- 注册时间
- 2011-10-9
- 最后登录
- 1970-1-1
该用户从未签到
|
白色技能CALL能调伤害的代码有:44002 (黑电) 22277(扫击)其他没测试!,白色技能CALL 类似掉了不会封,我大爆炸掉了N次 没封过一次,但是不稳定。
--------------------------------
.版本 2
.子程序 更新完毕_白色技能CALL
.参数 触发对象, 整数型
.参数 技能ID, 整数型
.参数 技能伤害, 整数型
.参数 X坐标, 整数型
.参数 Y坐标, 整数型
.参数 Z坐标, 整数型
.参数 技能参数_1, 整数型, , 0
.参数 技能参数_2, 整数型, , 5
置入代码 ({ 86, 87, 83, 139, 125, 12, 139, 117, 8, 139, 13, 144, 65, 133, 1, 139, 17, 106, 2, 106, 21, 255, 82, 8, 104, 200, 0, 0, 0, 139, 13, 144, 65, 133, 1, 139, 1, 255, 80, 32, 139, 13, 144, 65, 133, 1, 139, 1, 106, 0, 255, 80, 32, 133, 246, 116, 50, 161, 144, 65, 133, 1, 139, 22, 139, 24, 139, 206, 255, 82, 68, 139, 13, 144, 65, 133, 1, 80, 255, 83, 36, 161, 144, 65, 133, 1, 139, 22, 139, 24, 139, 206, 255, 82, 72, 139, 13, 144, 65, 133, 1, 80, 255, 83, 36, 235, 29, 139, 13, 144, 65, 133, 1, 139, 1, 104, 255, 255, 0, 0, 255, 80, 36, 139, 13, 144, 65, 133, 1, 139, 17, 106, 0, 255, 82, 36, 139, 13, 144, 65, 133, 1, 139, 1, 104, 255, 255, 0, 0, 255, 80, 36, 139, 13, 144, 65, 133, 1, 139, 17, 106, 0, 255, 82, 36, 139, 13, 144, 65, 133, 1, 139, 1, 106, 1, 255, 80, 36, 139, 13, 144, 65, 133, 1, 139, 17, 87, 255, 82, 36, 139, 13, 144, 65, 133, 1, 139, 85, 16, 139, 1, 82, 255, 80, 44, 139, 13, 92, 113, 139, 1, 139, 17, 255, 146, 204, 7, 0, 0, 139, 13, 144, 65, 133, 1, 139, 49, 80, 255, 86, 36, 139, 13, 144, 65, 133, 1, 139, 1, 255, 144, 140, 0, 0, 0, 139, 136, 172, 0, 0, 0, 232, 159, 0, 0, 0, 139, 13, 144, 65, 133, 1, 139, 17, 139, 240, 86, 255, 82, 36, 139, 13, 144, 65, 133, 1, 139, 1, 106, 0, 255, 80, 32, 139, 13, 144, 65, 133, 1, 139, 17, 106, 4, 255, 82, 32, 139, 13, 144, 65, 133, 1, 139, 69, 20, 139, 17, 80, 255, 82, 36, 139, 13, 144, 65, 133, 1, 139, 69, 24, 139, 17, 80, 255, 82, 36, 139, 13, 144, 65, 133, 1, 139, 69, 28, 139, 17, 80, 255, 82, 36, 139, 69, 36, 139, 13, 144, 65, 133, 1, 139, 17, 80, 139, 69, 32, 80, 255, 82, 56, 139, 13, 144, 65, 133, 1, 139, 17, 106, 0, 255, 82, 36, 139, 13, 144, 65, 133, 1, 139, 17, 106, 0, 255, 82, 32, 139, 13, 196, 130, 148, 1, 139, 1, 106, 3, 106, 0, 106, 255, 106, 1, 232, 238, 0, 0, 0, 91, 95, 94, 233, 224, 0, 0, 0, 85, 139, 236, 81, 87, 139, 249, 139, 13, 92, 113, 139, 1, 133, 201, 117, 10, 184, 255, 255, 0, 0, 95, 139, 229, 93, 195, 139, 1, 83, 86, 255, 144, 204, 7, 0, 0, 104, 80, 56, 109, 1, 137, 69, 252, 184, 128, 54, 177, 0, 255, 208, 156, 252, 157, 153, 185, 255, 255, 0, 0, 131, 196, 4, 247, 249, 139, 218, 139, 243, 139, 255, 139, 85, 252, 86, 82, 139, 207, 184, 176, 231, 86, 0, 255, 208, 133, 192, 117, 31, 139, 143, 68, 1, 0, 0, 139, 135, 64, 1, 0, 0, 59, 193, 116, 41, 57, 48, 116, 7, 131, 192, 4, 59, 193, 117, 245, 59, 193, 116, 26, 141, 70, 1, 153, 185, 255, 255, 0, 0, 247, 249, 139, 242, 59, 243, 117, 190, 94, 91, 139, 193, 95, 139, 229, 93, 195, 86, 139, 207, 232, 9, 0, 0, 0, 139, 198, 94, 91, 95, 139, 229, 93, 195, 85, 139, 236, 139, 145, 68, 1, 0, 0, 139, 129, 64, 1, 0, 0, 59, 194, 116, 20, 86, 139, 117, 8, 57, 48, 116, 7, 131, 192, 4, 59, 194, 117, 245, 59, 194, 94, 117, 17, 141, 69, 8, 80, 129, 193, 60, 1, 0, 0, 184, 192, 65, 64, 0, 255, 208, 93, 194, 4, 0, 139, 229, 93, 194, 32, 0, 85, 139, 236, 106, 255, 139, 64, 68, 141, 64, 5, 255, 224 })
------------------------------------------------------------------------
白色技能调用方法:很简单,基址就用读取的 ————: 更新完毕_白色技能调用代码 (读内存整数型 (取进程ID (“DNF.exe”), 十六到十(人物基址))), 到整数 (44002), 到整数 (编辑框1.内容), x, y, z, 0, 5)
------------------------------------------------------------------------
|
.版本 2
.子程序 保护加密, 逻辑型, , 保护加密的数据
.参数 保护地址, 逻辑型, , 写入加密
.参数 保护数据, 整数型, , 0 = 开启保护 1 = 关闭保护
置入代码 ({ 139, 141, 12, 0, 0, 0, 139, 133, 8, 0, 0, 0, 82, 139, 229, 255, 21, 20, 160, 38, 3 })
返回 (假)
.版本 2
.子程序 加密1, 逻辑型
.参数 地址, 整数型
.参数 设置, 整数型
.局部变量 call地址, 整数型
call地址 = 4202352 ' 40D550‘’人物基地址 + 149C414
调用代码 (还原字节集2 (“60 C7 45 08”) + 到字节集 (设置) + 还原字节集2 (“8D 45 08 50 B9”) + 到字节集 (地址) + 还原字节集2 (“8D 09 B8”) + 到字节集 (call地址) + 还原字节集2 (“FF D0 61 C3”))
返回 (假)
.版本 2
.子程序 改偏移, 整数型, , 返回偏移-4后的10进制结果
.参数 偏移_16进制, 文本型, , 16进制需修改的偏移
.局部变量 a, 整数型
a = 十六到十 (偏移_16进制)
返回 (a - 4)
--------------------------------------------------------------
保护加密调用方法:不是加密修改偏移,是加密在加密,
保护加密 (加密1 (内存操作.读代码 (搜索_人物基址 ())+改偏移(偏移), 到整数(编辑框1.内容)), 0)
--------------------------------------------------------------
白色技能CALL需要更新的基址的特征码:(弄了一上午!)
mov ecx , dword ptr [01854190h]
↑ 特征码为:
MOV EAX,DWORD PTR DS:[ECX]
PUSH 3
PUSH 0
PUSH -1
PUSH EDX
-----------------------
call dword ptr [edx+08h]
↑特征码为:
MOV AL,1
MOV ESP,EBP
POP EBP
-------------------------
mov ecx , dword ptr [018B715Ch]
↑特征码为:
LEA EAX,DWORD PTR SS:[EBP-2]
PUSH EAX
MOV BYTE PTR SS:[EBP-1],BL
MOV BYTE PTR SS:[EBP-2],BL
---------------------------------
call dword ptr [edx+000007CCh]
↑特征码为:
MOV EDX,DWORD PTR DS:[ECX]
PUSH ESI
PUSH EDI
--------------------------------
mov ecx , dword ptr [eax+000000ACh]
↑特征码为:
PUSH ECX
PUSH EDX
PUSH 1
---------------------------------
mov ecx , dword ptr [019482C4h]
↑特征码为:
MOV EAX,DWORD PTR DS:[ECX]
PUSH 3
PUSH EDX
--------------------------------
mov edx , dword ptr [ebp-04h]
↑特征码为:
LEA ECX,DWORD PTR SS:[EBP-4]
PUSH ECX
PUSH 801C
PUSH 0
---------------------------------
mov eax , 0056E7B0h
↑特征码为:
BTR EAX,0E
BSR AX,BX
PUSH EDX
ROL EAX,CL
SAR AL,3
----------------------------------
mov ecx , dword ptr [edi+00000144h]
mov eax , dword ptr [edi+00000140h]
↑特征码为:
LEA EAX,DWORD PTR DS:[ESI+1]
CDQ
MOV ECX,0FFFF
IDIV ECX
MOV ESI,EDX
CMP ESI,EBX
-----------------------------------
add ecx , 0000013Ch
↑特征码为:
PUSH 2
PUSH 30
MOV EAX,DWORD PTR SS:[EBP-10]
ADD EAX,98
PUSH EAX
------------------------------------
mov eax , 004041C0h
↑特征码为:
SAL DWORD PTR DS:[ECX+EAX],0
ADD CL,CH
POP ESI
DEC EDI
INC EDI
JMP第一个基址 + 2200
-----------------------------------
大家可以用汇编转换器 来 更新!,具体就不多说了
|
|
发表于 2012-2-23 09:39:25
