创建装备脚本
alloc(new,1024)
new:
pushad
push 1
push 0
push #101010047
mov edx,1C16730
call edx
mov [00400600],eax
add esp,c
popad
ret
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
createthread(new)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
createthread(new)
召唤人偶call
[ENABLE]
alloc(new,1024)
alloc(stre,100)
stre:
dd #202
dd #85
dd #85
dd #9999999
dd #1
new:
pushad
push stre
push [3DCD430]
mov ecx,3D1E394
call 054C316E
popad
ret
createthread(new)
[DISABLE]
召唤怪物call
[ENABLE]
alloc(new,1024)
alloc(stre,100)
stre:
dd #3000
dd #85
dd #85
dd #9999999
dd #1
new:
pushad
push stre
push [3DCD430]
mov ecx,3D1E394
call 54FD787
popad
ret
createthread(new)
[DISABLE]
buffcall
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(new,1024)
alloc(kongbai,512)
new:
Pushad
Push kongbai
Push 000004c2 //三速
Mov EAX,E48840 //1
Call EAX
Mov ECX,EAX
Mov EBX,E457A0 //2
Call EBX
Mov ESI,EAX
Push 000004c2 //三速
Mov ECX,E48840 //1
Call ECX
Mov ECX,EAX
Mov EDX,E41490 //3
Call EDX
Mov ESI,E48840 //1
Call ESI
Popad
ret
createthread(new)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
吸怪 脚本
alloc(new,1024)
label(lop)
label(state)
label(getstate)
label(next)
label(end)
new:
pushad
mov eax,[3DCD430]
mov eax,[eax+b8]
cmp eax,0
je end
mov eax,[3DCD430]
add eax,1b8
mov [400700],eax //物品x
add eax,4
mov [400704],eax //物品y
mov eax,[3DCD430]
mov eax,[eax+b8]
mov eax,[eax+c0] // eax 里为首地址
lop:
mov ebx,[eax]
mov ebx,[ebx+98]
cmp ebx,#273
je state
cmp ebx,#529
je state
jmp next
state:
mov ecx,[eax] // eax 里为首地址
mov ebx,[ecx+7AC] // ebx 里为obj类型
cmp ebx,0
jne getstate
jmp next
getstate:
mov ecx,[eax]
mov ebx,[ecx+a8]
add ebx,10
mov ecx,[400700]
mov ecx,[ecx]
mov [ebx],ecx
add ebx,4
mov ecx,[400704]
mov ecx,[ecx]
mov [ebx],ecx
next:
add eax,4
mov ebx,[3DCD430]
mov ebx,[ebx+b8]
mov ebx,[ebx+c4] //ebx为尾地址 这里类似循环当首尾相等
cmp eax,ebx
jne lop
end:
popad
ret
cmp [400708],1
jne new
ret
[ENABLE]
400708:
dd 0
CreateThread(new)
[DISABLE]
400708:
dd 1
吸物 脚本
alloc(new,1024)
label(lop)
label(state)
label(getstate)
label(next)
label(end)
new:
pushad
mov eax,[3DCD430]
mov eax,[eax+b8]
cmp eax,0
je end
mov eax,[3DCD430]
add eax,1b8
mov [400700],eax //物品x
add eax,4
mov [400704],eax //物品y
mov eax,[3DCD430]
mov eax,[eax+b8]
mov eax,[eax+c0] // eax 里为首地址
lop:
mov ebx,[eax]
mov ebx,[ebx+98]
cmp ebx,#273
je state
cmp ebx,#289
je state
jmp next
state:
mov ecx,[eax] // eax 里为首地址
mov ebx,[ecx+7AC] // ebx 里为obj类型
cmp ebx,0
jne getstate
jmp next
getstate:
mov ecx,[eax]
mov ebx,[ecx+a8]
add ebx,10
mov ecx,[400700]
mov ecx,[ecx]
mov [ebx],ecx
add ebx,4
mov ecx,[400704]
mov ecx,[ecx]
mov [ebx],ecx
next:
add eax,4
mov ebx,[3DCD430]
mov ebx,[ebx+b8]
mov ebx,[ebx+c4] //ebx为尾地址 这里类似循环当首尾相等
cmp eax,ebx
jne lop
end:
popad
ret
cmp [400708],1
jne new
ret
[ENABLE
400708:
dd 0
CreateThread(new)
[DISABLE]
400708:
dd 1
人偶基址遍历
alloc(newmem,512)
registersymbol(newmem)
label(end)
label(next)
label(begin)
label(zhenyin)
label(fujia)
label(renou)
newmem:
mov edx,[3DCD430]
cmp edx,0
je end
mov edx,[edx+B8]
cmp edx,0
je end
mov eax,[edx+C0] //begin
mov ebx,[edx+C4] //尾地址
sub ebx,eax
begin:
cmp ebx,0
jle end
mov edx,[eax]
mov esi,[edx+98]
cmp esi,#273 //obj类型
je zhenyin
jmp next
zhenyin:
mov edx,[eax]
mov esi,[edx+7ac]
cmp esi,0
je fujia
jmp next
fujia:
cmp edx,[3DCD430]
jne renou
jmp next
renou:
mov [400400],edx
jmp next
popad
next:
add eax,4
sub ebx,4
jmp begin
end:
ret
[ENABLE]
createthread(newmem)
[DISABLE]
dealloc(newmem)
unregistersymbol(newmem)
怪物基址遍历
alloc(newmem,512)
registersymbol(newmem)
label(end)
label(next)
label(begin)
label(zhenyin)
label(fujia)
newmem:
mov edx,[3DCD430]
cmp edx,0
je end
mov edx,[edx+B8]
cmp edx,0
je end
mov eax,[edx+C0] //begin
mov ebx,[edx+C4] //尾地址
sub ebx,eax
begin:
cmp ebx,0
jle end
mov edx,[eax]
mov esi,[edx+98]
cmp esi,#529 //obj类型
je zhenyin
jmp next
zhenyin:
mov edx,[eax]
mov esi,[edx+7ac]
cmp esi,0
je fujia
jmp next
fujia:
mov [00400400],edx
jmp next
popad
next:
add eax,4
sub ebx,4
jmp begin
end:
ret
[ENABLE]
createthread(newmem)
[DISABLE]
dealloc(newmem)
unregistersymbol(newmem)
操作
怪物跳板
[ENABLE]
alloc(newmem,1000)
alloc(GetMCC,1000)
alloc(table1,1000)
alloc(table2,1000)
label(GetMCC_next)
label(GetMCC_end)
GetMCC:
push ebp
mov ebp,esp
xor eax,eax
push eax
pushad
mov ebx,[ebp+8]
xor edi,edi
mov esi,table1
mov ecx,table2
GetMCC_next:
cmp edi,1000
jge GetMCC_end
mov eax,[esi+edi*4]
test eax,eax
je GetMCC_end
inc edi
cmp eax,ebx
jne GetMCC_next
dec edi
mov eax,[ecx+edi*4]
mov [ebp-4],eax
GetMCC_end:
popad
mov eax,[ebp-4]
mov esp,ebp
pop ebp
ret 4
label(end)
newmem:
pushad
mov esi,[ebp-00002234]
push esi
call GetMCC
cmp eax,0
je end
mov dword ptr ss:[ebp-00002234],eax
end:
popad
mov eax,[esi]
mov edx,[eax+50]
ret
table1:
dd #63720 //18032触发
table2:
dd #100010
2495cd0:
call newmem
[DISABLE]
2495cd0:
db 8B 06 8B 50 50
无视队友 遍历版
alloc(map,1024)
alloc(write,1024)
label(lop)
label(next)
label(end)
label(ziji)
label(wushi)
label(zhenyin)
write:
pushad
mov ebp,ecx
and eax,0
and ebx,0
and ecx,0
and edx,0
and esi,0
and edi,0
mov ecx,ebp//adress
mov eax,[3E19858] //加密
inc eax
mov [3E19858],eax //加密
mov edx,eax
shr edx,8 //右移
shl edx,18 //左移
shr edx,18
movzx edx,word ptr [edx*2+3866978] //加密1
shl eax,18
shr eax,18
movzx ebx,word ptr [eax*2+3866B78] //加密2
xor edx,ebx
mov eax,edx
and eax,ffff //取双字节
mov esi,#0//value
mov edx,esi
shr edx,10
mov ebx,esi
and ebx,ffff
add edx,ebx
xor edx,eax
mov edi,edx
mov edx,eax
shl eax,10
add eax,edx
mov esi,#0//value
xor eax,esi
mov esi,ebp//adress
add esi,4
mov [esi],eax
mov eax,[ebp]//address
mov esi,[3E197F8] //解密
mov ecx,edi
shl ecx,10
add ecx,edx
mov edx,eax
shr edx,10
mov edx,[edx*4+esi+24]
and eax,ffff
mov [eax*4+edx+2114],ecx
popad
ret
map:
pushad
mov eax,[3DCD430] //人物基址
mov eax,[eax+b8]
cmp eax,0
je end
mov eax,[eax+c0]//adress_map
lop:
mov ebx,[eax]
mov ebx,[ebx+98]//type
cmp ebx,111
je zhenyin
jmp next
zhenyin:
mov ecx,[eax]
mov ebx,[ecx+7ac]//team
cmp ebx,0
je ziji
jmp next
ziji:
cmp ecx,[3DCD430]
jne wushi
jmp next
wushi:
mov ecx,[eax]
add ecx,198
call write
next:
add eax,4
mov ebx,[3DCD430]
mov ebx,[ebx+b8]
mov ebx,[ebx+c4]
cmp eax,ebx //judge
jne lop
end:
popad
ret
[ENABLE]
CreateThread(map)
[DISABLE]
不死秒杀
alloc(map,1024)
//alloc(speak,1024)
alloc(write,1024)
//alloc(words,22)
label(lop)
//label(lop2)
label(state)
label(getstate)
label(next)
label(end)
write:
pushad
mov ebp,ecx
and eax,0
and ebx,0
and ecx,0
and edx,0
and esi,0
and edi,0
mov ecx,ebp//adress
mov eax,[3E19858] //加密
inc eax
mov [3E19858],eax //加密
mov edx,eax
shr edx,8 //右移
shl edx,18 //左移
shr edx,18
movzx edx,word ptr [edx*2+3866978] //加密1
shl eax,18
shr eax,18
movzx ebx,word ptr [eax*2+3866B78] //加密2
xor edx,ebx
mov eax,edx
and eax,ffff //取双字节
mov esi,#1//value
mov edx,esi
shr edx,10
mov ebx,esi
and ebx,ffff
add edx,ebx
xor edx,eax
mov edi,edx
mov edx,eax
shl eax,10
add eax,edx
mov esi,#1//value
xor eax,esi
mov esi,ebp//adress
add esi,4
mov [esi],eax
mov eax,[ebp]//address
mov esi,[3E197F8] //解密
mov ecx,edi
shl ecx,10
add ecx,edx
mov edx,eax
shr edx,10
mov edx,[edx*4+esi+24]
and eax,ffff
mov [eax*4+edx+2114],ecx
popad
ret
map:
pushad
mov eax,[3DCD430]
mov eax,[eax+b8]
cmp eax,0
je end
mov eax,[eax+c0]//adress_map
lop:
mov ebx,[eax]
mov ebx,[ebx+98]//type
cmp ebx,111
je state
cmp ebx,211
je state
jmp next
state:
mov ecx,[eax]
mov ebx,[ecx+7AC]//team
cmp ebx,0
jne getstate
jmp next
getstate: //run
mov ecx,[eax]
add ecx,2D34
call write
next:
add eax,4
mov ebx,[3DCD430]
mov ebx,[ebx+b8]
mov ebx,[ebx+c4]
//mov cx,9000
//lop2:
//dec cx
//cmp cx,0
//jne lop2
cmp eax,ebx
//judge
jne lop
end:
popad
ret
[ENABLE]
CreateThread(map)
[DISABLE]
动作秒杀
alloc(map,1024)
label(lop)
label(next)
label(end)
label(state)
map:
pushad
mov eax,[3DCD430]
mov eax,[eax+b8]
cmp eax,0
je end
mov eax,[3DCD430]
mov eax,[eax+b8]
mov eax,[eax+c0]//adress_map
lop:
mov ecx,[eax]
mov ebx,[ecx+7AC]//team
cmp ebx,0
je next
mov ebx,[ecx+98]//type
cmp ebx,111
je state
cmp ebx,211
jne next
state:
//run
push eax
mov eax,[ecx]
push 0
push 0
push 0
push 0
push 0
push 0
push c
call dword ptr [eax+00000490]
pop eax
next:
add eax,4
mov ebx,[3DCD430]
mov ebx,[ebx+b8]
mov ebx,[ebx+c4]
cmp eax,ebx //judge
jne lop
end:
popad
ret
[enable]
createthread(map)
[disable]
扣血秒杀
alloc(map,1024)
label(lop)
label(next)
label(end)
label(state)
map:
pushad
mov eax,[3DCD430]
mov eax,[eax+b8]
cmp eax,0
je end
mov eax,[3DCD430]
mov eax,[eax+b8]
mov eax,[eax+c0]//adress_map
lop:
mov ecx,[eax]
mov ebx,[ecx+7AC]//team
cmp ebx,0
je next
mov ebx,[ecx+98]//type
cmp ebx,111
je state
cmp ebx,211
jne next
state:
//run
push eax
mov eax,[ecx]
push 0
push esi
push #-40
push 0
call dword ptr [eax+000003F4]
pop eax
next:
add eax,4
mov ebx,[3DCD430]
mov ebx,[ebx+b8]
mov ebx,[ebx+c4]
cmp eax,ebx //judge
jne lop
end:
popad
ret
[enable]
createthread(map)
[disable]
alloc(new,1024)
new:
pushad
push 1
push 0
push #101010047
mov edx,1C16730
call edx
mov [00400600],eax
add esp,c
popad
ret
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
createthread(new)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
createthread(new)
召唤人偶call
[ENABLE]
alloc(new,1024)
alloc(stre,100)
stre:
dd #202
dd #85
dd #85
dd #9999999
dd #1
new:
pushad
push stre
push [3DCD430]
mov ecx,3D1E394
call 054C316E
popad
ret
createthread(new)
[DISABLE]
召唤怪物call
[ENABLE]
alloc(new,1024)
alloc(stre,100)
stre:
dd #3000
dd #85
dd #85
dd #9999999
dd #1
new:
pushad
push stre
push [3DCD430]
mov ecx,3D1E394
call 54FD787
popad
ret
createthread(new)
[DISABLE]
buffcall
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(new,1024)
alloc(kongbai,512)
new:
Pushad
Push kongbai
Push 000004c2 //三速
Mov EAX,E48840 //1
Call EAX
Mov ECX,EAX
Mov EBX,E457A0 //2
Call EBX
Mov ESI,EAX
Push 000004c2 //三速
Mov ECX,E48840 //1
Call ECX
Mov ECX,EAX
Mov EDX,E41490 //3
Call EDX
Mov ESI,E48840 //1
Call ESI
Popad
ret
createthread(new)
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
吸怪 脚本
alloc(new,1024)
label(lop)
label(state)
label(getstate)
label(next)
label(end)
new:
pushad
mov eax,[3DCD430]
mov eax,[eax+b8]
cmp eax,0
je end
mov eax,[3DCD430]
add eax,1b8
mov [400700],eax //物品x
add eax,4
mov [400704],eax //物品y
mov eax,[3DCD430]
mov eax,[eax+b8]
mov eax,[eax+c0] // eax 里为首地址
lop:
mov ebx,[eax]
mov ebx,[ebx+98]
cmp ebx,#273
je state
cmp ebx,#529
je state
jmp next
state:
mov ecx,[eax] // eax 里为首地址
mov ebx,[ecx+7AC] // ebx 里为obj类型
cmp ebx,0
jne getstate
jmp next
getstate:
mov ecx,[eax]
mov ebx,[ecx+a8]
add ebx,10
mov ecx,[400700]
mov ecx,[ecx]
mov [ebx],ecx
add ebx,4
mov ecx,[400704]
mov ecx,[ecx]
mov [ebx],ecx
next:
add eax,4
mov ebx,[3DCD430]
mov ebx,[ebx+b8]
mov ebx,[ebx+c4] //ebx为尾地址 这里类似循环当首尾相等
cmp eax,ebx
jne lop
end:
popad
ret
cmp [400708],1
jne new
ret
[ENABLE]
400708:
dd 0
CreateThread(new)
[DISABLE]
400708:
dd 1
吸物 脚本
alloc(new,1024)
label(lop)
label(state)
label(getstate)
label(next)
label(end)
new:
pushad
mov eax,[3DCD430]
mov eax,[eax+b8]
cmp eax,0
je end
mov eax,[3DCD430]
add eax,1b8
mov [400700],eax //物品x
add eax,4
mov [400704],eax //物品y
mov eax,[3DCD430]
mov eax,[eax+b8]
mov eax,[eax+c0] // eax 里为首地址
lop:
mov ebx,[eax]
mov ebx,[ebx+98]
cmp ebx,#273
je state
cmp ebx,#289
je state
jmp next
state:
mov ecx,[eax] // eax 里为首地址
mov ebx,[ecx+7AC] // ebx 里为obj类型
cmp ebx,0
jne getstate
jmp next
getstate:
mov ecx,[eax]
mov ebx,[ecx+a8]
add ebx,10
mov ecx,[400700]
mov ecx,[ecx]
mov [ebx],ecx
add ebx,4
mov ecx,[400704]
mov ecx,[ecx]
mov [ebx],ecx
next:
add eax,4
mov ebx,[3DCD430]
mov ebx,[ebx+b8]
mov ebx,[ebx+c4] //ebx为尾地址 这里类似循环当首尾相等
cmp eax,ebx
jne lop
end:
popad
ret
cmp [400708],1
jne new
ret
[ENABLE
400708:
dd 0
CreateThread(new)
[DISABLE]
400708:
dd 1
人偶基址遍历
alloc(newmem,512)
registersymbol(newmem)
label(end)
label(next)
label(begin)
label(zhenyin)
label(fujia)
label(renou)
newmem:
mov edx,[3DCD430]
cmp edx,0
je end
mov edx,[edx+B8]
cmp edx,0
je end
mov eax,[edx+C0] //begin
mov ebx,[edx+C4] //尾地址
sub ebx,eax
begin:
cmp ebx,0
jle end
mov edx,[eax]
mov esi,[edx+98]
cmp esi,#273 //obj类型
je zhenyin
jmp next
zhenyin:
mov edx,[eax]
mov esi,[edx+7ac]
cmp esi,0
je fujia
jmp next
fujia:
cmp edx,[3DCD430]
jne renou
jmp next
renou:
mov [400400],edx
jmp next
popad
next:
add eax,4
sub ebx,4
jmp begin
end:
ret
[ENABLE]
createthread(newmem)
[DISABLE]
dealloc(newmem)
unregistersymbol(newmem)
怪物基址遍历
alloc(newmem,512)
registersymbol(newmem)
label(end)
label(next)
label(begin)
label(zhenyin)
label(fujia)
newmem:
mov edx,[3DCD430]
cmp edx,0
je end
mov edx,[edx+B8]
cmp edx,0
je end
mov eax,[edx+C0] //begin
mov ebx,[edx+C4] //尾地址
sub ebx,eax
begin:
cmp ebx,0
jle end
mov edx,[eax]
mov esi,[edx+98]
cmp esi,#529 //obj类型
je zhenyin
jmp next
zhenyin:
mov edx,[eax]
mov esi,[edx+7ac]
cmp esi,0
je fujia
jmp next
fujia:
mov [00400400],edx
jmp next
popad
next:
add eax,4
sub ebx,4
jmp begin
end:
ret
[ENABLE]
createthread(newmem)
[DISABLE]
dealloc(newmem)
unregistersymbol(newmem)
操作
怪物跳板
[ENABLE]
alloc(newmem,1000)
alloc(GetMCC,1000)
alloc(table1,1000)
alloc(table2,1000)
label(GetMCC_next)
label(GetMCC_end)
GetMCC:
push ebp
mov ebp,esp
xor eax,eax
push eax
pushad
mov ebx,[ebp+8]
xor edi,edi
mov esi,table1
mov ecx,table2
GetMCC_next:
cmp edi,1000
jge GetMCC_end
mov eax,[esi+edi*4]
test eax,eax
je GetMCC_end
inc edi
cmp eax,ebx
jne GetMCC_next
dec edi
mov eax,[ecx+edi*4]
mov [ebp-4],eax
GetMCC_end:
popad
mov eax,[ebp-4]
mov esp,ebp
pop ebp
ret 4
label(end)
newmem:
pushad
mov esi,[ebp-00002234]
push esi
call GetMCC
cmp eax,0
je end
mov dword ptr ss:[ebp-00002234],eax
end:
popad
mov eax,[esi]
mov edx,[eax+50]
ret
table1:
dd #63720 //18032触发
table2:
dd #100010
2495cd0:
call newmem
[DISABLE]
2495cd0:
db 8B 06 8B 50 50
无视队友 遍历版
alloc(map,1024)
alloc(write,1024)
label(lop)
label(next)
label(end)
label(ziji)
label(wushi)
label(zhenyin)
write:
pushad
mov ebp,ecx
and eax,0
and ebx,0
and ecx,0
and edx,0
and esi,0
and edi,0
mov ecx,ebp//adress
mov eax,[3E19858] //加密
inc eax
mov [3E19858],eax //加密
mov edx,eax
shr edx,8 //右移
shl edx,18 //左移
shr edx,18
movzx edx,word ptr [edx*2+3866978] //加密1
shl eax,18
shr eax,18
movzx ebx,word ptr [eax*2+3866B78] //加密2
xor edx,ebx
mov eax,edx
and eax,ffff //取双字节
mov esi,#0//value
mov edx,esi
shr edx,10
mov ebx,esi
and ebx,ffff
add edx,ebx
xor edx,eax
mov edi,edx
mov edx,eax
shl eax,10
add eax,edx
mov esi,#0//value
xor eax,esi
mov esi,ebp//adress
add esi,4
mov [esi],eax
mov eax,[ebp]//address
mov esi,[3E197F8] //解密
mov ecx,edi
shl ecx,10
add ecx,edx
mov edx,eax
shr edx,10
mov edx,[edx*4+esi+24]
and eax,ffff
mov [eax*4+edx+2114],ecx
popad
ret
map:
pushad
mov eax,[3DCD430] //人物基址
mov eax,[eax+b8]
cmp eax,0
je end
mov eax,[eax+c0]//adress_map
lop:
mov ebx,[eax]
mov ebx,[ebx+98]//type
cmp ebx,111
je zhenyin
jmp next
zhenyin:
mov ecx,[eax]
mov ebx,[ecx+7ac]//team
cmp ebx,0
je ziji
jmp next
ziji:
cmp ecx,[3DCD430]
jne wushi
jmp next
wushi:
mov ecx,[eax]
add ecx,198
call write
next:
add eax,4
mov ebx,[3DCD430]
mov ebx,[ebx+b8]
mov ebx,[ebx+c4]
cmp eax,ebx //judge
jne lop
end:
popad
ret
[ENABLE]
CreateThread(map)
[DISABLE]
不死秒杀
alloc(map,1024)
//alloc(speak,1024)
alloc(write,1024)
//alloc(words,22)
label(lop)
//label(lop2)
label(state)
label(getstate)
label(next)
label(end)
write:
pushad
mov ebp,ecx
and eax,0
and ebx,0
and ecx,0
and edx,0
and esi,0
and edi,0
mov ecx,ebp//adress
mov eax,[3E19858] //加密
inc eax
mov [3E19858],eax //加密
mov edx,eax
shr edx,8 //右移
shl edx,18 //左移
shr edx,18
movzx edx,word ptr [edx*2+3866978] //加密1
shl eax,18
shr eax,18
movzx ebx,word ptr [eax*2+3866B78] //加密2
xor edx,ebx
mov eax,edx
and eax,ffff //取双字节
mov esi,#1//value
mov edx,esi
shr edx,10
mov ebx,esi
and ebx,ffff
add edx,ebx
xor edx,eax
mov edi,edx
mov edx,eax
shl eax,10
add eax,edx
mov esi,#1//value
xor eax,esi
mov esi,ebp//adress
add esi,4
mov [esi],eax
mov eax,[ebp]//address
mov esi,[3E197F8] //解密
mov ecx,edi
shl ecx,10
add ecx,edx
mov edx,eax
shr edx,10
mov edx,[edx*4+esi+24]
and eax,ffff
mov [eax*4+edx+2114],ecx
popad
ret
map:
pushad
mov eax,[3DCD430]
mov eax,[eax+b8]
cmp eax,0
je end
mov eax,[eax+c0]//adress_map
lop:
mov ebx,[eax]
mov ebx,[ebx+98]//type
cmp ebx,111
je state
cmp ebx,211
je state
jmp next
state:
mov ecx,[eax]
mov ebx,[ecx+7AC]//team
cmp ebx,0
jne getstate
jmp next
getstate: //run
mov ecx,[eax]
add ecx,2D34
call write
next:
add eax,4
mov ebx,[3DCD430]
mov ebx,[ebx+b8]
mov ebx,[ebx+c4]
//mov cx,9000
//lop2:
//dec cx
//cmp cx,0
//jne lop2
cmp eax,ebx
//judge
jne lop
end:
popad
ret
[ENABLE]
CreateThread(map)
[DISABLE]
动作秒杀
alloc(map,1024)
label(lop)
label(next)
label(end)
label(state)
map:
pushad
mov eax,[3DCD430]
mov eax,[eax+b8]
cmp eax,0
je end
mov eax,[3DCD430]
mov eax,[eax+b8]
mov eax,[eax+c0]//adress_map
lop:
mov ecx,[eax]
mov ebx,[ecx+7AC]//team
cmp ebx,0
je next
mov ebx,[ecx+98]//type
cmp ebx,111
je state
cmp ebx,211
jne next
state:
//run
push eax
mov eax,[ecx]
push 0
push 0
push 0
push 0
push 0
push 0
push c
call dword ptr [eax+00000490]
pop eax
next:
add eax,4
mov ebx,[3DCD430]
mov ebx,[ebx+b8]
mov ebx,[ebx+c4]
cmp eax,ebx //judge
jne lop
end:
popad
ret
[enable]
createthread(map)
[disable]
扣血秒杀
alloc(map,1024)
label(lop)
label(next)
label(end)
label(state)
map:
pushad
mov eax,[3DCD430]
mov eax,[eax+b8]
cmp eax,0
je end
mov eax,[3DCD430]
mov eax,[eax+b8]
mov eax,[eax+c0]//adress_map
lop:
mov ecx,[eax]
mov ebx,[ecx+7AC]//team
cmp ebx,0
je next
mov ebx,[ecx+98]//type
cmp ebx,111
je state
cmp ebx,211
jne next
state:
//run
push eax
mov eax,[ecx]
push 0
push esi
push #-40
push 0
call dword ptr [eax+000003F4]
pop eax
next:
add eax,4
mov ebx,[3DCD430]
mov ebx,[ebx+b8]
mov ebx,[ebx+c4]
cmp eax,ebx //judge
jne lop
end:
popad
ret
[enable]
createthread(map)
[disable]
酝
晚风
