- 注册时间
- 2011-8-8
- 最后登录
- 1970-1-1
该用户从未签到
|
明文发包CALL
60544440 |> \8B77 04 mov esi,dwordptr ds:[edi+0x4]
60544443 |. 83C6 4C add esi,0x4C
60544446 |. 8BCE mov ecx,esi
60544448 |. E8 F3E2FFFF call GameGac.60542740
6054444D |. 8B4D 0C mov ecx,dword ptr ss:[ebp+0xC]
60544450 |. 8B55 08 mov edx,dword ptr ss:[ebp+0x8]
60544453 >|. 51 push ecx ; 标志
60544454 |. 52 push edx ; 地址(数据头+长度+包内容)
60544455 |. 8BCE mov ecx,esi
60544457 |. 8AD8 mov bl,al
60544459 |. E8 B2EAFFFF call GameGac.60542F10 ; 明文发包CALL
6054445E |. 84DB test bl,bl
60544460 |. 8BF0 mov esi,eax
60544462 |. 74 32 je short GameGac.60544496
60544464 |. 8BCF mov ecx,edi
60544466 |. E8 35FBFFFF call GameGac.60543FA0
6054446B |. 84C0 test al,al
6054446D |. 74 27 je short GameGac.60544496
6054446F |. 6A 01 push 0x1
60544471 |. 6A 00 push 0x0
60544473 |. 68 8C9F7160 push GameGac.60719F8C ; CPipeState_Connected::Send OverlappedSend
60544478 |. E8 DF560100 call <jmp.&Module.sqr::LogErr>
6054447D |. 83C4 0C add esp,0xC
60544480 |. 33C0 xor eax,eax
60544482 |. 8B4D F4 mov ecx,dword ptr ss:[ebp-0xC]
60544485 |. 64:890D 00000>mov dword ptrfs:[0],ecx
6054448C |. 59 pop ecx
6054448D |. 5F pop edi
6054448E |. 5E pop esi
6054448F |. 5B pop ebx
60544490 |. 8BE5 mov esp,ebp
60544492 |. 5D pop ebp
60544493 |. C2 0800 retn 0x8
60544496 |> 8B47 04 mov eax,dword ptr ds:[edi+0x4]
60544499 |. 8B40 1C mov eax,dword ptr ds:[eax+0x1C]
6054449C |. 85C0 test eax,eax
6054449E |. 74 11 je short GameGac.605444B1
采用WSASend发包
有发包标志第一次=0x17
第一次研究WSASend发包的游戏.搞的跟新手一样.研究了2天才找到了这个明文发包CALL. |
|