冰楓論壇

標題: TwMS 213.2 惡魔鐮刀不限時間 [ICS] [打印本頁]
作者: ke90927    時間: 2019-1-20 22:03
標題: TwMS 213.2 惡魔鐮刀不限時間 [ICS]
本帖最後由 ke90927 於 2019-1-20 22:15 編輯
  1. //TwMS 213.2 惡魔鐮刀不限時間 [ICS]
  2. //Author:yutsaihsieh Ics:ke90927
  3. //转自:https://bingfong.com/thread-622507-1-1.html
  4. [Enable]
  5. Alloc(WDhook,1024)
  6. Label(WDHack1)
  7. Label(WDHack2)
  8. Label(WDHack3)
  9. Label(WDHack4)
  10. Label(WDHack5)
  11. Label(WDHack6)
  12. Label(WDHack7)

  14. WDhook:
  15. cmp [esp+88],0237FD56
  16. jne InterlockedIncrement
  17. MOV [ESP+88],WDHack1
  18. jmp InterlockedIncrement

  20. WDHack1:
  21. cmp dword ptr [ebp-2C],00
  22. mov [ebp-40],eax
  23. je 023811E6
  24. test eax,eax
  25. je 023811E6
  26. mov ecx,[03BBBB48]
  27. mov [ebp-38],000000FF
  28. test ecx,ecx
  29. je WDHack2
  30. push 000000FF
  31. call 00E4D5C0
  32. mov [ebp-38],eax
  33. WDHack2:
  34. cmp dword ptr [edi+000156E8],00
  35. je 0238113E
  36. push [esi]
  37. call 023A1610
  38. add esp,04
  39. mov ecx,eax
  40. cmp byte ptr [edi+0001525C],00
  41. mov [ebp-3C],ecx
  42. je WDHack3
  43. mov eax,[edi+000156FC]
  44. test eax,eax
  45. je WDHack3
  46. push 01
  47. push eax
  48. call dword ptr [032073EC]
  49. push eax
  50. mov ecx,edi
  51. call 02306900
  52. test eax,eax
  53. je 0237FF42
  54. mov ecx,[ebp-3C]
  55. WDHack3:
  56. mov eax,[esi]
  57. cmp eax,0606D155
  58. je WDHack4
  59. cmp eax,0606D156
  60. je WDHack4
  61. cmp eax,0021E3D3
  62. je WDHack4
  63. cmp eax,002F5150
  64. je WDHack4
  65. cmp eax,06ACFFF0
  66. je WDHack4
  67. cmp eax,027374E9
  68. je WDHack4
  69. cmp eax,04C4DF20
  70. je WDHack4
  71. cmp eax,04C4E062
  72. je WDHack4
  73. cmp eax,04C4E066
  74. je WDHack4
  75. cmp eax,04C4E06B
  76. je WDHack4
  77. cmp eax,017F5106
  78. je WDHack4
  79. cmp eax,00B8F3DE
  80. je WDHack4
  81. cmp eax,07CEEAB0
  82. je WDHack4
  83. cmp eax,02366BEB
  84. je WDHack4
  85. cmp eax,17D8242E
  86. je WDHack4
  87. cmp eax,17D82431
  88. je WDHack4
  89. cmp eax,17D7AF14
  90. je WDHack4
  91. cmp eax,07CEEABC
  92. je WDHack4
  93. cmp eax,17D7D645
  94. je WDHack4
  95. cmp eax,07CEEABD
  96. je WDHack4
  97. cmp eax,17D7AF40
  98. jne WDHack5
  99. WDHack4:
  100. push [ebp-40]
  101. mov ecx,[ebp-2C]
  102. call 007D4B90
  103. mov ecx,eax
  104. call 0050EF30
  105. imul ecx,eax,000003E8
  106. mov [ebp-3C],ecx
  107. WDHack5:
  108. cmp [esi],02366C1C
  109. jne WDHack6
  110. push [ebp-40]
  111. mov ecx,[ebp-2C]
  112. call 007D4B90
  113. mov ecx,eax
  114. call 0085E0D0
  115. imul ecx,eax,000003E8
  116. mov [ebp-3C],ecx
  117. WDHack6:
  118. mov eax,[esi]
  119. cmp eax,01524DCB
  120. jne WDHack7
  121. call 023FAF70
  122. sub eax,[edi+00015248]
  123. js 023811E6
  124. cmp dword ptr [edi+000156F8],00
  125. jne 023811E6
  126. push 00
  127. push 00
  128. push 00
  129. push 00
  130. push 01
  131. push 06
  132. push [ebp-2C]
  133. mov ecx,edi
  134. call 021C7EF0
  135. mov [edi+000156F8],00000001
  136. jmp 023811E6
  137. WDHack7:
  138. cmp eax,01D909A8
  139. jne 02380148
  140. call 023FAF70
  141. sub eax,[edi+00015244]
  142. cmp eax,[ebp-3C]
  143. jmp 0237FF52
  144. push [esi]
  145. jmp 0237FF18

  147. 03207134:
  148. DD WDhook

  150. [Disable]
  151. 03207134:
  152. DD InterlockedIncrement
  153. DeAlloc(WDGod)
  154. DeAlloc(WDhook1)
複製代碼




歡迎光臨 冰楓論壇 (https://bingfong.com/) Powered by 冰楓