问道的人物血量基址加偏移都找到了
问道的人物血量基址加偏移都找到了,为什么每次重新登陆以后,基址就变了?需要找二叉树吗?有知道的不?怎么解? 二叉,字数咋不够 回复 2# xzy1984629哦。知道了。我试试看吧,有新情况再贴上来。 回复 2# xzy1984629
貌似二叉树不会,能不能稍微指导下。:P 00444530/$83EC 08 SUB ESP,8
00444533|.F681 A4010000>TEST BYTE PTR DS:,1
0044453A|.75 08 JNZ SHORT asktao.00444544
0044453C|.33C0 XOR EAX,EAX
0044453E|.83C4 08 ADD ESP,8
00444541|.C2 0400 RETN 4
00444544|>8B81 E4010000 MOV EAX,DWORD PTR DS: ; EAX=
0044454A|.53 PUSH EBX
0044454B|.8D99 E0010000 LEA EBX,DWORD PTR DS:
00444551|.55 PUSH EBP
00444552|.8B6C24 14 MOV EBP,DWORD PTR SS:
00444556|.57 PUSH EDI
00444557|.8BC8 MOV ECX,EAX ;eax
00444559|.8B39 MOV EDI,DWORD PTR DS: ;111111111111111
0044455B|.894424 10 MOV DWORD PTR SS:,EAX
0044455F|.56 PUSH ESI
00444560|>3BDB /CMP EBX,EBX
00444562|.8B35 98F6AA00 |MOV ESI,DWORD PTR DS:[<&MSVCR80._invali>;MSVCR80._invalid_parameter_noinfo
00444568|.74 02 |JE SHORT asktao.0044456C
0044456A|.FFD6 |CALL ESI ;<&MSVCR80._invalid_parameter_noinfo>
0044456C|>3B7C24 14 |CMP EDI,DWORD PTR SS:
00444570|.0F84 8F000000 |JE asktao.00444605
00444576|.3B7B 04 |CMP EDI,DWORD PTR DS:
00444579|.75 02 |JNZ SHORT asktao.0044457D
0044457B|.FFD6 |CALL ESI
0044457D|>837F 08 00 |CMP DWORD PTR DS:,0
00444581|.74 5C |JE SHORT asktao.004445DF
00444583|.3B7B 04 |CMP EDI,DWORD PTR DS:
00444586|.75 02 |JNZ SHORT asktao.0044458A
00444588|.FFD6 |CALL ESI
0044458A|>8B4F 08 |MOV ECX,DWORD PTR DS:
0044458D|.8B11 |MOV EDX,DWORD PTR DS:
0044458F|.8B42 38 |MOV EAX,DWORD PTR DS:
00444592|.FFD0 |CALL EAX
00444594|.85C0 |TEST EAX,EAX
00444596|.74 47 |JE SHORT asktao.004445DF
00444598|.3B7B 04 |CMP EDI,DWORD PTR DS:
0044459B|.75 02 |JNZ SHORT asktao.0044459F
0044459D|.FFD6 |CALL ESI
0044459F|>8B4F 08 |MOV ECX,DWORD PTR DS:
004445A2|.8B11 |MOV EDX,DWORD PTR DS:
004445A4|.8B42 38 |MOV EAX,DWORD PTR DS:
004445A7|.8BF5 |MOV ESI,EBP
004445A9|.FFD0 |CALL EAX
004445AB|.EB 03 |JMP SHORT asktao.004445B0
004445AD| 8D49 00 |LEA ECX,DWORD PTR DS:
004445B0|>8A08 |/MOV CL,BYTE PTR DS:
004445B2|.3A0E ||CMP CL,BYTE PTR DS:
004445B4|.75 1A ||JNZ SHORT asktao.004445D0
004445B6|.84C9 ||TEST CL,CL
004445B8|.74 12 ||JE SHORT asktao.004445CC
004445BA|.8A48 01 ||MOV CL,BYTE PTR DS:
004445BD|.3A4E 01 ||CMP CL,BYTE PTR DS:
004445C0|.75 0E ||JNZ SHORT asktao.004445D0
004445C2|.83C0 02 ||ADD EAX,2
004445C5|.83C6 02 ||ADD ESI,2
004445C8|.84C9 ||TEST CL,CL
004445CA|.^ 75 E4 |\JNZ SHORT asktao.004445B0
004445CC|>33C0 |XOR EAX,EAX
004445CE|.EB 05 |JMP SHORT asktao.004445D5
004445D0|>1BC0 |SBB EAX,EAX
004445D2|.83D8 FF |SBB EAX,-1
004445D5|>85C0 |TEST EAX,EAX
004445D7|.74 14 |JE SHORT asktao.004445ED
004445D9|.8B35 98F6AA00 |MOV ESI,DWORD PTR DS:[<&MSVCR80._invali>;MSVCR80._invalid_parameter_noinfo
004445DF|>3B7B 04 |CMP EDI,DWORD PTR DS:
004445E2|.75 02 |JNZ SHORT asktao.004445E6
004445E4|.FFD6 |CALL ESI
004445E6|>8B3F |MOV EDI,DWORD PTR DS:
004445E8|.^ E9 73FFFFFF \JMP asktao.00444560
004445ED|>3B7B 04 CMP EDI,DWORD PTR DS:
004445F0|.75 06 JNZ SHORT asktao.004445F8
004445F2|.FF15 98F6AA00 CALL DWORD PTR DS:[<&MSVCR80._invalid_pa>;MSVCR80._invalid_parameter_noinfo
004445F8|>8B47 08 MOV EAX,DWORD PTR DS:
004445FB|.5E POP ESI
004445FC|.5F POP EDI
004445FD|.5D POP EBP
004445FE|.5B POP EBX
004445FF|.83C4 08 ADD ESP,8
00444602|.C2 0400 RETN 4
00444605|>5E POP ESI
00444606|.5F POP EDI
00444607|.5D POP EBP
00444608|.33C0 XOR EAX,EAX
0044460A|.5B POP EBX
0044460B|.83C4 08 ADD ESP,8
0044460E\.C2 0400 RETN 4 有木有学神还在的?帮忙解答啊。 自己摸索太痛苦了。。。。。。根本没头绪啊。:Q 人物血值不需要二叉树 回复 8# web11234
我找到的血值基止怎么每次重启游戏后就变了?我用ce找的。 可能是你找错了人物血蓝 都是CALL返回的
// 008048EC .8B0D 84CCD100 MOV ECX,DWORD PTR DS:
// 008048FA .8B01 MOV EAX,DWORD PTR DS:
// 008048FC .8B15 189ACC00 MOV EDX,DWORD PTR DS: ;asktao.00B0C168
// 00804902 .8B40 1C MOV EAX,DWORD PTR DS:
// 00804905 .52 PUSH EDX
//00804906 .FFD0 CALL EAX ;29098
int BloodValues_X()
{
int Small_Blood;
__asm
{
mov ecx,0xD1CC84
mov ecx,
mov eax,
mov edx,0xCC9A18
mov edx,
mov eax,
push edx
call eax
mov Small_Blood,eax
}
return Small_Blood;
}
人物血蓝都在一个函数里面
页:
[1]
2