- 注册时间
- 2012-11-27
- 最后登录
- 1970-1-1
该用户从未签到
|
1.遍历背包物品
用CE 搜
033E6F70
004121d3 mov [esi+200],ebp esi=033e6d70 ebp=1
esi=[021fff98]
dd [021fff98]+200 物品数量
004121BD |> \8B4C24 2C MOV ECX,DWORD PTR SS:[ESP+2C]
004121C1 |. 8B5424 10 MOV EDX,DWORD PTR SS:[ESP+10]
004121C5 |. 898E FC010000 MOV DWORD PTR DS:[ESI+1FC],ECX ; ECX=000003F9
004121CB |. 8BCF MOV ECX,EDI ; EDI=028A70A0
004121CD |. 899E 04020000 MOV DWORD PTR DS:[ESI+204],EBX ; EBX=00000003
004121D3 |. 89AE 00020000 MOV DWORD PTR DS:[ESI+200],EBP ; 物品数量 商找 ebp=00000012
004121D9 |. 8996 08020000 MOV DWORD PTR DS:[ESI+208],EDX ; EDX=00000000
004121DF |. E8 1C582100 CALL asktao.00627A00
004121E4 |. 8B06 MOV EAX,DWORD PTR DS:[ESI]
004121E6 |. 8B50 10 MOV EDX,DWORD PTR DS:[EAX+10]
004121E9 |. 6A 00 PUSH 0
004121EB |. 8BCE MOV ECX,ESI ; ESI=033E6D70
esi=[0ae74e4]
0063F08E |> \8B4424 4C MOV EAX,DWORD PTR SS:[ESP+4C]
0063F092 |> 8B4C24 38 MOV ECX,DWORD PTR SS:[ESP+38]
0012F5F8 00450942 B.E. asktao.00450942
可能是背包的地址:
00415261 . 8BF1 MOV ESI,ECX
00415263 . 8B86 C0010000 MOV EAX,DWORD PTR DS:[ESI+1C0]
00415269 . 3B86 94010000 CMP EAX,DWORD PTR DS:[ESI+194]
0041526F . 75 5B JNZ SHORT asktao.004152CC
00415271 . 8B8E C4010000 MOV ECX,DWORD PTR DS:[ESI+1C4]
00415277 . 3B8E 98010000 CMP ECX,DWORD PTR DS:[ESI+198]
0041527D . 75 4D JNZ SHORT asktao.004152CC
0041527F . 8B96 C8010000 MOV EDX,DWORD PTR DS:[ESI+1C8]
00415285 . 3B96 9C010000 CMP EDX,DWORD PTR DS:[ESI+19C]
0041528B . 75 3F JNZ SHORT asktao.004152CC
0041528D . 8B86 CC010000 MOV EAX,DWORD PTR DS:[ESI+1CC]
00415293 . 3B86 A0010000 CMP EAX,DWORD PTR DS:[ESI+1A0]
00415299 . 75 31 JNZ SHORT asktao.004152CC
0041529B . 83BE B4010000>CMP DWORD PTR DS:[ESI+1B4],0
004152A2 . 8B4C24 08 MOV ECX,DWORD PTR SS:[ESP+8]
004152A6 . 74 19 JE SHORT asktao.004152C1
004152A8 . E8 53272100 CALL asktao.00627A00
-------------------------------------
第一格数
006249b0 mov [esi+0c],ecx esi=0301ea20 ecx=10
004142a0 mov ecx,[ebp+228] EBP=00911D710
00425070 mov ebp,[ebx+08] ebx=02200fe0
0043b66f mov esi,[eax] eax=02201100
dd [[[0223B8A0]+08]+228]+0c 9 数量
dd [[[02201100]+08]+228]+ec0 20 最大数量
dd [[[02201100]+08]+228]+b6c 金创药 名称
ESI的值怎么找?
--------------------------
07239FC4
00412407 mov ecx,[esi+1e4] esi=07239de0
0043b68c mov ecx,[esi+08] esi=02010140
0043b66f mov esi,[eax] eax=02010110
esi=20e30097
[[002010110 ]+8]+1e4 第一格基址
[[02010110]+8]+1eC 格数 65
[[02010110 ]+8]+200 当前数量
+8 格数 65
+1C 物品数量
ECX=03198A40 0319BB00
esi=01EDA570 65
esi=0201F290 66
esi=01ED0880 67
esi=01EDC730 68
找ESI的值:?????? |
|