[ENABLE]
alloc(newmem,1024)
alloc(GetSkill,1024)
alloc(table1,0x1000)
alloc(table2,0x1000)
//下面是GetSkill函数
label(GetSkill_next)
label(GetSkill_end)
GetSkill:
push ebp
mov ebp,esp
xor eax,eax
push eax
pushad
mov ebx,[ebp+8]
xor edi,edi
mov esi,table1
mov ecx,table2
GetSkill_next:
cmp edi,1000
jge GetSkill_end
mov eax,[esi+edi*4]
test eax,eax
je GetSkill_end
inc edi
cmp eax,ebx
jne GetSkill_next
dec edi
mov eax,[ecx+edi*4]
mov [ebp-4],eax
GetSkill_end:
popad
mov eax,[ebp-4]
mov esp,ebp
pop ebp
ret 4
label(end)
newmem:
pushad
mov esi,[ebp-0000045C]
push esi
call GetSkill
cmp eax,0
je end
mov dword ptr ss:[ebp-0000045C],eax
end:
popad
mov eax,0FFFF
ret
table1: //源代代码
dd #10086 //跳跃攻击
dd #13800
table2: //改代代码?
dd #10010 //跳跃攻击
dd #54141
//下面是hook
1921DDE:
call newmem
[DISABLE]
1921DDE:
db b8 ff ff 00 00
alloc(newmem,1024)
alloc(GetSkill,1024)
alloc(table1,0x1000)
alloc(table2,0x1000)
//下面是GetSkill函数
label(GetSkill_next)
label(GetSkill_end)
GetSkill:
push ebp
mov ebp,esp
xor eax,eax
push eax
pushad
mov ebx,[ebp+8]
xor edi,edi
mov esi,table1
mov ecx,table2
GetSkill_next:
cmp edi,1000
jge GetSkill_end
mov eax,[esi+edi*4]
test eax,eax
je GetSkill_end
inc edi
cmp eax,ebx
jne GetSkill_next
dec edi
mov eax,[ecx+edi*4]
mov [ebp-4],eax
GetSkill_end:
popad
mov eax,[ebp-4]
mov esp,ebp
pop ebp
ret 4
label(end)
newmem:
pushad
mov esi,[ebp-0000045C]
push esi
call GetSkill
cmp eax,0
je end
mov dword ptr ss:[ebp-0000045C],eax
end:
popad
mov eax,0FFFF
ret
table1: //源代代码
dd #10086 //跳跃攻击
dd #13800
table2: //改代代码?
dd #10010 //跳跃攻击
dd #54141
//下面是hook
1921DDE:
call newmem
[DISABLE]
1921DDE:
db b8 ff ff 00 00
