1.0M的角色列表修改,奇迹私服

如果您是奇迹私服的忠实玩家，请点击设置为首页!

我们每日更新最新奇迹私服信息,点击设置为您的收藏!

奇迹私服

奇迹心情故事

奇迹经验心得

奇迹玩家交流

奇迹私服技术

客户自助修改广告

广告联系

发布私服

1.0M的角色列表修改

1.0M的角色列表修改一: 我先找到的了位置大致分析就可以知道这个一定是: ============================================== C1,4B,F3,00,02,00,02, 00,D3,F4,C3,C6,00,00,00,00,00,00,71,08,00,08,20,0A,FF,11,1F,1F,18,6D,80,10,00,00,00,FF,FF,FF,00,00,FF, 01,C4,A7,BB,C3,D6,AE,D6,F7,00,00,71,01,00,00,00,FF,FF,FF,FF,FF,00,00,00,F8,00,00,00,FF,FF,FF,00,00,FF ================================================= 以上是我们的参考封包关键是: C1,标头 4B,长度 F3,协议类型 00, 02, 00, 02,角色数量我们找到GS里的函数头为: 00403EB8 $ /E9 43CB0100 JMP GameServ.JGPGetCharList 具体实现为: 00420A00 >/> \55 PUSH EBP 00420A01 |. 8BEC MOV EBP,ESP 00420A03 |. 81EC B4010000 SUB ESP,1B4 00420A09 |. 53 PUSH EBX 00420A0A |. 56 PUSH ESI 00420A0B |. 57 PUSH EDI 00420A0C |. 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8] 00420A0F |. 8945 FC MOV DWORD PTR SS:[EBP-4],EAX 00420A12 |. C785 E8FEFFFF>MOV DWORD PTR SS:[EBP-118],0 00420A1C |. C785 E4FEFFFF>MOV DWORD PTR SS:[EBP-11C],1C 00420A26 |. 8B4D FC MOV ECX,DWORD PTR SS:[EBP-4] 00420A29 |. 0FBF51 04 MOVSX EDX,WORD PTR DS:[ECX+4] 00420A2D |. 8995 E0FEFFFF MOV DWORD PTR SS:[EBP-120],EDX 00420A33 |. C685 D4FEFFFF>MOV BYTE PTR SS:[EBP-12C],0C1 00420A3A |. C685 D6FEFFFF>MOV BYTE PTR SS:[EBP-12A],0F3 00420A41 |. C685 D7FEFFFF>MOV BYTE PTR SS:[EBP-129],0 00420A48 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4] 00420A4B |. 8A48 06 MOV CL,BYTE PTR DS:[EAX+6] 00420A4E |. 888D DAFEFFFF MOV BYTE PTR SS:[EBP-126],CL 00420A54 |. C645 F6 00 MOV BYTE PTR SS:[EBP-A],0 00420A58 |. 6A 0A PUSH 0A ; /n = A (10.) 00420A5A |. 8B55 FC MOV EDX,DWORD PTR SS:[EBP-4] ; | 00420A5D |. 83C2 0D ADD EDX,0D ; | 00420A60 |. 52 PUSH EDX ; |src 00420A61 |. 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14] ; | 00420A64 |. 50 PUSH EAX ; |dest 00420A65 |. E8 C6141400 CALL GameServ._memcpy ; \_memcpy 00420A6A |. 83C4 0C ADD ESP,0C /-------------------------------------------------------------------------------- 我把上段分析为: 00420A33 |. C685 D4FEFFFF>MOV BYTE PTR SS:[EBP-12C],0C1 00420A3A |. C685 D6FEFFFF>MOV BYTE PTR SS:[EBP-12A],0F3 00420A41 |. C685 D7FEFFFF>MOV BYTE PTR SS:[EBP-129],0 00420A48 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4] 00420A4B |. 8A48 06 MOV CL,BYTE PTR DS:[EAX+6] 00420A4E |. 888D DAFEFFFF MOV BYTE PTR SS:[EBP-126],CL 00420A54 |. C645 F6 00 MOV BYTE PTR SS:[EBP-A],0 堆载中[]内的内容为 (EBP-[]内容)实际就是地址 [12C]0C1 C1 [12B] len [12A]0F3 0xf3 [129]000 00 [128] 02 [127] 00 [126] CharNum [125] 00 FirstObjNum [124] [123] [122] [121] [120] 具体位置为上对应: 可见汇编代码: 00420A33 |. C685 D4FEFFFF>MOV BYTE PTR SS:[EBP-12C],0C1 //标头 00420A3A |. C685 D6FEFFFF>MOV BYTE PTR SS:[EBP-12A],0F3 //类型 00420A4E |. 888D DAFEFFFF MOV BYTE PTR SS:[EBP-126],CL //角色数量下面是对角色的物品啊渲染处理的，我就看不明了这个就是角色列表发送的地方。。。我决定写个1.02E的就把它替换掉。。。。下面是对角色名称处理: 00420A58 |. 6A 0A PUSH 0A ;charNameLen=10B ; /n = A (10.) 00420A5A |. 8B55 FC MOV EDX,DWORD PTR SS:[EBP-4] ; | 00420A5D |. 83C2 0D ADD EDX,0D ; | 00420A60 |. 52 PUSH EDX ; |src 00420A61 |. 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14] ; | 00420A64 |. 50 PUSH EAX ;charName ; |dest 00420A65 |. E8 C6141400 CALL GameServ._memcpy /------------------------------------------------------------------------------------ CBloodCastle::SetBossMonster 00401410 $ |E9 5B8F1100 JMP GameServ.CBloodCastle::SetBossMonster 0051A370 >/> \55 PUSH EBP 0051A371 |. 8BEC MOV EBP,ESP 0051A373 |. 83EC 60 SUB ESP,60 0051A376 |. 53 PUSH EBX 0051A377 |. 56 PUSH ESI 0051A378 |. 57 PUSH EDI 0051A379 |. 894D FC MOV DWORD PTR SS:[EBP-4],ECX 0051A37C |. 837D 08 00 CMP DWORD PTR SS:[EBP+8],0 0051A380 |. 7D 09 JGE SHORT GameServ.0051A38B 0051A382 |. C745 E0 00000>MOV DWORD PTR SS:[EBP-20],0 0051A389 |. EB 0C JMP SHORT GameServ.0051A397 0051A38B |> 33C0 XOR EAX,EAX 0051A38D |. 837D 08 06 CMP DWORD PTR SS:[EBP+8],6 0051A391 |. 0F9EC0 SETLE AL 0051A394 |. 8945 E0 MOV DWORD PTR SS:[EBP-20],EAX 0051A397 |> 837D E0 00 CMP DWORD PTR SS:[EBP-20],0 0051A39B |. 75 05 JNZ SHORT GameServ.0051A3A2 0051A39D |. E9 B3010000 JMP GameServ.0051A555 0051A3A2 |> C745 F4 00000>MOV DWORD PTR SS:[EBP-C],0 0051A3A9 |. EB 09 JMP SHORT GameServ.0051A3B4 0051A3AB |> 8B4D F4 /MOV ECX,DWORD PTR SS:[EBP-C] 0051A3AE |. 83C1 01 |ADD ECX,1 0051A3B1 |. 894D F4 |MOV DWORD PTR SS:[EBP-C],ECX 0051A3B4 |> 837D F4 14 CMP DWORD PTR SS:[EBP-C],14 0051A3B8 |. 0F8D 97010000 |JGE GameServ.0051A555 0051A3BE |. 8B55 08 |MOV EDX,DWORD PTR SS:[EBP+8] 0051A3C1 |. 69D2 FC010000 |IMUL EDX,EDX,1FC 0051A3C7 |. 8B45 FC |MOV EAX,DWORD PTR SS:[EBP-4] 0051A3CA |. 8D4C10 04 |LEA ECX,DWORD PTR DS:[EAX+EDX+4] 0051A3CE |. 8B55 F4 |MOV EDX,DWORD PTR SS:[EBP-C] 0051A3D1 |. 83BC91 E00000>|CMP DWORD PTR DS:[ECX+EDX*4+E0],-1 0051A3D9 |. 0F84 71010000 |JE GameServ.0051A550 0051A3DF |. 8B45 08 |MOV EAX,DWORD PTR SS:[EBP+8] 0051A3E2 |. 69C0 FC010000 |IMUL EAX,EAX,1FC 0051A3E8 |. 8B4D FC |MOV ECX,DWORD PTR SS:[EBP-4] 0051A3EB |. 8D5401 04 |LEA EDX,DWORD PTR DS:[ECX+EAX+4] 0051A3EF |. 8B45 F4 |MOV EAX,DWORD PTR SS:[EBP-C] 0051A3F2 |. 8B8C82 E00000>|MOV ECX,DWORD PTR DS:[EDX+EAX*4+E0] 0051A3F9 |. 894D F0 |MOV DWORD PTR SS:[EBP-10],ECX 0051A3FC |. 8B55 F0 |MOV EDX,DWORD PTR SS:[EBP-10] 0051A3FF |. 6BD2 0C |IMUL EDX,EDX,0C 0051A402 |. 8A82 CE3F7605 |MOV AL,BYTE PTR DS:[EDX+5763FCE] 0051A408 |. 8845 EC |MOV BYTE PTR SS:[EBP-14],AL 0051A40B |. 8B4D F0 |MOV ECX,DWORD PTR SS:[EBP-10] 0051A40E |. 6BC9 0C |IMUL ECX,ECX,0C 0051A411 |. 8A91 D03F7605 |MOV DL,BYTE PTR DS:[ECX+5763FD0] 0051A417 |. 8855 E8 |MOV BYTE PTR SS:[EBP-18],DL 0051A41A |. 8B45 E8 |MOV EAX,DWORD PTR SS:[EBP-18] 0051A41D |. 25 FF000000 |AND EAX,0FF 0051A422 |. 83E8 0B |SUB EAX,0B 0051A425 |. 8845 E4 |MOV BYTE PTR SS:[EBP-1C],AL 0051A428 |. 8B4D E4 |MOV ECX,DWORD PTR SS:[EBP-1C] 0051A42B |. 81E1 FF000000 |AND ECX,0FF 0051A431 |. 3B4D 08 |CMP ECX,DWORD PTR SS:[EBP+8] 0051A434 |. 74 05 |JE SHORT GameServ.0051A43B 0051A436 |.^ E9 70FFFFFF |JMP GameServ.0051A3AB 0051A43B |> 8B55 EC |MOV EDX,DWORD PTR SS:[EBP-14] 0051A43E |. 81E2 FF000000 |AND EDX,0FF 0051A444 |. 83FA 59 |CMP EDX,59 0051A447 |. 74 5C |JE SHORT GameServ.0051A4A5 0051A449 |. 8B45 EC |MOV EAX,DWORD PTR SS:[EBP-14] 0051A44C |. 25 FF000000 |AND EAX,0FF 0051A451 |. 83F8 5F |CMP EAX,5F 0051A454 |. 74 4F |JE SHORT GameServ.0051A4A5 0051A456 |. 8B4D EC |MOV ECX,DWORD PTR SS:[EBP-14] 0051A459 |. 81E1 FF000000 |AND ECX,0FF 0051A45F |. 83F9 70 |CMP ECX,70 0051A462 |. 74 41 |JE SHORT GameServ.0051A4A5 0051A464 |. 8B55 EC |MOV EDX,DWORD PTR SS:[EBP-14] 0051A467 |. 81E2 FF000000 |AND EDX,0FF 0051A46D |. 83FA 76 |CMP EDX,76 0051A470 |. 74 33 |JE SHORT GameServ.0051A4A5 0051A472 |. 8B45 EC |MOV EAX,DWORD PTR SS:[EBP-14] 0051A475 |. 25 FF000000 |AND EAX,0FF 0051A47A |. 83F8 7C |CMP EAX,7C 0051A47D |. 74 26 |JE SHORT GameServ.0051A4A5 0051A47F |. 8B4D EC |MOV ECX,DWORD PTR SS:[EBP-14] 0051A482 |. 81E1 FF000000 |AND ECX,0FF 0051A488 |. 81F9 82000000 |CMP ECX,82 0051A48E |. 74 15 |JE SHORT GameServ.0051A4A5 0051A490 |. 8B55 EC |MOV EDX,DWORD PTR SS:[EBP-14] 0051A493 |. 81E2 FF000000 |AND EDX,0FF 0051A499 |. 81FA 8F000000 |CMP EDX,8F 0051A49F |. 0F85 AB000000 |JNZ GameServ.0051A550 0051A4A5 |> 8B45 E8 |MOV EAX,DWORD PTR SS:[EBP-18] 0051A4A8 |. 25 FF000000 |AND EAX,0FF 0051A4AD |. 50 |PUSH EAX 0051A4AE |. E8 02A2EEFF |CALL GameServ.004046B5 0051A4B3 |. 83C4 04 |ADD ESP,4 0051A4B6 |. 0FBFC8 |MOVSX ECX,AX 0051A4B9 |. 894D F8 |MOV DWORD PTR SS:[EBP-8],ECX 0051A4BC |. 837D F8 00 |CMP DWORD PTR SS:[EBP-8],0 0051A4C0 |. 0F8C 8A000000 |JL GameServ.0051A550 0051A4C6 |. 8B55 F0 |MOV EDX,DWORD PTR SS:[EBP-10] 0051A4C9 |. 52 |PUSH EDX 0051A4CA |. 8B45 F8 |MOV EAX,DWORD PTR SS:[EBP-8] 0051A4CD |. 50 |PUSH EAX 0051A4CE |. E8 2F91EEFF |CALL GameServ.00403602 0051A4D3 |. 83C4 08 |ADD ESP,8 0051A4D6 |. 8B4D EC |MOV ECX,DWORD PTR SS:[EBP-14] 0051A4D9 |. 81E1 FF000000 |AND ECX,0FF 0051A4DF |. 51 |PUSH ECX 0051A4E0 |. 8B55 F8 |MOV EDX,DWORD PTR SS:[EBP-8] 0051A4E3 |. 52 |PUSH EDX 0051A4E4 |. E8 5181EEFF |CALL GameServ.0040263A 0051A4E9 |. 83C4 08 |ADD ESP,8 0051A4EC |. 8B45 F8 |MOV EAX,DWORD PTR SS:[EBP-8] 0051A4EF |. 69C0 8C150000 |IMUL EAX,EAX,158C 0051A4F5 |. 8B4D FC |MOV ECX,DWORD PTR SS:[EBP-4] 0051A4F8 |. 8B91 000E0000 |MOV EDX,DWORD PTR DS:[ECX+E00] 0051A4FE |. 8990 14F1CC03 |MOV DWORD PTR DS:[EAX+3CCF114],EDX 0051A504 |. 8B45 F8 |MOV EAX,DWORD PTR SS:[EBP-8] 0051A507 |. 69C0 8C150000 |IMUL EAX,EAX,158C 0051A50D |. 8A4D E4 |MOV CL,BYTE PTR SS:[EBP-1C] 0051A510 |. 8888 06FCCC03 |MOV BYTE PTR DS:[EAX+3CCFC06],CL 0051A516 |. 8B55 F8 |MOV EDX,DWORD PTR SS:[EBP-8] 0051A519 |. 69D2 8C150000 |IMUL EDX,EDX,158C 0051A51F |. 8B45 FC |MOV EAX,DWORD PTR SS:[EBP-4] 0051A522 |. 66:8B88 F80D0>|MOV CX,WORD PTR DS:[EAX+DF8] 0051A529 |. 66:898A 30F2C>|MOV WORD PTR DS:[EDX+3CCF230],CX 0051A530 |. E8 ED720400 |CALL GameServ._rand ; [_rand 0051A535 |. 25 07000080 |AND EAX,80000007 0051A53A |. 79 05 |JNS SHORT GameServ.0051A541 0051A53C |. 48 |DEC EAX 0051A53D |. 83C8 F8 |OR EAX,FFFFFFF8 0051A540 |. 40 |INC EAX 0051A541 |> 8B55 F8 |MOV EDX,DWORD PTR SS:[EBP-8] 0051A544 |. 69D2 8C150000 |IMUL EDX,EDX,158C 0051A54A |. 8882 10F0CC03 |MOV BYTE PTR DS:[EDX+3CCF010],AL 0051A550 |>^ E9 56FEFFFF \JMP GameServ.0051A3AB 0051A555 |> 5F POP EDI 0051A556 |. 5E POP ESI 0051A557 |. 5B POP EBX 0051A558 |. 8BE5 MOV ESP,EBP 0051A55A |. 5D POP EBP 0051A55B \. C2 0400 RETN 4

您查看的文章来自3wMU奇迹私服网www.3wmu.com，如果您觉得不错的话请推荐给您的朋友！谢谢您的支持，我们会作的更好！

Copyright © 奇迹私服 2006-2007 All Rights Reserved.. <%=beian%>
Template designed by 3wMU. Optimized to 1024x768 to Firefox,Opera and MS-IE7.
本站发布的所有游戏信息,均来源于互联网,与本站立场无关,中文版权归3wMU奇迹私服发布网所有.本站提供发布网,家族网模版制作