TwMS v1.50.2_ICS_惡魔直接狼頭

[Enable]
alloc(DFMODE,512)
registersymbol(DFMODE)
Label(FakeCall1)
Label(FakeCall2)
Label(RealCall1)
Label(RealCall2)
Label(HookFun1)
Label(HookFun2)
//-------------------
DFMODE:
//-------------------
FakeCall1:
CMP [ESP+0C],009419A4
JNE RealCall1
MOV [ESP+0C],HookFun1
//-------------------
RealCall1:
JMP 00521B03
//-------------------
HookFun1:
lea ecx,[eax+1a8]
call 0046735e
push eax
call 00549a8d
pop ecx
test eax,eax
mov ecx,[ebp+50]
push ebx
call 004e7a3c
test eax,eax
mov eax,[esi]
mov ecx,esi
call dword ptr [eax+50]
push eax
call 0046aa44
pop ecx
test eax,eax
push ebx
call 008c44d4
pop ecx
mov eax,[esi+3e8]
push eax
call 0045ef17
push [esi+3ec]
mov [ebp+48],eax
call 0045ef17
pop ecx
pop ecx
mov ecx,[00e181d8]
mov [ebp+10],eax
lea eax,[ebp+58]
push eax
CMP EBX,1D905C4
JNZ 00941A0F
PUSH 1D909B0
JMP 00941A10
//-------------------
FakeCall2:
CMP [ESP],00944BBE
JNE RealCall2
MOV [ESP],HookFun2
//-------------------
RealCall2:
JMP 008F9CC7
//-------------------
HookFun2:
push eax
call 0049E09A
pop ecx
MOV EaX,[EBP+14]
mov ecx,[00E181D8]
push ebx
push ebx
push ebx
lea eax,[ebp+6c]
push eax
CMP [EBP+68],1D905C4
JNZ 00944C5C
PUSH 1D909B0
JMP 00944C5F
//-------------------
00C0F6E0:
DD FakeCall1
//-------------------
00C8A1A4:
DD FakeCall2
//-------------------
[Disable]
00C0F6E0:
DD 00521B03
//-------------------
00C8A1A4:
DD 008F9CC7
//-------------------
dealloc(DFMODE)
unregistersymbol(DFMODE)