|
新壳测试
螳螂=Vcasm 吧?? |
|
OllyDbg插件发布 - Ultra String Reference
谢谢,不错的工具,希望改进可以使其更好的支持菜单等的字符,同时希望优化一个显示格式:) Ultra String Reference Address Disassembly Text String 00401964 PUSH LCCRYPTO.004014A2 FreeLibraryExitProcessGetModuleHandleAGetMessageATranslateMessageDispatchMessageAGetSystemMetricsPostMessageASendMessageAShowWindowUpdateWindowLoadCursorAPostQuitMessageMessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocusGetWindowLongASetWindow 00401975 PUSH LCCRYPTO.004014BA GetModuleHandleAGetMessageATranslateMessageDispatchMessageAGetSystemMetricsPostMessageASendMessageAShowWindowUpdateWindowLoadCursorAPostQuitMessageMessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocusGetWindowLongASetWindowLongAGetDlgItemTextAGe 00401986 PUSH LCCRYPTO.004014AE ExitProcessGetModuleHandleAGetMessageATranslateMessageDispatchMessageAGetSystemMetricsPostMessageASendMessageAShowWindowUpdateWindowLoadCursorAPostQuitMessageMessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocusGetWindowLongASetWindowLongAGetDlg 00401997 PUSH LCCRYPTO.00401495 LoadLibraryAFreeLibraryExitProcessGetModuleHandleAGetMessageATranslateMessageDispatchMessageAGetSystemMetricsPostMessageASendMessageAShowWindowUpdateWindowLoadCursorAPostQuitMessageMessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocusGetWindowLo 004019A8 PUSH LCCRYPTO.00401488 user32gdi32LoadLibraryAFreeLibraryExitProcessGetModuleHandleAGetMessageATranslateMessageDispatchMessageAGetSystemMetricsPostMessageASendMessageAShowWindowUpdateWindowLoadCursorAPostQuitMessageMessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocus 004019B4 PUSH LCCRYPTO.004014CB GetMessageATranslateMessageDispatchMessageAGetSystemMetricsPostMessageASendMessageAShowWindowUpdateWindowLoadCursorAPostQuitMessageMessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocusGetWindowLongASetWindowLongAGetDlgItemTextAGetSystemMenuAppen 004019C5 PUSH LCCRYPTO.004014D7 TranslateMessageDispatchMessageAGetSystemMetricsPostMessageASendMessageAShowWindowUpdateWindowLoadCursorAPostQuitMessageMessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocusGetWindowLongASetWindowLongAGetDlgItemTextAGetSystemMenuAppendMenuAIsDia 004019DB PUSH LCCRYPTO.004014E8 DispatchMessageAGetSystemMetricsPostMessageASendMessageAShowWindowUpdateWindowLoadCursorAPostQuitMessageMessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocusGetWindowLongASetWindowLongAGetDlgItemTextAGetSystemMenuAppendMenuAIsDialogMessageGetDlg 004019F1 PUSH LCCRYPTO.004014F9 GetSystemMetricsPostMessageASendMessageAShowWindowUpdateWindowLoadCursorAPostQuitMessageMessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocusGetWindowLongASetWindowLongAGetDlgItemTextAGetSystemMenuAppendMenuAIsDialogMessageGetDlgItemwsprintfASet 00401A07 PUSH LCCRYPTO.0040150A PostMessageASendMessageAShowWindowUpdateWindowLoadCursorAPostQuitMessageMessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocusGetWindowLongASetWindowLongAGetDlgItemTextAGetSystemMenuAppendMenuAIsDialogMessageGetDlgItemwsprintfASetWindowTextACreat 00401A1D PUSH LCCRYPTO.00401517 SendMessageAShowWindowUpdateWindowLoadCursorAPostQuitMessageMessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocusGetWindowLongASetWindowLongAGetDlgItemTextAGetSystemMenuAppendMenuAIsDialogMessageGetDlgItemwsprintfASetWindowTextACreateFontIndirec 00401A33 PUSH LCCRYPTO.00401524 ShowWindowUpdateWindowLoadCursorAPostQuitMessageMessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocusGetWindowLongASetWindowLongAGetDlgItemTextAGetSystemMenuAppendMenuAIsDialogMessageGetDlgItemwsprintfASetWindowTextACreateFontIndirectADeleteObje 00401A49 PUSH LCCRYPTO.0040152F UpdateWindowLoadCursorAPostQuitMessageMessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocusGetWindowLongASetWindowLongAGetDlgItemTextAGetSystemMenuAppendMenuAIsDialogMessageGetDlgItemwsprintfASetWindowTextACreateFontIndirectADeleteObject\r 00401A5F PUSH LCCRYPTO.0040153C LoadCursorAPostQuitMessageMessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocusGetWindowLongASetWindowLongAGetDlgItemTextAGetSystemMenuAppendMenuAIsDialogMessageGetDlgItemwsprintfASetWindowTextACreateFontIndirectADeleteObject\r 00401A75 PUSH LCCRYPTO.00401548 PostQuitMessageMessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocusGetWindowLongASetWindowLongAGetDlgItemTextAGetSystemMenuAppendMenuAIsDialogMessageGetDlgItemwsprintfASetWindowTextACreateFontIndirectADeleteObject\r 00401A8B PUSH LCCRYPTO.00401558 MessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocusGetWindowLongASetWindowLongAGetDlgItemTextAGetSystemMenuAppendMenuAIsDialogMessageGetDlgItemwsprintfASetWindowTextACreateFontIndirectADeleteObject\r 00401AA1 PUSH LCCRYPTO.00401564 RegisterClassExACreateWindowExADefWindowProcASetFocusGetWindowLongASetWindowLongAGetDlgItemTextAGetSystemMenuAppendMenuAIsDialogMessageGetDlgItemwsprintfASetWindowTextACreateFontIndirectADeleteObject\r 00401AB7 PUSH LCCRYPTO.00401575 CreateWindowExADefWindowProcASetFocusGetWindowLongASetWindowLongAGetDlgItemTextAGetSystemMenuAppendMenuAIsDialogMessageGetDlgItemwsprintfASetWindowTextACreateFontIndirectADeleteObject\r 00401ACD PUSH LCCRYPTO.00401585 DefWindowProcASetFocusGetWindowLongASetWindowLongAGetDlgItemTextAGetSystemMenuAppendMenuAIsDialogMessageGetDlgItemwsprintfASetWindowTextACreateFontIndirectADeleteObject\r 00401AE3 PUSH LCCRYPTO.00401594 SetFocusGetWindowLongASetWindowLongAGetDlgItemTextAGetSystemMenuAppendMenuAIsDialogMessageGetDlgItemwsprintfASetWindowTextACreateFontIndirectADeleteObject\r 00401AF9 PUSH LCCRYPTO.0040159D GetWindowLongASetWindowLongAGetDlgItemTextAGetSystemMenuAppendMenuAIsDialogMessageGetDlgItemwsprintfASetWindowTextACreateFontIndirectADeleteObject\r 00401B0F PUSH LCCRYPTO.004015AC SetWindowLongAGetDlgItemTextAGetSystemMenuAppendMenuAIsDialogMessageGetDlgItemwsprintfASetWindowTextACreateFontIndirectADeleteObject\r 00401B25 PUSH LCCRYPTO.004015BB GetDlgItemTextAGetSystemMenuAppendMenuAIsDialogMessageGetDlgItemwsprintfASetWindowTextACreateFontIndirectADeleteObject\r 00401B3B PUSH LCCRYPTO.004015CB GetSystemMenuAppendMenuAIsDialogMessageGetDlgItemwsprintfASetWindowTextACreateFontIndirectADeleteObject\r 00401B51 PUSH LCCRYPTO.004015D9 AppendMenuAIsDialogMessageGetDlgItemwsprintfASetWindowTextACreateFontIndirectADeleteObject\r 00401B67 PUSH LCCRYPTO.004015E5 IsDialogMessageGetDlgItemwsprintfASetWindowTextACreateFontIndirectADeleteObject\r 00401B7D PUSH LCCRYPTO.004015F5 GetDlgItemwsprintfASetWindowTextACreateFontIndirectADeleteObject\r 00401B93 PUSH LCCRYPTO.00401600 wsprintfASetWindowTextACreateFontIndirectADeleteObject\r 00401BA9 PUSH LCCRYPTO.0040160A SetWindowTextACreateFontIndirectADeleteObject\r 00401BBF PUSH LCCRYPTO.0040148F gdi32LoadLibraryAFreeLibraryExitProcessGetModuleHandleAGetMessageATranslateMessageDispatchMessageAGetSystemMetricsPostMessageASendMessageAShowWindowUpdateWindowLoadCursorAPostQuitMessageMessageBoxARegisterClassExACreateWindowExADefWindowProcASetFocusGetWin 00401BCF PUSH LCCRYPTO.00401619 CreateFontIndirectADeleteObject\r 00401BE0 PUSH LCCRYPTO.0040162D DeleteObject\r 00401D54 PUSH LCCRYPTO.0040163A \r 00401D70 PUSH LCCRYPTO.0040175E --= 您还剩下 %d 次机会 =-- 00401F3D PUSH LCCRYPTO.00401745 密码不正确,请重新输入!--= 您还剩下 %d 次机会 =-- 00401F82 PUSH LCCRYPTO.0040175E --= 您还剩下 %d 次机会 =-- 0040204C PUSH LCCRYPTO.0040288F (Initial CPU selection) 00402091 PUSH LCCRYPTO.00404000 LC_DIALOGLC Crypto :: v0.1 by LC&About LC Crypto...Executables (*.exe)*.exe 00402108 PUSH LCCRYPTO.00404022 &About LC Crypto...Executables (*.exe)*.exe 004021C8 MOV DWORD PTR DS:[404258],LCCRYPTO.00404 Executables (*.exe)*.exe 004023DF PUSH LCCRYPTO.0040400A LC Crypto :: v0.1 by LC&About LC Crypto...Executables (*.exe)*.exe 0040243A PUSH LCCRYPTO.0040400A LC Crypto :: v0.1 by LC&About LC Crypto...Executables (*.exe)*.exe 00402486 PUSH LCCRYPTO.0040400A LC Crypto :: v0.1 by LC&About LC Crypto...Executables (*.exe)*.exe 0040250D PUSH LCCRYPTO.0040400A LC Crypto :: v0.1 by LC&About LC Crypto...Executables (*.exe)*.exe 00402569 PUSH LCCRYPTO.0040400A LC Crypto :: v0.1 by LC&About LC Crypto...Executables (*.exe)*.exe 004025C2 PUSH LCCRYPTO.0040400A LC Crypto :: v0.1 by LC&About LC Crypto...Executables (*.exe)*.exe 004025C7 PUSH LCCRYPTO.00403134 您忘记了?文件已被加密过啦……加密成功完成!请记住您的密码! 004027B5 PUSH LCCRYPTO.0040400A LC Crypto :: v0.1 by LC&About LC Crypto...Executables (*.exe)*.exe 004027BA PUSH LCCRYPTO.00403153 加密成功完成!请记住您的密码! 00402817 PUSH LCCRYPTO.0040405D Error at %08Xh\r\nRegisters:\r\neax = %08Xh ebx = %08Xh ecx = %08Xh\r\nedx = %08Xh esp = %08Xh ebp = %08Xh\r\nesi = %08Xh edi = %08Xh\r\n\r\nRecovering...Error at %08Xh\r\nQuitting... 0040282B PUSH LCCRYPTO.00404057 ErrorError at %08Xh\r\nRegisters:\r\neax = %08Xh ebx = %08Xh ecx = %08Xh\r\nedx = %08Xh esp = %08Xh ebp = %08Xh\r\nesi = %08Xh edi = %08Xh\r\n\r\nRecovering...Error at %08Xh\r\nQuitting... 00402898 PUSH LCCRYPTO.004040EC Error at %08Xh\r\nQuitting... 004028AC PUSH LCCRYPTO.00404057 ErrorError at %08Xh\r\nRegisters:\r\neax = %08Xh ebx = %08Xh ecx = %08Xh\r\nedx = %08Xh esp = %08Xh ebp = %08Xh\r\nesi = %08Xh edi = %08Xh\r\n\r\nRecovering...Error at %08Xh\r\nQuitting... ************ Address Disassembly Text string 00401964 PUSH LCCRYPTO.004014A2 ASCII "FreeLibrary" 00401975 PUSH LCCRYPTO.004014BA ASCII "GetModuleHandleA" 00401986 PUSH LCCRYPTO.004014AE ASCII "ExitProcess" 00401997 PUSH LCCRYPTO.00401495 ASCII "LoadLibraryA" 004019A8 PUSH LCCRYPTO.00401488 ASCII "user32" 004019B4 PUSH LCCRYPTO.004014CB ASCII "GetMessageA" 004019C5 PUSH LCCRYPTO.004014D7 ASCII "TranslateMessage" 004019DB PUSH LCCRYPTO.004014E8 ASCII "DispatchMessageA" 004019F1 PUSH LCCRYPTO.004014F9 ASCII "GetSystemMetrics" 00401A07 PUSH LCCRYPTO.0040150A ASCII "PostMessageA" 00401A1D PUSH LCCRYPTO.00401517 ASCII "SendMessageA" 00401A33 PUSH LCCRYPTO.00401524 ASCII "ShowWindow" 00401A49 PUSH LCCRYPTO.0040152F ASCII "UpdateWindow" 00401A5F PUSH LCCRYPTO.0040153C ASCII "LoadCursorA" 00401A75 PUSH LCCRYPTO.00401548 ASCII "PostQuitMessage" 00401A8B PUSH LCCRYPTO.00401558 ASCII "MessageBoxA" 00401AA1 PUSH LCCRYPTO.00401564 ASCII "RegisterClassExA" 00401AB7 PUSH LCCRYPTO.00401575 ASCII "CreateWindowExA" 00401ACD PUSH LCCRYPTO.00401585 ASCII "DefWindowProcA" 00401AE3 PUSH LCCRYPTO.00401594 ASCII "SetFocus" 00401AF9 PUSH LCCRYPTO.0040159D ASCII "GetWindowLongA" 00401B0F PUSH LCCRYPTO.004015AC ASCII "SetWindowLongA" 00401B25 PUSH LCCRYPTO.004015BB ASCII "GetDlgItemTextA" 00401B3B PUSH LCCRYPTO.004015CB ASCII "GetSystemMenu" 00401B51 PUSH LCCRYPTO.004015D9 ASCII "AppendMenuA" 00401B67 PUSH LCCRYPTO.004015E5 ASCII "IsDialogMessage" 00401B7D PUSH LCCRYPTO.004015F5 ASCII "GetDlgItem" 00401B93 PUSH LCCRYPTO.00401600 ASCII "wsprintfA" 00401BA9 PUSH LCCRYPTO.0040160A ASCII "SetWindowTextA" 00401BBF PUSH LCCRYPTO.0040148F ASCII "gdi32" 00401BCF PUSH LCCRYPTO.00401619 ASCII "CreateFontIndirectA" 00401BE0 PUSH LCCRYPTO.0040162D ASCII "DeleteObject" 00401C85 PUSH LCCRYPTO.00401681 ASCII "LC Crypto :: v0.1 by LC" 00401C8A PUSH LCCRYPTO.00401676 ASCII "LCCrypto32" 00401D34 PUSH LCCRYPTO.00401699 ASCII "&About LC Crypto..." 00401D70 PUSH LCCRYPTO.0040175E ASCII "--= 您还剩下 %d 次机会 =--" 00401DA8 PUSH LCCRYPTO.00401721 ASCII "Static" 00401DE5 PUSH LCCRYPTO.0040172F ASCII "请输入密码:" 00401DEA PUSH LCCRYPTO.00401721 ASCII "Static" 00401E27 PUSH LCCRYPTO.0040171C ASCII "Edit" 00401E87 PUSH LCCRYPTO.0040173C ASCII "确定(&O)" 00401E8C PUSH LCCRYPTO.00401728 ASCII "Button" 00401F38 PUSH LCCRYPTO.00401681 ASCII "LC Crypto :: v0.1 by LC" 00401F82 PUSH LCCRYPTO.0040175E ASCII "--= 您还剩下 %d 次机会 =--" 00401FBC PUSH LCCRYPTO.00401681 ASCII "LC Crypto :: v0.1 by LC" 00401FC1 PUSH LCCRYPTO.004016AD ASCII "【 LC Crypto 】 Version: 0.1 作者:罗聪 E-Mail: [email]lcother@163.net[/email] 老罗的缤纷天地 http://www.LuoCong.com" 0040204C PUSH LCCRYPTO.0040288F (Initial CPU selection) 00402091 PUSH LCCRYPTO.00404000 ASCII "LC_DIALOG" 00402108 PUSH LCCRYPTO.00404022 ASCII "&About LC Crypto..." 004021C8 MOV DWORD PTR DS:[404258],LCCRYPTO.00404 ASCII "Executables (*.exe)" 004022DE PUSH LCCRYPTO.0040308D ASCII "http://www.luocong.com" 004022E3 PUSH LCCRYPTO.00403088 ASCII "open" 004022FF PUSH LCCRYPTO.004030A9 ASCII "help.chm" 00402304 PUSH LCCRYPTO.004030A4 ASCII "open" 004023DF PUSH LCCRYPTO.0040400A ASCII "LC Crypto :: v0.1 by LC" 0040243A PUSH LCCRYPTO.0040400A ASCII "LC Crypto :: v0.1 by LC" 0040243F PUSH LCCRYPTO.004030C1 ASCII "请先输入密码!" 00402486 PUSH LCCRYPTO.0040400A ASCII "LC Crypto :: v0.1 by LC" 0040248B PUSH LCCRYPTO.004030D0 ASCII "两次输入的密码不符,请检查您的输入!" 004024CB PUSH LCCRYPTO.004030F5 ASCII ".bak" 0040250D PUSH LCCRYPTO.0040400A ASCII "LC Crypto :: v0.1 by LC" 00402569 PUSH LCCRYPTO.0040400A ASCII "LC Crypto :: v0.1 by LC" 004025B2 PUSH LCCRYPTO.00403130 ASCII ".LC" 004025C2 PUSH LCCRYPTO.0040400A ASCII "LC Crypto :: v0.1 by LC" 004027B5 PUSH LCCRYPTO.0040400A ASCII "LC Crypto :: v0.1 by LC" 004027BA PUSH LCCRYPTO.00403153 ASCII "加密成功完成!请记住您的密码!" 00402817 PUSH LCCRYPTO.0040405D ASCII "Error at %08Xh Registers: eax = %08Xh ebx = %08Xh ecx = %08Xh edx = %08Xh esp = %08Xh ebp = %08Xh esi = %08Xh edi = %08Xh Recovering..." 0040282B PUSH LCCRYPTO.00404057 ASCII "Error" 00402898 PUSH LCCRYPTO.004040EC ASCII "Error at %08Xh Quitting..." 004028AC PUSH LCCRYPTO.00404057 ASCII "Error" |
|
[7.7更新] UPX ShellExt v1.0 RC6
最初由 forgot 发布 没放东西,只有一个界面,嘿嘿.... http://broken.533.net/ |
|
[7.7更新] UPX ShellExt v1.0 RC6
;DLLloader ;A simple utility to allow disassembling of DLLs with OllyDbg ;by Qweerdy .586 .model flat,stdcall option casemap:none include windows.inc include kernel32.inc include user32.inc includelib kernel32.lib includelib user32.lib .code ; --------------------------------------------------------------------------- start: invoke GetCommandLine mov esi,eax lodsb .if al=='"' @@: lodsb cmp al,0 je Err1 cmp al,'"' jne @B lodsb .endif .if al==" " @@: lodsb cmp al,0 je Err1 cmp al," " je @B .endif mov edi,esi .if al=='"' inc edi @@: lodsb cmp al,0 je Err1 cmp al,'"' jne @B mov byte ptr [esi-1],0 .endif dec edi cmp byte ptr [edi],0 je Err1 invoke LoadLibraryEx,edi,0,DONT_RESOLVE_DLL_REFERENCES int 3 Die: invoke ExitProcess,0 szErr1 db "Invalid arguments.",13,10,"You must pass the dll to load as a command line argument!",0 szErr2 db "Failed to load DLL. Please check the filename.",13,10,"Also, Windows Me / 9x don't support DONT_RESOLVE_DLL_REFERENCES flag.",0 Err1: invoke MessageBox,0,addr szErr1,0,MB_OK jmp Die Err2: invoke MessageBox,0,addr szErr2,0,MB_OK jmp Die end start |
|
征求一下意见
最只要的是要有较强的随机性和多种编码形式。 |
|
|
|
用进程注入来实现一个壳
up! |
|
|
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值