Im looking for OpCodes in Perfect World MS Version to get the Code working.
How to get them or any have the right ones ?
How to get them or any have the right ones ?
PHP Code:
Func AutoRun($x, $y, $z)
;-------------------------------------
Local $result, $process, $code_add, $thread, $param_add
Local $Param = DllStructCreate("float [3]")
DllStructSetData($Param, 1, $x, 1)
DllStructSetData($Param, 1, $z, 2)
DllStructSetData($Param, 1, $y, 3)
$result = DllCall("Kernel32.Dll", "int", "OpenProcess", "int", 0x1F0FFF , "int", 0, "int", $pid)
$process = $result[0]
$result = DllCall("Kernel32.dll", "ptr", "VirtualAllocEx", "int", $process, "ptr", 0, "int",
DllStructGetSize($Param), "int", 0x1000, "int", 0x40)
$param_add = $result[0]
$result = DllCall ("kernel32.dll", "int", "WriteProcessMemory", "int", $process, "ptr", $param_add, "ptr",
DllStructGetPtr($Param), "int", DllStructGetSize($Param),"int", 0)
; ----------- kiem tra fly --------------------
Local $fly = 0
Local $a = _MemoryRead(0x0092C2F4, $MEMID)
$a = _MemoryRead($a + 0x1C, $MEMID)
$a = _MemoryRead($a + 0x20, $MEMID)
$a = _MemoryRead($a + 0x5EC, $MEMID)
If $a = 2 or $a = 1 Then; ( fly or swim)
$fly = 1
EndIf
;------------ code RUN --------------------
$OPcode = ""
pushad()
mov_edx(0x0092C2F4)
mov_ecx_dword_ptr_edx()
mov_edx_dword_ptr_ecx_add(0x1C)
$OPcode &= "8B7220"
mov_ecx_dword_ptr_esi_add(0xBCC)
mov_eax_dword_ptr_esi_add(0x5EC)
push(1)
mov_edx(0x45DD10)
call_edx()
mov_edi_eax()
push($param_add)
push($fly)
mov_ecx_edi()
mov_edx(0x461790)
call_edx()
push(0)
push(1)
push_edi()
push(1)
mov_ecx_dword_ptr_esi_add(0xBCC)
mov_edx(0x45E110)
call_edx()
popad()
ret()
;--------------------------------
Local $data = DllStructCreate("byte[" & StringLen($OPcode) / 2 & "]")
For $i = 1 To DllStructGetSize($data)
DllStructSetData($data, 1, Dec(StringMid($OPcode, ($i-1) * 2 + 1, 2)), $i)
Next
$result = DllCall("Kernel32.dll", "ptr", "VirtualAllocEx", "int", $process, "ptr", 0, "int",
DllStructGetSize($data), "int", 0x1000, "int", 0x40)
$code_add = $result[0]
$result = DllCall ("kernel32.dll", "int", "WriteProcessMemory", "int", $process, "ptr", $code_add, "ptr",
DllStructGetPtr($data), "int", DllStructGetSize($data),"int", 0)
$result = DllCall("kernel32.dll", "int", "CreateRemoteThread", "int", $process, "ptr", 0, "int", 0, "int",
$code_add, "ptr", $param_add, "int", 0, "int", 0)
$thread = $result[0]
Do
$result = DllCall("kernel32.dll", "int", "WaitForSingleObject", "int", $thread, "int", 50)
Until $result[0] <> 0x102
DllCall("Kernel32.dll", "int", "CloseHandle", "int", $thread)
$result = DllCall("Kernel32.dll", "ptr", "VirtualFreeEx", "hwnd", $process, "ptr", DllStructGetPtr($data), "int",
DllStructGetSize($data), "int", 0x8000)
$result = DllCall("Kernel32.dll", "ptr", "VirtualFreeEx", "hwnd", $process, "ptr", DllStructGetPtr($Param), "int",
DllStructGetSize($Param), "int", 0x8000)
DllCall("Kernel32.dll", "int", "CloseHandle", "int", $process)
EndFunc