Win 7扫雷时间基址查找

程序：Win 7 扫雷

工具：CE6.1

方法：

多次重新开启游戏，使用精确值及增大的值进行查找

RAX=073DFC20
RBX=00000000
RCX=0038AFD0
RDX=00000101
RSI=00000000
RDI=00000001
RBP=00000001
RSP=000DF380
RIP=FFACB760

Probable base pointer =073DFC20

FFACB74E - movss xmm0,[rax+20]
FFACB753 - addss xmm0,[FFAB4454]
FFACB75B - movss [rax+20],xmm0
FFACB760 - mov rcx,[rcx+10]
FFACB764 - call FFAD222C




RAX=00000003
RBX=0038AFD0
RCX=073DFC20
RDX=00000001
RSI=00000040
RDI=000000A7
RBP=00000000
RSP=000DF470
RIP=FFACB56F

Probable base pointer =0038AFD0

FFACB55D - mov [rbx+00000108],00000001
FFACB567 - mov r8,[rbx+10]
FFACB56B - mov rcx,[rbx+18]
FFACB56F - movss xmm1,[FFAC4A18]
FFACB577 - call FFAC6EFC



RAX=FFAB49D8
RBX=003C7FB0
RCX=0038AFD0
RDX=01B4F4C8
RSI=00000040
RDI=000000A7
RBP=00000001
RSP=000DF4C0
RIP=FFACD4D3

Probable base pointer =FFB4AA38

FFACD4C7 - int 3 
FFACD4C8 - sub rsp,28
FFACD4CC - mov rcx,[FFB4AA38]
FFACD4D3 - test rcx,rcx
FFACD4D6 - je FFACD4E0

基址：FF48AA38
一级偏移：20
二级偏移：18