|
  
- UID
- 41
- 帖子
- 11996
- 主題
- 2516
- 精華
- 80
- 積分
- 12581
- 楓幣
- 58267
- 威望
- 7704
- 存款
- 1000000
- 贊助金額
- 0
- 推廣
- 1
- GP
- 5087
- 閱讀權限
- 255
- 在線時間
- 65535 小時
- 註冊時間
- 2011-3-31
- 最後登入
- 2024-5-6
|
TWMS100 (一些舊數據,僅供參考&研究)
[ENABLE]
//================================================
// 名稱: 物品過濾
// 功能: 過濾不要的物品
// 版本: TWMS0100
// 更新時間: 2009/8/26
// ADD: 004F2329
// EIP: ItemFilter
// 物品位址EIP: ItemCounter
//================================================
alloc(ItemFilter,124)
alloc(IFTable,16024)
alloc(ItemCounter,4)
label(ifreject)
label(end)
label(skip)
registersymbol(ItemFilter)
registersymbol(ItemCounter)
ItemFilter:
mov [ItemCounter],eax
push ebx
push esi
xor ebx, ebx
mov esi,IFTable
ifreject:
cmp eax,[esi]
je skip
cmp [esi],ebx
je end
add esi,4
jmp ifreject
skip:
mov eax,00
end:
pop esi
pop ebx
mov [edi+34],eax
jmp 004F232C
IFTable:
dd 00
[DISABLE]
dealloc(ItemFilter)
unregistersymbol(ItemFilter)
dealloc(IFTable)
dealloc(ItemCounter)
unregistersymbol(ItemCounter) //版本:TWMS100
//數據名稱:攻擊不停.放不停
//日期:2009/7/30
// 代碼 :00900642
// EIP : CSX
[Enable]
registersymbol(CSX)
alloc(CSX,128)
label(CSXReturn)
CSX://CSEAX X
push eax
mov eax,[00AE62C4]
mov eax,[eax+2598]
cmp eax,2
pop eax
jg CSXReturn
push eax
mov eax,[00AE62C4]
mov eax,[eax+2588]
cmp eax,2
pop eax
jg CSXReturn
push eax
mov eax,[00AE62C4]
mov eax,[eax+0D6C]
cmp esi,eax
pop eax
jne CSXReturn
add eax,0a
jmp CSXReturn
CSXReturn:
mov [ebx], eax
jmp 00900644
[Disable]
unregistersymbol(CSX)
dealloc(CSX) //==================================================
// TWMS_V100 快速恢復 HP/MP 合併版
// 代碼原創:qqazedctgb
// Address:00425C20
// EIP=HookFR
// 說明:每次恢復10倍HP,8倍MP
//==================================================
[Enable]
alloc(HookFR,256)
registersymbol(HookFR)
label(HookRet)
label(HPHandler)
label(MPHandler)
label(FastRecoverHP)
label(DoNormalHP)
label(HPCheck)
alloc(HPCounter,4)
alloc(SetHPCounter,4)
alloc(RecoverTime,4)
registersymbol(SetHPCounter)
label(FastRecoverMP)
label(DoNormalMP)
label(MPCheck)
alloc(MPCounter,4)
alloc(SetMPCounter,4)
registersymbol(SetMPCounter)
HookFR:
cmp [esp],00944655
je HPHandler
cmp [esp],009447C3
je MPHandler
HookRet:
push ebp
jmp 00425C21
HPHandler:
mov [esp],FastRecoverHP
jmp HookRet
MPHandler:
mov [esp],FastRecoverMP
jmp HookRet
FastRecoverHP:
push eax
mov eax,[ebp-1c]
mov [RecoverTime],eax
pop eax
cmp [HPCounter],0
je HPCheck
dec [HPCounter]
cmp ebx,1
jmp 00944658
HPCheck:
sub [RecoverTime],0A
cmp ebx,[RecoverTime]
jna DoNormalHP
push eax
mov eax,[SetHPCounter]
dec eax
mov [HPCounter],eax
pop eax
DoNormalHP:
cmp ebx,[ebp-1c]
jmp 00944658
FastRecoverMP:
cmp [MPCounter],0
je MPCheck
dec [MPCounter]
cmp ebx,1
jmp 009447C9
MPCheck:
cmp ebx,00002708
jna DoNormalMP
push eax
mov eax,[SetMPCounter]
dec eax
mov [MPCounter],eax
pop eax
DoNormalMP:
cmp ebx,00002710
jmp 009447C9
SetHPCounter:
dd A // 10倍HP,易斷線的請調低倍數
SetMPCounter:
dd 8 // 8倍MP,易斷線的請調低倍數
[Disable]
unregistersymbol(HookFR)
dealloc(HookFR)
dealloc(HPCounter)
dealloc(SetHPCounter)
dealloc(RecoverTime)
unregistersymbol(SetHPCounter)
dealloc(MPCounter)
dealloc(SetMPCounter)
unregistersymbol(SetMPCounter) [enable]
//滑鼠控制人物 for TWMS100
//原作者:maggie98
//Address:009006A7
//EIP:MouseRushStart
//熱鍵控制:RushSW【value值設定1,熱鍵自設】
registersymbol(MouseRushStart)
alloc(MouseRushStart, 1024)
registersymbol(RushSW)
alloc(RushSW, 4)
alloc(RushOn, 4)
label(RetMSRush)
RushSW:
dd 0 // 初始是關閉mouse 趕路
RushOn:
dd 0
MouseRushStart:
mov ebx, [RushSW]
xor [RushOn], ebx
mov [RushSW], 0
cmp [RushOn], 1
jne RetMSRush
mov ebx, [00AE62C4]
mov ebx, [ebx+0D6C]
cmp esi, ebx
jne RetMSRush
mov eax, [00AE6460]
mov eax, [eax+978]
mov ebx, [eax+84]
mov eax, [eax+88]
mov [edi-4], ebx
RetMSRush:
mov [edi], eax
jmp 009006A9
[disable]
unregistersymbol(MouseRushStart)
dealloc(MouseRushStart)
unregistersymbol(RushSW)
dealloc(RushSW)
dealloc(RushOn) //V100招喚獸短擊
//原作:zgenden
//Address:007225F4
//EIP:FIR
//更新wugey
//-----------------------------------------------
[ENABLE]
registersymbol(FIR)
alloc(FIR,1024)
registersymbol(FIRTIMESS)
alloc(FIRTIMESS,4)
registersymbol(FIRSKILL)
alloc(FIRSKILL,4)
registersymbol(FIREDI)
alloc(FIREDI,4)
label(FIR00)
label(FIR01)
label(TEN02)
//-----------------------------------------------
FIRTIMESS:
DD 0 //招喚獸攻擊時間
FIRSKILL:
DD 0 //招喚獸攻擊次數
FIREDI:
DD 0 //招喚獸EDI
//-----------------------------------------------
FIR:
cmp [FIREDI],edi
je TEN02
mov [FIREDI],edi
mov [FIRTIMESS],0
mov [FIRSKILL],0
TEN02:
cmp [FIRSKILL],2 //偵測攻擊次數.目前2下
jge FIR00
call FIR01
pop ecx
pop ecx
mov dword ptr [ebx+000000cc],01
push [ebx+000000e8]
lea eax,[ebx+000000e0]
push eax
call FIR01
pop ecx
pop ecx
mov dword ptr [ebx+000000c0],01
push [ebx+000000b0]
call 006efb78
pop ecx
push esi
mov ecx,ebx
call 00723397
push eax
mov eax,[ebx+0000010c]
cmp [FIRTIMESS],eax
pop eax
je 00722747
push eax
mov eax,[ebx+0000010c]
mov [FIRTIMESS],eax
mov [FIREDI],edi
add [FIRSKILL],1
pop eax
jmp 00722747
//-----------------------------------------------
FIR00:
call 004146b2
jmp 007225F9
//-----------------------------------------------
FIR01:
push ebp
mov ebp,esp
mov eax,[ebp+08]
push ebx
mov ebx,[eax+04]
push esi
mov esi,[eax]
push edi
push 05
push ebx
call 0099d2fb
mov edi,eax
xor edi,esi
push 05
xor esi,baadf00d
push esi
call 0099cf44
add eax,ebx
add esp,10
mov eax,edi
pop edi
pop esi
pop ebx
pop ebp
ret
//-----------------------------------------------
[DISABLE]
dealloc(FIR)
unregistersymbol(FIR)
dealloc(FIRTIMESS)
unregistersymbol(FIRTIMESS)
dealloc(FIREDI)
unregistersymbol(FIREDI)
dealloc(FIRSKILL)
unregistersymbol(FIRSKILL) //怪物順移全集
//原作: a00764599
//順移原本代碼作者: maxjojo
//更新:qwe8966351
//Address : 004146B2
//Eip : ALLFAST
//=================注意================注意===================
[ENABLE]
registersymbol(ALLFAST)
registersymbol(Moves1onoff)
registersymbol(Moves2onoff)
registersymbol(Moves3onoff)
registersymbol(Moves4onoff)
alloc(ALLFAST, 1024)
alloc(Moves1onoff, 4)
alloc(Moves2onoff, 4)
alloc(Moves3onoff, 4)
alloc(Moves4onoff, 4)
label(Stop)
label(Moves1)
label(Moves1Normal)
label(Moves2)
label(Moves2Normal)
label(Moves3)
label(Moves3Normal)
label(Moves4)
label(Moves4Normal)
//=======================================================
//怪瞬移1號開關 【0】關 【1】開
//=======================================================
Moves1onoff:
dd 0
//=======================================================
//怪瞬移2號開關 【0】關 【1】開
//=======================================================
Moves2onoff:
dd 0
//=======================================================
//怪瞬移3號開關 【0】關 【1】開
//=======================================================
Moves3onoff:
dd 0
//=======================================================
//怪瞬移4號開關 【0】關 【1】開
//=======================================================
Moves4onoff:
dd 1
//=======================================================
ALLFAST:
cmp dword ptr [esp], 0065A07A //怪瞬移1號
je Moves1
cmp dword ptr [esp], 0065A02F //怪瞬移2號
je Moves2
cmp dword ptr [esp], 0065A021 //怪瞬移3號
je Moves3
cmp dword ptr [esp], 0065A09A //怪瞬移4號
je Moves4
//=======================================================
Stop:
push ebp
jmp 004146B3
//===怪瞬移1號====================================
Moves1:
cmp [Moves1onoff], 1
jne Moves1Normal
ret
Moves1Normal:
jmp Stop
//===怪瞬移2號====================================
Moves2:
cmp [Moves2onoff], 1
jne Moves2Normal
ret
Moves2Normal:
jmp Stop
//===怪瞬移3號====================================
Moves3:
cmp [Moves3onoff], 1
jne Moves3Normal
ret
Moves3Normal:
jmp Stop
//===怪瞬移4號====================================
Moves4:
cmp [Moves4onoff], 1
jne Moves4Normal
ret
Moves4Normal:
jmp Stop
[disable]
unregistersymbol(ALLFAST)
unregistersymbol(Moves1onoff)
unregistersymbol(Moves2onoff)
unregistersymbol(Moves3onoff)
unregistersymbol(Moves4onoff)
dealloc(Monster along moves)
dealloc(Moves1onoff)
dealloc(Moves2onoff)
dealloc(Moves3onoff)
dealloc(Moves4onoff) //疾風N合一 for TWMS V100
//原作:jajaja
//原出處:疾風之莊
//功能:控怪方向:左趴往左;右趴往右
// 致命吸引力:左趴定點;右趴跟隨(無法與疾風的跳怪掉落連用)
// 紅點控制:有紅點部分功能暫停(保留停止呼吸、血控、無敵),紅點5個以上全功能暫停
// 碰撞攻不停、角色不被擊退、碰怪後無敵30秒、笨怪、跳怪不跳、
// 超級撿物、停止呼吸、跳怪掉落、攻擊加速、損血控制
//Address:004147C2
//EIP:MyLR
//=================================================
[enable]
registersymbol(MyLR)
alloc(MyLR,1280)
label(MyLR1)
label(MyLR0)
registersymbol(LR)
alloc(MyDir,4)
alloc(MyCt,4)
alloc(MyPt,4)
alloc(LR,4)
label(GoLR)
label(GoLR1)
label(GoLR2)
label(GoLR3)
label(GoLR4)
label(GoLR5)
label(GoLRback)
label(JmpLR)
label(JmpLR1)
label(JmpLR2)
label(JmpLRback)
label(MyState)
label(MyCharX)
label(LRDir1)
label(LRDir2)
label(LRDir3)
label(LRDir4)
label(LRDir5)
label(LRDir6)
label(LRDir7)
label(MyNoBack)
registersymbol(KBSwitch)
alloc(KBSwitch,4)
alloc(KBLR,4)
label(Untouchable)
registersymbol(VarMaxDamage)
registersymbol(VarMinDamage)
alloc(VarMaxDamage,4)
alloc(VarMinDamage,4)
registersymbol(StupidSwitch)
alloc(StupidSwitch,4)
label(MyStupid)
label(QuitS)
registersymbol(ASUSwitch)
registersymbol(ASUInterval)
alloc(ASUSwitch,4)
alloc(ASUInterval,4)
alloc(AttackTime,4)
label(AtkSpeedUp)
label(QuitASU)
label(MyNoJmp)
//---------↓KB攻不停↓---------
KBSwitch: //KB攻不停開關:
DD 1 //0 = 關;1 = 開
KBLR:
DD 3
//---------↑KB攻不停↑---------
//----------↓笨 怪↓----------
StupidSwitch: //笨怪開關:
DD 1 //0 = 關;1 = 開
//----------↑笨 怪↑----------
//----------↓攻擊加速↓----------
ASUSwitch: //攻擊加速開關:
DD 1 //0 = 關;1 = 開
ASUInterval: //加速時間:(會斷線請增加數值,穩定的可以試著減少數值)
DD 2BC //預設值:7D0 = 2秒 (1.5秒=5DC;3秒=BB8)
AttackTime:
DD 0
//----------↑攻擊加速↑----------
//----------↓掉怪控怪↓----------
LR: //跳怪掉落開關:
DD 1 //1 = 停用;3 = 左掉落;2 = 右掉落
MyDir:
DD 1
//----------↑掉怪控怪↑----------
MyLR:
push eax
cmp [00AE62C4],00000000
je MyLR1
mov eax,[00AE62C4]
mov [eax+380],0
cmp [00AE62D8],00000000
je MyLR1
mov eax,[00AE62D8]
mov eax,[eax+18]
cmp eax,4
ja MyLR1
cmp eax,0
pop eax
jne MyLR0
push eax
cmp [00AE1E60],00000000
je MyLR1
mov eax,[00AE1E60]
mov [eax+2074],0
pop eax
cmp dword ptr [esp], 00902D26
je MyStupid
cmp dword ptr [esp], 00903D8F
je GoLR
cmp dword ptr [esp], 009041A9
je JmpLR
cmp dword ptr [esp], 00904161
je MyNoJmp
MyLR0:
cmp dword ptr [esp], 008AA275
je MyNoBack
ret
MyLR1:
pop eax
ret
//=====↓不被擊退、碰怪無敵↓=====
MyNoBack:
add esp,4
//---------↓KB攻不停↓---------
cmp [KBSwitch],0
je Untouchable
push eax
mov eax,[00AE62C4]
mov eax,[eax+2588]
cmp eax,10
pop eax
jb Untouchable
push eax
mov eax,[KBLR]
mov [ebp+20],eax
mov [ebp-9C],eax
neg eax
mov [KBLR],eax
pop eax
push 64
jmp 008AA277
//---------↑KB攻不停↑---------
Untouchable:
mov eax,[ebp-10]
lea ecx,[eax+0000187C]
push FFFFD8F0
jmp 008AA999
//=====↑不被擊退、碰怪無敵↑=====
//==========↓笨 怪↓==========
MyStupid:
add esp,4
call AtkSpeedUp
cmp [StupidSwitch],0
je QuitS
xor edx,edx
mov ecx,0000ea60
div ecx
lea eax,[esi+00000238]
add edx,0002bf20
mov [esi+00000240],edx
mov edx,[esp+10]
cmp [eax],edx
je 00902D71
cmp [esi+0000023c],edi
lea ecx,[esi+0000023c]
je 00902D71
QuitS:
xor edx,edx
jmp 00902D28
//==========↑笨 怪↑==========
//==========↓走怪方向↓==========
GoLR:
add esp,4
call MyState
push 03
pop ecx
mov [edi+20],eax
xor edx,edx
div ecx
cmp [MyDir],1
je GoLRback
cmp [MyDir],3
je GoLR1
cmp [MyDir],4
je GoLR3
cmp edx,[MyDir]
je GoLRback
mov [esi+000004D0],0
jmp GoLRback
GoLR1:
push eax
call MyCharX
jmp GoLR4
GoLR3:
push eax
mov eax,[MyPt]
GoLR4:
cmp edx,1
je GoLR5
jg GoLR2
cmp eax,[esi+1C4]
pop eax
mov [esi+000004D0],5
jl GoLRback
mov [esi+000004D0],0
jmp GoLRback
GoLR2:
cmp eax,[esi+1C4]
pop eax
mov [esi+000004D0],5
jg GoLRback
mov [esi+000004D0],0
jmp GoLRback
GoLR5:
pop eax
mov [esi+000004D0],0
GoLRback:
jmp 00903D99
//==========↑走怪方向↑==========
//==========↓跳怪方向↓==========
JmpLR:
add esp,4
call MyState
cmp [MyDir],1
je JmpLRback
cmp [MyDir],2
mov eax,2
je JmpLRback
cmp [MyDir],0
mov eax,3
je JmpLRback
cmp [MyDir],4
je JmpLR1
call MyCharX
jmp JmpLR2
JmpLR1:
mov eax,[MyPt]
JmpLR2:
cmp eax,[esi+1C4]
mov eax,2
mov [esi+000004D0],5
jg JmpLRback
mov eax,3
JmpLRback:
//----------↓跳怪掉落↓----------
cmp [esi+00000230],1
je LRDir7
cmp eax,[LR]
jne LRDir7
sub [esi+00000230],2
LRDir7:
//----------↑跳怪掉落↑----------
push 03
jmp 009041AB
//==========↑跳怪方向↑==========
//----------↓X 座標↓----------
MyCharX:
mov eax,[00AE62C4]
mov eax,[eax+00000D2C]
ret
//----------↑X 座標↑----------
//----------↓角色狀態↓----------
MyState:
push eax
mov eax,[00AE62C4]
mov eax,[eax+00000384]
cmp eax,a
je LRDir1
cmp eax,b
je LRDir2
cmp eax,14
je LRDir3
cmp eax,15
je LRDir3
mov [MyCt],0
jmp LRDir4
LRDir1:
mov [MyDir],2
cmp [MyCt],32
ja LRDir5
inc [MyCt]
jmp LRDir4
LRDir2:
mov [MyDir],0
cmp [MyCt],32
ja LRDir6
inc [MyCt]
jmp LRDir4
LRDir3:
mov [MyDir],1
jmp LRDir4
LRDir5:
mov [MyDir],3
jmp LRDir4
LRDir6:
mov [MyDir],4
call MyCharX
mov [MyPt],eax
LRDir4:
pop eax
ret
//----------↑角色狀態↑----------
//==========↓跳怪不跳↓==========
MyNoJmp:
add esp,4
jmp 00904175
//==========↑跳怪不跳↑==========
//----------↓攻擊加速↓----------
AtkSpeedUp:
push eax
cmp [ASUSwitch],0
je QuitASU
mov eax,[00AE6464]
mov eax,[eax+18]
cmp eax,[AttackTime]
jl QuitASU
mov eax,[00AE62C4]
mov eax,[eax+388]
cmp eax,ffffffff
je QuitASU
mov eax,[00AE62C4]
mov [eax+388],ffffffff
mov eax,[00AE6464]
mov eax,[eax+18]
add eax,[ASUInterval]
mov [AttackTime],eax
QuitASU:
pop eax
ret
//----------↑攻擊加速↑----------
[disable]
dealloc(MyLR)
unregistersymbol(MyLR)
dealloc(MyDir)
dealloc(MyCt)
dealloc(MyPt)
dealloc(LR)
unregistersymbol(LR)
dealloc(KBSwitch)
unregistersymbol(KBSwitch)
dealloc(KBLR)
dealloc(VarMaxDamage)
unregistersymbol(VarMaxDamage)
dealloc(VarMinDamage)
unregistersymbol(VarMinDamage)
dealloc(StupidSwitch)
unregistersymbol(StupidSwitch)
dealloc(ASUInterval)
unregistersymbol(ASUInterval)
dealloc(AttackTime) //V100召喚獸無延遲,不鎖EIP版
//00723DB8 eip = FixTime
//007226D6 eip = Fix
//以上兩個代碼要一起開,否則會被鎖..
[ENABLE]
registersymbol(Fix)
alloc(Fix,2048)
registersymbol(FixTime)
alloc(FixTime,64)
label(FixTimeOF)
label(FixSSTime)
label(FixSSTime10C)
label(Fix00)
label(Fix01)
Fix:
push eax
mov eax,[ebx+0000010c]
cmp [FixSSTime10C],eax
pop eax
je Fix01
push eax
mov eax,[FixTimeOF]
cmp eax,[FixSSTime]
pop eax
je Fix00
push eax
mov eax,[ebx+0000010c]
mov [FixSSTime10C],eax
mov eax,[FixTimeOF]
mov [FixSSTime],eax
pop eax
Fix01:
push [ebx+000000b0]
call 006efb78
pop ecx
mov ecx,esi
sub ecx,[ebx+0000010c]
push esi
mov ecx,ebx
call 00723397
jmp 00722747
Fix00:
jg 00722747
cmp dword ptr [ebx+000000c0],01
jmp 007226df
FixTimeOF:
dd 0
FixSSTime:
dd 0
FixSSTime10C:
dd 0
FixTime:
add [FixTimeOF],2710
mov eax,[FixTimeOF]
jmp 00723DBD
[DISABLE]
dealloc(Fix)
unregistersymbol(Fix)
dealloc(FixTime)
unregistersymbol(FixTime) //範圍加大(下)
//Address:0063a1d6//EIP=IwallEXP
[ENABLE]
registersymbol(IwallEXP)
alloc(IwallEXP, 2048)
label(IwallEXP00)
label(IwallEXP01)
registersymbol(IwallTimes)
alloc(IwallTimes, 4)
registersymbol(x2)
alloc(x2, 4)
registersymbol(x1)
alloc(x1, 4)
registersymbol(y1)
alloc(y1, 4)
registersymbol(y2)
alloc(y2, 4)
registersymbol(Timer)
alloc(Timer, 4)
IwallTimes:
dd 0
Timer:
dd f // 500ms
x2:
dd 3e8 // 1000
y2:
dd 1f4 //500
IwallEXP:
mov edx,[00AE62C4] //
mov edx,[edx+18]
sub edx,[Timer] //每 500 ms 換下一張圖
cmp edx,[IwallTimes]
jl IwallEXP01
mov edx,[00AE62C4] //
mov edx,[edx+18]
mov [IwallTimes],edx
mov edx,[x2]
mov [x1],edx
sub [x2],1f4
mov edx,[y2]
mov [y1],edx
cmp [x2], FFFFFC18
jge IwallEXP01
mov [x2],3e8
sub [y2],1f4
cmp [y2], FFFFFE0C
jge IwallEXP01
mov [y2],1f4
IwallEXP01:
mov edx,[00AE62C4]
mov edx,[edx+0d2c]
add edx,[x1]
cmp ecx,edx
jg IwallEXP00
sub edx,1f4 // 500
cmp ecx,edx
jl IwallEXP00
mov edx,[00AE62C4]
mov edx,[edx+0d30]
add edx,[y1]
cmp eax,edx
jg IwallEXP00
sub edx,1f4
cmp eax,edx
jl IwallEXP00
mov ecx,[00AE62C4]
mov ecx,[ecx+0d2c]
mov eax,[00AE62C4]
mov eax,[eax+0d30]
mov [ebx+00000484],ecx
jmp 0063a1dc
IwallEXP00:
mov [ebx+00000484],ecx
jmp 0063A1DC
[DISABLE]
dealloc(IwallEXP)
unregistersymbol(IwallEXP)
unregistersymbol(IwallTimes)
dealloc(IwallTimes)
unregistersymbol(x1)
dealloc(x1)
unregistersymbol(y1)
dealloc(y1)
unregistersymbol(x2)
dealloc(x2)
unregistersymbol(y2)
dealloc(y2)
unregistersymbol(Timer)
dealloc(Timer) //全圖打怪KiKiVac EIP 版 for TwMs 1.00
//Address: 0063A1D6
//EIP: KiKiVac
//呆baby by:
[Enable]
registersymbol(KiKiVac)
alloc(KiKiVac,256)
label(KiKiReturn)
KiKiVac: //
mov edx,[AE62C4] // char pid pointer
lea edx,[edx+0000d2c]
mov [ebx+00000484], eax
mov ecx,[edx]
mov edx,[AE62C4] // char pid pointer
lea eax,[eax+00000D30]
mov [ebx+00000488], eax
lea eax,[edx]
mov eax,[eax]
jmp KiKiReturn
KiKiReturn:
jmp 0063A1DC
[Disable]
unregistersymbol(KiKiVac)
dealloc(KiKiVac) //V100寵物吸物
[enable]
// For MapleStory
// ADD:004f1335
// EIP etGetItem
// 感謝 smallro,maxyoyo
// 更新 射鵰英雄
registersymbol(PetGetItem)
alloc(PetGetItem,256)
registersymbol(PetGetItemSwitch)
alloc(PetGetItemSwitch,4)
label(NormalPet)
PetGetItemSwitch:
dd 1 // 開關 0 是關 1 是開
PetGetItem:
cmp [PetGetItemSwitch], 0
je NormalPet
push ebx
mov ebx, [ebp+0c]
mov [ebx], edi
mov [ebx+04], eax
pop ebx
jmp 004f134c
NormalPet:
lea eax, [ebp-38]
push eax
call dword ptr [00ae9a1c]
jmp 004f133f
[disable]
unregistersymbol(PetGetItem)
dealloc(PetGetItem)
unregistersymbol(PetGetItemSwitch)
dealloc(PetGetItemSwitch) //全圖打(可調範圍)TWMS1.00 (數據也有地方有錯)
//Address:0063A1D6
//EIP=IwallEXP
//更新 peter980421
//-----------------------------------------------
[ENABLE]
registersymbol(IwallEXP)
alloc(IwallEXP, 1024)
registersymbol(IwallEXPX)
alloc(IwallEXPX, 4)
registersymbol(IwallEXPY)
alloc(IwallEXPY, 4)
label(IwallEXP00)
IwallEXPX:
dd 190 //以人物為中心X軸(16進位).數值越大範圍越大.目前設定200=C8(16進位)
IwallEXPY:
dd 15E //以人物為中心Y軸(16進位).數值越大範圍越大.目前設定200=C8(16進位)
IwallEXP:
mov edx,[00AE62C4]
mov edx,[edx+0D2C]
add edx,[IwallEXPX]
cmp ecx,edx
jg IwallEXP00
mov edx,[00AE62C4]
mov edx,[edx+0D2C]
sub edx,[IwallEXPX]
cmp ecx,edx
jl IwallEXP00
mov edx,[00AE62C4]
mov edx,[edx+0D30]
add edx,[IwallEXPY]
cmp eax,edx
jg IwallEXP00
mov edx,[00AE62C4]
mov edx,[edx+0D30]
sub edx,[IwallEXPY]
cmp eax,edx
jl IwallEXP00
mov ecx,[00AE62C4]
mov ecx,[ecx+0D2C]
mov eax,[00AE62C4]
mov eax,[eax+0D30]
mov [ebx+00000484],ecx
jmp 0063A1DC
//-----------------------------
IwallEXP00:
mov [ebx+00000484],ecx
jmp 0063A1DC
[DISABLE]
dealloc(IwallEXP)
unregistersymbol(IwallEXP)
dealloc(IwallEXPX)
unregistersymbol(IwallEXPX)
dealloc(IwallEXPY)
unregistersymbol(IwallEXPY) //原作:zgenden
//代碼:005241DC
//EIP:Maxone
//功能:跳怪掉落1.跳怪掉落2
//-----------------------------------------------
[ENABLE]
registersymbol(Maxone)
alloc(Maxone,128)
label(QuitMaxone)
registersymbol(JDSwitch)
alloc(JDSwitch,4)
alloc(JDSwitch1, 4)
alloc(JDSwitch2, 4)
label(JumpDown1)
label(QuitJD1)
label(JumpDown2)
label(QuitJD2)
//-----------------------------------------------
JDSwitch:
DD 1 //總開關: 0.關 1.開
JDSwitch1:
DD 1 //跳怪掉落1: 0.關 1.開
JDSwitch2:
DD 1 //跳怪掉落2: 0.關 1.開
//-----------------------------------------------
Maxone:
cmp [JDSwitch],0
je QuitMaxone
cmp dword ptr [esp],00904A65
je JumpDown1
cmp dword ptr [esp],00904F61
je JumpDown2
ret
QuitMaxone:
ret
//-----------------------------------------------
JumpDown1:
add esp,4
cmp [JDSwitch1],1
jne QuitJD1
cmp [ebx+0230],2
jne QuitJD1
fsubr qword ptr [ebp-18]
add esp,10
fst qword ptr [ebp-18]
fcomp qword ptr [00A1DBB0]
jmp 00904DF4
QuitJD1:
fsubr qword ptr [ebp-18]
jmp 00904A68
//-----------------------------------------------
JumpDown2:
add esp,4
cmp [JDSwitch2],1
jne QuitJD2
fcomp qword ptr [ebp-08]
pop ecx
pop ecx
jmp 00904FCB
QuitJD2:
fcomp qword ptr [ebp-08]
jmp 00904F64
//-----------------------------------------------
[DISABLE]
dealloc(Maxone)
unregistersymbol(Maxone)
dealloc(JumpDown1KEY)
unregistersymbol(JumpDown1KEY)
dealloc(JDSwitch)
unregistersymbol(JDSwitch)
dealloc(JDSwitch1)
unregistersymbol(JDSwitch1)
dealloc(JDSwitch2)
unregistersymbol(JDSwitch2) //TWMS 0100 招喚獸攻擊物落腳下 EIP 版
//原作:zgende
//Address: 00723E5B
//EIP:FIX_TTBOX_DOWN
//-----------------------------------------------
[ENABLE]
registersymbol(FIX_TTBOX_DOWN)
alloc(FIX_TTBOX_DOWN,1024)
registersymbol(FIX_TTBOX_DOWN_XX)
alloc(FIX_TTBOX_DOWN_XX,4)
registersymbol(FIX_TTBOX_DOWN_YY)
alloc(FIX_TTBOX_DOWN_YY,4)
label(FIX_TTBOX_DOWN_X)
label(FIX_TTBOX_DOWN_Y)
//-----------------------------------------------
FIX_TTBOX_DOWN_XX:
DD 0
FIX_TTBOX_DOWN_YY:
DD 0
//-----------------------------------------------
FIX_TTBOX_DOWN:
call FIX_TTBOX_DOWN_X
mov ax,[FIX_TTBOX_DOWN_XX]
lea ecx,[ebp-44]
push eax
call 0042524D
mov eax,[esi]
lea ecx,[eax+04]
mov eax,[ecx]
call FIX_TTBOX_DOWN_Y
mov ax,[FIX_TTBOX_DOWN_YY]
jmp 00723E78
//-----------------------------------------------
FIX_TTBOX_DOWN_X:
push eax
mov eax,[00AE62C4]
mov eax,[eax+D2C]
mov [FIX_TTBOX_DOWN_XX],eax
pop eax
ret
//-----------------------------------------------
FIX_TTBOX_DOWN_Y:
push eax
mov eax,[00AE62C4]
mov eax,[eax+D30]
mov [FIX_TTBOX_DOWN_YY],eax
pop eax
ret
//-----------------------------------------------
[DISABLE]
dealloc(FIX_TTBOX_DOWN)
unregistersymbol(FIX_TTBOX_DOWN) |
|
發表於 2014-2-5 19:30:47
收藏
推
噓
提升卡
置頂卡
變色卡
搶沙發
千斤頂
發表於 2014-2-5 19:58:40
看到我眼睛都花了@@