吾爱破解 - 52pojie.cn

 找回密码
 注册[Register]

QQ登录

只需一步,快速开始

查看: 1914|回复: 24
收起左侧

[求助] 跪求大佬!已知该段代码触发掉血机制,如何修改才能实现无敌?

[复制链接]
sgsy 发表于 2020-6-12 11:18
已知该段代码触发掉血机制,如何修改才不掉血不死亡?
下面的体力和蓝量我算是改了数值改好了,但是血量一改游戏就崩溃,求大佬看看有什么办法能让它不触发掉血机制,还有能不能跳过死亡CALL?

万分无奈,血量修改已经尝试了2天了,要么就改了无效,要么就改了游戏崩溃!求大佬给个好点的主意,让他无敌,并且游戏不崩溃!

1.png
2.png

[Asm] 纯文本查看 复制代码
game.exe+2F91B6 - 51                    - push ecx
game.exe+2F91B7 - 8D 4D D8              - lea ecx,[ebp-28]
game.exe+2F91BA - E8 D1D2F9FF           - call game.exe+296490
game.exe+2F91BF - 68 AB9EB800           - push game.exe+789EAB
game.exe+2F91C4 - 6A 00                 - push 00
game.exe+2F91C6 - 68 1C0DB600           - push game.exe+760D1C
game.exe+2F91CB - 68 90FFAE00           - push game.exe+6EFF90
game.exe+2F91D0 - 8B 15 70C0A001        - mov edx,[game.exe+160C070]
game.exe+2F91D6 - 52                    - push edx
game.exe+2F91D7 - FF 15 A0EDAE00        - call dword ptr [game.exe+6EEDA0]
game.exe+2F91DD - 83 C4 14              - add esp,14
game.exe+2F91E0 - C7 45 FC FFFFFFFF     - mov [ebp-04],FFFFFFFF
game.exe+2F91E7 - 8D 4D D8              - lea ecx,[ebp-28]
game.exe+2F91EA - E8 81D1F9FF           - call game.exe+296370
game.exe+2F91EF - 8B 45 EC              - mov eax,[ebp-14]
game.exe+2F91F2 - 83 78 01 00           - cmp dword ptr [eax+01],00
game.exe+2F91F6 - 76 26                 - jna game.exe+2F921E
game.exe+2F91F8 - 8B 0D EC8DCD01        - mov ecx,[game.exe+18D8DEC]
game.exe+2F91FE - 8B 91 B46C0200        - mov edx,[ecx+00026CB4]
game.exe+2F9204 - 69 D2 302C0000        - imul edx,edx,00002C30
INJECT          - A1 388BCD01           - mov eax,[game.exe+18D8B38]
game.exe+2F920F - 8B 4D EC              - mov ecx,[ebp-14]
game.exe+2F9212 - 8B 49 01              - mov ecx,[ecx+01]
game.exe+2F9215 - 89 8C 10 A4020000     - mov [eax+edx+000002A4],ecx   //该段代码触发掉血量
game.exe+2F921C - EB 23                 - jmp game.exe+2F9241
game.exe+2F921E - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F9224 - 8B 82 B46C0200        - mov eax,[edx+00026CB4]
game.exe+2F922A - 69 C0 302C0000        - imul eax,eax,00002C30
game.exe+2F9230 - 8B 0D 388BCD01        - mov ecx,[game.exe+18D8B38]
game.exe+2F9236 - C7 84 01 A4020000 00000000 - mov [ecx+eax+000002A4],00000000
game.exe+2F9241 - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F9247 - 8B 82 B46C0200        - mov eax,[edx+00026CB4]
game.exe+2F924D - 69 C0 302C0000        - imul eax,eax,00002C30
game.exe+2F9253 - 8B 0D 388BCD01        - mov ecx,[game.exe+18D8B38]
game.exe+2F9259 - 8B 94 01 A4020000     - mov edx,[ecx+eax+000002A4]
game.exe+2F9260 - 52                    - push edx
game.exe+2F9261 - 8B 45 F0              - mov eax,[ebp-10]
game.exe+2F9264 - 50                    - push eax
game.exe+2F9265 - 6A 00                 - push 00
game.exe+2F9267 - 8B 0D EC8DCD01        - mov ecx,[game.exe+18D8DEC]
game.exe+2F926D - 8B 91 D03B0100        - mov edx,[ecx+00013BD0]
game.exe+2F9273 - 8B 42 04              - mov eax,[edx+04]
game.exe+2F9276 - 8B 0D EC8DCD01        - mov ecx,[game.exe+18D8DEC]
game.exe+2F927C - 8D 8C 01 D03B0100     - lea ecx,[ecx+eax+00013BD0]
game.exe+2F9283 - E8 5811FAFF           - call game.exe+29A3E0
game.exe+2F9288 - 8B 55 EC              - mov edx,[ebp-14]
game.exe+2F928B - 0FBF 42 09            - movsx eax,word ptr [edx+09]
game.exe+2F928F - 85 C0                 - test eax,eax
game.exe+2F9291 - 7E 26                 - jle game.exe+2F92B9
game.exe+2F9293 - 8B 4D EC              - mov ecx,[ebp-14]
game.exe+2F9296 - 0FBF 51 09            - movsx edx,word ptr [ecx+09]
game.exe+2F929A - A1 EC8DCD01           - mov eax,[game.exe+18D8DEC]
game.exe+2F929F - 8B 88 B46C0200        - mov ecx,[eax+00026CB4]
game.exe+2F92A5 - 69 C9 302C0000        - imul ecx,ecx,00002C30
game.exe+2F92AB - A1 388BCD01           - mov eax,[game.exe+18D8B38]
game.exe+2F92B0 - 89 94 08 4C030000     - mov [eax+ecx+0000034C],edx   //该段代码触发体力
game.exe+2F92B7 - EB 22                 - jmp game.exe+2F92DB
game.exe+2F92B9 - 8B 0D EC8DCD01        - mov ecx,[game.exe+18D8DEC]
game.exe+2F92BF - 8B 91 B46C0200        - mov edx,[ecx+00026CB4]
game.exe+2F92C5 - 69 D2 302C0000        - imul edx,edx,00002C30
game.exe+2F92CB - A1 388BCD01           - mov eax,[game.exe+18D8B38]
game.exe+2F92D0 - C7 84 10 4C030000 00000000 - mov [eax+edx+0000034C],00000000
game.exe+2F92DB - 8B 4D EC              - mov ecx,[ebp-14]
game.exe+2F92DE - 83 79 05 00           - cmp dword ptr [ecx+05],00
game.exe+2F92E2 - 0F86 03010000         - jbe game.exe+2F93EB
game.exe+2F92E8 - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F92EE - 8B 8A B46C0200        - mov ecx,[edx+00026CB4]
game.exe+2F92F4 - 69 C9 302C0000        - imul ecx,ecx,00002C30
game.exe+2F92FA - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F9300 - 8B 82 B46C0200        - mov eax,[edx+00026CB4]
game.exe+2F9306 - 69 C0 302C0000        - imul eax,eax,00002C30
game.exe+2F930C - 8B 15 388BCD01        - mov edx,[game.exe+18D8B38]
game.exe+2F9312 - 8B 84 02 F8020000     - mov eax,[edx+eax+000002F8]
game.exe+2F9319 - 6B C0 19              - imul eax,eax,19
game.exe+2F931C - 99                    - cdq
game.exe+2F931D - BE 64000000           - mov esi,00000064
game.exe+2F9322 - F7 FE                 - idiv esi
game.exe+2F9324 - 8B 15 388BCD01        - mov edx,[game.exe+18D8B38]
game.exe+2F932A - 39 84 0A FC020000     - cmp [edx+ecx+000002FC],eax
game.exe+2F9331 - 0F8E 8E000000         - jng game.exe+2F93C5
game.exe+2F9337 - A1 EC8DCD01           - mov eax,[game.exe+18D8DEC]
game.exe+2F933C - 8B 88 B46C0200        - mov ecx,[eax+00026CB4]
game.exe+2F9342 - 69 C9 302C0000        - imul ecx,ecx,00002C30
game.exe+2F9348 - 8B 15 388BCD01        - mov edx,[game.exe+18D8B38]
game.exe+2F934E - 8B 84 0A F8020000     - mov eax,[edx+ecx+000002F8]
game.exe+2F9355 - 6B C0 19              - imul eax,eax,19
game.exe+2F9358 - 99                    - cdq
game.exe+2F9359 - B9 64000000           - mov ecx,00000064
game.exe+2F935E - F7 F9                 - idiv ecx
game.exe+2F9360 - 0FB7 D0               - movzx edx,ax
game.exe+2F9363 - 8B 45 EC              - mov eax,[ebp-14]
game.exe+2F9366 - 3B 50 05              - cmp edx,[eax+05]
game.exe+2F9369 - 72 5A                 - jb game.exe+2F93C5
game.exe+2F936B - 8B 0D 70C0A001        - mov ecx,[game.exe+160C070]
game.exe+2F9371 - 51                    - push ecx
game.exe+2F9372 - 8D 4D C4              - lea ecx,[ebp-3C]
game.exe+2F9375 - E8 B6CEF9FF           - call game.exe+296230
game.exe+2F937A - C7 45 FC 01000000     - mov [ebp-04],00000001
game.exe+2F9381 - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F9387 - 81 C2 C83B0100        - add edx,00013BC8
game.exe+2F938D - 52                    - push edx
game.exe+2F938E - 8D 4D C4              - lea ecx,[ebp-3C]
game.exe+2F9391 - E8 FAD0F9FF           - call game.exe+296490
game.exe+2F9396 - 68 AB9EB800           - push game.exe+789EAB
game.exe+2F939B - 6A 00                 - push 00
game.exe+2F939D - 68 1C0DB600           - push game.exe+760D1C
game.exe+2F93A2 - 68 90FFAE00           - push game.exe+6EFF90
game.exe+2F93A7 - A1 70C0A001           - mov eax,[game.exe+160C070]
game.exe+2F93AC - 50                    - push eax
game.exe+2F93AD - FF 15 A0EDAE00        - call dword ptr [game.exe+6EEDA0]
game.exe+2F93B3 - 83 C4 14              - add esp,14
game.exe+2F93B6 - C7 45 FC FFFFFFFF     - mov [ebp-04],FFFFFFFF
game.exe+2F93BD - 8D 4D C4              - lea ecx,[ebp-3C]
game.exe+2F93C0 - E8 ABCFF9FF           - call game.exe+296370
game.exe+2F93C5 - 8B 0D EC8DCD01        - mov ecx,[game.exe+18D8DEC]
game.exe+2F93CB - 8B 91 B46C0200        - mov edx,[ecx+00026CB4]
game.exe+2F93D1 - 69 D2 302C0000        - imul edx,edx,00002C30
game.exe+2F93D7 - A1 388BCD01           - mov eax,[game.exe+18D8B38]
game.exe+2F93DC - 8B 4D EC              - mov ecx,[ebp-14]
game.exe+2F93DF - 8B 49 05              - mov ecx,[ecx+05]
game.exe+2F93E2 - 89 8C 10 FC020000     - mov [eax+edx+000002FC],ecx   //该段代码触发掉蓝量
game.exe+2F93E9 - EB 23                 - jmp game.exe+2F940E
game.exe+2F93EB - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F93F1 - 8B 82 B46C0200        - mov eax,[edx+00026CB4]
game.exe+2F93F7 - 69 C0 302C0000        - imul eax,eax,00002C30
game.exe+2F93FD - 8B 0D 388BCD01        - mov ecx,[game.exe+18D8B38]
game.exe+2F9403 - C7 84 01 FC020000 00000000 - mov [ecx+eax+000002FC],00000000
game.exe+2F940E - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F9414 - 8B 82 B46C0200        - mov eax,[edx+00026CB4]
game.exe+2F941A - 69 C0 302C0000        - imul eax,eax,00002C30
game.exe+2F9420 - 8B 0D 388BCD01        - mov ecx,[game.exe+18D8B38]
game.exe+2F9426 - 8B 15 8078CE01        - mov edx,[game.exe+18E7880]
game.exe+2F942C - 8B 92 54010000        - mov edx,[edx+00000154]
game.exe+2F9432 - 89 94 01 84110000     - mov [ecx+eax+00001184],edx
game.exe+2F9439 - A1 EC8DCD01           - mov eax,[game.exe+18D8DEC]
game.exe+2F943E - 8B 88 D03B0100        - mov ecx,[eax+00013BD0]
game.exe+2F9444 - 8B 51 04              - mov edx,[ecx+04]
game.exe+2F9447 - A1 EC8DCD01           - mov eax,[game.exe+18D8DEC]
game.exe+2F944C - 8B 8C 10 DC3B0100     - mov ecx,[eax+edx+00013BDC]
game.exe+2F9453 - 89 8D 40FFFFFF        - mov [ebp-000000C0],ecx
game.exe+2F9459 - 83 BD 40FFFFFF 00     - cmp dword ptr [ebp-000000C0],00
game.exe+2F9460 - 74 2F                 - je game.exe+2F9491
game.exe+2F9462 - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F9468 - 8B 82 D03B0100        - mov eax,[edx+00013BD0]
game.exe+2F946E - 8B 48 04              - mov ecx,[eax+04]
game.exe+2F9471 - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F9477 - 8D 84 0A D03B0100     - lea eax,[edx+ecx+00013BD0]
game.exe+2F947E - 89 85 3CFFFFFF        - mov [ebp-000000C4],eax
game.exe+2F9484 - 8B 8D 3CFFFFFF        - mov ecx,[ebp-000000C4]
game.exe+2F948A - C7 41 0C 00000000     - mov [ecx+0C],00000000
game.exe+2F9491 - 8B 4D F4              - mov ecx,[ebp-0C]
game.exe+2F9494 - 64 89 0D 00000000     - mov fs:[00000000],ecx
game.exe+2F949B - 59                    - pop ecx
game.exe+2F949C - 5E                    - pop esi
game.exe+2F949D - 8B E5                 - mov esp,ebp
game.exe+2F949F - 5D                    - pop ebp
game.exe+2F94A0 - C2 0800               - ret 0008

发帖前要善用论坛搜索功能,那里可能会有你要找的答案或者已经有人发布过相同内容了,请勿重复发帖。

 楼主| sgsy 发表于 2020-6-12 11:44
z7332323 发表于 2020-6-12 11:37
BV1rJ411W7hk
B站简单小教程,参考一下

我看了视频,是找TEST关键。。。
如下方代码所示。。并没有这个啊。。怎么办
[Asm] 纯文本查看 复制代码
game.exe+2F90C0 - 55                    - push ebp
game.exe+2F90C1 - 8B EC                 - mov ebp,esp
game.exe+2F90C3 - 6A FF                 - push -01
game.exe+2F90C5 - 68 60CCAB00           - push game.exe+6BCC60
game.exe+2F90CA - 64 A1 00000000        - mov eax,fs:[00000000]
game.exe+2F90D0 - 50                    - push eax
game.exe+2F90D1 - 81 EC BC000000        - sub esp,000000BC
game.exe+2F90D7 - 56                    - push esi
game.exe+2F90D8 - A1 0CBCBE00           - mov eax,[game.exe+7EBC0C]
game.exe+2F90DD - 33 C5                 - xor eax,ebp
game.exe+2F90DF - 50                    - push eax
game.exe+2F90E0 - 8D 45 F4              - lea eax,[ebp-0C]
game.exe+2F90E3 - 64 A3 00000000        - mov fs:[00000000],eax
game.exe+2F90E9 - 89 8D 38FFFFFF        - mov [ebp-000000C8],ecx
game.exe+2F90EF - 83 7D 0C 00           - cmp dword ptr [ebp+0C],00
game.exe+2F90F3 - 74 05                 - je game.exe+2F90FA
game.exe+2F90F5 - E9 97030000           - jmp game.exe+2F9491
game.exe+2F90FA - 8B 45 08              - mov eax,[ebp+08]
game.exe+2F90FD - 89 45 EC              - mov [ebp-14],eax
game.exe+2F9100 - 8B 0D EC8DCD01        - mov ecx,[game.exe+18D8DEC]
game.exe+2F9106 - 8B 91 B46C0200        - mov edx,[ecx+00026CB4]
game.exe+2F910C - 69 D2 302C0000        - imul edx,edx,00002C30
game.exe+2F9112 - A1 388BCD01           - mov eax,[game.exe+18D8B38]
game.exe+2F9117 - 8B 8C 10 A4020000     - mov ecx,[eax+edx+000002A4]
game.exe+2F911E - 89 4D F0              - mov [ebp-10],ecx
game.exe+2F9121 - 8B 55 EC              - mov edx,[ebp-14]
game.exe+2F9124 - 8B 45 F0              - mov eax,[ebp-10]
game.exe+2F9127 - 3B 42 01              - cmp eax,[edx+01]
game.exe+2F912A - 0F84 58010000         - je game.exe+2F9288
game.exe+2F9130 - 8B 0D EC8DCD01        - mov ecx,[game.exe+18D8DEC]
game.exe+2F9136 - 8B 91 B46C0200        - mov edx,[ecx+00026CB4]
game.exe+2F913C - 69 D2 302C0000        - imul edx,edx,00002C30
game.exe+2F9142 - A1 388BCD01           - mov eax,[game.exe+18D8B38]
game.exe+2F9147 - 8B 84 10 A0020000     - mov eax,[eax+edx+000002A0]
game.exe+2F914E - 6B C0 19              - imul eax,eax,19
game.exe+2F9151 - 99                    - cdq 
game.exe+2F9152 - B9 64000000           - mov ecx,00000064
game.exe+2F9157 - F7 F9                 - idiv ecx
game.exe+2F9159 - 39 45 F0              - cmp [ebp-10],eax
game.exe+2F915C - 0F8E 8D000000         - jng game.exe+2F91EF
game.exe+2F9162 - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F9168 - 8B 82 B46C0200        - mov eax,[edx+00026CB4]
game.exe+2F916E - 69 C0 302C0000        - imul eax,eax,00002C30
game.exe+2F9174 - 8B 0D 388BCD01        - mov ecx,[game.exe+18D8B38]
game.exe+2F917A - 8B 84 01 A0020000     - mov eax,[ecx+eax+000002A0]
game.exe+2F9181 - 6B C0 19              - imul eax,eax,19
game.exe+2F9184 - 33 D2                 - xor edx,edx
game.exe+2F9186 - B9 64000000           - mov ecx,00000064
game.exe+2F918B - F7 F1                 - div ecx
game.exe+2F918D - 8B 55 EC              - mov edx,[ebp-14]
game.exe+2F9190 - 3B 42 01              - cmp eax,[edx+01]
game.exe+2F9193 - 72 5A                 - jb game.exe+2F91EF
game.exe+2F9195 - A1 70C0A001           - mov eax,[game.exe+160C070]
game.exe+2F919A - 50                    - push eax
game.exe+2F919B - 8D 4D D8              - lea ecx,[ebp-28]
game.exe+2F919E - E8 8DD0F9FF           - call game.exe+296230
game.exe+2F91A3 - C7 45 FC 00000000     - mov [ebp-04],00000000
game.exe+2F91AA - 8B 0D EC8DCD01        - mov ecx,[game.exe+18D8DEC]
game.exe+2F91B0 - 81 C1 C83B0100        - add ecx,00013BC8
game.exe+2F91B6 - 51                    - push ecx
game.exe+2F91B7 - 8D 4D D8              - lea ecx,[ebp-28]
game.exe+2F91BA - E8 D1D2F9FF           - call game.exe+296490
game.exe+2F91BF - 68 AB9EB800           - push game.exe+789EAB
game.exe+2F91C4 - 6A 00                 - push 00
game.exe+2F91C6 - 68 1C0DB600           - push game.exe+760D1C
game.exe+2F91CB - 68 90FFAE00           - push game.exe+6EFF90
game.exe+2F91D0 - 8B 15 70C0A001        - mov edx,[game.exe+160C070]
game.exe+2F91D6 - 52                    - push edx
game.exe+2F91D7 - FF 15 A0EDAE00        - call dword ptr [game.exe+6EEDA0]
game.exe+2F91DD - 83 C4 14              - add esp,14
game.exe+2F91E0 - C7 45 FC FFFFFFFF     - mov [ebp-04],FFFFFFFF
game.exe+2F91E7 - 8D 4D D8              - lea ecx,[ebp-28]
game.exe+2F91EA - E8 81D1F9FF           - call game.exe+296370
game.exe+2F91EF - 8B 45 EC              - mov eax,[ebp-14]
game.exe+2F91F2 - 83 78 01 00           - cmp dword ptr [eax+01],00
game.exe+2F91F6 - 76 26                 - jna game.exe+2F921E
game.exe+2F91F8 - 8B 0D EC8DCD01        - mov ecx,[game.exe+18D8DEC]
game.exe+2F91FE - 8B 91 B46C0200        - mov edx,[ecx+00026CB4]
game.exe+2F9204 - 69 D2 302C0000        - imul edx,edx,00002C30
game.exe+2F920A - A1 388BCD01           - mov eax,[game.exe+18D8B38]
game.exe+2F920F - 8B 4D EC              - mov ecx,[ebp-14]
game.exe+2F9212 - 8B 49 01              - mov ecx,[ecx+01]
game.exe+2F9215 - 89 8C 10 A4020000     - mov [eax+edx+000002A4],ecx   //该段代码触发掉血。
game.exe+2F921C - EB 23                 - jmp game.exe+2F9241
game.exe+2F921E - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F9224 - 8B 82 B46C0200        - mov eax,[edx+00026CB4]
game.exe+2F922A - 69 C0 302C0000        - imul eax,eax,00002C30
game.exe+2F9230 - 8B 0D 388BCD01        - mov ecx,[game.exe+18D8B38]
game.exe+2F9236 - C7 84 01 A4020000 00000000 - mov [ecx+eax+000002A4],00000000
game.exe+2F9241 - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F9247 - 8B 82 B46C0200        - mov eax,[edx+00026CB4]
game.exe+2F924D - 69 C0 302C0000        - imul eax,eax,00002C30
game.exe+2F9253 - 8B 0D 388BCD01        - mov ecx,[game.exe+18D8B38]
game.exe+2F9259 - 8B 94 01 A4020000     - mov edx,[ecx+eax+000002A4]
game.exe+2F9260 - 52                    - push edx
game.exe+2F9261 - 8B 45 F0              - mov eax,[ebp-10]
game.exe+2F9264 - 50                    - push eax
game.exe+2F9265 - 6A 00                 - push 00
game.exe+2F9267 - 8B 0D EC8DCD01        - mov ecx,[game.exe+18D8DEC]
game.exe+2F926D - 8B 91 D03B0100        - mov edx,[ecx+00013BD0]
game.exe+2F9273 - 8B 42 04              - mov eax,[edx+04]
game.exe+2F9276 - 8B 0D EC8DCD01        - mov ecx,[game.exe+18D8DEC]
game.exe+2F927C - 8D 8C 01 D03B0100     - lea ecx,[ecx+eax+00013BD0]
game.exe+2F9283 - E8 5811FAFF           - call game.exe+29A3E0
game.exe+2F9288 - 8B 55 EC              - mov edx,[ebp-14]
game.exe+2F928B - 0FBF 42 09            - movsx eax,word ptr [edx+09]
game.exe+2F928F - 85 C0                 - test eax,eax
game.exe+2F9291 - 7E 26                 - jle game.exe+2F92B9
game.exe+2F9293 - 8B 4D EC              - mov ecx,[ebp-14]
game.exe+2F9296 - 0FBF 51 09            - movsx edx,word ptr [ecx+09]
game.exe+2F929A - A1 EC8DCD01           - mov eax,[game.exe+18D8DEC]
game.exe+2F929F - 8B 88 B46C0200        - mov ecx,[eax+00026CB4]
game.exe+2F92A5 - 69 C9 302C0000        - imul ecx,ecx,00002C30
game.exe+2F92AB - A1 388BCD01           - mov eax,[game.exe+18D8B38]
game.exe+2F92B0 - 89 94 08 4C030000     - mov [eax+ecx+0000034C],edx
game.exe+2F92B7 - EB 22                 - jmp game.exe+2F92DB
game.exe+2F92B9 - 8B 0D EC8DCD01        - mov ecx,[game.exe+18D8DEC]
game.exe+2F92BF - 8B 91 B46C0200        - mov edx,[ecx+00026CB4]
game.exe+2F92C5 - 69 D2 302C0000        - imul edx,edx,00002C30
game.exe+2F92CB - A1 388BCD01           - mov eax,[game.exe+18D8B38]
game.exe+2F92D0 - C7 84 10 4C030000 00000000 - mov [eax+edx+0000034C],00000000
game.exe+2F92DB - 8B 4D EC              - mov ecx,[ebp-14]
game.exe+2F92DE - 83 79 05 00           - cmp dword ptr [ecx+05],00
game.exe+2F92E2 - 0F86 03010000         - jbe game.exe+2F93EB
game.exe+2F92E8 - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F92EE - 8B 8A B46C0200        - mov ecx,[edx+00026CB4]
game.exe+2F92F4 - 69 C9 302C0000        - imul ecx,ecx,00002C30
game.exe+2F92FA - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F9300 - 8B 82 B46C0200        - mov eax,[edx+00026CB4]
game.exe+2F9306 - 69 C0 302C0000        - imul eax,eax,00002C30
game.exe+2F930C - 8B 15 388BCD01        - mov edx,[game.exe+18D8B38]
game.exe+2F9312 - 8B 84 02 F8020000     - mov eax,[edx+eax+000002F8]
game.exe+2F9319 - 6B C0 19              - imul eax,eax,19
game.exe+2F931C - 99                    - cdq 
game.exe+2F931D - BE 64000000           - mov esi,00000064
game.exe+2F9322 - F7 FE                 - idiv esi
game.exe+2F9324 - 8B 15 388BCD01        - mov edx,[game.exe+18D8B38]
game.exe+2F932A - 39 84 0A FC020000     - cmp [edx+ecx+000002FC],eax
game.exe+2F9331 - 0F8E 8E000000         - jng game.exe+2F93C5
game.exe+2F9337 - A1 EC8DCD01           - mov eax,[game.exe+18D8DEC]
game.exe+2F933C - 8B 88 B46C0200        - mov ecx,[eax+00026CB4]
game.exe+2F9342 - 69 C9 302C0000        - imul ecx,ecx,00002C30
game.exe+2F9348 - 8B 15 388BCD01        - mov edx,[game.exe+18D8B38]
game.exe+2F934E - 8B 84 0A F8020000     - mov eax,[edx+ecx+000002F8]
game.exe+2F9355 - 6B C0 19              - imul eax,eax,19
game.exe+2F9358 - 99                    - cdq 
game.exe+2F9359 - B9 64000000           - mov ecx,00000064
game.exe+2F935E - F7 F9                 - idiv ecx
game.exe+2F9360 - 0FB7 D0               - movzx edx,ax
game.exe+2F9363 - 8B 45 EC              - mov eax,[ebp-14]
game.exe+2F9366 - 3B 50 05              - cmp edx,[eax+05]
game.exe+2F9369 - 72 5A                 - jb game.exe+2F93C5
game.exe+2F936B - 8B 0D 70C0A001        - mov ecx,[game.exe+160C070]
game.exe+2F9371 - 51                    - push ecx
game.exe+2F9372 - 8D 4D C4              - lea ecx,[ebp-3C]
game.exe+2F9375 - E8 B6CEF9FF           - call game.exe+296230
game.exe+2F937A - C7 45 FC 01000000     - mov [ebp-04],00000001
game.exe+2F9381 - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F9387 - 81 C2 C83B0100        - add edx,00013BC8
game.exe+2F938D - 52                    - push edx
game.exe+2F938E - 8D 4D C4              - lea ecx,[ebp-3C]
game.exe+2F9391 - E8 FAD0F9FF           - call game.exe+296490
game.exe+2F9396 - 68 AB9EB800           - push game.exe+789EAB
game.exe+2F939B - 6A 00                 - push 00
game.exe+2F939D - 68 1C0DB600           - push game.exe+760D1C
game.exe+2F93A2 - 68 90FFAE00           - push game.exe+6EFF90
game.exe+2F93A7 - A1 70C0A001           - mov eax,[game.exe+160C070]
game.exe+2F93AC - 50                    - push eax
game.exe+2F93AD - FF 15 A0EDAE00        - call dword ptr [game.exe+6EEDA0]
game.exe+2F93B3 - 83 C4 14              - add esp,14
game.exe+2F93B6 - C7 45 FC FFFFFFFF     - mov [ebp-04],FFFFFFFF
game.exe+2F93BD - 8D 4D C4              - lea ecx,[ebp-3C]
game.exe+2F93C0 - E8 ABCFF9FF           - call game.exe+296370
game.exe+2F93C5 - 8B 0D EC8DCD01        - mov ecx,[game.exe+18D8DEC]
game.exe+2F93CB - 8B 91 B46C0200        - mov edx,[ecx+00026CB4]
game.exe+2F93D1 - 69 D2 302C0000        - imul edx,edx,00002C30
game.exe+2F93D7 - A1 388BCD01           - mov eax,[game.exe+18D8B38]
game.exe+2F93DC - 8B 4D EC              - mov ecx,[ebp-14]
game.exe+2F93DF - 8B 49 05              - mov ecx,[ecx+05]
game.exe+2F93E2 - 89 8C 10 FC020000     - mov [eax+edx+000002FC],ecx
game.exe+2F93E9 - EB 23                 - jmp game.exe+2F940E
game.exe+2F93EB - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F93F1 - 8B 82 B46C0200        - mov eax,[edx+00026CB4]
game.exe+2F93F7 - 69 C0 302C0000        - imul eax,eax,00002C30
game.exe+2F93FD - 8B 0D 388BCD01        - mov ecx,[game.exe+18D8B38]
game.exe+2F9403 - C7 84 01 FC020000 00000000 - mov [ecx+eax+000002FC],00000000
game.exe+2F940E - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F9414 - 8B 82 B46C0200        - mov eax,[edx+00026CB4]
game.exe+2F941A - 69 C0 302C0000        - imul eax,eax,00002C30
game.exe+2F9420 - 8B 0D 388BCD01        - mov ecx,[game.exe+18D8B38]
game.exe+2F9426 - 8B 15 8078CE01        - mov edx,[game.exe+18E7880]
game.exe+2F942C - 8B 92 54010000        - mov edx,[edx+00000154]
game.exe+2F9432 - 89 94 01 84110000     - mov [ecx+eax+00001184],edx
game.exe+2F9439 - A1 EC8DCD01           - mov eax,[game.exe+18D8DEC]
game.exe+2F943E - 8B 88 D03B0100        - mov ecx,[eax+00013BD0]
game.exe+2F9444 - 8B 51 04              - mov edx,[ecx+04]
game.exe+2F9447 - A1 EC8DCD01           - mov eax,[game.exe+18D8DEC]
game.exe+2F944C - 8B 8C 10 DC3B0100     - mov ecx,[eax+edx+00013BDC]
game.exe+2F9453 - 89 8D 40FFFFFF        - mov [ebp-000000C0],ecx
game.exe+2F9459 - 83 BD 40FFFFFF 00     - cmp dword ptr [ebp-000000C0],00
game.exe+2F9460 - 74 2F                 - je game.exe+2F9491
game.exe+2F9462 - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F9468 - 8B 82 D03B0100        - mov eax,[edx+00013BD0]
game.exe+2F946E - 8B 48 04              - mov ecx,[eax+04]
game.exe+2F9471 - 8B 15 EC8DCD01        - mov edx,[game.exe+18D8DEC]
game.exe+2F9477 - 8D 84 0A D03B0100     - lea eax,[edx+ecx+00013BD0]
game.exe+2F947E - 89 85 3CFFFFFF        - mov [ebp-000000C4],eax
game.exe+2F9484 - 8B 8D 3CFFFFFF        - mov ecx,[ebp-000000C4]
game.exe+2F948A - C7 41 0C 00000000     - mov [ecx+0C],00000000
game.exe+2F9491 - 8B 4D F4              - mov ecx,[ebp-0C]
game.exe+2F9494 - 64 89 0D 00000000     - mov fs:[00000000],ecx
game.exe+2F949B - 59                    - pop ecx
game.exe+2F949C - 5E                    - pop esi
game.exe+2F949D - 8B E5                 - mov esp,ebp
game.exe+2F949F - 5D                    - pop ebp
game.exe+2F94A0 - C2 0800               - ret 0008
 楼主| sgsy 发表于 2020-6-14 10:05
alicc 发表于 2020-6-13 10:08
游戏下载地址发我即可。不暴露QQ。为了防止未来时间被其他人搜索查询。

1、我已经找到我的血量和怪物的血量。问题来了。我把我的血量改了666666。。受到伤害还是会死,也就是说我只改了前台血量。。。并没有实现真正意义的无敌。

2、我也找到了怪物血量,把怪血量改成了1,然后打了一下,还是没有秒掉。同上。。。等于只修改了前台血量。。后台血量还是没变。。。

求教。。怎么解决。。。是不是因为这是网络游戏改不了???
那DNF那些是怎么做到秒杀的?
z7332323 发表于 2020-6-12 11:27
game.exe+2F9215 - 89 8C 10 A4020000     - mov [eax+edx+000002A4],ecx   //该段代码触发掉血量
不如把mov改成add试试?话说是单机游戏么
 楼主| sgsy 发表于 2020-6-12 11:31
z7332323 发表于 2020-6-12 11:27
game.exe+2F9215 - 89 8C 10 A4020000     - mov [eax+edx+000002A4],ecx   //该段代码触发掉血量
不如把m ...

改了ADD不行,表面不掉血,伤害够了还是死亡。而且。。。取消激活游戏还崩溃了!
z7332323 发表于 2020-6-12 11:37
sgsy 发表于 2020-6-12 11:31
改了ADD不行,表面不掉血,伤害够了还是死亡。而且。。。取消激活游戏还崩溃了!

BV1rJ411W7hk
B站简单小教程,参考一下
wangyujie96 发表于 2020-6-12 12:01
你首先要确保你找到的数值是真是有用的,别找个血条的长度
然后才能下断点看汇编
alicc 发表于 2020-6-12 12:13
你确定这个寄存器里面只有你自己HP?
无闻无问 发表于 2020-6-12 13:08
wangyujie96 发表于 2020-6-12 12:01
你首先要确保你找到的数值是真是有用的,别找个血条的长度
然后才能下断点看汇编

他找的地方应该不对,很明显这是赋值,掉血应该是类似sub的语句…
 楼主| sgsy 发表于 2020-6-12 14:10
无闻无问 发表于 2020-6-12 13:08
他找的地方应该不对,很明显这是赋值,掉血应该是类似sub的语句…

已经重复确定了。就是这段代码。。。我也确实有你这个想法~
 楼主| sgsy 发表于 2020-6-12 14:18
alicc 发表于 2020-6-12 12:13
你确定这个寄存器里面只有你自己HP?

这段寄存器里不止有HP。还有蓝量和体力,怪物的血量也在这。有一次把怪的血量显示改到10了- -但是实际效果还是正常血量。。
您需要登录后才可以回帖 登录 | 注册[Register]

本版积分规则

返回列表

RSS订阅|小黑屋|处罚记录|联系我们|吾爱破解 - LCG - LSG ( 京ICP备16042023号 | 京公网安备 11010502030087号 )

GMT+8, 2024-11-25 10:11

Powered by Discuz!

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表