本帖最后由 shane007 于 2023-8-26 16:14 编辑
( G8 ]7 S a! z! D+ J8 i3 J
8 w5 D1 B: E& G0 [我用代理dll的方式,让这个游戏窗口化了。) R7 k, ?' E% z3 u6 ]8 ?( v
随后用cheat engine(用其他工具老是出异常,无法正常调试)在内存中检索一句字幕,下内存方位断点。- R7 F* W$ R+ r3 Z
在以下地方断下。4 N7 y% y) B. L) p7 F
" X7 R8 z/ L2 {4 G- CaptainMorgane.exe+96F5 - 83 C0 01 - add eax,01
0 r. h- W& ?5 ^# w: }; c - 地址004096F5
* U: C' {5 w6 ` a* Q5 J. {# k# h, |/ ^& K M9 h
随后,在ida pro中查看伪代码,感觉这是一个字符串长度的check函数,1 W/ t4 O( |: `* j$ e
真正的字幕显示函数需要追到上一层,后续再继续分析# \$ _% s5 B; a; ]4 j* \: W
" f' J2 J o7 p M, Y2 w3 N8 y4 }
- % y6 V. U" i! h& m! Y
- void __usercall sub_409670(char a1@<dil>, const char *a2@<esi>)
: Y+ }8 g8 l2 ]& B$ s, I: U - {
9 q& Q6 H% n# B9 s - _DWORD *v2; // eax& T7 H% {& Q% ^3 \0 F: i7 G }* f
- / y5 C* E' L0 D a1 K7 j$ p
- if ( !dword_5D9B50 )
+ s4 ~& |: C: }8 Z - {- c6 j3 j) b5 {5 k
- if ( !a2 )$ [5 V, Y+ Z o; O
- goto LABEL_7;7 M; I6 h* z+ t$ q* b' ]$ @
- if ( strlen(a2) >= 0x80 )
% j+ ?: \, N( E - {
" i- T( Q8 ]( U3 q - sub_51AEC6("ASSERT\n", a1);
1 D+ N8 O V, a - sub_51AEC6("file: %s(%d)\n", (unsigned int)"..\\..\\Source\\Dialogs\\Common\\DialogInterface.cpp");5 y2 |8 H) d/ M/ b7 ]& }
- sub_51AEC6("function: %s\n", (unsigned int)"DialogInterface::SetCaptionDisplayed");
2 f+ q, i5 i6 A1 o4 C k+ b9 { - sub_51AEC6("condition: %s\n", (unsigned int)"sCaption==NULL || strlen(sCaption)< NB_CHAR_MAX");
1 r: g+ q, l/ j4 i Q$ Y - }
& f9 P' e( M' I: m* y3 }' O - }
+ e; S, {( y7 @ w- @& t - if ( a2 )
+ ^, d5 E! N( d# c4 w - {
4 A. {* s& ?3 e - strcpy((char *)&unk_5D3370, a2);
4 B2 S4 W* b, L: r4 O5 B - v2 = (_DWORD *)dword_5D3E6C;
( F6 @5 S$ @. _ - byte_5D33F0 = 1;
# f: M' w4 e6 g% W( e5 R1 j- i - *(_BYTE *)(dword_5D3E6C + 4) = 1;
: ^" A3 Q) K8 N4 Y6 U - v2[2] = 0;
% y5 a/ J3 N2 j% D: E! b( Z8 s - v2[4] = 0x100000;
: t+ v; E5 Y( R, o. D$ _+ Y - v2[3] = 0;
3 P6 S- C2 K$ |- {% H - v2[5] = 786432;
# Y" }: K1 }7 T* V - return;9 J( I0 z( e4 f D' f6 Y5 l
- }: Q: k% X! t* R
- LABEL_7:
9 c( U* k6 Q. n! [ - byte_5D33F0 = 0;
9 D! Y V& j* t1 U7 \ - }
- .text:004096EB ; ---------------------------------------------------------------------------
( M5 D- u+ R4 ?; } - .text:004096ED align 10h: w7 A/ N+ `5 n& y9 f s
- .text:004096F0
- D. d. g* u. D7 \2 _/ o: k+ P) ? - .text:004096F0 loc_4096F0: ; CODE XREF: sub_409670+7B↑j
! k' {& G* z" U- B - .text:004096F0 ; sub_409670+8A↓j
' S( _, J3 J3 w - .text:004096F0 mov cl, [eax]4 x0 W& F/ }. B' l' b/ A
- .text:004096F2 mov [edx+eax], cl/ u! e5 o; F* G1 k' J
- .text:004096F5 add eax, 1
, v/ ]9 g/ _1 b0 P- \1 Q - .text:004096F8 test cl, cl& p2 v. K: k- |3 P* F& y& A
- .text:004096FA jnz short loc_4096F08 g9 I( S6 C- _, f- A
- .text:004096FC mov eax, dword_5D3E6C
. ^. n" p C, O; R2 e# [) a2 Z - .text:00409701 mov byte_5D33F0, 1- V, r' J6 } Q( C5 M/ Z- D+ L
- .text:00409708 mov byte ptr [eax+4], 1
* v: `- d! C) v/ v* w( W7 o - .text:0040970C mov dword ptr [eax+8], 0
$ {: _" {/ C; ^4 a/ X5 `, I - .text:00409713 mov dword ptr [eax+10h], 100000h" ]( S! D3 W, v4 |, L% S; t( N
- .text:0040971A mov dword ptr [eax+0Ch], 0% }8 {9 r. O, m0 j$ Y6 N% y
- .text:00409721 mov dword ptr [eax+14h], 0C0000h; t) p r. U/ h0 R( g2 ~
- .text:00409728 retn: r5 ~) j6 Q! u% @
- .text:00409729 ; ---------------------------------------------------------------------------
|
发表于 2023-8-26 16:09
![【1081号】泪石2:偷心贼ChinaAVG汉化版[477MB]](data/attachment/forum/202404/14/210744pia2ql9ztvobw2l6.jpg)
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
