快一年没更新了不拉闸一波?
比Hooksysenter稳定 弄个简单的双卡啥还是可以的
ULONG32 VMEntry_OpenThread = 0x01A0EAB7;
NAKED NgsNtOpenThread()
{
VMPBegin("NgsNtOpenThread");
__asm
{
test eax, eax;
jne Ngs_OpenThreadEnd;
pushad;
mov eax, dword ptr[ebp + 0x10];//Client->UniqueThread
cmp eax, GameThreadId;
jne Lable_ThreadID;
mov eax, dword ptr[ebp - 0x08];
push eax;
call CloseHandle;
mov dword ptr[ebp - 0x08], 0x0;//清零
mov dword ptr[ebp + 0x10], 0x0;//清零
popad;
mov eax, 0xC0000022;//返回STATUS_ACCESS_DENIED
jmp dword ptr[VMEntry_OpenThread];
Lable_ThreadID:;
popad;
Ngs_OpenThreadEnd:;
jmp dword ptr[VMEntry_OpenThread];
}
VMPEnd();
}
