侍魂吧 关注:16,111贴子:280,382
不感兴趣
开通SVIP免广告
吃大米不感兴趣
开通SVIP免广告
秘奥义:
[ENABLE]
alloc(newmem4,2048,"SamuraiShodown-Win64-Shipping.exe"+86F539)
label(returnhere4)
label(originalcode4)
label(exit4)
newmem4:
originalcode4:
mov [rcx+00000C48],1
exit4:
jmp returnhere4
"SamuraiShodown-Win64-Shipping.exe"+86F539:
jmp newmem4
nop 3
returnhere4:
alloc(newmem3,2048,"SamuraiShodown-Win64-Shipping.exe"+86F503)
label(returnhere3)
label(originalcode3)
label(exit3)
newmem3:
originalcode3:
mov [rax+00000C48],1
exit3:
jmp returnhere3
"SamuraiShodown-Win64-Shipping.exe"+86F503:
jmp newmem3
nop 3
returnhere3:
alloc(newmem2,2048,"SamuraiShodown-Win64-Shipping.exe"+868212)
label(returnhere2)
label(originalcode2)
label(exit2)
newmem2:
originalcode2:
mov [rcx+30],1
exit2:
jmp returnhere2
"SamuraiShodown-Win64-Shipping.exe"+868212:
jmp newmem2
nop 2
returnhere2:
alloc(newmem,2048,"SamuraiShodown-Win64-Shipping.exe"+86F503)
label(returnhere)
label(originalcode)
label(exit)
newmem:
originalcode:
mov [rax+00000C48],1
exit:
jmp returnhere
"SamuraiShodown-Win64-Shipping.exe"+86F503:
jmp newmem
nop 3
returnhere:
[DISABLE]
dealloc(newmem4)
"SamuraiShodown-Win64-Shipping.exe"+86F539:
movd xmm0,[rcx+00000C48]
//Alt: db 66 0F 6E 81 48 0C 00 00
dealloc(newmem3)
"SamuraiShodown-Win64-Shipping.exe"+86F503:
movd xmm0,[rax+00000C48]
//Alt: db 66 0F 6E 80 48 0C 00 00
dealloc(newmem2)
"SamuraiShodown-Win64-Shipping.exe"+868212:
mov [rcx+30],00000064
//Alt: db C7 41 30 64 00 00 00
dealloc(newmem)
"SamuraiShodown-Win64-Shipping.exe"+86F503:
movd xmm0,[rax+00000C48]
//Alt: db 66 0F 6E 80 48 0C 00 00
把他复制自动汇编就可以使用,反复测试过可以使用!
[ENABLE]
alloc(newmem4,2048,"SamuraiShodown-Win64-Shipping.exe"+86F539)
label(returnhere4)
label(originalcode4)
label(exit4)
newmem4:
originalcode4:
mov [rcx+00000C48],1
exit4:
jmp returnhere4
"SamuraiShodown-Win64-Shipping.exe"+86F539:
jmp newmem4
nop 3
returnhere4:
alloc(newmem3,2048,"SamuraiShodown-Win64-Shipping.exe"+86F503)
label(returnhere3)
label(originalcode3)
label(exit3)
newmem3:
originalcode3:
mov [rax+00000C48],1
exit3:
jmp returnhere3
"SamuraiShodown-Win64-Shipping.exe"+86F503:
jmp newmem3
nop 3
returnhere3:
alloc(newmem2,2048,"SamuraiShodown-Win64-Shipping.exe"+868212)
label(returnhere2)
label(originalcode2)
label(exit2)
newmem2:
originalcode2:
mov [rcx+30],1
exit2:
jmp returnhere2
"SamuraiShodown-Win64-Shipping.exe"+868212:
jmp newmem2
nop 2
returnhere2:
alloc(newmem,2048,"SamuraiShodown-Win64-Shipping.exe"+86F503)
label(returnhere)
label(originalcode)
label(exit)
newmem:
originalcode:
mov [rax+00000C48],1
exit:
jmp returnhere
"SamuraiShodown-Win64-Shipping.exe"+86F503:
jmp newmem
nop 3
returnhere:
[DISABLE]
dealloc(newmem4)
"SamuraiShodown-Win64-Shipping.exe"+86F539:
movd xmm0,[rcx+00000C48]
//Alt: db 66 0F 6E 81 48 0C 00 00
dealloc(newmem3)
"SamuraiShodown-Win64-Shipping.exe"+86F503:
movd xmm0,[rax+00000C48]
//Alt: db 66 0F 6E 80 48 0C 00 00
dealloc(newmem2)
"SamuraiShodown-Win64-Shipping.exe"+868212:
mov [rcx+30],00000064
//Alt: db C7 41 30 64 00 00 00
dealloc(newmem)
"SamuraiShodown-Win64-Shipping.exe"+86F503:
movd xmm0,[rax+00000C48]
//Alt: db 66 0F 6E 80 48 0C 00 00
把他复制自动汇编就可以使用,反复测试过可以使用!
气槽爆满:
[ENABLE]
alloc(newmem,2048,"SamuraiShodown-Win64-Shipping.exe"+86AFBA)
label(returnhere)
label(originalcode)
label(exit)
newmem:
originalcode:
mov [rcx+30],433BEA00
exit:
jmp returnhere
"SamuraiShodown-Win64-Shipping.exe"+86AFBA:
jmp newmem
returnhere:
[DISABLE]
dealloc(newmem)
"SamuraiShodown-Win64-Shipping.exe"+86AFBA:
movss xmm1,[rcx+30]
//Alt: db F3 0F 10 49 30
[ENABLE]
alloc(newmem,2048,"SamuraiShodown-Win64-Shipping.exe"+86AFBA)
label(returnhere)
label(originalcode)
label(exit)
newmem:
originalcode:
mov [rcx+30],433BEA00
exit:
jmp returnhere
"SamuraiShodown-Win64-Shipping.exe"+86AFBA:
jmp newmem
returnhere:
[DISABLE]
dealloc(newmem)
"SamuraiShodown-Win64-Shipping.exe"+86AFBA:
movss xmm1,[rcx+30]
//Alt: db F3 0F 10 49 30
双方不掉血:
{ Game : SamuraiShodown-Win64-Shipping.exe
Version:
Date : 2022-12-31
Author : pc
This script does blah blah blah
}
define(address,"SamuraiShodown-Win64-Shipping.exe"+861B51)
define(bytes,29 B7 F4 06 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,"SamuraiShodown-Win64-Shipping.exe"+861B51)
label(code)
label(return)
newmem:
cmp [rdi+000002C4],0//双方不掉血
jne code
mov [rdi+000006F4],(int)3E80000
jmp return
code:
address:
jmp newmem
nop
return:
[DISABLE]
address:
db bytes
// sub [rdi+000006F4],esi
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: SamuraiShodown-Win64-Shipping.exe+861B51
SamuraiShodown-Win64-Shipping.exe+861B26: 7E 13 - jle SamuraiShodown-Win64-Shipping.exe+861B3B
SamuraiShodown-Win64-Shipping.exe+861B28: 48 8B 87 E8 06 00 00 - mov rax,[rdi+000006E8]
SamuraiShodown-Win64-Shipping.exe+861B2F: 48 0F BA E8 02 - bts rax,02
SamuraiShodown-Win64-Shipping.exe+861B34: 48 89 87 E8 06 00 00 - mov [rdi+000006E8],rax
SamuraiShodown-Win64-Shipping.exe+861B3B: 48 8D 8F 18 0C 00 00 - lea rcx,[rdi+00000C18]
SamuraiShodown-Win64-Shipping.exe+861B42: E8 59 D5 00 00 - call SamuraiShodown-Win64-Shipping.exe+86F0A0
SamuraiShodown-Win64-Shipping.exe+861B47: 84 C0 - test al,al
SamuraiShodown-Win64-Shipping.exe+861B49: 75 37 - jne SamuraiShodown-Win64-Shipping.exe+861B82
SamuraiShodown-Win64-Shipping.exe+861B4B: C1 E6 10 - shl esi,10
SamuraiShodown-Win64-Shipping.exe+861B4E: 48 8B CF - mov rcx,rdi
// ---------- INJECTING HERE ----------
SamuraiShodown-Win64-Shipping.exe+861B51: 29 B7 F4 06 00 00 - sub [rdi+000006F4],esi
// ---------- DONE INJECTING ----------
SamuraiShodown-Win64-Shipping.exe+861B57: 48 8B 07 - mov rax,[rdi]
SamuraiShodown-Win64-Shipping.exe+861B5A: FF 90 F0 0D 00 00 - call qword ptr [rax+00000DF0]
SamuraiShodown-Win64-Shipping.exe+861B60: 4C 8D 44 24 30 - lea r8,[rsp+30]
SamuraiShodown-Win64-Shipping.exe+861B65: C7 44 24 40 00 00 00 00 - mov [rsp+40],00000000
SamuraiShodown-Win64-Shipping.exe+861B6D: 48 8D 54 24 40 - lea rdx,[rsp+40]
SamuraiShodown-Win64-Shipping.exe+861B72: 89 44 24 30 - mov [rsp+30],eax
SamuraiShodown-Win64-Shipping.exe+861B76: 48 8D 8F F4 06 00 00 - lea rcx,[rdi+000006F4]
SamuraiShodown-Win64-Shipping.exe+861B7D: E8 CE 36 03 00 - call SamuraiShodown-Win64-Shipping.exe+895250
SamuraiShodown-Win64-Shipping.exe+861B82: 48 8B 5C 24 38 - mov rbx,[rsp+38]
SamuraiShodown-Win64-Shipping.exe+861B87: 48 8B 74 24 48 - mov rsi,[rsp+48]
}
{ Game : SamuraiShodown-Win64-Shipping.exe
Version:
Date : 2022-12-31
Author : pc
This script does blah blah blah
}
define(address,"SamuraiShodown-Win64-Shipping.exe"+861B51)
define(bytes,29 B7 F4 06 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,"SamuraiShodown-Win64-Shipping.exe"+861B51)
label(code)
label(return)
newmem:
cmp [rdi+000002C4],0//双方不掉血
jne code
mov [rdi+000006F4],(int)3E80000
jmp return
code:
address:
jmp newmem
nop
return:
[DISABLE]
address:
db bytes
// sub [rdi+000006F4],esi
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: SamuraiShodown-Win64-Shipping.exe+861B51
SamuraiShodown-Win64-Shipping.exe+861B26: 7E 13 - jle SamuraiShodown-Win64-Shipping.exe+861B3B
SamuraiShodown-Win64-Shipping.exe+861B28: 48 8B 87 E8 06 00 00 - mov rax,[rdi+000006E8]
SamuraiShodown-Win64-Shipping.exe+861B2F: 48 0F BA E8 02 - bts rax,02
SamuraiShodown-Win64-Shipping.exe+861B34: 48 89 87 E8 06 00 00 - mov [rdi+000006E8],rax
SamuraiShodown-Win64-Shipping.exe+861B3B: 48 8D 8F 18 0C 00 00 - lea rcx,[rdi+00000C18]
SamuraiShodown-Win64-Shipping.exe+861B42: E8 59 D5 00 00 - call SamuraiShodown-Win64-Shipping.exe+86F0A0
SamuraiShodown-Win64-Shipping.exe+861B47: 84 C0 - test al,al
SamuraiShodown-Win64-Shipping.exe+861B49: 75 37 - jne SamuraiShodown-Win64-Shipping.exe+861B82
SamuraiShodown-Win64-Shipping.exe+861B4B: C1 E6 10 - shl esi,10
SamuraiShodown-Win64-Shipping.exe+861B4E: 48 8B CF - mov rcx,rdi
// ---------- INJECTING HERE ----------
SamuraiShodown-Win64-Shipping.exe+861B51: 29 B7 F4 06 00 00 - sub [rdi+000006F4],esi
// ---------- DONE INJECTING ----------
SamuraiShodown-Win64-Shipping.exe+861B57: 48 8B 07 - mov rax,[rdi]
SamuraiShodown-Win64-Shipping.exe+861B5A: FF 90 F0 0D 00 00 - call qword ptr [rax+00000DF0]
SamuraiShodown-Win64-Shipping.exe+861B60: 4C 8D 44 24 30 - lea r8,[rsp+30]
SamuraiShodown-Win64-Shipping.exe+861B65: C7 44 24 40 00 00 00 00 - mov [rsp+40],00000000
SamuraiShodown-Win64-Shipping.exe+861B6D: 48 8D 54 24 40 - lea rdx,[rsp+40]
SamuraiShodown-Win64-Shipping.exe+861B72: 89 44 24 30 - mov [rsp+30],eax
SamuraiShodown-Win64-Shipping.exe+861B76: 48 8D 8F F4 06 00 00 - lea rcx,[rdi+000006F4]
SamuraiShodown-Win64-Shipping.exe+861B7D: E8 CE 36 03 00 - call SamuraiShodown-Win64-Shipping.exe+895250
SamuraiShodown-Win64-Shipping.exe+861B82: 48 8B 5C 24 38 - mov rbx,[rsp+38]
SamuraiShodown-Win64-Shipping.exe+861B87: 48 8B 74 24 48 - mov rsi,[rsp+48]
}
HP值一击KO 2P:
{ Game : SamuraiShodown-Win64-Shipping.exe
Version:
Date : 2022-12-31
Author : pc
This script does blah blah blah
}
define(address,"SamuraiShodown-Win64-Shipping.exe"+861B51)
define(bytes,29 B7 F4 06 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,"SamuraiShodown-Win64-Shipping.exe"+861B51)
label(code)
label(return)
newmem:
cmp [rdi+0000020],1//开启之后游戏崩坏,请勿尝试!
jne code
mov [rdi+000006F4],(int)65536000
jmp return
code:
address:
jmp newmem
nop
return:
[DISABLE]
address:
db bytes
// sub [rdi+000006F4],esi
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: SamuraiShodown-Win64-Shipping.exe+861B51
SamuraiShodown-Win64-Shipping.exe+861B26: 7E 13 - jle SamuraiShodown-Win64-Shipping.exe+861B3B
SamuraiShodown-Win64-Shipping.exe+861B28: 48 8B 87 E8 06 00 00 - mov rax,[rdi+000006E8]
SamuraiShodown-Win64-Shipping.exe+861B2F: 48 0F BA E8 02 - bts rax,02
SamuraiShodown-Win64-Shipping.exe+861B34: 48 89 87 E8 06 00 00 - mov [rdi+000006E8],rax
SamuraiShodown-Win64-Shipping.exe+861B3B: 48 8D 8F 18 0C 00 00 - lea rcx,[rdi+00000C18]
SamuraiShodown-Win64-Shipping.exe+861B42: E8 59 D5 00 00 - call SamuraiShodown-Win64-Shipping.exe+86F0A0
SamuraiShodown-Win64-Shipping.exe+861B47: 84 C0 - test al,al
SamuraiShodown-Win64-Shipping.exe+861B49: 75 37 - jne SamuraiShodown-Win64-Shipping.exe+861B82
SamuraiShodown-Win64-Shipping.exe+861B4B: C1 E6 10 - shl esi,10
SamuraiShodown-Win64-Shipping.exe+861B4E: 48 8B CF - mov rcx,rdi
// ---------- INJECTING HERE ----------
SamuraiShodown-Win64-Shipping.exe+861B51: 29 B7 F4 06 00 00 - sub [rdi+000006F4],esi
// ---------- DONE INJECTING ----------
SamuraiShodown-Win64-Shipping.exe+861B57: 48 8B 07 - mov rax,[rdi]
SamuraiShodown-Win64-Shipping.exe+861B5A: FF 90 F0 0D 00 00 - call qword ptr [rax+00000DF0]
SamuraiShodown-Win64-Shipping.exe+861B60: 4C 8D 44 24 30 - lea r8,[rsp+30]
SamuraiShodown-Win64-Shipping.exe+861B65: C7 44 24 40 00 00 00 00 - mov [rsp+40],00000000
SamuraiShodown-Win64-Shipping.exe+861B6D: 48 8D 54 24 40 - lea rdx,[rsp+40]
SamuraiShodown-Win64-Shipping.exe+861B72: 89 44 24 30 - mov [rsp+30],eax
SamuraiShodown-Win64-Shipping.exe+861B76: 48 8D 8F F4 06 00 00 - lea rcx,[rdi+000006F4]
SamuraiShodown-Win64-Shipping.exe+861B7D: E8 CE 36 03 00 - call SamuraiShodown-Win64-Shipping.exe+895250
SamuraiShodown-Win64-Shipping.exe+861B82: 48 8B 5C 24 38 - mov rbx,[rsp+38]
SamuraiShodown-Win64-Shipping.exe+861B87: 48 8B 74 24 48 - mov rsi,[rsp+48]
}
{ Game : SamuraiShodown-Win64-Shipping.exe
Version:
Date : 2022-12-31
Author : pc
This script does blah blah blah
}
define(address,"SamuraiShodown-Win64-Shipping.exe"+861B51)
define(bytes,29 B7 F4 06 00 00)
[ENABLE]
assert(address,bytes)
alloc(newmem,$1000,"SamuraiShodown-Win64-Shipping.exe"+861B51)
label(code)
label(return)
newmem:
cmp [rdi+0000020],1//开启之后游戏崩坏,请勿尝试!
jne code
mov [rdi+000006F4],(int)65536000
jmp return
code:
address:
jmp newmem
nop
return:
[DISABLE]
address:
db bytes
// sub [rdi+000006F4],esi
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: SamuraiShodown-Win64-Shipping.exe+861B51
SamuraiShodown-Win64-Shipping.exe+861B26: 7E 13 - jle SamuraiShodown-Win64-Shipping.exe+861B3B
SamuraiShodown-Win64-Shipping.exe+861B28: 48 8B 87 E8 06 00 00 - mov rax,[rdi+000006E8]
SamuraiShodown-Win64-Shipping.exe+861B2F: 48 0F BA E8 02 - bts rax,02
SamuraiShodown-Win64-Shipping.exe+861B34: 48 89 87 E8 06 00 00 - mov [rdi+000006E8],rax
SamuraiShodown-Win64-Shipping.exe+861B3B: 48 8D 8F 18 0C 00 00 - lea rcx,[rdi+00000C18]
SamuraiShodown-Win64-Shipping.exe+861B42: E8 59 D5 00 00 - call SamuraiShodown-Win64-Shipping.exe+86F0A0
SamuraiShodown-Win64-Shipping.exe+861B47: 84 C0 - test al,al
SamuraiShodown-Win64-Shipping.exe+861B49: 75 37 - jne SamuraiShodown-Win64-Shipping.exe+861B82
SamuraiShodown-Win64-Shipping.exe+861B4B: C1 E6 10 - shl esi,10
SamuraiShodown-Win64-Shipping.exe+861B4E: 48 8B CF - mov rcx,rdi
// ---------- INJECTING HERE ----------
SamuraiShodown-Win64-Shipping.exe+861B51: 29 B7 F4 06 00 00 - sub [rdi+000006F4],esi
// ---------- DONE INJECTING ----------
SamuraiShodown-Win64-Shipping.exe+861B57: 48 8B 07 - mov rax,[rdi]
SamuraiShodown-Win64-Shipping.exe+861B5A: FF 90 F0 0D 00 00 - call qword ptr [rax+00000DF0]
SamuraiShodown-Win64-Shipping.exe+861B60: 4C 8D 44 24 30 - lea r8,[rsp+30]
SamuraiShodown-Win64-Shipping.exe+861B65: C7 44 24 40 00 00 00 00 - mov [rsp+40],00000000
SamuraiShodown-Win64-Shipping.exe+861B6D: 48 8D 54 24 40 - lea rdx,[rsp+40]
SamuraiShodown-Win64-Shipping.exe+861B72: 89 44 24 30 - mov [rsp+30],eax
SamuraiShodown-Win64-Shipping.exe+861B76: 48 8D 8F F4 06 00 00 - lea rcx,[rdi+000006F4]
SamuraiShodown-Win64-Shipping.exe+861B7D: E8 CE 36 03 00 - call SamuraiShodown-Win64-Shipping.exe+895250
SamuraiShodown-Win64-Shipping.exe+861B82: 48 8B 5C 24 38 - mov rbx,[rsp+38]
SamuraiShodown-Win64-Shipping.exe+861B87: 48 8B 74 24 48 - mov rsi,[rsp+48]
}
气不减:
{ Game : SamuraiShodown-Win64-Shipping.exe
Version:
Date : 2022-12-31
Author : pc
This script does blah blah blah
}
[ENABLE]
alloc(newmem2,2048,"SamuraiShodown-Win64-Shipping.exe"+1C8A1F5)
label(returnhere2)
label(originalcode2)
label(exit2)
newmem2:
originalcode2:
//mov [rcx+rdx+30],40F504F8//人物画质会变拐
exit2:
jmp returnhere2
"SamuraiShodown-Win64-Shipping.exe"+1C8A1F5:
jmp newmem2
returnhere2:
aobscanmodule(INJEg,SamuraiShodown-Win64-Shipping.exe,F3 0F 11 43 58 F3 0F 10 53) // should be unique
alloc(newmem,$1000,INJEg)
label(code)
label(return)
newmem:
code:
cmp [rbx+58],43380000
jmp return
INJEg:
jmp newmem
return:
registersymbol(INJEg)
[DISABLE]
dealloc(newmem2)
"SamuraiShodown-Win64-Shipping.exe"+1C8A1F5:
movups [rcx+rdx+30],xmm3
//Alt: db 0F 11 5C 11 30
INJEg:
db F3 0F 11 43 58
unregistersymbol(INJEg)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: SamuraiShodown-Win64-Shipping.exe+86F7B3
SamuraiShodown-Win64-Shipping.exe+86F78C: E8 1F 8B 02 00 - call SamuraiShodown-Win64-Shipping.AK::WriteBytesMem::Bytes+2470
SamuraiShodown-Win64-Shipping.exe+86F791: 84 C0 - test al,al
SamuraiShodown-Win64-Shipping.exe+86F793: 75 23 - jne SamuraiShodown-Win64-Shipping.exe+86F7B8
SamuraiShodown-Win64-Shipping.exe+86F795: E8 E6 FE F4 FF - call SamuraiShodown-Win64-Shipping.exe+7BF680
SamuraiShodown-Win64-Shipping.exe+86F79A: 48 8B C8 - mov rcx,rax
SamuraiShodown-Win64-Shipping.exe+86F79D: E8 FE 94 02 00 - call SamuraiShodown-Win64-Shipping.AK::WriteBytesMem::Bytes+2E60
SamuraiShodown-Win64-Shipping.exe+86F7A2: 84 C0 - test al,al
SamuraiShodown-Win64-Shipping.exe+86F7A4: 74 12 - je SamuraiShodown-Win64-Shipping.exe+86F7B8
SamuraiShodown-Win64-Shipping.exe+86F7A6: F3 0F 10 43 58 - movss xmm0,[rbx+58]
SamuraiShodown-Win64-Shipping.exe+86F7AB: F3 0F 5C 05 B1 BC E0 01 - subss xmm0,[SamuraiShodown-Win64-Shipping.exe+267B464]
// ---------- INJECTING HERE ----------
SamuraiShodown-Win64-Shipping.exe+86F7B3: F3 0F 11 43 58 - movss [rbx+58],xmm0
// ---------- DONE INJECTING ----------
SamuraiShodown-Win64-Shipping.exe+86F7B8: F3 0F 10 53 58 - movss xmm2,[rbx+58]
SamuraiShodown-Win64-Shipping.exe+86F7BD: 0F 57 F6 - xorps xmm6,xmm6
SamuraiShodown-Win64-Shipping.exe+86F7C0: 0F 2F D6 - comiss xmm2,xmm6
SamuraiShodown-Win64-Shipping.exe+86F7C3: 77 17 - ja SamuraiShodown-Win64-Shipping.exe+86F7DC
SamuraiShodown-Win64-Shipping.exe+86F7C5: 33 D2 - xor edx,edx
SamuraiShodown-Win64-Shipping.exe+86F7C7: 48 8B CB - mov rcx,rbx
SamuraiShodown-Win64-Shipping.exe+86F7CA: E8 E1 8E FF FF - call SamuraiShodown-Win64-Shipping.exe+8686B0
SamuraiShodown-Win64-Shipping.exe+86F7CF: 0F 57 C9 - xorps xmm1,xmm1
SamuraiShodown-Win64-Shipping.exe+86F7D2: 48 8B CB - mov rcx,rbx
SamuraiShodown-Win64-Shipping.exe+86F7D5: E8 36 20 00 00 - call SamuraiShodown-Win64-Shipping.exe+871810
}
释放气同样也没有气
{ Game : SamuraiShodown-Win64-Shipping.exe
Version:
Date : 2022-12-31
Author : pc
This script does blah blah blah
}
[ENABLE]
alloc(newmem2,2048,"SamuraiShodown-Win64-Shipping.exe"+1C8A1F5)
label(returnhere2)
label(originalcode2)
label(exit2)
newmem2:
originalcode2:
//mov [rcx+rdx+30],40F504F8//人物画质会变拐
exit2:
jmp returnhere2
"SamuraiShodown-Win64-Shipping.exe"+1C8A1F5:
jmp newmem2
returnhere2:
aobscanmodule(INJEg,SamuraiShodown-Win64-Shipping.exe,F3 0F 11 43 58 F3 0F 10 53) // should be unique
alloc(newmem,$1000,INJEg)
label(code)
label(return)
newmem:
code:
cmp [rbx+58],43380000
jmp return
INJEg:
jmp newmem
return:
registersymbol(INJEg)
[DISABLE]
dealloc(newmem2)
"SamuraiShodown-Win64-Shipping.exe"+1C8A1F5:
movups [rcx+rdx+30],xmm3
//Alt: db 0F 11 5C 11 30
INJEg:
db F3 0F 11 43 58
unregistersymbol(INJEg)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: SamuraiShodown-Win64-Shipping.exe+86F7B3
SamuraiShodown-Win64-Shipping.exe+86F78C: E8 1F 8B 02 00 - call SamuraiShodown-Win64-Shipping.AK::WriteBytesMem::Bytes+2470
SamuraiShodown-Win64-Shipping.exe+86F791: 84 C0 - test al,al
SamuraiShodown-Win64-Shipping.exe+86F793: 75 23 - jne SamuraiShodown-Win64-Shipping.exe+86F7B8
SamuraiShodown-Win64-Shipping.exe+86F795: E8 E6 FE F4 FF - call SamuraiShodown-Win64-Shipping.exe+7BF680
SamuraiShodown-Win64-Shipping.exe+86F79A: 48 8B C8 - mov rcx,rax
SamuraiShodown-Win64-Shipping.exe+86F79D: E8 FE 94 02 00 - call SamuraiShodown-Win64-Shipping.AK::WriteBytesMem::Bytes+2E60
SamuraiShodown-Win64-Shipping.exe+86F7A2: 84 C0 - test al,al
SamuraiShodown-Win64-Shipping.exe+86F7A4: 74 12 - je SamuraiShodown-Win64-Shipping.exe+86F7B8
SamuraiShodown-Win64-Shipping.exe+86F7A6: F3 0F 10 43 58 - movss xmm0,[rbx+58]
SamuraiShodown-Win64-Shipping.exe+86F7AB: F3 0F 5C 05 B1 BC E0 01 - subss xmm0,[SamuraiShodown-Win64-Shipping.exe+267B464]
// ---------- INJECTING HERE ----------
SamuraiShodown-Win64-Shipping.exe+86F7B3: F3 0F 11 43 58 - movss [rbx+58],xmm0
// ---------- DONE INJECTING ----------
SamuraiShodown-Win64-Shipping.exe+86F7B8: F3 0F 10 53 58 - movss xmm2,[rbx+58]
SamuraiShodown-Win64-Shipping.exe+86F7BD: 0F 57 F6 - xorps xmm6,xmm6
SamuraiShodown-Win64-Shipping.exe+86F7C0: 0F 2F D6 - comiss xmm2,xmm6
SamuraiShodown-Win64-Shipping.exe+86F7C3: 77 17 - ja SamuraiShodown-Win64-Shipping.exe+86F7DC
SamuraiShodown-Win64-Shipping.exe+86F7C5: 33 D2 - xor edx,edx
SamuraiShodown-Win64-Shipping.exe+86F7C7: 48 8B CB - mov rcx,rbx
SamuraiShodown-Win64-Shipping.exe+86F7CA: E8 E1 8E FF FF - call SamuraiShodown-Win64-Shipping.exe+8686B0
SamuraiShodown-Win64-Shipping.exe+86F7CF: 0F 57 C9 - xorps xmm1,xmm1
SamuraiShodown-Win64-Shipping.exe+86F7D2: 48 8B CB - mov rcx,rbx
SamuraiShodown-Win64-Shipping.exe+86F7D5: E8 36 20 00 00 - call SamuraiShodown-Win64-Shipping.exe+871810
}
释放气同样也没有气
不感兴趣
开通SVIP免广告
扫二维码下载贴吧客户端
下载贴吧APP
看高清直播、视频!
看高清直播、视频!
贴吧热议榜
- 1接好运!王祖贤祝你新年行大运1677210
- 2儿子被卖柬埔寨,单亲妈孤身救人1528590
- 3殖人气急败坏,牢A直播又遭网暴1207080
- 4杀死主角,中华小当家作者悔断肠943461
- 5童锦程被曝有娃,月付五千拒认账834418
- 6飞白逼退号主!吧友千元捡大漏602600
- 7吸烟≠做贡献,千亿损失太打脸455688
- 81月1日笑料限定375590
- 9每天一个奇吧—连环画吧271062
- 10日本重金投高铁,遭越南变卦坑惨212667
