命令用法: /reload_evt <zone>
比如重载21.evt,你可以用: /reload_evt 21- 004256B8 > E9 6B600400 JMP 0046B728
- 004256BD 90 NOP
- Code-cave:
- 0046B71C . 2F 72 65 6C 6F 61 64 5F 65 76 74 00 ASCII "/reload_evt",0
- 0046B728 > 8D85 DCFEFFFF LEA EAX,DWORD PTR SS:[EBP-124]
- 0046B72E . 68 1CB74600 PUSH 0046B71C ; ASCII "/reload_evt"
- 0046B733 . 50 PUSH EAX
- 0046B734 . E8 2A87F9FF CALL 00403E63
- 0046B739 . 59 POP ECX
- 0046B73A . 85C0 TEST EAX,EAX
- 0046B73C . 59 POP ECX
- 0046B73D 75 6A JNZ SHORT 0046B7A9
- 0046B73F . 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
- 0046B742 . 36:8D8428 5CFDFFFF LEA EAX,DWORD PTR SS:[EAX+EBP-2A4]
- 0046B74A . 50 PUSH EAX
- 0046B74B . 8D85 DCFEFFFF LEA EAX,DWORD PTR SS:[EBP-124]
- 0046B751 . 50 PUSH EAX
- 0046B752 . E8 7F5FF9FF CALL 004016D6
- 0046B757 . 8D85 DCFEFFFF LEA EAX,DWORD PTR SS:[EBP-124] ; |
- 0046B75D . 50 PUSH EAX ; |Arg1
- 0046B75E . E8 1D600900 CALL 00501780 ; \00501780
- 0046B763 . 83C4 0C ADD ESP,0C
- 0046B766 . 85C0 TEST EAX,EAX
- 0046B768 74 3F JE SHORT 0046B7A9
- 0046B76A . 60 PUSHAD
- 0046B76B . 9C PUSHFD
- 0046B76C . BF 80276800 MOV EDI,00682780
- 0046B771 . 57 PUSH EDI ; /pCriticalSection => Ebenezer.00682780
- 0046B772 . 8BD8 MOV EBX,EAX ; |
- 0046B774 . FF15 18996800 CALL DWORD PTR DS:[689918] ; \EnterCriticalSection
- 0046B77A . 8BCE MOV ECX,ESI
- 0046B77C . 53 PUSH EBX
- 0046B77D . 81C1 98140000 ADD ECX,1498
- 0046B783 . E8 475CF9FF CALL 004013CF
- 0046B788 . 57 PUSH EDI ; /pCriticalSection
- 0046B789 . 8BC8 MOV ECX,EAX ; |
- 0046B78B . FF15 14996800 CALL DWORD PTR DS:[689914] ; \LeaveCriticalSection
- 0046B791 . 85C9 TEST ECX,ECX
- 0046B793 74 0D JE SHORT 0046B7A2
- 0046B795 51 PUSH ECX
- 0046B796 E8 206BF9FF CALL 004022BB
- 0046B79B 59 POP ECX
- 0046B79C 53 PUSH EBX
- 0046B79D E8 DE6EF9FF CALL 00402680
- 0046B7A2 9D POPFD
- 0046B7A3 61 POPAD
- 0046B7A4 ^E9 8FA7FBFF JMP 00425F38
- 0046B7A9 8D85 DCFEFFFF LEA EAX,DWORD PTR SS:[EBP-124]
- 0046B7AF ^E9 0A9FFBFF JMP 004256BE
|
