The analysis and record of the Chinese game, because of the project relationship, this game did not go public, of course, I didn't get money, so I shared it, it should be illegal.
Source code, also, have a chance or who dares to be interested, I will post it.
Of course, if someone thinks the following content violates his interests, please contact me if it is really not right, I will be correct! :)
Owar.exe Game menu
Owar.exe Run runs directly
*********************************************************** *****************. OWP file format analysis
-20
DWORD File Index Compress Sizedword File Index REAL SIZEDWORD DWORDDWORD
File Index format
DWORD 0D 0A 02 00dword XX XX XX XXDWord Compress Data Lengthdword Real Data Lengthdword FilepoinInte [5] xx xx xx xx xx
*********************************************************** *******************
*********************************************************** ******************* OWAR.EXE file analysis
0x4064F4 JMP CREATEWINDOWEX
Push EBP; MOV EBP, ESP;
[eBP 0x10] lpname
*********************************************************** *******************
In fact, the game main program is Owarlite.dll
*********************************************************** ******************** OWARLITE.EXE file analysis
0x424804 Read the file and solve the file 0x424b40 Separate a single file from the OWP file
---------------------------------------- 0x41A764 decoding function
Specific code analysis 0x41A88B EAX-> unlocked pointer [ECX] -> EAX [EBP-38] -> Length -------------------------------------------------------------------------------------------------------------------- ----------------
0x41c664 decoding function, directly called by 0x41A764
0x402898 free0x4028b0 realloc MEM0X402880 GET MEMOX402DEC Fill MEM
0x408360 create file0x4083c4 read file0x4083f0 write file0x408428 close handle0x40841c set file pointer
0x464B24 Get the string width, Eax is the return value 0x4044d0 to get the string length, EAX is the return value, and the two write string functions are called before the write string, and this function is called to get the string length.
----------------------------------------- 0X466F90 call 0x4671a8
Parameter ECX YEDX X [EBP 0x14] LPCHAR [EBP 0x18] [EBP 0x1c] [EBP 0x20] It is very likely to be width, and the above X is related
Code analysis 0x4670c7 EAX line number
-----------------------------------------
------------------------------------------ 0x4671A8 write string function 1
Parameter EBP 0x8 ColorEBP 0x14 string
Variable EBP-0X04 LPSTRUCTLPSTRUCT 34 Widthlpstruct 30 DSTOFFSET = ([EBP-0x0C] [EBP-0x20] [EBP-0X28]) * (W / 2) [EBP-0X08] [EBP-0x1c] [EBP-0x34] [EBP-0x24]
Writing part code 0x4672db large cycle start 0x467315 determine string length 0x4673FC jump | 0x467461- | EDX = DST | | EAX = offset | | CX = color | 0x46750A The writing part end 0x467517 large cycle end
------------------------------------------
------------------------------------------ 0x52461c call 0x471088
0x524690 [EAX] 0x280, it should be the screen width [EAX 4] 0x158, it is likely to be a wide BYTE PTR [EDX] string length [EDX 1] string
------------------------------------------
------------------------------------------ 0x471088 Writing function 2 characters dialogue, The background made a fusion effect
Parameter ECX YEDX XEBP 0x0C colorEBP 0x10 string
Variable EBP-04 LPSTRUCTLPSTRUCT 0X1C surface head address LPSTRUCT 0X14 surface widthlpstruct 0x08
Specific code analysis
0x4710f0 determine the string length 0x4712b7 jump does not write, otherwise write points | 0x4713db write string part end
------------------------------------------
The franchise is not compressed, monochromatic font library, Byte / Pixel, 01 represents colors
*********************************************************** *******************
UNP ??. ZIP solve the game resource program, directly call the internal decompression function of the game to decompose the resource package Cowar ?? ZIP Hani program
