📄 cs1.5crk.asm
字号:
; ????????????????????????????????????
.486 ; create 32 bit code
.model flat, stdcall ; 32 bit memory model
option casemap :none ; case sensitive
include \masm32\include\windows.inc
include \masm32\include\masm32.inc
include \masm32\include\gdi32.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
include \masm32\include\Comctl32.inc
include \masm32\include\comdlg32.inc
include \masm32\include\shell32.inc
include \masm32\include\oleaut32.inc
includelib \masm32\lib\masm32.lib
includelib \masm32\lib\gdi32.lib
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\Comctl32.lib
includelib \masm32\lib\comdlg32.lib
includelib \masm32\lib\shell32.lib
includelib \masm32\lib\oleaut32.lib
; ????????????????????????????????????
.data
CS_AppName1 db "cstrike.exe",0
CS_AppName2 db "hl.exe",0
CS_CommandLine db " -console -game cstrike",0
CS_StartupInfo db 48h dup (0)
BaseOfMpDll dd 0
IsModified dd 0
;-------------------------------------------------
nFileNameSize=60h
PatcherFileName db nFileNameSize dup (0)
WeaponName db 10h dup(0)
nWeaponNameSize dd 0
lpBaseAddressx dd 05790h
oBufferx db 048h
mBufferx db 090h
nSizex = 1h
lpBaseAddressx1 dd 05790h
oBufferx1 db 048h
mBufferx1 db 090h
nSizex1 = 1h
lpBaseAddressx2 dd 05790h
oBufferx2 db 048h
mBufferx2 db 090h
nSizex2 = 1h
;-------------------------------------------------
hProcess dd 0
tBuffer db 40h dup(0)
; MpCheck
lpBaseAddress = 0ca0dh
oBuffer db 04bh,06ah,05h
mBuffer db 090h,090h,090h
nSize = 3h
lpBaseAddress0 = 0193240ah
oBuffer0 db 074h
mBuffer0 db 0ebh
nSize0 = 1h
lpBaseAddress1 = 0ca0dh
oBuffer1 db 04bh
mBuffer1 db 090h
nSize1 = 1h
lpBaseAddress2 = 05790h
oBuffer2 db 048h
mBuffer2 db 090h
nSize2 = 1h
lpBaseAddress3 = 03508h
oBuffer3 db 048h
mBuffer3 db 090h
nSize3 = 1h
lpBaseAddress4 = 09728h
oBuffer4 db 048h
mBuffer4 db 090h
nSize4 = 1h
lpBaseAddress5 = 03bach
oBuffer5 db 048h
mBuffer5 db 090h
nSize5 = 1h
lpBaseAddress6 = 04348h
oBuffer6 db 048h
mBuffer6 db 090h
nSize6 = 1h
lpBaseAddress7 = 07951h
oBuffer7 db 04ah
mBuffer7 db 090h
nSize7 = 1h
lpBaseAddress8 = 0cf21h
oBuffer8 db 04ah
mBuffer8 db 090h
nSize8 = 1h
lpBaseAddress9 = 09012h
oBuffer9 db 048h
mBuffer9 db 090h
nSize9 = 1h
lpBaseAddress10 = 0bbd8h
oBuffer10 db 048h
mBuffer10 db 090h
nSize10 = 1h
lpBaseAddress11 = 09cfdh
oBuffer11 db 048h
mBuffer11 db 090h
nSize11 = 1h
lpBaseAddress12 = 08a32h
oBuffer12 db 048h
mBuffer12 db 090h
nSize12 = 1h
lpBaseAddress13 = 0c18fh
oBuffer13 db 048h
mBuffer13 db 090h
nSize13 = 1h
lpBaseAddress14 = 01352h
oBuffer14 db 048h
mBuffer14 db 090h
nSize14 = 1h
lpBaseAddress15 = 0afb2h
oBuffer15 db 048h
mBuffer15 db 090h
nSize15 = 1h
lpBaseAddress16 = 08348h
oBuffer16 db 048h
mBuffer16 db 090h
nSize16 = 1h
lpBaseAddress17 = 01da2h
oBuffer17 db 048h
mBuffer17 db 090h
nSize17 = 1h
lpBaseAddress18 = 0a2fdh
oBuffer18 db 048h
mBuffer18 db 090h
nSize18 = 1h
lpBaseAddress19 = 0250eh
oBuffer19 db 048h
mBuffer19 db 090h
nSize19 = 1h
lpBaseAddress20 = 04f03h
oBuffer20 db 048h
mBuffer20 db 090h
nSize20 = 1h
lpBaseAddress21 = 0a9b3h
oBuffer21 db 048h
mBuffer21 db 090h
nSize21 = 1h
lpBaseAddress22 = 073d2h
oBuffer22 db 048h
mBuffer22 db 090h
nSize22 = 1h
lpBaseAddress23 = 04a10h
oBuffer23 db 04ah
mBuffer23 db 090h
nSize23 = 1h
lpBaseAddress24 = 05fd6h
oBuffer24 db 04ah
mBuffer24 db 090h
nSize24 = 1h
lpBaseAddress25 = 0b7b8h
oBuffer25 db 04ah
mBuffer25 db 090h
nSize25 = 1h
CopyRightCaption db "反恐精英V1.5 子弹无限作弊器",0
CopyRightText db "使用方法:将本作弊器文件名改为欲作弊武器的购买按键序列后放到反恐目录下运行。",0dh,0ah
db " 如要AK47子弹无限,文件名就改为b41(闪弹/手雷/烟弹用b83/b84/b85表示)。",0dh,0ah
db " 支持<单种><两种>和<全部>三种作弊模式,模式由作弊器文件名来识别。",0dh,0ah
db " <全部>为默认模式,改名时要注意格式一定要对,具体例子格式如下:",0dh,0ah,0dh,0ah
db " 作弊模式 文件名格式 作弊武器",0dh,0ah
db " 单种 b41 AK47",0dh,0ah
db " 两种 b13+b46 Deagle和AWP",0dh,0ah
db " 全部 其它 所有武器",0dh,0ah,0dh,0ah
db "编制说明:win32汇编语言编写,由 rgbsky(俞凯) 完成,谢谢朋友们的使用!",0dh,0ah
db "编制时间:2005年6月18日 版本:Ver1.2",0dh,0ah
db "作者联系:rgbsky@sohu.com rgbsky@hotmail.com (QQ:175583470)",0
SecceedCaption db "成功",0
SecceedText db "修改器顺利工作。",0
Error1Caption db "失败",0
Error1Text db "反恐程序未找到,请确保该修改器与 cstrike.exe 或 hl.exe 在同一目录下。",0
Error2Caption db "失败",0
Error2Text db "'模块文件名获取失败。",0
Error3Caption db "失败",0
Error3Text db "'读取内存时产生错误。",0
Error4Caption db "失败",0
Error4Text db "文件不匹配,请检查反恐精英的版本是否为Ver1.5。",0
Error5Caption db "失败",0
Error5Text db "写入内存时产生错误。",0
.data?
DBEvent DEBUG_EVENT <>
CS_ProcessInfo PROCESS_INFORMATION <>
.code
; ?????????????????????????????????????
start:
; ?????????????????????????????????????
invoke GetModuleFileName,NULL,addr PatcherFileName,nFileNameSize
test eax,eax
jz BeginPatcher
mov nWeaponNameSize,eax
mov ecx,eax
sub ecx,4
obtainlength:
dec ecx
mov ebx,offset PatcherFileName
mov al,byte ptr [ebx+ecx]
cmp al,'\'
jz getlength
cmp al,60h
jb uppercase
sub al,20h
uppercase:
mov byte ptr [ebx+ecx],al
jmp obtainlength
getlength:
sub nWeaponNameSize,5
sub nWeaponNameSize,ecx
xor esi,esi
fillweaponname:
inc ecx
mov ebx,offset PatcherFileName
mov al,byte ptr [ebx+ecx]
mov edx,offset WeaponName
mov byte ptr [edx+esi],al
inc esi
cmp esi,nWeaponNameSize
jnz fillweaponname
.IF esi==3h
jmp Init1Weapon
.ELSEIF esi==7h
jmp Init2Weapon
.ELSE
jmp BeginPatcher
.ENDIF
Init1Weapon:
.IF WeaponName[0]=='B' && WeaponName[1]=='1' && WeaponName[2]=='1'
mov lpBaseAddressx,0ca0dh
mov oBufferx,04bh
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='1' && WeaponName[2]=='2'
mov lpBaseAddressx,05790h
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='1' && WeaponName[2]=='3'
mov lpBaseAddressx,03508h
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='1' && WeaponName[2]=='4'
mov lpBaseAddressx,09728h
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='1' && WeaponName[2]=='5'
mov lpBaseAddressx,03bach
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='1' && WeaponName[2]=='6'
mov lpBaseAddressx,04348h
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='2' && WeaponName[2]=='1'
mov lpBaseAddressx,07951h
mov oBufferx,04ah
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='2' && WeaponName[2]=='2'
mov lpBaseAddressx,0cf21h
mov oBufferx,04ah
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='3' && WeaponName[2]=='1'
mov lpBaseAddressx,09012h
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='3' && WeaponName[2]=='2'
mov lpBaseAddressx,0bbd8h
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='3' && WeaponName[2]=='3'
mov lpBaseAddressx,09cfdh
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='3' && WeaponName[2]=='4'
mov lpBaseAddressx,08a32h
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='3' && WeaponName[2]=='5'
mov lpBaseAddressx,0c18fh
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='4' && WeaponName[2]=='1'
mov lpBaseAddressx,01352h
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='4' && WeaponName[2]=='2'
mov lpBaseAddressx,0afb2h
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='4' && WeaponName[2]=='3'
mov lpBaseAddressx,08348h
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='4' && WeaponName[2]=='4'
mov lpBaseAddressx,01da2h
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='4' && WeaponName[2]=='5'
mov lpBaseAddressx,0a2fdh
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='4' && WeaponName[2]=='6'
mov lpBaseAddressx,0250eh
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='4' && WeaponName[2]=='7'
mov lpBaseAddressx,04f03h
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='4' && WeaponName[2]=='8'
mov lpBaseAddressx,0a9b3h
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='5' && WeaponName[2]=='1'
mov lpBaseAddressx,073d2h
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='8' && WeaponName[2]=='3'
mov lpBaseAddressx,04a10h
mov oBufferx,04ah
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='8' && WeaponName[2]=='4'
mov lpBaseAddressx,05fd6h
mov oBufferx,04ah
jmp BeginPatcher
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='8' && WeaponName[2]=='5'
mov lpBaseAddressx,0b7b8h
mov oBufferx,04ah
jmp BeginPatcher
.ENDIF
mov nWeaponNameSize,0
jmp BeginPatcher
Init2Weapon:
.IF WeaponName[0]=='B' && WeaponName[1]=='1' && WeaponName[2]=='1'
mov lpBaseAddressx1,0ca0dh
mov oBufferx1,04bh
jmp testb2
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='1' && WeaponName[2]=='2'
mov lpBaseAddressx1,05790h
jmp testb2
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='1' && WeaponName[2]=='3'
mov lpBaseAddressx1,03508h
jmp testb2
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='1' && WeaponName[2]=='4'
mov lpBaseAddressx1,09728h
jmp testb2
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='1' && WeaponName[2]=='5'
mov lpBaseAddressx1,03bach
jmp testb2
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='1' && WeaponName[2]=='6'
mov lpBaseAddressx1,04348h
jmp testb2
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='2' && WeaponName[2]=='1'
mov lpBaseAddressx1,07951h
mov oBufferx1,04ah
jmp testb2
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='2' && WeaponName[2]=='2'
mov lpBaseAddressx1,0cf21h
mov oBufferx1,04ah
jmp testb2
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='3' && WeaponName[2]=='1'
mov lpBaseAddressx1,09012h
jmp testb2
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='3' && WeaponName[2]=='2'
mov lpBaseAddressx1,0bbd8h
jmp testb2
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='3' && WeaponName[2]=='3'
mov lpBaseAddressx1,09cfdh
jmp testb2
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='3' && WeaponName[2]=='4'
mov lpBaseAddressx1,08a32h
jmp testb2
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='3' && WeaponName[2]=='5'
mov lpBaseAddressx1,0c18fh
jmp testb2
.ENDIF
.IF WeaponName[0]=='B' && WeaponName[1]=='4' && WeaponName[2]=='1'
mov lpBaseAddressx1,01352h
jmp testb2
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -