Moss Merchant for 1.00.90
Hi,
I'm currently working in one new and open Moss Merchant code for 1.00.90 GS. The moss source from IA Julia and RMST are totally crappy and useless. The reward items come with several bugs like: ancient non-ancient item, exellent non-exellent item, and MEGA ULTRA ADVANCED POWER FAILURES (lol?) in fucking simple conditional statements ! :$:
Follow my new and bugless spawn function using MONSTER_POSITION struct (no more memory pointer crap):
Code:
void cMoss::Spawn()
{
MONSTER_POSITION *MobPosTable = (MONSTER_POSITION*)MONSTER_BASE;
int MobCount = *(DWORD*)MONSTER_COUNT;
if((MobCount + 1) < MONSTER_MAX)
{
MobCount++;
*(DWORD*)MONSTER_COUNT = MobCount;
MobPosTable[MobCount].m_Type = 492;
MobPosTable[MobCount].m_MapNumber = 51;
MobPosTable[MobCount].m_Dis = 0;
MobPosTable[MobCount].m_X = 22;
MobPosTable[MobCount].m_Y = 225;
MobPosTable[MobCount].m_Dir = 2;
MobPosTable[MobCount].m_W = 22;
MobPosTable[MobCount].m_H = 225;
int iMobId = gObjAddMonster(MobPosTable[MobCount].m_MapNumber);
if (iMobId >= 0)
{
gObjSetPosMonster(iMobId, MobCount);
gObjSetMonster(iMobId, MobPosTable[MobCount].m_Type);
}
}
else
{
LogAddTimeDateFunc("[Moss The Gambler] Monsters overflow - Moss NPC can't be spawned !");
}
}
If anyone wants to help, please reply to this topic. Any help will be appreciated.
I will release the source when finish !
Re: Moss Merchant for 1.00.90
You know that gs.90 has moss merchant coded in the gs, right? :)
Also from what i saw..he doesn't use any fancy spawn event..like he appears for n minutes. Moss is always in that place in Elbeland.
Re: Moss Merchant for 1.00.90
Thank you. :D
Raklion Event that can be solved? :D
Re: Moss Merchant for 1.00.90
@duracel
don't have, have only a bit of lines about moss, but the class and other shits don't have...
Re: Moss Merchant for 1.00.90
Quote:
Originally Posted by
duracel
You know that gs.90 has moss merchant coded in the gs, right? :)
Also from what i saw..he doesn't use any fancy spawn event..like he appears for n minutes. Moss is always in that place in Elbeland.
Really ? I can't found nothing about moss merchant in my GS. Can you share the functions ?
Quote:
Originally Posted by
MrAlicard
Thank you. :D
Raklion Event that can be solved? :D
What problem are you talking about ? In my server I don't have any problem with Raklion Event. Follow the event running in my server:
MU Online Server - Raklion Boss (Selupan) - YouTube
Re: Moss Merchant for 1.00.90
This are the offsets from Hermex gs that he posted:
Code:
??0CGambleSystem@@QAE@XZ 0048a300 f GambleSystem.obj
??0CItemBagAttrEx@@QAE@XZ 0048a370 f i GambleSystem.obj
??0ST_GAMBLE_INFO@@QAE@XZ 0048a3d0 f i GambleSystem.obj
??_ECGambleSystem@@UAEPAXI@Z 0048a430 f i GambleSystem.obj
??_GCGambleSystem@@UAEPAXI@Z 0048a430 f i GambleSystem.obj
??1CGambleSystem@@UAE@XZ 0048a480 f GambleSystem.obj
?Init@CGambleSystem@@QAEXPAD@Z 0048a4b0 f GambleSystem.obj
?Load@CGambleSystem@@QAEXPAD@Z 0048a600 f GambleSystem.obj
?GetLevel@CGambleSystem@@QAEEH@Z 0048b230 f GambleSystem.obj
?TryGamble@CGambleSystem@@QAEEHEHHE@Z 0048b300 f GambleSystem.obj
?GetBagItemCount@CGambleSystem@@QAEHXZ 0048bb30 f GambleSystem.obj
?SortExcNumberPerKind@CGambleSystem@@QAEEH@Z 0048bb60 f GambleSystem.obj
?SortExcOption@CGambleSystem@@QAEEXZ 0048bc50 f GambleSystem.obj
Didn't get this far on my decompilation so i don't know if its really full or not :). But in Hermex topic he said : Moss Merchant system fully coded *-*
Re: Moss Merchant for 1.00.90
Quote:
Originally Posted by
Young
Really ? I can't found nothing about moss merchant in my GS. Can you share the functions ?
What problem are you talking about ? In my server I don't have any problem with Raklion Event. Follow the event running in my server:
MU Online Server - Raklion Boss (Selupan) - YouTube
5 minuter and start raklion event everytime.
Should start within 24 hours.
Thank you in advance for your help. :)
Re: Moss Merchant for 1.00.90
Quote:
Originally Posted by
MrAlicard
5 minuter and start raklion event everytime.
Should start within 24 hours.
Thank you in advance for your help. :)
It's like event misconfiguration, not a bug ^^
Re: Moss Merchant for 1.00.90
@duracel:
1.00.90 supports Moss EventItemBag, that is the GambleItemBag...
@Young:
You can use the GambleSystem of GS 1.00.90, it'll work like WebZen Moss System, with correct item random options, anyway, my GS uses a custom system, so, use whatever you like...
Re: Moss Merchant for 1.00.90
Quote:
Originally Posted by
Marin_scp
@duracel:
1.00.90 supports Moss EventItemBag, that is the GambleItemBag...
@Young:
You can use the GambleSystem of GS 1.00.90, it'll work like WebZen Moss System, with correct item random options, anyway, my GS uses a custom system, so, use whatever you like...
Where did u find this moss system ? There is no reference to "moss", "gambler" or "suspicious" in my GS !
Re: Moss Merchant for 1.00.90
Quote:
Originally Posted by
duracel
This are the offsets from Hermex gs that he posted:
Code:
??0CGambleSystem@@QAE@XZ 0048a300 f GambleSystem.obj
??0CItemBagAttrEx@@QAE@XZ 0048a370 f i GambleSystem.obj
??0ST_GAMBLE_INFO@@QAE@XZ 0048a3d0 f i GambleSystem.obj
??_ECGambleSystem@@UAEPAXI@Z 0048a430 f i GambleSystem.obj
??_GCGambleSystem@@UAEPAXI@Z 0048a430 f i GambleSystem.obj
??1CGambleSystem@@UAE@XZ 0048a480 f GambleSystem.obj
?Init@CGambleSystem@@QAEXPAD@Z 0048a4b0 f GambleSystem.obj
?Load@CGambleSystem@@QAEXPAD@Z 0048a600 f GambleSystem.obj
?GetLevel@CGambleSystem@@QAEEH@Z 0048b230 f GambleSystem.obj
?TryGamble@CGambleSystem@@QAEEHEHHE@Z 0048b300 f GambleSystem.obj
?GetBagItemCount@CGambleSystem@@QAEHXZ 0048bb30 f GambleSystem.obj
?SortExcNumberPerKind@CGambleSystem@@QAEEH@Z 0048bb60 f GambleSystem.obj
?SortExcOption@CGambleSystem@@QAEEXZ 0048bc50 f GambleSystem.obj
Didn't get this far on my decompilation so i don't know if its really full or not :). But in Hermex topic he said : Moss Merchant system fully coded *-*
I have season 4.6 GameServer and i can sure to you, moss merchant don't have the full system coded inside of gameserver 90... Like marin said it have only the bag...
In order to make the call of moss merchant bag you need to call the function @48B360 in original gs to "drop" item of merchant...
@Young
In original .90 gameserver the moss event bag class begin at the offset @48A430 and finish at @48BCB0
Re: Moss Merchant for 1.00.90
Quote:
Originally Posted by
rodrigobmg
I have season 4.6 GameServer and i can sure to you, moss merchant don't have the full system coded inside of gameserver 90... Like marin said it have only the bag...
Maybe you are wrong. I found this functions without call in .90 GS:
Code:
0048B360 /> \55 push ebp
0048B361 |. 8BEC mov ebp,esp
0048B363 |. 81EC A4000000 sub esp,0A4
0048B369 |. 53 push ebx
0048B36A |. 56 push esi
0048B36B |. 57 push edi
0048B36C |. 894D FC mov [local.1],ecx
0048B36F |. 8B45 FC mov eax,[local.1]
0048B372 |. 8378 04 00 cmp dword ptr ds:[eax+4],0
0048B376 |. 75 07 jnz short GameServ.0048B37F
0048B378 |. 32C0 xor al,al
0048B37A |. E9 31060000 jmp GameServ.0048B9B0
0048B37F |> C745 F8 00000>mov [local.2],0
0048B386 |. C745 F4 00000>mov [local.3],0
0048B38D |. C745 F0 00000>mov [local.4],0
0048B394 |. C745 EC 00000>mov [local.5],0
0048B39B |. C745 E8 00000>mov [local.6],0
0048B3A2 |. C745 E4 00000>mov [local.7],0
0048B3A9 |. C745 E0 00000>mov [local.8],0
0048B3B0 |. C745 DC 00000>mov [local.9],0
0048B3B7 |. C745 D8 00000>mov [local.10],0
0048B3BE |. C745 D4 00000>mov [local.11],0
0048B3C5 |. C745 D0 00000>mov [local.12],0
0048B3CC |. 8B4D 08 mov ecx,[arg.1]
0048B3CF |. 69C9 28220000 imul ecx,ecx,2228
0048B3D5 |. 8B15 2C50A507 mov edx,dword ptr ds:[7A5502C]
0048B3DB |. 03D1 add edx,ecx
0048B3DD |. 8955 CC mov [local.13],edx
0048B3E0 |. 8B4D FC mov ecx,[local.1]
0048B3E3 |. E8 6294F7FF call GameServ.0040484A
0048B3E8 |. 85C0 test eax,eax
0048B3EA |. 0F8E BE050000 jle GameServ.0048B9AE
0048B3F0 |. 8B75 18 mov esi,[arg.5]
0048B3F3 |. 81E6 FF000000 and esi,0FF
0048B3F9 |. E8 3A79F7FF call GameServ.00402D38
0048B3FE |. 33D2 xor edx,edx
0048B400 |. B9 40420F00 mov ecx,0F4240
0048B405 |. F7F1 div ecx
0048B407 |. 8B45 FC mov eax,[local.1]
0048B40A |. 3994B0 0C0200>cmp dword ptr ds:[eax+esi*4+20C],edx
0048B411 |. 0F82 01020000 jb GameServ.0048B618
0048B417 |. C745 F0 00000>mov [local.4],0
0048B41E |. C745 F8 00000>mov [local.2],0
0048B425 |. C745 E4 01000>mov [local.7],1
0048B42C |. C745 E0 00000>mov [local.8],0
0048B433 |. E8 0079F7FF call GameServ.00402D38
0048B438 |. 33D2 xor edx,edx
0048B43A |. B9 40420F00 mov ecx,0F4240
0048B43F |. F7F1 div ecx
0048B441 |. 8955 C8 mov [local.14],edx
0048B444 |. 8B55 FC mov edx,[local.1]
0048B447 |. 8B45 C8 mov eax,[local.14]
0048B44A |. 3B82 FC010000 cmp eax,dword ptr ds:[edx+1FC]
0048B450 |. 77 09 ja short GameServ.0048B45B
0048B452 |. C745 DC 01000>mov [local.9],1
0048B459 |. EB 79 jmp short GameServ.0048B4D4
0048B45B |> 8B4D FC mov ecx,[local.1]
0048B45E |. 8B91 FC010000 mov edx,dword ptr ds:[ecx+1FC]
0048B464 |. 8B45 FC mov eax,[local.1]
0048B467 |. 0390 00020000 add edx,dword ptr ds:[eax+200]
0048B46D |. 3955 C8 cmp [local.14],edx
0048B470 |. 77 09 ja short GameServ.0048B47B
0048B472 |. C745 DC 02000>mov [local.9],2
0048B479 |. EB 59 jmp short GameServ.0048B4D4
0048B47B |> 8B4D FC mov ecx,[local.1]
0048B47E |. 8B91 FC010000 mov edx,dword ptr ds:[ecx+1FC]
0048B484 |. 8B45 FC mov eax,[local.1]
0048B487 |. 0390 00020000 add edx,dword ptr ds:[eax+200]
0048B48D |. 8B4D FC mov ecx,[local.1]
0048B490 |. 0391 04020000 add edx,dword ptr ds:[ecx+204]
0048B496 |. 3955 C8 cmp [local.14],edx
0048B499 |. 77 09 ja short GameServ.0048B4A4
0048B49B |. C745 DC 03000>mov [local.9],3
0048B4A2 |. EB 30 jmp short GameServ.0048B4D4
0048B4A4 |> 8B55 FC mov edx,[local.1]
0048B4A7 |. 8B82 FC010000 mov eax,dword ptr ds:[edx+1FC]
0048B4AD |. 8B4D FC mov ecx,[local.1]
0048B4B0 |. 0381 00020000 add eax,dword ptr ds:[ecx+200]
0048B4B6 |. 8B55 FC mov edx,[local.1]
0048B4B9 |. 0382 04020000 add eax,dword ptr ds:[edx+204]
0048B4BF |. 8B4D FC mov ecx,[local.1]
0048B4C2 |. 0381 08020000 add eax,dword ptr ds:[ecx+208]
0048B4C8 |. 3945 C8 cmp [local.14],eax
0048B4CB |. 77 07 ja short GameServ.0048B4D4
0048B4CD |. C745 DC 04000>mov [local.9],4
0048B4D4 |> E8 5F78F7FF call GameServ.00402D38
0048B4D9 |. 33D2 xor edx,edx
0048B4DB |. B9 40420F00 mov ecx,0F4240
0048B4E0 |. F7F1 div ecx
0048B4E2 |. 8955 C4 mov [local.15],edx
0048B4E5 |. 8B55 FC mov edx,[local.1]
0048B4E8 |. 8B45 C4 mov eax,[local.15]
0048B4EB |. 3B82 20020000 cmp eax,dword ptr ds:[edx+220]
0048B4F1 |. 77 17 ja short GameServ.0048B50A
0048B4F3 |. 6A 01 push 1
0048B4F5 |. 8B4D FC mov ecx,[local.1]
0048B4F8 |. E8 649FF7FF call GameServ.00405461
0048B4FD |. 25 FF000000 and eax,0FF
0048B502 |. 8945 D0 mov [local.12],eax
0048B505 |. E9 9A000000 jmp GameServ.0048B5A4
0048B50A |> 8B4D FC mov ecx,[local.1]
0048B50D |. 8B91 20020000 mov edx,dword ptr ds:[ecx+220]
0048B513 |. 8B45 FC mov eax,[local.1]
0048B516 |. 0390 24020000 add edx,dword ptr ds:[eax+224]
0048B51C |. 3955 C4 cmp [local.15],edx
0048B51F |. 77 14 ja short GameServ.0048B535
0048B521 |. 6A 02 push 2
0048B523 |. 8B4D FC mov ecx,[local.1]
0048B526 |. E8 369FF7FF call GameServ.00405461
0048B52B |. 25 FF000000 and eax,0FF
0048B530 |. 8945 D0 mov [local.12],eax
0048B533 |. EB 6F jmp short GameServ.0048B5A4
0048B535 |> 8B4D FC mov ecx,[local.1]
0048B538 |. 8B91 20020000 mov edx,dword ptr ds:[ecx+220]
0048B53E |. 8B45 FC mov eax,[local.1]
0048B541 |. 0390 24020000 add edx,dword ptr ds:[eax+224]
0048B547 |. 8B4D FC mov ecx,[local.1]
0048B54A |. 0391 28020000 add edx,dword ptr ds:[ecx+228]
0048B550 |. 3955 C4 cmp [local.15],edx
0048B553 |. 77 14 ja short GameServ.0048B569
0048B555 |. 6A 03 push 3
0048B557 |. 8B4D FC mov ecx,[local.1]
0048B55A |. E8 029FF7FF call GameServ.00405461
0048B55F |. 25 FF000000 and eax,0FF
0048B564 |. 8945 D0 mov [local.12],eax
0048B567 |. EB 3B jmp short GameServ.0048B5A4
0048B569 |> 8B55 FC mov edx,[local.1]
0048B56C |. 8B82 20020000 mov eax,dword ptr ds:[edx+220]
0048B572 |. 8B4D FC mov ecx,[local.1]
0048B575 |. 0381 24020000 add eax,dword ptr ds:[ecx+224]
0048B57B |. 8B55 FC mov edx,[local.1]
0048B57E |. 0382 28020000 add eax,dword ptr ds:[edx+228]
0048B584 |. 8B4D FC mov ecx,[local.1]
0048B587 |. 0381 2C020000 add eax,dword ptr ds:[ecx+22C]
0048B58D |. 3945 C4 cmp [local.15],eax
0048B590 |. 77 12 ja short GameServ.0048B5A4
0048B592 |. 6A 04 push 4
0048B594 |. 8B4D FC mov ecx,[local.1]
0048B597 |. E8 C59EF7FF call GameServ.00405461
0048B59C |. 25 FF000000 and eax,0FF
0048B5A1 |. 8945 D0 mov [local.12],eax
0048B5A4 |> 8B55 18 mov edx,[arg.5]
0048B5A7 |. 81E2 FF000000 and edx,0FF
0048B5AD |. 8955 A0 mov [local.24],edx
0048B5B0 |. 837D A0 04 cmp [local.24],4
0048B5B4 |. 77 5D ja short GameServ.0048B613
0048B5B6 |. 8B45 A0 mov eax,[local.24]
0048B5B9 |. FF2485 B9B948>jmp dword ptr ds:[eax*4+48B9B9]
0048B5C0 |> 6A 0B push 0B
0048B5C2 |. 6A 03 push 3
0048B5C4 |. E8 5C9EF7FF call GameServ.00405425
0048B5C9 |. 83C4 08 add esp,8
0048B5CC |. 8945 F4 mov [local.3],eax
0048B5CF |. EB 42 jmp short GameServ.0048B613
0048B5D1 |> 6A 21 push 21
0048B5D3 |. 6A 05 push 5
0048B5D5 |. E8 4B9EF7FF call GameServ.00405425
0048B5DA |. 83C4 08 add esp,8
0048B5DD |. 8945 F4 mov [local.3],eax
0048B5E0 |. EB 31 jmp short GameServ.0048B613
0048B5E2 |> 6A 18 push 18
0048B5E4 |. 6A 04 push 4
0048B5E6 |. E8 3A9EF7FF call GameServ.00405425
0048B5EB |. 83C4 08 add esp,8
0048B5EE |. 8945 F4 mov [local.3],eax
0048B5F1 |. EB 20 jmp short GameServ.0048B613
0048B5F3 |> 6A 12 push 12
0048B5F5 |. 6A 02 push 2
0048B5F7 |. E8 299EF7FF call GameServ.00405425
0048B5FC |. 83C4 08 add esp,8
0048B5FF |. 8945 F4 mov [local.3],eax
0048B602 |. EB 0F jmp short GameServ.0048B613
0048B604 |> 6A 22 push 22
0048B606 |. 6A 05 push 5
0048B608 |. E8 189EF7FF call GameServ.00405425
0048B60D |. 83C4 08 add esp,8
0048B610 |. 8945 F4 mov [local.3],eax
0048B613 |> E9 12030000 jmp GameServ.0048B92A
0048B618 |> C745 C0 00000>mov [local.16],0
0048B61F |. C745 BC 00000>mov [local.17],0
0048B626 |. C745 B8 00000>mov [local.18],0
0048B62D |. C745 B4 00000>mov [local.19],0
0048B634 |. 8B4D 18 mov ecx,[arg.5]
0048B637 |. 81E1 FF000000 and ecx,0FF
0048B63D |. 894D 9C mov [local.25],ecx
0048B640 |. 837D 9C 04 cmp [local.25],4
0048B644 |. 77 35 ja short GameServ.0048B67B
0048B646 |. 8B55 9C mov edx,[local.25]
0048B649 |. FF2495 CDB948>jmp dword ptr ds:[edx*4+48B9CD]
0048B650 |> C745 B4 00000>mov [local.19],0
0048B657 |. EB 22 jmp short GameServ.0048B67B
0048B659 |> C745 B4 05000>mov [local.19],5
0048B660 |. EB 19 jmp short GameServ.0048B67B
0048B662 |> C745 B4 0A000>mov [local.19],0A
0048B669 |. EB 10 jmp short GameServ.0048B67B
0048B66B |> C745 B4 0F000>mov [local.19],0F
0048B672 |. EB 07 jmp short GameServ.0048B67B
0048B674 |> C745 B4 14000>mov [local.19],14
0048B67B |> E8 B876F7FF call GameServ.00402D38
0048B680 |. 33D2 xor edx,edx
0048B682 |. B9 40420F00 mov ecx,0F4240
0048B687 |. F7F1 div ecx
0048B689 |. 8955 B0 mov [local.20],edx
0048B68C |. C745 AC 00000>mov [local.21],0
0048B693 |. 8B55 B4 mov edx,[local.19]
0048B696 |. 8955 A8 mov [local.22],edx
0048B699 |. EB 09 jmp short GameServ.0048B6A4
0048B69B |> 8B45 A8 /mov eax,[local.22]
0048B69E |. 83C0 01 |add eax,1
0048B6A1 |. 8945 A8 |mov [local.22],eax
0048B6A4 |> 8B4D B4 mov ecx,[local.19]
0048B6A7 |. 83C1 05 |add ecx,5
0048B6AA |. 394D A8 |cmp [local.22],ecx
0048B6AD |. 7D 25 |jge short GameServ.0048B6D4
0048B6AF |. 8B55 A8 |mov edx,[local.22]
0048B6B2 |. 6BD2 14 |imul edx,edx,14
0048B6B5 |. 8B45 FC |mov eax,[local.1]
0048B6B8 |. 8B4D AC |mov ecx,[local.21]
0048B6BB |. 034C10 18 |add ecx,dword ptr ds:[eax+edx+18]
0048B6BF |. 894D AC |mov [local.21],ecx
0048B6C2 |. 8B55 B0 |mov edx,[local.20]
0048B6C5 |. 3B55 AC |cmp edx,[local.21]
0048B6C8 |. 77 08 |ja short GameServ.0048B6D2
0048B6CA |. 8B45 A8 |mov eax,[local.22]
0048B6CD |. 8945 B4 |mov [local.19],eax
0048B6D0 |. EB 02 |jmp short GameServ.0048B6D4
0048B6D2 |>^ EB C7 \jmp short GameServ.0048B69B
0048B6D4 |> B9 01000000 /mov ecx,1
0048B6D9 |. 85C9 |test ecx,ecx
0048B6DB |. 74 3B |je short GameServ.0048B718
0048B6DD |. 8B55 C0 |mov edx,[local.16]
0048B6E0 |. 8B45 FC |mov eax,[local.1]
0048B6E3 |. 8B4D B8 |mov ecx,[local.18]
0048B6E6 |. 038C90 640200>|add ecx,dword ptr ds:[eax+edx*4+264]
0048B6ED |. 894D B8 |mov [local.18],ecx
0048B6F0 |. 8B55 B4 |mov edx,[local.19]
0048B6F3 |. 3B55 C0 |cmp edx,[local.16]
0048B6F6 |. 7F 02 |jg short GameServ.0048B6FA
0048B6F8 |. EB 1E |jmp short GameServ.0048B718
0048B6FA |> 8B45 C0 |mov eax,[local.16]
0048B6FD |. 8B4D FC |mov ecx,[local.1]
0048B700 |. 8B55 BC |mov edx,[local.17]
0048B703 |. 039481 640200>|add edx,dword ptr ds:[ecx+eax*4+264]
0048B70A |. 8955 BC |mov [local.17],edx
0048B70D |. 8B45 C0 |mov eax,[local.16]
0048B710 |. 83C0 01 |add eax,1
0048B713 |. 8945 C0 |mov [local.16],eax
0048B716 |.^ EB BC \jmp short GameServ.0048B6D4
0048B718 |> E8 1B76F7FF call GameServ.00402D38
0048B71D |. 8B4D B8 mov ecx,[local.18]
0048B720 |. 2B4D BC sub ecx,[local.17]
0048B723 |. 33D2 xor edx,edx
0048B725 |. F7F1 div ecx
0048B727 |. 0355 BC add edx,[local.17]
0048B72A |. 8955 D8 mov [local.10],edx
0048B72D |. C745 F8 00000>mov [local.2],0
0048B734 |. C745 EC 00000>mov [local.5],0
0048B73B |. C745 E8 00000>mov [local.6],0
0048B742 |. 8B55 D8 mov edx,[local.10]
0048B745 |. 52 push edx
0048B746 |. 8B4D FC mov ecx,[local.1]
0048B749 |. E8 1E83F7FF call GameServ.00403A6C
0048B74E |. 25 FF000000 and eax,0FF
0048B753 |. 8945 F0 mov [local.4],eax
0048B756 |. 8B45 D8 mov eax,[local.10]
0048B759 |. 8B4D FC mov ecx,[local.1]
0048B75C |. 33D2 xor edx,edx
0048B75E |. 8A94C1 CD0200>mov dl,byte ptr ds:[ecx+eax*8+2CD]
0048B765 |. 52 push edx
0048B766 |. 8B45 D8 mov eax,[local.10]
0048B769 |. 8B4D FC mov ecx,[local.1]
0048B76C |. 33D2 xor edx,edx
0048B76E |. 8A94C1 CC0200>mov dl,byte ptr ds:[ecx+eax*8+2CC]
0048B775 |. 52 push edx
0048B776 |. E8 AA9CF7FF call GameServ.00405425
0048B77B |. 83C4 08 add esp,8
0048B77E |. 8945 F4 mov [local.3],eax
0048B781 |. 837D F4 FF cmp [local.3],-1
0048B785 |. 75 07 jnz short GameServ.0048B78E
0048B787 |. 32C0 xor al,al
0048B789 |. E9 22020000 jmp GameServ.0048B9B0
0048B78E |> 8B45 D8 mov eax,[local.10]
0048B791 |. 8B4D FC mov ecx,[local.1]
0048B794 |. 33D2 xor edx,edx
0048B796 |. 8A94C1 D00200>mov dl,byte ptr ds:[ecx+eax*8+2D0]
0048B79D |. 85D2 test edx,edx
0048B79F |. 74 24 je short GameServ.0048B7C5
0048B7A1 |. 8B75 B4 mov esi,[local.19]
0048B7A4 |. 6BF6 14 imul esi,esi,14
0048B7A7 |. E8 8C75F7FF call GameServ.00402D38
0048B7AC |. 33D2 xor edx,edx
0048B7AE |. B9 40420F00 mov ecx,0F4240
0048B7B3 |. F7F1 div ecx
0048B7B5 |. 8B45 FC mov eax,[local.1]
0048B7B8 |. 395430 08 cmp dword ptr ds:[eax+esi+8],edx
0048B7BC |. 72 07 jb short GameServ.0048B7C5
0048B7BE |. C745 E4 01000>mov [local.7],1
0048B7C5 |> 8B4D D8 mov ecx,[local.10]
0048B7C8 |. 8B55 FC mov edx,[local.1]
0048B7CB |. 33C0 xor eax,eax
0048B7CD |. 8A84CA D10200>mov al,byte ptr ds:[edx+ecx*8+2D1]
0048B7D4 |. 85C0 test eax,eax
0048B7D6 |. 74 24 je short GameServ.0048B7FC
0048B7D8 |. 8B75 B4 mov esi,[local.19]
0048B7DB |. 6BF6 14 imul esi,esi,14
0048B7DE |. E8 5575F7FF call GameServ.00402D38
0048B7E3 |. 33D2 xor edx,edx
0048B7E5 |. B9 40420F00 mov ecx,0F4240
0048B7EA |. F7F1 div ecx
0048B7EC |. 8B45 FC mov eax,[local.1]
0048B7EF |. 395430 0C cmp dword ptr ds:[eax+esi+C],edx
0048B7F3 |. 72 07 jb short GameServ.0048B7FC
0048B7F5 |. C745 E0 01000>mov [local.8],1
0048B7FC |> 8B4D D8 mov ecx,[local.10]
0048B7FF |. 8B55 FC mov edx,[local.1]
0048B802 |. 33C0 xor eax,eax
0048B804 |. 8A84CA D20200>mov al,byte ptr ds:[edx+ecx*8+2D2]
0048B80B |. 85C0 test eax,eax
0048B80D |. 0F84 C2000000 je GameServ.0048B8D5
0048B813 |. 8B75 B4 mov esi,[local.19]
0048B816 |. 6BF6 14 imul esi,esi,14
0048B819 |. E8 1A75F7FF call GameServ.00402D38
0048B81E |. 33D2 xor edx,edx
0048B820 |. B9 40420F00 mov ecx,0F4240
0048B825 |. F7F1 div ecx
0048B827 |. 8B45 FC mov eax,[local.1]
0048B82A |. 395430 10 cmp dword ptr ds:[eax+esi+10],edx
0048B82E |. 0F82 A1000000 jb GameServ.0048B8D5
0048B834 |. E8 FF74F7FF call GameServ.00402D38
0048B839 |. 33D2 xor edx,edx
0048B83B |. B9 40420F00 mov ecx,0F4240
0048B840 |. F7F1 div ecx
0048B842 |. 8955 A4 mov [local.23],edx
0048B845 |. 8B55 FC mov edx,[local.1]
0048B848 |. 8B45 A4 mov eax,[local.23]
0048B84B |. 3B82 FC010000 cmp eax,dword ptr ds:[edx+1FC]
0048B851 |. 7F 09 jg short GameServ.0048B85C
0048B853 |. C745 DC 01000>mov [local.9],1
0048B85A |. EB 79 jmp short GameServ.0048B8D5
0048B85C |> 8B4D FC mov ecx,[local.1]
0048B85F |. 8B91 FC010000 mov edx,dword ptr ds:[ecx+1FC]
0048B865 |. 8B45 FC mov eax,[local.1]
0048B868 |. 0390 00020000 add edx,dword ptr ds:[eax+200]
0048B86E |. 3955 A4 cmp [local.23],edx
0048B871 |. 7F 09 jg short GameServ.0048B87C
0048B873 |. C745 DC 02000>mov [local.9],2
0048B87A |. EB 59 jmp short GameServ.0048B8D5
0048B87C |> 8B4D FC mov ecx,[local.1]
0048B87F |. 8B91 FC010000 mov edx,dword ptr ds:[ecx+1FC]
0048B885 |. 8B45 FC mov eax,[local.1]
0048B888 |. 0390 00020000 add edx,dword ptr ds:[eax+200]
0048B88E |. 8B4D FC mov ecx,[local.1]
0048B891 |. 0391 04020000 add edx,dword ptr ds:[ecx+204]
0048B897 |. 3955 A4 cmp [local.23],edx
0048B89A |. 7F 09 jg short GameServ.0048B8A5
0048B89C |. C745 DC 03000>mov [local.9],3
0048B8A3 |. EB 30 jmp short GameServ.0048B8D5
0048B8A5 |> 8B55 FC mov edx,[local.1]
0048B8A8 |. 8B82 FC010000 mov eax,dword ptr ds:[edx+1FC]
0048B8AE |. 8B4D FC mov ecx,[local.1]
0048B8B1 |. 0381 00020000 add eax,dword ptr ds:[ecx+200]
0048B8B7 |. 8B55 FC mov edx,[local.1]
0048B8BA |. 0382 04020000 add eax,dword ptr ds:[edx+204]
0048B8C0 |. 8B4D FC mov ecx,[local.1]
0048B8C3 |. 0381 08020000 add eax,dword ptr ds:[ecx+208]
0048B8C9 |. 3945 A4 cmp [local.23],eax
0048B8CC |. 7F 07 jg short GameServ.0048B8D5
0048B8CE |. C745 DC 04000>mov [local.9],4
0048B8D5 |> 8B55 D8 mov edx,[local.10]
0048B8D8 |. 8B45 FC mov eax,[local.1]
0048B8DB |. 33C9 xor ecx,ecx
0048B8DD |. 8A8CD0 D30200>mov cl,byte ptr ds:[eax+edx*8+2D3]
0048B8E4 |. 85C9 test ecx,ecx
0048B8E6 |. 74 42 je short GameServ.0048B92A
0048B8E8 |. 8B75 B4 mov esi,[local.19]
0048B8EB |. 6BF6 14 imul esi,esi,14
0048B8EE |. E8 4574F7FF call GameServ.00402D38
0048B8F3 |. 33D2 xor edx,edx
0048B8F5 |. B9 40420F00 mov ecx,0F4240
0048B8FA |. F7F1 div ecx
0048B8FC |. 8B45 FC mov eax,[local.1]
0048B8FF |. 395430 14 cmp dword ptr ds:[eax+esi+14],edx
0048B903 |. 72 25 jb short GameServ.0048B92A
0048B905 |. 8B4D FC mov ecx,[local.1]
0048B908 |. E8 CAB1F7FF call GameServ.00406AD7
0048B90D |. 25 FF000000 and eax,0FF
0048B912 |. 8945 D0 mov [local.12],eax
0048B915 |. C745 E0 00000>mov [local.8],0
0048B91C |. C745 E4 01000>mov [local.7],1
0048B923 |. C745 F0 00000>mov [local.4],0
0048B92A |> 6A 00 push 0
0048B92C |. 8A4D D0 mov cl,byte ptr ss:[ebp-30]
0048B92F |. 51 push ecx
0048B930 |. 8B55 CC mov edx,[local.13]
0048B933 |. 8B02 mov eax,dword ptr ds:[edx]
0048B935 |. 50 push eax
0048B936 |. 8A4D DC mov cl,byte ptr ss:[ebp-24]
0048B939 |. 51 push ecx
0048B93A |. 8A55 E0 mov dl,byte ptr ss:[ebp-20]
0048B93D |. 52 push edx
0048B93E |. 8A45 E4 mov al,byte ptr ss:[ebp-1C]
0048B941 |. 50 push eax
0048B942 |. D945 F8 fld [local.2]
0048B945 |. E8 C2B51800 call GameServ.00616F0C
0048B94A |. 50 push eax
0048B94B |. 8A4D F0 mov cl,byte ptr ss:[ebp-10]
0048B94E |. 51 push ecx
0048B94F |. 8B55 F4 mov edx,[local.3]
0048B952 |. 52 push edx
0048B953 |. 8A45 E8 mov al,byte ptr ss:[ebp-18]
0048B956 |. 50 push eax
0048B957 |. 8A4D EC mov cl,byte ptr ss:[ebp-14]
0048B95A |. 51 push ecx
0048B95B |. 8A55 0C mov dl,byte ptr ss:[ebp+C]
0048B95E |. 52 push edx
0048B95F |. 8B45 CC mov eax,[local.13]
0048B962 |. 8B08 mov ecx,dword ptr ds:[eax]
0048B964 |. 51 push ecx
0048B965 |. E8 9AB6F7FF call GameServ.00407004
0048B96A |. 83C4 34 add esp,34
0048B96D |. 8B55 D0 mov edx,[local.12]
0048B970 |. 52 push edx
0048B971 |. 8B45 DC mov eax,[local.9]
0048B974 |. 50 push eax
0048B975 |. 8B4D E0 mov ecx,[local.8]
0048B978 |. 51 push ecx
0048B979 |. 8B55 E4 mov edx,[local.7]
0048B97C |. 52 push edx
0048B97D |. 8B45 F0 mov eax,[local.4]
0048B980 |. 50 push eax
0048B981 |. 8B4D F4 mov ecx,[local.3]
0048B984 |. 51 push ecx
0048B985 |. 8B55 F4 mov edx,[local.3]
0048B988 |. 6BD2 70 imul edx,edx,70
0048B98B |. 81C2 C035B107 add edx,GameServ.07B135C0 ; ASCII "Kris"
0048B991 |. 52 push edx
0048B992 |. 8B45 CC mov eax,[local.13]
0048B995 |. 83C0 77 add eax,77
0048B998 |. 50 push eax
0048B999 |. 8B4D CC mov ecx,[local.13]
0048B99C |. 83C1 6C add ecx,6C
0048B99F |. 51 push ecx
0048B9A0 |. 68 C0907700 push GameServ.007790C0 ; ASCII "[ GAMBLING ][ TryGambling ] %s(%s) Try Item : [%s]%d Level:%d op1:%d op2:%d op3:%d ExOp:%d"
0048B9A5 |. FF15 44367407 call dword ptr ds:[7743644] ; GameServ.00404836
0048B9AB |. 83C4 28 add esp,28
0048B9AE |> B0 01 mov al,1
0048B9B0 |> 5F pop edi
0048B9B1 |. 5E pop esi
0048B9B2 |. 5B pop ebx
0048B9B3 |. 8BE5 mov esp,ebp
0048B9B5 |. 5D pop ebp
0048B9B6 \. C2 1400 retn 14
Hex-ray pseudocode:
Code:
char __userpurge sub_48B360<al>(int a1<ecx>, double a2<st0>, int a3, char a4, int a5, int a6, unsigned __int8 a7)
{
unsigned int v8; // edx@4
int v9; // edx@5
signed int v10; // ecx@5
unsigned int v11; // eax@5
signed int v12; // ecx@14
int v13; // ecx@39
int v14; // eax@40
unsigned int v15; // edx@51
unsigned int v16; // eax@61
signed int v17; // ST2C_4@63
int v18; // ST28_4@63
int v19; // eax@63
int v20; // ecx@63
int v21; // edx@63
unsigned int v22; // [sp+54h] [bp-5Ch]@52
int i; // [sp+58h] [bp-58h]@34
unsigned int v24; // [sp+5Ch] [bp-54h]@34
unsigned int v25; // [sp+60h] [bp-50h]@34
signed int v26; // [sp+64h] [bp-4Ch]@28
int v27; // [sp+68h] [bp-48h]@28
int v28; // [sp+6Ch] [bp-44h]@28
signed int v29; // [sp+70h] [bp-40h]@28
unsigned int v30; // [sp+74h] [bp-3Ch]@13
unsigned int v31; // [sp+78h] [bp-38h]@5
int v32; // [sp+7Ch] [bp-34h]@3
int v33; // [sp+80h] [bp-30h]@3
unsigned int v34; // [sp+88h] [bp-28h]@40
signed int v35; // [sp+8Ch] [bp-24h]@3
signed int v36; // [sp+90h] [bp-20h]@3
signed int v37; // [sp+94h] [bp-1Ch]@3
char v38; // [sp+98h] [bp-18h]@3
char v39; // [sp+9Ch] [bp-14h]@3
int v40; // [sp+A0h] [bp-10h]@5
int v41; // [sp+A4h] [bp-Ch]@3
int v42; // [sp+ACh] [bp-4h]@1
v42 = a1;
if ( !*(_DWORD *)(a1 + 4) )
return 0;
v41 = 0;
v39 = 0;
v38 = 0;
v37 = 0;
v36 = 0;
v35 = 0;
v33 = 0;
v32 = 8744 * a3 + dword_7A5502C;
if ( sub_40484A(a1) > 0 )
{
v8 = ((int (*)(void))sub_402D38)() % 0xF4240u;
if ( *(_DWORD *)(v42 + 4 * a7 + 524) < v8 )
{
v29 = 0;
v28 = 0;
v27 = 0;
v26 = 0;
switch ( a7 )
{
case 0u:
v26 = 0;
break;
case 1u:
v26 = 5;
break;
case 2u:
v26 = 10;
break;
case 3u:
v26 = 15;
break;
case 4u:
v26 = 20;
break;
default:
break;
}
v25 = sub_402D38(a7, a7) % 0xF4240u;
v24 = 0;
for ( i = v26; i < v26 + 5; ++i )
{
v24 += *(_DWORD *)(v42 + 20 * i + 24);
if ( v25 <= v24 )
{
v26 = i;
break;
}
}
while ( 1 )
{
v13 = *(_DWORD *)(v42 + 4 * v29 + 612) + v27;
v27 += *(_DWORD *)(v42 + 4 * v29 + 612);
if ( v26 <= v29 )
break;
v28 += *(_DWORD *)(v42 + 4 * v29++ + 612);
}
v34 = v28 + sub_402D38(v13, v26) % (unsigned int)(v27 - v28);
v39 = 0;
v38 = 0;
v40 = (unsigned __int8)sub_403A6C(v34);
v14 = sub_405425(*(_BYTE *)(v42 + 8 * v34 + 716), *(_BYTE *)(v42 + 8 * v34 + 717));
v41 = v14;
if ( v14 == -1 )
return 0;
if ( *(_BYTE *)(v42 + 8 * v34 + 720) )
{
if ( *(_DWORD *)(v42 + 20 * v26 + 8) >= sub_402D38(v42, *(_BYTE *)(v42 + 8 * v34 + 720)) % 0xF4240u )
v37 = 1;
}
if ( *(_BYTE *)(v42 + 8 * v34 + 721) )
{
if ( *(_DWORD *)(v42 + 20 * v26 + 12) >= sub_402D38(v34, v42) % 0xF4240u )
v36 = 1;
}
if ( *(_BYTE *)(v42 + 8 * v34 + 722) )
{
v15 = sub_402D38(v34, v42) % 0xF4240u;
if ( *(_DWORD *)(v42 + 20 * v26 + 16) >= v15 )
{
v22 = sub_402D38(1000000, v15) % 0xF4240u;
if ( (signed int)v22 > *(_DWORD *)(v42 + 508) )
{
if ( (signed int)v22 > *(_DWORD *)(v42 + 512) + *(_DWORD *)(v42 + 508) )
{
if ( (signed int)v22 > *(_DWORD *)(v42 + 516) + *(_DWORD *)(v42 + 512) + *(_DWORD *)(v42 + 508) )
{
if ( (signed int)v22 <= *(_DWORD *)(v42 + 520)
+ *(_DWORD *)(v42 + 516)
+ *(_DWORD *)(v42 + 512)
+ *(_DWORD *)(v42 + 508) )
v35 = 4;
}
else
{
v35 = 3;
}
}
else
{
v35 = 2;
}
}
else
{
v35 = 1;
}
}
}
v12 = *(_BYTE *)(v42 + 8 * v34 + 723);
if ( *(_BYTE *)(v42 + 8 * v34 + 723) )
{
v16 = sub_402D38(v12, v34);
v12 = 1000000;
if ( *(_DWORD *)(v42 + 20 * v26 + 20) >= v16 % 0xF4240 )
{
v33 = sub_406AD7(v42) & 0xFF;
v36 = 0;
v37 = 1;
v40 = 0;
}
}
}
else
{
v40 = 0;
v37 = 1;
v36 = 0;
v11 = sub_402D38(1000000, v8);
v10 = 1000000;
v31 = v11 % 0xF4240;
v9 = v42;
if ( v11 % 0xF4240 > *(_DWORD *)(v42 + 508) )
{
v10 = v42;
v9 = *(_DWORD *)(v42 + 512) + *(_DWORD *)(v42 + 508);
if ( v31 > v9 )
{
v10 = v42;
v9 = *(_DWORD *)(v42 + 516) + *(_DWORD *)(v42 + 512) + *(_DWORD *)(v42 + 508);
if ( v31 > v9 )
{
v9 = v42;
v10 = v42;
if ( v31 <= *(_DWORD *)(v42 + 520)
+ *(_DWORD *)(v42 + 516)
+ *(_DWORD *)(v42 + 512)
+ *(_DWORD *)(v42 + 508) )
v35 = 4;
}
else
{
v35 = 3;
}
}
else
{
v35 = 2;
}
}
else
{
v35 = 1;
}
v30 = sub_402D38(v10, v9) % 0xF4240u;
if ( v30 > *(_DWORD *)(v42 + 544) )
{
if ( v30 > *(_DWORD *)(v42 + 548) + *(_DWORD *)(v42 + 544) )
{
if ( v30 > *(_DWORD *)(v42 + 552) + *(_DWORD *)(v42 + 548) + *(_DWORD *)(v42 + 544) )
{
v12 = v42;
if ( v30 <= *(_DWORD *)(v42 + 556)
+ *(_DWORD *)(v42 + 552)
+ *(_DWORD *)(v42 + 548)
+ *(_DWORD *)(v42 + 544) )
v33 = (unsigned __int8)sub_405461(4);
}
else
{
v33 = (unsigned __int8)sub_405461(3);
}
}
else
{
v33 = (unsigned __int8)sub_405461(2);
}
}
else
{
v33 = (unsigned __int8)sub_405461(1);
}
switch ( a7 )
{
case 0u:
v41 = sub_405425(3, 11);
break;
case 1u:
v41 = sub_405425(5, 33);
break;
case 2u:
v41 = sub_405425(4, 24);
break;
case 3u:
v41 = sub_405425(2, 18);
break;
case 4u:
v41 = sub_405425(5, 34);
break;
default:
break;
}
}
LOBYTE(v12) = v33;
v17 = v12;
v18 = *(_DWORD *)v32;
v19 = sub_616F0C(a2);
LOBYTE(v20) = v40;
v21 = v41;
LOBYTE(v21) = a4;
sub_407004(*(_DWORD *)v32, v21, v39, v38, v41, v20, v19, v37, v36, v35, v18, v17, 0);
((void (*)(const char *, ...))dword_7743644)(
"[ GAMBLING ][ TryGambling ] %s(%s) Try Item : [%s]%d Level:%d op1:%d op2:%d op3:%d ExOp:%d",
v32 + 108,
v32 + 119,
(char *)&unk_7B135C0 + 112 * v41,
v41,
v40,
v37,
v36,
v35,
v33);
}
return 1;
}
Re: Moss Merchant for 1.00.90
@Young:
No no, there's no Moss references, only its ItemBag, that is the GamblingSystem. You can instantiate this class and use it as the Moss ItemBag, so you have the same option generating algorithm as used by WebZen, but you'll have to decompile the file reading to aquire the correct values for the itembag (that have a different struct from the common EventItemBag).
The moss event you'll have to code by yourself =) The only thing that is ready, is the ItemBag
Good Luck! ;D
Re: Moss Merchant for 1.00.90
Quote:
Originally Posted by
Young
Maybe you are wrong. I found this functions without call in .90 GS:
Code:
0048B360 /> \55 push ebp
0048B361 |. 8BEC mov ebp,esp
0048B363 |. 81EC A4000000 sub esp,0A4
0048B369 |. 53 push ebx
0048B36A |. 56 push esi
0048B36B |. 57 push edi
0048B36C |. 894D FC mov [local.1],ecx
0048B36F |. 8B45 FC mov eax,[local.1]
0048B372 |. 8378 04 00 cmp dword ptr ds:[eax+4],0
0048B376 |. 75 07 jnz short GameServ.0048B37F
0048B378 |. 32C0 xor al,al
0048B37A |. E9 31060000 jmp GameServ.0048B9B0
0048B37F |> C745 F8 00000>mov [local.2],0
0048B386 |. C745 F4 00000>mov [local.3],0
0048B38D |. C745 F0 00000>mov [local.4],0
0048B394 |. C745 EC 00000>mov [local.5],0
0048B39B |. C745 E8 00000>mov [local.6],0
0048B3A2 |. C745 E4 00000>mov [local.7],0
0048B3A9 |. C745 E0 00000>mov [local.8],0
0048B3B0 |. C745 DC 00000>mov [local.9],0
0048B3B7 |. C745 D8 00000>mov [local.10],0
0048B3BE |. C745 D4 00000>mov [local.11],0
0048B3C5 |. C745 D0 00000>mov [local.12],0
0048B3CC |. 8B4D 08 mov ecx,[arg.1]
0048B3CF |. 69C9 28220000 imul ecx,ecx,2228
0048B3D5 |. 8B15 2C50A507 mov edx,dword ptr ds:[7A5502C]
0048B3DB |. 03D1 add edx,ecx
0048B3DD |. 8955 CC mov [local.13],edx
0048B3E0 |. 8B4D FC mov ecx,[local.1]
0048B3E3 |. E8 6294F7FF call GameServ.0040484A
0048B3E8 |. 85C0 test eax,eax
0048B3EA |. 0F8E BE050000 jle GameServ.0048B9AE
0048B3F0 |. 8B75 18 mov esi,[arg.5]
0048B3F3 |. 81E6 FF000000 and esi,0FF
0048B3F9 |. E8 3A79F7FF call GameServ.00402D38
0048B3FE |. 33D2 xor edx,edx
0048B400 |. B9 40420F00 mov ecx,0F4240
0048B405 |. F7F1 div ecx
0048B407 |. 8B45 FC mov eax,[local.1]
0048B40A |. 3994B0 0C0200>cmp dword ptr ds:[eax+esi*4+20C],edx
0048B411 |. 0F82 01020000 jb GameServ.0048B618
0048B417 |. C745 F0 00000>mov [local.4],0
0048B41E |. C745 F8 00000>mov [local.2],0
0048B425 |. C745 E4 01000>mov [local.7],1
0048B42C |. C745 E0 00000>mov [local.8],0
0048B433 |. E8 0079F7FF call GameServ.00402D38
0048B438 |. 33D2 xor edx,edx
0048B43A |. B9 40420F00 mov ecx,0F4240
0048B43F |. F7F1 div ecx
0048B441 |. 8955 C8 mov [local.14],edx
0048B444 |. 8B55 FC mov edx,[local.1]
0048B447 |. 8B45 C8 mov eax,[local.14]
0048B44A |. 3B82 FC010000 cmp eax,dword ptr ds:[edx+1FC]
0048B450 |. 77 09 ja short GameServ.0048B45B
0048B452 |. C745 DC 01000>mov [local.9],1
0048B459 |. EB 79 jmp short GameServ.0048B4D4
0048B45B |> 8B4D FC mov ecx,[local.1]
0048B45E |. 8B91 FC010000 mov edx,dword ptr ds:[ecx+1FC]
0048B464 |. 8B45 FC mov eax,[local.1]
0048B467 |. 0390 00020000 add edx,dword ptr ds:[eax+200]
0048B46D |. 3955 C8 cmp [local.14],edx
0048B470 |. 77 09 ja short GameServ.0048B47B
0048B472 |. C745 DC 02000>mov [local.9],2
0048B479 |. EB 59 jmp short GameServ.0048B4D4
0048B47B |> 8B4D FC mov ecx,[local.1]
0048B47E |. 8B91 FC010000 mov edx,dword ptr ds:[ecx+1FC]
0048B484 |. 8B45 FC mov eax,[local.1]
0048B487 |. 0390 00020000 add edx,dword ptr ds:[eax+200]
0048B48D |. 8B4D FC mov ecx,[local.1]
0048B490 |. 0391 04020000 add edx,dword ptr ds:[ecx+204]
0048B496 |. 3955 C8 cmp [local.14],edx
0048B499 |. 77 09 ja short GameServ.0048B4A4
0048B49B |. C745 DC 03000>mov [local.9],3
0048B4A2 |. EB 30 jmp short GameServ.0048B4D4
0048B4A4 |> 8B55 FC mov edx,[local.1]
0048B4A7 |. 8B82 FC010000 mov eax,dword ptr ds:[edx+1FC]
0048B4AD |. 8B4D FC mov ecx,[local.1]
0048B4B0 |. 0381 00020000 add eax,dword ptr ds:[ecx+200]
0048B4B6 |. 8B55 FC mov edx,[local.1]
0048B4B9 |. 0382 04020000 add eax,dword ptr ds:[edx+204]
0048B4BF |. 8B4D FC mov ecx,[local.1]
0048B4C2 |. 0381 08020000 add eax,dword ptr ds:[ecx+208]
0048B4C8 |. 3945 C8 cmp [local.14],eax
0048B4CB |. 77 07 ja short GameServ.0048B4D4
0048B4CD |. C745 DC 04000>mov [local.9],4
0048B4D4 |> E8 5F78F7FF call GameServ.00402D38
0048B4D9 |. 33D2 xor edx,edx
0048B4DB |. B9 40420F00 mov ecx,0F4240
0048B4E0 |. F7F1 div ecx
0048B4E2 |. 8955 C4 mov [local.15],edx
0048B4E5 |. 8B55 FC mov edx,[local.1]
0048B4E8 |. 8B45 C4 mov eax,[local.15]
0048B4EB |. 3B82 20020000 cmp eax,dword ptr ds:[edx+220]
0048B4F1 |. 77 17 ja short GameServ.0048B50A
0048B4F3 |. 6A 01 push 1
0048B4F5 |. 8B4D FC mov ecx,[local.1]
0048B4F8 |. E8 649FF7FF call GameServ.00405461
0048B4FD |. 25 FF000000 and eax,0FF
0048B502 |. 8945 D0 mov [local.12],eax
0048B505 |. E9 9A000000 jmp GameServ.0048B5A4
0048B50A |> 8B4D FC mov ecx,[local.1]
0048B50D |. 8B91 20020000 mov edx,dword ptr ds:[ecx+220]
0048B513 |. 8B45 FC mov eax,[local.1]
0048B516 |. 0390 24020000 add edx,dword ptr ds:[eax+224]
0048B51C |. 3955 C4 cmp [local.15],edx
0048B51F |. 77 14 ja short GameServ.0048B535
0048B521 |. 6A 02 push 2
0048B523 |. 8B4D FC mov ecx,[local.1]
0048B526 |. E8 369FF7FF call GameServ.00405461
0048B52B |. 25 FF000000 and eax,0FF
0048B530 |. 8945 D0 mov [local.12],eax
0048B533 |. EB 6F jmp short GameServ.0048B5A4
0048B535 |> 8B4D FC mov ecx,[local.1]
0048B538 |. 8B91 20020000 mov edx,dword ptr ds:[ecx+220]
0048B53E |. 8B45 FC mov eax,[local.1]
0048B541 |. 0390 24020000 add edx,dword ptr ds:[eax+224]
0048B547 |. 8B4D FC mov ecx,[local.1]
0048B54A |. 0391 28020000 add edx,dword ptr ds:[ecx+228]
0048B550 |. 3955 C4 cmp [local.15],edx
0048B553 |. 77 14 ja short GameServ.0048B569
0048B555 |. 6A 03 push 3
0048B557 |. 8B4D FC mov ecx,[local.1]
0048B55A |. E8 029FF7FF call GameServ.00405461
0048B55F |. 25 FF000000 and eax,0FF
0048B564 |. 8945 D0 mov [local.12],eax
0048B567 |. EB 3B jmp short GameServ.0048B5A4
0048B569 |> 8B55 FC mov edx,[local.1]
0048B56C |. 8B82 20020000 mov eax,dword ptr ds:[edx+220]
0048B572 |. 8B4D FC mov ecx,[local.1]
0048B575 |. 0381 24020000 add eax,dword ptr ds:[ecx+224]
0048B57B |. 8B55 FC mov edx,[local.1]
0048B57E |. 0382 28020000 add eax,dword ptr ds:[edx+228]
0048B584 |. 8B4D FC mov ecx,[local.1]
0048B587 |. 0381 2C020000 add eax,dword ptr ds:[ecx+22C]
0048B58D |. 3945 C4 cmp [local.15],eax
0048B590 |. 77 12 ja short GameServ.0048B5A4
0048B592 |. 6A 04 push 4
0048B594 |. 8B4D FC mov ecx,[local.1]
0048B597 |. E8 C59EF7FF call GameServ.00405461
0048B59C |. 25 FF000000 and eax,0FF
0048B5A1 |. 8945 D0 mov [local.12],eax
0048B5A4 |> 8B55 18 mov edx,[arg.5]
0048B5A7 |. 81E2 FF000000 and edx,0FF
0048B5AD |. 8955 A0 mov [local.24],edx
0048B5B0 |. 837D A0 04 cmp [local.24],4
0048B5B4 |. 77 5D ja short GameServ.0048B613
0048B5B6 |. 8B45 A0 mov eax,[local.24]
0048B5B9 |. FF2485 B9B948>jmp dword ptr ds:[eax*4+48B9B9]
0048B5C0 |> 6A 0B push 0B
0048B5C2 |. 6A 03 push 3
0048B5C4 |. E8 5C9EF7FF call GameServ.00405425
0048B5C9 |. 83C4 08 add esp,8
0048B5CC |. 8945 F4 mov [local.3],eax
0048B5CF |. EB 42 jmp short GameServ.0048B613
0048B5D1 |> 6A 21 push 21
0048B5D3 |. 6A 05 push 5
0048B5D5 |. E8 4B9EF7FF call GameServ.00405425
0048B5DA |. 83C4 08 add esp,8
0048B5DD |. 8945 F4 mov [local.3],eax
0048B5E0 |. EB 31 jmp short GameServ.0048B613
0048B5E2 |> 6A 18 push 18
0048B5E4 |. 6A 04 push 4
0048B5E6 |. E8 3A9EF7FF call GameServ.00405425
0048B5EB |. 83C4 08 add esp,8
0048B5EE |. 8945 F4 mov [local.3],eax
0048B5F1 |. EB 20 jmp short GameServ.0048B613
0048B5F3 |> 6A 12 push 12
0048B5F5 |. 6A 02 push 2
0048B5F7 |. E8 299EF7FF call GameServ.00405425
0048B5FC |. 83C4 08 add esp,8
0048B5FF |. 8945 F4 mov [local.3],eax
0048B602 |. EB 0F jmp short GameServ.0048B613
0048B604 |> 6A 22 push 22
0048B606 |. 6A 05 push 5
0048B608 |. E8 189EF7FF call GameServ.00405425
0048B60D |. 83C4 08 add esp,8
0048B610 |. 8945 F4 mov [local.3],eax
0048B613 |> E9 12030000 jmp GameServ.0048B92A
0048B618 |> C745 C0 00000>mov [local.16],0
0048B61F |. C745 BC 00000>mov [local.17],0
0048B626 |. C745 B8 00000>mov [local.18],0
0048B62D |. C745 B4 00000>mov [local.19],0
0048B634 |. 8B4D 18 mov ecx,[arg.5]
0048B637 |. 81E1 FF000000 and ecx,0FF
0048B63D |. 894D 9C mov [local.25],ecx
0048B640 |. 837D 9C 04 cmp [local.25],4
0048B644 |. 77 35 ja short GameServ.0048B67B
0048B646 |. 8B55 9C mov edx,[local.25]
0048B649 |. FF2495 CDB948>jmp dword ptr ds:[edx*4+48B9CD]
0048B650 |> C745 B4 00000>mov [local.19],0
0048B657 |. EB 22 jmp short GameServ.0048B67B
0048B659 |> C745 B4 05000>mov [local.19],5
0048B660 |. EB 19 jmp short GameServ.0048B67B
0048B662 |> C745 B4 0A000>mov [local.19],0A
0048B669 |. EB 10 jmp short GameServ.0048B67B
0048B66B |> C745 B4 0F000>mov [local.19],0F
0048B672 |. EB 07 jmp short GameServ.0048B67B
0048B674 |> C745 B4 14000>mov [local.19],14
0048B67B |> E8 B876F7FF call GameServ.00402D38
0048B680 |. 33D2 xor edx,edx
0048B682 |. B9 40420F00 mov ecx,0F4240
0048B687 |. F7F1 div ecx
0048B689 |. 8955 B0 mov [local.20],edx
0048B68C |. C745 AC 00000>mov [local.21],0
0048B693 |. 8B55 B4 mov edx,[local.19]
0048B696 |. 8955 A8 mov [local.22],edx
0048B699 |. EB 09 jmp short GameServ.0048B6A4
0048B69B |> 8B45 A8 /mov eax,[local.22]
0048B69E |. 83C0 01 |add eax,1
0048B6A1 |. 8945 A8 |mov [local.22],eax
0048B6A4 |> 8B4D B4 mov ecx,[local.19]
0048B6A7 |. 83C1 05 |add ecx,5
0048B6AA |. 394D A8 |cmp [local.22],ecx
0048B6AD |. 7D 25 |jge short GameServ.0048B6D4
0048B6AF |. 8B55 A8 |mov edx,[local.22]
0048B6B2 |. 6BD2 14 |imul edx,edx,14
0048B6B5 |. 8B45 FC |mov eax,[local.1]
0048B6B8 |. 8B4D AC |mov ecx,[local.21]
0048B6BB |. 034C10 18 |add ecx,dword ptr ds:[eax+edx+18]
0048B6BF |. 894D AC |mov [local.21],ecx
0048B6C2 |. 8B55 B0 |mov edx,[local.20]
0048B6C5 |. 3B55 AC |cmp edx,[local.21]
0048B6C8 |. 77 08 |ja short GameServ.0048B6D2
0048B6CA |. 8B45 A8 |mov eax,[local.22]
0048B6CD |. 8945 B4 |mov [local.19],eax
0048B6D0 |. EB 02 |jmp short GameServ.0048B6D4
0048B6D2 |>^ EB C7 \jmp short GameServ.0048B69B
0048B6D4 |> B9 01000000 /mov ecx,1
0048B6D9 |. 85C9 |test ecx,ecx
0048B6DB |. 74 3B |je short GameServ.0048B718
0048B6DD |. 8B55 C0 |mov edx,[local.16]
0048B6E0 |. 8B45 FC |mov eax,[local.1]
0048B6E3 |. 8B4D B8 |mov ecx,[local.18]
0048B6E6 |. 038C90 640200>|add ecx,dword ptr ds:[eax+edx*4+264]
0048B6ED |. 894D B8 |mov [local.18],ecx
0048B6F0 |. 8B55 B4 |mov edx,[local.19]
0048B6F3 |. 3B55 C0 |cmp edx,[local.16]
0048B6F6 |. 7F 02 |jg short GameServ.0048B6FA
0048B6F8 |. EB 1E |jmp short GameServ.0048B718
0048B6FA |> 8B45 C0 |mov eax,[local.16]
0048B6FD |. 8B4D FC |mov ecx,[local.1]
0048B700 |. 8B55 BC |mov edx,[local.17]
0048B703 |. 039481 640200>|add edx,dword ptr ds:[ecx+eax*4+264]
0048B70A |. 8955 BC |mov [local.17],edx
0048B70D |. 8B45 C0 |mov eax,[local.16]
0048B710 |. 83C0 01 |add eax,1
0048B713 |. 8945 C0 |mov [local.16],eax
0048B716 |.^ EB BC \jmp short GameServ.0048B6D4
0048B718 |> E8 1B76F7FF call GameServ.00402D38
0048B71D |. 8B4D B8 mov ecx,[local.18]
0048B720 |. 2B4D BC sub ecx,[local.17]
0048B723 |. 33D2 xor edx,edx
0048B725 |. F7F1 div ecx
0048B727 |. 0355 BC add edx,[local.17]
0048B72A |. 8955 D8 mov [local.10],edx
0048B72D |. C745 F8 00000>mov [local.2],0
0048B734 |. C745 EC 00000>mov [local.5],0
0048B73B |. C745 E8 00000>mov [local.6],0
0048B742 |. 8B55 D8 mov edx,[local.10]
0048B745 |. 52 push edx
0048B746 |. 8B4D FC mov ecx,[local.1]
0048B749 |. E8 1E83F7FF call GameServ.00403A6C
0048B74E |. 25 FF000000 and eax,0FF
0048B753 |. 8945 F0 mov [local.4],eax
0048B756 |. 8B45 D8 mov eax,[local.10]
0048B759 |. 8B4D FC mov ecx,[local.1]
0048B75C |. 33D2 xor edx,edx
0048B75E |. 8A94C1 CD0200>mov dl,byte ptr ds:[ecx+eax*8+2CD]
0048B765 |. 52 push edx
0048B766 |. 8B45 D8 mov eax,[local.10]
0048B769 |. 8B4D FC mov ecx,[local.1]
0048B76C |. 33D2 xor edx,edx
0048B76E |. 8A94C1 CC0200>mov dl,byte ptr ds:[ecx+eax*8+2CC]
0048B775 |. 52 push edx
0048B776 |. E8 AA9CF7FF call GameServ.00405425
0048B77B |. 83C4 08 add esp,8
0048B77E |. 8945 F4 mov [local.3],eax
0048B781 |. 837D F4 FF cmp [local.3],-1
0048B785 |. 75 07 jnz short GameServ.0048B78E
0048B787 |. 32C0 xor al,al
0048B789 |. E9 22020000 jmp GameServ.0048B9B0
0048B78E |> 8B45 D8 mov eax,[local.10]
0048B791 |. 8B4D FC mov ecx,[local.1]
0048B794 |. 33D2 xor edx,edx
0048B796 |. 8A94C1 D00200>mov dl,byte ptr ds:[ecx+eax*8+2D0]
0048B79D |. 85D2 test edx,edx
0048B79F |. 74 24 je short GameServ.0048B7C5
0048B7A1 |. 8B75 B4 mov esi,[local.19]
0048B7A4 |. 6BF6 14 imul esi,esi,14
0048B7A7 |. E8 8C75F7FF call GameServ.00402D38
0048B7AC |. 33D2 xor edx,edx
0048B7AE |. B9 40420F00 mov ecx,0F4240
0048B7B3 |. F7F1 div ecx
0048B7B5 |. 8B45 FC mov eax,[local.1]
0048B7B8 |. 395430 08 cmp dword ptr ds:[eax+esi+8],edx
0048B7BC |. 72 07 jb short GameServ.0048B7C5
0048B7BE |. C745 E4 01000>mov [local.7],1
0048B7C5 |> 8B4D D8 mov ecx,[local.10]
0048B7C8 |. 8B55 FC mov edx,[local.1]
0048B7CB |. 33C0 xor eax,eax
0048B7CD |. 8A84CA D10200>mov al,byte ptr ds:[edx+ecx*8+2D1]
0048B7D4 |. 85C0 test eax,eax
0048B7D6 |. 74 24 je short GameServ.0048B7FC
0048B7D8 |. 8B75 B4 mov esi,[local.19]
0048B7DB |. 6BF6 14 imul esi,esi,14
0048B7DE |. E8 5575F7FF call GameServ.00402D38
0048B7E3 |. 33D2 xor edx,edx
0048B7E5 |. B9 40420F00 mov ecx,0F4240
0048B7EA |. F7F1 div ecx
0048B7EC |. 8B45 FC mov eax,[local.1]
0048B7EF |. 395430 0C cmp dword ptr ds:[eax+esi+C],edx
0048B7F3 |. 72 07 jb short GameServ.0048B7FC
0048B7F5 |. C745 E0 01000>mov [local.8],1
0048B7FC |> 8B4D D8 mov ecx,[local.10]
0048B7FF |. 8B55 FC mov edx,[local.1]
0048B802 |. 33C0 xor eax,eax
0048B804 |. 8A84CA D20200>mov al,byte ptr ds:[edx+ecx*8+2D2]
0048B80B |. 85C0 test eax,eax
0048B80D |. 0F84 C2000000 je GameServ.0048B8D5
0048B813 |. 8B75 B4 mov esi,[local.19]
0048B816 |. 6BF6 14 imul esi,esi,14
0048B819 |. E8 1A75F7FF call GameServ.00402D38
0048B81E |. 33D2 xor edx,edx
0048B820 |. B9 40420F00 mov ecx,0F4240
0048B825 |. F7F1 div ecx
0048B827 |. 8B45 FC mov eax,[local.1]
0048B82A |. 395430 10 cmp dword ptr ds:[eax+esi+10],edx
0048B82E |. 0F82 A1000000 jb GameServ.0048B8D5
0048B834 |. E8 FF74F7FF call GameServ.00402D38
0048B839 |. 33D2 xor edx,edx
0048B83B |. B9 40420F00 mov ecx,0F4240
0048B840 |. F7F1 div ecx
0048B842 |. 8955 A4 mov [local.23],edx
0048B845 |. 8B55 FC mov edx,[local.1]
0048B848 |. 8B45 A4 mov eax,[local.23]
0048B84B |. 3B82 FC010000 cmp eax,dword ptr ds:[edx+1FC]
0048B851 |. 7F 09 jg short GameServ.0048B85C
0048B853 |. C745 DC 01000>mov [local.9],1
0048B85A |. EB 79 jmp short GameServ.0048B8D5
0048B85C |> 8B4D FC mov ecx,[local.1]
0048B85F |. 8B91 FC010000 mov edx,dword ptr ds:[ecx+1FC]
0048B865 |. 8B45 FC mov eax,[local.1]
0048B868 |. 0390 00020000 add edx,dword ptr ds:[eax+200]
0048B86E |. 3955 A4 cmp [local.23],edx
0048B871 |. 7F 09 jg short GameServ.0048B87C
0048B873 |. C745 DC 02000>mov [local.9],2
0048B87A |. EB 59 jmp short GameServ.0048B8D5
0048B87C |> 8B4D FC mov ecx,[local.1]
0048B87F |. 8B91 FC010000 mov edx,dword ptr ds:[ecx+1FC]
0048B885 |. 8B45 FC mov eax,[local.1]
0048B888 |. 0390 00020000 add edx,dword ptr ds:[eax+200]
0048B88E |. 8B4D FC mov ecx,[local.1]
0048B891 |. 0391 04020000 add edx,dword ptr ds:[ecx+204]
0048B897 |. 3955 A4 cmp [local.23],edx
0048B89A |. 7F 09 jg short GameServ.0048B8A5
0048B89C |. C745 DC 03000>mov [local.9],3
0048B8A3 |. EB 30 jmp short GameServ.0048B8D5
0048B8A5 |> 8B55 FC mov edx,[local.1]
0048B8A8 |. 8B82 FC010000 mov eax,dword ptr ds:[edx+1FC]
0048B8AE |. 8B4D FC mov ecx,[local.1]
0048B8B1 |. 0381 00020000 add eax,dword ptr ds:[ecx+200]
0048B8B7 |. 8B55 FC mov edx,[local.1]
0048B8BA |. 0382 04020000 add eax,dword ptr ds:[edx+204]
0048B8C0 |. 8B4D FC mov ecx,[local.1]
0048B8C3 |. 0381 08020000 add eax,dword ptr ds:[ecx+208]
0048B8C9 |. 3945 A4 cmp [local.23],eax
0048B8CC |. 7F 07 jg short GameServ.0048B8D5
0048B8CE |. C745 DC 04000>mov [local.9],4
0048B8D5 |> 8B55 D8 mov edx,[local.10]
0048B8D8 |. 8B45 FC mov eax,[local.1]
0048B8DB |. 33C9 xor ecx,ecx
0048B8DD |. 8A8CD0 D30200>mov cl,byte ptr ds:[eax+edx*8+2D3]
0048B8E4 |. 85C9 test ecx,ecx
0048B8E6 |. 74 42 je short GameServ.0048B92A
0048B8E8 |. 8B75 B4 mov esi,[local.19]
0048B8EB |. 6BF6 14 imul esi,esi,14
0048B8EE |. E8 4574F7FF call GameServ.00402D38
0048B8F3 |. 33D2 xor edx,edx
0048B8F5 |. B9 40420F00 mov ecx,0F4240
0048B8FA |. F7F1 div ecx
0048B8FC |. 8B45 FC mov eax,[local.1]
0048B8FF |. 395430 14 cmp dword ptr ds:[eax+esi+14],edx
0048B903 |. 72 25 jb short GameServ.0048B92A
0048B905 |. 8B4D FC mov ecx,[local.1]
0048B908 |. E8 CAB1F7FF call GameServ.00406AD7
0048B90D |. 25 FF000000 and eax,0FF
0048B912 |. 8945 D0 mov [local.12],eax
0048B915 |. C745 E0 00000>mov [local.8],0
0048B91C |. C745 E4 01000>mov [local.7],1
0048B923 |. C745 F0 00000>mov [local.4],0
0048B92A |> 6A 00 push 0
0048B92C |. 8A4D D0 mov cl,byte ptr ss:[ebp-30]
0048B92F |. 51 push ecx
0048B930 |. 8B55 CC mov edx,[local.13]
0048B933 |. 8B02 mov eax,dword ptr ds:[edx]
0048B935 |. 50 push eax
0048B936 |. 8A4D DC mov cl,byte ptr ss:[ebp-24]
0048B939 |. 51 push ecx
0048B93A |. 8A55 E0 mov dl,byte ptr ss:[ebp-20]
0048B93D |. 52 push edx
0048B93E |. 8A45 E4 mov al,byte ptr ss:[ebp-1C]
0048B941 |. 50 push eax
0048B942 |. D945 F8 fld [local.2]
0048B945 |. E8 C2B51800 call GameServ.00616F0C
0048B94A |. 50 push eax
0048B94B |. 8A4D F0 mov cl,byte ptr ss:[ebp-10]
0048B94E |. 51 push ecx
0048B94F |. 8B55 F4 mov edx,[local.3]
0048B952 |. 52 push edx
0048B953 |. 8A45 E8 mov al,byte ptr ss:[ebp-18]
0048B956 |. 50 push eax
0048B957 |. 8A4D EC mov cl,byte ptr ss:[ebp-14]
0048B95A |. 51 push ecx
0048B95B |. 8A55 0C mov dl,byte ptr ss:[ebp+C]
0048B95E |. 52 push edx
0048B95F |. 8B45 CC mov eax,[local.13]
0048B962 |. 8B08 mov ecx,dword ptr ds:[eax]
0048B964 |. 51 push ecx
0048B965 |. E8 9AB6F7FF call GameServ.00407004
0048B96A |. 83C4 34 add esp,34
0048B96D |. 8B55 D0 mov edx,[local.12]
0048B970 |. 52 push edx
0048B971 |. 8B45 DC mov eax,[local.9]
0048B974 |. 50 push eax
0048B975 |. 8B4D E0 mov ecx,[local.8]
0048B978 |. 51 push ecx
0048B979 |. 8B55 E4 mov edx,[local.7]
0048B97C |. 52 push edx
0048B97D |. 8B45 F0 mov eax,[local.4]
0048B980 |. 50 push eax
0048B981 |. 8B4D F4 mov ecx,[local.3]
0048B984 |. 51 push ecx
0048B985 |. 8B55 F4 mov edx,[local.3]
0048B988 |. 6BD2 70 imul edx,edx,70
0048B98B |. 81C2 C035B107 add edx,GameServ.07B135C0 ; ASCII "Kris"
0048B991 |. 52 push edx
0048B992 |. 8B45 CC mov eax,[local.13]
0048B995 |. 83C0 77 add eax,77
0048B998 |. 50 push eax
0048B999 |. 8B4D CC mov ecx,[local.13]
0048B99C |. 83C1 6C add ecx,6C
0048B99F |. 51 push ecx
0048B9A0 |. 68 C0907700 push GameServ.007790C0 ; ASCII "[ GAMBLING ][ TryGambling ] %s(%s) Try Item : [%s]%d Level:%d op1:%d op2:%d op3:%d ExOp:%d"
0048B9A5 |. FF15 44367407 call dword ptr ds:[7743644] ; GameServ.00404836
0048B9AB |. 83C4 28 add esp,28
0048B9AE |> B0 01 mov al,1
0048B9B0 |> 5F pop edi
0048B9B1 |. 5E pop esi
0048B9B2 |. 5B pop ebx
0048B9B3 |. 8BE5 mov esp,ebp
0048B9B5 |. 5D pop ebp
0048B9B6 \. C2 1400 retn 14
Hex-ray pseudocode:
Code:
char __userpurge sub_48B360<al>(int a1<ecx>, double a2<st0>, int a3, char a4, int a5, int a6, unsigned __int8 a7)
{
unsigned int v8; // edx@4
int v9; // edx@5
signed int v10; // ecx@5
unsigned int v11; // eax@5
signed int v12; // ecx@14
int v13; // ecx@39
int v14; // eax@40
unsigned int v15; // edx@51
unsigned int v16; // eax@61
signed int v17; // ST2C_4@63
int v18; // ST28_4@63
int v19; // eax@63
int v20; // ecx@63
int v21; // edx@63
unsigned int v22; // [sp+54h] [bp-5Ch]@52
int i; // [sp+58h] [bp-58h]@34
unsigned int v24; // [sp+5Ch] [bp-54h]@34
unsigned int v25; // [sp+60h] [bp-50h]@34
signed int v26; // [sp+64h] [bp-4Ch]@28
int v27; // [sp+68h] [bp-48h]@28
int v28; // [sp+6Ch] [bp-44h]@28
signed int v29; // [sp+70h] [bp-40h]@28
unsigned int v30; // [sp+74h] [bp-3Ch]@13
unsigned int v31; // [sp+78h] [bp-38h]@5
int v32; // [sp+7Ch] [bp-34h]@3
int v33; // [sp+80h] [bp-30h]@3
unsigned int v34; // [sp+88h] [bp-28h]@40
signed int v35; // [sp+8Ch] [bp-24h]@3
signed int v36; // [sp+90h] [bp-20h]@3
signed int v37; // [sp+94h] [bp-1Ch]@3
char v38; // [sp+98h] [bp-18h]@3
char v39; // [sp+9Ch] [bp-14h]@3
int v40; // [sp+A0h] [bp-10h]@5
int v41; // [sp+A4h] [bp-Ch]@3
int v42; // [sp+ACh] [bp-4h]@1
v42 = a1;
if ( !*(_DWORD *)(a1 + 4) )
return 0;
v41 = 0;
v39 = 0;
v38 = 0;
v37 = 0;
v36 = 0;
v35 = 0;
v33 = 0;
v32 = 8744 * a3 + dword_7A5502C;
if ( sub_40484A(a1) > 0 )
{
v8 = ((int (*)(void))sub_402D38)() % 0xF4240u;
if ( *(_DWORD *)(v42 + 4 * a7 + 524) < v8 )
{
v29 = 0;
v28 = 0;
v27 = 0;
v26 = 0;
switch ( a7 )
{
case 0u:
v26 = 0;
break;
case 1u:
v26 = 5;
break;
case 2u:
v26 = 10;
break;
case 3u:
v26 = 15;
break;
case 4u:
v26 = 20;
break;
default:
break;
}
v25 = sub_402D38(a7, a7) % 0xF4240u;
v24 = 0;
for ( i = v26; i < v26 + 5; ++i )
{
v24 += *(_DWORD *)(v42 + 20 * i + 24);
if ( v25 <= v24 )
{
v26 = i;
break;
}
}
while ( 1 )
{
v13 = *(_DWORD *)(v42 + 4 * v29 + 612) + v27;
v27 += *(_DWORD *)(v42 + 4 * v29 + 612);
if ( v26 <= v29 )
break;
v28 += *(_DWORD *)(v42 + 4 * v29++ + 612);
}
v34 = v28 + sub_402D38(v13, v26) % (unsigned int)(v27 - v28);
v39 = 0;
v38 = 0;
v40 = (unsigned __int8)sub_403A6C(v34);
v14 = sub_405425(*(_BYTE *)(v42 + 8 * v34 + 716), *(_BYTE *)(v42 + 8 * v34 + 717));
v41 = v14;
if ( v14 == -1 )
return 0;
if ( *(_BYTE *)(v42 + 8 * v34 + 720) )
{
if ( *(_DWORD *)(v42 + 20 * v26 + 8) >= sub_402D38(v42, *(_BYTE *)(v42 + 8 * v34 + 720)) % 0xF4240u )
v37 = 1;
}
if ( *(_BYTE *)(v42 + 8 * v34 + 721) )
{
if ( *(_DWORD *)(v42 + 20 * v26 + 12) >= sub_402D38(v34, v42) % 0xF4240u )
v36 = 1;
}
if ( *(_BYTE *)(v42 + 8 * v34 + 722) )
{
v15 = sub_402D38(v34, v42) % 0xF4240u;
if ( *(_DWORD *)(v42 + 20 * v26 + 16) >= v15 )
{
v22 = sub_402D38(1000000, v15) % 0xF4240u;
if ( (signed int)v22 > *(_DWORD *)(v42 + 508) )
{
if ( (signed int)v22 > *(_DWORD *)(v42 + 512) + *(_DWORD *)(v42 + 508) )
{
if ( (signed int)v22 > *(_DWORD *)(v42 + 516) + *(_DWORD *)(v42 + 512) + *(_DWORD *)(v42 + 508) )
{
if ( (signed int)v22 <= *(_DWORD *)(v42 + 520)
+ *(_DWORD *)(v42 + 516)
+ *(_DWORD *)(v42 + 512)
+ *(_DWORD *)(v42 + 508) )
v35 = 4;
}
else
{
v35 = 3;
}
}
else
{
v35 = 2;
}
}
else
{
v35 = 1;
}
}
}
v12 = *(_BYTE *)(v42 + 8 * v34 + 723);
if ( *(_BYTE *)(v42 + 8 * v34 + 723) )
{
v16 = sub_402D38(v12, v34);
v12 = 1000000;
if ( *(_DWORD *)(v42 + 20 * v26 + 20) >= v16 % 0xF4240 )
{
v33 = sub_406AD7(v42) & 0xFF;
v36 = 0;
v37 = 1;
v40 = 0;
}
}
}
else
{
v40 = 0;
v37 = 1;
v36 = 0;
v11 = sub_402D38(1000000, v8);
v10 = 1000000;
v31 = v11 % 0xF4240;
v9 = v42;
if ( v11 % 0xF4240 > *(_DWORD *)(v42 + 508) )
{
v10 = v42;
v9 = *(_DWORD *)(v42 + 512) + *(_DWORD *)(v42 + 508);
if ( v31 > v9 )
{
v10 = v42;
v9 = *(_DWORD *)(v42 + 516) + *(_DWORD *)(v42 + 512) + *(_DWORD *)(v42 + 508);
if ( v31 > v9 )
{
v9 = v42;
v10 = v42;
if ( v31 <= *(_DWORD *)(v42 + 520)
+ *(_DWORD *)(v42 + 516)
+ *(_DWORD *)(v42 + 512)
+ *(_DWORD *)(v42 + 508) )
v35 = 4;
}
else
{
v35 = 3;
}
}
else
{
v35 = 2;
}
}
else
{
v35 = 1;
}
v30 = sub_402D38(v10, v9) % 0xF4240u;
if ( v30 > *(_DWORD *)(v42 + 544) )
{
if ( v30 > *(_DWORD *)(v42 + 548) + *(_DWORD *)(v42 + 544) )
{
if ( v30 > *(_DWORD *)(v42 + 552) + *(_DWORD *)(v42 + 548) + *(_DWORD *)(v42 + 544) )
{
v12 = v42;
if ( v30 <= *(_DWORD *)(v42 + 556)
+ *(_DWORD *)(v42 + 552)
+ *(_DWORD *)(v42 + 548)
+ *(_DWORD *)(v42 + 544) )
v33 = (unsigned __int8)sub_405461(4);
}
else
{
v33 = (unsigned __int8)sub_405461(3);
}
}
else
{
v33 = (unsigned __int8)sub_405461(2);
}
}
else
{
v33 = (unsigned __int8)sub_405461(1);
}
switch ( a7 )
{
case 0u:
v41 = sub_405425(3, 11);
break;
case 1u:
v41 = sub_405425(5, 33);
break;
case 2u:
v41 = sub_405425(4, 24);
break;
case 3u:
v41 = sub_405425(2, 18);
break;
case 4u:
v41 = sub_405425(5, 34);
break;
default:
break;
}
}
LOBYTE(v12) = v33;
v17 = v12;
v18 = *(_DWORD *)v32;
v19 = sub_616F0C(a2);
LOBYTE(v20) = v40;
v21 = v41;
LOBYTE(v21) = a4;
sub_407004(*(_DWORD *)v32, v21, v39, v38, v41, v20, v19, v37, v36, v35, v18, v17, 0);
((void (*)(const char *, ...))dword_7743644)(
"[ GAMBLING ][ TryGambling ] %s(%s) Try Item : [%s]%d Level:%d op1:%d op2:%d op3:%d ExOp:%d",
v32 + 108,
v32 + 119,
(char *)&unk_7B135C0 + 112 * v41,
v41,
v40,
v37,
v36,
v35,
v33);
}
return 1;
}
That function generate the moss item with random options.
Re: Moss Merchant for 1.00.90
Quote:
Originally Posted by
rodrigobmg
That function generate the moss item with random options.
Yeah, so that is not only the eventbag functions and maybe it's fully working.
It is possible to make a pointer to Class like we do with the functions ?
Code:
#define gObjSetMonster ((int(*)(int aIndex, int MonsterClass)) 0x00506CA0)
Maybe someone wants to share...
