BP WSASRND找CALL求助
在用BP WSASEND下断找call的时候,已经通过包的长度过滤心跳包。不管是走路、打怪、还是使用物品,每次断下来堆栈里的东西都是一样,而且lpBuffers经常变化,也不好在这里面下硬件断点。有没有大神能给个这种情况找功能call的思路,在这里卡住两天了。 我也卡在这里了~~ 每次都是这个 难道是服务器每秒都发个CALL?0C43FEA8 00586180/CALL 到 WSASend
0C43FEAC 00000F68|Socket = F68
0C43FEB0 07E6B88C|pBuffers = 07E6B88C
0C43FEB4 00000001|nBuffers = 1
0C43FEB8 0C43FED0|pBytesSent = 0C43FED0
0C43FEBC 00000000|Flags = 0
0C43FEC0 07E6B874|pOverlapped = 07E6B874
0C43FEC4 00000000\Callback = NULL
0BF3FEA8 00586180/CALL 到 WSASend
0BF3FEAC 00000F90|Socket = F90
0BF3FEB0 07E6BD78|pBuffers = 07E6BD78
0BF3FEB4 00000001|nBuffers = 1
0BF3FEB8 0BF3FED0|pBytesSent = 0BF3FED0
0BF3FEBC 00000000|Flags = 0
0BF3FEC0 07E6BD60|pOverlapped = 07E6BD60
0BF3FEC4 00000000\Callback = NULL
0BF3FEA8 00586180/CALL 到 WSASend
0BF3FEAC 00000F4C|Socket = F4C
0BF3FEB0 07E6C264|pBuffers = 07E6C264
0BF3FEB4 00000001|nBuffers = 1
0BF3FEB8 0BF3FED0|pBytesSent = 0BF3FED0
0BF3FEBC 00000000|Flags = 0
0BF3FEC0 07E6C24C|pOverlapped = 07E6C24C
0BF3FEC4 00000000\Callback = NULL 堆栈数据
调用堆栈: 线程0007CD08
地址 堆栈 函数过程 调用来自 结构
0BF6FEA0 7413691B ntdll.ZwRemoveIoCompletion KERNELBA.74136915 0BF6FED4
0BF6FED8 00581EA8 包含KERNELBA.7413691B Game.00581EA6 0BF6FED4
0BF6FF10 00581C62 Game.00581DF0 Game.00581C5D 0BF6FF0C
0BF6FF44 00994E89 包含Game.00581C62 Game.00994E86 0BF6FF40
0BF6FF7C 00994F2E ? Game.00994E6E Game.00994F29 0BF6FF78
调用堆栈: 线程0007CEC8
地址 堆栈 函数过程 调用来自 结构
0CD2FEA0 7413691B ntdll.ZwRemoveIoCompletion KERNELBA.74136915 0CD2FED4
0CD2FED8 00581EA8 包含KERNELBA.7413691B Game.00581EA6 0CD2FED4
0CD2FF10 00581C62 Game.00581DF0 Game.00581C5D 0CD2FF0C
0CD2FF44 00994E89 包含Game.00581C62 Game.00994E86 0CD2FF40
0CD2FF7C 00994F2E ? Game.00994E6E Game.00994F29 0CD2FF78
页:
[1]