8B8481A4010000 | MOV EAX, DWORD PTR [ECX+EAX*4+1A4]
with...
B828000000 | MOV EAX, 28
Shouldn't MHS just nop the 2 bytes left from the original code? Why does MHS nop so much more?
the original code from the game:
- Code: Select all
006C12F9 | C2 0400 | RETN 4 |
006C12FC | 90 | NOP |
006C12FD | 90 | NOP |
006C12FE | 90 | NOP |
006C12FF | 90 | NOP |
006C1300 | 8B4424 04 | MOV EAX, DWORD PTR [ESP+4] |
006C1304 | 8B8481 A4010000 | MOV EAX, DWORD PTR [ECX+EAX*4+1A4] |<
006C130B | C2 0400 | RETN 4 |
006C130E | 90 | NOP |
006C130F | 90 | NOP |
006C1310 | 8B4424 04 | MOV EAX, DWORD PTR [ESP+4] |
006C1314 | 8B8481 C4010000 | MOV EAX, DWORD PTR [ECX+EAX*4+1C4] |
006C131B | C2 0400 | RETN 4 |
How the code looked after changing just the one line to mov eax,28:
- Code: Select all
006C12F9 | C2 0400 | RETN 4 |
006C12FC | 90 | NOP |
006C12FD | 90 | NOP |
006C12FE | 90 | NOP |
006C12FF | 90 | NOP |
006C1300 | 8B4424 04 | MOV EAX, DWORD PTR [ESP+4] |
006C1304 | B8 28000000 | MOV EAX, 28 |<
006C1309 | 90 | NOP |
006C130A | 90 | NOP |
006C130B | 90 | NOP |
006C130C | 90 | NOP |
006C130D | 90 | NOP |
006C130E | 90 | NOP |
006C130F | 90 | NOP |
006C1310 | 90 | NOP |
006C1311 | 90 | NOP |
006C1312 | 90 | NOP |
006C1313 | 90 | NOP |
006C1314 | 8B8481 C4010000 | MOV EAX, DWORD PTR [ECX+EAX*4+1C4] |
006C131B | C2 0400 | RETN 4 |
what I expected or how it should look:
- Code: Select all
006C12F9 | C2 0400 | RETN 4 |
006C12FC | 90 | NOP |
006C12FD | 90 | NOP |
006C12FE | 90 | NOP |
006C12FF | 90 | NOP |
006C1300 | 8B4424 04 | MOV EAX, DWORD PTR [ESP+4] |
006C1304 | B8 28000000 | MOV EAX, 28 |<
006C1309 | 90 | NOP |
006C130A | 90 | NOP |
006C130B | C2 0400 | RETN 4 |
006C130E | 90 | NOP |
006C130F | 90 | NOP |
006C1310 | 8B4424 04 | MOV EAX, DWORD PTR [ESP+4] |
006C1314 | 8B8481 C4010000 | MOV EAX, DWORD PTR [ECX+EAX*4+1C4] |
006C131B | C2 0400 | RETN 4 |
*confused* ...
PS: my english may suck, hope you can understand the problem