首页
社区
课程
招聘
未解决 【求助】OD和CE结合寻找 某聊天器的消息发送CALL(db数据库解密和按钮CALL位置已找到)
发表于: 2019-11-12 10:12 8843

未解决 【求助】OD和CE结合寻找 某聊天器的消息发送CALL(db数据库解密和按钮CALL位置已找到)

2019-11-12 10:12
8843
我不想说研究的是哪一款产品,大家也不要猜测,这个软件没有加壳,纯兴趣爱好,希望大家多多支持谅解,提高技术学术研究之用。
———————————————————————————————————————————————————————————
目前遇到一个问题就是 寻找到了 聊天其的发送消息的控件CALL,消息接收者的ID也找到了,就是 找不到具体的发送消息的函数CALL 
这个消息函数CALL的原型,我猜测是 这样的如下:
消息发送(消息接收者ID,消息内容,消息类型),可能消息类型 没有,但是  消息接收者ID,消息内容 这两个参数 必须会有。
如果大家有兴趣寻找这个函数CALL,请联系联系本人  有偿.
( 还有  按网上  鬼手 写的方法 ,研究压根不行。 因为这个不是个人版的XX,除了控件一样和调用的系统库一样,里面的逻辑代码不是同一个团队开发的。)

它的发包模式 用了两种方式,一个 用send 函数,这个函数我直接废除后 ,还是可以发送消息。最后确定是 WSASend  才是真正的发送消息的封包函数。
由于这个函数被下断后,堆栈里面的调用并没有 消息发送CALL ,然后我又对 它  的封包内存buff 地址 进行 下 内存写入断点,但是 这个buff 不是固定的地址,就放弃了。
找这软件的CALL  比游戏 还复杂,切入点 都布满了荆棘。。。

 


下面是用CALL测试器 测试了按钮点击CALL ,可以发送消息,但是这个按钮点击CALL 没有ID参数和消息内容参数。不方便我使用。

下面我们用CE工具,看下这个按钮点击CALL的外部。

下面这个是按钮点击CALL的内部,红框内确定是发消息的函数,但是这个函数还是太大,传入的也是对象之类的参数。,不方便我构造这些参数和调用,还得继续这个CALL的内部进行分析。


以下函数 是 我们进入 以上这个函数CALL 的内部 发现的。下面那个edx里面保存这 消息接收者的ID,修改这个ID可以给好友发送消息,确定有效果的。
但是就是不知道 具体的消息发送CALL  是哪个一个,求大小神看看,有偿。。。。

以上这个ID的内存地址 似乎要经过好几次的拷贝,我也不知道它为啥要这么拷贝来拷贝去,我尝试对这个ID的内存地址进行 一个 内存访问断点,确实可以断下来好几处的代码,但是 还是没有找到 明确的 消息发送函数CALL。。。


————————————————————————————————————————————————————————————————————————
数据库的解密的位置,我也发下,这个key 不是 32个字节,而是16个字节。特征码在下面,可以用CE搜索到。解密的时候 好像不是一次性把一个db文件全部解密掉,我用PCHunter( xuetr)工具 -查看内存 - dump 内存出来的明文版的文件,无效。因为它只是解密部分,而不是整个文件,我dump 的整个文件的长度。




有没有解密 ,大家用CE工具 以 字节数组的 形式 搜索 以上着16个字节即可,这是db文件头部特征。

————————————————————————————————————————————————————————————

这个企业版XX ,在消息发送CALL,聊天对话框选择CALL ,等都是以 含有人物ID的结构体 作为 参数 传入。
这些结构对象不知道是不是和游戏的怪物一样。以数组的形式存放,还是二叉树的形式存放。下方我放出以序号选择人物对话框

再以上这个CALL的内部,我发现它还有 下面这个CALL,可以依据ID来打开对话框。





[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!

最后于 2019-11-14 02:14 被笑林小子编辑 ,原因:
收藏
免费 0
支持
分享
最新回复 (22)
雪    币: 958
活跃值: (9951)
能力值: ( LV13,RANK:385 )
在线值:
发帖
回帖
粉丝
2
CTRL +A 重新分析代码. 或者 右键从模块中删除分析. 试一下看看.
2019-11-12 11:31
0
雪    币: 0
能力值: ( LV1,RANK:0 )
在线值:
发帖
回帖
粉丝
3
大神 小神,有人研究吗。。。
2019-11-13 13:54
0
雪    币: 6661
活跃值: (4511)
能力值: ( LV10,RANK:163 )
在线值:
发帖
回帖
粉丝
4
企业版数据和个人版完全不一样!!! CALL的参数全是结构或者类,而且参数非常多找的时候有点痛苦。
2019-11-14 11:44
0
雪    币: 0
能力值: ( LV1,RANK:0 )
在线值:
发帖
回帖
粉丝
5
yimingqpa 企业版数据和个人版完全不一样!!! CALL的参数全是结构或者类,而且参数非常多找的时候有点痛苦。
知音啊,真心感谢大神研究,确实我已经 经历痛苦两周了,每天都感觉到压力很大,感觉对不起帮助过我的人。

还请教了 当年网游黑帽 DXF完全逆向总舵主手逆VM大神 :迪奥思宇  ,他看了也说 是企业版用的是对象参数,很复杂,必须找到基址才行。

企业版XX  和 个人版XX 应该是 鹅厂的两个不同的团队开发的。
最后于 2019-11-15 23:29 被笑林小子编辑 ,原因:
2019-11-14 12:35
0
雪    币: 3
活跃值: (1056)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
6
我也在研究, 楼主的消息发送CALL 是对的,4楼 yimingqpa  大神把 第一个push 传入了1 ,这个参数 好像可以随便设置。
yimingqpa  大神构造的结构体对象      pPackData  是怎么构造的,我想了解下,没找到  消息内容 的 位置。ID的位置确实有。 


为了猜测哪些参数必要,哪些不必要,我把有些堆栈全部清空。逐步排除,这个方法虽然笨,但是有效。方便分析。
下面先把这个CALL的修改下。发现 最后两个 push 的参数可以一样。


最后于 2019-11-14 21:09 被TX杀手编辑 ,原因:
2019-11-14 14:42
0
雪    币: 6661
活跃值: (4511)
能力值: ( LV10,RANK:163 )
在线值:
发帖
回帖
粉丝
7

很刺激,大概也就需要调十个左右函数。
2019-11-14 16:27
0
雪    币: 3
活跃值: (1056)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
8
yimingqpa 很刺激,大概也就需要调十个左右函数。
还有是不是 我们找的CALL 太顶层了,其底层是否有  消息发送CALL(ID,消息内存) 这种 函数CALL 呢。
希望大神解释下,我也研究的头皮发麻。。。。。。
我感觉在看雪能构造这个CALL 参数的人不多,真的很复杂。

这个CALL太变态了,先膜拜下 yimingqpa 大神 , 我想私信你,充钱了33元,购买雪币升级。结果还是只有20个雪币。。。。还是 私信不了。


还有强烈建议  yimingqpa 大神 出一些类似 ”鬼手“一样的文章。方便我们菜鸟阅读,提高段位。。。。


最后于 2019-11-14 19:29 被TX杀手编辑 ,原因:
2019-11-14 16:30
0
雪    币: 0
能力值: ( LV1,RANK:0 )
在线值:
发帖
回帖
粉丝
9
TX杀手 yimingqpa 很刺激,大概也就需要调十个左右函数。 还有是不是 我们找的CALL 太顶层了,其底层是否有  消息发送CALL(I ...
大神太强大了,这种CALL 太复杂了。
2019-11-14 18:49
0
雪    币: 8402
活跃值: (3633)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
10
据说干翻TX的都进去了。。。
2019-11-14 19:25
0
雪    币: 3
活跃值: (1056)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
11
yimingqpa 很刺激,大概也就需要调十个左右函数。
大神,看了你的代码,我也确定了下,确实ECX里面存放的是一个用户对象,并且这个对象 里面有 用户ID,修改后可以 往其他好友里面发消息,其实HOOK这个ID 我们就不用构造这种复杂的用户对象了。不过只改ID的话,  外部好友之间 修改ID 是没问题的,但是当把外部好友的ID直接修改成群ID,企业XX就崩溃了。这可能是 对象的其他属性还没修改好,并不是简单的修改ID就可以了。

接下来,还得 hook 消息内容的内存地址,也是修改消息内容即可,无需构造复杂的对象结构体。

但是我没有从最后一个push 传入的对象里面找到  消息文本数据。你是不是搞了组合CALL模式:

两个CALL组合在一起调用?

消息文本 构造CALL 
发送消息CALL

大神,请指点一二,我继续研究。。。。。
最后于 2019-11-15 15:11 被TX杀手编辑 ,原因:
2019-11-15 14:06
0
雪    币: 6661
活跃值: (4511)
能力值: ( LV10,RANK:163 )
在线值:
发帖
回帖
粉丝
12
构造消息内容
      构造初始化
      消息内容打包
      内容写入构造结构
发送目标
     发送目标打包
     目标写入构造结构
发送内容拷贝内存X中
发送消息CALL
2019-11-15 18:06
0
雪    币: 3
活跃值: (1056)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
13
yimingqpa 构造消息内容 构造初始化 消息内容打包 内容写入构造结构 发送目标 发送目标打包 目标写入构造结构 发送内容拷贝内存X中 发送消 ...
我的理解是不是    把 文本消息内容字符串  以二进制的形式搞成封包格式(这里是否涉及到简单的加密处理)。然后打包好后再把这个封包内存地址  写入到 结构体里面,再加一些对象信息到结构体里面。
但是我在断点这个CALL所在的当前代码地址的时候,可以用CE搜索出  明文字符串的 文本内容 和 目标ID,修改后有真实效果。那么是否意味着这个 二进制的封包 没必要构造。 
最后于 2019-11-15 22:13 被TX杀手编辑 ,原因:
2019-11-15 21:55
0
雪    币: 312
活跃值: (59)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
14
围观大佬
2019-11-15 23:11
0
雪    币: 3
活跃值: (1056)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
15
yimingqpa 构造消息内容 构造初始化 消息内容打包 内容写入构造结构 发送目标 发送目标打包 目标写入构造结构 发送内容拷贝内存X中 发送消 ...
求大神帮助- - 
2019-11-16 22:18
0
雪    币: 3
活跃值: (1056)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
16
在企业XX聊天框 里面输入 q123456 ,文本长度是 7 个字符。然后
当我在CALL调用处进行代码断点后,然后用CE搜索,搜索到的一个文本 内存地址。在OD里面查看发现 
通,结构体原型如下
文本结构体
{
int  消息内容的内存地址
int x    
int x
int x
int  消息文本的长度
int  消息文本的最大长度
}
以上的结构体 实例化后如下
{
0x0D6BD598
0x00000000
0x00000000
0x00000000
0x00000007
0x0000000F
}
但是以上 的内容 在 当时断下来的堆栈里面 却没有找到。

我再放一张图,消息的文本结构体

最后于 2019-11-18 15:04 被TX杀手编辑 ,原因:
2019-11-18 14:31
0
雪    币: 3
活跃值: (1056)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
17
//下面是按钮CALL内部,其里面又消息发送CALL,本段伪代码来自IDA静态编译企业XX—— 欢迎看雪高手研究
void __thiscall sub_A741E0(_DWORD *this)
{
  _DWORD *v1; // esi
  int v2; // ecx
  int *v3; // eax
  int v4; // ecx
  volatile signed __int32 *v5; // edi
  int v6; // eax
  int v7; // edi
  char v8; // al
  int v9; // ecx
  int v10; // ecx
  int *v11; // eax
  int v12; // ecx
  char v13; // al
  int v14; // ebx
  int v15; // eax
  int v16; // eax
  int v17; // ecx
  int *v18; // eax
  int v19; // ecx
  int v20; // eax
  int v21; // eax
  int v22; // eax
  int v23; // ecx
  char *v24; // ecx
  int v25; // eax
  int v26; // eax
  int v27; // ecx
  int v28; // eax
  int v29; // eax
  int v30; // ecx
  int v31; // eax
  int v32; // eax
  int v33; // ecx
  int v34; // eax
  int v35; // eax
  int v36; // ecx
  int v37; // ecx
  int v38; // eax
  int v39; // ecx
  int v40; // eax
  int v41; // eax
  int v42; // ecx
  int v43; // eax
  int v44; // eax
  int v45; // ecx
  int v46; // edi
  int v47; // esi
  _DWORD *v48; // eax
  bool v49; // zf
  char v50; // al
  int *v51; // eax
  int v52; // ecx
  int v53; // eax
  char v54; // al
  bool v55; // bl
  int v56; // edi
  int v57; // esi
  int v58; // ebx
  _DWORD *v59; // eax
  char v60; // al
  int *v61; // eax
  int v62; // ecx
  int v63; // ecx
  int v64; // eax
  int v65; // ecx
  int v66; // [esp-18h] [ebp-100h]
  int v67; // [esp-14h] [ebp-FCh]
  int v68; // [esp-10h] [ebp-F8h]
  int v69; // [esp-Ch] [ebp-F4h]
  int v70; // [esp-8h] [ebp-F0h]
  char *v71; // [esp-4h] [ebp-ECh]
  char v72; // [esp+10h] [ebp-D8h]
  char v73; // [esp+1Ch] [ebp-CCh]
  char v74; // [esp+34h] [ebp-B4h]
  char v75; // [esp+4Ch] [ebp-9Ch]
  char v76; // [esp+54h] [ebp-94h]
  int v77; // [esp+60h] [ebp-88h]
  volatile signed __int32 *v78; // [esp+64h] [ebp-84h]
  char *v79; // [esp+68h] [ebp-80h]
  _DWORD *v80; // [esp+6Ch] [ebp-7Ch]
  int v81; // [esp+70h] [ebp-78h]
  int v82; // [esp+74h] [ebp-74h]
  char v83; // [esp+7Ah] [ebp-6Eh]
  char v84; // [esp+7Bh] [ebp-6Dh]
  int v85; // [esp+7Ch] [ebp-6Ch]
  unsigned int v86; // [esp+90h] [ebp-58h]
  __int64 v87; // [esp+94h] [ebp-54h]
  int v88; // [esp+9Ch] [ebp-4Ch]
  char v89; // [esp+A0h] [ebp-48h]
  char v90; // [esp+B8h] [ebp-30h]
  int v91; // [esp+C8h] [ebp-20h]
  int v92; // [esp+CCh] [ebp-1Ch]
  __int64 v93; // [esp+D0h] [ebp-18h]
  int v94; // [esp+E4h] [ebp-4h]

  v1 = this;
  v80 = this;
  v82 = 0;
  if ( this[426] && this[434] )
  {
    sub_A1AB90(&v85);
    v94 = 0;
    v2 = v1[428];
    v81 = -1;
    if ( sub_C11A00(*(_DWORD *)(v2 + 136), &v81) != -1 )
    {
      sub_4D17A0("single_track_mes_count");
      LOBYTE(v94) = 1;
      v3 = (int *)sub_537960(&v77);
      LOBYTE(v94) = 2;
      v71 = &v90;
      v4 = *v3;
      sub_5421F0(79503255, &v90);
      LOBYTE(v94) = 3;
      v5 = v78;
      if ( v78 )
      {
        if ( !_InterlockedExchangeAdd(v78 + 1, 0xFFFFFFFF) )
        {
          (**(void (__thiscall ***)(volatile signed __int32 *))v5)(v5);
          if ( !_InterlockedDecrement(v5 + 2) )
            (*(void (__thiscall **)(volatile signed __int32 *))(*v5 + 4))(v5);
        }
      }
      LOBYTE(v94) = 0;
      sub_4D1CA0(&v90);
    }
    LOBYTE(v79) = sub_A4A530(v1[428]);
    if ( !(_BYTE)v79 )
    {
      sub_4D17A0(ErrMsg);
      v92 = 15;
      v91 = 0;
      v90 = 0;
      LOBYTE(v94) = 5;
      v6 = sub_4D6A70(dword_30FB0F0, &v89, 2);
      v7 = v6;
      LOBYTE(v94) = 6;
      if ( *(_DWORD *)(v6 + 28) )
      {
        sub_4D7D40(
          *(_DWORD *)(v6 + 28),
          "InstantMessaging::SendSessionMessage, corp_conversation member over 2000, remove track message tag.");
        if ( *(_DWORD *)(v7 + 28) )
          sub_4EF600(*(_DWORD *)(v7 + 28), &v90);
      }
      sub_4D6BD0(&v72);
      sub_4D1CA0(&v90);
      LOBYTE(v94) = 0;
      sub_4D1CA0(&v89);
      if ( !(unsigned __int8)sub_BF2450(&dword_30F9DB0) && (unsigned __int8)sub_A46CA0(v1[428]) )
        sub_C12010(*(_DWORD *)(v1[428] + 136));
    }
    sub_A69D10(&v66);
    if ( !(unsigned __int8)sub_111F350(v66, v67, v68, v69, v70, v71) || (v8 = sub_A46CD0(v1[428]), LOBYTE(v81) = 1, !v8) )
      LOBYTE(v81) = 0;
    v9 = v1[428];
    v77 = 0;
    v78 = 0;
    v84 = 0;
    v87 = 0i64;
    v88 = 0;
    sub_A46E30(&v87, &v84, &v77, 1, 1);
    LOBYTE(v94) = 7;
    v10 = v1[428];
    v71 = 0;
    if ( DuiLib::CRichEditUI::GetTextLength(*(DuiLib::CRichEditUI **)(v10 + 136), 0) <= 0
      || (unsigned __int8)sub_A5AC10(&v87) )
    {
      sub_A48920(v1[428]);
    }
    else
    {
      v11 = (int *)sub_4FA270(&v93);
      LOBYTE(v94) = 8;
      v12 = *v11;
      v82 = 1;
      if ( (*(unsigned __int8 (**)(void))(*(_DWORD *)v12 + 540))()
        || !(unsigned __int8)sub_A1AD50(v1[434])
        || !(unsigned __int8)sub_A1ABE0(v1[434])
        || (unsigned __int8)sub_A1AC70(v1[434])
        || (v13 = sub_A1AD70(), v83 = 1, v13) )
      {
        v83 = 0;
      }
      v94 = 7;
      std::shared_ptr<Gdiplus::Image>::~shared_ptr<Gdiplus::Image>(&v93);
      v14 = 0;
      v82 = 0;
      if ( v83 )
      {
        v15 = sub_5055B0(&v90, 2137);
        LOBYTE(v94) = 9;
        v16 = sub_123B330(&v89, v15);
        v71 = 0;
        LOBYTE(v94) = 10;
        v17 = v1[426];
        sub_9EBD10(v16, 0);
        sub_4D1CA0(&v89);
        LOBYTE(v94) = 7;
        sub_4D4BE0(&v90);
        sub_9E9C00(v1[426]);
        sub_A440A0(v1[428]);
        v18 = (int *)sub_58AE40(&v77);
        LOBYTE(v94) = 11;
        v19 = *v18;
        v71 = 0;
        (*(void (__stdcall **)(_DWORD))(*(_DWORD *)v19 + 20))(0);
        std::shared_ptr<Gdiplus::Image>::~shared_ptr<Gdiplus::Image>(&v77);
      }
      else
      {
        v20 = sub_A43A50(v1[428]);
        if ( v20 )
        {
          switch ( v20 )
          {
            case 1:
              v21 = sub_5055B0(&v90, 1704);
              LOBYTE(v94) = 12;
              v22 = sub_123B330(&v89, v21);
              LOBYTE(v94) = 13;
              goto LABEL_32;
            case 2:
              v25 = sub_5055B0(&v90, 2049);
              LOBYTE(v94) = 14;
              v22 = sub_123B330(&v89, v25);
              LOBYTE(v94) = 15;
              goto LABEL_32;
            case 3:
              v26 = sub_5055B0(&v90, 1623);
              LOBYTE(v94) = 16;
              v22 = sub_123B330(&v89, v26);
              LOBYTE(v94) = 17;
LABEL_32:
              v23 = v1[426];
              sub_9EBD10(v22, 0);
              sub_4D1CA0(&v89);
              v24 = &v90;
              goto LABEL_43;
            case 4:
              v27 = v1[428];
              sub_63B960(&v90);
              LOBYTE(v94) = 18;
              v28 = sub_123B310(&v74, &v90);
              LOBYTE(v94) = 19;
              sub_5068A0(v28);
              LOBYTE(v94) = 21;
              sub_4D4BE0(&v74);
              v29 = sub_123B330(&v73, &v89);
              v71 = 0;
              LOBYTE(v94) = 22;
              v30 = v1[426];
              sub_9EBD10(v29, 0);
              sub_4D1CA0(&v73);
              sub_4D4BE0(&v89);
              LOBYTE(v94) = 7;
              sub_4D1CA0(&v90);
              break;
            case 5:
              v31 = sub_5055B0(&v74, 1417);
              LOBYTE(v94) = 23;
              v32 = sub_123B330(&v73, v31);
              LOBYTE(v94) = 24;
              goto LABEL_42;
            case 6:
              v33 = v1[428];
              sub_63B960(&v90);
              LOBYTE(v94) = 25;
              v34 = sub_123B310(&v73, &v90);
              LOBYTE(v94) = 26;
              sub_5068A0(v34);
              LOBYTE(v94) = 28;
              sub_4D4BE0(&v73);
              v35 = sub_123B330(&v74, &v89);
              LOBYTE(v94) = 29;
              goto LABEL_38;
            case 7:
              v41 = sub_5055B0(&v74, 1624);
              LOBYTE(v94) = 40;
              v32 = sub_123B330(&v73, v41);
              LOBYTE(v94) = 41;
LABEL_42:
              v42 = v1[426];
              sub_9EBD10(v32, 0);
              sub_4D1CA0(&v73);
              v24 = &v74;
LABEL_43:
              LOBYTE(v94) = 7;
              sub_4D4BE0(v24);
              break;
            case 8:
              v39 = v1[428];
              sub_63B960(&v90);
              LOBYTE(v94) = 35;
              v40 = sub_123B310(&v73, &v90);
              LOBYTE(v94) = 36;
              sub_5068A0(v40);
              LOBYTE(v94) = 38;
              sub_4D4BE0(&v73);
              v35 = sub_123B330(&v74, &v89);
              LOBYTE(v94) = 39;
              goto LABEL_38;
            case 9:
              v37 = v1[428];
              sub_63B960(&v90);
              LOBYTE(v94) = 30;
              v38 = sub_123B310(&v73, &v90);
              LOBYTE(v94) = 31;
              sub_5068A0(v38);
              LOBYTE(v94) = 33;
              sub_4D4BE0(&v73);
              v35 = sub_123B330(&v74, &v89);
              LOBYTE(v94) = 34;
LABEL_38:
              v36 = v1[426];
              sub_9EBD10(v35, 0);
              sub_4D1CA0(&v74);
              sub_4D4BE0(&v89);
              LOBYTE(v94) = 7;
              sub_4D1CA0(&v90);
              break;
            default:
              break;
          }
          sub_9E9C00(v1[426]);
          sub_A440A0(v1[428]);
        }
        else if ( v84 )
        {
          sub_5055B0(&v90, 1877);
          LOBYTE(v94) = 42;
          if ( (_BYTE)v81 )
          {
            v43 = sub_5055B0(&v73, 1065);
            sub_50CAC0(v43);
            sub_4D4BE0(&v73);
          }
          v44 = sub_123B330(&v73, &v90);
          v71 = 0;
          LOBYTE(v94) = 43;
          v45 = v1[426];
          sub_9EBD10(v44, 0);
          LOBYTE(v94) = 42;
          sub_4D1CA0(&v73);
          sub_9E9C00(v1[426]);
          sub_A440A0(v1[428]);
          sub_4D4BE0(&v90);
        }
        else
        {
          if ( (unsigned __int8)sub_A46CA0(v1[428]) )
          {
            v46 = HIDWORD(v87);
            v47 = v87;
            if ( (_DWORD)v87 != HIDWORD(v87) )
            {
              do
              {
                v93 = 0i64;
                std::shared_ptr<Gdiplus::Image>::shared_ptr<Gdiplus::Image>(v47);
                if ( !(_DWORD)v93 )
                  goto LABEL_84;
                v48 = (_DWORD *)sub_8E7880(&v75);
                LOBYTE(v94) = 45;
                v14 |= 2u;
                v49 = *v48 == 0;
                v82 = v14;
                if ( v49 || (sub_8E7880(&v70), v50 = sub_A5AF10(v70, v71), v84 = 1, !v50) )
LABEL_84:
                  v84 = 0;
                v94 = 44;
                if ( v14 & 2 )
                {
                  v14 &= 0xFFFFFFFD;
                  std::shared_ptr<Gdiplus::Image>::~shared_ptr<Gdiplus::Image>(&v75);
                }
                if ( v84 )
                {
                  v51 = (int *)sub_8E7880(&v76);
                  LOBYTE(v94) = 46;
                  v52 = *v51;
                  v71 = (char *)1;
                  (*(void (__stdcall **)(signed int))(*(_DWORD *)v52 + 400))(1);
                  std::shared_ptr<Gdiplus::Image>::~shared_ptr<Gdiplus::Image>(&v76);
                }
                LOBYTE(v94) = 7;
                std::shared_ptr<Gdiplus::Image>::~shared_ptr<Gdiplus::Image>(&v93);
                v47 += 8;
              }
              while ( v47 != v46 );
              v82 = v14;
            }
            v1 = v80;
          }
          sub_A69D10(&v66);
          if ( (unsigned __int8)sub_111F700(v66, v67, v68, v69, v70, v71) )
          {
            v53 = sub_4F0370(&v76);
            LOBYTE(v94) = 47;
            v54 = (*(int (**)(void))(**(_DWORD **)v53 + 404))();
            LOBYTE(v94) = 7;
            v55 = v54 == 0;
            std::shared_ptr<Gdiplus::Image>::~shared_ptr<Gdiplus::Image>(&v76);
            if ( v55 )
            {
              v56 = HIDWORD(v87);
              v57 = v87;
              if ( (_DWORD)v87 != HIDWORD(v87) )
              {
                v58 = v82;
                do
                {
                  v93 = 0i64;
                  std::shared_ptr<Gdiplus::Image>::shared_ptr<Gdiplus::Image>(v57);
                  if ( !(_DWORD)v93 )
                    goto LABEL_85;
                  v59 = (_DWORD *)sub_8E7880(&v76);
                  LOBYTE(v94) = 49;
                  v58 |= 4u;
                  v49 = *v59 == 0;
                  v82 = v58;
                  if ( v49 || (sub_8E7880(&v70), v60 = sub_A5AF10(v70, v71), v84 = 1, !v60) )
LABEL_85:
                    v84 = 0;
                  v94 = 48;
                  if ( v58 & 4 )
                  {
                    v58 &= 0xFFFFFFFB;
                    std::shared_ptr<Gdiplus::Image>::~shared_ptr<Gdiplus::Image>(&v76);
                  }
                  if ( v84 )
                  {
                    v61 = (int *)sub_8E7880(&v75);
                    LOBYTE(v94) = 50;
                    v62 = *v61;
                    v71 = (char *)1;
                    (*(void (__stdcall **)(signed int))(*(_DWORD *)v62 + 400))(1);
                    std::shared_ptr<Gdiplus::Image>::~shared_ptr<Gdiplus::Image>(&v75);
                  }
                  LOBYTE(v94) = 7;
                  std::shared_ptr<Gdiplus::Image>::~shared_ptr<Gdiplus::Image>(&v93);
                  v57 += 8;
                }
                while ( v57 != v56 );
              }
              v1 = v80;
              LOBYTE(v79) = 1;
            }
            else
            {
              LOBYTE(v79) = 0;
            }
          }
          sub_A47700(v1[428]);
          v71 = v79;
          v63 = v1[434];
          sub_A17550(&v87, &v77, v81, (char)v79);
          sub_A440A0(v1[428]);
          v64 = v1[428];
          v71 = (char *)&WindowName;
          (*(void (__stdcall **)(const WCHAR *))(**(_DWORD **)(v64 + 136) + 72))(&WindowName);
          v65 = v1[406];
          if ( v65 )
            (*(void (**)(void))(*(_DWORD *)v65 + 4))();
        }
      }
    }
    sub_4CFD70(&v87);
    if ( v86 >= 0x10 )
      sub_4D1D00(v85, v86 + 1, 1);
  }
}

以上这个就是按钮CALL的内部, 可以看到 消息发送函数 一共 4个参数。
继续研究。。。不解决,不罢休。本贴直播!请继续关注!
最后于 2019-11-18 19:15 被TX杀手编辑 ,原因:
2019-11-18 18:52
0
雪    币: 3
活跃值: (1056)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
18
企业XX 每次切换或者程序启动的时候 都会调用 SetText函数,把从数据库里面提取的数据 通过这函数 赋值到DuiLib控件的界面上。好友列表等都有。消息列表等。所以直接用OD工具 断点这个函数 应该也能逆推 到 企业XX在读取数据库的函数,包括 依据 好友ID向本地数据库查询该好友的属性(昵称)信息的函数
。函数原型  :  查询好友信息函数CALL(好友ID)


还有一个函数如下所示:
我先发下CE版本,方便大家定位



最后于 2019-11-19 00:41 被TX杀手编辑 ,原因:
2019-11-18 20:27
0
雪    币: 3
活跃值: (1056)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
19
在记录一笔:( DuiLib::CDialogBuilder::Create )
DuiLib.DuiLib::CDialogBuilder::Create - 55                    - push ebp
DuiLib.DuiLib::CDialogBuilder::Create+1- 8B EC                 - mov ebp,esp
DuiLib.DuiLib::CDialogBuilder::Create+3- 83 E4 F8              - and esp,-08 { 248 }
DuiLib.DuiLib::CDialogBuilder::Create+6- 81 EC 94060000        - sub esp,00000694 { 1684 }
DuiLib.DuiLib::CDialogBuilder::Create+C- A1 0CF03451           - mov eax,[5134F00C] { ("/}bO/") }
DuiLib.DuiLib::CDialogBuilder::Create+11- 33 C4                 - xor eax,esp
DuiLib.DuiLib::CDialogBuilder::Create+13- 89 84 24 90060000     - mov [esp+00000690],eax
DuiLib.DuiLib::CDialogBuilder::Create+1A- 8B 45 10              - mov eax,[ebp+10]
DuiLib.DuiLib::CDialogBuilder::Create+1D- 53                    - push ebx
DuiLib.DuiLib::CDialogBuilder::Create+1E- 89 44 24 2C           - mov [esp+2C],eax
DuiLib.DuiLib::CDialogBuilder::Create+22- 8B 45 08              - mov eax,[ebp+08]
DuiLib.DuiLib::CDialogBuilder::Create+25- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+26- 57                    - push edi
DuiLib.DuiLib::CDialogBuilder::Create+27- 8B 7D 0C              - mov edi,[ebp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+2A- 89 81 40010000        - mov [ecx+00000140],eax
DuiLib.DuiLib::CDialogBuilder::Create+30- 8D 84 24 88040000     - lea eax,[esp+00000488]
DuiLib.DuiLib::CDialogBuilder::Create+37- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+38- 89 4C 24 24           - mov [esp+24],ecx
DuiLib.DuiLib::CDialogBuilder::Create+3C- 89 7C 24 14           - mov [esp+14],edi
DuiLib.DuiLib::CDialogBuilder::Create+40- E8 A3870000           - call DuiLib.DuiLib::CMarkup::GetRoot
DuiLib.DuiLib::CDialogBuilder::Create+45- 8D 8C 24 88040000     - lea ecx,[esp+00000488]
DuiLib.DuiLib::CDialogBuilder::Create+4C- E8 39830000           - call DuiLib.DuiLib::CMarkupNode::IsValid
DuiLib.DuiLib::CDialogBuilder::Create+51- 84 C0                 - test al,al
DuiLib.DuiLib::CDialogBuilder::Create+53- 75 07                 - jne DuiLib.DuiLib::CDialogBuilder::Create+5C
DuiLib.DuiLib::CDialogBuilder::Create+55- 33 C0                 - xor eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+57- E9 76070000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7D2
DuiLib.DuiLib::CDialogBuilder::Create+5C- 85 FF                 - test edi,edi
DuiLib.DuiLib::CDialogBuilder::Create+5E- 0F84 58070000         - je DuiLib.DuiLib::CDialogBuilder::Create+7BC
DuiLib.DuiLib::CDialogBuilder::Create+64- 8D 84 24 78020000     - lea eax,[esp+00000278]
DuiLib.DuiLib::CDialogBuilder::Create+6B- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+6C- 8D 8C 24 8C040000     - lea ecx,[esp+0000048C]
DuiLib.DuiLib::CDialogBuilder::Create+73- E8 0A820000           - call DuiLib.DuiLib::CMarkupNode::GetChild
DuiLib.DuiLib::CDialogBuilder::Create+78- 8D 8C 24 78020000     - lea ecx,[esp+00000278]
DuiLib.DuiLib::CDialogBuilder::Create+7F- E8 06830000           - call DuiLib.DuiLib::CMarkupNode::IsValid
DuiLib.DuiLib::CDialogBuilder::Create+84- 8B 1D BC682D51        - mov ebx,[512D68BC] { (74D8ABA0) }
DuiLib.DuiLib::CDialogBuilder::Create+8A- E9 0A010000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+199
DuiLib.DuiLib::CDialogBuilder::Create+8F- 8D 8C 24 78020000     - lea ecx,[esp+00000278]
DuiLib.DuiLib::CDialogBuilder::Create+96- E8 FA820000           - call DuiLib.DuiLib::CMarkupNode::GetName
DuiLib.DuiLib::CDialogBuilder::Create+9B- 8B F0                 - mov esi,eax
DuiLib.DuiLib::CDialogBuilder::Create+9D- 68 3C362F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+1068 { ("Font") }
DuiLib.DuiLib::CDialogBuilder::Create+A2- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+A3- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+A5- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+A6- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+A7- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+A9- 75 17                 - jne DuiLib.DuiLib::CDialogBuilder::Create+C2
DuiLib.DuiLib::CDialogBuilder::Create+AB- 8B 4C 24 20           - mov ecx,[esp+20]
DuiLib.DuiLib::CDialogBuilder::Create+AF- 8D 84 24 78020000     - lea eax,[esp+00000278]
DuiLib.DuiLib::CDialogBuilder::Create+B6- 57                    - push edi
DuiLib.DuiLib::CDialogBuilder::Create+B7- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+B8- E8 3E070000           - call DuiLib.DuiLib::CDialogBuilder::ParseFontNode
DuiLib.DuiLib::CDialogBuilder::Create+BD- E9 A6000000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+168
DuiLib.DuiLib::CDialogBuilder::Create+C2- 68 48362F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+1074 { ("Default") }
DuiLib.DuiLib::CDialogBuilder::Create+C7- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+C8- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+CA- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+CB- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+CC- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+CE- 0F85 94000000         - jne DuiLib.DuiLib::CDialogBuilder::Create+168
DuiLib.DuiLib::CDialogBuilder::Create+D4- 8D 8C 24 78020000     - lea ecx,[esp+00000278]
DuiLib.DuiLib::CDialogBuilder::Create+DB- E8 A6840000           - call DuiLib.DuiLib::CMarkupNode::GetAttributeCount
DuiLib.DuiLib::CDialogBuilder::Create+E0- 83 64 24 14 00        - and dword ptr [esp+14],00 { 0 }
DuiLib.DuiLib::CDialogBuilder::Create+E5- 33 C9                 - xor ecx,ecx
DuiLib.DuiLib::CDialogBuilder::Create+E7- 33 F6                 - xor esi,esi
DuiLib.DuiLib::CDialogBuilder::Create+E9- 89 44 24 1C           - mov [esp+1C],eax
DuiLib.DuiLib::CDialogBuilder::Create+ED- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+EF- 7E 77                 - jle DuiLib.DuiLib::CDialogBuilder::Create+168
DuiLib.DuiLib::CDialogBuilder::Create+F1- 8B F9                 - mov edi,ecx
DuiLib.DuiLib::CDialogBuilder::Create+F3- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+F4- 8D 8C 24 7C020000     - lea ecx,[esp+0000027C]
DuiLib.DuiLib::CDialogBuilder::Create+FB- E8 CE820000           - call DuiLib.DuiLib::CMarkupNode::GetAttributeName
DuiLib.DuiLib::CDialogBuilder::Create+100- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+101- 8D 8C 24 7C020000     - lea ecx,[esp+0000027C]
DuiLib.DuiLib::CDialogBuilder::Create+108- 89 44 24 10           - mov [esp+10],eax
DuiLib.DuiLib::CDialogBuilder::Create+10C- E8 02830000           - call DuiLib.DuiLib::CMarkupNode::GetAttributeValue
DuiLib.DuiLib::CDialogBuilder::Create+111- 68 48342F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+E74 { ("name") }
DuiLib.DuiLib::CDialogBuilder::Create+116- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+11A- 89 44 24 20           - mov [esp+20],eax
DuiLib.DuiLib::CDialogBuilder::Create+11E- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+120- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+121- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+122- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+124- 75 0A                 - jne DuiLib.DuiLib::CDialogBuilder::Create+130
DuiLib.DuiLib::CDialogBuilder::Create+126- 8B 44 24 18           - mov eax,[esp+18]
DuiLib.DuiLib::CDialogBuilder::Create+12A- 89 44 24 14           - mov [esp+14],eax
DuiLib.DuiLib::CDialogBuilder::Create+12E- EB 18                 - jmp DuiLib.DuiLib::CDialogBuilder::Create+148
DuiLib.DuiLib::CDialogBuilder::Create+130- 68 908A2E51           - push DuiLib.DuiLib::IResLoaderManager::`vftable'+7C { ("value") }
DuiLib.DuiLib::CDialogBuilder::Create+135- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+139- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+13B- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+13D- 8B 44 24 1C           - mov eax,[esp+1C]
DuiLib.DuiLib::CDialogBuilder::Create+141- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+142- 0F44 7C 24 1C         - cmove edi,[esp+1C]
DuiLib.DuiLib::CDialogBuilder::Create+147- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+148- 46                    - inc esi
DuiLib.DuiLib::CDialogBuilder::Create+149- 3B 74 24 1C           - cmp esi,[esp+1C]
DuiLib.DuiLib::CDialogBuilder::Create+14D- 7C A4                 - jl DuiLib.DuiLib::CDialogBuilder::Create+F3
DuiLib.DuiLib::CDialogBuilder::Create+14F- 89 7C 24 0C           - mov [esp+0C],edi
DuiLib.DuiLib::CDialogBuilder::Create+153- 8B 7C 24 10           - mov edi,[esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+157- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+159- 74 0D                 - je DuiLib.DuiLib::CDialogBuilder::Create+168
DuiLib.DuiLib::CDialogBuilder::Create+15B- 8B 4C 24 0C           - mov ecx,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+15F- 51                    - push ecx
DuiLib.DuiLib::CDialogBuilder::Create+160- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+161- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+163- E8 3A600000           - call DuiLib.DuiLib::CPaintManagerUI::AddDefaultAttributeList
DuiLib.DuiLib::CDialogBuilder::Create+168- 8D 44 24 68           - lea eax,[esp+68]
DuiLib.DuiLib::CDialogBuilder::Create+16C- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+16D- 8D 8C 24 7C020000     - lea ecx,[esp+0000027C]
DuiLib.DuiLib::CDialogBuilder::Create+174- E8 B7800000           - call DuiLib.DuiLib::CMarkupNode::GetSibling
DuiLib.DuiLib::CDialogBuilder::Create+179- 8B F0                 - mov esi,eax
DuiLib.DuiLib::CDialogBuilder::Create+17B- 8D BC 24 78020000     - lea edi,[esp+00000278]
DuiLib.DuiLib::CDialogBuilder::Create+182- B9 83000000           - mov ecx,00000083 { 131 }
DuiLib.DuiLib::CDialogBuilder::Create+187- F3 A5                 - repe movsd 
DuiLib.DuiLib::CDialogBuilder::Create+189- 8D 8C 24 78020000     - lea ecx,[esp+00000278]
DuiLib.DuiLib::CDialogBuilder::Create+190- E8 F5810000           - call DuiLib.DuiLib::CMarkupNode::IsValid
DuiLib.DuiLib::CDialogBuilder::Create+195- 8B 7C 24 10           - mov edi,[esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+199- 84 C0                 - test al,al
DuiLib.DuiLib::CDialogBuilder::Create+19B- 0F85 EEFEFFFF         - jne DuiLib.DuiLib::CDialogBuilder::Create+8F
DuiLib.DuiLib::CDialogBuilder::Create+1A1- 8D 8C 24 88040000     - lea ecx,[esp+00000488]
DuiLib.DuiLib::CDialogBuilder::Create+1A8- E8 E8810000           - call DuiLib.DuiLib::CMarkupNode::GetName
DuiLib.DuiLib::CDialogBuilder::Create+1AD- 68 58362F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+1084 { ("Window") }
DuiLib.DuiLib::CDialogBuilder::Create+1B2- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+1B3- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+1B5- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+1B6- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+1B7- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+1B9- 0F85 FD050000         - jne DuiLib.DuiLib::CDialogBuilder::Create+7BC
DuiLib.DuiLib::CDialogBuilder::Create+1BF- 8D 4F 04              - lea ecx,[edi+04]
DuiLib.DuiLib::CDialogBuilder::Create+1C2- 8B 01                 - mov eax,[ecx]
DuiLib.DuiLib::CDialogBuilder::Create+1C4- FF 10                 - call dword ptr [eax]
DuiLib.DuiLib::CDialogBuilder::Create+1C6- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+1C8- 0F84 EE050000         - je DuiLib.DuiLib::CDialogBuilder::Create+7BC
DuiLib.DuiLib::CDialogBuilder::Create+1CE- 8D 8C 24 88040000     - lea ecx,[esp+00000488]
DuiLib.DuiLib::CDialogBuilder::Create+1D5- E8 AC830000           - call DuiLib.DuiLib::CMarkupNode::GetAttributeCount
DuiLib.DuiLib::CDialogBuilder::Create+1DA- 33 F6                 - xor esi,esi
DuiLib.DuiLib::CDialogBuilder::Create+1DC- 89 44 24 30           - mov [esp+30],eax
DuiLib.DuiLib::CDialogBuilder::Create+1E0- 89 74 24 14           - mov [esp+14],esi
DuiLib.DuiLib::CDialogBuilder::Create+1E4- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+1E6- 0F8E D0050000         - jng DuiLib.DuiLib::CDialogBuilder::Create+7BC
DuiLib.DuiLib::CDialogBuilder::Create+1EC- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+1ED- 8D 8C 24 8C040000     - lea ecx,[esp+0000048C]
DuiLib.DuiLib::CDialogBuilder::Create+1F4- E8 D5810000           - call DuiLib.DuiLib::CMarkupNode::GetAttributeName
DuiLib.DuiLib::CDialogBuilder::Create+1F9- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+1FA- 8D 8C 24 8C040000     - lea ecx,[esp+0000048C]
DuiLib.DuiLib::CDialogBuilder::Create+201- 89 44 24 10           - mov [esp+10],eax
DuiLib.DuiLib::CDialogBuilder::Create+205- E8 09820000           - call DuiLib.DuiLib::CMarkupNode::GetAttributeValue
DuiLib.DuiLib::CDialogBuilder::Create+20A- 68 C0302F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+AEC { ("size") }
DuiLib.DuiLib::CDialogBuilder::Create+20F- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+213- 8B F0                 - mov esi,eax
DuiLib.DuiLib::CDialogBuilder::Create+215- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+217- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+218- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+219- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+21B- 75 3D                 - jne DuiLib.DuiLib::CDialogBuilder::Create+25A
DuiLib.DuiLib::CDialogBuilder::Create+21D- 21 44 24 0C           - and [esp+0C],eax
DuiLib.DuiLib::CDialogBuilder::Create+221- 8D 44 24 0C           - lea eax,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+225- 6A 0A                 - push 0A { 10 }
DuiLib.DuiLib::CDialogBuilder::Create+227- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+228- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+229- FF 15 70672D51        - call dword ptr [512D6770] { ->ucrtbase.wcstol }
DuiLib.DuiLib::CDialogBuilder::Create+22F- 8B 4C 24 18           - mov ecx,[esp+18]
DuiLib.DuiLib::CDialogBuilder::Create+233- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+236- 8B F0                 - mov esi,eax
DuiLib.DuiLib::CDialogBuilder::Create+238- 83 C1 02              - add ecx,02 { 2 }
DuiLib.DuiLib::CDialogBuilder::Create+23B- 8D 44 24 0C           - lea eax,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+23F- 6A 0A                 - push 0A { 10 }
DuiLib.DuiLib::CDialogBuilder::Create+241- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+242- 51                    - push ecx
DuiLib.DuiLib::CDialogBuilder::Create+243- FF 15 70672D51        - call dword ptr [512D6770] { ->ucrtbase.wcstol }
DuiLib.DuiLib::CDialogBuilder::Create+249- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+24C- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+24E- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+24F- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+250- E8 2C210000           - call DuiLib.DuiLib::CPaintManagerUI::SetInitSize
DuiLib.DuiLib::CDialogBuilder::Create+255- E9 4F050000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+25A- 68 68362F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+1094 { ("sizebox") }
DuiLib.DuiLib::CDialogBuilder::Create+25F- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+263- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+265- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+266- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+267- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+269- 75 7F                 - jne DuiLib.DuiLib::CDialogBuilder::Create+2EA
DuiLib.DuiLib::CDialogBuilder::Create+26B- 83 64 24 0C 00        - and dword ptr [esp+0C],00 { 0 }
DuiLib.DuiLib::CDialogBuilder::Create+270- 8D 7C 24 3C           - lea edi,[esp+3C]
DuiLib.DuiLib::CDialogBuilder::Create+274- AB                    - stosd 
DuiLib.DuiLib::CDialogBuilder::Create+275- 6A 0A                 - push 0A { 10 }
DuiLib.DuiLib::CDialogBuilder::Create+277- AB                    - stosd 
DuiLib.DuiLib::CDialogBuilder::Create+278- AB                    - stosd 
DuiLib.DuiLib::CDialogBuilder::Create+279- 8D 44 24 10           - lea eax,[esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+27D- 5F                    - pop edi
DuiLib.DuiLib::CDialogBuilder::Create+27E- 57                    - push edi
DuiLib.DuiLib::CDialogBuilder::Create+27F- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+280- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+281- 8B 35 70672D51        - mov esi,[512D6770] { (74D7E3D0) }
DuiLib.DuiLib::CDialogBuilder::Create+287- FF D6                 - call esi
DuiLib.DuiLib::CDialogBuilder::Create+289- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+28C- 89 44 24 38           - mov [esp+38],eax
DuiLib.DuiLib::CDialogBuilder::Create+290- 8D 44 24 0C           - lea eax,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+294- 57                    - push edi
DuiLib.DuiLib::CDialogBuilder::Create+295- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+296- 8B 44 24 14           - mov eax,[esp+14]
DuiLib.DuiLib::CDialogBuilder::Create+29A- 83 C0 02              - add eax,02 { 2 }
DuiLib.DuiLib::CDialogBuilder::Create+29D- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+29E- FF D6                 - call esi
DuiLib.DuiLib::CDialogBuilder::Create+2A0- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+2A3- 89 44 24 3C           - mov [esp+3C],eax
DuiLib.DuiLib::CDialogBuilder::Create+2A7- 8D 44 24 0C           - lea eax,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+2AB- 57                    - push edi
DuiLib.DuiLib::CDialogBuilder::Create+2AC- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+2AD- 8B 44 24 14           - mov eax,[esp+14]
DuiLib.DuiLib::CDialogBuilder::Create+2B1- 83 C0 02              - add eax,02 { 2 }
DuiLib.DuiLib::CDialogBuilder::Create+2B4- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+2B5- FF D6                 - call esi
DuiLib.DuiLib::CDialogBuilder::Create+2B7- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+2BA- 89 44 24 40           - mov [esp+40],eax
DuiLib.DuiLib::CDialogBuilder::Create+2BE- 8D 44 24 0C           - lea eax,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+2C2- 57                    - push edi
DuiLib.DuiLib::CDialogBuilder::Create+2C3- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+2C4- 8B 44 24 14           - mov eax,[esp+14]
DuiLib.DuiLib::CDialogBuilder::Create+2C8- 83 C0 02              - add eax,02 { 2 }
DuiLib.DuiLib::CDialogBuilder::Create+2CB- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+2CC- FF D6                 - call esi
DuiLib.DuiLib::CDialogBuilder::Create+2CE- 8B 7C 24 1C           - mov edi,[esp+1C]
DuiLib.DuiLib::CDialogBuilder::Create+2D2- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+2D5- 89 44 24 44           - mov [esp+44],eax
DuiLib.DuiLib::CDialogBuilder::Create+2D9- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+2DB- 8D 44 24 38           - lea eax,[esp+38]
DuiLib.DuiLib::CDialogBuilder::Create+2DF- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+2E0- E8 DC200000           - call DuiLib.DuiLib::CPaintManagerUI::SetSizeBox
DuiLib.DuiLib::CDialogBuilder::Create+2E5- E9 BF040000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+2EA- 68 78362F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+10A4 { ("caption") }
DuiLib.DuiLib::CDialogBuilder::Create+2EF- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+2F3- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+2F5- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+2F6- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+2F7- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+2F9- 75 7F                 - jne DuiLib.DuiLib::CDialogBuilder::Create+37A
DuiLib.DuiLib::CDialogBuilder::Create+2FB- 83 64 24 0C 00        - and dword ptr [esp+0C],00 { 0 }
DuiLib.DuiLib::CDialogBuilder::Create+300- 8D 7C 24 4C           - lea edi,[esp+4C]
DuiLib.DuiLib::CDialogBuilder::Create+304- AB                    - stosd 
DuiLib.DuiLib::CDialogBuilder::Create+305- 6A 0A                 - push 0A { 10 }
DuiLib.DuiLib::CDialogBuilder::Create+307- AB                    - stosd 
DuiLib.DuiLib::CDialogBuilder::Create+308- AB                    - stosd 
DuiLib.DuiLib::CDialogBuilder::Create+309- 8D 44 24 10           - lea eax,[esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+30D- 5F                    - pop edi
DuiLib.DuiLib::CDialogBuilder::Create+30E- 57                    - push edi
DuiLib.DuiLib::CDialogBuilder::Create+30F- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+310- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+311- 8B 35 70672D51        - mov esi,[512D6770] { (74D7E3D0) }
DuiLib.DuiLib::CDialogBuilder::Create+317- FF D6                 - call esi
DuiLib.DuiLib::CDialogBuilder::Create+319- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+31C- 89 44 24 48           - mov [esp+48],eax
DuiLib.DuiLib::CDialogBuilder::Create+320- 8D 44 24 0C           - lea eax,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+324- 57                    - push edi
DuiLib.DuiLib::CDialogBuilder::Create+325- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+326- 8B 44 24 14           - mov eax,[esp+14]
DuiLib.DuiLib::CDialogBuilder::Create+32A- 83 C0 02              - add eax,02 { 2 }
DuiLib.DuiLib::CDialogBuilder::Create+32D- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+32E- FF D6                 - call esi
DuiLib.DuiLib::CDialogBuilder::Create+330- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+333- 89 44 24 4C           - mov [esp+4C],eax
DuiLib.DuiLib::CDialogBuilder::Create+337- 8D 44 24 0C           - lea eax,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+33B- 57                    - push edi
DuiLib.DuiLib::CDialogBuilder::Create+33C- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+33D- 8B 44 24 14           - mov eax,[esp+14]
DuiLib.DuiLib::CDialogBuilder::Create+341- 83 C0 02              - add eax,02 { 2 }
DuiLib.DuiLib::CDialogBuilder::Create+344- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+345- FF D6                 - call esi
DuiLib.DuiLib::CDialogBuilder::Create+347- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+34A- 89 44 24 50           - mov [esp+50],eax
DuiLib.DuiLib::CDialogBuilder::Create+34E- 8D 44 24 0C           - lea eax,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+352- 57                    - push edi
DuiLib.DuiLib::CDialogBuilder::Create+353- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+354- 8B 44 24 14           - mov eax,[esp+14]
DuiLib.DuiLib::CDialogBuilder::Create+358- 83 C0 02              - add eax,02 { 2 }
DuiLib.DuiLib::CDialogBuilder::Create+35B- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+35C- FF D6                 - call esi
DuiLib.DuiLib::CDialogBuilder::Create+35E- 8B 7C 24 1C           - mov edi,[esp+1C]
DuiLib.DuiLib::CDialogBuilder::Create+362- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+365- 89 44 24 54           - mov [esp+54],eax
DuiLib.DuiLib::CDialogBuilder::Create+369- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+36B- 8D 44 24 48           - lea eax,[esp+48]
DuiLib.DuiLib::CDialogBuilder::Create+36F- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+370- E8 6B200000           - call DuiLib.DuiLib::CPaintManagerUI::SetCaptionRect
DuiLib.DuiLib::CDialogBuilder::Create+375- E9 2F040000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+37A- 68 30892E51           - push DuiLib.DuiLib::IResLoader::`vftable'+C8 { ("roundcorner") }
DuiLib.DuiLib::CDialogBuilder::Create+37F- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+383- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+385- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+386- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+387- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+389- 75 15                 - jne DuiLib.DuiLib::CDialogBuilder::Create+3A0
DuiLib.DuiLib::CDialogBuilder::Create+38B- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+38C- E8 EA42FFFF           - call DuiLib.DuiLib::GetSizeAttribute
DuiLib.DuiLib::CDialogBuilder::Create+391- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+392- 52                    - push edx
DuiLib.DuiLib::CDialogBuilder::Create+393- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+394- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+396- E8 78200000           - call DuiLib.DuiLib::CPaintManagerUI::SetRoundCorner
DuiLib.DuiLib::CDialogBuilder::Create+39B- E9 09040000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+3A0- 68 88362F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+10B4 { ("mininfo") }
DuiLib.DuiLib::CDialogBuilder::Create+3A5- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+3A9- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+3AB- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+3AC- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+3AD- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+3AF- 75 3D                 - jne DuiLib.DuiLib::CDialogBuilder::Create+3EE
DuiLib.DuiLib::CDialogBuilder::Create+3B1- 21 44 24 0C           - and [esp+0C],eax
DuiLib.DuiLib::CDialogBuilder::Create+3B5- 8D 44 24 0C           - lea eax,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+3B9- 6A 0A                 - push 0A { 10 }
DuiLib.DuiLib::CDialogBuilder::Create+3BB- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+3BC- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+3BD- FF 15 70672D51        - call dword ptr [512D6770] { ->ucrtbase.wcstol }
DuiLib.DuiLib::CDialogBuilder::Create+3C3- 8B 4C 24 18           - mov ecx,[esp+18]
DuiLib.DuiLib::CDialogBuilder::Create+3C7- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+3CA- 8B F0                 - mov esi,eax
DuiLib.DuiLib::CDialogBuilder::Create+3CC- 83 C1 02              - add ecx,02 { 2 }
DuiLib.DuiLib::CDialogBuilder::Create+3CF- 8D 44 24 0C           - lea eax,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+3D3- 6A 0A                 - push 0A { 10 }
DuiLib.DuiLib::CDialogBuilder::Create+3D5- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+3D6- 51                    - push ecx
DuiLib.DuiLib::CDialogBuilder::Create+3D7- FF 15 70672D51        - call dword ptr [512D6770] { ->ucrtbase.wcstol }
DuiLib.DuiLib::CDialogBuilder::Create+3DD- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+3E0- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+3E2- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+3E3- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+3E4- E8 5E200000           - call DuiLib.DuiLib::CPaintManagerUI::SetMinInfo
DuiLib.DuiLib::CDialogBuilder::Create+3E9- E9 BB030000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+3EE- 68 98362F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+10C4 { ("maxinfo") }
DuiLib.DuiLib::CDialogBuilder::Create+3F3- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+3F7- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+3F9- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+3FA- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+3FB- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+3FD- 75 3D                 - jne DuiLib.DuiLib::CDialogBuilder::Create+43C
DuiLib.DuiLib::CDialogBuilder::Create+3FF- 21 44 24 0C           - and [esp+0C],eax
DuiLib.DuiLib::CDialogBuilder::Create+403- 8D 44 24 0C           - lea eax,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+407- 6A 0A                 - push 0A { 10 }
DuiLib.DuiLib::CDialogBuilder::Create+409- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+40A- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+40B- FF 15 70672D51        - call dword ptr [512D6770] { ->ucrtbase.wcstol }
DuiLib.DuiLib::CDialogBuilder::Create+411- 8B 4C 24 18           - mov ecx,[esp+18]
DuiLib.DuiLib::CDialogBuilder::Create+415- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+418- 8B F0                 - mov esi,eax
DuiLib.DuiLib::CDialogBuilder::Create+41A- 83 C1 02              - add ecx,02 { 2 }
DuiLib.DuiLib::CDialogBuilder::Create+41D- 8D 44 24 0C           - lea eax,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+421- 6A 0A                 - push 0A { 10 }
DuiLib.DuiLib::CDialogBuilder::Create+423- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+424- 51                    - push ecx
DuiLib.DuiLib::CDialogBuilder::Create+425- FF 15 70672D51        - call dword ptr [512D6770] { ->ucrtbase.wcstol }
DuiLib.DuiLib::CDialogBuilder::Create+42B- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+42E- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+430- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+431- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+432- E8 44200000           - call DuiLib.DuiLib::CPaintManagerUI::SetMaxInfo
DuiLib.DuiLib::CDialogBuilder::Create+437- E9 6D030000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+43C- 68 A8362F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+10D4 { ("showdirty") }
DuiLib.DuiLib::CDialogBuilder::Create+441- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+445- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+447- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+448- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+449- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+44B- 75 20                 - jne DuiLib.DuiLib::CDialogBuilder::Create+46D
DuiLib.DuiLib::CDialogBuilder::Create+44D- 68 80722E51           - push DuiLib.DuiLib::CWindowAccessibility::`vftable'+66A4 { ("true") }
DuiLib.DuiLib::CDialogBuilder::Create+452- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+453- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+455- F7 D8                 - neg eax
DuiLib.DuiLib::CDialogBuilder::Create+457- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+458- 1A C0                 - sbb al,al
DuiLib.DuiLib::CDialogBuilder::Create+45A- FE C0                 - inc al
DuiLib.DuiLib::CDialogBuilder::Create+45C- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+45D- 0FB6 C0               - movzx eax,al
DuiLib.DuiLib::CDialogBuilder::Create+460- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+462- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+463- E8 D5200000           - call DuiLib.DuiLib::CPaintManagerUI::SetShowUpdateRect
DuiLib.DuiLib::CDialogBuilder::Create+468- E9 3C030000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+46D- 68 BC362F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+10E8 { ("alpha") }
DuiLib.DuiLib::CDialogBuilder::Create+472- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+476- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+478- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+479- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+47A- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+47C- 75 15                 - jne DuiLib.DuiLib::CDialogBuilder::Create+493
DuiLib.DuiLib::CDialogBuilder::Create+47E- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+47F- FF 15 68672D51        - call dword ptr [512D6768] { ->ucrtbase.wtoi }
DuiLib.DuiLib::CDialogBuilder::Create+485- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+486- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+487- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+489- E8 0A200000           - call DuiLib.DuiLib::CPaintManagerUI::SetTransparent
DuiLib.DuiLib::CDialogBuilder::Create+48E- E9 16030000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+493- 68 C8362F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+10F4 { ("bktrans") }
DuiLib.DuiLib::CDialogBuilder::Create+498- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+49C- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+49E- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+49F- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+4A0- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+4A2- 75 20                 - jne DuiLib.DuiLib::CDialogBuilder::Create+4C4
DuiLib.DuiLib::CDialogBuilder::Create+4A4- 68 80722E51           - push DuiLib.DuiLib::CWindowAccessibility::`vftable'+66A4 { ("true") }
DuiLib.DuiLib::CDialogBuilder::Create+4A9- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+4AA- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+4AC- F7 D8                 - neg eax
DuiLib.DuiLib::CDialogBuilder::Create+4AE- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+4AF- 1A C0                 - sbb al,al
DuiLib.DuiLib::CDialogBuilder::Create+4B1- FE C0                 - inc al
DuiLib.DuiLib::CDialogBuilder::Create+4B3- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+4B4- 0FB6 C0               - movzx eax,al
DuiLib.DuiLib::CDialogBuilder::Create+4B7- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+4B9- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+4BA- E8 6A200000           - call DuiLib.DuiLib::CPaintManagerUI::SetBackgroundTransparent
DuiLib.DuiLib::CDialogBuilder::Create+4BF- E9 E5020000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+4C4- 68 D8362F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+1104 { ("disabledfontcolor") }
DuiLib.DuiLib::CDialogBuilder::Create+4C9- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+4CD- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+4CF- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+4D0- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+4D1- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+4D3- 75 34                 - jne DuiLib.DuiLib::CDialogBuilder::Create+509
DuiLib.DuiLib::CDialogBuilder::Create+4D5- 6A 23                 - push 23 { 35 }
DuiLib.DuiLib::CDialogBuilder::Create+4D7- 58                    - pop eax
DuiLib.DuiLib::CDialogBuilder::Create+4D8- 66 39 06              - cmp [esi],ax
DuiLib.DuiLib::CDialogBuilder::Create+4DB- 75 09                 - jne DuiLib.DuiLib::CDialogBuilder::Create+4E6
DuiLib.DuiLib::CDialogBuilder::Create+4DD- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+4DE- FF 15 54662D51        - call dword ptr [512D6654] { ->USER32.CharNextW }
DuiLib.DuiLib::CDialogBuilder::Create+4E4- 8B F0                 - mov esi,eax
DuiLib.DuiLib::CDialogBuilder::Create+4E6- 83 64 24 1C 00        - and dword ptr [esp+1C],00 { 0 }
DuiLib.DuiLib::CDialogBuilder::Create+4EB- 8D 44 24 1C           - lea eax,[esp+1C]
DuiLib.DuiLib::CDialogBuilder::Create+4EF- 6A 10                 - push 10 { 16 }
DuiLib.DuiLib::CDialogBuilder::Create+4F1- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+4F2- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+4F3- FF 15 74672D51        - call dword ptr [512D6774] { ->ucrtbase.wcstoul }
DuiLib.DuiLib::CDialogBuilder::Create+4F9- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+4FC- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+4FE- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+4FF- E8 22560000           - call DuiLib.DuiLib::CPaintManagerUI::SetDefaultDisabledColor
DuiLib.DuiLib::CDialogBuilder::Create+504- E9 A0020000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+509- 68 FC362F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+1128 { ("defaultfontcolor") }
DuiLib.DuiLib::CDialogBuilder::Create+50E- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+512- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+514- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+515- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+516- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+518- 75 34                 - jne DuiLib.DuiLib::CDialogBuilder::Create+54E
DuiLib.DuiLib::CDialogBuilder::Create+51A- 6A 23                 - push 23 { 35 }
DuiLib.DuiLib::CDialogBuilder::Create+51C- 58                    - pop eax
DuiLib.DuiLib::CDialogBuilder::Create+51D- 66 39 06              - cmp [esi],ax
DuiLib.DuiLib::CDialogBuilder::Create+520- 75 09                 - jne DuiLib.DuiLib::CDialogBuilder::Create+52B
DuiLib.DuiLib::CDialogBuilder::Create+522- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+523- FF 15 54662D51        - call dword ptr [512D6654] { ->USER32.CharNextW }
DuiLib.DuiLib::CDialogBuilder::Create+529- 8B F0                 - mov esi,eax
DuiLib.DuiLib::CDialogBuilder::Create+52B- 83 64 24 18 00        - and dword ptr [esp+18],00 { 0 }
DuiLib.DuiLib::CDialogBuilder::Create+530- 8D 44 24 18           - lea eax,[esp+18]
DuiLib.DuiLib::CDialogBuilder::Create+534- 6A 10                 - push 10 { 16 }
DuiLib.DuiLib::CDialogBuilder::Create+536- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+537- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+538- FF 15 74672D51        - call dword ptr [512D6774] { ->ucrtbase.wcstoul }
DuiLib.DuiLib::CDialogBuilder::Create+53E- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+541- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+543- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+544- E8 02560000           - call DuiLib.DuiLib::CPaintManagerUI::SetDefaultFontColor
DuiLib.DuiLib::CDialogBuilder::Create+549- E9 5B020000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+54E- 68 20372F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+114C { ("linkfontcolor") }
DuiLib.DuiLib::CDialogBuilder::Create+553- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+557- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+559- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+55A- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+55B- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+55D- 75 34                 - jne DuiLib.DuiLib::CDialogBuilder::Create+593
DuiLib.DuiLib::CDialogBuilder::Create+55F- 6A 23                 - push 23 { 35 }
DuiLib.DuiLib::CDialogBuilder::Create+561- 58                    - pop eax
DuiLib.DuiLib::CDialogBuilder::Create+562- 66 39 06              - cmp [esi],ax
DuiLib.DuiLib::CDialogBuilder::Create+565- 75 09                 - jne DuiLib.DuiLib::CDialogBuilder::Create+570
DuiLib.DuiLib::CDialogBuilder::Create+567- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+568- FF 15 54662D51        - call dword ptr [512D6654] { ->USER32.CharNextW }
DuiLib.DuiLib::CDialogBuilder::Create+56E- 8B F0                 - mov esi,eax
DuiLib.DuiLib::CDialogBuilder::Create+570- 83 64 24 24 00        - and dword ptr [esp+24],00 { 0 }
DuiLib.DuiLib::CDialogBuilder::Create+575- 8D 44 24 24           - lea eax,[esp+24]
DuiLib.DuiLib::CDialogBuilder::Create+579- 6A 10                 - push 10 { 16 }
DuiLib.DuiLib::CDialogBuilder::Create+57B- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+57C- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+57D- FF 15 74672D51        - call dword ptr [512D6774] { ->ucrtbase.wcstoul }
DuiLib.DuiLib::CDialogBuilder::Create+583- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+586- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+588- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+589- E8 E2550000           - call DuiLib.DuiLib::CPaintManagerUI::SetDefaultLinkFontColor
DuiLib.DuiLib::CDialogBuilder::Create+58E- E9 16020000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+593- 68 3C372F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+1168 { ("linkhoverfontcolor") }
DuiLib.DuiLib::CDialogBuilder::Create+598- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+59C- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+59E- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+59F- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+5A0- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+5A2- 75 34                 - jne DuiLib.DuiLib::CDialogBuilder::Create+5D8
DuiLib.DuiLib::CDialogBuilder::Create+5A4- 6A 23                 - push 23 { 35 }
DuiLib.DuiLib::CDialogBuilder::Create+5A6- 58                    - pop eax
DuiLib.DuiLib::CDialogBuilder::Create+5A7- 66 39 06              - cmp [esi],ax
DuiLib.DuiLib::CDialogBuilder::Create+5AA- 75 09                 - jne DuiLib.DuiLib::CDialogBuilder::Create+5B5
DuiLib.DuiLib::CDialogBuilder::Create+5AC- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+5AD- FF 15 54662D51        - call dword ptr [512D6654] { ->USER32.CharNextW }
DuiLib.DuiLib::CDialogBuilder::Create+5B3- 8B F0                 - mov esi,eax
DuiLib.DuiLib::CDialogBuilder::Create+5B5- 83 64 24 28 00        - and dword ptr [esp+28],00 { 0 }
DuiLib.DuiLib::CDialogBuilder::Create+5BA- 8D 44 24 28           - lea eax,[esp+28]
DuiLib.DuiLib::CDialogBuilder::Create+5BE- 6A 10                 - push 10 { 16 }
DuiLib.DuiLib::CDialogBuilder::Create+5C0- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+5C1- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+5C2- FF 15 74672D51        - call dword ptr [512D6774] { ->ucrtbase.wcstoul }
DuiLib.DuiLib::CDialogBuilder::Create+5C8- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+5CB- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+5CD- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+5CE- E8 C2550000           - call DuiLib.DuiLib::CPaintManagerUI::SetDefaultLinkHoverFontColor
DuiLib.DuiLib::CDialogBuilder::Create+5D3- E9 D1010000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+5D8- 68 64372F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+1190 { ("selectedcolor") }
DuiLib.DuiLib::CDialogBuilder::Create+5DD- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+5E1- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+5E3- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+5E4- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+5E5- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+5E7- 75 34                 - jne DuiLib.DuiLib::CDialogBuilder::Create+61D
DuiLib.DuiLib::CDialogBuilder::Create+5E9- 6A 23                 - push 23 { 35 }
DuiLib.DuiLib::CDialogBuilder::Create+5EB- 58                    - pop eax
DuiLib.DuiLib::CDialogBuilder::Create+5EC- 66 39 06              - cmp [esi],ax
DuiLib.DuiLib::CDialogBuilder::Create+5EF- 75 09                 - jne DuiLib.DuiLib::CDialogBuilder::Create+5FA
DuiLib.DuiLib::CDialogBuilder::Create+5F1- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+5F2- FF 15 54662D51        - call dword ptr [512D6654] { ->USER32.CharNextW }
DuiLib.DuiLib::CDialogBuilder::Create+5F8- 8B F0                 - mov esi,eax
DuiLib.DuiLib::CDialogBuilder::Create+5FA- 83 64 24 2C 00        - and dword ptr [esp+2C],00 { 0 }
DuiLib.DuiLib::CDialogBuilder::Create+5FF- 8D 44 24 2C           - lea eax,[esp+2C]
DuiLib.DuiLib::CDialogBuilder::Create+603- 6A 10                 - push 10 { 16 }
DuiLib.DuiLib::CDialogBuilder::Create+605- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+606- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+607- FF 15 74672D51        - call dword ptr [512D6774] { ->ucrtbase.wcstoul }
DuiLib.DuiLib::CDialogBuilder::Create+60D- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+610- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+612- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+613- E8 A2550000           - call DuiLib.DuiLib::CPaintManagerUI::SetDefaultSelectedBkColor
DuiLib.DuiLib::CDialogBuilder::Create+618- E9 8C010000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+61D- 68 80372F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+11AC { ("shadowimage") }
DuiLib.DuiLib::CDialogBuilder::Create+622- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+626- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+628- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+629- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+62A- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+62C- 75 14                 - jne DuiLib.DuiLib::CDialogBuilder::Create+642
DuiLib.DuiLib::CDialogBuilder::Create+62E- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+62F- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+631- E8 45680000           - call DuiLib.DuiLib::CPaintManagerUI::GetShadow
DuiLib.DuiLib::CDialogBuilder::Create+636- 8B C8                 - mov ecx,eax
DuiLib.DuiLib::CDialogBuilder::Create+638- E8 C8FCFEFF           - call DuiLib.DuiLib::CShadowUI::SetImage
DuiLib.DuiLib::CDialogBuilder::Create+63D- E9 67010000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+642- 68 98372F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+11C4 { ("showshadow") }
DuiLib.DuiLib::CDialogBuilder::Create+647- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+64B- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+64D- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+64E- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+64F- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+651- 75 27                 - jne DuiLib.DuiLib::CDialogBuilder::Create+67A
DuiLib.DuiLib::CDialogBuilder::Create+653- 68 80722E51           - push DuiLib.DuiLib::CWindowAccessibility::`vftable'+66A4 { ("true") }
DuiLib.DuiLib::CDialogBuilder::Create+658- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+659- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+65B- F7 D8                 - neg eax
DuiLib.DuiLib::CDialogBuilder::Create+65D- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+65E- 1A C0                 - sbb al,al
DuiLib.DuiLib::CDialogBuilder::Create+660- FE C0                 - inc al
DuiLib.DuiLib::CDialogBuilder::Create+662- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+663- 0FB6 C0               - movzx eax,al
DuiLib.DuiLib::CDialogBuilder::Create+666- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+668- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+669- E8 0D680000           - call DuiLib.DuiLib::CPaintManagerUI::GetShadow
DuiLib.DuiLib::CDialogBuilder::Create+66E- 8B C8                 - mov ecx,eax
DuiLib.DuiLib::CDialogBuilder::Create+670- E8 39FBFEFF           - call DuiLib.DuiLib::CShadowUI::ShowShadow
DuiLib.DuiLib::CDialogBuilder::Create+675- E9 2F010000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+67A- 68 B0372F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+11DC { ("shadowcorner") }
DuiLib.DuiLib::CDialogBuilder::Create+67F- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+683- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+685- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+686- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+687- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+689- 0F85 89000000         - jne DuiLib.DuiLib::CDialogBuilder::Create+718
DuiLib.DuiLib::CDialogBuilder::Create+68F- 83 64 24 0C 00        - and dword ptr [esp+0C],00 { 0 }
DuiLib.DuiLib::CDialogBuilder::Create+694- 8D 7C 24 5C           - lea edi,[esp+5C]
DuiLib.DuiLib::CDialogBuilder::Create+698- AB                    - stosd 
DuiLib.DuiLib::CDialogBuilder::Create+699- 6A 0A                 - push 0A { 10 }
DuiLib.DuiLib::CDialogBuilder::Create+69B- AB                    - stosd 
DuiLib.DuiLib::CDialogBuilder::Create+69C- AB                    - stosd 
DuiLib.DuiLib::CDialogBuilder::Create+69D- 8D 44 24 10           - lea eax,[esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+6A1- 5F                    - pop edi
DuiLib.DuiLib::CDialogBuilder::Create+6A2- 57                    - push edi
DuiLib.DuiLib::CDialogBuilder::Create+6A3- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+6A4- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+6A5- 8B 35 70672D51        - mov esi,[512D6770] { (74D7E3D0) }
DuiLib.DuiLib::CDialogBuilder::Create+6AB- FF D6                 - call esi
DuiLib.DuiLib::CDialogBuilder::Create+6AD- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+6B0- 89 44 24 58           - mov [esp+58],eax
DuiLib.DuiLib::CDialogBuilder::Create+6B4- 8D 44 24 0C           - lea eax,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+6B8- 57                    - push edi
DuiLib.DuiLib::CDialogBuilder::Create+6B9- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+6BA- 8B 44 24 14           - mov eax,[esp+14]
DuiLib.DuiLib::CDialogBuilder::Create+6BE- 83 C0 02              - add eax,02 { 2 }
DuiLib.DuiLib::CDialogBuilder::Create+6C1- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+6C2- FF D6                 - call esi
DuiLib.DuiLib::CDialogBuilder::Create+6C4- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+6C7- 89 44 24 5C           - mov [esp+5C],eax
DuiLib.DuiLib::CDialogBuilder::Create+6CB- 8D 44 24 0C           - lea eax,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+6CF- 57                    - push edi
DuiLib.DuiLib::CDialogBuilder::Create+6D0- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+6D1- 8B 44 24 14           - mov eax,[esp+14]
DuiLib.DuiLib::CDialogBuilder::Create+6D5- 83 C0 02              - add eax,02 { 2 }
DuiLib.DuiLib::CDialogBuilder::Create+6D8- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+6D9- FF D6                 - call esi
DuiLib.DuiLib::CDialogBuilder::Create+6DB- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+6DE- 89 44 24 60           - mov [esp+60],eax
DuiLib.DuiLib::CDialogBuilder::Create+6E2- 8D 44 24 0C           - lea eax,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+6E6- 57                    - push edi
DuiLib.DuiLib::CDialogBuilder::Create+6E7- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+6E8- 8B 44 24 14           - mov eax,[esp+14]
DuiLib.DuiLib::CDialogBuilder::Create+6EC- 83 C0 02              - add eax,02 { 2 }
DuiLib.DuiLib::CDialogBuilder::Create+6EF- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+6F0- FF D6                 - call esi
DuiLib.DuiLib::CDialogBuilder::Create+6F2- 51                    - push ecx
DuiLib.DuiLib::CDialogBuilder::Create+6F3- 8B FC                 - mov edi,esp
DuiLib.DuiLib::CDialogBuilder::Create+6F5- 89 44 24 74           - mov [esp+74],eax
DuiLib.DuiLib::CDialogBuilder::Create+6F9- 8D 74 24 68           - lea esi,[esp+68]
DuiLib.DuiLib::CDialogBuilder::Create+6FD- A5                    - movsd 
DuiLib.DuiLib::CDialogBuilder::Create+6FE- A5                    - movsd 
DuiLib.DuiLib::CDialogBuilder::Create+6FF- A5                    - movsd 
DuiLib.DuiLib::CDialogBuilder::Create+700- A5                    - movsd 
DuiLib.DuiLib::CDialogBuilder::Create+701- 8B 7C 24 20           - mov edi,[esp+20]
DuiLib.DuiLib::CDialogBuilder::Create+705- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+707- E8 6F670000           - call DuiLib.DuiLib::CPaintManagerUI::GetShadow
DuiLib.DuiLib::CDialogBuilder::Create+70C- 8B C8                 - mov ecx,eax
DuiLib.DuiLib::CDialogBuilder::Create+70E- E8 67FCFEFF           - call DuiLib.DuiLib::CShadowUI::SetShadowCorner
DuiLib.DuiLib::CDialogBuilder::Create+713- E9 91000000           - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+718- 68 CC372F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+11F8 { ("shadowinner") }
DuiLib.DuiLib::CDialogBuilder::Create+71D- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+721- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+723- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+724- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+725- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+727- 75 26                 - jne DuiLib.DuiLib::CDialogBuilder::Create+74F
DuiLib.DuiLib::CDialogBuilder::Create+729- 21 44 24 0C           - and [esp+0C],eax
DuiLib.DuiLib::CDialogBuilder::Create+72D- 8D 44 24 0C           - lea eax,[esp+0C]
DuiLib.DuiLib::CDialogBuilder::Create+731- 6A 0A                 - push 0A { 10 }
DuiLib.DuiLib::CDialogBuilder::Create+733- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+734- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+735- FF 15 70672D51        - call dword ptr [512D6770] { ->ucrtbase.wcstol }
DuiLib.DuiLib::CDialogBuilder::Create+73B- 83 C4 0C              - add esp,0C { 12 }
DuiLib.DuiLib::CDialogBuilder::Create+73E- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+740- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+741- E8 35670000           - call DuiLib.DuiLib::CPaintManagerUI::GetShadow
DuiLib.DuiLib::CDialogBuilder::Create+746- 8B C8                 - mov ecx,eax
DuiLib.DuiLib::CDialogBuilder::Create+748- E8 89FCFEFF           - call DuiLib.DuiLib::CShadowUI::SetShadowInner
DuiLib.DuiLib::CDialogBuilder::Create+74D- EB 5A                 - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+74F- 68 E4372F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+1210 { ("autochangebg") }
DuiLib.DuiLib::CDialogBuilder::Create+754- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+758- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+75A- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+75B- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+75C- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+75E- 75 1D                 - jne DuiLib.DuiLib::CDialogBuilder::Create+77D
DuiLib.DuiLib::CDialogBuilder::Create+760- 68 80722E51           - push DuiLib.DuiLib::CWindowAccessibility::`vftable'+66A4 { ("true") }
DuiLib.DuiLib::CDialogBuilder::Create+765- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+766- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+768- F7 D8                 - neg eax
DuiLib.DuiLib::CDialogBuilder::Create+76A- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+76B- 1A C0                 - sbb al,al
DuiLib.DuiLib::CDialogBuilder::Create+76D- FE C0                 - inc al
DuiLib.DuiLib::CDialogBuilder::Create+76F- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+770- 0FB6 C0               - movzx eax,al
DuiLib.DuiLib::CDialogBuilder::Create+773- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+775- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+776- E8 EF610000           - call DuiLib.DuiLib::CPaintManagerUI::setAutoChangeBG
DuiLib.DuiLib::CDialogBuilder::Create+77B- EB 2C                 - jmp DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+77D- 68 00382F51           - push DuiLib.DuiLib::CNotifyPump::messageMap+122C { ("wanttaborder") }
DuiLib.DuiLib::CDialogBuilder::Create+782- FF 74 24 10           - push [esp+10]
DuiLib.DuiLib::CDialogBuilder::Create+786- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+788- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+789- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+78A- 85 C0                 - test eax,eax
DuiLib.DuiLib::CDialogBuilder::Create+78C- 75 1B                 - jne DuiLib.DuiLib::CDialogBuilder::Create+7A9
DuiLib.DuiLib::CDialogBuilder::Create+78E- 68 80722E51           - push DuiLib.DuiLib::CWindowAccessibility::`vftable'+66A4 { ("true") }
DuiLib.DuiLib::CDialogBuilder::Create+793- 56                    - push esi
DuiLib.DuiLib::CDialogBuilder::Create+794- FF D3                 - call ebx
DuiLib.DuiLib::CDialogBuilder::Create+796- F7 D8                 - neg eax
DuiLib.DuiLib::CDialogBuilder::Create+798- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+799- 1A C0                 - sbb al,al
DuiLib.DuiLib::CDialogBuilder::Create+79B- FE C0                 - inc al
DuiLib.DuiLib::CDialogBuilder::Create+79D- 59                    - pop ecx
DuiLib.DuiLib::CDialogBuilder::Create+79E- 0FB6 C0               - movzx eax,al
DuiLib.DuiLib::CDialogBuilder::Create+7A1- 8B CF                 - mov ecx,edi
DuiLib.DuiLib::CDialogBuilder::Create+7A3- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+7A4- E8 99690000           - call DuiLib.DuiLib::CPaintManagerUI::EnableTabOrder
DuiLib.DuiLib::CDialogBuilder::Create+7A9- 8B 74 24 14           - mov esi,[esp+14]
DuiLib.DuiLib::CDialogBuilder::Create+7AD- 46                    - inc esi
DuiLib.DuiLib::CDialogBuilder::Create+7AE- 89 74 24 14           - mov [esp+14],esi
DuiLib.DuiLib::CDialogBuilder::Create+7B2- 3B 74 24 30           - cmp esi,[esp+30]
DuiLib.DuiLib::CDialogBuilder::Create+7B6- 0F8C 30FAFFFF         - jl DuiLib.DuiLib::CDialogBuilder::Create+1EC
DuiLib.DuiLib::CDialogBuilder::Create+7BC- 8B 4C 24 20           - mov ecx,[esp+20]
DuiLib.DuiLib::CDialogBuilder::Create+7C0- 8D 84 24 88040000     - lea eax,[esp+00000488]
DuiLib.DuiLib::CDialogBuilder::Create+7C7- 57                    - push edi
DuiLib.DuiLib::CDialogBuilder::Create+7C8- FF 74 24 38           - push [esp+38]
DuiLib.DuiLib::CDialogBuilder::Create+7CC- 50                    - push eax
DuiLib.DuiLib::CDialogBuilder::Create+7CD- E8 E5010000           - call DuiLib.DuiLib::CDialogBuilder::_Parse
DuiLib.DuiLib::CDialogBuilder::Create+7D2- 8B 8C 24 9C060000     - mov ecx,[esp+0000069C]
DuiLib.DuiLib::CDialogBuilder::Create+7D9- 5F                    - pop edi
DuiLib.DuiLib::CDialogBuilder::Create+7DA- 5E                    - pop esi
DuiLib.DuiLib::CDialogBuilder::Create+7DB- 5B                    - pop ebx
DuiLib.DuiLib::CDialogBuilder::Create+7DC- 33 CC                 - xor ecx,esp
DuiLib.DuiLib::CDialogBuilder::Create+7DE- E8 69CB0900           - call 512797AD
DuiLib.DuiLib::CDialogBuilder::Create+7E3- 8B E5                 - mov esp,ebp
DuiLib.DuiLib::CDialogBuilder::Create+7E5- 5D                    - pop ebp
DuiLib.DuiLib::CDialogBuilder::Create+7E6- C2 0C00               - ret 000C { 12 }


2019-11-19 13:21
0
雪    币: 2106
活跃值: (2659)
能力值: ( LV4,RANK:55 )
在线值:
发帖
回帖
粉丝
20
我找完了
2020-2-6 15:55
0
雪    币:
能力值: ( LV1,RANK:0 )
在线值:
发帖
回帖
粉丝
21
如何找到发消息的call?是通过按钮事件?还是通过发消息后清空消息?
2021-3-9 17:07
0
雪    币: 4794
活跃值: (4494)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
22
评论区统统铐走
2021-3-10 20:24
0
雪    币: 230
能力值: ( LV1,RANK:0 )
在线值:
发帖
回帖
粉丝
23
TX杀手 //下面是按钮CALL内部,其里面又消息发送CALL,本段伪代码来自IDA静态编译企业XX——&nbsp;欢迎看雪高手研究 void&nbsp;__thiscall&nbsp ...
发消息的call找到了,但是参数构造有问题,能加我Q交流下?{QQ:68837350}
2021-8-5 13:28
0
游客
登录 | 注册 方可回帖
返回
//