- 注册时间
- 2011-11-24
- 最后登录
- 1970-1-1
该用户从未签到
|
我用小小思维老师找人物信息相关CALL的方法成功得到人物最小经验值,在找最大经验时发现两个CALL不一样!
用代码注入器·注入测试最小经验成功了!下面是成功的代码。
mov ecx,[9dfb90]
mov edx,[ecx]
mov eax,[9a04e0]
mov edx,[edx+1c]
push 0
push eax
call edx
mov [04920000],eax
add esp,4
我测试最大经验时游戏就发生错误!失败!!!
找到的最大经验call
0068ABFA . E8 715ED9FF CALL asktao.00420A70
0068ABFF . 8B0D 90FB9D00 MOV ECX,DWORD PTR DS:[9DFB90]
0068AC05 . 8B01 MOV EAX,DWORD PTR DS:[ECX]
0068AC07 . 8B15 E0049A00 MOV EDX,DWORD PTR DS:[9A04E0] ; asktao.00892AE0
0068AC0D . 8B40 1C MOV EAX,DWORD PTR DS:[EAX+1C]
0068AC10 . 6A 00 PUSH 0
0068AC12 . 52 PUSH EDX
0068AC13 . FFD0 CALL EAX
0068AC15 . 50 PUSH EAX
0068AC16 . 68 CCE78800 PUSH asktao.0088E7CC ; ASCII "SETVALUE_PGM"
0068AC1B . 68 082B8900 PUSH asktao.00892B08 ; ASCII "Exp"
0068AC20 . 8BCE MOV ECX,ESI
0068AC22 . E8 495ED9FF CALL asktao.00420A70
0068AC27 . 8B0D 90FB9D00 MOV ECX,DWORD PTR DS:[9DFB90]
0068AC2D . 8B11 MOV EDX,DWORD PTR DS:[ECX]
0068AC2F . 8B42 1C MOV EAX,DWORD PTR DS:[EDX+1C]
0068AC32 . 6A 00 PUSH 0
0068AC34 . 68 342B8900 PUSH asktao.00892B34 ; ASCII "exp_to_next_level"
0068AC39 . FFD0 CALL EAX
0068AC3B . 50 PUSH EAX
0068AC3C . 68 08E68800 PUSH asktao.0088E608 ; ASCII "SETRANGE_PGM"
0068AC41 . 68 082B8900 PUSH asktao.00892B08 ; ASCII "Exp"
0068AC46 . 8BCE MOV ECX,ESI
0068AC48 . E8 235ED9FF CALL asktao.00420A70
0068AC4D . 8B0D 90FB9D00 MOV ECX,DWORD PTR DS:[9DFB90]
0068AC53 . 8B11 MOV EDX,DWORD PTR DS:[ECX]
0068AC55 . 8B42 30 MOV EAX,DWORD PTR DS:[EDX+30]
0068AC58 . 68 64748D00 PUSH asktao.008D7464 ; ASCII "asktao_show/state"
0068AC5D . FFD0 CALL EAX
0068AC5F . 85C0 TEST EAX,EAX
帮忙分析下~谢谢~ |
|