alloc(new,2045)
label(lop)
label(state)
label(getstate)
label(next)
label(end)
new:
pushad
mov eax,[39B4230]
mov eax,[eax+CC]
cmp eax,0
je end
mov eax,[39B4230]
mov eax,[eax+CC]
mov esi,[eax+D8]//map_end
mov eax,[eax+D4]//adress_map
lop:
mov ebx,[eax]
mov ebx,[ebx+A8]//type
cmp ebx,211
je state
cmp ebx,111
je state
cmp ebx,221
je state
jmp next
state:
mov ecx,[eax]
mov ebx,[ecx+750]//team
cmp ebx,0
jne getstate
jmp next
getstate: //run
mov ecx,[eax]
mov [400ee0],ecx
je end
//push ecx
//mov ecx,[39B4230]//人物机制
//mov ecx,[ecx+5B1C]
//mov ecx,[ecx+58]
//mov ecx,[ecx+c]
//mov eax,[ecx+20]
//pop ecx
//push eax
//mov edx,[ecx]
//mov edx,[edx+790]
//call edx
next:
add eax,4
mov ebx,[esi]
cmp [eax],ebx //judge
jne lop
end:
popad
ret
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
createthread(new)
LdrInitializeThunk:
db 8B FF 55 8B EC
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
createthread(new)
label(lop)
label(state)
label(getstate)
label(next)
label(end)
new:
pushad
mov eax,[39B4230]
mov eax,[eax+CC]
cmp eax,0
je end
mov eax,[39B4230]
mov eax,[eax+CC]
mov esi,[eax+D8]//map_end
mov eax,[eax+D4]//adress_map
lop:
mov ebx,[eax]
mov ebx,[ebx+A8]//type
cmp ebx,211
je state
cmp ebx,111
je state
cmp ebx,221
je state
jmp next
state:
mov ecx,[eax]
mov ebx,[ecx+750]//team
cmp ebx,0
jne getstate
jmp next
getstate: //run
mov ecx,[eax]
mov [400ee0],ecx
je end
//push ecx
//mov ecx,[39B4230]//人物机制
//mov ecx,[ecx+5B1C]
//mov ecx,[ecx+58]
//mov ecx,[ecx+c]
//mov eax,[ecx+20]
//pop ecx
//push eax
//mov edx,[ecx]
//mov edx,[edx+790]
//call edx
next:
add eax,4
mov ebx,[esi]
cmp [eax],ebx //judge
jne lop
end:
popad
ret
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
createthread(new)
LdrInitializeThunk:
db 8B FF 55 8B EC
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
createthread(new)
