RagAddress.ini(3017 2011-01-25bRagexe.rgz)
AutoImo 作者網頁 : (網頁似乎移除了)http://hide.magical.gr.jp/autoimo/index16.html
[Patch] Number=3017 [RoName] WindowCaption=Ragnarok WindowClass=Ragnarok [Ragexe] Size=3825786 [Address] CharName=00848AE4 Zeny=008469D8 BaseExp=00846930 BaseExpNext=0084693C JobExp=008469EC JobExpNext=008469E8 Weight=008469F0 WeightMax=008469E4 BaseLv=00846934 JobLv=00846940 HPIndex=008483CC MaxHPTable=00848410RagAddress.ini 搜尋教學
使用 W32DASM "嗶"
就可以得到下列的組合語言程式碼
然後利用關鍵字找相關位址
Change Log:
[2011/01/05 Update]2011/01/05 更新後 HP部份的關鍵字會有2組 由上往下找 第2組才是我們要的
[2011/01/28 Update]2011/01/28 更新後 HPIndex MaxHPTable 關鍵字變更
//使用2010-10-15aRagexe
//CharName=
//關鍵字:mov dl, byte ptr [ecx+eax+00
* Referenced by a CALL at Addresses:
|:004622DE , :00462701 , :00463BE3 , :0046C66D , :0046C927 ,
|:0046CA1F , :0048BE46 , :0048C911 , :0048CAA1 , :00494527 ,
|:00494566 , :0049597F , :0049F5CE , :004A45A5 , :004AD0BA
|:004ADA4F , :004C5EAB , :004D344B , :004D3484 , :004F0539 ,
|:004F0DEC , :004F127D , :004F13C3 , :0050DE0D , :005ACF09 ,
|:005CB333 , :005CB602 , :005CBABF , :005CBB18 , :005CBD36
|:005CBF1A , :005CC0F6 , :005CC2FB , :005CFD7E , :005D685E ,
|:005D6CF3 , :005DCA3D , :005DD01A , :005DD1BD , :005DF5D2 ,
|:005DF5FC , :005DF626 , :005DF66F , :005DF699 , :005DF6C3
|:005DF796 , :005DF7BD , :005DF7E4 , :005DF851 , :005DF878 ,
|:005DF89F , :005E050A , :005E4785 , :005E4F5B , :005E51A6 ,
|:005E7D33 , :005E7D78 , :005E8E05 , :005EECC2 , :00639E48
| 00
:006F0FC0 53 push ebx :
:006F0FC1 56 push esi :
:006F0FC2 57 push edi :
:006F0FC3 8DB15C0F0000 lea esi, dword ptr [ecx+00000F5C]
:006F0FC9 B910000000 mov ecx, 00000010
:006F0FCE BFB4B68400 mov edi, 0084B6B4
:006F0FD3 F3 repz d
:006F0FD4 A5 movsd
:006F0FD5 8B0DDCF47900 mov ecx, dword ptr [0079F4DC]
:006F0FDB 33C0 xor eax, eax d
:006F0FDD 81E9B4B68400 sub ecx, 0084B6B4
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:006F0FFC(C) y
| 00
:006F0FE3 8A9401B4B68400 mov dl, byte ptr [ecx+eax+0084B6B4] //CharName=
:006F0FEA 8A98B4B68400 mov bl, byte ptr [eax+0084B6B4] B4
:006F0FF0 32DA xor bl, dl
:006F0FF2 8898B4B68400 mov byte ptr [eax+0084B6B4], bl B4
:006F0FF8 40 inc eax p
:006F0FF9 83F840 cmp eax, 00000040
:006F0FFC 72E5 jb 006F0FE3 00
:006F0FFE 5F pop edi FE
:006F0FFF 5E pop esi FE
:006F1000 B8B4B68400 mov eax, 0084B6B4
:006F1005 5B pop ebx 0
:006F1006 C3 ret eb
//Zeny=
//BaseExp=
//BaseExpNext=
//JobExp=
//JobExpNext=
//關鍵字:* Possible StringData Ref from Data Obj ->"%d : %d/%d More : %d"
* Possible StringData Ref from Data Obj ->"%d : %d/%d More : %d"
|
:005DA47A 68483E7900 push 00793E48
:005DA47F 50 push eax 3
:005DA480 E8B3101400 call 0071B538
:005DA485 83C418 add esp, 00000018
:005DA488 8D8D00FFFFFF lea ecx, dword ptr [ebp+FFFFFF00]
:005DA48E 6A00 push 00000000
:005DA490 6A00 push 00000000
:005DA492 68F51EF500 push 00F51EF5
:005DA497 51 push ecx 1
:005DA498 6A01 push 00000001
:005DA49A B938337E00 mov ecx, 007E3338
:005DA49F E8FC2CF3FF call 0050D1A0
:005DA4A4 5F pop edi 0D
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:005DA44B(C), :005DA45C(C), :005DA460(C) di
| 00
:005DA4A5 8B5304 mov edx, dword ptr [ebx+04] re
:005DA4A8 B988828400 mov ecx, 00848288
:005DA4AD 89153C9D8400 mov dword ptr [00849D3C], edx //BaseExp=
:005DA4B3 E878E60F00 call 006D8B30
:005DA4B8 5E pop esi D8
:005DA4B9 5B pop ebx D8
:005DA4BA 8BE5 mov esp, ebp
:005DA4BC 5D pop ebp e
:005DA4BD C20400 ret 0004 e
:005DA4C0 8B4304 mov eax, dword ptr [ebx+04] x
:005DA4C3 B988828400 mov ecx, 00848288
:005DA4C8 A3F89D8400 mov dword ptr [00849DF8], eax //JobExp=
:005DA4CD E85EE60F00 call 006D8B30
:005DA4D2 5B pop ebx D8
:005DA4D3 8BE5 mov esp, ebp
:005DA4D5 5D pop ebp e
:005DA4D6 C20400 ret 0004 e
:005DA4D9 8B8110010000 mov eax, dword ptr [ecx+00000110]
:005DA4DF 85C0 test eax, eax
:005DA4E1 7414 je 005DA4F7 x
:005DA4E3 C7811001000000000000 mov dword ptr [ebx+00000110], 00000000
:005DA4ED B988828400 mov ecx, 00848288
:005DA4F2 E8B96A0F00 call 006D0FB0
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:005DA4E1(C) y
| 00
:005DA4F7 8B4B04 mov ecx, dword ptr [ebx+04] re
:005DA4FA 890DE49D8400 mov dword ptr [00849DE4], ecx //Zeny=
:005DA500 B988828400 mov ecx, 00848288
:005DA505 E826E60F00 call 006D8B30
:005DA50A 5B pop ebx D8
:005DA50B 8BE5 mov esp, ebp
:005DA50D 5D pop ebp e
:005DA50E C20400 ret 0004 e
:005DA511 8B5304 mov edx, dword ptr [ebx+04] x
:005DA514 B988828400 mov ecx, 00848288
:005DA519 8915489D8400 mov dword ptr [00849D48], edx //BaseExpNext=
:005DA51F E80CE60F00 call 006D8B30
:005DA524 5B pop ebx D8
:005DA525 8BE5 mov esp, ebp
:005DA527 5D pop ebp e
:005DA528 C20400 ret 0004 e
:005DA52B 8B4304 mov eax, dword ptr [ebx+04] x
:005DA52E B988828400 mov ecx, 00848288
:005DA533 A3F49D8400 mov dword ptr [00849DF4], eax //JobExpNext=
:005DA538 E8F3E50F00 call 006D8B30
//Weight=
//WeightMax=
//關鍵字:* Possible StringData Ref from Data Obj ->"Weight %d%%"
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0046D5D5(C) y
| 00
:0046D5F7 C3 ret C)
:0046D5F8 90 nop C)
:0046D5F9 90 nop C)
:0046D5FA 90 nop C)
:0046D5FB 90 nop C)
:0046D5FC 90 nop C)
:0046D5FD 90 nop C)
:0046D5FE 90 nop C)
:0046D5FF 90 nop C)
:0046D600 55 push ebp i
:0046D601 8BEC mov ebp, esp n
:0046D603 83EC40 sub esp, 00000040
:0046D606 56 push esi 0
:0046D607 57 push edi 0
:0046D608 8BF9 mov edi, ecx 0
:0046D60A 8B4720 mov eax, dword ptr [edi+20] re
:0046D60D 8B4F64 mov ecx, dword ptr [edi+64] re
:0046D610 3BC1 cmp eax, ecx d
:0046D612 0F858F000000 jne 0046D6A7 d
:0046D618 8D70EC lea esi, dword ptr [eax-14] re
:0046D61B 8B4508 mov eax, dword ptr [ebp+08] re
:0046D61E 85C0 test eax, eax
:0046D620 0F8C81000000 jl 0046D6A7 x
:0046D626 83F864 cmp eax, 00000064
:0046D629 7D7C jge 0046D6A7 0
:0046D62B 8B450C mov eax, dword ptr [ebp+0C] re
:0046D62E 3BC6 cmp eax, esi d
:0046D630 7C75 jl 0046D6A7 d
:0046D632 8D4E14 lea ecx, dword ptr [esi+14] re
:0046D635 3BC1 cmp eax, ecx d
:0046D637 7D6E jge 0046D6A7 d
:0046D639 8B0DF09D8400 mov ecx, dword ptr [00849DF0] //WeightMax=
:0046D63F 85C9 test ecx, ecx
:0046D641 750C jne 0046D64F
:0046D643 51 push ecx 6
:0046D644 8D55C0 lea edx, dword ptr [ebp-40] ]
* Possible StringData Ref from Data Obj ->"Weight %d%%"
|
:0046D647 68781F7700 push 00771F78
:0046D64C 52 push edx 1
:0046D64D EB1B jmp 0046D66A
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0046D641(C) y
| 00
:0046D64F A1FC9D8400 mov eax, dword ptr [00849DFC] //Weight=
:0046D654 8D0480 lea eax, dword ptr [eax+4*eax]
:0046D657 8D0480 lea eax, dword ptr [eax+4*eax]
:0046D65A C1E002 shl eax, 02 rd
:0046D65D 99 cdq ea
:0046D65E F7F9 idiv ecx 0
:0046D660 50 push eax 0
:0046D661 8D45C0 lea eax, dword ptr [ebp-40] x]
* Possible StringData Ref from Data Obj ->"Weight %d%%"
|
:0046D664 68781F7700 push 00771F78
:0046D669 50 push eax 1
//BaseLv=
//JobLv=
//關鍵字:* Possible StringData Ref from Data Obj ->"Base Lv. %d"
//關鍵字:* Possible StringData Ref from Data Obj ->"Job Lv. %d"
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0046D2F8(C) y
| 00
:0046D30E 8B15409D8400 mov edx, dword ptr [00849D40] //BaseLv=
:0046D314 8D8564FFFFFF lea eax, dword ptr [ebp+FFFFFF64]
:0046D31A 52 push edx d
* Possible StringData Ref from Data Obj ->"Base Lv. %d"
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0046D352(C) y
| 00
:0046D368 8B154C9D8400 mov edx, dword ptr [00849D4C] //JobLv=
:0046D36E 8D8564FFFFFF lea eax, dword ptr [ebp+FFFFFF64]
:0046D374 52 push edx d
* Possible StringData Ref from Data Obj ->"Job Lv. %d"
//HPIndex=
//MaxHPTable=
//2011/01/28 Update
//關鍵字:mov eax, dword ptr [esi+00000E6A]
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0061CDB3(C) y
| 00
:0061CDC8 8D14C500000000 lea edx, dword ptr [8*eax+00000000] ]
:0061CDCF 2BD0 sub edx, eax d
:0061CDD1 33C0 xor eax, eax d
:0061CDD3 C1E204 shl edx, 04 d
:0061CDD6 8A841AAC0E0000 mov al, byte ptr [edx+ebx+00000EAC] ]
:0061CDDD 8D341A lea esi, dword ptr [edx+ebx] 0
:0061CDE0 A358968400 mov dword ptr [00849658], eax
:0061CDE5 0FBF8E780E0000 movsx ecx, word ptr [esi+00000E78]
:0061CDEC 890D389D8400 mov dword ptr [00849D38], ecx
:0061CDF2 B988828400 mov ecx, 00848288
:0061CDF7 E834BD0B00 call 006D8B30
:0061CDFC B988828400 mov ecx, 00848288
:0061CE01 E88ABC0B00 call 006D8A90
:0061CE06 8B96400E0000 mov edx, dword ptr [esi+00000E40]
:0061CE0C B988828400 mov ecx, 00848288
:0061CE11 89152C9D8400 mov dword ptr [00849D2C], edx
:0061CE17 0FBF86760E0000 movsx eax, word ptr [esi+00000E76]
:0061CE1E A3E89D8400 mov dword ptr [00849DE8], eax
:0061CE23 E808BD0B00 call 006D8B30
:0061CE28 0FBF8E7E0E0000 movsx ecx, word ptr [esi+00000E7E]
:0061CE2F 890D409D8400 mov dword ptr [00849D40], ecx
:0061CE35 B988828400 mov ecx, 00848288
:0061CE3A E8F1BC0B00 call 006D8B30
:0061CE3F 0FBF96800E0000 movsx edx, word ptr [esi+00000E80]
:0061CE46 B988828400 mov ecx, 00848288
:0061CE4B 8915509D8400 mov dword ptr [00849D50], edx
:0061CE51 E8DABC0B00 call 006D8B30
:0061CE56 0FBF86680E0000 movsx eax, word ptr [esi+00000E68]
:0061CE5D B988828400 mov ecx, 00848288
:0061CE62 A3449D8400 mov dword ptr [00849D44], eax
:0061CE67 E8C4BC0B00 call 006D8B30
:0061CE6C 33C9 xor ecx, ecx
:0061CE6E 8A8EA60E0000 mov cl, byte ptr [esi+00000EA6] 8]
:0061CE74 890D789D8400 mov dword ptr [00849D78], ecx
:0061CE7A B988828400 mov ecx, 00848288
:0061CE7F E8ACBC0B00 call 006D8B30
:0061CE84 33D2 xor edx, edx
:0061CE86 B988828400 mov ecx, 00848288
:0061CE8B 8A96A70E0000 mov dl, byte ptr [esi+00000EA7] 8]
:0061CE91 89157C9D8400 mov dword ptr [00849D7C], edx
:0061CE97 E894BC0B00 call 006D8B30
:0061CE9C 33C0 xor eax, eax
:0061CE9E B988828400 mov ecx, 00848288
:0061CEA3 8A86A80E0000 mov al, byte ptr [esi+00000EA8] 8]
:0061CEA9 A3809D8400 mov dword ptr [00849D80], eax
:0061CEAE E87DBC0B00 call 006D8B30
:0061CEB3 33C9 xor ecx, ecx
:0061CEB5 8A8EA90E0000 mov cl, byte ptr [esi+00000EA9] 8]
:0061CEBB 890D849D8400 mov dword ptr [00849D84], ecx
:0061CEC1 B988828400 mov ecx, 00848288
:0061CEC6 E865BC0B00 call 006D8B30
:0061CECB 33D2 xor edx, edx
:0061CECD B988828400 mov ecx, 00848288
:0061CED2 8A96AA0E0000 mov dl, byte ptr [esi+00000EAA] 8]
:0061CED8 8915889D8400 mov dword ptr [00849D88], edx
:0061CEDE E84DBC0B00 call 006D8B30
:0061CEE3 33C0 xor eax, eax
:0061CEE5 B988828400 mov ecx, 00848288
:0061CEEA 8A86AB0E0000 mov al, byte ptr [esi+00000EAB] 8]
:0061CEF0 A38C9D8400 mov dword ptr [00849D8C], eax
:0061CEF5 E836BC0B00 call 006D8B30
:0061CEFA 8B8E440E0000 mov ecx, dword ptr [esi+00000E44]
:0061CF00 890D3C9D8400 mov dword ptr [00849D3C], ecx
:0061CF06 B988828400 mov ecx, 00848288
:0061CF0B E820BC0B00 call 006D8B30
:0061CF10 8B15BCAF8400 mov edx, dword ptr [0084AFBC]
:0061CF16 8B866A0E0000 mov eax, dword ptr [esi+00000E6A]
:0061CF1C 8B0C95C8AF8400 mov ecx, dword ptr [4*edx+0084AFC8] ]
:0061CF23 51 push ecx d
:0061CF24 50 push eax d
:0061CF25 B988828400 mov ecx, 00848288
:0061CF2A E851990C00 call 006E6880
:0061CF2F 8B0DB4AF8400 mov ecx, dword ptr [0084AFB4] //HPIndex=
:0061CF35 3B048D58B08400 cmp eax, dword ptr [4*ecx+0084B058] ]
:0061CF3C 7417 je 0061CF55 rd
:0061CF3E 89048D58B08400 mov dword ptr [4*ecx+0084B058], eax ]
:0061CF45 B988828400 mov ecx, 00848288
:0061CF4A E881BB0B00 call 006D8AD0
:0061CF4F 8B0DB4AF8400 mov ecx, dword ptr [0084AFB4] //HPIndex=
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0061CF3C(C) y
| 00
:0061CF55 8B15BCAF8400 mov edx, dword ptr [0084AFBC]
:0061CF5B 8B0C8D58B08400 mov ecx, dword ptr [4*ecx+0084B058] ]
:0061CF62 8B0495C8AF8400 mov eax, dword ptr [4*edx+0084AFC8] ]
:0061CF69 50 push eax d
:0061CF6A 51 push ecx d
:0061CF6B B988828400 mov ecx, 00848288
:0061CF70 E86B9A0C00 call 006E69E0
:0061CF75 8B15BCAF8400 mov edx, dword ptr [0084AFBC]
:0061CF7B A308B28400 mov dword ptr [0084B208], eax
:0061CF80 8B866E0E0000 mov eax, dword ptr [esi+00000E6E]
:0061CF86 8B0C95C8AF8400 mov ecx, dword ptr [4*edx+0084AFC8] ]
:0061CF8D 51 push ecx d
:0061CF8E 50 push eax d
:0061CF8F B988828400 mov ecx, 00848288
:0061CF94 E8E7980C00 call 006E6880
:0061CF99 8B0DC0AF8400 mov ecx, dword ptr [0084AFC0]
:0061CF9F 3B048DF8AF8400 cmp eax, dword ptr [4*ecx+0084AFF8] ] //MaxHPTable=
:0061CFA6 7417 je 0061CFBF rd
:0061CFA8 89048DF8AF8400 mov dword ptr [4*ecx+0084AFF8], eax ] //MaxHPTable=
:0061CFAF B988828400 mov ecx, 00848288
:0061CFB4 E817BB0B00 call 006D8AD0
:0061CFB9 8B0DC0AF8400 mov ecx, dword ptr [0084AFC0]
9 件のコメント:
想請教一個愚蠢的問題XD
就是您當初是如何辨識什麼些字串是負責哪個數值的?
以後也打算自己更新ini
所以想瞭解一下
我想請問一下用在自動芋裡面有個
[Patch]
Number=2984
還有
[Ragexe]
Size=3862648
這兩個怎麼找出來@@?
另外HP那個部份好像很難找到我只找到了一個規律性 如下
尋找關鍵字
* Possible StringData Ref from Data Obj ->"HP %d / %d"
然後這個上面的第一個被括號起來的
mov eax, dword ptr [00850698]
把它用小算盤16進位的扣掉210
就會是MaxHPTable
再扣掉44就會是HPIndex
給你參考看看@_@
number 是從 patch2.txt 裡
每次更新的 ragexe.exe 的版本號碼(或是辨識碼)
size 的話就單純是檔案大小而已
hp 的關鍵字確定是那串可以用了
只是有點長 不太容易辨識
當初這個是參考了很多文件
(巴哈的精華區 網路上的私服文件 有的沒有很多)
然後反組譯後 再下去對照
去推敲位址 才有這篇教學
(巴哈 bbs ro-t 版的教學也是我寫的 不過 bbs 介面比較不好讀 所以就只更新這邊了)
可不可以請大大提供最新的經典伺服器自動竽~
複製你上面的ragaddress他說要更新><
謝謝你喔!!
基本上 新幹線最近更新的執行檔
所有的伺服器都用相同的(也可能有例外)
應該能通用才對
不能用的話 要看你有沒有裝雙視窗(可能裝到舊版)
我也只有玩免服 只能測試免服而已
阿~~我免服也不能用耶~~為什麼~@@?
雙視窗是從romp3上面更新的 移除雙視窗後也是不能用 煩惱中...
你的教學我研究了一下 但是似乎是看不懂...
可以請你教我怎麼寫 感激不盡!!
不好意思@@我會了~~
但是
//HPIndex=
//MaxHPTable=
//關鍵字:lea edx, dword ptr [8*eax+00000000] ]
會找到很多組 關鍵字要搜尋哪一個才會找的到@@
謝謝你的指教~~
您好~小弟想要學習自己可以修改
我有在巴哈的ro-t翻到您的文章
http://bgrich.myweb.hinet.net/
可是我計算出來
CharName=
HPIndex=
MaxHPTable
這3各地方錯誤,其他都對得
小弟哪出錯了呢
//CharName=
這個關鍵字還沒換過 再試試
//HPIndex=
//MaxHPTable=
這2組的關鍵字換了(詳內文)
コメントを投稿