您能帮忙编写这段汇编语言代码吗?

发布于 2024-08-05 20:03:34 字数 595 浏览 7 评论 0原文

我一直在查看我试图“改进”的电脑游戏的一段代码。 (好吧,也许我不喜欢这个游戏,但我仍然想玩它)。请您查看以下代码:

fld dword ptr[ebp+00007B1C]
fsub dword ptr[esp+64]
fst dword ptr[ebp+00007B1C]
call 004A2E48

此代码每秒被调用一次,用于关卡倒计时器。我需要在特定的水平上停留几分钟。如果我可以修改上面的代码,使推入地址 [ebp+00007B1C] 的值为 0,那么游戏关卡将始终超时,这样我就可以免去玩那些疯狂的“生存”迷你游戏了。

我将解释我从这段代码中理解的内容。 别担心,您不必深入了解这一点。第一行中,我们获取计时器值。例如,如果还剩 97 秒,则在此加载该值。
第二行中,从 97 中减去一个值(1 秒)。
第三行中,96 再次被移入内存。 最后,我们有一个函数调用,它将根据剩余时间进行其他处理。

现在我需要做的就是以某种方式修补这段代码,以便推送的值为 0(在第三步中)。
你能帮我解决这个问题吗?

I've been looking through a piece of code of a pc game that I'm trying to "improve". (ok so maybe I suck at the game but I still want to play it). Could you please look into the following code:

fld dword ptr[ebp+00007B1C]
fsub dword ptr[esp+64]
fst dword ptr[ebp+00007B1C]
call 004A2E48

This code is called every second for the level countdown timer. I need to stay on a particular level for a few minutes. If I can modify the above code so that the value pushed into the address [ebp+00007B1C] is 0 then the game level will always time out and it will save me playing those crazy "survival" minigames.

I'll explain what I understand from this code. Dont worry, you dont have to go deep into this.
In the first line we get the timer value. For example if 97 seconds are remaining then it is here that this value is loaded.
In the second line a value (1 second) is subtracted from 97.
In the third line 96 is again moved to memory.
And finally we have the function call that will do other processing based on the time remaining.

Now all I need to do is patch this piece of code somehow so that the value that is pushed is 0 (in the third step).
Can you please help me out with this?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

吻泪 2024-08-12 20:03:34

替换

fld dword ptr[ebp+00007B1C]
fsub dword ptr[esp+64]

fldz ; Push zero on to top of floating point stack
nop ; From the end of the fldz to the beginning of the store instruction

Replace

fld dword ptr[ebp+00007B1C]
fsub dword ptr[esp+64]

with

fldz ; Push zero on to top of floating point stack
nop ; From the end of the fldz to the beginning of the store instruction
圈圈圆圆圈圈 2024-08-12 20:03:34

另一个补丁:
替换

fld dword ptr[ebp+00007B1C]

fld dword ptr[esp+64]
NOP
NOP

Another patch:
replace

fld dword ptr[ebp+00007B1C]

with

fld dword ptr[esp+64]
NOP
NOP
我最亲爱的 2024-08-12 20:03:34

只需 no 出第二个命令即可。也就是说,找出 fsub 命令占用了多少字节,并用那么多无操作字节码(0x90)覆盖它。

Just nop out the second command. That is, find out how many bytes the fsub command takes and overwrite it with that many no-operation bytecodes (0x90).

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文