高级玩家
- 贡献度
- 1
- 金元
- 3632
- 积分
- 367
- 精华
- 0
- 注册时间
- 2012-2-15
|
dalao你好,在我的帖子中@hf821980909 给出的箱子代码 http://bbs.3dmgame.com/forum.php?mod=redirect&goto=findpost&ptid=5334336&pid=177887006[ENABLE]
aobscan(chest1,F3 0F 10 47 54 F3 0F 5A C0 F2)
alloc(newmem,$1000,chest1)
label(code)
label(return)
newmem:
code:
fld1
fstp [rdi+54]
movss xmm0,[rdi+54]
jmp return
chest1:
jmp code
return:
registersymbol(chest1)
aobscan(chest2,F3 0F 10 47 64 F3 0F 5A C0 F2)
alloc(newmem2,$1000,chest2)
label(code2)
label(return2)
newmem2:
code2:
fld1
fstp [rdi+64]
movss xmm0,[rdi+64]
jmp return2
chest2:
jmp code2
return2:
registersymbol(chest2)
[DISABLE]
chest1:
db F3 0F 10 47 54
unregistersymbol(chest1)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: 1978D918
1978D8EC: 41 FF D3 - call r11d
1978D8EF: 48 83 C4 20 - add rsp,20
1978D8F3: 4C 8B F8 - mov r15,rax
1978D8F6: 48 83 EC 20 - sub rsp,20
1978D8FA: 49 BB 70 04 BA 45 00 00 00 00 - mov r11,UnityEngine:Random:get_value
1978D904: 41 FF D3 - call r11d
1978D907: 48 83 C4 20 - add rsp,20
1978D90B: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
1978D90F: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0
1978D913: F3 0F 11 6D C4 - movss [rbp-3C],xmm5
// ---------- INJECTING HERE ----------
1978D918: F3 0F 10 47 54 - movss xmm0,[rdi+54]
// ---------- DONE INJECTING ----------
1978D91D: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
1978D921: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0
1978D925: F3 0F 11 AD 7C FE FF FF - movss [rbp-00000184],xmm5
1978D92D: 48 83 EC 20 - sub rsp,20
1978D931: 49 BB 10 BA 62 05 00 00 00 00 - mov r11,GameManager:2332223
1978D93B: 41 FF D3 - call r11d
1978D93E: 48 83 C4 20 - add rsp,20
1978D942: 48 8B C8 - mov rcx,rax
1978D945: 48 83 EC 20 - sub rsp,20
1978D949: 83 38 00 - cmp dword ptr [rax],00
}
chest2:
db F3 0F 10 47 64
unregistersymbol(chest2)
dealloc(newmem2)
{
// ORIGINAL CODE - INJECTION POINT: 1978DF6F
1978DF44: 33 D2 - xor edx,edx
1978DF46: 45 33 C0 - xor r8d,r8d
1978DF49: 48 83 EC 20 - sub rsp,20
1978DF4D: 83 38 00 - cmp dword ptr [rax],00
1978DF50: 49 BB 9C EA 78 19 00 00 00 00 - mov r11,000000001978EA9C
1978DF5A: 41 FF D3 - call r11d
1978DF5D: 48 83 C4 20 - add rsp,20
1978DF61: E9 91 09 00 00 - jmp Dungeonator:223332333:3332333_2+1207
1978DF66: 45 85 F6 - test r14d,r14d
1978DF69: 0F 84 8A 00 00 00 - je Dungeonator:223332333:3332333_2+909
// ---------- INJECTING HERE ----------
1978DF6F: F3 0F 10 47 64 - movss xmm0,[rdi+64]
// ---------- DONE INJECTING ----------
1978DF74: F3 0F 5A C0 - cvtss2sd xmm0,xmm0
1978DF78: F2 0F 5A E8 - cvtsd2ss xmm5,xmm0
1978DF7C: F3 0F 11 AD 6C FE FF FF - movss [rbp-00000194],xmm5
1978DF84: B9 60 FD 5D 14 - mov ecx,145DFD60
1978DF89: 48 83 EC 20 - sub rsp,20
1978DF8D: 49 BB 50 CD AB 00 00 00 00 00 - mov r11,PassiveItem:23
1978DF97: 41 FF D3 - call r11d
1978DF9A: 48 83 C4 20 - add rsp,20
1978DF9E: 85 C0 - test eax,eax
1978DFA0: 74 28 - je Dungeonator:223332333:3332333_2+8da
} 在1.1.0 h2 也是可以用的,但不是百分百出箱子,我想请问是哪行代码修改这个概率的?如果必出彩虹箱子的话需要修改那些代码? |
|