jne 145796A0B
call 146F40978
mov rcx,[r12+000008A0]
mov [rcx+04],al
mov rcx,[r12+000008A0]
movzx r9d,byte ptr [rcx+04]
mov eax,00009A65
mov [rcx+08],ax
mov esi,r13d
lea rbx,[rcx+02]
lea r14,[rbp+50]
sub r14,rcx
lea r11,[rbp+51]
sub r11,rcx
lea rdi,[rbp+50]
sub rdi,rcx
mov r15d,0000002A
nop dword ptr [rax+00]
nop word ptr [rax+rax+00000000]
movzx r10d,r9l
test r9l,r9l
cmove r10d,r15d
movzx eax,r10l
xor al,[r14+rbx-02]
mov [rbx-02],al
add al,r15l
add r10l,al
movzx r9d,r10l
mov r8,[r12+000008A0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r10l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test r10l,r10l
cmovne ecx,r9d
movzx eax,cl
xor al,[r11+rbx-02]
mov [rbx-01],al
add cl,r15l
add al,cl
movzx r9d,al
mov r8,[r12+000008A0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test al,al
cmovne ecx,r9d
movzx eax,cl
xor al,[rdi+rbx]
mov [rbx],al
add cl,r15l
add al,cl
movzx r9d,al
mov r8,[r12+000008A0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov eax,r15d
test r9l,r9l
cmovne eax,r9d
movzx r9d,al
xor r9l,[r11+rbx]
mov [rbx+01],r9l
add al,r15l
add r9l,al
mov r8,[r12+000008A0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r9l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
add esi,04
lea rbx,[rbx+04]
cmp esi,04
jb 145796A60
mov [r12+000008B0],r13d
mov edx,0000000C
lea rcx,[148E9BA20]
call 14029FEF0
mov [r12+000008B8],rax
call 146F40978
lea ecx,[r12-00003748]
add ecx,eax
mov [r12+000008B4],ecx
call 146F40978
lea ecx,[r12-00003748]
add ecx,eax
mov [r12+000008C0],ecx
mov rcx,[r12+000008B8]
movzx eax,byte ptr [r12+000008B4]
mov [rcx+05],al
mov rcx,[r12+000008B8]
movzx eax,byte ptr [r12+000008C0]
mov [rcx+06],al
mov [rbp+58],r13d
mov ecx,[r12+000008B0]
inc ecx
mov [r12+000008B0],ecx
mov eax,939A85C5
imul ecx
add edx,ecx
sar edx,06
mov eax,edx
shr eax,1F
add edx,eax
imul eax,edx,6F
cmp ecx,eax
call 146F40978
mov rcx,[r12+000008B8]
mov [rcx+04],al
mov rcx,[r12+000008B8]
movzx r9d,byte ptr [rcx+04]
mov eax,00009A65
mov [rcx+08],ax
mov esi,r13d
lea rbx,[rcx+02]
lea r14,[rbp+58]
sub r14,rcx
lea r11,[rbp+59]
sub r11,rcx
lea rdi,[rbp+58]
sub rdi,rcx
movzx r10d,r9l
test r9l,r9l
cmove r10d,r15d
movzx eax,r10l
xor al,[r14+rbx-02]
mov [rbx-02],al
add al,2A
add r10l,al
movzx r9d,r10l
mov r8,[r12+000008B8]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r10l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test r10l,r10l
cmovne ecx,r9d
movzx eax,cl
xor al,[r11+rbx-02]
mov [rbx-01],al
add cl,2A
add al,cl
movzx r9d,al
mov r8,[r12+000008B8]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test al,al
cmovne ecx,r9d
movzx eax,cl
xor al,[rdi+rbx]
mov [rbx],al
add cl,2A
add al,cl
movzx r9d,al
mov r8,[r12+000008B8]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov eax,r15d
test r9l,r9l
cmovne eax,r9d
movzx r9d,al
xor r9l,[r11+rbx]
mov [rbx+01],r9l
add al,2A
add r9l,al
mov r8,[r12+000008B8]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r9l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
add esi,04
lea rbx,[rbx+04]
cmp esi,04
jb 145796CA0
mov [r12+000008C8],r13d
mov edx,0000000C
lea rcx,[148E9BA20]
call 14029FEF0
mov [r12+000008D0],rax
call 146F40978
lea ecx,[r12-00003730]
add ecx,eax
mov [r12+000008CC],ecx
call 146F40978
lea ecx,[r12-00003730]
add ecx,eax
mov [r12+000008D8],ecx
mov rcx,[r12+000008D0]
movzx eax,byte ptr [r12+000008CC]
mov [rcx+05],al
mov rcx,[r12+000008D0]
movzx eax,byte ptr [r12+000008D8]
mov [rcx+06],al
mov [rbp+60],r13d
mov ecx,[r12+000008C8]
inc ecx
mov [r12+000008C8],ecx
mov eax,939A85C5
imul ecx
add edx,ecx
sar edx,06
mov eax,edx
shr eax,1F
add edx,eax
imul eax,edx,6F
cmp ecx,eax
call 146F40978
mov rcx,[r12+000008D0]
mov [rcx+04],al
mov rcx,[r12+000008D0]
movzx r9d,byte ptr [rcx+04]
mov eax,00009A65
mov [rcx+08],ax
mov esi,r13d
lea rbx,[rcx+02]
lea r14,[rbp+60]
sub r14,rcx
lea r11,[rbp+61]
sub r11,rcx
lea rdi,[rbp+60]
sub rdi,rcx
nop 2
movzx r10d,r9l
test r9l,r9l
cmove r10d,r15d
movzx eax,r10l
xor al,[r14+rbx-02]
mov [rbx-02],al
add al,2A
add r10l,al
movzx r9d,r10l
mov r8,[r12+000008D0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r10l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test r10l,r10l
cmovne ecx,r9d
movzx eax,cl
xor al,[r11+rbx-02]
mov [rbx-01],al
add cl,2A
add al,cl
movzx r9d,al
mov r8,[r12+000008D0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test al,al
cmovne ecx,r9d
movzx eax,cl
xor al,[rdi+rbx]
mov [rbx],al
add cl,2A
add al,cl
movzx r9d,al
mov r8,[r12+000008D0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov eax,r15d
test r9l,r9l
cmovne eax,r9d
movzx r9d,al
xor r9l,[r11+rbx]
mov [rbx+01],r9l
add al,2A
add r9l,al
mov r8,[r12+000008D0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r9l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
add esi,04
lea rbx,[rbx+04]
cmp esi,04
jb 145796EE0
mov [r12+000008E0],r13d
mov edx,0000000C
lea rcx,[148E9BA20]
call 14029FEF0
mov [r12+000008E8],rax
call 146F40978
lea ecx,[r12-00003718]
add ecx,eax
mov [r12+000008E4],ecx
call 146F40978
lea ecx,[r12-00003718]
add ecx,eax
mov [r12+000008F0],ecx
mov rcx,[r12+000008E8]
movzx eax,byte ptr [r12+000008E4]
mov [rcx+05],al
mov rcx,[r12+000008E8]
movzx eax,byte ptr [r12+000008F0]
mov [rcx+06],al
mov [rbp-58],r13d
mov ecx,[r12+000008E0]
inc ecx
mov [r12+000008E0],ecx
mov eax,939A85C5
imul ecx
add edx,ecx
sar edx,06
mov eax,edx
shr eax,1F
add edx,eax
imul eax,edx,6F
cmp ecx,eax
call 146F40978
mov rcx,[r12+000008E8]
mov [rcx+04],al
mov rcx,[r12+000008E8]
movzx r9d,byte ptr [rcx+04]
mov eax,00009A65
mov [rcx+08],ax
mov esi,r13d
lea rbx,[rcx+02]
lea r14,[rbp-58]
sub r14,rcx
lea r11,[rbp-57]
sub r11,rcx
lea rdi,[rbp-58]
sub rdi,rcx
nop 2
movzx r10d,r9l
test r9l,r9l
cmove r10d,r15d
movzx eax,r10l
xor al,[r14+rbx-02]
mov [rbx-02],al
add al,2A
add r10l,al
movzx r9d,r10l
mov r8,[r12+000008E8]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r10l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test r10l,r10l
cmovne ecx,r9d
movzx eax,cl
xor al,[r11+rbx-02]
mov [rbx-01],al
add cl,2A
add al,cl
movzx r9d,al
mov r8,[r12+000008E8]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test al,al
cmovne ecx,r9d
movzx eax,cl
xor al,[rdi+rbx]
mov [rbx],al
add cl,2A
add al,cl
movzx r9d,al
mov r8,[r12+000008E8]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov eax,r15d
test r9l,r9l
cmovne eax,r9d
movzx r9d,al
xor r9l,[r11+rbx]
mov [rbx+01],r9l
add al,2A
add r9l,al
mov r8,[r12+000008E8]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r9l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
add esi,04
lea rbx,[rbx+04]
cmp esi,04
jb 145797120
lea rcx,[r12+00000900]
call 145863810
lea rcx,[r12+00000948]
call 145863810
lea rcx,[r12+00000988]
call 145863810
lea rcx,[r12+000009D0]
call 145863810
lea rcx,[r12+00000A10]
call 145863810
lea rcx,[r12+00000A50]
call 14056B8E0
nop
lea rcx,[r12+00000A68]
call 14056B8E0
nop
lea rcx,[r12+00000A80]
call 14056B8E0
nop
lea rcx,[r12+00000A98]
call 14056B8E0
nop
lea rcx,[r12+00000AB0]
call 145863810
lea rcx,[r12+00000AF0]
call 145863810
lea rcx,[r12+00000B30]
call 145863810
lea rcx,[r12+00000B78]
call 14056B8E0
nop
lea rcx,[r12+00000B90]
call 14056B8E0
nop
lea rcx,[r12+00000BB0]
call 1412C2B60
nop
lea rcx,[r12+00000BE0]
call 1411E7060
nop
lea rcx,[r12+00000C40]
call 1412C2B60
nop
lea rcx,[r12+00000C70]
call 1417A5DF0
nop
lea rcx,[r12+00000C88]
call 14056B8E0
nop
lea rcx,[r12+00000CA0]
call 14056B8E0
nop
mov [r12+00000CB8],r13d
mov edx,0000000C
lea rcx,[148E9BA20]
call 14029FEF0
mov [r12+00000CC0],rax
call 146F40978
lea ecx,[r12-00003340]
add ecx,eax
mov [r12+00000CBC],ecx
call 146F40978
lea ecx,[r12-00003340]
add ecx,eax
mov [r12+00000CC8],ecx
mov rcx,[r12+00000CC0]
movzx eax,byte ptr [r12+00000CBC]
mov [rcx+05],al
mov rcx,[r12+00000CC0]
movzx eax,byte ptr [r12+00000CC8]
mov [rcx+06],al
mov [rbp-50],r13d
mov ecx,[r12+00000CB8]
inc ecx
mov [r12+00000CB8],ecx
mov eax,939A85C5
imul ecx
add edx,ecx
sar edx,06
mov eax,edx
shr eax,1F
add edx,eax
imul eax,edx,6F
cmp ecx,eax
call 146F40978
mov rcx,[r12+00000CC0]
mov [rcx+04],al
mov rcx,[r12+00000CC0]
movzx r9d,byte ptr [rcx+04]
mov eax,00009A65
mov [rcx+08],ax
mov esi,r13d
lea rbx,[rcx+02]
lea r14,[rbp-50]
sub r14,rcx
lea r11,[rbp-4F]
sub r11,rcx
lea rdi,[rbp-50]
sub rdi,rcx
nop 2
movzx r10d,r9l
test r9l,r9l
cmove r10d,r15d
movzx eax,r10l
xor al,[r14+rbx-02]
mov [rbx-02],al
add al,2A
add r10l,al
movzx r9d,r10l
mov r8,[r12+00000CC0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r10l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test r10l,r10l
cmovne ecx,r9d
movzx eax,cl
xor al,[r11+rbx-02]
mov [rbx-01],al
add cl,2A
add al,cl
movzx r9d,al
mov r8,[r12+00000CC0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test al,al
cmovne ecx,r9d
movzx eax,cl
xor al,[rdi+rbx]
mov [rbx],al
add cl,2A
add al,cl
movzx r9d,al
mov r8,[r12+00000CC0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov eax,r15d
test r9l,r9l
cmovne eax,r9d
movzx r9d,al
xor r9l,[r11+rbx]
mov [rbx+01],r9l
add al,2A
add r9l,al
mov r8,[r12+00000CC0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r9l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
add esi,04
lea rbx,[rbx+04]
cmp esi,04
jb 145797470
mov [r12+00000CD0],r13d
mov edx,0000000C
lea rcx,[148E9BA20]
call 14029FEF0
mov [r12+00000CD8],rax
call 146F40978
lea ecx,[r12-00003328]
add ecx,eax
mov [r12+00000CD4],ecx
call 146F40978
lea ecx,[r12-00003328]
add ecx,eax
mov [r12+00000CE0],ecx
mov rcx,[r12+00000CD8]
movzx eax,byte ptr [r12+00000CD4]
mov [rcx+05],al
mov rcx,[r12+00000CD8]
movzx eax,byte ptr [r12+00000CE0]
mov [rcx+06],al
mov [rbp-48],r13d
mov ecx,[r12+00000CD0]
inc ecx
mov [r12+00000CD0],ecx
mov eax,939A85C5
imul ecx
add edx,ecx
sar edx,06
mov eax,edx
shr eax,1F
add edx,eax
imul eax,edx,6F
cmp ecx,eax
call 146F40978
mov rcx,[r12+00000CD8]
mov [rcx+04],al
mov rcx,[r12+00000CD8]
movzx r9d,byte ptr [rcx+04]
mov eax,00009A65
mov [rcx+08],ax
mov esi,r13d
lea rbx,[rcx+02]
lea r14,[rbp-48]
sub r14,rcx
lea r11,[rbp-47]
sub r11,rcx
lea rdi,[rbp-48]
sub rdi,rcx
nop 2
movzx r10d,r9l
test r9l,r9l
cmove r10d,r15d
movzx eax,r10l
xor al,[r14+rbx-02]
mov [rbx-02],al
add al,2A
add r10l,al
movzx r9d,r10l
mov r8,[r12+00000CD8]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r10l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test r10l,r10l
cmovne ecx,r9d
movzx eax,cl
xor al,[r11+rbx-02]
mov [rbx-01],al
add cl,2A
add al,cl
movzx r9d,al
mov r8,[r12+00000CD8]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test al,al
cmovne ecx,r9d
movzx eax,cl
xor al,[rdi+rbx]
mov [rbx],al
add cl,2A
add al,cl
movzx r9d,al
mov r8,[r12+00000CD8]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov eax,r15d
test r9l,r9l
cmovne eax,r9d
movzx r9d,al
xor r9l,[r11+rbx]
mov [rbx+01],r9l
add al,2A
add r9l,al
mov r8,[r12+00000CD8]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r9l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
add esi,04
lea rbx,[rbx+04]
cmp esi,04
jb 1457976B0
mov [r12+00000CE8],r13d
mov edx,0000000C
lea rcx,[148E9BA20]
call 14029FEF0
mov [r12+00000CF0],rax
call 146F40978
lea ecx,[r12-00003310]
add ecx,eax
mov [r12+00000CEC],ecx
call 146F40978
lea ecx,[r12-00003310]
add ecx,eax
mov [r12+00000CF8],ecx
mov rcx,[r12+00000CF0]
movzx eax,byte ptr [r12+00000CEC]
mov [rcx+05],al
mov rcx,[r12+00000CF0]
movzx eax,byte ptr [r12+00000CF8]
mov [rcx+06],al
mov [rbp-40],00000001
mov ecx,[r12+00000CE8]
inc ecx
mov [r12+00000CE8],ecx
mov eax,939A85C5
imul ecx
add edx,ecx
sar edx,06
mov eax,edx
shr eax,1F
add edx,eax
imul eax,edx,6F
cmp ecx,eax
call 146F40978
mov rcx,[r12+00000CF0]
mov [rcx+04],al
mov rcx,[r12+00000CF0]
movzx r9d,byte ptr [rcx+04]
mov eax,00009A65
mov [rcx+08],ax
mov esi,r13d
lea rbx,[rcx+02]
lea r14,[rbp-40]
sub r14,rcx
lea r11,[rbp-3F]
sub r11,rcx
lea rdi,[rbp-40]
sub rdi,rcx
movzx r10d,r9l
test r9l,r9l
cmove r10d,r15d
movzx eax,r10l
xor al,[r14+rbx-02]
mov [rbx-02],al
add al,2A
add r10l,al
movzx r9d,r10l
mov r8,[r12+00000CF0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r10l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test r10l,r10l
cmovne ecx,r9d
movzx eax,cl
xor al,[r11+rbx-02]
mov [rbx-01],al
add cl,2A
add al,cl
movzx r9d,al
mov r8,[r12+00000CF0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test al,al
cmovne ecx,r9d
movzx eax,cl
xor al,[rdi+rbx]
mov [rbx],al
add cl,2A
add al,cl
movzx r9d,al
mov r8,[r12+00000CF0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov eax,r15d
test r9l,r9l
cmovne eax,r9d
movzx r9d,al
xor r9l,[r11+rbx]
mov [rbx+01],r9l
add al,2A
add r9l,al
mov r8,[r12+00000CF0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r9l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
add esi,04
lea rbx,[rbx+04]
cmp esi,04
jb 1457978F1
mov [r12+00000D00],r13d
mov edx,0000000C
lea rcx,[148E9BA20]
call 14029FEF0
mov [r12+00000D08],rax
call 146F40978
lea ecx,[r12-000032F8]
add ecx,eax
mov [r12+00000D04],ecx
call 146F40978
lea ecx,[r12-000032F8]
add ecx,eax
mov [r12+00000D10],ecx
mov rcx,[r12+00000D08]
movzx eax,byte ptr [r12+00000D04]
mov [rcx+05],al
mov rcx,[r12+00000D08]
movzx eax,byte ptr [r12+00000D10]
mov [rcx+06],al
mov [rbp-38],r13d
mov ecx,[r12+00000D00]
inc ecx
mov [r12+00000D00],ecx
mov eax,939A85C5
imul ecx
add edx,ecx
sar edx,06
mov eax,edx
shr eax,1F
add edx,eax
imul eax,edx,6F
cmp ecx,eax
call 146F40978
mov rcx,[r12+00000D08]
mov [rcx+04],al
mov rcx,[r12+00000D08]
movzx r9d,byte ptr [rcx+04]
mov eax,00009A65
mov [rcx+08],ax
mov esi,r13d
lea rbx,[rcx+02]
lea r14,[rbp-38]
sub r14,rcx
lea r11,[rbp-37]
sub r11,rcx
lea rdi,[rbp-38]
sub rdi,rcx
nop
movzx r10d,r9l
test r9l,r9l
cmove r10d,r15d
movzx eax,r10l
xor al,[r14+rbx-02]
mov [rbx-02],al
add al,2A
add r10l,al
movzx r9d,r10l
mov r8,[r12+00000D08]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r10l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test r10l,r10l
cmovne ecx,r9d
movzx eax,cl
xor al,[r11+rbx-02]
mov [rbx-01],al
add cl,2A
add al,cl
movzx r9d,al
mov r8,[r12+00000D08]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test al,al
cmovne ecx,r9d
movzx eax,cl
xor al,[rdi+rbx]
mov [rbx],al
add cl,2A
add al,cl
movzx r9d,al
mov r8,[r12+00000D08]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov eax,r15d
test r9l,r9l
cmovne eax,r9d
movzx r9d,al
xor r9l,[r11+rbx]
mov [rbx+01],r9l
add al,2A
add r9l,al
mov r8,[r12+00000D08]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r9l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
add esi,04
lea rbx,[rbx+04]
cmp esi,04
jb 145797B30
lea rcx,[r12+00000D18]
call 14056B8E0
nop
lea rcx,[r12+00000D30]
call 14056B8E0
nop
lea rcx,[r12+00000D48]
call 14056B8E0
nop
lea rcx,[r12+00000D60]
call 14056B8E0
nop
lea rcx,[r12+00000D78]
call 14056B8E0
nop
lea rcx,[r12+00000D90]
call 14056B8E0
nop
lea rcx,[r12+00000DA8]
call 1417A5DF0
nop
mov [r12+00000DD4],r13d
lea rcx,[r12+00000DD8]
call 14056B8E0
nop
lea rcx,[r12+00000DF0]
call 14056B8E0
nop
lea rcx,[r12+00000E10]
call 14056B8E0
nop
lea rcx,[r12+00000E28]
call 14056B8E0
nop
mov [r12+00000E40],r13d
lea rcx,[r12+00000E48]
call 1412C1B90
nop
lea rcx,[r12+00000E60]
call 1412C1B90
nop
lea rcx,[r12+00000E78]
call 14056B8E0
nop
mov word ptr [r12+00000E90],0000
mov [r12+00000E94],r13
mov [r12+00000E9C],r13d
lea r15,[r12+00000EA0]
mov [rbp-18],r15
mov rcx,r15
call 14056B8E0
nop
lea rsi,[r15+18]
mov rcx,rsi
call 14056B8E0
nop
lea r14,[r15+30]
mov rcx,r14
call 14056B8E0
nop
lea rdi,[r15+48]
mov rcx,rdi
call 1417A5DF0
nop
lea rbx,[r15+60]
mov rcx,rbx
call 1412C2B60
mov [r15+00000090],r15
mov [r15+00000098],rsi
mov [r15+000000A0],r14
mov [r15+000000A8],r15
mov [r15+000000B0],r15
mov [r15+000000B8],rsi
mov [r15+000000C0],rdi
mov [r15+000000C8],r14
mov [r15+000000D0],rbx
mov [r15+000000D8],rdi
mov [r15+000000E0],r15
mov [r15+000000E8],r14
lea rcx,[r12+00000F90]
call 140396830
nop
mov [r12+00000FA8],r13d
mov edx,0000000C
lea rcx,[148E9BA20]
call 14029FEF0
mov [r12+00000FB0],rax
call 146F40978
lea ecx,[r12-00003050]
add ecx,eax
mov [r12+00000FAC],ecx
call 146F40978
lea ecx,[r12-00003050]
add ecx,eax
mov [r12+00000FB8],ecx
mov rcx,[r12+00000FB0]
movzx eax,byte ptr [r12+00000FAC]
mov [rcx+05],al
mov rcx,[r12+00000FB0]
movzx eax,byte ptr [r12+00000FB8]
mov [rcx+06],al
mov [rbp-30],r13d
mov ecx,[r12+00000FA8]
inc ecx
mov [r12+00000FA8],ecx
mov eax,939A85C5
imul ecx
add edx,ecx
sar edx,06
mov eax,edx
shr eax,1F
add edx,eax
imul eax,edx,6F
cmp ecx,eax
call 146F40978
mov rcx,[r12+00000FB0]
mov [rcx+04],al
mov rcx,[r12+00000FB0]
movzx r9d,byte ptr [rcx+04]
mov eax,00009A65
mov [rcx+08],ax
mov esi,r13d
lea rbx,[rcx+02]
lea r14,[rbp-30]
sub r14,rcx
lea r11,[rbp-2F]
sub r11,rcx
lea rdi,[rbp-30]
sub rdi,rcx
mov r15d,0000002A
nop dword ptr [rax]
movzx r10d,r9l
test r9l,r9l
cmove r10d,r15d
movzx eax,r10l
xor al,[r14+rbx-02]
mov [rbx-02],al
add al,r15l
add r10l,al
movzx r9d,r10l
mov r8,[r12+00000FB0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r10l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test r10l,r10l
cmovne ecx,r9d
movzx eax,cl
xor al,[r11+rbx-02]
mov [rbx-01],al
add cl,r15l
add al,cl
movzx r9d,al
mov r8,[r12+00000FB0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test al,al
cmovne ecx,r9d
movzx eax,cl
xor al,[rdi+rbx]
mov [rbx],al
add cl,r15l
add al,cl
movzx r9d,al
mov r8,[r12+00000FB0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov eax,r15d
test r9l,r9l
cmovne eax,r9d
movzx r9d,al
xor r9l,[r11+rbx]
mov [rbx+01],r9l
add al,r15l
add r9l,al
mov r8,[r12+00000FB0]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r9l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
add esi,04
lea rbx,[rbx+04]
cmp esi,04
jb 145797F10
mov [r12+00000FC0],r13d
mov edx,0000000C
lea rcx,[148E9BA20]
call 14029FEF0
mov [r12+00000FC8],rax
call 146F40978
lea ecx,[r12-00003038]
add ecx,eax
mov [r12+00000FC4],ecx
call 146F40978
lea ecx,[r12-00003038]
add ecx,eax
mov [r12+00000FD0],ecx
mov rdx,[r12+00000FC8]
movzx ecx,byte ptr [r12+00000FC4]
mov [rdx+05],cl
mov rdx,[r12+00000FC8]
movzx ecx,byte ptr [r12+00000FD0]
mov [rdx+06],cl
mov [rbp-28],r13d
mov ecx,[r12+00000FC0]
inc ecx
mov [r12+00000FC0],ecx
mov eax,939A85C5
imul ecx
add edx,ecx
sar edx,06
mov eax,edx
shr eax,1F
add edx,eax
imul eax,edx,6F
cmp ecx,eax
call 146F40978
mov rcx,[r12+00000FC8]
mov [rcx+04],al
mov rcx,[r12+00000FC8]
movzx r9d,byte ptr [rcx+04]
mov eax,00009A65
mov [rcx+08],ax
mov esi,r13d
lea r11,[rcx+02]
lea r14,[rbp-28]
sub r14,rcx
lea rbx,[rbp-27]
sub rbx,rcx
lea rdi,[rbp-28]
sub rdi,rcx
nop dword ptr [rax+00]
nop word ptr [rax+rax+00000000]
movzx r10d,r9l
test r9l,r9l
cmove r10d,r15d
movzx eax,r10l
xor al,[r14+r11-02]
mov [r11-02],al
add al,2A
add r10l,al
movzx r9d,r10l
mov r8,[r12+00000FC8]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r10l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test r10l,r10l
cmovne ecx,r9d
movzx eax,cl
xor al,[rbx+r11-02]
mov [r11-01],al
add cl,2A
add al,cl
movzx r9d,al
mov r8,[r12+00000FC8]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov ecx,r15d
test al,al
cmovne ecx,r9d
movzx eax,cl
xor al,[rdi+r11]
mov [r11],al
add cl,2A
add al,cl
movzx r9d,al
mov r8,[r12+00000FC8]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
add dx,r9w
shl cx,03
or dx,cx
mov [r8+08],dx
mov eax,r15d
test r9l,r9l
cmovne eax,r9d
movzx r9d,al
xor r9l,[rbx+r11]
mov [r11+01],r9l
add al,2A
add r9l,al
mov r8,[r12+00000FC8]
movzx ecx,word ptr [r8+08]
movzx edx,cx
shr dx,0D
movzx eax,r9l
add dx,ax
shl cx,03
or dx,cx
mov [r8+08],dx
add esi,04
lea r11,[r11+04]
cmp esi,04
jb 145798160
mov [r12+00000FD8],r13d
mov qword ptr [r12+00000FE4],00000001
mov [r12+00000FEC],r13d
mov [r12+00000FF8],r13
mov [r12+00001000],r13
mov [r12+00001010],r13
mov [r12+00001008],r13
mov [r12+00001018],r13
mov [r12+00001020],r13
mov [r12+00001028],r13
mov [r12+00001030],r13
mov [r12+00001038],r13
mov [r12+00001040],r13
mov [r12+00001050],1
jmp 1457982F1
1476F8710:
DQ shengguaiics
[DISABLE]
1476F8710:
DQ GetLastError
複製代碼
作者:
ql139278
時間:
2025-5-19 12:35
太感謝了,這個代碼這麽多,感謝版主
作者:
rhg59321
時間:
2025-5-19 23:50
這樣就可以了吧? 沒必要寫那麼長, 至少我在土龍測試過有用
// TwMs v270.1 定點生怪
[Enable]
Alloc(Check_Esp,512,MapleStory.exe)
Label(Hook)
Label(Exit)
Check_Esp:
push rax
mov rax,14381F3E8
cmp [rsp+1F8],rax
jne Exit
mov rax,Hook
mov [rsp+1F8],rax
jmp Exit
Exit:
pop rax
jmp GetLastError
Hook:
mov rsi,rax
mov [rsi+00001050],1
mov [rsi+00001054],FFFFFDD9 //X-Point
mov [rsi+00001058],000000A5 //Y-Point
jmp 14381F3E8
1476F8710:
DQ Check_Esp
[Disable]
1476F8710:
DQ GetLastError
DeAlloc(Check_Esp)
作者:
lafeng666
時間:
2025-5-20 21:34
rhg59321 發表於 2025-5-19 23:50
這樣就可以了吧? 沒必要寫那麼長, 至少我在土龍測試過有用
// TwMs v270.1 定點生怪
是可以很短, 这份代码我之前故意这样写的,没想到还有人更新出来
歡迎光臨 冰楓論壇 (https://bingfong.com/)
Powered by 冰楓
是可以很短, 这份代码我之前故意这样写的,没想到还有人更新出来
