private static void FindAttack2(ISmartMemory memUtils)
{
byte[] int1 = BitConverter.GetBytes(0xFFFFFFFD);
byte[] int2 = BitConverter.GetBytes(0x00002000);
byte[] pattern = new byte[]{
0x89, 0x15, 0x00, 0x00, 0x00, 0x00, //mov [client.dll+xxxx],edx
0x8B, 0x15, 0x00, 0x00, 0x00, 0x00, //mov edx, [client.dll+????]
0xF6, 0xC2, 0x03, //test dl, 03
0x74, 0x06, //je client.dll+????
0x81, 0xCE, int2[0], int2[1], int2[2], int2[3], //or esi,00002000
0xA9, int2[0], int2[1], int2[2], int2[3], //test al,00002000
0xBF, int1[0], int1[1], int1[2], int1[3] //mov edi,FFFFFFFD
};
scan = memUtils["client.dll"].Find(pattern);
if (scan.Success)
{
int tmp = memUtils.Read<int>((IntPtr)(scan.Address.ToInt32() + 2));
Offsets.Attack2 = (IntPtr)tmp - clientDllBase;
Logger.Info(
ObjectEx.GetName(() => Offsets.Attack2) + "\n" +
Offsets.Attack2.ToString("X8")
);
}
}