这一章,我们来说说[DragonNest.exe]对[资源文件]的加载的一些特征。
第一:对[资源文件]的加载是以[PAK]后辍为对象。
相关测试:将[Resource00.pak]的文件名改为[MiLooData.pak]等等,照样可以运行游戏。
这说明,游戏是对其目录下的资源文件进行加载,而不是针对文件名加载。
这一点,我们可以用OD调试一下,结果发现,程序会针对其目录所有以[PAK]会后辍的文件进行加载。
第二:会对[PAK]的文件的加载,会进行资源格式的判断;
相关测试:把
00000100h: 0A 00 00 00 C2 18 00 00 7C 2F 5E 0E 00 00 00 00 ; ….?..|/^…..
00000110h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
00000120h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
这个显亮的数据,我只测试过$0A和$0B是有效的。
其资源文件的格式为:
0x0000-0x00FF : 文件标识,文本
0x0100-0x03FF : 数据段,其中
0x0100-0x0103 : 资源标识;为$0A和$0B
0x0104-0x0107 : 资源中虚拟文件的数量;
0x0108-0x010B : 资源中虚拟文件索引的起始地址;
0x010C-0x03FF : 保留字节;拓展功能所用.
PeekL(0x0108)至FileEnd(PUB);[DWord(0x0108)]至FileEnd(C++):资源中虚拟文件索引
第三:加载资源文件时,一般情况下,不会弹出窗口报错。
相关测试:用UE找到资源文件,查找[eyedentity.avi]和[publisher.avi];
0e61c220h: 00 00 00 00 00 00 00 00 5C 72 65 73 6F 75 72 63 ; ……..\resourc
0e61c230h: 65 5C 6D 6F 76 69 65 5C 65 79 65 64 65 6E 74 69 ; e\movie\eyedenti
0e61c240h: 74 79 2E 61 76 69 00 00 00 00 00 00 00 00 00 00 ; ty.avi……….
0e61c250h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c260h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c270h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c280h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c290h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c2a0h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c2b0h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c2c0h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c2d0h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c2e0h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c2f0h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c300h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c310h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c320h: 00 00 00 00 00 00 00 00 BB DE 03 00 40 AC 04 00 ; ……..晦..@?.
0e61c330h: BB DE 03 00 28 C8 1F 04 2E 00 00 00 00 00 00 00 ; 晦..(?………
0e61c340h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c350h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c360h: 00 00 00 00 5C 72 65 73 6F 75 72 63 65 5C 6D 6F ; ….\resource\mo
0e61c370h: 76 69 65 5C 70 75 62 6C 69 73 68 65 72 2E 61 76 ; vie\publisher.av
0e61c380h: 69 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; i……………
0e61c390h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c3a0h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c3b0h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c3c0h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c3d0h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c3e0h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c3f0h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c400h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c410h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c420h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c430h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c440h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c450h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c460h: 00 00 00 00 32 6C 17 00 16 36 23 00 32 6C 17 00 ; ….2l…6#.2l..
0e61c470h: E3 A6 23 04 2E 00 00 00 00 00 00 00 00 00 00 00 ; 悝#………….
0e61c480h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c490h: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ; …………….
0e61c4a0h: 5C 72 65 73 6F 75 72 63 65 5C 70 61 72 74 69 63 ; \resource\partic
0e61c4b0h: 6C 65 5C 30 31 30 32 2E 65 66 66 00 00 00 00 00 ; le\0102.eff…..
把红字位置的字节全部置0;打开游戏,发现,游戏一开始的盛大没了,那只独眼怪也没了。
但没有报错哦。
这个设置的好处是,不会被调试人员利用弹出窗口来进行调试,这无疑增加了OD调试的难度。
但凡事都有好有坏,即然不会报错,那么,我们就可以删除,呵呵。
第四:加载资源时,是根据资源中索引的名称进行的,无论位置在哪。
相关测试:
把独眼怪的[publisher.avi]的索引数据段
0e61c460h: 00 00 00 00 32 6C 17 00 16 36 23 00 32 6C 17 00 ; ….2l…6#.2l..
0e61c470h: E3 A6 23 04 2E 00 00 00 00 00 00 00 00 00 00 00 ; 悝#………….
改成盛大的[eyedentity.avi]的索引数据段
0e61c320h: 00 00 00 00 00 00 00 00 BB DE 03 00 40 AC 04 00 ; ……..晦..@?.
0e61c330h: BB DE 03 00 28 C8 1F 04 2E 00 00 00 00 00 00 00 ; 晦..(?………
哈哈,两个盛大。
这一性质不仅在同一资源文件中,在不同的资源文件中也起作用。
暂无评论内容