直接在EXE里面设置GM喊话代码-老牌完美私服网

完美世界私服

家族联盟

网页小偷

直接在EXE里面设置GM喊话代码

:004D2B38 E88F13F3FF call 00403ECC
:004D2B3D 8BC8 mov ecx, eax
:004D2B42 BA03000000 mov edx, 00000003
:004D2B28 8B45F8 mov eax, dword ptr [ebp-08]
:004D2B2B 80780121 cmp byte ptr [eax+01], 21
:004D2B47 8B45F8 mov eax, dword ptr [ebp-08]
:004D2B4A E88515F3FF call 004040D4
:004D2B4F 8D8564FFFFFF lea eax, dword ptr [ebp+FFFFFF64]
:004D2B55 8B4DF4 mov ecx, dword ptr [ebp-0C]
:004D2B2F 757B jne 004D2BAC:004D2BB8 50 push eax
:004D2BBC E80B13F3FF call 00403ECC
:004D2BC1 8BC8 mov ecx, eax
:004D2BAC 8B45F8 mov eax, dword ptr [ebp-08]
:004D2BAF 80780124 cmp byte ptr [eax+01], 24
:004D2BB3 7548 jne 004D2BFD
:004D2BF8 E9B8260000 jmp 004D52B5
:004D2BB5 8D45F4 lea eax, dword ptr [ebp-0C]

上段程序先检测输入的是不是!,如果是的话则进行(*)红字的显示,所以查找:0F8E480100008B45F880780121,将最后面的21用别的字符的十六进制替换了后,就只能用别的发言了例如替换成了31的话,就要用@1发言
继续往下看
:004D2BC3 83E902 sub ecx, 00000002
:004D2C50 50 push eax
:004D2C51 A190A44E00 mov eax, dword ptr [004EA490]
:004D2C6B E945260000 jmp 004D52B5
:004D2BC6 BA03000000 mov edx, 00000003
:004D2BCB 8B45F8 mov eax, dword ptr [ebp-08]
:004D2BCE E80115F3FF call 004040D4
:004D2BDC BA84584D00 mov edx, 004D5884
:004D2BE1 E83213F3FF call 00403F18
:004D2BE6 8B955CFFFFFF mov edx, dword ptr [ebp+FFFFFF5C]
:004D2BEC A190A44E00 mov eax, dword ptr [004EA490]
:004D2BF1 8B00 mov eax, dword ptr [eax]
:004D2BF3 E8F8BEFDFF call 004AEAF0
:004D2BD3 8D855CFFFFFF lea eax, dword ptr [ebp+FFFFFF5C]
:004D2BD9 8B4DF4 mov ecx, dword ptr [ebp-0C]
:004D2BB9 8B45F8 mov eax, dword ptr [ebp-08]
:004D2B31 8D45F4 lea eax, dword ptr [ebp-0C]
:004D2B35 8B45F8 mov eax, dword ptr [ebp-08]
:004D2B3F 83E902 sub ecx, 00000002
:004D2B34 50 push eax
* Possible StringData Ref from Code Obj ->"(!)"

所以,这里查找到:8b45f880780124将后面的24替换成别的

:004D2BFD 8B45F8 mov eax, dword ptr [ebp-08]
:004D2C00 80780123 cmp byte ptr [eax+01], 23
:004D2C0D E8BA12F3FF call 00403ECC
:004D2C09 50 push eax
:004D2C0A 8B45F8 mov eax, dword ptr [ebp-08]
:004D2C2B 8B45FC mov eax, dword ptr [ebp-04]
:004D2C17 BA03000000 mov edx, 00000003
:004D2C1C 8B45F8 mov eax, dword ptr [ebp-08]
:004D2C1F E8B014F3FF call 004040D4
:004D2C24 8B45FC mov eax, dword ptr [ebp-04]
:004D2C27 8B4024 mov eax, dword ptr [eax+24]
:004D2C12 8BC8 mov ecx, eax
:004D2C2E 8B4028 mov eax, dword ptr [eax+28]
:004D2C04 756A jne 004D2C70
:004D2C2A 50 push eax

这里是查找 8b45f880780123 把后面的23改成别的

:004D2C5B 8B8AF8020000 mov ecx, dword ptr [edx+000002F8]
:004D2C61 BA74270000 mov edx, 00002774
:004D2C40 BA90584D00 mov edx, 004D5890
:004D2C45 E8CE12F3FF call 00403F18
:004D2C31 50 push eax
:004D2C14 83E902 sub ecx, 00000002
:004D2C56 8B00 mov eax, dword ptr [eax]
:004D2C66 E895BDFDFF call 004AEA00
:004D2C4A 8B8558FFFFFF mov eax, dword ptr [ebp+FFFFFF58]
:004D2C58 8B55FC mov edx, dword ptr [ebp-04]
:004D2C32 6810270000 push 00002710
:004D2C37 8D8558FFFFFF lea eax, dword ptr [ebp+FFFFFF58]
:004D2C3D 8B4DF4 mov ecx, dword ptr [ebp-0C]
:004D2C06 8D45F4 lea eax, dword ptr [ebp-0C]
* Possible StringData Ref from Code Obj ->"(#)"