- 注册时间
- 2013-10-31
- 最后登录
- 1970-1-1
该用户从未签到
|
OD里的内容:
006D0A46 8B50 0C mov edx,dword ptr ds:[eax+0xC]
006D0A49 8B48 08 mov ecx,dword ptr ds:[eax+0x8]
006D0A4C 8B78 18 mov edi,dword ptr ds:[eax+0x18]
006D0A4F 8955 FC mov dword ptr ss:[ebp-0x4],edx
006D0A52 8B50 10 mov edx,dword ptr ds:[eax+0x10]
006D0A55 8955 08 mov dword ptr ss:[ebp+0x8],edx
006D0A58 8B50 14 mov edx,dword ptr ds:[eax+0x14]
006D0A5B 8B40 1C mov eax,dword ptr ds:[eax+0x1C]
006D0A5E 50 push eax ; eax=00000001
006D0A5F 8B45 08 mov eax,dword ptr ss:[ebp+0x8] ; 堆栈 ss:[0012F340]=42600000 EAX=00000001
006D0A62 57 push edi ; edi=00FBC79C (khan2.00FBC79C)
006D0A63 52 push edx ; edx=FFFFFFFF
006D0A64 8B55 FC mov edx,dword ptr ss:[ebp-0x4] ; 堆栈 ss:[0012F334]=430D0000 edx=FFFFFFFF
006D0A67 50 push eax ; eax=42600000
006D0A68 52 push edx ; edx=430D0000
006D0A69 51 push ecx ; edx=430D0000
006D0A6A 8BCE mov ecx,esi ; esi=01801558
006D0A6C E8 0FD7FFFF call khan2.006CE180
006D0A71 5F pop edi ; khan2.00FBC79C
006D0A72 5E pop esi
006D0A73 8BE5 mov esp,ebp
006D0A75 5D pop ebp
006D0A76 C2 0400 retn 0x4
按下面的代码注入可以寻路到NPC,但不能打开NPC:是不是PUSH上面的那些MOV也要找???
push 1
push 00FBC79C
push 0xFFFFFFFF
push 42600000
push 430D0000
push 00000000
mov ecx,01801558
call 006CE180 |
|