能力值:
( LV2,RANK:10 )
|
-
-
2 楼
.text:00463993 lea eax, [esp+40h+TotalNumberOfFreeBytes]
.text:00463997 push eax ; lpTotalNumberOfFreeBytes
.text:00463998 mov eax, [esp+44h+lpDirectoryName]
.text:0046399C lea ecx, [esp+44h+TotalNumberOfBytes]
.text:004639A0 push ecx ; lpTotalNumberOfBytes
.text:004639A1 lea edx, [esp+48h+FreeBytesAvailableToCaller]
.text:004639A5 push edx ; lpFreeBytesAvailableToCaller
.text:004639A6 push eax ; lpDirectoryName
.text:004639A7 call ds:GetDiskFreeSpaceExW
.text:004639AD test eax, eax
.text:004639AF jz short loc_4639D5
.text:004639B1 fild qword ptr [esp+40h+FreeBytesAvailableToCaller]
.text:004639B5 mov esi, ebx
.text:004639B7 fmul ds:dbl_487270
.text:004639BD fstp [esp+40h+FreeBytesAvailableToCallerInMB]
.text:004639C1 call sub_40BD60
.text:004639C6 fld [esp+40h+FreeBytesAvailableToCallerInMB]
.text:004639CA mov dword ptr [ebx+8], 3
.text:004639D1 fstp qword ptr [ebx]
.text:004639D3 jmp short loc_4639E2
.rdata:00487270 dbl_487270 dq 9.5367431640625e-7
调用GetDiskFreeSpaceExW 得到FreeBytesAvailableToCaller
然后乘以9.5367431640625e-7 将Byte 转换为MegaByte
再填写进qword ptr [ebx]
所以最简单的办法是改这个常数
|
能力值:
( LV2,RANK:10 )
|
-
-
3 楼
[QUOTE=mahjong;921426].text:00463993 lea eax, [esp+40h+TotalNumberOfFreeBytes]
.text:00463997 push eax ; lpTotalNumberOf...[/QUOTE]
你说的办法确实是好,但我还是想找出0x600的来源!
|
能力值:
( LV2,RANK:10 )
|
-
-
4 楼
好文章。支持
|
能力值:
( LV2,RANK:10 )
|
-
-
5 楼
关注中,支持中
|
|
|