TwMS v1.50.2_ICS_疾風N合1

[ENABLE]
RegisterSymbol(Main)
Alloc(Main, 4096)
RegisterSymbol(Time)
Alloc(Time, 4)
RegisterSymbol(MissTime)
Alloc(MissTime, 4)
RegisterSymbol(MissTimeCmp)
Alloc(MissTimeCmp, 4)
RegisterSymbol(MobJump)
Alloc(MobJump, 4)
RegisterSymbol(MobFastSwitch)
Alloc(MobFastSwitch, 4)
RegisterSymbol(MobBack)
Alloc(MobBack, 4)
RegisterSymbol(NoHurtSwitch)
Alloc(NoHurtSwitch, 4)
RegisterSymbol(ItemClean)
Alloc(ItemClean, 4)
RegisterSymbol(ItemID)
Alloc(ItemID, 4)
Label(Nohurt)
Label(NohurtMain)
Label(NohurtMainI)
Label(NohurtMainII)
Label(StupidMonster)
Label(StupidMonsterMain)
Label(MobNoJump)
Label(MobNoJumpMain)
//------
registersymbol(CheckESP)
alloc(CheckESP,512)
registersymbol(ItemList)
alloc(ItemList,204800)
Label(HookItem)
Label(HookItemFun)
Label(HookOr1)
Label(HookOr2)
Label(Filter)
Label(Skip)
Label(End)
Label(Return)
//------
Label(HookESP)
Label(HookFun)
//--------
Label(MobFast)
Label(MobFastMain)
Label(MobFastMainI)
//--------
RegisterSymbol(UltimateSwitch)
Alloc(UltimateSwitch, 4)
label(Ultimate)
label(UltimateMain)
//==============
NoHurtSwitch:
DD 1 //無敵

UltimateSwitch:
dd 1 //終極攻擊

MobJump:
dd 1 //跳怪跳控制

MobFastSwitch:
dd 0 //怪物移動加速

MobBack:
dd 0 //怪物不退

ItemClean:
dd 0 //物品過路

Time:
DD FFFF1D70 //無敵58秒

MissTime:
DD 5 //迴避次數


ItemList:
dd 00

Main:
Cmp [Esp+24], 00922C4C //E8 ?? ?? ?? FF F6 80 ?? ?? ?? 00 02 74 ?? 89
Je Nohurt
Cmp [Esp+24], 00982F03 //6A 05 33 D2 59 F7 F1 85 D2
Je MobNoJump
Cmp [Esp+24], 00981B64 //33 D2 B9 60 EA 00 00 F7 F1
Je StupidMonster
Cmp [Esp+6C], 004EEFDC //8B 45 E4 8B 75 B0
Je HookItem
Cmp [Esp+3C], 00610723 //83 7D 3C 01 75 11
JE HookESP
cmp [esp+3c], 006226E1 //85 C0 0F ?? ?? ?? ?? ?? 8B 7E ?? 80 3F
je MobFast
cmp [esp+24], 008f5e8a //6a 65 59 33 d2 f7 f1
je Ultimate
Jmp 0072C5C5
//==============
Nohurt:
Mov [Esp+24], NohurtMain
Jmp 0072C5C5

StupidMonster:
Mov [Esp+24], StupidMonsterMain
Jmp 0072C5C5

MobNoJump:
Mov [Esp+24], MobNoJumpMain
Jmp 0072C5C5

HookItem:
Mov [Esp+6C],HookItemFun
JMP 0072C5C5

HookESP:
Mov [ESP+3C],HookFun
JMP 0072C5C5

Ultimate:
cmp [UltimateSwitch],0
je 0072C5C5
Mov [esp+24],UltimateMain
JMP 0072C5C5

MobFast:
cmp [MobFastSwitch],0
je 0072C5C5
mov [esp+3c],MobFastMain
jmp 0072C5C5

//-------------------------
UltimateMain:
push 65
pop ecx
xor edx,edx
div ecx
push [ebp-18]
mov ecx,[ebp-08]
mov [ebp-1c],edx
call 006dbcd8
mov ecx,eax
call 006b2a76
cmp [ebp-1c],eax
jmp 008f5eb9
//-------------------------
MobFastMain:
test eax,eax
jng 0062287E //8D 4E ?? E8 ?? ?? ?? ?? 33 D2
mov edi,[esi+30]
cmp byte ptr [edi],03
jne MobFastMainI
jmp 006226F1

MobFastMainI:
lea eax,[ebp-20]
push eax
lea eax,[ebp-18]
push eax
lea eax,[ebp-08]
push eax
lea eax,[ebp-10]
push eax
movsx eax,word ptr [edi+10]
push eax
mov ecx,esi
Mov eax,64  //移動速度
JMP 00622764
//-------------------------
HookFun:
cmp [MobBack],1
jne 00610723 //83 7D ?? ?? 75 ?? 8B 4D ?? E8 ?? ?? ?? ?? 39 45
CMP DWORD PTR SS:[EBP+3C],1
jne 0061073A
mov ecx,[ebp-18]
call 005FD5D9 //55 8B EC 51 56 8B F1 8B 0D ?? ?? ?? ?? 57 85 C9
jmp 00610736 //33 D2 EB ?? 8B 55
//-------------------------
StupidMonsterMain:
Xor  Edx, Edx
Mov  Ecx, 0000ea60
Lea  Ecx, [Esi+000002c0]
Jmp  00981B79 //52 E8 ?? ?? ?? ?? 8B 5D ?? 8D BE
//-------------------------
MobNoJumpMain:
Push 05
Xor  edx,edx
Pop  ecx
Div  ecx
Test edx,edx
Cmp  [MobJump], 1
Je   00982F17 //8B CF C7 86 ?? ?? ?? ?? ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 D2
Cmp  [MobJump], 2
Je   00982F0E // Mov  Ecx, Esi
Jmp  00982F0A // Test Edx, Edx
//-------------------------
NohurtMain:
cmp [NoHurtSwitch],0
je NohurtMainII
call 0042FDB1 //56 8B 35 ?? ?? ?? ?? 85 F6 74 15
Mov  Eax, [Ebp+58]
Shr  Eax, 2 // 損血量 * 0.75倍
Sub  [Ebp+58], Eax
Mov  Eax, [Time]
Mov  Ecx, [MissTime]
Cmp  [MissTimeCmp], Ecx
Jge   NohurtMainI
Mov  [Ebp+58],0
Mov  [Ebp+5C],0
Mov  [Ebp+60],0
Inc  [MissTimeCmp]
Jmp  009231A9
//8D 8B ?? ?? 00 00 50 E8 ?? ?? ?? FF E9 ?? ?? ?? 00 6A 05
//==============
NohurtMainI:
Mov  [Ebp+5C],0
Mov  [Ebp+60],0
Mov  [MissTimeCmp], 0
Jmp  009231A9 //8D 8B ?? ?? ?? ?? 50 E8 ?? ?? ?? ?? E9 ?? ?? ?? ?? 6A
//==============
NohurtMainII:
Mov  [Ebp+5C],0
Mov  [Ebp+60],0
call 0042FDB1 //56 8B 35 ?? ?? ?? ?? 85 F6 74 15 8D 4E
Mov  Eax, fffffa24
Jmp  009231A9
//-------------------------
HookItemFun:
MOV EAX,DWORD PTR SS:[EBP-1C]
MOV ESI,DWORD PTR SS:[EBP-50]
cmp [ItemClean],0
je Return
MOV BYTE PTR DS:[ESI+1C],AL
CMP EAX,1
JE HookOr1
CMP EAX,2
JE HookOr1
XOR AL,AL
JMP HookOr2

HookOr1:
MOV AL,1

HookOr2:
MOV BYTE PTR DS:[ESI+1D],AL
MOV DWORD PTR DS:[ESI+20],EDI
MOV EDI,DWORD PTR SS:[EBP+8]
MOV ECX,EDI
call 00408B13
MOVZX EAX,AL
MOV ECX,EDI
MOV DWORD PTR DS:[ESI+30],EAX
call 00408B6F
PUSH ESI
MOV ESI,ItemList

Filter:
mov [ItemID],eax
CMP EAX,C350
JLE End
CMP DWORD PTR DS:[ESI],0
Je End
CMP DWORD PTR DS:[ESI],EAX
Je Skip
ADD ESI,4
JMP Filter

Skip:
XOR EAX,EAX

End:
POP ESI
MOV ECX,EDI
MOV [ESI+34],EAX
JMP 004EF017

Return:
MOV BYTE PTR DS:[ESI+1C],AL
cmp eax,01
jmp 004EEFE8
//-------------------------
00DFCA4C:
dd Main
[DISABLE]
00DFCA4C:
DD 0072C5C5
//-------------------------
DeAlloc(Main)
UnRegisterSymbol(Main)
DeAlloc(Time)
UnRegisterSymbol(Time)
DeAlloc(MissTime)
UnRegisterSymbol(MissTime)
DeAlloc(MissTimeCmp)
UnRegisterSymbol(MissTimeCmp)