冰楓論壇

標題: TwMS 206.2 MISS無敵 [ICS] [打印本頁]
作者: prt    時間: 2018-4-18 15:14
標題: TwMS 206.2 MISS無敵 [ICS]
  1. //TwMS 206.2 MISS無敵 [ICS]
  2. [Enable]
  3. Alloc(Hook_Main,128)
  4. Label(HookFun)

  6. Hook_Main:
  7. Cmp [Esp+18],01E7A21F
  8. Jne 0147AFF0
  9. Mov [Esp+18],HookFun
  10. Jmp 0147AFF0

  12. HookFun:
  13. mov [ebp+esi*4-48],eax
  14. inc esi
  15. cmp esi,08
  16. jnge 01E7A210
  17. mov edi,[ebp-000000C0]
  18. mov ecx,edi
  19. mov [ebp-00000118],00000000
  20. mov [ebp-00000108],00000000
  21. mov [ebp-00000134],00000000
  22. mov [ebp-0000012C],00000000
  23. mov [ebp-0000009C],00000000
  24. mov [ebp-000000D4],00000000
  25. mov [ebp-00000098],00000000
  26. call 008508E0
  27. push eax
  28. mov eax,[ebx]
  29. mov ecx,ebx
  30. call dword ptr [eax+70]
  31. push eax
  32. mov eax,[ebx]
  33. mov ecx,ebx
  34. call dword ptr [eax+6C]
  35. push eax
  36. call 007C04B0
  37. add esp,0C
  38. mov [ebp-00000130],eax
  39. xor eax,eax
  40. mov [ebp-0000011C],00000000
  41. lea ecx,[ebx+00000120]
  42. mov [ebp-00000120],00000000
  43. mov [ebp-00000144],eax
  44. mov [ebp-0000010C],eax
  45. mov [ebp-00000160],eax
  46. mov [ebp-000000EC],eax
  47. mov [ebp-00000100],eax
  48. mov [ebp-00000158],eax
  49. mov [ebp-000000DC],eax
  50. mov [ebp-000000AC],eax
  51. mov [ebp-00000174],eax
  52. mov [ebp-000000F4],eax
  53. mov [ebp-00000104],eax
  54. mov [ebp-000000C4],eax
  55. call 00B59150
  56. push eax
  57. call 004BF410
  58. add esp,04
  59. mov [ebp-70],eax
  60. lea ecx,[ebx+00000120]
  61. call 00B59160
  62. push eax
  63. call 004BF410
  64. add esp,04
  65. mov ecx,ebx
  66. mov [ebp-00000110],eax
  67. cmp dword ptr [ebp-74],00
  68. jne 01E7BFA1

  70. 033B264C:
  71. DD Hook_Main
  72. [Disable]
  73. 033B264C:
  74. DD 0147AFF0
  75. DeAlloc(Hook_Main)
複製代碼
作者: kuangshen    時間: 2018-5-6 14:36
請問大大,數據里的033B264C:這個地址是一個什麼特殊的地址嗎?在研究前面的數據時發現怎麼也找不到這個地址。



歡迎光臨 冰楓論壇 (https://bingfong.com/) Powered by 冰楓