冰楓論壇

標題: TWMS213.2 近战无延迟 [ICS] [打印本頁]

---

作者: ke90927    時間: 2019-1-20 19:37
標題: TWMS213.2 近战无延迟 [ICS]

1. //TWMS213.2 近战无延迟 [ICS]
   
2. //原创：ke90927
   
3. //此数据转自GMS近战无延迟CRC【近战技能普攻都可以用，远程无效果】
   
4. [Enable]
   
5. Alloc(WDhook, 1024)
   
6. Label(WDHack1)
   
7. Label(WDHack2)
   
8. 
   
9. WDhook:
   
10. CMP [ESP+10],02285E39
    
11. jne RtlEnterCriticalSection
    
12. MOV [ESP+10],WDHack1
    
13. jmp RtlEnterCriticalSection
    
14. 
    
15. WDHack1:
    
16. mov eax,[eax]
    
17. push eax
    
18. mov ecx,[ebp-0000126C]
    
19. call 00AA2690
    
20. push eax
    
21. mov ecx,[ebp-0000124C]
    
22. push ecx
    
23. mov ecx,[ebp-00001248]
    
24. add ecx,00000120
    
25. call 00D01090
    
26. push eax
    
27. mov edx,[ebp-00001270]
    
28. push edx
    
29. call 00820390
    
30. add esp,1C
    
31. mov [ebp-000012C8],eax
    
32. mov eax,[ebp-00001288]
    
33. shl eax,05
    
34. add eax,0392B618
    
35. mov [ebp-00001284],eax
    
36. mov [ebp-00001294],00000000
    
37. mov [ebp-00001360],00000000
    
38. mov ecx,[ebp-0000124C]
    
39. push ecx
    
40. call 00825C80
    
41. add esp,04
    
42. test eax,eax
    
43. jne 022865A0
    
44. mov edx,[ebp-0000124C]
    
45. push edx
    
46. call 007B0560
    
47. add esp,04
    
48. test eax,eax
    
49. jne 022865A0
    
50. mov eax,[ebp-0000124C]
    
51. push eax
    
52. call 005AA370
    
53. add esp,04
    
54. movzx ecx,al
    
55. test ecx,ecx
    
56. jne 022865A0
    
57. mov edx,[ebp-0000124C]
    
58. push edx
    
59. call 007AD170
    
60. add esp,04
    
61. movzx eax,al
    
62. test eax,eax
    
63. jne 022865A0
    
64. mov ecx,[ebp-0000124C]
    
65. push ecx
    
66. call 00839670
    
67. add esp,04
    
68. test eax,eax
    
69. jne 022865A0
    
70. mov edx,[ebp-0000124C]
    
71. push edx
    
72. call 0083C850
    
73. add esp,04
    
74. movzx eax,al
    
75. test eax,eax
    
76. jne 022865A0
    
77. cmp [ebp-0000124C],0606D158
    
78. je 022865A0
    
79. cmp [ebp-0000124C],060523A6
    
80. je 022865A0
    
81. cmp [ebp-0000124C],04C4BB28
    
82. je 022865A0
    
83. cmp dword ptr [ebp-00001348],00
    
84. jne 022865A0
    
85. lea ecx,[ebp-000012B0]
    
86. call 00868090
    
87. test eax,eax
    
88. je 022865A0
    
89. cmp [ebp-0000124C],027374F7
    
90. je 022865A0
    
91. cmp [ebp-0000124C],0280E26A
    
92. je 022865A0
    
93. cmp [ebp-0000124C],04C4DF26
    
94. je 022865A0
    
95. mov ecx,[ebp-0000124C]
    
96. push ecx
    
97. call 02350B80
    
98. add esp,04
    
99. movzx edx,al
    
100. test edx,edx
     
101. jne 022865A0
     
102. cmp dword ptr [ebx+08],00
     
103. je WDHack2
     
104. mov ecx,[ebx+08]
     
105. call 02347EB0
     
106. test eax,eax
     
107. jne 022865A0
     
108. WDHack2:
     
109. mov ecx,[ebp-00001248]
     
110. call 02348010
     
111. movzx eax,al
     
112. test eax,eax
     
113. jmp 022865A0
     
114. cmp dword ptr [ebx+3C],00
     
115. jmp 02285FFB
     
116. 
     
117. 03916A34:
     
118. DD WDhook
     
119. 
     
120. [Disable]
     
121. 03916A34:
     
122. DD RtlEnterCriticalSection
     
123. DeAlloc(WDGod)

複製代碼

---

作者: yutsaihsieh    時間: 2019-1-20 20:18
//crc
[ENABLE]
02285FF1:
jmp 022865A0
nop



[DISABLE]
02285FF1:
je 022865A0

---

作者: JK輔助    時間: 2019-1-20 20:43
會崩潰

---

作者: ke90927    時間: 2019-1-20 20:48

JK輔助 發表於 2019-1-20 20:43
會崩潰

• [Disable]
• 03916A34:
• DD 0177d830
• DeAlloc(WDGod)
  

打开CE读取下 03916A34值，我这边是大陆电脑。可能API特征不一样

---

作者: wujohn    時間: 2019-1-21 10:50
打太快 很容易斷線 , 還是用接技 快又穩定 ..

---

歡迎光臨 冰楓論壇 (https://bingfong.com/)

Powered by 冰楓