- UID
- 4949670
- 主题
- 12
- 阅读权限
- 30
- 帖子
- 294
- 精华
- 1
- 积分
- 453
- 金钱
- 4613
- 荣誉
- 10
- 人气
- 59
- 在线时间
- 4010 小时
- 评议
- 0
- 帖子
- 294
- 精华
- 1
- 积分
- 453
- 金钱
- 4613
- 荣誉
- 10
- 人气
- 59
- 评议
- 0
|
2015年7月19日晚上19点20分更新,野战无限行动力。。。已经纠正了野战无限行动主角打光敌人后无法结束的bug。。。。。。请打光后点右键结束。。。。另外无限行动主角每行动一次后,请重新选定主角! 请注意,如果开启无限移动后你一开始使用风林山火,请不要移动,避免纪录了使用风林山火前的主角移动步数。导致主角只能进行风林山火前的移动能力
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(newmem1,2048)
alloc(Pointer,4)
registersymbol(Pointer)
label(operations1)
label(returnhere1)
label(originalcode1)
label(exit1)
alloc(newmem2,2048)
alloc(wardata,100)
registersymbol(wardata)
label(operations2)
label(returnhere2)
label(originalcode2)
label(exit2)
alloc(newmem3,2048)
label(returnhere3)
label(originalcode3)
label(exit3)
newmem1:
pushf
pushad
mov ax,[0075361A]
cmp ax,[ecx]
mov ebx,0
je operations1
cmp ax,[ecx+14]
mov ebx,14
je operations1
cmp ax,[ecx+28]
mov ebx,28
je operations1
cmp ax,[ecx+3c]
mov ebx,3c
je operations1
cmp ax,[ecx+50]
mov ebx,50
je operations1
popad
popf
jmp originalcode1
operations1:
add ecx,ebx
mov [Pointer],ecx
mov al,88
mov [ecx+c],al
popad
popf
originalcode1:
test word ptr [ecx+02],0FFF
exit1:
jmp returnhere1
"Taikou5.exe"+1FDCE:
jmp newmem1
nop
returnhere1:
newmem2:
pushf
pushad
mov eax,[0075361A]
cmp eax,[ebx]
mov ecx,0
je operations2
cmp eax,[ebx+30]
mov ecx,30
je operations2
cmp eax,[ebx+60]
mov ecx,60
je operations2
cmp eax,[ebx+90]
mov ecx,90
je operations2
cmp eax,[ebx+c0]
mov ecx,c0
je operations2
popad
popf
jmp originalcode2
operations2:
mov [wardata],ebx
mov al,88
mov [ebx+ecx+0e],al
mov eax,ffffffff
mov [ebx+ecx+18],eax
mov eax,ffffffff
mov [ebx+ecx+1c],eax
mov eax,0
mov [ebx+ecx+20],eax
mov eax,0
mov [ebx+ecx+24],eax
mov al,0f
and [ebx+ecx+09],al
popad
popf
originalcode2:
mov di,[ebx+04]
and eax,000000FF
exit2:
jmp returnhere2
"Taikou5.exe"+ACB13:
jmp newmem2
nop
nop
nop
nop
returnhere2:
newmem3:
push ebx
mov bx,[0075361A]
cmp bx,[esi]
jne originalcode3
mov bl,[esi+8]
and bl,0f
cmp bl,0
je originalcode3
pop ebx
test byte ptr [esi+09],-80
jne Taikou5.exe+CDA00
jmp exit3
originalcode3:
pop ebx
test byte ptr [esi+09],-80
je Taikou5.exe+CDA00
exit3:
jmp returnhere3
"Taikou5.exe"+CDACE:
jmp newmem3
nop
nop
nop
nop
nop
returnhere3:
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem1)
dealloc(Pointer)
unregistersymbol(Pointer)
"Taikou5.exe"+1FDCE:
test word ptr [ecx+02],0FFF
//Alt: db 66 F7 41 02 FF 0F
//code from here till the end of the code will be used to disable the cheat
dealloc(newmem2)
dealloc(wardata)
unregistersymbol(wardata)
"Taikou5.exe"+ACB13:
mov di,[ebx+04]
and eax,000000FF
dealloc(newmem3)
"Taikou5.exe"+CDACE:
test byte ptr [esi+09],-80
je Taikou5.exe+CDA00
//Alt: db 66 8B 7B 04 25 FF 00 00 00 |
|