war3_jass注入 - 2

1. Game.dll的jass内部函数注册, 函数的特征: 558BEC56578BF98BF2B905000000E87DC286FF
2. GetRandomInt特征: 558BEC8B450C578B7D083BF87505
   爆率相关
3. JassCompile特征: 64A1000000005081ECE4000000535657
4. 游戏的随机数生成器效果其实很不好, GetRandomInt生成的数据分布不平衡, 修改:
   GetRandomCore 的特征: 558BEC83EC0C8BC15356578B5004

BOOL WINAPIV Hook_GetRandomCoreEnd(VOID *pUserParam, AsmHook::PUSHAD_DAT *pReg)
{
	CWar3		*pThis = (CWar3 *)(pUserParam);

#ifdef _WIN64
#else
	int			nResult, nPath;

	nResult = pThis->GetRandomCore_Path();
	nPath = pReg->Eax ^ nResult;
	pReg->Eax = nResult;
#endif

	return TRUE;
}

int		CWar3::GetRandomCore_Path()
{
	static	BOOL	s_Init = FALSE;
	DWORD		dwRandVal;

	if(s_Init == FALSE)
	{
		s_Init = TRUE;
		NSys::GetRandomSeed();
	}

	dwRandVal = NData::Random();
	return (int)dwRandVal;
}

5. ItemPoolAddItemType特征: 558BEC8B4D08E80564FEFF85C0740DFF7510
   爆率相关
6. 游戏聊天函数ChatMessage特征: 33C58945FC538B5D0C568BF1578B7D0883BEAC010000000F84E9000000
7. AddStringTable 特征: 558BEC8B55088B4908E8823562005DC20400
   Jass使用字符串RCString, 在语言中实际传递为一个index, 这个index就是AddStringTable的返回值

typedef union _Jfloat
{
	int		nValue;
	float	fVal;
}Jfloat;

typedef union _Jstr
{
	int		id;
}Jstr;

class RCString
{
public:
	class Data
	{
	public:
		int		m_00;
		int		m_04;
		int		m_08;
		int		m_0C;
		int		m_10;
		int		m_14;
		int		m_18;
		CHAR *	m_1C;
	};
public:
	int		m_00;
	int		m_04;
	Data	*m_08;
	int		m_0C;
	Data	m_data;
};
CHAR	*RCStringGetText(VOID *pStrObj)
{
	RCString	*pObjStr;

	pObjStr = (RCString *)pStrObj;
	if(pObjStr->m_08 == NULL)
		return NULL;

	return pObjStr->m_08->m_1C;

	BYTE	*pNext1, *pNext2, *pNext3;

	pNext1 = (BYTE *)pStrObj;
	pNext2 = *(BYTE **)(pNext1 + 0x08);
	if(pNext2 == NULL)
		return NULL;

	pNext3 = *(BYTE **)(pNext2 + 0x1C);
	return (CHAR *)pNext3;
}

BOOL	RCStringCreate(CHAR *pText, BYTE bzBuffer[], void **ppoText)
{
	RCString	*pObjStr;
	CHAR	*pUtf8;

	pObjStr = (RCString *)bzBuffer;
	memset(pObjStr, 0, sizeof(RCString));
	*ppoText = pObjStr;

	pUtf8 = (CHAR *)(bzBuffer + sizeof(RCString));
	NStr::CodePageConvert(CP_ACP, CP_UTF8, pText, pUtf8, 1024);

	pObjStr->m_08 = &pObjStr->m_data;
	pObjStr->m_08->m_1C = pUtf8;
	return TRUE;
}

8. RoomChat 特征: E82A1C03008D8DF0FEFFFF85C051
9. JassCompileError 特征: E8FB01F4FF8B4DFC83C41433CD5F5E
   这个非常好用, 地图无法打开时, 这里有详细的错误信息, 比JassShop要准确

本栏目推荐文章
• 国服 ios 机甲战队 战争机器人 war robotos 刷金币 3天100金币
• 机甲战队 战争机器人 war robotos 国服ios端游戏交流
• dockerfile实现tomcat以及java的war包自动部署
• SpringBoot：整合前端(Vue、React)代码合并SpringBoot项目中打成war包运行
• Maven War 插件详解
• 将 Spring Boot WAR 部署到 Tomcat 服务器
• Spring Boot学习随笔- 拦截器实现和配置（HandlerInterceptor、addInterceptors）、jar包部署和war包部署
• Error assembling WAR: webxml attribute is required
• 在Java中，JAR和WAR之间的区别
• Jenkins环境部署与应用（Tomcat+war包方式）

war3_jass jass war3 warwar3_jass war3_jass jass war3 war war3_jass命令 动作jass 函数war3_jass jass war3 common war3 jass war war3 jass war wars jar war