fix: 修复解锁 120fps 和网络加密 patch

- 120fps: 改用 MOV EAX,60→120 的 pattern，不再依赖 DipSw 分支
- 网络加密: 恢复 known_offsets（aob_scan 无法搜索 .rdata 段字符串）
- TLS: 保留 WinHttpOpenRequest IAT hook

Author: Applesaber

src/patches/network.rs

@@ -1,7 +1,7 @@
 use crate::config::Config;
+use crate::patch_engine::{apply_patch, PatchDef};
 use crate::util::api::Api;
 use crate::util::iat_hook::hook_iat;
-use crate::util::pattern;
 use std::ffi::c_void;
 use std::sync::atomic::{AtomicUsize, Ordering};
 
@@ -18,103 +18,35 @@ type WinHttpOpenRequestFn = unsafe extern "system" fn(
 static ORIG_OPEN_REQUEST: AtomicUsize = AtomicUsize::new(0);
 
 pub fn apply(api: &Api, config: &Config) {
-    apply_disable_encryption(api, config);
+    apply_patch(
+        api,
+        config,
+        &PatchDef {
+            name: "关闭网络加密 1",
+            section: "DisableEncryption",
+            pattern: None,
+            pattern_offset: 0,
+            known_offsets: &[0x17D200C],
+            expected: &[0xF5],
+            patch: &[0x00],
+        },
+    );
+    apply_patch(
+        api,
+        config,
+        &PatchDef {
+            name: "关闭网络加密 2",
+            section: "DisableEncryption",
+            pattern: None,
+            pattern_offset: 0,
+            known_offsets: &[0x17D2010],
+            expected: &[0xF5],
+            patch: &[0x00],
+        },
+    );
     apply_disable_tls(api, config);
 }
 
-fn apply_disable_encryption(api: &Api, config: &Config) {
-    if !config.is_enabled("DisableEncryption") {
-        return;
-    }
-
-    let found = pattern::scan_bytes(api, b"cannot encrypt.\0");
-    if found == 0 {
-        api.log_warn("关闭网络加密: 未找到加密标识字符串");
-        return;
-    }
-
-    let addr_bytes = (found as u32).to_le_bytes();
-    // 68 [addr] = PUSH <string_addr>
-    let mut push_sig = [0u8; 5];
-    push_sig[0] = 0x68;
-    push_sig[1..5].copy_from_slice(&addr_bytes);
-
-    let text_base = api.text_base();
-    let text_size = api.text_size();
-    let mut search_start = text_base;
-    let mut patched = 0u32;
-
-    loop {
-        let remaining = text_size.saturating_sub((search_start - text_base) as u32);
-        if remaining < 5 {
-            break;
-        }
-
-        let push_site = api.aob_scan(search_start, remaining, &push_sig, "xxxxx");
-        if push_site == 0 {
-            break;
-        }
-
-        if let Some(func_start) = find_function_start(api, push_site, text_base) {
-            if patch_encrypt_flag_in_function(api, func_start, push_site) {
-                patched += 1;
-            }
-        }
-
-        search_start = push_site + 5;
-    }
-
-    if patched > 0 {
-        api.log_info(&format!("补丁已应用: 关闭网络加密 ({patched} 处)"));
-    } else {
-        api.log_warn("关闭网络加密: 未找到加密标志");
-    }
-}
-
-fn find_function_start(api: &Api, addr: usize, text_base: usize) -> Option<usize> {
-    // 55 8B EC 6A FF = PUSH EBP / MOV EBP,ESP / PUSH -1
-    let prologue = [0x55, 0x8B, 0xEC, 0x6A, 0xFF];
-    for back in 1..0x800usize {
-        let candidate = addr.checked_sub(back)?;
-        if candidate < text_base {
-            return None;
-        }
-        let mut buf = [0u8; 5];
-        if api.mem_read(candidate, &mut buf) && buf == prologue {
-            return Some(candidate);
-        }
-    }
-    None
-}
-
-fn patch_encrypt_flag_in_function(api: &Api, func_start: usize, ref_site: usize) -> bool {
-    let func_end = ref_site + 0x200;
-    // MOV dword ptr [param_1+4], imm32 → C7 41 04 xx xx xx xx
-    let mut scan_addr = func_start;
-    while scan_addr < func_end {
-        let remaining = (func_end - scan_addr) as u32;
-        if remaining < 7 {
-            break;
-        }
-        let site = api.aob_scan(scan_addr, remaining, &[0xC7, 0x41, 0x04], "xxx");
-        if site == 0 {
-            break;
-        }
-        let mut val_buf = [0u8; 4];
-        if api.mem_read(site + 3, &mut val_buf) {
-            let val = u32::from_le_bytes(val_buf);
-            if val != 0 && val < 0x1000 {
-                let zero = [0u8; 4];
-                if api.mem_write(site + 3, &zero) {
-                    return true;
-                }
-            }
-        }
-        scan_addr = site + 7;
-    }
-    false
-}
-
 fn apply_disable_tls(api: &Api, config: &Config) {
     if !config.is_enabled("DisableTLS") {
         return;

src/patches/unlock_120fps.rs

@@ -7,24 +7,20 @@ pub fn apply(api: &Api, config: &Config) {
         return;
     }
 
-    let patch_name = if config.get_bool("Unlock120fps", "force", false) {
-        "强制解锁 120fps"
-    } else {
-        "解锁 120fps"
-    };
-
-    // v2.45 的 120fps 解锁与 120Hz 检测绕过共用同一处分支补丁。
+    // B9 78 00 00 00 B8 3C 00 00 00 0F 45 C1
+    // = MOV ECX,120 / MOV EAX,60 / CMOVNZ EAX,ECX
+    // 改 MOV EAX,60 → MOV EAX,120 强制 120fps
     apply_patch(
         api,
         config,
         &PatchDef {
-            name: patch_name,
+            name: "解锁 120fps",
             section: "Unlock120fps",
-            pattern: Some("85 C0 74 3F ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? 81 BC 24 34 02 00 00 80 07 00 00"),
-            pattern_offset: 0,
+            pattern: Some("B9 78 00 00 00 B8 3C 00 00 00 0F 45 C1"),
+            pattern_offset: 5,
             known_offsets: &[],
-            expected: &[0x85, 0xC0, 0x74, 0x3F],
-            patch: &[0xEB, 0x30, 0xEB, 0x2E],
+            expected: &[0xB8, 0x3C, 0x00, 0x00, 0x00],
+            patch: &[0xB8, 0x78, 0x00, 0x00, 0x00],
         },
     );
 }