本帖最后由 shane007 于 2023-8-26 16:14 编辑
( L% a( U& T1 T' T
5 H, p9 ?+ R* S我用代理dll的方式,让这个游戏窗口化了。
! ^" S6 Y# X6 {' R# r随后用cheat engine(用其他工具老是出异常,无法正常调试)在内存中检索一句字幕,下内存方位断点。
3 K7 H$ {* j" L, M/ @+ `: M/ \+ ?在以下地方断下。8 s9 F! `- H3 D2 N6 F5 i2 ]
2 j7 L8 t `2 ]2 p- CaptainMorgane.exe+96F5 - 83 C0 01 - add eax,01
0 g1 _$ V0 h p, d& v3 e - 地址004096F5
3 b/ l" l% ~! Z7 k0 b) E
: j7 g+ |# A; h9 m9 ~, S: `随后,在ida pro中查看伪代码,感觉这是一个字符串长度的check函数,
f, M4 w+ X9 k# ^/ @. C G5 I真正的字幕显示函数需要追到上一层,后续再继续分析
4 G2 t# g, S* D
" Y' o/ U# U2 `2 A, o! k- , c* K6 j, b! ~4 d- z$ J* F
- void __usercall sub_409670(char a1@<dil>, const char *a2@<esi>)
4 e- {' T) h6 M7 v5 A% q8 S I% x - {$ T6 q7 _% V, f0 |- [, H5 I
- _DWORD *v2; // eax
- I4 n8 K( P- C2 U4 i
0 Q8 N3 |% `# E' _$ r, e( _- if ( !dword_5D9B50 )
( a( p0 l: M2 U5 D9 N9 z - {- O6 r- I0 C* Q$ X: _* j* d4 R7 Y0 j
- if ( !a2 )4 L/ g# C- o/ G8 S/ [4 c5 ]
- goto LABEL_7;
' M2 d6 E; d& S" L. F" }- T - if ( strlen(a2) >= 0x80 )# _4 H7 }9 g" M+ d( @% K* v
- {. Z% z( b4 q0 D+ V9 f' t
- sub_51AEC6("ASSERT\n", a1);/ k' ?0 `. n) [+ `
- sub_51AEC6("file: %s(%d)\n", (unsigned int)"..\\..\\Source\\Dialogs\\Common\\DialogInterface.cpp");
5 k/ n5 x" U3 _/ T$ c* p0 s - sub_51AEC6("function: %s\n", (unsigned int)"DialogInterface::SetCaptionDisplayed");
- I4 z W# W. y) c0 E - sub_51AEC6("condition: %s\n", (unsigned int)"sCaption==NULL || strlen(sCaption)< NB_CHAR_MAX");: }2 m- [7 F5 S: O$ j: C7 X0 u
- }; w5 j! Z; S' O* n! h9 q6 g7 p
- }
* ~$ n! n- f+ h$ @1 w - if ( a2 )
7 D! o6 Z7 A p( Z3 I9 f - {
- Y1 G; [ w) U( a8 o# k - strcpy((char *)&unk_5D3370, a2);
1 h% x$ ?: r% M- y; J- W- s. [ - v2 = (_DWORD *)dword_5D3E6C;4 Y' c: Y' H7 b2 k6 [1 O
- byte_5D33F0 = 1;0 s, a: ]" ~+ D9 D. O8 h3 E
- *(_BYTE *)(dword_5D3E6C + 4) = 1;
. V. G+ u0 @% j# W# m6 ?8 X' T* T - v2[2] = 0;. K \- x0 O: M1 H) U# }+ I/ ]
- v2[4] = 0x100000;
( k" g, A/ D9 H& E' x' F - v2[3] = 0;
4 h# A, N# y% E+ S - v2[5] = 786432;
. D# }- `; }7 E1 F( y - return;4 ~2 S; A- o6 T) Y, ~
- }1 L q- m% W( b3 t. h/ H
- LABEL_7:; R- V j+ }- e1 k; h, s
- byte_5D33F0 = 0;$ s9 U0 [* q' h. }& K
- }
- .text:004096EB ; ---------------------------------------------------------------------------
" R. d6 q) X* @* Q( m N+ T - .text:004096ED align 10h# b" O2 ^1 B) K% N! ?- d
- .text:004096F0
# L, L1 G# a( _% \% u9 @4 L7 Q - .text:004096F0 loc_4096F0: ; CODE XREF: sub_409670+7B↑j
# n S+ h# x4 ~5 y3 `$ `. I: D4 H - .text:004096F0 ; sub_409670+8A↓j) i9 l5 ]4 d9 p5 {6 g* F6 F% ]
- .text:004096F0 mov cl, [eax]
) D% A0 Y9 ~/ b& F/ j4 N! T - .text:004096F2 mov [edx+eax], cl
3 H! n N- D; Z1 I' p - .text:004096F5 add eax, 1
9 E9 t/ d5 r0 W6 P0 I1 ?5 { - .text:004096F8 test cl, cl; V3 n5 N9 w! Q, x( p
- .text:004096FA jnz short loc_4096F0- x2 ~. y8 z0 }) I7 ]( ~
- .text:004096FC mov eax, dword_5D3E6C
' y$ G- ]; D+ ~+ x( j: Z - .text:00409701 mov byte_5D33F0, 1) X9 h, D' d+ U) [& u
- .text:00409708 mov byte ptr [eax+4], 1, P! @" \" X& r% H' l1 X! h# n
- .text:0040970C mov dword ptr [eax+8], 0
- p- c2 H/ u9 A - .text:00409713 mov dword ptr [eax+10h], 100000h5 u" {5 A b+ ~7 s* g4 ^: C
- .text:0040971A mov dword ptr [eax+0Ch], 0
% n/ u! y4 a3 l8 o" a9 C; ]& F - .text:00409721 mov dword ptr [eax+14h], 0C0000h9 N: X* {2 W' [1 a( O& W
- .text:00409728 retn
+ y( W$ K9 R2 k - .text:00409729 ; ---------------------------------------------------------------------------
|
发表于 2023-8-26 16:09
![【1115号】双子思维5:致命戏法ChinaAVG汉化版[1.35G]](data/attachment/forum/202409/13/185355ool5hoogw798k9z5.jpg)
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
