能力值:
( LV2,RANK:10 )
|
-
-
2 楼
00406CD9 激活 来源跳转 0040108D
00406E16 未激活 来源跳转 0040108D
0040108D 代码如下:
0040108D /$ 55 push ebp
0040108E |. 8BEC mov ebp,esp
00401090 |. 8BC1 mov eax,ecx
00401092 |. 40 inc eax ; kernel32.BaseThreadInitThunk
00401093 |. C1E0 02 shl eax,0x2
00401096 |. 2BE0 sub esp,eax ; kernel32.BaseThreadInitThunk
00401098 |. 8D3C24 lea edi,dword ptr ss:[esp]
0040109B |. 51 push ecx
0040109C |. C745 FC 01000>mov [local.1],0x1
004010A3 |. 8D75 08 lea esi,[arg.1]
004010A6 |> 8B1E /mov ebx,dword ptr ds:[esi]
004010A8 |. 83C6 04 |add esi,0x4
004010AB |. 51 |push ecx
004010AC |. E8 71FFFFFF |call xxzs3_5.00401022
004010B1 |. 59 |pop ecx ; kernel32.75AFED6C
004010B2 |. 0145 FC |add [local.1],eax ; kernel32.BaseThreadInitThunk
004010B5 |. 8907 |mov dword ptr ds:[edi],eax ; kernel32.BaseThreadInitThunk
004010B7 |. 83C7 04 |add edi,0x4
004010BA |. 49 |dec ecx
004010BB ^ 75 E9 jnz short xxzs3_5.004010A6
004010BD |. FF75 FC push [local.1]
004010C0 |. E8 C3080300 call xxzs3_5.00431988
004010C5 |. 83C4 04 add esp,0x4
004010C8 |. 8BF8 mov edi,eax ; kernel32.BaseThreadInitThunk
004010CA |. 58 pop eax ; kernel32.75AFED6C
004010CB |. 8D1C24 lea ebx,dword ptr ss:[esp]
004010CE |. 57 push edi
004010CF |. 8D55 08 lea edx,[arg.1]
004010D2 |> 8B0B mov ecx,dword ptr ds:[ebx]
004010D4 |. 83C3 04 add ebx,0x4
004010D7 |. 8B32 mov esi,dword ptr ds:[edx]
004010D9 |. 83C2 04 add edx,0x4
004010DC |. F3:A4 rep movs byte ptr es:[edi],byte ptr ds:[>
004010DE |. 48 dec eax ; kernel32.BaseThreadInitThunk
004010DF |.^ 75 F1 jnz short xxzs3_5.004010D2
004010E1 |. C607 00 mov byte ptr ds:[edi],0x0
004010E4 |. 58 pop eax ; kernel32.75AFED6C
004010E5 |. 8BE5 mov esp,ebp
004010E7 |. 5D pop ebp ; kernel32.75AFED6C
004010E8 \. C3 retn
代码中看到2个call
|
能力值:
( LV2,RANK:10 )
|
-
-
3 楼
我觉得是第一个call里面,第二个前面有一个比较,第一个前面有一个赋值ds
|
