开心果老师3月8日整合版和2月22日重回经典打板专用,是两个快速稳定的版本,桂林168老师都提供了相应的打通BaoLi L2和L1L2切换功能(ID4000)主程序,分析其改动,除了上次贴出的L2补码以外(https://www.55188.com/thread-9239347-1-1.html),都有这么一段补码,且是一个完整的子程序。有兴趣的可以学习借鉴,也恳请懂行的老师,解惑这段程序的作用。是完成L1/L2切换的吗?
0061C120: 60 PUSHAD
0061C121: 8B1D F02A3D01 MOV EBX, [DS:13D2AF0]
0061C127: 8B43 20 MOV EAX, [DS:EBX+20]
0061C12A: 6A 00 PUSH 0
0061C12C: 68 12820000 PUSH 0x8212
0061C131: 68 11010000 PUSH 0x111
0061C136: 50 PUSH EAX
0061C137: FF15 40B79200 CALL [DS:92B740]
0061C13D: 68 34AF9A00 PUSH 9AAF34
0061C142: 8D5424 1C LEA EDX, [SS:ESP+1C]
0061C146: 68 8860B200 PUSH B26088
0061C14B: 52 PUSH EDX
0061C14C: E8 9BC12B00 CALL 008D82EC
0061C151: 8B28 MOV EBP, [DS:EAX]
0061C153: A1 CCD34001 MOV EAX, [DS:140D3CC]
0061C158: 85C0 TEST EAX, EAX
0061C15A: 74 12 JE SHORT 0061C16E
0061C15C: 33C0 XOR EAX, EAX
0061C15E: 8B35 00D44001 MOV ESI, [DS:140D400]
0061C164: C646 24 00 MOV [BYTE DS:ESI+24], 0
0061C168: C646 28 00 MOV [BYTE DS:ESI+28], 0
0061C16C: EB 05 JMP SHORT 0061C173
0061C16E: B8 01000000 MOV EAX, 1
0061C173: A2 D0D34001 MOV [DS:140D3D0], AL
0061C178: 6A 00 PUSH 0
0061C17A: 8D4C24 18 LEA ECX, [SS:ESP+18]
0061C17E: 50 PUSH EAX
0061C17F: 51 PUSH ECX
0061C180: E8 6B1CEDFF CALL 004EDDF0
0061C185: 8B00 MOV EAX, [DS:EAX]
0061C187: 83C4 0C ADD ESP, C
0061C18A: 55 PUSH EBP
0061C18B: 50 PUSH EAX
0061C18C: 68 60B49D00 PUSH 9DB460
0061C191: 68 74B49D00 PUSH 9DB474
0061C196: FF15 DCA19200 CALL [DS:92A1DC]
0061C19C: C705 34D34001 01000000 MOV [DWORD DS:140D334], 1
0061C1A6: 8B1D F02A3D01 MOV EBX, [DS:13D2AF0]
0061C1AC: 8B43 20 MOV EAX, [DS:EBX+20]
0061C1AF: 6A 00 PUSH 0
0061C1B1: 68 11820000 PUSH 8211
0061C1B6: 68 11010000 PUSH 111
0061C1BB: 50 PUSH EAX
0061C1BC: FF15 40B79200 CALL [DS:92B740]
0061C1C2: C705 34D34001 00000000 MOV [DWORD DS:140D334], 0
0061C1CC: 61 POPAD
0061C1CD: C3 RETN
楼主 |
2楼 |
3楼 |
4楼 |
5楼 |
6楼 |
7楼 |
8楼 |
9楼 |
10楼 |
11楼 |
12楼 |
13楼 |
14楼 |
15楼 |
16楼 |