- 注册时间
- 2011-10-30
- 最后登录
- 1970-1-1
该用户从未签到
|
雨夜很久没发教程了,很无聊啊,放个hook修改全屏吧
光hook20课也讲不完吧。hook消耗品改人偶,hook死亡call改无敌不死
hook全屏、、
雨夜前几课都是讲hook伤害,还没讲到全屏...
007EB75D \A1 385C4701 mov eax,dword ptr ds:[0x1475C38]
007EB762 8B7D 08 mov edi,dword ptr ss:[ebp+0x8]
007EB765 8B0D 3C5C4701 mov ecx,dword ptr ds:[0x1475C3C]
007EB76B 6A 00 push 0x0
007EB76D 6A 00 push 0x0
007EB76F 50 push eax
007EB770 8B16 mov edx,dword ptr ds:[esi]
007EB772 33C0 xor eax,eax
007EB774 51 push ecx
007EB775 8B4D EC mov ecx,dword ptr ss:[ebp-0x14]
007EB778 83FF 64 cmp edi,0x64
007EB77B 0F9CC0 setl al
007EB77E 6A 00 push 0x0
007EB780 6A 04 push 0x4
007EB782 6A 50 push 0x50
007EB784 6A 00 push 0x0
007EB786 48 dec eax
007EB787 83E0 D1 and eax,-0x2F
007EB78A 83C0 5D add eax,0x5D
007EB78D 50 push eax
007EB78E 8B45 E0 mov eax,dword ptr ss:[ebp-0x20]
007EB791 6A 00 push 0x0
007EB793 51 push ecx
007EB794 50 push eax
007EB795 68 3D520000 push 0x523D
007EB79A 8BCE mov ecx,esi
007EB79C FF92 0C030000 call dword ptr ds:[edx+0x30C]
写法说明:
007EB775 /E9 46583B02 jmp 02BA0FC0 ’跳到空白内存
02BA0FC0 C74424 04 00811808 mov dword ptr ss:[esp+0x4],0x8188100 ‘改浮点数范围
02BA0FC8 8B4D EC mov ecx,dword ptr ss:[ebp-0x14]‘还原游戏
02BA0FCB 83FF 64 cmp edi,0x64‘还原游戏
02BA0FCE ^ E9 A8A7C4FD jmp 007EB77B ’跳回去
金刚碎:
0080F2F6 8B0D 385C4701 mov ecx,dword ptr ds:[0x1475C38]
0080F2FC 8B15 3C5C4701 mov edx,dword ptr ds:[0x1475C3C]
0080F302 8B06 mov eax,dword ptr ds:[esi]
0080F304 6A 00 push 0x0
0080F306 6A 00 push 0x0
0080F308 51 push ecx
0080F309 52 push edx
0080F30A 6A 00 push 0x0
0080F30C 8BCE mov ecx,esi
0080F30E 8945 E0 mov dword ptr ss:[ebp-0x20],eax
0080F311 FF90 DC000000 call dword ptr ds:[eax+0xDC]
0080F317 50 push eax
0080F318 8B45 E0 mov eax,dword ptr ss:[ebp-0x20]
0080F31B 6A 00 push 0x0
0080F31D 6A 00 push 0x0
0080F31F 6A 00 push 0x0
0080F321 6A 00 push 0x0
0080F323 6A 00 push 0x0
0080F325 6A 00 push 0x0
0080F327 68 61520000 push 0x5261
0080F32C 8BCE mov ecx,esi
0080F32E FF90 0C030000 call dword ptr ds:[eax+0x30C]
写法说明:
0080F318 /E9 C31C3902 jmp 02BA0FE0 ’跳到空白内存
02BA0FE0 C74424 0C 00811808 mov dword ptr ss:[esp+0xC],0x8188100‘改浮点数范围(可自定义)
02BA0FE8 8B45 E0 mov eax,dword ptr ss:[ebp-0x20]‘还原游戏
02BA0FEB 6A 00 push 0x0‘还原游戏
02BA0FED ^ E9 2BE3C6FD jmp 0080F31D’跳回去 |
|