中级玩家
 
- 贡献度
- 0
- 金元
- 2012
- 积分
- 201
- 精华
- 0
- 注册时间
- 2010-3-19
|
<?xml version="1.0" encoding="utf-8"?>
<CheatTable>
<CheatEntries>
<CheatEntry>
<ID>187</ID>
<Description>"移动加速--------默认2倍,可设置倍率已隐藏--------"</Description>
<Options moAlwaysHideChildren="1" moDeactivateChildrenAsWell="1"/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
aobscanmodule(MaxWalkSpeed,JH-Win64-Shipping.exe,74xxF30F10xxxxxxxxxx4883C4xxxxC3F30F10xxxxxxxxxx4883C4xxxxC3F30F10)
alloc(WalkSpeed,$1000,MaxWalkSpeed)
label(exit)
WalkSpeed:
readmem(MaxWalkSpeed+10,8)
push r8
cmp [WalkSpeed+200],1
jne @f
mov r8,[rbx+130]
cmp r8,rsp
jna exit
cmp [r8+4C0],0
jne exit
@@:
mulss xmm0,[WalkSpeed+100]
exit:
pop r8
jmp MaxWalkSpeed+18
WalkSpeed+100:
dd (float)2
WalkSpeed+200:
dd 1
MaxWalkSpeed+10:
jmp WalkSpeed
nop 3
registersymbol(MaxWalkSpeed)
registersymbol(WalkSpeed)
[DISABLE]
MaxWalkSpeed+10:
readmem(WalkSpeed,8)
dealloc(newmem)
unregistersymbol(*)
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>188</ID>
<Description>"倍数"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Float</VariableType>
<Address>WalkSpeed+100</Address>
</CheatEntry>
<CheatEntry>
<ID>216</ID>
<Description>"只对本方生效"</Description>
<DropDownList ReadOnly="1" DescriptionOnly="1" DisplayValueAsItem="1">0:否
1:是
</DropDownList>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>4 Bytes</VariableType>
<Address>WalkSpeed+200</Address>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>233</ID>
<Description>"2倍物品"</Description>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : JH-Win64-Shipping.exe
Version:
Date : 2023-09-23
Author : Administrator
This script does blah blah blah
}
[ENABLE]
aobscanmodule(INJECT,JH-Win64-Shipping.exe,01 41 40 45 84 E4) // should be unique
alloc(newmem,$1000,INJECT)
label(code)
label(return)
label(originalcode)
newmem:
cmp eax,0
JNS originalcode
code:
add [rcx+40],eax
test r12b,r12b
jmp return
originalcode:
imul eax,2
add [rcx+40],eax
test r12b,r12b
jmp return
INJECT:
jmp newmem
nop
return:
registersymbol(INJECT)
[DISABLE]
INJECT:
db 01 41 40 45 84 E4
unregistersymbol(INJECT)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: JH-Win64-Shipping.exe+1127742
JH-Win64-Shipping.exe+112771E: 48 89 45 E7 - mov [rbp-19],rax
JH-Win64-Shipping.exe+1127722: E8 29 79 C6 02 - call JH-Win64-Shipping.exe+3D8F050
JH-Win64-Shipping.exe+1127727: 90 - nop
JH-Win64-Shipping.exe+1127728: CC - int 3
JH-Win64-Shipping.exe+1127729: 48 8B 55 6F - mov rdx,[rbp+6F]
JH-Win64-Shipping.exe+112772D: 48 63 C3 - movsxd rax,ebx
JH-Win64-Shipping.exe+1127730: 4C 8D 34 C5 00 00 00 00 - lea r14,[rax*8+00000000]
JH-Win64-Shipping.exe+1127738: 48 8B 07 - mov rax,[rdi]
JH-Win64-Shipping.exe+112773B: 49 8B 0C 06 - mov rcx,[r14+rax]
JH-Win64-Shipping.exe+112773F: 8B 42 40 - mov eax,[rdx+40]
// ---------- INJECTING HERE ----------
JH-Win64-Shipping.exe+1127742: 01 41 40 - add [rcx+40],eax
// ---------- DONE INJECTING ----------
JH-Win64-Shipping.exe+1127745: 45 84 E4 - test r12b,r12b
JH-Win64-Shipping.exe+1127748: 74 3A - je JH-Win64-Shipping.exe+1127784
JH-Win64-Shipping.exe+112774A: 3B 5F 08 - cmp ebx,[rdi+08]
JH-Win64-Shipping.exe+112774D: 41 8B C7 - mov eax,r15d
JH-Win64-Shipping.exe+1127750: 89 5D BF - mov [rbp-41],ebx
JH-Win64-Shipping.exe+1127753: 0F 4C C6 - cmovl eax,esi
JH-Win64-Shipping.exe+1127756: 85 C0 - test eax,eax
JH-Win64-Shipping.exe+1127758: 75 17 - jne JH-Win64-Shipping.exe+1127771
JH-Win64-Shipping.exe+112775A: 48 8D 45 BF - lea rax,[rbp-41]
JH-Win64-Shipping.exe+112775E: 48 89 7D FF - mov [rbp-01],rdi
}
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>213</ID>
<Description>"消耗品效果加倍--------默认2倍,可设置倍率已隐藏--------"</Description>
<Options moAlwaysHideChildren="1" moDeactivateChildrenAsWell="1"/>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
aobscanmodule(aobUseItemFlag,JH-Win64-Shipping.exe,48 89 x x x x x 41 0F B6 x 48 8B x 48 8B x 45) // should be unique
alloc(UseItemFlag,$1000,aobUseItemFlag)
label(return)
UseItemFlag:
readmem(aobUseItemFlag+7,7)
mov [UseItemFlag+100],0
push r8
cmp r13,rsp
jna @f
cmp r15,rsp
jna @f
cmp byte ptr [r15+38],0
jne @f
cmp [r15+3C],0
jng @f
cmp [r15+40],0
jng @f
{$luacode flag=r8 TeamInfo=r13}
local count,i=readInteger('[[[[GameEngine]+DE8]+F0]+278]+E0') or 0
for i=0,count-1 do
if readPointer('[[[[[GameEngine]+DE8]+F0]+278]+D8]+'..toHex(i*0x8))==TeamInfo then flag=1 return end
end
{$asm}
cmp r8d,1
jne @f
mov [UseItemFlag+100],1
@@:
pop r8
jmp return
UseItemFlag+200:
dd (float)2
aobUseItemFlag+7:
jmp UseItemFlag
nop 2
return:
registersymbol(aobUseItemFlag)
registersymbol(UseItemFlag)
aobscanmodule(aobUseItemEffect1,JH-Win64-Shipping.exe,F3 0F 10 5E 08 4C 8B C0 49 8B)
aobscanmodule(aobUseItemEffect2,JH-Win64-Shipping.exe,48 8B C8 F3 0F 10 5E 08)
aobscanmodule(aobUseItemEffect3,JH-Win64-Shipping.exe,4C 8B F0 48 85 C0 0F 84 x x x x F3 0F 2C 5E 08)
aobscanmodule(aobUseItemEffect4,JH-Win64-Shipping.exe,66 0F 6E C0 0F 5B C0 F3 0F 58 46 08)
alloc(newmem,$1000,aobUseItemEffect1)
label(return1)
label(return2)
label(return3)
label(return4)
newmem:
movss xmm3,[rsi+08]
cmp [UseItemFlag+100],0
je @f
mulss xmm3,[UseItemFlag+200]
@@:
jmp return1
aobUseItemEffect1:
jmp newmem
return1:
registersymbol(aobUseItemEffect1)
newmem+200:
movss xmm3,[rsi+08]
cmp [UseItemFlag+100],0
je @f
mulss xmm3,[UseItemFlag+200]
@@:
jmp return2
aobUseItemEffect2+3:
jmp newmem+200
return2:
registersymbol(aobUseItemEffect2)
newmem+300:
cmp [UseItemFlag+100],0
je @f
fld [rsi+08]
fmul [UseItemFlag+200]
fstp [rsi+08]
@@:
cvttss2si ebx,[rsi+08]
jmp return3
aobUseItemEffect3+C:
jmp newmem+300
return3:
registersymbol(aobUseItemEffect3)
newmem+400:
cmp [UseItemFlag+100],0
je @f
fld [rsi+08]
fmul [UseItemFlag+200]
fstp [rsi+08]
@@:
addss xmm0,[rsi+08]
jmp return4
aobUseItemEffect4+7:
jmp newmem+400
return4:
registersymbol(aobUseItemEffect4)
[DISABLE]
aobUseItemFlag+7:
readmem(UseItemFlag,7)
aobUseItemEffect1:
db F3 0F 10 5E 08
aobUseItemEffect2+3:
db F3 0F 10 5E 08
aobUseItemEffect3+C:
db F3 0F 2C 5E 08
aobUseItemEffect4+7:
db F3 0F 58 46 08
dealloc(UseItemFlag)
dealloc(newmem)
unregistersymbol(*)
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>214</ID>
<Description>"倍率"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Float</VariableType>
<Address>UseItemFlag+200</Address>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>206</ID>
<Description>"掉落率100%"</Description>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
aobscanmodule(DropItem,JH-Win64-Shipping.exe,F3 0F 2C x 04 E8 x x x x 84 C0 74 x 48)
DropItem+A:
db 90 90
registersymbol(DropItem)
[DISABLE]
DropItem+A:
db 84 C0
unregistersymbol(DropItem)
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>205</ID>
<Description>"切磋获取全部"</Description>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
aobscanmodule(AllLoot,JH-Win64-Shipping.exe,0F 4E C1 FF C0)
AllLoot:
db B8 E7 03 00 00
registersymbol(AllLoot)
[DISABLE]
AllLoot:
db 0F 4E C1 FF C0
unregistersymbol(AllLoot)
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>236</ID>
<Description>"钓鱼必中杆"</Description>
<Color>FF0000</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
aobscanmodule(FishingShouGanFlag,JH-Win64-Shipping.exe,48 8B 89 C0 03 00 00 48 8B 01)
aobscanmodule(ShouGan,JH-Win64-Shipping.exe,48 8B FA 48 63 30 48 83 C0 04)
alloc(ShouGanFlag,$1000,FishingShouGanFlag)
label(return)
label(returnhere)
ShouGanFlag:
readmem(FishingShouGanFlag,7)
mov [ShouGanFlag+100],1
jmp return
FishingShouGanFlag:
jmp ShouGanFlag
nop 2
return:
registersymbol(FishingShouGanFlag)
registersymbol(ShouGanFlag)
ShouGanFlag+200:
cmp [ShouGanFlag+100],1
jne @f
mov [ShouGanFlag+100],0
cmp rcx,rsp
jna @f
mov byte ptr [rcx+279],1
@@:
mov rdi,rdx
movsxd rsi,dword ptr [rax]
jmp returnhere
ShouGan:
jmp ShouGanFlag+200
nop
returnhere:
registersymbol(ShouGan)
[DISABLE]
FishingShouGanFlag:
readmem(ShouGanFlag,7)
ShouGan:
db 48 8B FA 48 63 30
dealloc(ShouGanFlag)
dealloc(newmem)
unregistersymbol(*)
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>215</ID>
<Description>"钓鱼中杆必定稀有物"</Description>
<Color>0000FF</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
aobscanmodule(FishingSpecialProductions,JH-Win64-Shipping.exe,0F 4E C1 33 DB 3B C6) // should be unique
alloc(newmem,$1000,FishingSpecialProductions)
label(return)
newmem:
cmovle eax,ecx
xor ebx,ebx
cmp [rbp+28],rsp
jna @f
cmp [rbp+30],0
jna @f
cmp eax,esi
jae @f
mov eax,esi
@@:
jmp return
FishingSpecialProductions:
jmp newmem
return:
registersymbol(FishingSpecialProductions)
[DISABLE]
FishingSpecialProductions:
db 0F 4E C1 33 DB
dealloc(newmem)
unregistersymbol(*)
</AssemblerScript>
</CheatEntry>
<CheatEntry>
<ID>202</ID>
<Description>"锻造和制衣效果加倍--------默认2倍,可设置倍率已隐藏--------"</Description>
<Options moAlwaysHideChildren="1" moDeactivateChildrenAsWell="1"/>
<Color>0000FF</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>[ENABLE]
aobscanmodule(InForging,JH-Win64-Shipping.exe,48 8D x x 48 8D x x 48 x x 74 x F3 0F 10 x x x x x 80)
aobscanmodule(EndOfForging,JH-Win64-Shipping.exe,49 x x 44 8B x x 45 85 x 74 x 48 8B x x 48 83 x 08)
aobscanmodule(ForgeEffect,JH-Win64-Shipping.exe,F2 44 0F 11 x 89 7B 08)
aobscanmodule(ForgeRandEffect,JH-Win64-Shipping.exe,8B 43 08 89 44 91 08 C6)
alloc(ForgeFlag,$1000,InForging)
alloc(Forge,$1000,ForgeEffect)
registersymbol(Forge)
label(return1)
label(return2)
ForgeFlag:
readmem(InForging,8)
mov [ForgeFlag+100],1
jmp InForging+8
InForging:
jmp ForgeFlag
nop 3
registersymbol(InForging)
registersymbol(ForgeFlag)
ForgeFlag+400:
readmem(EndOfForging+3,7)
mov [ForgeFlag+100],0
jmp EndOfForging+A
EndOfForging+3:
jmp ForgeFlag+400
nop 2
registersymbol(EndOfForging)
Forge:
readmem(ForgeEffect,8)
cmp [ForgeFlag+100],1
jne @f
movaps [Forge+200],xmm0
movaps [Forge+210],xmm1
movss xmm0,[rbx-8]
movss xmm1,[rbx+8]
ucomiss xmm0,xmm1
jbe @f
fld [rbx-8]
fmul [Forge+300]
fst [rbx-8]
fstp [rbx+8]
movaps xmm0,[Forge+200]
movaps xmm1,[Forge+210]
@@:
jmp return1
ForgeEffect:
jmp Forge
nop 3
return1:
registersymbol(ForgeEffect)
Forge+300:
dd (float)2 (float)2
Forge+400:
mov eax,[rbx+08]
mov [rcx+rdx*4+08],eax
cmp [ForgeFlag+100],1
jne @f
fld [rcx+rdx*4+08]
fmul [Forge+304]
fstp [rcx+rdx*4+08]
@@:
jmp return2
ForgeRandEffect:
jmp Forge+400
nop 2
return2:
registersymbol(ForgeRandEffect)
[DISABLE]
InForging:
readmem(ForgeFlag,8)
EndOfForging+3:
readmem(ForgeFlag+400,7)
ForgeEffect:
readmem(Forge,8)
ForgeRandEffect:
db 8B 43 08 89 44 91 08
dealloc(ForgeFlag)
dealloc(Forge)
unregistersymbol(*)
</AssemblerScript>
<CheatEntries>
<CheatEntry>
<ID>203</ID>
<Description>"道具效果倍率"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Float</VariableType>
<Address>Forge+300</Address>
</CheatEntry>
<CheatEntry>
<ID>204</ID>
<Description>"额外效果倍率"</Description>
<ShowAsSigned>0</ShowAsSigned>
<VariableType>Float</VariableType>
<Address>Forge+304</Address>
</CheatEntry>
</CheatEntries>
</CheatEntry>
<CheatEntry>
<ID>235</ID>
<Description>"2倍经脉点"</Description>
<Color>0000FF</Color>
<VariableType>Auto Assembler Script</VariableType>
<AssemblerScript>{ Game : JH-Win64-Shipping.exe
Version:
Date : 2023-09-29
Author : Administrator
This script does blah blah blah
}
[ENABLE]
aobscanmodule(INJECT,JH-Win64-Shipping.exe,89 B0 CC 01 00 00 E8) // should be unique
alloc(newmem,$1000,INJECT)
label(code)
label(return)
label(originalcode)
newmem:
cmp esi,ebx
JG originalcode
code:
mov [rax+000001CC],esi
jmp return
originalcode:
sub esi,ebx
imul esi,2
add esi,ebx
mov [rax+000001CC],esi
jmp return
INJECT:
jmp newmem
nop
return:
registersymbol(INJECT)
[DISABLE]
INJECT:
db 89 B0 CC 01 00 00
unregistersymbol(INJECT)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: JH-Win64-Shipping.exe+1150995
JH-Win64-Shipping.exe+1150970: 48 89 74 24 10 - mov [rsp+10],rsi
JH-Win64-Shipping.exe+1150975: 57 - push rdi
JH-Win64-Shipping.exe+1150976: 48 83 EC 20 - sub rsp,20
JH-Win64-Shipping.exe+115097A: 41 8B F0 - mov esi,r8d
JH-Win64-Shipping.exe+115097D: E8 1E F7 FE FF - call JH-Win64-Shipping.exe+11400A0
JH-Win64-Shipping.exe+1150982: 48 8B F8 - mov rdi,rax
JH-Win64-Shipping.exe+1150985: 48 85 C0 - test rax,rax
JH-Win64-Shipping.exe+1150988: 74 30 - je JH-Win64-Shipping.exe+11509BA
JH-Win64-Shipping.exe+115098A: 48 89 5C 24 30 - mov [rsp+30],rbx
JH-Win64-Shipping.exe+115098F: 8B 98 CC 01 00 00 - mov ebx,[rax+000001CC]
// ---------- INJECTING HERE ----------
JH-Win64-Shipping.exe+1150995: 89 B0 CC 01 00 00 - mov [rax+000001CC],esi
// ---------- DONE INJECTING ----------
JH-Win64-Shipping.exe+115099B: E8 60 93 E3 FF - call JH-Win64-Shipping.exe+F89D00
JH-Win64-Shipping.exe+11509A0: 8B 57 34 - mov edx,[rdi+34]
JH-Win64-Shipping.exe+11509A3: 44 8B CE - mov r9d,esi
JH-Win64-Shipping.exe+11509A6: 44 8B C3 - mov r8d,ebx
JH-Win64-Shipping.exe+11509A9: 48 8D 88 90 00 00 00 - lea rcx,[rax+00000090]
JH-Win64-Shipping.exe+11509B0: E8 4B FA FD FF - call JH-Win64-Shipping.exe+1130400
JH-Win64-Shipping.exe+11509B5: 48 8B 5C 24 30 - mov rbx,[rsp+30]
JH-Win64-Shipping.exe+11509BA: 48 8B 74 24 38 - mov rsi,[rsp+38]
JH-Win64-Shipping.exe+11509BF: 48 83 C4 20 - add rsp,20
JH-Win64-Shipping.exe+11509C3: 5F - pop rdi
}
</AssemblerScript>
</CheatEntry>
</CheatEntries>
</CheatTable>
|
|
[复制链接]
发表于 2024-5-17 03:25
