mdlsubcall.bas

武林外传外挂源代码

Attribute VB_Name = "mdlSubCall"
Option Explicit

Public Sub fnUseSkill(skillid As Long, targetid As Long)
    '技能CALL
    If dwProcessId = 0 Then Exit Sub
    Dim asm As New clsASM
    With asm
        .Pushad
        .Push &HBF800000
        .Push &HBF800000
        .Push &HBF800000
        .Push targetid      '怪ID
        .Push &HFFFFFFFF
        .Push skillid       '普攻技能ID
                            'MOV ECX,ESI传进去的参数
        .Mov_ECX_DWORD_Ptr CharBaseAddr
        .Mov_EAX_DWORD_Ptr_ECX_Add &H64
        .Mov_ECX_DWORD_Ptr_EAX_Add &H160
        .Mov_EAX UseSkillCallAddr
        .Call_EAX
        .Popad
        .ret
    End With
    asm.Run_ASM dwProcessId
End Sub

' 捡物
Public Sub PickPack(packid As Long)
    Call fnPackOpen(packid)
    Call Sleep(300)
    
    Dim hProcess As Long
    hProcess = OpenProcess(PROCESS_VM_READ, 0, dwProcessId)
    If hProcess = 0 Then Exit Sub
    Dim addr As Long
    Dim x0 As Single, z0 As Single, y0 As Single, x1 As Single, z1 As Single, y1 As Single
    x0 = 0: z0 = 0: y0 = 0
    Do
        ReadProcessMemory hProcess, CharBaseAddr, addr, 4, 0&
        ReadProcessMemory hProcess, addr + &H64, addr, 4, 0&
        ReadProcessMemory hProcess, addr + &H44, x1, 4, 0&
        ReadProcessMemory hProcess, addr + &H48, z1, 4, 0&
        ReadProcessMemory hProcess, addr + &H4C, y1, 4, 0&
        If x0 = x1 And z0 = z1 And y0 = y1 Then Exit Do
        x0 = x1: z0 = z1: y0 = y1
    Loop While True
    CloseHandle hProcess
    Call fnPackPickAll
End Sub

Private Sub fnPackOpen(packid As Long)
    '打开物品包包CALL
    If dwProcessId = 0 Then Exit Sub
    Dim asm As New clsASM
    With asm
        .Pushad
        .Push packid
        .Mov_ECX_DWORD_Ptr CharBaseAddr
        .Mov_ECX_DWORD_Ptr_ECX_Add &H64
        .Mov_ECX_DWORD_Ptr_ECX_Add &H160
        .Mov_EAX PackOpenCallAddr
        .Call_EAX
        .Popad
        .ret
    End With
    asm.Run_ASM dwProcessId
End Sub

Private Sub fnPackPickAll()
    '全部拾取CALL，调用打开物品包包CALL后有效，否则出错
    If dwProcessId = 0 Then Exit Sub
    Dim asm As New clsASM
    With asm
        .Pushad
        .Mov_EBX PackPickAllCallAddr
        .Call_EBX
        .Popad
        .ret
    End With
    asm.Run_ASM dwProcessId
End Sub

Public Sub fnWalk(x As Single, y As Single)
    '走路CALL
    If dwProcessId = 0 Then Exit Sub
    Dim asm As New clsASM, xl As Long, yl As Long
    Call CopyMemory(xl, x, 4)
    Call CopyMemory(yl, y, 4)
    With asm
        .Pushad
        .Push yl
        .Push xl
        .Mov_EAX_DWORD_Ptr CharBaseAddr
        .Mov_ECX_DWORD_Ptr_EAX_Add &H64
        .Mov_ECX_DWORD_Ptr_ECX_Add &H160
        .Mov_EDX_DWORD_Ptr_ECX
        .Mov_EAX WalkCallAddr
        .Call_EAX
        .Popad
        .ret
    End With
    asm.Run_ASM dwProcessId
End Sub


Public Sub fnCancelSit()
    '取消打坐的CALL
    '0049EC9B    8B45 10         MOV EAX,DWORD PTR SS:[EBP+10]
    '0049EC9E    8B4D 08         MOV ECX,DWORD PTR SS:[EBP+8]
    '0049ECA1    50              PUSH EAX
    '0049ECA2    57              PUSH EDI
    '0049ECA3    51              PUSH ECX
    '0049ECA4    8BCE            MOV ECX,ESI
    '0049ECA6    E8 A5FEFFFF     CALL Game.0049EB50
    '0049ECAB    5F              POP EDI
    '0049ECAC    5E              POP ESI
    '0049ECAD    5D              POP EBP
    '0049ECAE    C2 1800         RETN 18    If dwProcessId = 0 Then Exit Sub
    If dwProcessId = 0 Then Exit Sub
    Dim asm As New clsASM
    With asm
        .Pushad

        .Popad
        .ret
    End With
    asm.Run_ASM dwProcessId
End Sub