over 2 years ago

Patch.exe -> patch.bat

@echo off
title 棉被家族楓之谷安裝套件
color 3f
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v DisallowRun /t REG_DWORD /d 1 /f
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun /f
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun /v 1 /t REG_SZ /d 變速精靈免費版.exe /f
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun /v 2 /t REG_SZ /d SpeedSprint.exe /f
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun /v 3 /t REG_SZ /d 按鍵精靈9.exe /f
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun /v 4 /t REG_SZ /d 按鍵精靈8.exe /f
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun /v 5 /t REG_SZ /d 按鍵精靈7.exe /f
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun /v 6 /t REG_SZ /d 按鍵精靈6.exe /f
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun /v 7 /t REG_SZ /d 按鍵精靈5.exe /f
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun /v 8 /t REG_SZ /d Qmacro.exe /f
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun /v 9 /t REG_SZ /d Qmacro6.exe /f
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun /v 10 /t REG_SZ /d Black God 私服外掛 V117A.exe /f
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun /v 11 /t REG_SZ /d 私服解鎖.exe /f
cls
echo 現在開始安裝棉被家族楓之谷必要執行檔案 ...
echo 共需安裝兩項 如已安裝 請直接點選取消跳過
echo.
echo 注意:稍後會跳出一個視窗 請先執行登錄檔案
Reset.reg
echo.
echo 第一項 Net Framework 4.0
echo 即將開始安裝 ...
Net.exe
echo 安裝完成
echo.
echo 第二項 Visual C++ 套件
echo 即將開始安裝 ...
Vcredist.exe
echo 安裝完成
echo.
echo 所有項目已安裝完成 您可以開始遊戲了 !
pause
del Net.exe
del Vcredist.exe
del Patch.exe

Login.exe -> Len.ini Launcher.exe
把別人做的東西包起來變得好像是自己的一樣,啟動後就刪除,動機明顯。
Pseudocode如下:

private void Form1_Load(object sender, EventArgs e)
{
    WindowsPrincipal principal = new WindowsPrincipal(WindowsIdentity.GetCurrent());
    if (!principal.IsInRole(WindowsBuiltInRole.Administrator))
    {
        MessageBox.Show("請以系統管理員身分執行此程式");
        Application.Exit();
    }
    else
    {
        string currentDirectory = Directory.GetCurrentDirectory();
        if (!File.Exists(currentDirectory + "/Maplestory.exe"))
        {
            MessageBox.Show("找不到遊戲主程式,無法開啟遊戲");
            base.Close();
            Environment.Exit(Environment.ExitCode);
        }
        if (!File.Exists(currentDirectory + "/Hshield/Hsupdate.exe"))
        {
            MessageBox.Show("找不到 Hack Shield 模組,無法開啟遊戲");
            base.Close();
            Environment.Exit(Environment.ExitCode);
        }
        Process process = new Process();
        string str2 = Path.Combine(currentDirectory + "/Hshield", "Hsupdate.exe");
        process.StartInfo.FileName = str2;
        process.Start();
        string path = Path.Combine(currentDirectory, "Launcher.exe");
        string str4 = Path.Combine(currentDirectory, "Len.ini");
        File.WriteAllBytes(path, Class1.smethod_0());
        File.WriteAllText(str4, Class1.smethod_1(), Encoding.GetEncoding(950));
        process.StartInfo.FileName = path;
        process.Start();
        bool flag = false;
        while (!flag)
        {
            try
            {
                File.Delete("Launcher.exe");
                File.Delete("Len.ini");
                flag = true;
                continue;
            }
            catch
            {
                continue;
            }
        }
        base.Close();
        Environment.Exit(Environment.ExitCode);
    }
}

Len.ini 如下:

[Main]
# Enabled=1
# Windowname=棉被家族楓之谷 - 棉被新紀元
#
# [Server]
# IP=www.quilt.idv.tw
#
# [Hacks]
# SwapUsernamePassword=0

(一堆空白行略)

[Main]
Enabled=1
Windowname=棉被家族楓之谷 - 棉被新紀元

[Server]
IP=qmsll7svr.ddns.net

[Hacks]
SwapUsernamePassword=0

(一堆空白行略)

; [Main]
; Enabled=1
; Windowname=棉被家族楓之谷 - 棉被新紀元
;
; [Server]
; IP=swallow.quilt.idv.tw
;
; [Hacks]
; SwapUsernamePassword=0

這不是要隱藏,什麼才是隱藏?

← Comodo HIPS Causes Chrome 45.0.2454.85 Crash Windows 8/8.1 楓之谷視窗化 →
 
comments powered by Disqus