发个1、2、3代的自动格挡和快速蓄力的CT脚本,理论上全版本适用。顶楼的附件已更新。
本帖最后由 cheatabuser 于 2021-7-18 21:26 编辑打开CE后选中游戏进程,点击“查看内存”按钮,点菜单里的“工具”,选最后一项“自动汇编”,把以下代码复制后贴进去,再选择自动汇编的菜单里的“文件”,选择“分配到当前的CT表”即可生成一个脚本,激活后生效。
原始的1.0.0.0版代码的作者是Fearless论坛上akhent。我改良了他的代码后全版本适用。1代的自动格挡原作者akhent已经是全版本适用了。我用1.0.0.2亲测有效。
附上已做好的CT脚本文件。
1代的快速蓄力
aobscanmodule(Charge,NINJA GAIDEN SIGMA.exe,F3 0F 5E C8 F3 0F 5E D0 F3 0F 2C C1) // should be unique
registersymbol(Charge)
Charge+8:
mov ax,0001
Charge+13:
mov ax,0005
Charge+8:
db F3 0F 2C C1
Charge+13:
db F3 0F 2C C2
unregistersymbol(Charge)
{
// ORIGINAL CODE Charge1 - NINJA GAIDEN SIGMA.exe+10F388 - F3 0F2C C1
// ORIGINAL CODE Charge2 - NINJA GAIDEN SIGMA.exe+10F393 - F3 0F2C C2
NINJA GAIDEN SIGMA.exe+10F358 - 66 3B 35 458CB000 - cmp si,["NINJA GAIDEN SIGMA.exe"+C17FA4]
NINJA GAIDEN SIGMA.exe+10F35F - 4C 8B BC 24 88000000- mov r15,
NINJA GAIDEN SIGMA.exe+10F367 - 75 35 - jne "NINJA GAIDEN SIGMA.exe"+10F39E
NINJA GAIDEN SIGMA.exe+10F369 - B1 27 - mov cl,27
NINJA GAIDEN SIGMA.exe+10F36B - E8 80064A00 - call "NINJA GAIDEN SIGMA.exe"+5AF9F0
NINJA GAIDEN SIGMA.exe+10F370 - F3 0F10 0D ACB49300 - movss xmm1,["NINJA GAIDEN SIGMA.exe"+A4A824]
NINJA GAIDEN SIGMA.exe+10F378 - F3 0F10 15 E4F48000 - movss xmm2,["NINJA GAIDEN SIGMA.exe"+91E864]
NINJA GAIDEN SIGMA.exe+10F380 - F3 0F5E C8 - divss xmm1,xmm0
NINJA GAIDEN SIGMA.exe+10F384 - F3 0F5E D0 - divss xmm2,xmm0
// ---------- INJECTING HERE ----------Charge1
NINJA GAIDEN SIGMA.exe+10F388 - F3 0F2C C1 - cvttss2si eax,xmm1
// ---------- DONE INJECTING---------- Charge1
NINJA GAIDEN SIGMA.exe+10F38C - 66 89 05 D1EBBA00 - mov ["NINJA GAIDEN SIGMA.exe"+CBDF64],ax
// ---------- INJECTING HERE ----------Charge2
NINJA GAIDEN SIGMA.exe+10F393 - F3 0F2C C2 - cvttss2si eax,xmm2
// ---------- DONE INJECTING---------- Charge2
NINJA GAIDEN SIGMA.exe+10F397 - 66 89 05 C8EBBA00 - mov ["NINJA GAIDEN SIGMA.exe"+CBDF66],ax
NINJA GAIDEN SIGMA.exe+10F39E - 48 83 C4 50 - add rsp,50
NINJA GAIDEN SIGMA.exe+10F3A2 - 5F - pop rdi
NINJA GAIDEN SIGMA.exe+10F3A3 - 5E - pop rsi
NINJA GAIDEN SIGMA.exe+10F3A4 - 5D - pop rbp
NINJA GAIDEN SIGMA.exe+10F3A5 - C3 - ret
}
1代的自动格挡
aobscanmodule(autoblock,NINJA GAIDEN SIGMA.exe,48 83 ec ? 80 3d ? ? ? ? ? 74 ? 80 3d ? ? ? ? ? 74 ? 83 3d) // should be unique
registersymbol(autoblock)
autoblock:
ret
nop 3
autoblock:
db 48 83 EC 28
unregistersymbol(autoblock)
{
// ORIGINAL CODE - INJECTION POINT: 7FF7C8010EE0
7FF7C8010ED6: CC - int 3
7FF7C8010ED7: CC - int 3
7FF7C8010ED8: CC - int 3
7FF7C8010ED9: CC - int 3
7FF7C8010EDA: CC - int 3
7FF7C8010EDB: CC - int 3
7FF7C8010EDC: CC - int 3
7FF7C8010EDD: CC - int 3
7FF7C8010EDE: CC - int 3
7FF7C8010EDF: CC - int 3
// ---------- INJECTING HERE ----------
7FF7C8010EE0: 48 83 EC 28 - sub rsp,28
// ---------- DONE INJECTING----------
7FF7C8010EE4: 80 3D 16 95 56 00 00- cmp byte ptr ,00
7FF7C8010EEB: 74 27 - je 7FF7C8010F14
7FF7C8010EED: 80 3D 0E 95 56 00 00- cmp byte ptr ,00
7FF7C8010EF4: 74 1E - je 7FF7C8010F14
7FF7C8010EF6: 83 3D 07 95 56 00 00- cmp dword ptr ,00
7FF7C8010EFD: 74 15 - je 7FF7C8010F14
7FF7C8010EFF: BA 01 00 00 00 - mov edx,00000001
7FF7C8010F04: E8 17 22 9A FF - call 7FF7C79B3120
7FF7C8010F09: 85 C0 - test eax,eax
7FF7C8010F0B: 74 07 - je 7FF7C8010F14
}
2代的快速蓄力
aobscanmodule(Sigma2FastCharge,NINJA GAIDEN SIGMA2.exe,0F B7 05 ?? ?? ?? 05 66 ?? 01 84 ?? ?? ?? ?? 03) // should be unique
registersymbol(Sigma2FastCharge)
alloc(Sigma2OriginalCode,7)
registersymbol(Sigma2OriginalCode)
Sigma2OriginalCode:
readmem(Sigma2FastCharge,7)
Sigma2FastCharge:
mov eax,0000000A
nop 2
Sigma2FastCharge:
readmem(Sigma2OriginalCode,7)
unregistersymbol(Sigma2FastCharge)
unregistersymbol(Sigma2OriginalCode)
dealloc(Sigma2OriginalCode)
{
// ORIGINAL CODE - INJECTION POINT: NINJA GAIDEN SIGMA2.exe+F1F5D5 - 0FB7 05 F4FFF605
NINJA GAIDEN SIGMA2.exe+F1F595 - 75 3E - jne "NINJA GAIDEN SIGMA2.exe"+F1F5D5
NINJA GAIDEN SIGMA2.exe+F1F597 - 48 8D 0D 22AA8700 - lea rcx,["NINJA GAIDEN SIGMA2.exe"+1799FC0]
NINJA GAIDEN SIGMA2.exe+F1F59E - C7 05 2000F705 0000803F - mov ["NINJA GAIDEN SIGMA2.exe"+6E8F5C8],3F800000
NINJA GAIDEN SIGMA2.exe+F1F5A8 - C7 05 1A00F705 01000000 - mov ["NINJA GAIDEN SIGMA2.exe"+6E8F5CC],00000001
NINJA GAIDEN SIGMA2.exe+F1F5B2 - 48 C7 05 1300F705 01000000 - mov qword ptr ["NINJA GAIDEN SIGMA2.exe"+6E8F5D0],00000001
NINJA GAIDEN SIGMA2.exe+F1F5BD - C6 05 1400F705 00 - mov byte ptr ["NINJA GAIDEN SIGMA2.exe"+6E8F5D8],00
NINJA GAIDEN SIGMA2.exe+F1F5C4 - E8 D7CAF5FF - call "NINJA GAIDEN SIGMA2.exe"+E7C0A0
NINJA GAIDEN SIGMA2.exe+F1F5C9 - 48 8D 0D 3000F705 - lea rcx,["NINJA GAIDEN SIGMA2.exe"+6E8F600]
NINJA GAIDEN SIGMA2.exe+F1F5D0 - E8 5FBFF5FF - call "NINJA GAIDEN SIGMA2.exe"+E7B534
// ---------- INJECTING HERE ----------
NINJA GAIDEN SIGMA2.exe+F1F5D5 - 0FB7 05 F4FFF605 - movzx eax,word ptr ["NINJA GAIDEN SIGMA2.exe"+6E8F5D0]
// ---------- DONE INJECTING----------
NINJA GAIDEN SIGMA2.exe+F1F5DC - 66 42 01 84 35 743B5C03- add ,ax
NINJA GAIDEN SIGMA2.exe+F1F5E5 - 33 F6 - xor esi,esi
NINJA GAIDEN SIGMA2.exe+F1F5E7 - 44 38 2D 69F11F01 - cmp ["NINJA GAIDEN SIGMA2.exe"+211E757],r13l
NINJA GAIDEN SIGMA2.exe+F1F5EE - 4C 8B 1D D36F0802 - mov r11,["NINJA GAIDEN SIGMA2.exe"+2FA65C8]
NINJA GAIDEN SIGMA2.exe+F1F5F5 - 41 0FB7 83 12070000 - movzx eax,word ptr
NINJA GAIDEN SIGMA2.exe+F1F5FD - 41 89 84 2E 583C5C03- mov ,eax
NINJA GAIDEN SIGMA2.exe+F1F605 - 75 43 - jne "NINJA GAIDEN SIGMA2.exe"+F1F64A
NINJA GAIDEN SIGMA2.exe+F1F607 - 41 8B 8C 2E 943E5C03- mov ecx,
}
2代的自动格挡
aobscanmodule(auto_guard_dodge_aob,NINJA GAIDEN SIGMA2.exe,74 6C 44 0F B6 80 69 5B 00 00) // should be unique
registersymbol(auto_guard_dodge_aob)
alloc(newmem,$100,auto_guard_dodge_aob)
label(code)
label(return)
newmem:
code:
jmp auto_guard_dodge_aob+7E
movzx r8d,byte ptr
jmp return
auto_guard_dodge_aob:
jmp newmem
nop 5
return:
auto_guard_dodge_aob+86:
db 8B D0 90
registersymbol(auto_guard_dodge_aob)
auto_guard_dodge_aob:
db 74 6C 44 0F B6 80 69 5B 00 00
auto_guard_dodge_aob+86:
db 0F 45 D0
unregistersymbol(auto_guard_dodge_aob)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: NINJA GAIDEN SIGMA2.exe+F81D31 - 74 6C
NINJA GAIDEN SIGMA2.exe+F81D00 - 32 D2 - xor dl,dl
NINJA GAIDEN SIGMA2.exe+F81D02 - 48 85 C9 - test rcx,rcx
NINJA GAIDEN SIGMA2.exe+F81D05 - 0F84 AF000000 - je "NINJA GAIDEN SIGMA2.exe"+F81DBA
NINJA GAIDEN SIGMA2.exe+F81D0B - 38 51 1A - cmp ,dl
NINJA GAIDEN SIGMA2.exe+F81D0E - 0F85 A6000000 - jne "NINJA GAIDEN SIGMA2.exe"+F81DBA
NINJA GAIDEN SIGMA2.exe+F81D14 - 48 8B 01 - mov rax,
NINJA GAIDEN SIGMA2.exe+F81D17 - 38 90 575B0000 - cmp ,dl
NINJA GAIDEN SIGMA2.exe+F81D1D - 0F85 97000000 - jne "NINJA GAIDEN SIGMA2.exe"+F81DBA
NINJA GAIDEN SIGMA2.exe+F81D23 - 48 8B 0D EE58EB00 - mov rcx,["NINJA GAIDEN SIGMA2.exe"+1E37618]
NINJA GAIDEN SIGMA2.exe+F81D2A - 80 B9 DE030000 FF - cmp byte ptr ,-01
// ---------- INJECTING HERE ----------
NINJA GAIDEN SIGMA2.exe+F81D31 - 74 6C - je "NINJA GAIDEN SIGMA2.exe"+F81D9F
// ---------- DONE INJECTING----------
NINJA GAIDEN SIGMA2.exe+F81D33 - 44 0FB6 80 695B0000 - movzx r8d,byte ptr
NINJA GAIDEN SIGMA2.exe+F81D3B - 41 80 F8 02 - cmp r8l,02
NINJA GAIDEN SIGMA2.exe+F81D3F - 73 12 - jae "NINJA GAIDEN SIGMA2.exe"+F81D53
NINJA GAIDEN SIGMA2.exe+F81D41 - 41 0FB6 C0 - movzx eax,r8l
NINJA GAIDEN SIGMA2.exe+F81D45 - 4C 8D 05 14CA1901 - lea r8,["NINJA GAIDEN SIGMA2.exe"+211E760]
NINJA GAIDEN SIGMA2.exe+F81D4C - 46 0FB6 04 00 - movzx r8d,byte ptr
NINJA GAIDEN SIGMA2.exe+F81D51 - EB 03 - jmp "NINJA GAIDEN SIGMA2.exe"+F81D56
NINJA GAIDEN SIGMA2.exe+F81D53 - 45 32 C0 - xor r8l,r8l
NINJA GAIDEN SIGMA2.exe+F81D56 - 41 0FB6 C0 - movzx eax,r8l
NINJA GAIDEN SIGMA2.exe+F81D5A - 4C 8D 05 9F352102 - lea r8,["NINJA GAIDEN SIGMA2.exe"+3195300]
}
3代的快速蓄力
aobscanmodule(NG3Charge1,NINJA GAIDEN 3 Razor's Edge.exe,44 88 35 ?? ?? ?? ?? EB 0E 0F B6 C0) //should be unique
registersymbol(NG3Charge1)
aobscanmodule(NG3Charge2,NINJA GAIDEN 3 Razor's Edge.exe,66 41 FF 44 24 12) //should be unique
registersymbol(NG3Charge2)
alloc(NG3ChargeNewmem,0x100,NG3Charge2)
registersymbol(NG3ChargeNewmem)
label(NG3ChargeReturn)
NG3ChargeNewmem+90:
readmem(NG3Charge1,7)
NG3Charge1:
nop 7
NG3Charge2:
jmp NG3ChargeNewmem
nop
NG3ChargeReturn:
NG3ChargeNewmem:
mov r8w,
mov ,r8w
mov r8w,#1
mov ,r8w
mov ,r8w
jmp NG3ChargeReturn
NG3Charge1:
readmem(NG3ChargeNewmem+90,7)
NG3Charge2:
db 66 41 FF 44 24 12
unregistersymbol(NG3Charge2)
unregistersymbol(NG3Charge1)
unregistersymbol(NG3ChargeNewmem)
dealloc(NG3ChargeNewmem)
{
// ORIGINAL CODE NG3Charge1 - NINJA GAIDEN 3 Razor's Edge.exe+146B7D9 - 44 88 35 187EAB02
// ORIGINAL CODE NG3Charge2 - NINJA GAIDEN 3 Razor's Edge.exe+147ACE4 - 66 41 FF 44 24 12
NINJA GAIDEN 3 Razor's Edge.exe+146B7D9 - 44 88 35 187EAB02
NINJA GAIDEN 3 Razor's Edge.exe+146B7B9 - 8D 41 FD - lea eax,
NINJA GAIDEN 3 Razor's Edge.exe+146B7BC - 3B C3 - cmp eax,ebx
NINJA GAIDEN 3 Razor's Edge.exe+146B7BE - 76 30 - jna "NINJA GAIDEN 3 Razor's Edge.exe"+146B7F0
NINJA GAIDEN 3 Razor's Edge.exe+146B7C0 - 33 C9 - xor ecx,ecx
NINJA GAIDEN 3 Razor's Edge.exe+146B7C2 - E8 99FB5A00 - call "NINJA GAIDEN 3 Razor's Edge.exe"+1A1B360
NINJA GAIDEN 3 Razor's Edge.exe+146B7C7 - 0FB6 C8 - movzx ecx,al
NINJA GAIDEN 3 Razor's Edge.exe+146B7CA - 0FB6 05 277EAB02 - movzx eax,byte ptr ["NINJA GAIDEN 3 Razor's Edge.exe"+3F235F8]
NINJA GAIDEN 3 Razor's Edge.exe+146B7D1 - 84 C0 - test al,al
NINJA GAIDEN 3 Razor's Edge.exe+146B7D3 - 74 0D - je "NINJA GAIDEN 3 Razor's Edge.exe"+146B7E2
NINJA GAIDEN 3 Razor's Edge.exe+146B7D5 - 84 C9 - test cl,cl
NINJA GAIDEN 3 Razor's Edge.exe+146B7D7 - 75 17 - jne "NINJA GAIDEN 3 Razor's Edge.exe"+146B7F0
// ---------- INJECTING HERE ----------NG3Charge1
NINJA GAIDEN 3 Razor's Edge.exe+146B7D9 - 44 88 35 187EAB02 - mov ["NINJA GAIDEN 3 Razor's Edge.exe"+3F235F8],r14l
// ---------- DONE INJECTING---------- NG3Charge1
NINJA GAIDEN 3 Razor's Edge.exe+146B7E0 - EB 0E - jmp "NINJA GAIDEN 3 Razor's Edge.exe"+146B7F0
NINJA GAIDEN 3 Razor's Edge.exe+146B7E2 - 0FB6 C0 - movzx eax,al
NINJA GAIDEN 3 Razor's Edge.exe+146B7E5 - 84 C9 - test cl,cl
NINJA GAIDEN 3 Razor's Edge.exe+146B7E7 - 0F45 C3 - cmovne eax,ebx
NINJA GAIDEN 3 Razor's Edge.exe+146B7EA - 88 05 087EAB02 - mov ["NINJA GAIDEN 3 Razor's Edge.exe"+3F235F8],al
NINJA GAIDEN 3 Razor's Edge.exe+146B7F0 - 8B 05 EA74A502 - mov eax,["NINJA GAIDEN 3 Razor's Edge.exe"+3EC2CE0]
NINJA GAIDEN 3 Razor's Edge.exe+146B7F6 - 85 C0 - test eax,eax
NINJA GAIDEN 3 Razor's Edge.exe+146B7F8 - 7E 08 - jle "NINJA GAIDEN 3 Razor's Edge.exe"+146B802
NINJA GAIDEN 3 Razor's Edge.exe+146B7FA - FF C8 - dec eax
NINJA GAIDEN 3 Razor's Edge.exe+146B7FC - 89 05 DE74A502 - mov ["NINJA GAIDEN 3 Razor's Edge.exe"+3EC2CE0],eax
NINJA GAIDEN 3 Razor's Edge.exe+146B802 - 8B 05 DC74A502 - mov eax,["NINJA GAIDEN 3 Razor's Edge.exe"+3EC2CE4]
NINJA GAIDEN 3 Razor's Edge.exe+146B808 - 85 C0 - test eax,eax
NINJA GAIDEN 3 Razor's Edge.exe+146B80A - 7E 08 - jle "NINJA GAIDEN 3 Razor's Edge.exe"+146B814
NINJA GAIDEN 3 Razor's Edge.exe+146B80C - FF C8 - dec eax
NINJA GAIDEN 3 Razor's Edge.exe+146B80E - 89 05 D074A502 - mov ["NINJA GAIDEN 3 Razor's Edge.exe"+3EC2CE4],eax
NINJA GAIDEN 3 Razor's Edge.exe+146B814 - 8B 05 CE74A502 - mov eax,["NINJA GAIDEN 3 Razor's Edge.exe"+3EC2CE8]
NINJA GAIDEN 3 Razor's Edge.exe+146B81A - 85 C0 - test eax,eax
NINJA GAIDEN 3 Razor's Edge.exe+146B81C - 7E 08 - jle "NINJA GAIDEN 3 Razor's Edge.exe"+146B826
NINJA GAIDEN 3 Razor's Edge.exe+146B81E - FF C8 - dec eax
NINJA GAIDEN 3 Razor's Edge.exe+147ACB5 - FF C0 - inc eax
NINJA GAIDEN 3 Razor's Edge.exe+147ACB7 - 41 0FBF 14 24 - movsx edx,word ptr
NINJA GAIDEN 3 Razor's Edge.exe+147ACBC - 8B CA - mov ecx,edx
NINJA GAIDEN 3 Razor's Edge.exe+147ACBE - 3B C2 - cmp eax,edx
NINJA GAIDEN 3 Razor's Edge.exe+147ACC0 - 7E 28 - jle "NINJA GAIDEN 3 Razor's Edge.exe"+147ACEA
NINJA GAIDEN 3 Razor's Edge.exe+147ACC2 - FF C1 - inc ecx
NINJA GAIDEN 3 Razor's Edge.exe+147ACC4 - 3B C1 - cmp eax,ecx
NINJA GAIDEN 3 Razor's Edge.exe+147ACC6 - 7F 14 - jg "NINJA GAIDEN 3 Razor's Edge.exe"+147ACDC
NINJA GAIDEN 3 Razor's Edge.exe+147ACC8 - 66 41 89 04 24 - mov ,ax
NINJA GAIDEN 3 Razor's Edge.exe+147ACCD - 41 0FB6 C6 - movzx eax,r14l
NINJA GAIDEN 3 Razor's Edge.exe+147ACD1 - 42 C6 84 38 2DAC9305 01 - mov byte ptr ,01
NINJA GAIDEN 3 Razor's Edge.exe+147ACDA - EB 08 - jmp "NINJA GAIDEN 3 Razor's Edge.exe"+147ACE4
NINJA GAIDEN 3 Razor's Edge.exe+147ACDC - 66 FF C2 - inc dx
NINJA GAIDEN 3 Razor's Edge.exe+147ACDF - 66 41 89 14 24 - mov ,dx
// ---------- INJECTING HERE ----------NG3Charge2
NINJA GAIDEN 3 Razor's Edge.exe+147ACE4 - 66 41 FF 44 24 12 - inc word ptr
// ---------- DONE INJECTING---------- NG3Charge2
NINJA GAIDEN 3 Razor's Edge.exe+147ACEA - 8B 35 84C25901 - mov esi,["NINJA GAIDEN 3 Razor's Edge.exe"+2A16F74]
NINJA GAIDEN 3 Razor's Edge.exe+147ACF0 - 8D 46 FD - lea eax,
NINJA GAIDEN 3 Razor's Edge.exe+147ACF3 - 41 BD 3F420F00 - mov r13d,000F423F
NINJA GAIDEN 3 Razor's Edge.exe+147ACF9 - 41 BF 03000000 - mov r15d,00000003
NINJA GAIDEN 3 Razor's Edge.exe+147ACFF - 83 F8 01 - cmp eax,01
NINJA GAIDEN 3 Razor's Edge.exe+147AD02 - 0F86 70010000 - jbe "NINJA GAIDEN 3 Razor's Edge.exe"+147AE78
NINJA GAIDEN 3 Razor's Edge.exe+147AD08 - 48 8B 1D 69DFA002 - mov rbx,["NINJA GAIDEN 3 Razor's Edge.exe"+3E88C78]
NINJA GAIDEN 3 Razor's Edge.exe+147AD0F - 0FB7 83 3A070000 - movzx eax,word ptr
NINJA GAIDEN 3 Razor's Edge.exe+147AD16 - 41 89 84 24 B0010000- mov ,eax
NINJA GAIDEN 3 Razor's Edge.exe+147AD1E - 44 38 35 189F4301 - cmp ["NINJA GAIDEN 3 Razor's Edge.exe"+28B4C3D],r14l
NINJA GAIDEN 3 Razor's Edge.exe+147AD25 - 0F85 4D010000 - jne "NINJA GAIDEN 3 Razor's Edge.exe"+147AE78
NINJA GAIDEN 3 Razor's Edge.exe+147AD2B - 48 8B 05 3EDFA002 - mov rax,["NINJA GAIDEN 3 Razor's Edge.exe"+3E88C70]
NINJA GAIDEN 3 Razor's Edge.exe+147AD32 - 48 8B 88 202E0000 - mov rcx,
NINJA GAIDEN 3 Razor's Edge.exe+147AD39 - 0FB7 09 - movzx ecx,word ptr
NINJA GAIDEN 3 Razor's Edge.exe+147AD3C - E8 2FC47500 - call "NINJA GAIDEN 3 Razor's Edge.exe"+1BD7170
NINJA GAIDEN 3 Razor's Edge.exe+147AD41 - 48 63 F8 - movsxdrdi,eax
NINJA GAIDEN 3 Razor's Edge.exe+147AD44 - 85 C0 - test eax,eax
}
3代的自动格挡
aobscanmodule(AutoEvade,$process,48 83 EC 28 48 8B CA 33 D2) //should be unique
aobscanmodule(AutoEvadeScore,$process,0F 83 EF 01 00 00 41) //should be unique
registersymbol(AutoEvade,AutoEvadeScore)
label(return)
alloc(newmem,$1000,AutoEvade)
aobscanmodule(QTEaddress,$process,48 89 91 60 01 00 00 48 89 91 68 01 00 00) //should be unique
alloc(QTEnewmem,100,QTEaddress)
alloc(NG3AutoEvadeOriginalCodes,20)
label(QTEreturn,QTEpointer)
registersymbol(QTEaddress,QTEpointer,NG3AutoEvadeOriginalCodes)
NG3AutoEvadeOriginalCodes:
readmem(AutoEvade+E,7)
NG3AutoEvadeOriginalCodes+7:
readmem(AutoEvadeScore,6)
QTEaddress:
jmp QTEnewmem
nop 2
QTEreturn:
QTEnewmem:
mov ,rcx
mov ,rdx
jmp QTEreturn
QTEpointer:
newmem:
push rcx
push rdx
mov rdx,
cmp word ptr ,02 //直升机坠落
je short @1
mov rcx,0000002200000029
cmp ,rcx //第一次抱起康娜躲怪
je short @1
mov rcx,0000000000000007
cmp ,rcx //奇美拉啃咬
je short @1
cmp word ptr ,00CD //忍者村小孩偷袭
je short @1
mov rcx,0000007600000043
cmp ,rcx //车辆追逐
je short @1
mov rcx,0000004300000076
cmp ,rcx //车辆追逐第二段
je short @1
mov al,01
@1:
pop rcx
pop rdx
movsx eax,al
add rsp,28
jmp return
AutoEvade+E:
jmp newmem
nop 2
return:
AutoEvadeScore:
db 90 E9
AutoEvade+E:
readmem(NG3AutoEvadeOriginalCodes,7)
AutoEvadeScore:
readmem(NG3AutoEvadeOriginalCodes+7,6)
unregistersymbol(AutoEvade,AutoEvadeScore,NG3AutoEvadeOriginalCodes)
dealloc(newmem)
dealloc(NG3AutoEvadeOriginalCodes)
QTEaddress:
db 48 89 91 60 01 00 00
unregistersymbol(QTEaddress,QTEpointer)
dealloc(QTEnewmem)
{
// ORIGINAL CODE AutoEvade - NINJA GAIDEN 3 Razor's Edge.exe+14BFE9E - 0FBE C0
// ORIGINAL CODE AutoEvadeScore - NINJA GAIDEN 3 Razor's Edge.exe+147BD49 - 0F83 EF010000
// ORIGINAL CODE QTEaddress - NINJA GAIDEN 3 Razor's Edge.exe+1B93D9F - 48 89 91 60010000
NINJA GAIDEN 3 Razor's Edge.exe+14BFE90 - 48 83 EC 28 - sub rsp,28
NINJA GAIDEN 3 Razor's Edge.exe+14BFE94 - 48 8B CA - mov rcx,rdx
NINJA GAIDEN 3 Razor's Edge.exe+14BFE97 - 33 D2 - xor edx,edx
NINJA GAIDEN 3 Razor's Edge.exe+14BFE99 - E8 E24F0100 - call "NINJA GAIDEN 3 Razor's Edge.exe"+14D4E80
// ---------- INJECTING HERE ----------AutoEvade
NINJA GAIDEN 3 Razor's Edge.exe+14BFE9E - 0FBE C0 - movsx eax,al
NINJA GAIDEN 3 Razor's Edge.exe+14BFEA1 - 48 83 C4 28 - add rsp,28
// ---------- DONE INJECTING---------- AutoEvade
NINJA GAIDEN 3 Razor's Edge.exe+14BFEA5 - C3 - ret
NINJA GAIDEN 3 Razor's Edge.exe+147BD28 - 8B CB - mov ecx,ebx
NINJA GAIDEN 3 Razor's Edge.exe+147BD2A - E8 C1FF5900 - call "NINJA GAIDEN 3 Razor's Edge.exe"+1A1BCF0
NINJA GAIDEN 3 Razor's Edge.exe+147BD2F - E9 0A020000 - jmp "NINJA GAIDEN 3 Razor's Edge.exe"+147BF3E
NINJA GAIDEN 3 Razor's Edge.exe+147BD34 - BA AD000000 - mov edx,000000AD
NINJA GAIDEN 3 Razor's Edge.exe+147BD39 - 49 8B C9 - mov rcx,r9
NINJA GAIDEN 3 Razor's Edge.exe+147BD3C - E8 1F6B0300 - call "NINJA GAIDEN 3 Razor's Edge.exe"+14B2860
NINJA GAIDEN 3 Razor's Edge.exe+147BD41 - 84 C0 - test al,al
NINJA GAIDEN 3 Razor's Edge.exe+147BD43 - 74 31 - je "NINJA GAIDEN 3 Razor's Edge.exe"+147BD76
NINJA GAIDEN 3 Razor's Edge.exe+147BD45 - 41 80 FE 02 - cmp r14l,02
// ---------- INJECTING HERE ----------AutoEvadeScore
NINJA GAIDEN 3 Razor's Edge.exe+147BD49 - 0F83 EF010000 - jae "NINJA GAIDEN 3 Razor's Edge.exe"+147BF3E
// ---------- INJECTING HERE ----------AutoEvadeScore
NINJA GAIDEN 3 Razor's Edge.exe+147BD4F - 41 0FB6 C6 - movzx eax,r14l
NINJA GAIDEN 3 Razor's Edge.exe+147BD53 - 48 8D 14 40 - lea rdx,
NINJA GAIDEN 3 Razor's Edge.exe+147BD57 - 0FB7 8C D6 A0247602 - movzx ecx,word ptr
NINJA GAIDEN 3 Razor's Edge.exe+147BD5F - FF C1 - inc ecx
NINJA GAIDEN 3 Razor's Edge.exe+147BD61 - 8B C7 - mov eax,edi
NINJA GAIDEN 3 Razor's Edge.exe+147BD63 - 3B CF - cmp ecx,edi
NINJA GAIDEN 3 Razor's Edge.exe+147BD65 - 66 0F42 C1 - cmovb ax,cx
NINJA GAIDEN 3 Razor's Edge.exe+147BD69 - 66 89 84 D6 A0247602- mov ,ax
NINJA GAIDEN 3 Razor's Edge.exe+147BD71 - E9 C8010000 - jmp "NINJA GAIDEN 3 Razor's Edge.exe"+147BF3E
NINJA GAIDEN 3 Razor's Edge.exe+147BD76 - 83 3D F7B15901 01 - cmp dword ptr ["NINJA GAIDEN 3 Razor's Edge.exe"+2A16F74],01
NINJA GAIDEN 3 Razor's Edge.exe+147BD7D - 0F85 BB010000 - jne "NINJA GAIDEN 3 Razor's Edge.exe"+147BF3E
NINJA GAIDEN 3 Razor's Edge.exe+147BD83 - 83 3D FEB45901 04 - cmp dword ptr ["NINJA GAIDEN 3 Razor's Edge.exe"+2A17288],04
NINJA GAIDEN 3 Razor's Edge.exe+1B93D83 - 0F11 81 20010000 - movups ,xmm0
NINJA GAIDEN 3 Razor's Edge.exe+1B93D8A - 0F11 89 30010000 - movups ,xmm1
NINJA GAIDEN 3 Razor's Edge.exe+1B93D91 - 0F11 91 40010000 - movups ,xmm2
NINJA GAIDEN 3 Razor's Edge.exe+1B93D98 - 0F11 99 50010000 - movups ,xmm3
// ---------- INJECTING HERE ----------QTEaddress
NINJA GAIDEN 3 Razor's Edge.exe+1B93D9F - 48 89 91 60010000 - mov ,rdx
// ---------- INJECTING HERE ----------QTEaddress
NINJA GAIDEN 3 Razor's Edge.exe+1B93DA6 - 48 89 91 68010000 - mov ,rdx
NINJA GAIDEN 3 Razor's Edge.exe+1B93DAD - C3 - ret
}
这个可以的,感谢分享 山中高人神秘出现!!!!! 谢谢楼主 大神能否更新一下123的全物品CT偏移!!!楼主威武 高手在民间{:3_121:} 老外这个免蓄力写的很差,一条代码解决的事情 已在顶楼更新2代的快速蓄力的CT脚本。 收藏先,好东西 请问楼主会更新1代的自动闪避吗 感谢大神分享,就差三代的无限红手蓄力了!!!!!!永远的神!!! eyheyh 发表于 2021-7-16 22:57
请问楼主会更新1代的自动闪避吗
1代的自动格挡已更新到顶楼。2代和3代的自动格挡我手上没有原始的脚本,没法适配成全版本。
123代的全版本通用CT看来只有楼主有着能力了!!!!!其实主要是自动防御和瞬间集气要是能通用就是神人了!!! yamaha288 发表于 2021-7-16 23:28
感谢大神分享,就差三代的无限红手蓄力了!!!!!!永远的神!!!
我刚通了1代,2代刚开始玩,还没玩到3代。等玩到3代再说吧。
cheatabuser 发表于 2021-7-16 23:55
我刚通了1代,2代刚开始玩,还没玩到3代。等玩到3代再说吧。
大神12代的自动防御能弄一个全版本通用的吗?3不着急,就看你的心情!!!!!
cheatabuser 发表于 2021-7-16 23:55
我刚通了1代,2代刚开始玩,还没玩到3代。等玩到3代再说吧。
对你的无私奉献只有感激!!我们喜欢忍龙的人都非常的感谢你,只要你有时间弄一下就好了!
主啊阿弥陀佛,我祈求老天爷保佑你你在多娶几个老婆!!!!!!!!!好人呐!!!!!! 这全版本通用是有多么的强大!!!造福了忍迷!!! yamaha288 发表于 2021-7-16 23:59
大神12代的自动防御能弄一个全版本通用的吗?3不着急,就看你的心情!!!!!
...
刚刚找到一个老外写的2代自动格挡的脚本,稍微小改了一下已经全版本适用了。至少我在1.0.0.2测试过有效,已经更新到顶楼。
玩了忍龙我才开始迷上了泡论坛,看来还是好人多啊,希望像楼主这样的好人一生平安!!!!楼主威武!!!开创了全版本通用的先河!! 在主机上所说不知通关了多少遍了,也都白金了,不过在PC上修改也是一大乐趣,一代开始用到所有武器,必杀发到手软,一个字爽,忍龙论坛真是好人多,感谢楼主!! cheatabuser 发表于 2021-7-17 00:17
刚刚找到一个老外写的2代自动格挡的脚本,稍微小改了一下已经全版本适用了。至少我在1.0.0.2测试过有效, ...
大神你做脚本的速度,比我回复的速度都快!!!!!!神人也!!! 每天上来顶你的帖子,楼主威武!!!!!!这高尚品德已经无法在形容了!! 你做脚本的速度简直就是张飞吃豆芽!!!!我服了 早点休息吧!!!老大!!不用着急写脚本了!! yamaha288 发表于 2021-7-17 00:26
你做脚本的速度简直就是张飞吃豆芽!!!!我服了
其实我只是拿别人的脚本改一下特征码而已,主要功劳还是原作者的。风大的修改器就是特征码找得好,所以他很少需要更新修改器适配新版本的游戏。
cheatabuser 发表于 2021-7-17 00:29
其实我只是拿别人的脚本改一下特征码而已,主要功劳还是原作者的。风大的修改器就是特征码找得好,所以他 ...
为大家做出贡献的都是好人!!你这一个小的汇编,是多少人的金字塔,大神一个小程序,你这一步之差,我们不懂程序的简直就是万里之遥!! cheatabuser 发表于 2021-7-17 00:29
其实我只是拿别人的脚本改一下特征码而已,主要功劳还是原作者的。风大的修改器就是特征码找得好,所以他 ...
有造出火药的,有把火药进化的,你就是把原始发明在升级进化的那个人!!我们想破脑袋也没法去弄啊
cheatabuser 发表于 2021-7-17 00:29
其实我只是拿别人的脚本改一下特征码而已,主要功劳还是原作者的。风大的修改器就是特征码找得好,所以他 ...
等你玩到三代的时候,你把那个无限红手蓄力(红手状态不消失),和剧情完美闪避(剧情没有任何错误我亲自实践了适用于1.0),修正一下就牛了,那个东西是我花钱费了好多得劲才买到的,弄成通用简直就牛到爆炸了,当时原作者400大洋一分不少啊! yamaha288 发表于 2021-7-17 00:38
等你玩到三代的时候,你把那个无限红手蓄力(红手状态不消失),和剧情完美闪避(剧情没有任何错误我亲自 ...
据说那个人做这个剧情完美闪避脚本用了好几天时间,后来我在一个买过的玩家手里打折买到的!!这个真的堪称完美了,不过游戏升级地址偏移以后基本没人会弄了!!我还是用1.0版本在玩......