[转]增加命令重载服务端EVT (/reload_evt)
命令用法: /reload_evt <zone>比如重载21.evt,你可以用: /reload_evt 21004256B8 > E9 6B600400 JMP 0046B728
004256BD 90 NOP
Code-cave:
0046B71C . 2F 72 65 6C 6F 61 64 5F 65 76 74 00 ASCII "/reload_evt",0
0046B728 > 8D85 DCFEFFFF LEA EAX,DWORD PTR SS:
0046B72E . 68 1CB74600 PUSH 0046B71C ;ASCII "/reload_evt"
0046B733 . 50 PUSH EAX
0046B734 . E8 2A87F9FF CALL 00403E63
0046B739 . 59 POP ECX
0046B73A . 85C0 TEST EAX,EAX
0046B73C . 59 POP ECX
0046B73D 75 6A JNZ SHORT 0046B7A9
0046B73F . 8B45 08 MOV EAX,DWORD PTR SS:
0046B742 . 36:8D8428 5CFDFFFF LEA EAX,DWORD PTR SS:
0046B74A . 50 PUSH EAX
0046B74B . 8D85 DCFEFFFF LEA EAX,DWORD PTR SS:
0046B751 . 50 PUSH EAX
0046B752 . E8 7F5FF9FF CALL 004016D6
0046B757 . 8D85 DCFEFFFF LEA EAX,DWORD PTR SS: ; |
0046B75D . 50 PUSH EAX ; |Arg1
0046B75E . E8 1D600900 CALL 00501780 ; \00501780
0046B763 . 83C4 0C ADD ESP,0C
0046B766 . 85C0 TEST EAX,EAX
0046B768 74 3F JE SHORT 0046B7A9
0046B76A . 60 PUSHAD
0046B76B . 9C PUSHFD
0046B76C . BF 80276800 MOV EDI,00682780
0046B771 . 57 PUSH EDI ; /pCriticalSection => Ebenezer.00682780
0046B772 . 8BD8 MOV EBX,EAX ; |
0046B774 . FF15 18996800 CALL DWORD PTR DS: ; \EnterCriticalSection
0046B77A . 8BCE MOV ECX,ESI
0046B77C . 53 PUSH EBX
0046B77D . 81C1 98140000 ADD ECX,1498
0046B783 . E8 475CF9FF CALL 004013CF
0046B788 . 57 PUSH EDI ; /pCriticalSection
0046B789 . 8BC8 MOV ECX,EAX ; |
0046B78B . FF15 14996800 CALL DWORD PTR DS: ; \LeaveCriticalSection
0046B791 . 85C9 TEST ECX,ECX
0046B793 74 0D JE SHORT 0046B7A2
0046B795 51 PUSH ECX
0046B796 E8 206BF9FF CALL 004022BB
0046B79B 59 POP ECX
0046B79C 53 PUSH EBX
0046B79D E8 DE6EF9FF CALL 00402680
0046B7A2 9D POPFD
0046B7A3 61 POPAD
0046B7A4 ^E9 8FA7FBFF JMP 00425F38
0046B7A9 8D85 DCFEFFFF LEA EAX,DWORD PTR SS:
0046B7AF ^E9 0A9FFBFF JMP 004256BE 感謝樓主分享~~~改天試試囉
页:
[1]