-
-
[旧帖] [求助]获取游戏directinput信息 0.00雪花
-
发表于: 2010-12-25 23:09 1494
-
6F41CC8E > 8BFF mov edi, edi 6F41CC90 55 push ebp 6F41CC91 8BEC mov ebp, esp 6F41CC93 81EC 30030000 sub esp, 330 6F41CC99 A1 B810436F mov eax, dword ptr [6F4310B8] 6F41CC9E 33C5 xor eax, ebp 6F41CCA0 8945 FC mov dword ptr [ebp-4], eax 6F41CCA3 8B45 08 mov eax, dword ptr [ebp+8] 6F41CCA6 53 push ebx 6F41CCA7 8B5D 10 mov ebx, dword ptr [ebp+10] 6F41CCAA 8985 DCFCFFFF mov dword ptr [ebp-324], eax 6F41CCB0 8B45 14 mov eax, dword ptr [ebp+14] 6F41CCB3 56 push esi 6F41CCB4 8985 E4FCFFFF mov dword ptr [ebp-31C], eax 6F41CCBA 8B45 18 mov eax, dword ptr [ebp+18] 6F41CCBD 57 push edi 6F41CCBE 8985 D8FCFFFF mov dword ptr [ebp-328], eax 6F41CCC4 C785 E8FCFFFF 0>mov dword ptr [ebp-318], 80004002 6F41CCCE E8 F8FAFFFF call 6F41C7CB 6F41CCD3 68 48CE416F push 6F41CE48 6F41CCD8 8D45 94 lea eax, dword ptr [ebp-6C] 6F41CCDB 50 push eax 6F41CCDC E8 67E70000 call 6F42B448 6F41CCE1 8D45 AC lea eax, dword ptr [ebp-54] 6F41CCE4 50 push eax 6F41CCE5 68 0C15416F push 6F41150C ; UNICODE "CLSID\%s\InProcServer32" 6F41CCEA 8D85 F4FEFFFF lea eax, dword ptr [ebp-10C] 6F41CCF0 68 9E000000 push 9E 6F41CCF5 50 push eax 6F41CCF6 E8 D062FFFF call 6F412FCB 6F41CCFB 83C4 10 add esp, 10 6F41CCFE 8D85 E0FCFFFF lea eax, dword ptr [ebp-320] 6F41CD04 50 push eax 6F41CD05 6A 01 push 1 6F41CD07 6A 00 push 0 6F41CD09 8D85 F4FEFFFF lea eax, dword ptr [ebp-10C] 6F41CD0F 50 push eax 6F41CD10 68 00000080 push 80000000 6F41CD15 FF15 E411416F call dword ptr [<&ADVAPI32.RegOpenKeyExW>] ; ADVAPI32.RegOpenKeyExW 6F41CD1B 85C0 test eax, eax 6F41CD1D 0F85 D8000000 jnz 6F41CDFB 6F41CD23 8D85 D4FCFFFF lea eax, dword ptr [ebp-32C] 6F41CD29 50 push eax 6F41CD2A 8D85 ECFCFFFF lea eax, dword ptr [ebp-314] 6F41CD30 50 push eax 6F41CD31 6A 00 push 0 6F41CD33 FFB5 E0FCFFFF push dword ptr [ebp-320] 6F41CD39 C785 D4FCFFFF 0>mov dword ptr [ebp-32C], 208 6F41CD43 FF15 CC11416F call dword ptr [<&ADVAPI32.RegQueryValueW>] ; ADVAPI32.RegQueryValueW 6F41CD49 85C0 test eax, eax 6F41CD4B 0F85 92000000 jnz 6F41CDE3 6F41CD51 8B35 8C10416F mov esi, dword ptr [<&KERNEL32.lstrlenW>] ; kernel32.lstrlenW 6F41CD57 BF 6CCE416F mov edi, 6F41CE6C ; UNICODE "dinput8d.dll" 6F41CD5C 57 push edi 6F41CD5D FFD6 call esi 6F41CD5F 8D8D ECFCFFFF lea ecx, dword ptr [ebp-314] 6F41CD65 51 push ecx 6F41CD66 8985 D0FCFFFF mov dword ptr [ebp-330], eax 6F41CD6C FFD6 call esi 6F41CD6E 8B8D D0FCFFFF mov ecx, dword ptr [ebp-330] 6F41CD74 2BC1 sub eax, ecx 6F41CD76 8985 D4FCFFFF mov dword ptr [ebp-32C], eax 6F41CD7C 78 65 js short 6F41CDE3 6F41CD7E 8D8445 ECFCFFFF lea eax, dword ptr [ebp+eax*2-314] 6F41CD85 50 push eax 6F41CD86 57 push edi 6F41CD87 FF15 D010416F call dword ptr [<&KERNEL32.lstrcmpiW>] ; kernel32.lstrcmpiW 6F41CD8D 85C0 test eax, eax 6F41CD8F 75 52 jnz short 6F41CDE3 6F41CD91 8D85 ECFCFFFF lea eax, dword ptr [ebp-314] 6F41CD97 50 push eax 6F41CD98 FF15 CC10416F call dword ptr [<&KERNEL32.LoadLibraryW>] ; kernel32.LoadLibraryW 6F41CD9E A3 98C0436F mov dword ptr [6F43C098], eax 6F41CDA3 85C0 test eax, eax 6F41CDA5 74 3C je short 6F41CDE3 6F41CDA7 68 58CE416F push 6F41CE58 ; ASCII "DirectInput8Create" 6F41CDAC 50 push eax 6F41CDAD FF15 FC10416F call dword ptr [<&KERNEL32.GetProcAddress>] ; kernel32.GetProcAddress 6F41CDB3 85C0 test eax, eax 6F41CDB5 74 2C je short 6F41CDE3 6F41CDB7 8B0D 98C0436F mov ecx, dword ptr [6F43C098] 6F41CDBD 3B0D 2410436F cmp ecx, dword ptr [6F431024] ; DINPUT8.6F410000 6F41CDC3 74 1E je short 6F41CDE3 6F41CDC5 FFB5 D8FCFFFF push dword ptr [ebp-328] 6F41CDCB FFB5 E4FCFFFF push dword ptr [ebp-31C] 6F41CDD1 53 push ebx 6F41CDD2 FF75 0C push dword ptr [ebp+C] 6F41CDD5 FFB5 DCFCFFFF push dword ptr [ebp-324] 6F41CDDB FFD0 call eax 6F41CDDD 8985 E8FCFFFF mov dword ptr [ebp-318], eax 6F41CDE3 FFB5 E0FCFFFF push dword ptr [ebp-320] 6F41CDE9 FF15 E011416F call dword ptr [<&ADVAPI32.RegCloseKey>] ; ADVAPI32.RegCloseKey 6F41CDEF 81BD E8FCFFFF 0>cmp dword ptr [ebp-318], 80004002 6F41CDF9 75 31 jnz short 6F41CE2C 6F41CDFB 6A 04 push 4 6F41CDFD 59 pop ecx 6F41CDFE BF FC13416F mov edi, 6F4113FC 6F41CE03 8BF3 mov esi, ebx 6F41CE05 33C0 xor eax, eax 6F41CE07 F3:A7 repe cmps dword ptr es:[edi], dword ptr [esi] 6F41CE09 74 21 je short 6F41CE2C 6F41CE0B 53 push ebx 6F41CE0C FFB5 D8FCFFFF push dword ptr [ebp-328] 6F41CE12 FFB5 E4FCFFFF push dword ptr [ebp-31C] 6F41CE18 FF75 0C push dword ptr [ebp+C] 6F41CE1B FFB5 DCFCFFFF push dword ptr [ebp-324] 6F41CE21 E8 DDFDFFFF call 6F41CC03 6F41CE26 8985 E8FCFFFF mov dword ptr [ebp-318], eax 6F41CE2C E8 A6F9FFFF call 6F41C7D7 6F41CE31 8B4D FC mov ecx, dword ptr [ebp-4] 6F41CE34 8B85 E8FCFFFF mov eax, dword ptr [ebp-318] 6F41CE3A 5F pop edi 6F41CE3B 5E pop esi 6F41CE3C 33CD xor ecx, ebp 6F41CE3E 5B pop ebx 6F41CE3F E8 2E1E0100 call 6F42EC72 6F41CE44 C9 leave 6F41CE45 C2 1400 retn 14 6F41CE48 E4 09 in al, 9 6F41CE4A E6 25 out 25, al 6F41CE4C 59 pop ecx 6F41CE4D B2 CF mov dl, 0CF 6F41CE4F 11BF C7444553 adc dword ptr [edi+534544C7], edi 6F41CE55 54 push esp 6F41CE56 0000 add byte ptr [eax], al 6F41CE58 44 inc esp 6F41CE59 6972 65 6374496>imul esi, dword ptr [edx+65], 6E497463 6F41CE60 70 75 jo short 6F41CED7 6F41CE62 74 38 je short 6F41CE9C 6F41CE64 43 inc ebx 6F41CE65 72 65 jb short 6F41CECC 6F41CE67 61 popad 6F41CE68 74 65 je short 6F41CECF 6F41CE6A 0090 64006900 add byte ptr [eax+690064], dl 6F41CE70 6E outs dx, byte ptr es:[edi] 6F41CE71 0070 00 add byte ptr [eax], dh 6F41CE74 75 00 jnz short 6F41CE76 6F41CE76 74 00 je short 6F41CE78 6F41CE78 3800 cmp byte ptr [eax], al 6F41CE7A 64:002E add byte ptr fs:[esi], ch 6F41CE7D 006400 6C add byte ptr [eax+eax+6C], ah 6F41CE81 006C00 00 add byte ptr [eax+eax], ch 6F41CE85 008B FF558BEC add byte ptr [ebx+EC8B55FF], cl 6F41CE8B 56 push esi 6F41CE8C 8B75 08 mov esi, dword ptr [ebp+8] 6F41CE8F 8D46 0C lea eax, dword ptr [esi+C] 6F41CE92 50 push eax 6F41CE93 E8 275BFFFF call 6F4129BF 6F41CE98 F646 10 01 test byte ptr [esi+10], 1 6F41CE9C 74 0A je short 6F41CEA8 6F41CE9E 83C6 14 add esi, 14 6F41CEA1 56 push esi 6F41CEA2 FF15 A010416F call dword ptr [<&KERNEL32.DeleteCriticalSecti>; ntdll.RtlDeleteCriticalSection 6F41CEA8 5E pop esi 6F41CEA9 5D pop ebp 6F41CEAA C2 0400 retn 4 6F41CEAD 8BFF mov edi, edi 6F41CEAF 55 push ebp 6F41CEB0 8BEC mov ebp, esp 6F41CEB2 837D 14 00 cmp dword ptr [ebp+14], 0 6F41CEB6 B8 381B416F mov eax, 6F411B38 6F41CEBB 75 03 jnz short 6F41CEC0 6F41CEBD 8B45 18 mov eax, dword ptr [ebp+18] 6F41CEC0 56 push esi 6F41CEC1 57 push edi 6F41CEC2 8B7D 10 mov edi, dword ptr [ebp+10] 6F41CEC5 57 push edi 6F41CEC6 50 push eax 6F41CEC7 FF75 14 push dword ptr [ebp+14] 6F41CECA E8 F97AFFFF call 6F4149C8 6F41CECF 8BF0 mov esi, eax 6F41CED1 85F6 test esi, esi 6F41CED3 7C 29 jl short 6F41CEFE 6F41CED5 837D 14 00 cmp dword ptr [ebp+14], 0 6F41CED9 75 23 jnz short 6F41CEFE 6F41CEDB FF75 0C push dword ptr [ebp+C] 6F41CEDE 8B55 08 mov edx, dword ptr [ebp+8] 6F41CEE1 FF72 08 push dword ptr [edx+8] 6F41CEE4 8B07 mov eax, dword ptr [edi] 6F41CEE6 FF35 2410436F push dword ptr [6F431024] ; DINPUT8.6F410000 6F41CEEC 8B08 mov ecx, dword ptr [eax] 6F41CEEE 50 push eax 6F41CEEF FF51 44 call dword ptr [ecx+44] 6F41CEF2 8BF0 mov esi, eax 6F41CEF4 85F6 test esi, esi 6F41CEF6 7D 06 jge short 6F41CEFE 6F41CEF8 57 push edi 6F41CEF9 E8 C15AFFFF call 6F4129BF 6F41CEFE 5F pop edi 6F41CEFF 8BC6 mov eax, esi 6F41CF01 5E pop esi 6F41CF02 5D pop ebp 6F41CF03 C2 1400 retn 14 6F41CF06 8BFF mov edi, edi 6F41CF08 55 push ebp 6F41CF09 8BEC mov ebp, esp 6F41CF0B 68 6C13436F push 6F43136C 6F41CF10 FF75 08 push dword ptr [ebp+8] 6F41CF13 E8 C55AFFFF call 6F4129DD 6F41CF18 85C0 test eax, eax 6F41CF1A 7C 16 jl short 6F41CF32 6F41CF1C 68 38CF416F push 6F41CF38 6F41CF21 FF75 14 push dword ptr [ebp+14] 6F41CF24 FF75 10 push dword ptr [ebp+10] 6F41CF27 FF75 0C push dword ptr [ebp+C] 6F41CF2A FF75 08 push dword ptr [ebp+8] 6F41CF2D E8 7BFFFFFF call 6F41CEAD 6F41CF32 5D pop ebp 6F41CF33 C2 1000 retn 10 6F41CF36 90 nop 6F41CF37 90 nop 6F41CF38 8110 D45415DC adc dword ptr [eax], DC1554D4 6F41CF3E 3348 A4 xor ecx, dword ptr [eax-5C] 6F41CF41 1B748F 73 sbb esi, dword ptr [edi+ecx*4+73] 6F41CF45 A3 81798BFF mov dword ptr [FF8B7981], eax 6F41CF4A 55 push ebp 6F41CF4B 8BEC mov ebp, esp 6F41CF4D 56 push esi 6F41CF4E 8B75 08 mov esi, dword ptr [ebp+8] 6F41CF51 68 D812436F push 6F4312D8 6F41CF56 56 push esi 6F41CF57 E8 815AFFFF call 6F4129DD 6F41CF5C 85C0 test eax, eax 6F41CF5E 7C 17 jl short 6F41CF77 6F41CF60 68 7CCF416F push 6F41CF7C 6F41CF65 FF75 14 push dword ptr [ebp+14] 6F41CF68 83C6 FC add esi, -4 6F41CF6B FF75 10 push dword ptr [ebp+10] 6F41CF6E FF75 0C push dword ptr [ebp+C] 6F41CF71 56 push esi 6F41CF72 E8 36FFFFFF call 6F41CEAD 6F41CF77 5E pop esi 6F41CF78 5D pop ebp 6F41CF79 C2 1000 retn 10 6F41CF7C 8010 D4 adc byte ptr [eax], 0D4 6F41CF7F 54 push esp 6F41CF80 15 DC3348A4 adc eax, A44833DC 6F41CF85 1B748F 73 sbb esi, dword ptr [edi+ecx*4+73] 6F41CF89 A3 81798BFF mov dword ptr [FF8B7981], eax 6F41CF8E 55 push ebp 6F41CF8F 8BEC mov ebp, esp 6F41CF91 81EC 58040000 sub esp, 458 6F41CF97 A1 B810436F mov eax, dword ptr [6F4310B8] 6F41CF9C 33C5 xor eax, ebp 6F41CF9E 8945 FC mov dword ptr [ebp-4], eax 6F41CFA1 8B45 14 mov eax, dword ptr [ebp+14] 6F41CFA4 56 push esi 6F41CFA5 8B75 08 mov esi, dword ptr [ebp+8] 6F41CFA8 57 push edi 6F41CFA9 8B7D 10 mov edi, dword ptr [ebp+10] 6F41CFAC 68 6C13436F push 6F43136C 6F41CFB1 56 push esi 6F41CFB2 8985 A8FBFFFF mov dword ptr [ebp-458], eax 6F41CFB8 E8 205AFFFF call 6F4129DD 6F41CFBD 85C0 test eax, eax 6F41CFBF 0F8C BA000000 jl 6F41D07F 6F41CFC5 57 push edi 6F41CFC6 E8 11F60000 call 6F42C5DC 6F41CFCB 85C0 test eax, eax 6F41CFCD 0F8C AC000000 jl 6F41D07F 6F41CFD3 53 push ebx 6F41CFD4 8B5D 0C mov ebx, dword ptr [ebp+C] 6F41CFD7 80FB 05 cmp bl, 5 6F41CFDA 72 11 jb short 6F41CFED 6F41CFDC 80FB 11 cmp bl, 11 6F41CFDF 72 05 jb short 6F41CFE6 6F41CFE1 80FB 1D cmp bl, 1D 6F41CFE4 72 07 jb short 6F41CFED 6F41CFE6 B8 57000780 mov eax, 80070057 6F41CFEB EB 10 jmp short 6F41CFFD 6F41CFED 8BC3 mov eax, ebx 6F41CFEF 25 00FFFEFF and eax, FFFEFF00 6F41CFF4 F7D8 neg eax 6F41CFF6 1BC0 sbb eax, eax 6F41CFF8 25 57000780 and eax, 80070057 6F41CFFD 85C0 test eax, eax 6F41CFFF 7C 7D jl short 6F41D07E 6F41D001 68 01010700 push 70101 6F41D006 FF75 18 push dword ptr [ebp+18] 6F41D009 E8 B4F50000 call 6F42C5C2 6F41D00E 85C0 test eax, eax 6F41D010 7C 6C jl short 6F41D07E 6F41D012 FF76 08 push dword ptr [esi+8] 6F41D015 FF35 2410436F push dword ptr [6F431024] ; DINPUT8.6F410000 6F41D01B E8 CEDC0000 call 6F42ACEE 6F41D020 85C0 test eax, eax 6F41D022 7C 5A jl short 6F41D07E 6F41D024 8D85 ACFBFFFF lea eax, dword ptr [ebp-454] 6F41D02A 50 push eax 6F41D02B FF76 08 push dword ptr [esi+8] 6F41D02E FF75 18 push dword ptr [ebp+18] 6F41D031 53 push ebx 6F41D032 56 push esi 6F41D033 E8 DA340000 call 6F420512 6F41D038 85C0 test eax, eax 6F41D03A 7C 42 jl short 6F41D07E 6F41D03C C785 B0FBFFFF 4>mov dword ptr [ebp-450], 44C 6F41D046 EB 13 jmp short 6F41D05B 6F41D048 FFB5 A8FBFFFF push dword ptr [ebp-458] 6F41D04E 8D85 B0FBFFFF lea eax, dword ptr [ebp-450] 6F41D054 50 push eax 6F41D055 FFD7 call edi 6F41D057 85C0 test eax, eax 6F41D059 74 16 je short 6F41D071 6F41D05B 8D85 B0FBFFFF lea eax, dword ptr [ebp-450] 6F41D061 50 push eax 6F41D062 FFB5 ACFBFFFF push dword ptr [ebp-454] 6F41D068 E8 36330000 call 6F4203A3 6F41D06D 85C0 test eax, eax 6F41D06F ^ 74 D7 je short 6F41D048 6F41D071 FFB5 ACFBFFFF push dword ptr [ebp-454] 6F41D077 E8 F2320000 call 6F42036E 6F41D07C 33C0 xor eax, eax 6F41D07E 5B pop ebx 6F41D07F 8B4D FC mov ecx, dword ptr [ebp-4] 6F41D082 5F pop edi 6F41D083 33CD xor ecx, ebp 6F41D085 5E pop esi 6F41D086 E8 E71B0100 call 6F42EC72 6F41D08B C9 leave 6F41D08C C2 1400 retn 14 6F41D08F 8BFF mov edi, edi 6F41D091 55 push ebp 6F41D092 8BEC mov ebp, esp 6F41D094 81EC 48020000 sub esp, 248 6F41D09A A1 B810436F mov eax, dword ptr [6F4310B8] 6F41D09F 33C5 xor eax, ebp 6F41D0A1 8945 FC mov dword ptr [ebp-4], eax 6F41D0A4 8B45 08 mov eax, dword ptr [ebp+8] 6F41D0A7 56 push esi 6F41D0A8 8B75 0C mov esi, dword ptr [ebp+C] 6F41D0AB 50 push eax 6F41D0AC 8D85 B8FDFFFF lea eax, dword ptr [ebp-248] 6F41D0B2 50 push eax 6F41D0B3 C785 B8FDFFFF 4>mov dword ptr [ebp-248], 244 6F41D0BD E8 0D6DFFFF call 6F413DCF 6F41D0C2 FF76 04 push dword ptr [esi+4] 6F41D0C5 8D85 B8FDFFFF lea eax, dword ptr [ebp-248] 6F41D0CB 50 push eax 6F41D0CC FF16 call dword ptr [esi] 6F41D0CE 8B4D FC mov ecx, dword ptr [ebp-4] 6F41D0D1 33CD xor ecx, ebp 6F41D0D3 5E pop esi 6F41D0D4 E8 991B0100 call 6F42EC72 6F41D0D9 C9 leave 6F41D0DA C2 0800 retn 8 6F41D0DD 8BFF mov edi, edi 6F41D0DF 55 push ebp 6F41D0E0 8BEC mov ebp, esp 6F41D0E2 51 push ecx 6F41D0E3 51 push ecx 6F41D0E4 57 push edi 6F41D0E5 8B7D 08 mov edi, dword ptr [ebp+8] 6F41D0E8 68 D812436F push 6F4312D8 6F41D0ED 57 push edi 6F41D0EE E8 EA58FFFF call 6F4129DD 6F41D0F3 85C0 test eax, eax 6F41D0F5 7C 30 jl short 6F41D127 6F41D0F7 56 push esi 6F41D0F8 8B75 10 mov esi, dword ptr [ebp+10] 6F41D0FB 56 push esi 6F41D0FC E8 DBF40000 call 6F42C5DC 6F41D101 85C0 test eax, eax 6F41D103 7C 21 jl short 6F41D126 6F41D105 FF75 18 push dword ptr [ebp+18] 6F41D108 8B45 14 mov eax, dword ptr [ebp+14] 6F41D10B 8945 FC mov dword ptr [ebp-4], eax 6F41D10E 8D45 F8 lea eax, dword ptr [ebp-8] 6F41D111 50 push eax 6F41D112 68 8FD0416F push 6F41D08F 6F41D117 FF75 0C push dword ptr [ebp+C] 6F41D11A 83C7 FC add edi, -4 6F41D11D 57 push edi 6F41D11E 8975 F8 mov dword ptr [ebp-8], esi 6F41D121 E8 66FEFFFF call 6F41CF8C 6F41D126 5E pop esi 6F41D127 5F pop edi 6F41D128 C9 leave 6F41D129 C2 1400 retn 14 6F41D12C 8BFF mov edi, edi 6F41D12E 55 push ebp 6F41D12F 8BEC mov ebp, esp 6F41D131 56 push esi 6F41D132 8B75 08 mov esi, dword ptr [ebp+8] 6F41D135 68 6C13436F push 6F43136C 6F41D13A 56 push esi 6F41D13B E8 9D58FFFF call 6F4129DD 6F41D140 85C0 test eax, eax 6F41D142 7C 1A jl short 6F41D15E 6F41D144 8B06 mov eax, dword ptr [esi] 6F41D146 2B70 FC sub esi, dword ptr [eax-4] 6F41D149 57 push edi 6F41D14A 8B7D 10 mov edi, dword ptr [ebp+10] 6F41D14D 57 push edi 6F41D14E FF75 0C push dword ptr [ebp+C] 6F41D151 E8 98DB0000 call 6F42ACEE 6F41D156 85C0 test eax, eax 6F41D158 7C 03 jl short 6F41D15D 6F41D15A 897E 08 mov dword ptr [esi+8], edi 6F41D15D 5F pop edi 6F41D15E 5E pop esi 6F41D15F 5D pop ebp 6F41D160 C2 0C00 retn 0C 6F41D163 8BFF mov edi, edi 6F41D165 55 push ebp 6F41D166 8BEC mov ebp, esp 6F41D168 FF75 0C push dword ptr [ebp+C] 6F41D16B FF75 08 push dword ptr [ebp+8] 6F41D16E E8 B7350000 call 6F42072A 6F41D173 85C0 test eax, eax 6F41D175 7D 0D jge short 6F41D184 6F41D177 6A 01 push 1 6F41D179 E8 99430000 call 6F421517 6F41D17E 5D pop ebp 6F41D17F E9 A6350000 jmp 6F42072A 6F41D184 5D pop ebp 6F41D185 C2 0800 retn 8 6F41D188 8BFF mov edi, edi 6F41D18A 55 push ebp 6F41D18B 8BEC mov ebp, esp 6F41D18D 68 6C13436F push 6F43136C 6F41D192 FF75 08 push dword ptr [ebp+8] 6F41D195 E8 4358FFFF call 6F4129DD 6F41D19A 85C0 test eax, eax 6F41D19C 7C 52 jl short 6F41D1F0 6F41D19E 56 push esi 6F41D19F 8B75 0C mov esi, dword ptr [ebp+C] 6F41D1A2 6A 10 push 10 6F41D1A4 56 push esi 6F41D1A5 E8 4AF30000 call 6F42C4F4 6F41D1AA 85C0 test eax, eax 6F41D1AC 7C 41 jl short 6F41D1EF 6F41D1AE 68 04010000 push 104 6F41D1B3 FF75 10 push dword ptr [ebp+10] 6F41D1B6 E8 D6F40000 call 6F42C691 6F41D1BB 85C0 test eax, eax 6F41D1BD 7C 30 jl short 6F41D1EF 6F41D1BF 6A 10 push 10 6F41D1C1 FF75 14 push dword ptr [ebp+14] 6F41D1C4 E8 2BF30000 call 6F42C4F4 6F41D1C9 85C0 test eax, eax 6F41D1CB 7C 22 jl short 6F41D1EF 6F41D1CD 57 push edi 6F41D1CE 6A 04 push 4 6F41D1D0 59 pop ecx 6F41D1D1 BF 0C14416F mov edi, 6F41140C 6F41D1D6 33C0 xor eax, eax 6F41D1D8 F3:A7 repe cmps dword ptr es:[edi], dword ptr [esi] 6F41D1DA 5F pop edi 6F41D1DB 75 0D jnz short 6F41D1EA 6F41D1DD FF75 14 push dword ptr [ebp+14] 6F41D1E0 FF75 10 push dword ptr [ebp+10] 6F41D1E3 E8 7BFFFFFF call 6F41D163 6F41D1E8 EB 05 jmp short 6F41D1EF 6F41D1EA B8 54010480 mov eax, 80040154 6F41D1EF 5E pop esi 6F41D1F0 5D pop ebp 6F41D1F1 C2 1000 retn 10 6F41D1F4 8BFF mov edi, edi 6F41D1F6 55 push ebp 6F41D1F7 8BEC mov ebp, esp 6F41D1F9 81EC 14020000 sub esp, 214 6F41D1FF A1 B810436F mov eax, dword ptr [6F4310B8] 6F41D204 33C5 xor eax, ebp 6F41D206 8945 FC mov dword ptr [ebp-4], eax 6F41D209 8B45 0C mov eax, dword ptr [ebp+C] 6F41D20C 53 push ebx 6F41D20D 8B5D 10 mov ebx, dword ptr [ebp+10] 6F41D210 57 push edi 6F41D211 8B7D 08 mov edi, dword ptr [ebp+8] 6F41D214 8985 F0FDFFFF mov dword ptr [ebp-210], eax 6F41D21A 8B45 14 mov eax, dword ptr [ebp+14] 6F41D21D 68 D812436F push 6F4312D8 6F41D222 57 push edi 6F41D223 8985 ECFDFFFF mov dword ptr [ebp-214], eax 6F41D229 E8 AF57FFFF call 6F4129DD 6F41D22E 85C0 test eax, eax 6F41D230 7C 43 jl short 6F41D275 6F41D232 56 push esi 6F41D233 BE 04010000 mov esi, 104 6F41D238 56 push esi 6F41D239 53 push ebx 6F41D23A E8 1BF40000 call 6F42C65A 6F41D23F 85C0 test eax, eax 6F41D241 7C 31 jl short 6F41D274 6F41D243 56 push esi 6F41D244 8D85 F4FDFFFF lea eax, dword ptr [ebp-20C] 6F41D24A 50 push eax 6F41D24B 6A FF push -1 6F41D24D 53 push ebx 6F41D24E 6A 00 push 0 6F41D250 6A 00 push 0 6F41D252 FF15 0811416F call dword ptr [<&KERNEL32.MultiByteToWideChar>; kernel32.MultiByteToWideChar 6F41D258 FFB5 ECFDFFFF push dword ptr [ebp-214] 6F41D25E 8D85 F4FDFFFF lea eax, dword ptr [ebp-20C] 6F41D264 50 push eax 6F41D265 FFB5 F0FDFFFF push dword ptr [ebp-210] 6F41D26B 83C7 FC add edi, -4 6F41D26E 57 push edi 6F41D26F E8 14FFFFFF call 6F41D188 6F41D274 5E pop esi 6F41D275 8B4D FC mov ecx, dword ptr [ebp-4] 6F41D278 5F pop edi 6F41D279 33CD xor ecx, ebp 6F41D27B 5B pop ebx 6F41D27C E8 F1190100 call 6F42EC72 6F41D281 C9 leave 6F41D282 C2 1000 retn 10 6F41D285 8BFF mov edi, edi 6F41D287 55 push ebp 6F41D288 8BEC mov ebp, esp 6F41D28A 81EC 0C020000 sub esp, 20C 6F41D290 A1 B810436F mov eax, dword ptr [6F4310B8] 6F41D295 33C5 xor eax, ebp 6F41D297 8945 FC mov dword ptr [ebp-4], eax 6F41D29A 8B45 08 mov eax, dword ptr [ebp+8] 6F41D29D 53 push ebx 6F41D29E 56 push esi 6F41D29F 8B75 0C mov esi, dword ptr [ebp+C] 6F41D2A2 8D8D F4FDFFFF lea ecx, dword ptr [ebp-20C] 6F41D2A8 51 push ecx 6F41D2A9 83C0 04 add eax, 4 6F41D2AC 50 push eax 6F41D2AD 33DB xor ebx, ebx 6F41D2AF E8 D4A0FFFF call 6F417388 6F41D2B4 85C0 test eax, eax 6F41D2B6 75 23 jnz short 6F41D2DB 6F41D2B8 FF36 push dword ptr [esi] 6F41D2BA FF15 8C10416F call dword ptr [<&KERNEL32.lstrlenW>] ; kernel32.lstrlenW 6F41D2C0 3D 04010000 cmp eax, 104 6F41D2C5 73 14 jnb short 6F41D2DB 6F41D2C7 8B36 mov esi, dword ptr [esi] 6F41D2C9 57 push edi 6F41D2CA 8D0C00 lea ecx, dword ptr [eax+eax] 6F41D2CD 8DBD F4FDFFFF lea edi, dword ptr [ebp-20C] 6F41D2D3 33C0 xor eax, eax 6F41D2D5 F3:A6 repe cmps byte ptr es:[edi], byte ptr [esi] 6F41D2D7 5F pop edi 6F41D2D8 75 01 jnz short 6F41D2DB 6F41D2DA 43 inc ebx 6F41D2DB 8B4D FC mov ecx, dword ptr [ebp-4] 6F41D2DE 5E pop esi 6F41D2DF 8BC3 mov eax, ebx 6F41D2E1 33CD xor ecx, ebp 6F41D2E3 5B pop ebx 6F41D2E4 E8 89190100 call 6F42EC72 6F41D2E9 C9 leave 6F41D2EA C2 0800 retn 8 6F41D2ED 8BFF mov edi, edi 6F41D2EF 55 push ebp 6F41D2F0 8BEC mov ebp, esp 6F41D2F2 81EC 0C020000 sub esp, 20C 6F41D2F8 A1 B810436F mov eax, dword ptr [6F4310B8] 6F41D2FD 33C5 xor eax, ebp 6F41D2FF 8945 FC mov dword ptr [ebp-4], eax 6F41D302 8B45 08 mov eax, dword ptr [ebp+8] 6F41D305 56 push esi 6F41D306 8D8D F4FDFFFF lea ecx, dword ptr [ebp-20C] 6F41D30C 51 push ecx 6F41D30D 83C0 04 add eax, 4 6F41D310 50 push eax 6F41D311 33F6 xor esi, esi 6F41D313 E8 70A0FFFF call 6F417388 6F41D318 85C0 test eax, eax 6F41D31A 74 01 je short 6F41D31D 6F41D31C 46 inc esi 6F41D31D 8B4D FC mov ecx, dword ptr [ebp-4] 6F41D320 8BC6 mov eax, esi 6F41D322 33CD xor ecx, ebp 6F41D324 5E pop esi 6F41D325 E8 48190100 call 6F42EC72 6F41D32A C9 leave 6F41D32B C2 0800 retn 8 6F41D32E 8BFF mov edi, edi 6F41D330 55 push ebp 6F41D331 8BEC mov ebp, esp 6F41D333 51 push ecx 6F41D334 51 push ecx 6F41D335 8B45 0C mov eax, dword ptr [ebp+C] 6F41D338 8B48 04 mov ecx, dword ptr [eax+4] 6F41D33B 8B51 0C mov edx, dword ptr [ecx+C] 6F41D33E 53 push ebx 6F41D33F 33C0 xor eax, eax 6F41D341 33DB xor ebx, ebx 6F41D343 8945 F8 mov dword ptr [ebp-8], eax 6F41D346 8955 FC mov dword ptr [ebp-4], edx 6F41D349 85D2 test edx, edx 6F41D34B 76 3E jbe short 6F41D38B 6F41D34D 8B45 08 mov eax, dword ptr [ebp+8] 6F41D350 8B51 10 mov edx, dword ptr [ecx+10] 6F41D353 83C0 04 add eax, 4 6F41D356 8945 08 mov dword ptr [ebp+8], eax 6F41D359 8D42 10 lea eax, dword ptr [edx+10] 6F41D35C 56 push esi 6F41D35D 8945 0C mov dword ptr [ebp+C], eax 6F41D360 57 push edi 6F41D361 8B7D 08 mov edi, dword ptr [ebp+8] 6F41D364 8B75 0C mov esi, dword ptr [ebp+C] 6F41D367 6A 04 push 4 6F41D369 59 pop ecx 6F41D36A 33C0 xor eax, eax 6F41D36C F3:A7 repe cmps dword ptr es:[edi], dword ptr [esi] 6F41D36E 74 0F je short 6F41D37F 6F41D370 8345 0C 28 add dword ptr [ebp+C], 28 6F41D374 43 inc ebx 6F41D375 3B5D FC cmp ebx, dword ptr [ebp-4] 6F41D378 ^ 72 E7 jb short 6F41D361 6F41D37A 8B45 F8 mov eax, dword ptr [ebp-8] 6F41D37D EB 0A jmp short 6F41D389 6F41D37F 6BDB 28 imul ebx, ebx, 28 6F41D382 8B4413 24 mov eax, dword ptr [ebx+edx+24] 6F41D386 83E0 01 and eax, 1 6F41D389 5F pop edi 6F41D38A 5E pop esi 6F41D38B 5B pop ebx 6F41D38C C9 leave 6F41D38D C2 0800 retn 8 6F41D390 8BFF mov edi, edi 6F41D392 55 push ebp 6F41D393 8BEC mov ebp, esp 6F41D395 8B45 0C mov eax, dword ptr [ebp+C] 6F41D398 8B48 04 mov ecx, dword ptr [eax+4] 6F41D39B 8365 0C 00 and dword ptr [ebp+C], 0 6F41D39F 56 push esi 6F41D3A0 8B71 0C mov esi, dword ptr [ecx+C] 6F41D3A3 85F6 test esi, esi 6F41D3A5 76 31 jbe short 6F41D3D8 6F41D3A7 8B51 10 mov edx, dword ptr [ecx+10] 6F41D3AA 53 push ebx 6F41D3AB 8B5D 08 mov ebx, dword ptr [ebp+8] 6F41D3AE 83C3 04 add ebx, 4 6F41D3B1 57 push edi 6F41D3B2 83C2 24 add edx, 24 6F41D3B5 8975 08 mov dword ptr [ebp+8], esi 6F41D3B8 6A 04 push 4 6F41D3BA 59 pop ecx 6F41D3BB 8BFB mov edi, ebx 6F41D3BD 8D72 EC lea esi, dword ptr [edx-14] 6F41D3C0 33C0 xor eax, eax 6F41D3C2 F3:A7 repe cmps dword ptr es:[edi], dword ptr [esi] 6F41D3C4 75 08 jnz short 6F41D3CE 6F41D3C6 F602 3F test byte ptr [edx], 3F 6F41D3C9 74 03 je short 6F41D3CE 6F41D3CB FF45 0C inc dword ptr [ebp+C] 6F41D3CE 83C2 28 add edx, 28 6F41D3D1 FF4D 08 dec dword ptr [ebp+8] 6F41D3D4 ^ 75 E2 jnz short 6F41D3B8 6F41D3D6 5F pop edi 6F41D3D7 5B pop ebx 6F41D3D8 8B45 0C mov eax, dword ptr [ebp+C] 6F41D3DB 5E pop esi 6F41D3DC 5D pop ebp 6F41D3DD C2 0800 retn 8 6F41D3E0 8BFF mov edi, edi 6F41D3E2 55 push ebp 6F41D3E3 8BEC mov ebp, esp 6F41D3E5 51 push ecx 6F41D3E6 51 push ecx 6F41D3E7 8B45 0C mov eax, dword ptr [ebp+C] 6F41D3EA 53 push ebx 6F41D3EB 8B58 04 mov ebx, dword ptr [eax+4] 6F41D3EE 33C0 xor eax, eax 6F41D3F0 8945 0C mov dword ptr [ebp+C], eax 6F41D3F3 8945 F8 mov dword ptr [ebp-8], eax 6F41D3F6 3943 0C cmp dword ptr [ebx+C], eax 6F41D3F9 76 56 jbe short 6F41D451 6F41D3FB 56 push esi 6F41D3FC 8945 FC mov dword ptr [ebp-4], eax 6F41D3FF 57 push edi 6F41D400 837D 0C 03 cmp dword ptr [ebp+C], 3 6F41D404 74 49 je short 6F41D44F 6F41D406 8B43 10 mov eax, dword ptr [ebx+10] 6F41D409 8B4D FC mov ecx, dword ptr [ebp-4] 6F41D40C 8B7D 08 mov edi, dword ptr [ebp+8] 6F41D40F 8D1401 lea edx, dword ptr [ecx+eax] 6F41D412 6A 04 push 4 6F41D414 59 pop ecx 6F41D415 03F9 add edi, ecx 6F41D417 8D72 10 lea esi, dword ptr [edx+10] 6F41D41A 33C0 xor eax, eax 6F41D41C F3:A7 repe cmps dword ptr es:[edi], dword ptr [esi] 6F41D41E 75 20 jnz short 6F41D440 6F41D420 F642 24 3F test byte ptr [edx+24], 3F 6F41D424 74 1A je short 6F41D440 6F41D426 8B52 04 mov edx, dword ptr [edx+4] 6F41D429 C1EA 0E shr edx, 0E 6F41D42C 80E2 01 and dl, 1 6F41D42F 75 06 jnz short 6F41D437 6F41D431 834D 0C 01 or dword ptr [ebp+C], 1 6F41D435 EB 09 jmp short 6F41D440 6F41D437 80FA 01 cmp dl, 1 6F41D43A 75 04 jnz short 6F41D440 6F41D43C 834D 0C 02 or dword ptr [ebp+C], 2 6F41D440 FF45 F8 inc dword ptr [ebp-8] 6F41D443 8B45 F8 mov eax, dword ptr [ebp-8] 6F41D446 8345 FC 28 add dword ptr [ebp-4], 28 6F41D44A 3B43 0C cmp eax, dword ptr [ebx+C] 6F41D44D ^ 72 B1 jb short 6F41D400 6F41D44F 5F pop edi 6F41D450 5E pop esi 6F41D451 8B45 0C mov eax, dword ptr [ebp+C] 6F41D454 5B pop ebx 6F41D455 C9 leave 6F41D456 C2 0800 retn 8 6F41D459 8BFF mov edi, edi 6F41D45B 55 push ebp 6F41D45C 8BEC mov ebp, esp 6F41D45E 51 push ecx 6F41D45F 53 push ebx 6F41D460 56 push esi 6F41D461 8B75 08 mov esi, dword ptr [ebp+8] 6F41D464 57 push edi 6F41D465 8B7D 0C mov edi, dword ptr [ebp+C] 6F41D468 57 push edi 6F41D469 56 push esi 6F41D46A E8 BFFEFFFF call 6F41D32E 6F41D46F 85C0 test eax, eax 6F41D471 74 07 je short 6F41D47A 6F41D473 B3 14 mov bl, 14 6F41D475 E9 AF000000 jmp 6F41D529 6F41D47A 8A46 24 mov al, byte ptr [esi+24] 6F41D47D 3C 11 cmp al, 11 6F41D47F 0F84 8F000000 je 6F41D514 6F41D485 3C 12 cmp al, 12 6F41D487 74 71 je short 6F41D4FA 6F41D489 3C 13 cmp al, 13 6F41D48B 74 4F je short 6F41D4DC 6F41D48D 0F86 8E000000 jbe 6F41D521 6F41D493 3C 1B cmp al, 1B 6F41D495 76 0F jbe short 6F41D4A6 6F41D497 3C 1C cmp al, 1C 6F41D499 0F85 82000000 jnz 6F41D521 6F41D49F B3 06 mov bl, 6 6F41D4A1 E9 83000000 jmp 6F41D529 6F41D4A6 0FB6D0 movzx edx, al 6F41D4A9 8B47 04 mov eax, dword ptr [edi+4] 6F41D4AC 0FB640 27 movzx eax, byte ptr [eax+27] 6F41D4B0 83E0 7F and eax, 7F 6F41D4B3 B1 1D mov cl, 1D 6F41D4B5 83F8 29 cmp eax, 29 6F41D4B8 73 1C jnb short 6F41D4D6 6F41D4BA 80C1 F4 add cl, 0F4 6F41D4BD 6BC0 0C imul eax, eax, 0C 6F41D4C0 0FB6F9 movzx edi, cl 6F41D4C3 0FB6BC07 77D541>movzx edi, byte ptr [edi+eax+6F41D577] 6F41D4CB 3BFA cmp edi, edx 6F41D4CD 74 07 je short 6F41D4D6 6F41D4CF FEC1 inc cl 6F41D4D1 80F9 1D cmp cl, 1D 6F41D4D4 ^ 72 EA jb short 6F41D4C0 6F41D4D6 B3 24 mov bl, 24 6F41D4D8 2AD9 sub bl, cl 6F41D4DA EB 48 jmp short 6F41D524 6F41D4DC F746 24 0000010>test dword ptr [esi+24], 10000 6F41D4E3 74 11 je short 6F41D4F6 6F41D4E5 F747 10 0020000>test dword ptr [edi+10], 2000 6F41D4EC 0F84 88000000 je 6F41D57A 6F41D4F2 B3 03 mov bl, 3 6F41D4F4 EB 33 jmp short 6F41D529 6F41D4F6 B3 05 mov bl, 5 6F41D4F8 EB 2F jmp short 6F41D529 6F41D4FA F746 24 0000010>test dword ptr [esi+24], 10000 6F41D501 74 0D je short 6F41D510 6F41D503 F747 10 0020000>test dword ptr [edi+10], 2000 6F41D50A 74 6E je short 6F41D57A 6F41D50C B3 02 mov bl, 2 6F41D50E EB 19 jmp short 6F41D529 6F41D510 B3 04 mov bl, 4 6F41D512 EB 15 jmp short 6F41D529 6F41D514 F747 10 0040000>test dword ptr [edi+10], 4000 6F41D51B 74 5D je short 6F41D57A 6F41D51D B3 01 mov bl, 1 6F41D51F EB 03 jmp short 6F41D524 6F41D521 8A5D 0F mov bl, byte ptr [ebp+F] 6F41D524 80FB 15 cmp bl, 15 6F41D527 74 51 je short 6F41D57A 6F41D529 6A 10 push 10 6F41D52B 81C6 38040000 add esi, 438 6F41D531 33C0 xor eax, eax 6F41D533 59 pop ecx 6F41D534 BF E0C1436F mov edi, 6F43C1E0 6F41D539 F3:A6 repe cmps byte ptr es:[edi], byte ptr [esi] 6F41D53B 8945 FC mov dword ptr [ebp-4], eax 6F41D53E 74 08 je short 6F41D548 6F41D540 1BC0 sbb eax, eax 6F41D542 83D8 FF sbb eax, -1 6F41D545 8945 FC mov dword ptr [ebp-4], eax 6F41D548 FF75 0C push dword ptr [ebp+C] 6F41D54B FF75 08 push dword ptr [ebp+8] 6F41D54E E8 3DFEFFFF call 6F41D390 6F41D553 66:0FB6C0 movzx ax, al 6F41D557 66:0FB6CB movzx cx, bl 6F41D55B 66:C1E1 08 shl cx, 8 6F41D55F 66:C1E0 08 shl ax, 8 6F41D563 0FB7C9 movzx ecx, cx 6F41D566 C1E1 10 shl ecx, 10 6F41D569 0FB7C0 movzx eax, ax 6F41D56C 0BC1 or eax, ecx 6F41D56E 33C9 xor ecx, ecx 6F41D570 394D FC cmp dword ptr [ebp-4], ecx 6F41D573 0F95C1 setne cl 6F41D576 0BC1 or eax, ecx 6F41D578 EB 02 jmp short 6F41D57C 6F41D57A 33C0 xor eax, eax 6F41D57C 5F pop edi 6F41D57D 5E pop esi 6F41D57E 5B pop ebx 6F41D57F C9 leave 6F41D580 C2 0800 retn 8
这个一段游戏directinput的反汇编信息,我想获取到什么时候游戏发送震动消息,大家可以给分析一下吗?谢谢了。先祝大家圣诞快乐...
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
赞赏
赞赏
雪币:
留言:
