|
[已解决]如何破解CS1.6(counter-strike)不支持中文ID的BUG?,(附上了关键代码分析)
我在服务器一个要传递给客户端ID的内存数据处做了断点 035A5A73 C3 retn 035A5A74 90 nop 035A5A75 90 nop 035A5A76 90 nop 035A5A77 90 nop 035A5A78 90 nop 035A5A79 90 nop 035A5A7A 90 nop 035A5A7B 90 nop 035A5A7C 90 nop 035A5A7D 90 nop 035A5A7E 90 nop 035A5A7F 90 nop 035A5A80 55 push ebp 035A5A81 8BEC mov ebp, esp 035A5A83 8B4D 0C mov ecx, dword ptr [ebp+C] 035A5A86 8B55 08 mov edx, dword ptr [ebp+8] 035A5A89 56 push esi 035A5A8A 8B75 10 mov esi, dword ptr [ebp+10] 035A5A8D 85C9 test ecx, ecx 035A5A8F 57 push edi 035A5A90 74 13 je short 035A5AA5 035A5A92 8A01 mov al, byte ptr [ecx] 035A5A94 84C0 test al, al 035A5A96 74 0D je short 035A5AA5 035A5A98 8BFE mov edi, esi 035A5A9A 4E dec esi 035A5A9B 85FF test edi, edi 035A5A9D 74 06 je short 035A5AA5 035A5A9F 8802 mov byte ptr [edx], al //断在此处 035A5AA1 42 inc edx 035A5AA2 41 inc ecx 035A5AA3 ^ 75 ED jnz short 035A5A92 035A5AA5 5F pop edi 035A5AA6 85F6 test esi, esi 035A5AA8 5E pop esi 035A5AA9 7E 03 jle short 035A5AAE 035A5AAB C602 00 mov byte ptr [edx], 0 035A5AAE 5D pop ebp 035A5AAF C3 retn EAX 00000065 ECX 0012F6B5 ASCII "e\25000\name\unamed" //unamed就是服务器过滤中文后的样子(应该是显示"点通" utf8:E782B9E9809A) EDX 071A60E1 EBX 00000000 ESP 0012EBF8 EBP 0012EC00 ESI 0000007E EDI 0000007F EIP 035A5A9F swds.035A5A9F C 0 ES 0023 32位 0(FFFFFFFF) P 0 CS 001B 32位 0(FFFFFFFF) A 0 SS 0023 32位 0(FFFFFFFF) Z 0 DS 0023 32位 0(FFFFFFFF) S 0 FS 003B 32位 7FFDF000(FFF) T 0 GS 0000 NULL D 0 O 0 LastErr ERROR_SUCCESS (00000000) EFL 00010202 (NO,NB,NE,A,NS,PO,GE,G) ST0 empty 1.0000000000000000000 ST1 empty 0.0 ST2 empty 0.0107647663921568336 ST3 empty -317.25524374842644480 ST4 empty -554.37171864509583360 ST5 empty 90.509668350219724800 ST6 empty 0.0071629683608450368 ST7 empty 0.0 3 2 1 0 E S P U O Z D I FST 4023 Cond 1 0 0 0 Err 0 0 1 0 0 0 1 1 (EQ) FCW 027F Prec NEAR,53 掩码 1 1 1 1 1 1 服务器内存: 071A605B 5C 5F 63 6C 5F 61 75 74 6F 77 65 \_cl_autowe 071A606B 70 73 77 69 74 63 68 5C 30 5C 62 6F 74 74 6F 6D pswitch\0\bottom 071A607B 63 6F 6C 6F 72 5C 30 5C 63 6C 5F 64 6C 6D 61 78 color\0\cl_dlmax 071A608B 5C 31 32 38 5C 63 6C 5F 6C 63 5C 31 5C 63 6C 5F \128\cl_lc\1\cl_ 071A609B 6C 77 5C 31 5C 6D 6F 64 65 6C 5C 61 72 63 74 69 lw\1\model\arcti 071A60AB 63 5C 74 6F 70 63 6F 6C 6F 72 5C 30 5C 5F 76 67 c\topcolor\0\_vg 071A60BB 75 69 5F 6D 65 6E 75 73 5C 30 5C 5F 61 68 5C 30 ui_menus\0\_ah\0 071A60CB 5C 63 6C 5F 75 70 64 61 74 65 72 61 74 65 5C 31 \cl_updaterate\1 071A60DB 30 31 5C 72 61 74 00 00 00 00 00 00 00 00 00 00 01\rat..........//这里下了断点 071A60EB 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 071A60FB 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 071A610B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 071A611B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 071A612B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 071A613B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 071A614B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 071A615B 00 00 00 00 00 00 00 00 00 F0 F7 F3 41 35 36 35 .........瘅驛565 071A616B 63 62 65 31 63 66 64 30 62 35 39 32 62 62 63 36 cbe1cfd0b592bbc6 071A617B 38 36 34 32 62 32 62 65 33 62 38 65 36 00 00 00 8642b2be3b8e6... 071A618B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 071A619B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6E 61 ..............na 071A61AB 6D 65 64 med 注:测试表明内存071A60DB行 也就是内存断点处ASCII "e\25000\name\"后的值(现在是unamed) 与071A619B行中的ASCII值(现在为named)相同则客户端显示这个ASCII值 不同则显示unamed 现在该如何查找程序是在哪里做的过滤呢?谢谢 |
|
[已解决]如何破解CS1.6(counter-strike)不支持中文ID的BUG?,(附上了关键代码分析)
客户端内存0x5629330附近的值将会提交给服务器: Offset 0 1 2 3 4 5 6 7 8 9 A B C D E F 0056292E0 00 00 00 00 5C 5F 63 6C 5F 61 75 74 6F 77 65 70 ....\_cl_autowep 0056292F0 73 77 69 74 63 68 5C 30 5C 62 6F 74 74 6F 6D 63 switch\0\bottomc 005629300 6F 6C 6F 72 5C 30 5C 63 6C 5F 64 6C 6D 61 78 5C olor\0\cl_dlmax\ 005629310 31 32 38 5C 63 6C 5F 6C 63 5C 31 5C 63 6C 5F 6C 128\cl_lc\1\cl_l 005629320 77 5C 31 5C 6D 6F 64 65 6C 5C 61 72 63 74 69 63 w\1\model\arctic 005629330 5C 6E 61 6D 65 5C E7 82 B9 E9 80 9A 5C 74 6F 70 \name\轤ケ騾喀top 005629340 63 6F 6C 6F 72 5C 30 5C 5F 76 67 75 69 5F 6D 65 color\0\_vgui_me 005629350 6E 75 73 5C 30 5C 5F 61 68 5C 30 5C 63 6C 5F 75 nus\0\_ah\0\cl_u 005629360 70 64 61 74 65 72 61 74 65 5C 31 30 31 5C 72 61 pdaterate\101\ra 005629370 74 65 5C 32 35 30 30 30 00 00 00 00 00 00 00 00 te\25000........ 这里\name\后面 是我用winhex编译ram后的样子 即"点通",修改为中文后,提交服务器则显示unamed,如果\name\后是英文或数字符号等 则显示正常 |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值