冰楓論壇

標題: TwMs v260.3 輪YX坐標 方向 [打印本頁]

---

作者: wangjiaxin857    時間: 2024-4-19 15:04
標題: TwMs v260.3 輪YX坐標 方向
TwMs v260.3
輪類型
[[1477D1330]+20]+0
輪座標
N就是輪類型後面再加個0，比如天雷之輪的ID是2那麽N=20 重生之輪ID是0 N=0 净化之輪的ID是7 N=70
X = [[[[[[[[[1477D1330]+08]+N+8]+98]+D8]+58]+28]+58]+28]+50
Y = [[[[[[[[[1477D1330]+08]+N+8]+98]+D8]+58]+28]+58]+28]+54

以下是人造指針

1. //TwMs v260.3 取得輪ID,Y坐標,X坐標
   
2. [ENABLE]
   
3. alloc(Hook,512,142F6331D)
   
4. alloc(Rune_ID,4)
   
5. registersymbol(Rune_ID)
   
6. alloc(Rune_Y,4)
   
7. registersymbol(Rune_Y)
   
8. alloc(Rune_X,4)
   
9. registersymbol(Rune_X)
   
10. 
    
11. Hook:
    
12. mov [Rune_ID],rax
    
13. mov r14,rax
    
14. shl r14,04
    
15. mov [rbp+0F],r14
    
16. mov rbx,[rsi+08]
    
17. 
    
18. mov rcx,1477D1330
    
19. mov rcx,[rcx]
    
20. mov rcx,[rcx+08]
    
21. mov rcx,[rcx+r14+08]
    
22. cmp dword ptr [rcx+98],0
    
23. je 142F6331D+F
    
24. mov rcx,[rcx+98]
    
25. mov rcx,[rcx+d8]
    
26. mov rcx,[rcx+58]
    
27. mov rcx,[rcx+28]
    
28. mov rcx,[rcx+58]
    
29. mov rcx,[rcx+28]
    
30. mov r9d,[rcx+54]
    
31. mov r8d,[rcx+50]
    
32. mov [Rune_Y],r9d
    
33. mov [Rune_X],r8d
    
34. jmp 142F6331D+F
    
35. 
    
36. 142F6331D:
    
37. jmp Hook
    
38. 
    
39. [DISABLE]
    
40. 142F6331D:
    
41. mov r14,rax
    
42. shl r14,04
    
43. mov [rbp+0F],r14
    
44. mov rbx,[rsi+08]
    
45. 
    
46. dealloc(Hook)
    
47. dealloc(Rune_ID)
    
48. dealloc(Rune_Y)
    
49. dealloc(Rune_X)
    
50. unregistersymbol(Rune_ID)
    
51. unregistersymbol(Rune_Y)
    
52. unregistersymbol(Rune_X)

複製代碼

1. //TwMs v260.3 讀取解輪介面方向鍵
   
2. [ENABLE]
   
3. alloc(RUNE_newmem,1024,142F55D58)
   
4. alloc(RUNE_num,4)
   
5. alloc(rune_arrow,16)
   
6. label(code)
   
7. alloc(RUNEARROW1,4)
   
8. registersymbol(RUNEARROW1)
   
9. alloc(RUNEARROW2,4)
   
10. registersymbol(RUNEARROW2)
    
11. alloc(RUNEARROW3,4)
    
12. registersymbol(RUNEARROW3)
    
13. alloc(RUNEARROW4,4)
    
14. registersymbol(RUNEARROW4)
    
15. 
    
16. RUNE_num:
    
17. db 0
    
18. 
    
19. rune_arrow:
    
20. dd 00 00 00 00
    
21. 
    
22. RUNE_newmem:
    
23. 
    
24. code:
    
25.   cmp [RUNE_num],4
    
26.   jne here
    
27.   mov [RUNE_num],0
    
28.   here:
    
29.   cmp [RUNE_num],0
    
30.   jne RUNE_newmem+27
    
31.   mov [RUNEARROW1],r9
    
32.   cmp [RUNE_num],1
    
33.   jne RUNE_newmem+37
    
34.   mov [RUNEARROW2],r9
    
35.   cmp [RUNE_num],2
    
36.   jne RUNE_newmem+47
    
37.   mov [RUNEARROW3],r9
    
38.   cmp [RUNE_num],3
    
39.   jne RUNE_newmem+57
    
40.   mov [RUNEARROW4],r9
    
41. 
    
42.   mov r8d,[rbp+30]
    
43.   lea rdx,[1465E67D0]
    
44.   push rax
    
45.   push rbx
    
46.   mov rax,rune_arrow
    
47.   mov bx,[RUNE_num]
    
48.   add ax,bx
    
49.   mov [rax],r9
    
50.   pop rbx
    
51.   pop rax
    
52.   inc [RUNE_num]
    
53.   jmp 142F55D58+B
    
54. 
    
55.   142F55D58:
    
56.   jmp RUNE_newmem
    
57.   DB 90 90 90 90 90 90
    
58. 
    
59. [DISABLE]
    
60. 142F55D58:
    
61. mov r8d,[rbp+30]
    
62. lea rdx,[1465E67D0]
    
63. 
    
64. 
    
65. dealloc(RUNE_newmem)
    
66. dealloc(RUNE_num)
    
67. dealloc(rune_arrow)
    
68. dealloc(RUNEARROW1)
    
69. unregistersymbol(RUNEARROW1)
    
70. dealloc(RUNEARROW2)
    
71. unregistersymbol(RUNEARROW2)
    
72. dealloc(RUNEARROW3)
    
73. unregistersymbol(RUNEARROW3)
    
74. dealloc(RUNEARROW4)
    
75. unregistersymbol(RUNEARROW4)

複製代碼

0 = 方向鍵下、1 = 方向鍵上、2 = 方向鍵左、3 = 方向鍵右

---

作者: u11334342    時間: 2024-4-19 15:50
雖然很感謝有人公布，但大神您太狠，直接給標準答案XD  希望看到的人低調使用，讓數據活久一點啊

---

歡迎光臨 冰楓論壇 (https://bingfong.com/)

Powered by 冰楓