冰楓論壇

標題: TwMS V199.2_ICS_ 限定全圖+物品落腳下 [打印本頁]

---

作者: ta0926    時間: 2017-7-24 17:45
標題: TwMS V199.2_ICS_ 限定全圖+物品落腳下
//V1992 限定全圖+物品落腳下
[Enable]
Alloc(FlllMapAtt_ICS,128)
Label(FlllMapAttByPass)
Label(FlllMapAttack)
Label(FlllMapAttackHook)
Label(FlllMapAttByPassHook)
Label(fr01)
Label(fr02)
Label(fr03)
Label(fr04)
Label(fr05)
Label(fr10)
Label(fr11)
Label(fr12)
Label(fr13)
Label(fr14)

FlllMapAtt_ICS:
        Cmp [Esp],00f4ab17
        Je FlllMapAttack
        Cmp [Esp],00f4af1d
        Je FlllMapAttByPass
        Jmp Variantinit
FlllMapAttack:
        Mov [Esp],FlllMapAttackHook
        Jmp Variantinit
FlllMapAttByPass:
        Mov [Esp],FlllMapAttByPassHook
        Jmp Variantinit

FlllMapAttByPassHook:
        lea eax,[ebp-20]
        push 02ec1140
        push eax
        call 00469e50
        add esp,08
        test eax,eax
        jns fr10
        push eax
        call 0250f320
fr10:
        mov esi,[ebx+00000208]
        mov [ebp-04],00000014
        test esi,esi
        jne fr11
        push 80004003
        call 0250f320
fr11:
db 0f 10 45 e0
//        movups xmm0,[ebp-20]
        mov ecx,[esi]
        sub esp,10
        mov eax,esp
        push 00
        push 00
        push 00
        push 00
        push 00
db 0f 11 00
//        movups [eax],xmm0
        push 00
        lea eax,[ebp-000000c4]
        push eax
        lea eax,[ebp-000000c8]
        push eax
        push esi
        call dword ptr [ecx+0000008c]
        test eax,eax
        jns fr12
        push 0292fb38
        push esi
        push eax
        call 0250f340
fr12:
        cmp word ptr [ebp-20],08
        mov [ebp-04],ffffffff
        jne fr13
        xor eax,eax
        mov [ebp-20],eax
        mov eax,[ebp-18]
        test eax,eax
        je fr14
        add eax,fc
        push eax
        call dword ptr [02ef0e40]
        jmp fr14
fr13:
        lea eax,[ebp-20]
        push eax
        call dword ptr [0292b35c]
fr14:
        jmp 00f4afec

FlllMapAttackHook:
        lea eax,[ebp-20]
        push 02ec1140
        push eax
        call 00469e50
        add esp,08
        test eax,eax
        jns fr01
        push eax
        call 0250f320
fr01:
        mov esi,[ebx+00000208]
        mov [ebp-04],00000013
        test esi,esi
        jne fr02
        push 80004003
        call 0250f320
fr02:
db 0f 10 45 e0
//        movups xmm0,[ebp-20]
        mov ecx,[esi]
        sub esp,10
        mov eax,esp
        push 00
        push 00
        push 00
        push 00
        push 00
db 0f 11 00
//        movups [eax],xmm0
        push 00
        lea eax,[ebp-000000c4]
        push eax
        lea eax,[ebp-000000c8]
        push eax
        push esi
        call dword ptr [ecx+0000008c]
        test eax,eax
        jns fr03
        push 0292fb38
        push esi
        push eax
        call 0250f340
fr03:
        cmp word ptr [ebp-20],08
        mov [ebp-04],ffffffff
        jne fr04
        xor eax,eax
        mov [ebp-20],eax
        mov eax,[ebp-18]
        test eax,eax
        je fr05
        add eax,fc
        push eax
        call dword ptr [02ef0e40]
        jmp fr05
fr04:
        lea eax,[ebp-20]
        push eax
        call dword ptr [0292b35c]
fr05:
        mov ecx,[02EE9098]
        add ecx,04
        lea eax,[ebp-000000c8]
        push eax
        call 01A965F0
//        push [ebp-000000c8]
        jmp 00f4abbd

0292b364:
DD FlllMapAtt_ICS
[Disable]
0292b364:
DD Variantinit
DeAlloc(FlllMapAttack)

---

作者: qaz7852103    時間: 2017-7-26 21:27
求大大更新這個數據QQ  拜託了  感激不盡

---

歡迎光臨 冰楓論壇 (https://bingfong.com/)

Powered by 冰楓