代码
1.敌人速度将为1 自身物理魔法提高(一击必杀)
{ Game : PTS_Unicode.exe
Version:
Date : 2023-08-28
Author : shuming
This script does blah blah blah
}
[ENABLE]
aobscanmodule(INJECT,PTS_Unicode.exe,89 03 41 B8 03 00 00 00) // should be unique
alloc(newmem,$1000,"PTS_Unicode.exe"+5D012)
label(code)
label(return)
newmem:
cmp [rbx+0098],c8
jne code1
mov [rbx+0040],100000
mov [rbx+0030],100000
mov r8d,00000003
jmp return
code1:
cmp [rbx+0098],cd
jne code2
mov [rbx+0040],100000
mov [rbx+0034],100000
mov r8d,00000003
jmp return
code2:
cmp [rbx+0098],d2
jne code
mov [rbx+0040],100000
mov [rbx+0034],100000
mov r8d,00000003
jmp return
code:
mov [rbx+0040],1
mov [rbx],eax
mov r8d,00000003
jmp return
INJECT:
jmp newmem
nop 3
return:
registersymbol(INJECT)
[DISABLE]
INJECT:
db 89 03 41 B8 03 00 00 00
unregistersymbol(INJECT)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "PTS_Unicode.exe"+5D012
"PTS_Unicode.exe"+5CFE9: 75 09 - jne PTS_Unicode.exe+5CFF4
"PTS_Unicode.exe"+5CFEB: 83 FF 01 - cmp edi,01
"PTS_Unicode.exe"+5CFEE: 0F 8E 38 02 00 00 - jng PTS_Unicode.exe+5D22C
"PTS_Unicode.exe"+5CFF4: 8B 83 08 FF FF FF - mov eax,[rbx-000000F8]
"PTS_Unicode.exe"+5CFFA: 85 C0 - test eax,eax
"PTS_Unicode.exe"+5CFFC: 0F 84 2A 02 00 00 - je PTS_Unicode.exe+5D22C
"PTS_Unicode.exe"+5D002: 8B 53 F8 - mov edx,[rbx-08]
"PTS_Unicode.exe"+5D005: 41 B8 03 00 00 00 - mov r8d,00000003
"PTS_Unicode.exe"+5D00B: 8B 0B - mov ecx,[rbx]
"PTS_Unicode.exe"+5D00D: E8 7E 74 04 00 - call PTS_Unicode.exe+A4490
// ---------- INJECTING HERE ----------
"PTS_Unicode.exe"+5D012: 89 03 - mov [rbx],eax
"PTS_Unicode.exe"+5D014: 41 B8 03 00 00 00 - mov r8d,00000003
// ---------- DONE INJECTING ----------
"PTS_Unicode.exe"+5D01A: 8B 53 FC - mov edx,[rbx-04]
"PTS_Unicode.exe"+5D01D: 8B 4B 04 - mov ecx,[rbx+04]
"PTS_Unicode.exe"+5D020: E8 6B 74 04 00 - call PTS_Unicode.exe+A4490
"PTS_Unicode.exe"+5D025: 89 43 04 - mov [rbx+04],eax
"PTS_Unicode.exe"+5D028: 41 B8 03 00 00 00 - mov r8d,00000003
"PTS_Unicode.exe"+5D02E: 8B 53 14 - mov edx,[rbx+14]
"PTS_Unicode.exe"+5D031: 8B 4B 1C - mov ecx,[rbx+1C]
"PTS_Unicode.exe"+5D034: E8 57 74 04 00 - call PTS_Unicode.exe+A4490
"PTS_Unicode.exe"+5D039: 89 43 1C - mov [rbx+1C],eax
"PTS_Unicode.exe"+5D03C: 41 B8 03 00 00 00 - mov r8d,00000003
}
2.陷阱锁定解除一直生效
{ Game : PTS_Unicode.exe
Version:
Date : 2023-08-30
Author : shuming
This script does blah blah blah
}
[ENABLE]
aobscanmodule(INJECT,PTS_Unicode.exe,89 05 1B D5 0E 02) // should be unique
alloc(newmem,$1000,"PTS_Unicode.exe"+A5DF)
label(code)
label(return)
newmem:
jmp return
code:
mov [PTS_Unicode.exe+20F7B00],eax
jmp return
INJECT:
jmp newmem
nop
return:
registersymbol(INJECT)
[DISABLE]
INJECT:
db 89 05 1B D5 0E 02
unregistersymbol(INJECT)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "PTS_Unicode.exe"+A5DF
"PTS_Unicode.exe"+A5BD: EB 13 - jmp PTS_Unicode.exe+A5D2
"PTS_Unicode.exe"+A5BF: 33 C9 - xor ecx,ecx
"PTS_Unicode.exe"+A5C1: 8B D9 - mov ebx,ecx
"PTS_Unicode.exe"+A5C3: B9 D2 00 00 00 - mov ecx,000000D2
"PTS_Unicode.exe"+A5C8: 3B C1 - cmp eax,ecx
"PTS_Unicode.exe"+A5CA: B8 02 00 00 00 - mov eax,00000002
"PTS_Unicode.exe"+A5CF: 0F 44 D8 - cmove ebx,eax
"PTS_Unicode.exe"+A5D2: 33 C0 - xor eax,eax
"PTS_Unicode.exe"+A5D4: 89 05 16 D5 0E 02 - mov [PTS_Unicode.exe+20F7AF0],eax
"PTS_Unicode.exe"+A5DA: BA 38 15 00 00 - mov edx,00001538
// ---------- INJECTING HERE ----------
"PTS_Unicode.exe"+A5DF: 89 05 1B D5 0E 02 - mov [PTS_Unicode.exe+20F7B00],eax
// ---------- DONE INJECTING ----------
"PTS_Unicode.exe"+A5E5: 8B 0E - mov ecx,[rsi]
"PTS_Unicode.exe"+A5E7: E8 64 9C 09 00 - call PTS_Unicode.exe+A4250
"PTS_Unicode.exe"+A5EC: 8B C8 - mov ecx,eax
"PTS_Unicode.exe"+A5EE: E8 5D 9F 09 00 - call PTS_Unicode.exe+A4550
"PTS_Unicode.exe"+A5F3: 44 8B C8 - mov r9d,eax
"PTS_Unicode.exe"+A5F6: 48 8D 15 07 60 42 01 - lea rdx,[PTS_Unicode.exe+1430604]
"PTS_Unicode.exe"+A5FD: 48 69 C3 7C F9 00 00 - imul rax,rbx,0000F97C
"PTS_Unicode.exe"+A604: 8B 0C 10 - mov ecx,[rax+rdx]
"PTS_Unicode.exe"+A607: 44 3B C9 - cmp r9d,ecx
"PTS_Unicode.exe"+A60A: 7C 04 - jl PTS_Unicode.exe+A610
}
