gj.jpg

004032B8 /$ 55 PUSH EBP ; //font set
004032B9 |. 8BEC MOV EBP,ESP
004032BB |. 53 PUSH EBX
004032BC |. BB 407C7900 MOV EBX,hyakkiya.00797C40
004032C1 |. 68 93CE7100 PUSH hyakkiya.0071CE93 ; /Arg2 = 0071CE93
004032C6 |. 8D43 3C LEA EAX,DWORD PTR DS:[EBX+3C] ; |
004032C9 |. 50 PUSH EAX ; |Arg1 => 00797C7C
004032CA |. E8 B5F30800 CALL hyakkiya.00492684 ; \hyakkiya.00492684
004032CF |. 83C4 08 ADD ESP,8
004032D2 6A FF PUSH -1
004032D4 |. 6A 00 PUSH 0
004032D6 6A FF PUSH -1
004032D8 6A FF PUSH -1
004032DA 6A 03 PUSH 1
004032DC 6A 06 PUSH 6
004032DE 6A 10 PUSH 10
004032E0 |. 8D53 3C LEA EDX,DWORD PTR DS:[EBX+3C]
004032E3 |. 52 PUSH EDX
004032E4 |. E8 FBE21800 CALL hyakkiya.005915E4
004032E9 |. 83C4 20 ADD ESP,20
004032EC |. 8943 30 MOV DWORD PTR DS:[EBX+30],EAX
004032EF |. 6A FF PUSH -1
004032F1 |. 6A 00 PUSH 0
004032F3 |. 6A FF PUSH -1
004032F5 |. 6A FF PUSH -1
004032F7 6A 03 PUSH 1
004032F9 |. 6A 06 PUSH 6
004032FB |. 6A 20 PUSH 20
004032FD |. 8D4B 3C LEA ECX,DWORD PTR DS:[EBX+3C]
00403300 |. 51 PUSH ECX
00403301 |. E8 DEE21800 CALL hyakkiya.005915E4
00403306 |. 83C4 20 ADD ESP,20
00403309 |. 8943 34 MOV DWORD PTR DS:[EBX+34],EAX
0040330C |. 6A FF PUSH -1
0040330E |. 6A 00 PUSH 0
00403310 |. 6A FF PUSH -1
00403312 |. 6A FF PUSH -1
00403314 6A 03 PUSH 1
00403316 |. 6A 01 PUSH 1
00403318 6A 0C PUSH 0C
0040331A |. 8D43 3C LEA EAX,DWORD PTR DS:[EBX+3C]
0040331D |. 50 PUSH EAX
0040331E |. E8 C1E21800 CALL hyakkiya.005915E4
00403323 |. 83C4 20 ADD ESP,20
00403326 |. 8943 38 MOV DWORD PTR DS:[EBX+38],EAX
00403329 |. 5B POP EBX
0040332A |. 5D POP EBP
0040332B \. C3 RETN


지점 도달까지의 설명은 생략합니다. 위 코드중 강조된 부분의 값을 3으로 수정해줍시다.

Untitled3.jpg

그럼 끗....


사족1. 아주 간단해 보이는데 이거 찾아내는데 반나절 걸림...

사족2. MSDN 가서 AA안먹히는 피드백도 보고 해결하려고 삽질만 하느라...(Createfont가 함정)