本帖最后由 shane007 于 2023-8-26 16:14 编辑
/ ]: E. _3 x, h8 k
$ H6 G) A0 S$ J+ C4 o4 ]我用代理dll的方式,让这个游戏窗口化了。, x8 S3 U3 w5 C2 [. R2 E' O
随后用cheat engine(用其他工具老是出异常,无法正常调试)在内存中检索一句字幕,下内存方位断点。$ P5 _* @' v: s! N' O2 L
在以下地方断下。, K; y' |# B5 g9 t l$ X) O
" m/ ^& C. V* {7 ^2 V, a+ x7 @: x5 v
- CaptainMorgane.exe+96F5 - 83 C0 01 - add eax,019 k# ^* T) P, k' ^* f
- 地址004096F5
4 I+ Q8 B0 y1 T1 Y
- L+ a4 C% S7 ?; w9 u/ q随后,在ida pro中查看伪代码,感觉这是一个字符串长度的check函数,% L. p% ]9 _6 W2 q/ B, S
真正的字幕显示函数需要追到上一层,后续再继续分析
& w7 ?# j. v1 f0 B' [
0 x/ s' H- C; e9 [- ( ?8 X0 _2 d$ {. b! x* F
- void __usercall sub_409670(char a1@<dil>, const char *a2@<esi>); T9 M8 H- W! S; V
- {
. j/ Z- q( e$ z2 U+ d - _DWORD *v2; // eax1 g5 x& W& H8 j$ P' X
- 0 B/ Q4 O2 H* K! D
- if ( !dword_5D9B50 )+ ]" I8 q, ?( q* \5 Q U$ }
- {
4 D6 C9 U& R/ k% c8 b# J - if ( !a2 )5 O1 }% M" z9 r/ W+ G
- goto LABEL_7;7 d1 I; I1 _( U' V0 p
- if ( strlen(a2) >= 0x80 ), q3 S! U6 q- A/ F2 N [& u* ], R
- {
- }: }' k# y! q5 v, A- U7 t - sub_51AEC6("ASSERT\n", a1);
: ?' M! x. j* O9 N - sub_51AEC6("file: %s(%d)\n", (unsigned int)"..\\..\\Source\\Dialogs\\Common\\DialogInterface.cpp");
* {( P% c3 s# }% s3 O0 y6 b& I8 \ - sub_51AEC6("function: %s\n", (unsigned int)"DialogInterface::SetCaptionDisplayed");3 j$ Q! F5 g. i/ c
- sub_51AEC6("condition: %s\n", (unsigned int)"sCaption==NULL || strlen(sCaption)< NB_CHAR_MAX");
; b/ d5 y0 g0 N/ Q. V - }
- w9 I, t+ J4 t* n! Z( u - }
" W: W& z" a9 Q: N0 R - if ( a2 ); K/ N, ?% R& W; X
- {% _: `' e7 Q. _
- strcpy((char *)&unk_5D3370, a2);
5 b4 L0 R7 J. Q9 i - v2 = (_DWORD *)dword_5D3E6C;& W' x( ~3 x9 L2 C9 }
- byte_5D33F0 = 1;- j5 e z a1 X" m7 t2 w: h" w4 i( L
- *(_BYTE *)(dword_5D3E6C + 4) = 1;
" e3 Y0 Z+ t! ]3 u6 l0 S4 B - v2[2] = 0;
8 ? U* R( T! L+ x+ T - v2[4] = 0x100000; @7 f) F, u7 g% R$ q
- v2[3] = 0;
8 z+ H+ i. N/ Z2 E0 I' _: E' R - v2[5] = 786432;# k- w. c$ x: N& }
- return;
5 Y/ Y! ^3 r) P3 M. v& q9 P4 g - }
; K+ O/ A, W* c! f# Y, ?2 U - LABEL_7:) ?$ l! f3 N. C7 f, D) `; Z' S# M
- byte_5D33F0 = 0;1 |$ ]6 R+ R% e( V' h& T5 V6 V
- }
- .text:004096EB ; ---------------------------------------------------------------------------
5 C0 @1 ~2 D* w5 R! P- v* Q - .text:004096ED align 10h) N7 X, X$ P5 A% \2 A* Z5 M
- .text:004096F0
; M6 U" U$ }9 u3 w& q2 K5 [ - .text:004096F0 loc_4096F0: ; CODE XREF: sub_409670+7B↑j" _8 M/ Y( a$ I+ u) R4 d' T2 {
- .text:004096F0 ; sub_409670+8A↓j3 R$ @1 ^2 f" {
- .text:004096F0 mov cl, [eax]! [8 ^7 s1 {9 c9 R N# X
- .text:004096F2 mov [edx+eax], cl' ^' Q) z/ P5 G' f( \$ P2 Z0 y3 U
- .text:004096F5 add eax, 1, [4 F3 j7 I/ P; r( H
- .text:004096F8 test cl, cl
0 t5 J2 ]. C& @% a; O% Q9 ?$ U$ ? - .text:004096FA jnz short loc_4096F00 r$ p& f* {( C
- .text:004096FC mov eax, dword_5D3E6C
/ V7 E$ B# P5 d$ r% g - .text:00409701 mov byte_5D33F0, 1
- p4 Y$ {; a+ z( |6 ~- A - .text:00409708 mov byte ptr [eax+4], 1
6 u) O( i% {: b" [ O - .text:0040970C mov dword ptr [eax+8], 0
" ?, y+ t4 h% e* k - .text:00409713 mov dword ptr [eax+10h], 100000h
3 o* X$ [7 J" ] - .text:0040971A mov dword ptr [eax+0Ch], 0$ Y/ V* C6 |9 L9 [1 l# y) I
- .text:00409721 mov dword ptr [eax+14h], 0C0000h3 p: K7 h6 I: W8 v" t
- .text:00409728 retn
8 ~! x2 [/ D/ @% F( e9 P x - .text:00409729 ; ---------------------------------------------------------------------------
9 q- v: t V# T |
发表于 2023-8-26 16:09
![【1115号】双子思维5:致命戏法ChinaAVG汉化版[1.35G]](data/attachment/forum/202409/13/185355ool5hoogw798k9z5.jpg)
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
