|
[求助]用WriteProcessMemory写入内存为何失败?
没有人能解决吗? |
|
[求助]VB如何终止某一进程中的线程?
已解决,谢谢大家 |
|
[求助]如何获取timer的列表?
中断跟终程序,发现有5个timer在同时运行,但都调用call 00455158 004CDB37 E81C76F8FF call 00455158 00455158 /$ 3A50 38 CMP DL,BYTE PTR DS:[EAX+38] 0045515B |. 74 08 JE SHORT un_autox.00455165 0045515D |. 8850 38 MOV BYTE PTR DS:[EAX+38],DL 00455160 |. E8 67FFFFFF CALL un_autox.004550CC 004550CC /$ 55 PUSH EBP 004550CD |. 8BEC MOV EBP,ESP 004550CF |. 6A 00 PUSH 0 004550D1 |. 53 PUSH EBX 004550D2 |. 56 PUSH ESI 004550D3 |. 8BD8 MOV EBX,EAX 004550D5 |. 33C0 XOR EAX,EAX 004550D7 |. 55 PUSH EBP 004550D8 |. 68 4B514500 PUSH un_autox.0045514B 004550DD |. 64:FF30 PUSH DWORD PTR FS:[EAX] 004550E0 |. 64:8920 MOV DWORD PTR FS:[EAX],ESP 004550E3 |. 6A 01 PUSH 1 ; /TimerID = 1 004550E5 |. 8B43 28 MOV EAX,DWORD PTR DS:[EBX+28] ; | 004550E8 |. 50 PUSH EAX ; |hWnd 004550E9 |. E8 A223FBFF CALL <JMP.&user32.KillTimer> ; \KillTimer 004550EE |. 8B73 24 MOV ESI,DWORD PTR DS:[EBX+24] 004550F1 |. 85F6 TEST ESI,ESI 004550F3 |. 74 40 JE SHORT un_autox.00455135 004550F5 |. 807B 38 00 CMP BYTE PTR DS:[EBX+38],0 004550F9 |. 74 3A JE SHORT un_autox.00455135 004550FB |. 66:837B 32 00 CMP WORD PTR DS:[EBX+32],0 00455100 |. 74 33 JE SHORT un_autox.00455135 00455102 |. 6A 00 PUSH 0 ; /Timerproc = NULL 00455104 |. 56 PUSH ESI ; |Timeout 00455105 |. 6A 01 PUSH 1 ; |TimerID = 1 00455107 |. 8B43 28 MOV EAX,DWORD PTR DS:[EBX+28] ; | 0045510A |. 50 PUSH EAX ; |hWnd 0045510B |. E8 D824FBFF CALL <JMP.&user32.SetTimer> ; \SetTimer 00455110 |. 85C0 TEST EAX,EAX 00455112 |. 75 21 JNZ SHORT un_autox.00455135 00455114 |. 8D55 FC LEA EDX,DWORD PTR SS:[EBP-4] 00455117 |. A1 CC254E00 MOV EAX,DWORD PTR DS:[4E25CC] 0045511C |. E8 0F0BFBFF CALL un_autox.00405C30 00455121 |. 8B4D FC MOV ECX,DWORD PTR SS:[EBP-4] 00455124 |. B2 01 MOV DL,1 00455126 |. A1 E4F54000 MOV EAX,DWORD PTR DS:[40F5E4] 0045512B |. E8 3C6CFBFF CALL un_autox.0040BD6C 00455130 |. E8 6BE5FAFF CALL un_autox.004036A0 00455135 |> 33C0 XOR EAX,EAX 00455137 |. 5A POP EDX 00455138 |. 59 POP ECX 00455139 |. 59 POP ECX 0045513A |. 64:8910 MOV DWORD PTR FS:[EAX],EDX 0045513D |. 68 52514500 PUSH un_autox.00455152 00455142 |> 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4] 00455145 |. E8 A2EAFAFF CALL un_autox.00403BEC 0045514A \. C3 RETN 00455165 \> C3 RETN 004CDB3C 8B154C254E00 mov edx, [$004E254C] ..................... 如何看5个timer的id数值?为何先killtimer,再settimer? |
|
[求助]VB如何终止某一进程中的线程?
PostThreadMessage()的4个参数如何设置?如何判断是否有消息循环? |
|
[求助]OllyDBG 跟踪遇到 int 2b 如何再跟下去?
77D194A4 - 8b 44 24 04 - mov eax,[esp+04] 77D194A8 - cd 2b - int 2b 走到int 0x2b这条指令后,打开OD的内存镜像窗口列表如下, 用哪个地址上按F2下断点 内存映射 地址 大小 属主 区段 包含 类型 访问 初始访问 已映射为 00010000 00001000 Priv RW RW 00020000 00001000 Priv RW RW 00123000 00001000 Priv RW 保护 RW 00124000 0000C000 堆栈 于 主线 Priv RW 保护 RW 00130000 00003000 Map R R 00140000 0006C000 Priv RW RW 001AE000 00014000 Priv RW RW 001C7000 00001000 Priv RW RW 00240000 00006000 Priv RW RW 00250000 00003000 Map RW RW 00260000 00016000 Map R R \Device\HarddiskVolume1\WINDOWS\system32\unicode.nls 00280000 00041000 Map R R \Device\HarddiskVolume1\WINDOWS\system32\locale.nls 002D0000 00041000 Map R R \Device\HarddiskVolume1\WINDOWS\system32\sortkey.nls 00320000 00006000 Map R R \Device\HarddiskVolume1\WINDOWS\system32\sorttbls.nls 00330000 00041000 Map R R 00380000 00008000 Priv RW RW 00390000 00001000 Priv RW RW 003A0000 00001000 Priv RW RW 003B0000 00001000 Map R R 003C0000 00004000 Priv RW RW 003D0000 00003000 Map R R \Device\HarddiskVolume1\WINDOWS\system32\ctype.nls 003E0000 00001000 Map R R 003F0000 00004000 Priv RW RW 00400000 00001000 un_autox PE 文件头 Imag R RWE 00401000 00109000 un_autox 代码 Imag R RWE 0050A000 00010000 un_autox .rsrc 数据,资源 Imag R RWE 0051A000 00001000 un_autox .idata Imag R RWE 0051B000 00189000 un_autox WinLicen Imag R RWE 006A4000 00003000 un_autox .idata 输入表 Imag R RWE 006B0000 00006000 Map R E R E 00770000 00002000 Map R E R E 00780000 00103000 Map R R 00890000 0007A000 Map R E R E 00B90000 00001000 Map R R 00BA0000 00004000 Priv RW RW 00BB0000 00001000 Map R R 00BC0000 00010000 Priv RW RW 00BD0000 00004000 Priv RW RW 00BE0000 00003000 Priv RW RW 00BF0000 00002000 Map R R 00C00000 00001000 Priv RWE RWE 00C10000 00002000 Map R R 00C20000 00050000 Map R R 00C70000 00001000 Map RW RW 00C80000 00002000 Map R R 00C90000 00001000 Priv RW RW 00D10000 00054000 Priv RW 00E10000 00010000 Map RW RW 00E50000 0000E000 Map RW RW 00E60000 000A7000 Priv RW RW 00F60000 00001000 Priv RW RW 00F70000 00001000 Priv RW RW 00F80000 00001000 Priv RW RW 00F90000 00011000 Map R R \Device\HarddiskVolume1\WINDOWS\system32\c_1252.nls 00FB0000 00001000 Priv RW 00FC0000 00002000 Map R R 00FD0000 00002000 Map R R 00FE0000 00048000 Map RW RW \Device\HarddiskVolume1\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat 01030000 00038000 Map RW RW \Device\HarddiskVolume1\Documents and Settings\Administrator\Cookies\INDEX.DAT 01070000 00002000 Map R R 01080000 00100000 Priv RW RW 01180000 000A4000 Map RW RW \Device\HarddiskVolume1\Documents and Settings\Administrator\Local Settings\History\History.IE5\INDEX.DAT 01230000 00004000 Priv RW RW 01240000 00001000 Map R R 01250000 00001000 Map RW RW 01260000 00001000 Priv RW RW 01270000 00002000 Map R R 01280000 00001000 Priv RW RW 01290000 00001000 Priv RW RW 012A0000 00001000 Priv RW RW 012B0000 0000C000 Priv RW RW 012C0000 00001000 Priv RW RW 012D0000 00002000 Map R R 012E0000 00002000 Map R R 012F0000 00001000 xpsp2res PE 文件头 Imag R RWE 012F1000 00548000 xpsp2res .rsrc 数据,资源 Imag R RWE 0193B000 00001000 Priv RW 保护 RW 0193C000 00004000 堆栈 于 线程 Priv RW 保护 RW 01A3B000 00001000 Priv RW 保护 RW 01A3C000 00004000 堆栈 于 线程 Priv RW 保护 RW 01B38000 00001000 Priv RW 保护 RW 01B39000 00007000 堆栈 于 线程 Priv RW 保护 RW 01B40000 00007000 Map RW RW 01BC0000 00001000 Priv RW RW 01BD0000 00001000 Priv RW RW 01BE0000 00001000 Priv RW RW 01BF0000 00001000 Priv RW RW 01C00000 00001000 Priv RW RW 01C10000 00001000 Priv RW RW 01C20000 00001000 Priv RW RW 01C30000 00001000 Priv RW RW 01C40000 00001000 Priv RW RW 01C50000 00001000 Priv RW RW 01C60000 00001000 Priv RW RW 01C70000 00006000 Priv RW RW 01E6B000 00001000 Priv RW 保护 RW 01E6C000 00004000 堆栈 于 线程 Priv RW 保护 RW 01F6B000 00001000 Priv RW 保护 RW 01F6C000 00004000 堆栈 于 线程 Priv RW 保护 RW 01F70000 00010000 Priv RW RW 02370000 00008000 Map RW RW \Device\HarddiskVolume1\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012009011920090120\index.dat 02380000 00002000 Map R R 02390000 00001000 Priv RW RW 024AB000 00001000 Priv RW 保护 RW 024AC000 00004000 堆栈 于 线程 Priv RW 保护 RW 024BE000 00001000 Priv RW 保护 RW 024BF000 00001000 堆栈 于 线程 Priv RW 保护 RW 024C0000 00001000 Priv RWE RWE 024D0000 00001000 Priv RWE RWE 5ADC0000 00001000 uxtheme PE 文件头 Imag R RWE 5ADC1000 00030000 uxtheme .text 代码,输入表, Imag R RWE 5ADF1000 00001000 uxtheme .data 数据 Imag R RWE 5ADF2000 00003000 uxtheme .rsrc 资源 Imag R RWE 5ADF5000 00002000 uxtheme .reloc 重定位 Imag R RWE 5D170000 00001000 comctl32 PE 文件头 Imag R RWE 5D171000 00071000 comctl32 .text 代码,输入表, Imag R RWE 5D1E2000 00003000 comctl32 .data 数据 Imag R RWE 5D1E5000 00020000 comctl32 .rsrc 资源 Imag R RWE 5D205000 00005000 comctl32 .reloc 重定位 Imag R RWE 5EFE0000 00001000 olepro32 PE 文件头 Imag R RWE 5EFE1000 00010000 olepro32 .text 代码,输入表, Imag R RWE 5EFF1000 00001000 olepro32 .data 数据 Imag R RWE 5EFF2000 00004000 olepro32 .rsrc 资源 Imag R RWE 5EFF6000 00001000 olepro32 .reloc 重定位 Imag R RWE 5FDD0000 00001000 NETAPI32 PE 文件头 Imag R RWE 5FDD1000 0004D000 NETAPI32 .text 代码,输入表, Imag R RWE 5FE1E000 00003000 NETAPI32 .data 数据 Imag R RWE 5FE21000 00001000 NETAPI32 .rsrc 资源 Imag R RWE 5FE22000 00003000 NETAPI32 .reloc 重定位 Imag R RWE 60FD0000 00001000 hnetcfg PE 文件头 Imag R RWE 60FD1000 0003F000 hnetcfg .text 代码,输入表, Imag R RWE 61010000 00001000 hnetcfg .orpc Imag R RWE 61011000 00001000 hnetcfg .data 数据 Imag R RWE 61012000 0000E000 hnetcfg .rsrc 资源 Imag R RWE 61020000 00005000 hnetcfg .reloc 重定位 Imag R RWE 62C20000 00001000 LPK PE 文件头 Imag R RWE 62C21000 00005000 LPK .text 代码,输入表, Imag R RWE 62C26000 00001000 LPK .data 数据 Imag R RWE 62C27000 00001000 LPK .rsrc 资源 Imag R RWE 62C28000 00001000 LPK .reloc 重定位 Imag R RWE 68000000 00001000 rsaenh PE 文件头 Imag R RWE 68001000 0002E000 rsaenh .text 代码,输入表, Imag R RWE 6802F000 00004000 rsaenh .data 数据 Imag R RWE 68033000 00001000 rsaenh .rsrc 资源 Imag R RWE 68034000 00002000 rsaenh .reloc 重定位 Imag R RWE 6D020000 00001000 adialhk PE 文件头 Imag R RWE 6D021000 0000B000 adialhk .text 代码 Imag R RWE 6D02C000 00003000 adialhk .rdata 输入表,输出 |
|
[求助]如何修改汇编语句,并将其编译成exe文件?
OllyDBG右键后, 怎么没有看到"复制到可执行文件", 你们用的OllyDBG版本是多少? |
|
[求助]如何修改汇编语句,并将其编译成exe文件?
用什么软件可以实现? |
|
[求助]OllyDBG 跟踪遇到 int 2b 如何再跟下去?
OD手工调过 int 2b 后,就无法中断了,有什么办法解决吗? |
|
[求助]如何修改汇编语句,并将其编译成exe文件?
右键保存保存的文件为txt,怎样变成exe? |
|
[求助]关于dede 反汇编Delphi 的问题?
[QUOTE=yslzqy;566099]* Reference to control mem_GoPlace : TMemo | 004D2FAB 8B861C050000 mov eax, [esi+$051C] 004D2FB1 8B8008020000 mov e...[/QUOTE] | 004D3133 BABC394D00 mov edx, $004D39BC 004D3138 8BC6 mov eax, esi | 004D313A E81D1D0000 call 004D4E5C 004D313F A1F8234E00 mov eax, dword ptr [$004E23F8] 004D3144 FF00 inc dword ptr [eax] 004D3146 A1F8234E00 mov eax, dword ptr [$004E23F8] 004D314B 833806 cmp dword ptr [eax], +$06 004D314E 0F8EE6070000 jle 004D393A 004D3154 6A00 push $00 004D3156 A1A4204E00 mov eax, dword ptr [$004E20A4] 004D315B B901000000 mov ecx, $00000001 004D3160 8B15A48F4D00 mov edx, [$004D8FA4] * Reference to: system.@DynArraySetLength; | 004D3166 E8DD24F3FF call 00405648 004D316B 83C404 add esp, +$04 004D316E A108214E00 mov eax, dword ptr [$004E2108] * Reference to: system.@LStrClr(String;String); | 004D3173 E8740AF3FF call 00403BEC 004D3178 E9BD070000 jmp 004D393A 004D317D C645F700 mov byte ptr [ebp-$09], $00 004D3181 8D55F0 lea edx, [ebp-$10] * Reference to control CMB_Pic : TComboBox | 004D3184 8B8684030000 mov eax, [esi+$0384] * Reference to: controls.TControl.GetText(TControl):TCaption; | 004D318A E8FD03F6FF call 0043358C * Reference to control mem_GoPlace : TMemo | 004D318F 8B861C050000 mov eax, [esi+$051C] 004D3195 8B8008020000 mov eax, [eax+$0208] 004D319B 8B10 mov edx, [eax] 004D319D FF5214 call dword ptr [edx+$14] 004D31A0 48 dec eax 004D31A1 83F800 cmp eax, +$00 004D31A4 0F8CA2000000 jl 004D324C 004D31AA 8945F8 mov [ebp-$08], eax 004D31AD 8B45F0 mov eax, [ebp-$10] * Possible String Reference to: '铁掌峰' | 004D31B0 BAD8394D00 mov edx, $004D39D8 * Reference to: system.@LStrCmp; | 004D31B5 E8C20DF3FF call 00403F7C 004D31BA 743D jz 004D31F9 004D31BC 8D4DBC lea ecx, [ebp-$44] * Reference to control mem_GoPlace : TMemo | 004D31BF 8B861C050000 mov eax, [esi+$051C] 004D31C5 8B8008020000 mov eax, [eax+$0208] 004D31CB 8B55F8 mov edx, [ebp-$08] 004D31CE 8B18 mov ebx, [eax] 004D31D0 FF530C call dword ptr [ebx+$0C] 004D31D3 8B55BC mov edx, [ebp-$44] * Possible String Reference to: '铁掌峰驿站' | 004D31D6 B8E8394D00 mov eax, $004D39E8 * Reference to: system.@LStrPos; | 004D31DB E8780FF3FF call 00404158 004D31E0 48 dec eax 004D31E1 755C jnz 004D323F * Reference to control mem_GoPlace : TMemo | 004D31E3 8B861C050000 mov eax, [esi+$051C] 004D31E9 8B8008020000 mov eax, [eax+$0208] 004D31EF 8B55F8 mov edx, [ebp-$08] 004D31F2 8B08 mov ecx, [eax] 004D31F4 FF5144 call dword ptr [ecx+$44] 004D31F7 EB46 jmp 004D323F 004D31F9 A164244E00 mov eax, dword ptr [$004E2464] 004D31FE 6683383C cmp word ptr [eax], +$3C 004D3202 763B jbe 004D323F 004D3204 8D4DB8 lea ecx, [ebp-$48] * Reference to control mem_GoPlace : TMemo | 004D3207 8B861C050000 mov eax, [esi+$051C] 004D320D 8B8008020000 mov eax, [eax+$0208] 004D3213 8B55F8 mov edx, [ebp-$08] 004D3216 8B18 mov ebx, [eax] 004D3218 FF530C call dword ptr [ebx+$0C] 004D321B 8B55B8 mov edx, [ebp-$48] * Possible String Reference to: '铁掌峰驿站' | 004D321E B8E8394D00 mov eax, $004D39E8 * Reference to: system.@LStrPos; | 004D3223 E8300FF3FF call 00404158 004D3228 48 dec eax 004D3229 7514 jnz 004D323F * Reference to control mem_GoPlace : TMemo | 004D322B 8B861C050000 mov eax, [esi+$051C] 004D3231 8B8008020000 mov eax, [eax+$0208] 004D3237 8B55F8 mov edx, [ebp-$08] 004D323A 8B08 mov ecx, [eax] 004D323C FF5144 call dword ptr [ecx+$44] 004D323F FF4DF8 dec dword ptr [ebp-$08] 004D3242 837DF8FF cmp dword ptr [ebp-$08], -$01 004D3246 0F8561FFFFFF jnz 004D31AD * Reference to control mem_GoPlace : TMemo | 004D324C 8B861C050000 mov eax, [esi+$051C] 004D3252 8B8008020000 mov eax, [eax+$0208] 004D3258 8B10 mov edx, [eax] 004D325A FF5214 call dword ptr [edx+$14] 004D325D 48 dec eax 004D325E 85C0 test eax, eax 004D3260 7C4A jl 004D32AC 004D3262 40 inc eax 004D3263 8945D4 mov [ebp-$2C], eax 004D3266 C745F800000000 mov dword ptr [ebp-$08], $00000000 004D326D 8D4DB4 lea ecx, [ebp-$4C] * Reference to control mem_GoPlace : TMemo | 004D3270 8B861C050000 mov eax, [esi+$051C] 004D3276 8B8008020000 mov eax, [eax+$0208] 004D327C 8B55F8 mov edx, [ebp-$08] 004D327F 8B18 mov ebx, [eax] 004D3281 FF530C call dword ptr [ebx+$0C] 004D3284 8B55B4 mov edx, [ebp-$4C] 004D3287 8B45F0 mov eax, [ebp-$10] * Reference to: system.@LStrPos; | 004D328A E8C90EF3FF call 00404158 004D328F 48 dec eax 004D3290 7512 jnz 004D32A4 004D3292 C645F701 mov byte ptr [ebp-$09], $01 * Reference to control timerGoDest : TTimer | 004D3296 8B8620050000 mov eax, [esi+$0520] 004D329C 8B55F8 mov edx, [ebp-$08] 004D329F 89500C mov [eax+$0C], edx 004D32A2 EB08 jmp 004D32AC 004D32A4 FF45F8 inc dword ptr [ebp-$08] 004D32A7 FF4DD4 dec dword ptr [ebp-$2C] 004D32AA 75C1 jnz 004D326D 004D32AC 807DF700 cmp byte ptr [ebp-$09], $00 004D32B0 0F8529020000 jnz 004D34DF * Reference to control mem_GoPlace : TMemo | 004D32B6 8B861C050000 mov eax, [esi+$051C] 004D32BC 8B8008020000 mov eax, [eax+$0208] 004D32C2 8B10 mov edx, [eax] 004D32C4 FF5214 call dword ptr [edx+$14] 004D32C7 48 dec eax 004D32C8 85C0 test eax, eax 004D32CA 0F8C0F020000 jl 004D34DF 004D32D0 40 inc eax 004D32D1 8945D4 mov [ebp-$2C], eax 004D32D4 C745F800000000 mov dword ptr [ebp-$08], $00000000 004D32DB 8D4DB0 lea ecx, [ebp-$50] * Reference to control mem_GoPlace : TMemo | 004D32DE 8B861C050000 mov eax, [esi+$051C] 004D32E4 8B8008020000 mov eax, [eax+$0208] 004D32EA 8B55F8 mov edx, [ebp-$08] 004D32ED 8B18 mov ebx, [eax] 004D32EF FF530C call dword ptr [ebx+$0C] 004D32F2 8B55B0 mov edx, [ebp-$50] * Possible String Reference to: '{1}' | 004D32F5 B8FC394D00 mov eax, $004D39FC * Reference to: system.@LStrPos; | 004D32FA E8590EF3FF call 00404158 004D32FF 85C0 test eax, eax 004D3301 7F54 jnle 004D3357 004D3303 8D4DAC lea ecx, [ebp-$54] * Reference to control mem_GoPlace : TMemo | 004D3306 8B861C050000 mov eax, [esi+$051C] 004D330C 8B8008020000 mov eax, [eax+$0208] 004D3312 8B55F8 mov edx, [ebp-$08] 004D3315 8B18 mov ebx, [eax] 004D3317 FF530C call dword ptr [ebx+$0C] 004D331A 8B55AC mov edx, [ebp-$54] * Possible String Reference to: '{5}' | 004D331D B8083A4D00 mov eax, $004D3A08 * Reference to: system.@LStrPos; | 004D3322 E8310EF3FF call 00404158 004D3327 85C0 test eax, eax 004D3329 7F2C jnle 004D3357 004D332B 8D4DA8 lea ecx, [ebp-$58] * Reference to control mem_GoPlace : TMemo | 004D332E 8B861C050000 mov eax, [esi+$051C] 004D3334 8B8008020000 mov eax, [eax+$0208] 004D333A 8B55F8 mov edx, [ebp-$08] 004D333D 8B18 mov ebx, [eax] 004D333F FF530C call dword ptr [ebx+$0C] 004D3342 8B55A8 mov edx, [ebp-$58] * Possible String Reference to: '{7}' | 004D3345 B8143A4D00 mov eax, $004D3A14 * Reference to: system.@LStrPos; | 004D334A E8090EF3FF call 00404158 004D334F 85C0 test eax, eax 004D3351 0F8E7C010000 jle 004D34D3 004D3357 BB01000000 mov ebx, $00000001 004D335C 8D4DA4 lea ecx, [ebp-$5C] * Reference to control mem_GoPlace : TMemo | 004D335F 8B861C050000 mov eax, [esi+$051C] 004D3365 8B8008020000 mov eax, [eax+$0208] 004D336B 8B55F8 mov edx, [ebp-$08] 004D336E 8B38 mov edi, [eax] 004D3370 FF570C call dword ptr [edi+$0C] 004D3373 8B55A4 mov edx, [ebp-$5C] 004D3376 B8203A4D00 mov eax, $004D3A20 * Reference to: system.@LStrPos; | 004D337B E8D80DF3FF call 00404158 004D3380 2BC3 sub eax, ebx 004D3382 8BD8 mov ebx, eax 004D3384 8D45E0 lea eax, [ebp-$20] 004D3387 50 push eax 004D3388 8D4DA0 lea ecx, [ebp-$60] * Reference to control mem_GoPlace : TMemo | 004D338B 8B861C050000 mov eax, [esi+$051C] 004D3391 8B8008020000 mov eax, [eax+$0208] 004D3397 8B55F8 mov edx, [ebp-$08] 004D339A 8B38 mov edi, [eax] 004D339C FF570C call dword ptr [edi+$0C] 004D339F 8B45A0 mov eax, [ebp-$60] 004D33A2 8BCB mov ecx, ebx 004D33A4 BA01000000 mov edx, $00000001 * Reference to: system.@LStrCopy; | 004D33A9 E8C60CF3FF call 00404074 004D33AE 8D4D9C lea ecx, [ebp-$64] * Reference to control mem_GoPlace : TMemo | 004D33B1 8B861C050000 mov eax, [esi+$051C] 004D33B7 8B8008020000 mov eax, [eax+$0208] 004D33BD 8B55F8 mov edx, [ebp-$08] 004D33C0 8B18 mov ebx, [eax] 004D33C2 FF530C call dword ptr [ebx+$0C] 004D33C5 8B559C mov edx, [ebp-$64] * Possible String Reference to: '{5}' | 004D33C8 B8083A4D00 mov eax, $004D3A08 * Reference to: system.@LStrPos; | 004D33CD E8860DF3FF call 00404158 004D33D2 85C0 test eax, eax 004D33D4 7E1C jle 004D33F2 004D33D6 8B55E0 mov edx, [ebp-$20] * Possible String Reference to: '已完成' | 004D33D9 B884394D00 mov eax, $004D3984 * Reference to: system.@LStrPos; | 004D33DE E8750DF3FF call 00404158 004D33E3 8BD0 mov edx, eax 004D33E5 8D45E0 lea eax, [ebp-$20] 004D33E8 B906000000 mov ecx, $00000006 * Reference to: system.@LStrDelete; | 004D33ED E8C20CF3FF call 004040B4 004D33F2 A164234E00 mov eax, dword ptr [$004E2364] 004D33F7 8B00 mov eax, [eax] * Reference to: system.@LStrLen:Integer; | or: system.@DynArrayLength; | or: system.DynArraySize(Pointer):Integer; | 004D33F9 E88E20F3FF call 0040548C 004D33FE 48 dec eax 004D33FF 85C0 test eax, eax 004D3401 0F8CCC000000 jl 004D34D3 004D3407 40 inc eax 004D3408 8945D0 mov [ebp-$30], eax 004D340B 33DB xor ebx, ebx 004D340D A164234E00 mov eax, dword ptr [$004E2364] 004D3412 8B00 mov eax, [eax] 004D3414 8B1498 mov edx, [eax+ebx*4] 004D3417 B82C3A4D00 mov eax, $004D3A2C * Reference to: system.@LStrPos; | 004D341C E8370DF3FF call 00404158 004D3421 85C0 test eax, eax 004D3423 7E69 jle 004D348E 004D3425 A164234E00 mov eax, dword ptr [$004E2364] 004D342A 8B00 mov eax, [eax] 004D342C 8B1498 mov edx, [eax+ebx*4] 004D342F B8383A4D00 mov eax, $004D3A38 * Reference to: system.@LStrPos; | 004D3434 E81F0DF3FF call 00404158 004D3439 85C0 test eax, eax 004D343B 7F51 jnle 004D348E 004D343D A164234E00 mov eax, dword ptr [$004E2364] 004D3442 8B00 mov eax, [eax] 004D3444 8B1498 mov edx, [eax+ebx*4] 004D3447 B8203A4D00 mov eax, $004D3A20 * Reference to: system.@LStrPos; | 004D344C E8070DF3FF call 00404158 004D3451 85C0 test eax, eax 004D3453 7F39 jnle 004D348E 004D3455 8D4598 lea eax, [ebp-$68] 004D3458 50 push eax 004D3459 A164234E00 mov eax, dword ptr [$004E2364] 004D345E 8B00 mov eax, [eax] 004D3460 8B0498 mov eax, [eax+ebx*4] * Reference to: system.@LStrLen:Integer; | or: system.@DynArrayLength; | or: system.DynArraySize(Pointer):Integer; | 004D3463 E8040AF3FF call 00403E6C 004D3468 8BC8 mov ecx, eax 004D346A 83E902 sub ecx, +$02 004D346D A164234E00 mov eax, dword ptr [$004E2364] 004D3472 8B00 mov eax, [eax] 004D3474 8B0498 mov eax, [eax+ebx*4] 004D3477 BA02000000 mov edx, $00000002 * Reference to: system.@LStrCopy; | 004D347C E8F30BF3FF call 00404074 004D3481 8B4598 mov eax, [ebp-$68] 004D3484 8D55E4 lea edx, [ebp-$1C] * Reference to: sysutils.Trim(AnsiString):AnsiString; | 004D3487 E8A455F3FF call 00408A30 004D348C EB35 jmp 004D34C3 004D348E 8B45E4 mov eax, [ebp-$1C] 004D3491 8B55F0 mov edx, [ebp-$10] * Reference to: system.@LStrCmp; | 004D3494 E8E30AF3FF call 00403F7C 004D3499 7528 jnz 004D34C3 004D349B A164234E00 mov eax, dword ptr [$004E2364] 004D34A0 8B00 mov eax, [eax] 004D34A2 8B1498 mov edx, [eax+ebx*4] 004D34A5 8B45E0 mov eax, [ebp-$20] * Reference to: system.@LStrPos; | 004D34A8 E8AB0CF3FF call 00404158 004D34AD 85C0 test eax, eax 004D34AF 7E12 jle 004D34C3 004D34B1 C645F701 mov byte ptr [ebp-$09], $01 * Reference to control timerGoDest : TTimer | 004D34B5 8B8620050000 mov eax, [esi+$0520] 004D34BB 8B55F8 mov edx, [ebp-$08] 004D34BE 89500C mov [eax+$0C], edx 004D34C1 EB10 jmp 004D34D3 004D34C3 807DF700 cmp byte ptr [ebp-$09], $00 004D34C7 750A jnz 004D34D3 004D34C9 43 inc ebx 004D34CA FF4DD0 dec dword ptr [ebp-$30] 004D34CD 0F853AFFFFFF jnz 004D340D 004D34D3 FF45F8 inc dword ptr [ebp-$08] 004D34D6 FF4DD4 dec dword ptr [ebp-$2C] 004D34D9 0F85FCFDFFFF jnz 004D32DB 004D34DF 807DF700 cmp byte ptr [ebp-$09], $00 004D34E3 0F851D040000 jnz 004D3906 004D34E9 C645F600 mov byte ptr [ebp-$0A], $00 * Reference to control mem_GoPlace : TMemo | 004D34ED 8B861C050000 mov eax, [esi+$051C] 004D34F3 8B8008020000 mov eax, [eax+$0208] 004D34F9 8B10 mov edx, [eax] 004D34FB FF5214 call dword ptr [edx+$14] 004D34FE 48 dec eax 004D34FF 85C0 test eax, eax 004D3501 0F8CFF030000 jl 004D3906 004D3507 40 inc eax 004D3508 8945D4 mov [ebp-$2C], eax 004D350B C745F800000000 mov dword ptr [ebp-$08], $00000000 004D3512 BB01000000 mov ebx, $00000001 004D3517 8D4D94 lea ecx, [ebp-$6C] * Reference to control mem_GoPlace : TMemo | 004D351A 8B861C050000 mov eax, [esi+$051C] 004D3520 8B8008020000 mov eax, [eax+$0208] 004D3526 8B55F8 mov edx, [ebp-$08] 004D3529 8B38 mov edi, [eax] 004D352B FF570C call dword ptr [edi+$0C] 004D352E 8B5594 mov edx, [ebp-$6C] * Possible String Reference to: '到' | 004D3531 B8443A4D00 mov eax, $004D3A44 * Reference to: system.@LStrPos; | 004D3536 E81D0CF3FF call 00404158 004D353B 2BC3 sub eax, ebx 004D353D 8BD8 mov ebx, eax 004D353F 8D45EC lea eax, [ebp-$14] 004D3542 50 push eax 004D3543 8D4D90 lea ecx, [ebp-$70] * Reference to control mem_GoPlace : TMemo | 004D3546 8B861C050000 mov eax, [esi+$051C] 004D354C 8B8008020000 mov eax, [eax+$0208] 004D3552 8B55F8 mov edx, [ebp-$08] 004D3555 8B38 mov edi, [eax] 004D3557 FF570C call dword ptr [edi+$0C] 004D355A 8B4590 mov eax, [ebp-$70] 004D355D 8BCB mov ecx, ebx 004D355F BA01000000 mov edx, $00000001 * Reference to: system.@LStrCopy; | 004D3564 E80B0BF3FF call 00404074 004D3569 837DEC00 cmp dword ptr [ebp-$14], +$00 004D356D 0F8526010000 jnz 004D3699 004D3573 BB01000000 mov ebx, $00000001 004D3578 8D4D8C lea ecx, [ebp-$74] * Reference to control mem_GoPlace : TMemo | 004D357B 8B861C050000 mov eax, [esi+$051C] 004D3581 8B8008020000 mov eax, [eax+$0208] 004D3587 8B55F8 mov edx, [ebp-$08] 004D358A 8B38 mov edi, [eax] 004D358C FF570C call dword ptr [edi+$0C] 004D358F 8B558C mov edx, [ebp-$74] 004D3592 B8203A4D00 mov eax, $004D3A20 * Reference to: system.@LStrPos; | 004D3597 E8BC0BF3FF call 00404158 004D359C 2BC3 sub eax, ebx 004D359E 8BD8 mov ebx, eax 004D35A0 8D45E0 lea eax, [ebp-$20] 004D35A3 50 push eax 004D35A4 8D4D88 lea ecx, [ebp-$78] * Reference to control mem_GoPlace : TMemo | 004D35A7 8B861C050000 mov eax, [esi+$051C] 004D35AD 8B8008020000 mov eax, [eax+$0208] 004D35B3 8B55F8 mov edx, [ebp-$08] 004D35B6 8B38 mov edi, [eax] 004D35B8 FF570C call dword ptr [edi+$0C] 004D35BB 8B4588 mov eax, [ebp-$78] 004D35BE 8BCB mov ecx, ebx 004D35C0 BA01000000 mov edx, $00000001 * Reference to: system.@LStrCopy; | 004D35C5 E8AA0AF3FF call 00404074 004D35CA A164234E00 mov eax, dword ptr [$004E2364] 004D35CF 8B00 mov eax, [eax] * Reference to: system.@LStrLen:Integer; | or: system.@DynArrayLength; | or: system.DynArraySize(Pointer):Integer; | 004D35D1 E8B61EF3FF call 0040548C 004D35D6 48 dec eax 004D35D7 85C0 test eax, eax 004D35D9 0F8CBA000000 jl 004D3699 004D35DF 40 inc eax 004D35E0 8945D0 mov [ebp-$30], eax 004D35E3 33DB xor ebx, ebx 004D35E5 A164234E00 mov eax, dword ptr [$004E2364] 004D35EA 8B00 mov eax, [eax] 004D35EC 8B1498 mov edx, [eax+ebx*4] 004D35EF B82C3A4D00 mov eax, $004D3A2C * Reference to: system.@LStrPos; | 004D35F4 E85F0BF3FF call 00404158 004D35F9 85C0 test eax, eax 004D35FB 7E69 jle 004D3666 004D35FD A164234E00 mov eax, dword ptr [$004E2364] 004D3602 8B00 mov eax, [eax] 004D3604 8B1498 mov edx, [eax+ebx*4] 004D3607 B8383A4D00 mov eax, $004D3A38 * Reference to: system.@LStrPos; | 004D360C E8470BF3FF call 00404158 004D3611 85C0 test eax, eax 004D3613 7F51 jnle 004D3666 004D3615 A164234E00 mov eax, dword ptr [$004E2364] 004D361A 8B00 mov eax, [eax] 004D361C 8B1498 mov edx, [eax+ebx*4] 004D361F B8203A4D00 mov eax, $004D3A20 * Reference to: system.@LStrPos; | 004D3624 E82F0BF3FF call 00404158 004D3629 85C0 test eax, eax 004D362B 7F39 jnle 004D3666 004D362D 8D4584 lea eax, [ebp-$7C] 004D3630 50 push eax 004D3631 A164234E00 mov eax, dword ptr [$004E2364] 004D3636 8B00 mov eax, [eax] 004D3638 8B0498 mov eax, [eax+ebx*4] * Reference to: system.@LStrLen:Integer; | or: system.@DynArrayLength; | or: system.DynArraySize(Pointer):Integer; | 004D363B E82C08F3FF call 00403E6C 004D3640 8BC8 mov ecx, eax 004D3642 83E902 sub ecx, +$02 004D3645 A164234E00 mov eax, dword ptr [$004E2364] 004D364A 8B00 mov eax, [eax] 004D364C 8B0498 mov eax, [eax+ebx*4] 004D364F BA02000000 mov edx, $00000002 * Reference to: system.@LStrCopy; | 004D3654 E81B0AF3FF call 00404074 004D3659 8B4584 mov eax, [ebp-$7C] 004D365C 8D55E4 lea edx, [ebp-$1C] * Reference to: sysutils.Trim(AnsiString):AnsiString; | 004D365F E8CC53F3FF call 00408A30 004D3664 EB23 jmp 004D3689 004D3666 A164234E00 mov eax, dword ptr [$004E2364] 004D366B 8B00 mov eax, [eax] 004D366D 8B1498 mov edx, [eax+ebx*4] 004D3670 8B45E0 mov eax, [ebp-$20] * Reference to: system.@LStrPos; | 004D3673 E8E00AF3FF call 00404158 004D3678 85C0 test eax, eax 004D367A 7E0D jle 004D3689 004D367C 8D45EC lea eax, [ebp-$14] 004D367F 8B55E4 mov edx, [ebp-$1C] * Reference to: system.@LStrLAsg; | 004D3682 E8FD05F3FF call 00403C84 004D3687 EB10 jmp 004D3699 004D3689 837DEC00 cmp dword ptr [ebp-$14], +$00 004D368D 750A jnz 004D3699 004D368F 43 inc ebx 004D3690 FF4DD0 dec dword ptr [ebp-$30] 004D3693 0F854CFFFFFF jnz 004D35E5 004D3699 837DEC00 cmp dword ptr [ebp-$14], +$00 004D369D 0F8457020000 jz 004D38FA 004D36A3 FF75F0 push dword ptr [ebp-$10] * Possible String Reference to: '到' | 004D36A6 68443A4D00 push $004D3A44 004D36AB FF75EC push dword ptr [ebp-$14] 004D36AE 8D45E8 lea eax, [ebp-$18] 004D36B1 BA03000000 mov edx, $00000003 * Reference to: system.@LStrCatN; | 004D36B6 E87108F3FF call 00403F2C 004D36BB 8B45E8 mov eax, [ebp-$18] * Possible String Reference to: '唐门到中原' | 004D36BE BA503A4D00 mov edx, $004D3A50 * Reference to: system.@LStrCmp; | 004D36C3 E8B408F3FF call 00403F7C 004D36C8 7413 jz 004D36DD 004D36CA 8B45E8 mov eax, [ebp-$18] * Possible String Reference to: '三合庄到中原' | 004D36CD BA643A4D00 mov edx, $004D3A64 * Reference to: system.@LStrCmp; | 004D36D2 E8A508F3FF call 00403F7C 004D36D7 0F8595000000 jnz 004D3772 004D36DD B201 mov dl, $01 004D36DF A1CCFB4000 mov eax, dword ptr [$0040FBCC] * Reference to: system.TObject.Create(TObject;Boolean); | 004D36E4 E8EFF7F2FF call 00402ED8 004D36E9 8945DC mov [ebp-$24], eax 004D36EC 8D4580 lea eax, [ebp-$80] | 004D36EF E8788D0000 call 004DC46C 004D36F4 8D4580 lea eax, [ebp-$80] * Possible String Reference to: 'NewRunmoneySp.xyd' | 004D36F7 BA7C3A4D00 mov edx, $004D3A7C * Reference to: system.@LStrCat; | 004D36FC E87307F3FF call 00403E74 004D3701 8B4D80 mov ecx, [ebp-$80] 004D3704 B201 mov dl, $01 004D3706 A1689E4600 mov eax, dword ptr [$00469E68] * Reference to: axctrls.TOleStream.Create(TOleStream;boolean;IStream); | or: inifiles.TCustomIniFile.Create(TCustomIniFile;boolean;AnsiString); | or: sysutils.Exception.Create(Exception;boolean;AnsiString); | 004D370B E80068F9FF call 00469F10 004D3710 8B4DDC mov ecx, [ebp-$24] 004D3713 8B55E8 mov edx, [ebp-$18] 004D3716 8B18 mov ebx, [eax] 004D3718 FF5338 call dword ptr [ebx+$38] 004D371B 8B45DC mov eax, [ebp-$24] 004D371E 8B10 mov edx, [eax] 004D3720 FF5214 call dword ptr [edx+$14] 004D3723 48 dec eax 004D3724 85C0 test eax, eax 004D3726 7C38 jl 004D3760 004D3728 40 inc eax 004D3729 8945D0 mov [ebp-$30], eax 004D372C 33DB xor ebx, ebx 004D372E 8D8D7CFFFFFF lea ecx, [ebp+$FFFFFF7C] 004D3734 8BD3 mov edx, ebx 004D3736 8B45DC mov eax, [ebp-$24] 004D3739 8B38 mov edi, [eax] 004D373B FF570C call dword ptr [edi+$0C] 004D373E 8B8D7CFFFFFF mov ecx, [ebp+$FFFFFF7C] 004D3744 8B55F8 mov edx, [ebp-$08] 004D3747 03D3 add edx, ebx * Reference to control mem_GoPlace : TMemo | 004D3749 8B861C050000 mov eax, [esi+$051C] 004D374F 8B8008020000 mov eax, [eax+$0208] 004D3755 8B38 mov edi, [eax] 004D3757 FF5754 call dword ptr [edi+$54] 004D375A 43 inc ebx 004D375B FF4DD0 dec dword ptr [ebp-$30] 004D375E 75CE jnz 004D372E * Reference to control timerGoDest : TTimer | 004D3760 8B8620050000 mov eax, [esi+$0520] 004D3766 8B55F8 mov edx, [ebp-$08] 004D3769 89500C mov [eax+$0C], edx 004D376C C645F601 mov byte ptr [ebp-$0A], $01 004D3770 EB69 jmp 004D37DB 004D3772 A164234E00 mov eax, dword ptr [$004E2364] 004D3777 8B00 mov eax, [eax] * Reference to: system.@LStrLen:Integer; | or: system.@DynArrayLength; | or: system.DynArraySize(Pointer):Integer; | 004D3779 E80E1DF3FF call 0040548C 004D377E 48 dec eax 004D377F 85C0 test eax, eax 004D3781 7C58 jl 004D37DB 004D3783 40 inc eax 004D3784 8945D0 mov [ebp-$30], eax 004D3787 33DB xor ebx, ebx 004D3789 A164234E00 mov eax, dword ptr [$004E2364] 004D378E 8B00 mov eax, [eax] 004D3790 8B1498 mov edx, [eax+ebx*4] 004D3793 8B45E8 mov eax, [ebp-$18] * Reference to: system.@LStrPos; | 004D3796 E8BD09F3FF call 00404158 004D379B 85C0 test eax, eax 004D379D 7E30 jle 004D37CF 004D379F A164234E00 mov eax, dword ptr [$004E2364] 004D37A4 8B00 mov eax, [eax] 004D37A6 8B0C98 mov ecx, [eax+ebx*4] * Reference to control mem_GoPlace : TMemo | 004D37A9 8B861C050000 mov eax, [esi+$051C] 004D37AF 8B8008020000 mov eax, [eax+$0208] 004D37B5 8B55F8 mov edx, [ebp-$08] 004D37B8 8B18 mov ebx, [eax] 004D37BA FF5354 call dword ptr [ebx+$54] * Reference to control timerGoDest : TTimer | 004D37BD 8B8620050000 mov eax, [esi+$0520] 004D37C3 8B55F8 mov edx, [ebp-$08] 004D37C6 89500C mov [eax+$0C], edx 004D37C9 C645F601 mov byte ptr [ebp-$0A], $01 004D37CD EB0C jmp 004D37DB 004D37CF 807DF600 cmp byte ptr [ebp-$0A], $00 004D37D3 7506 jnz 004D37DB 004D37D5 43 inc ebx 004D37D6 FF4DD0 dec dword ptr [ebp-$30] 004D37D9 75AE jnz 004D3789 * Reference to control timerGoDest : TTimer | 004D37DB 8B8620050000 mov eax, [esi+$0520] 004D37E1 8B580C mov ebx, [eax+$0C] * Reference to control mem_GoPlace : TMemo | 004D37E4 8B861C050000 mov eax, [esi+$051C] 004D37EA 8B8008020000 mov eax, [eax+$0208] 004D37F0 8B10 mov edx, [eax] 004D37F2 FF5214 call dword ptr [edx+$14] 004D37F5 48 dec eax 004D37F6 2BC3 sub eax, ebx 004D37F8 0F8CFC000000 jl 004D38FA 004D37FE 40 inc eax 004D37FF 8945D0 mov [ebp-$30], eax 004D3802 EB48 jmp 004D384C 004D3804 8D4DD8 lea ecx, [ebp-$28] * Reference to control mem_GoPlace : TMemo | 004D3807 8B861C050000 mov eax, [esi+$051C] 004D380D 8B8008020000 mov eax, [eax+$0208] 004D3813 8BD3 mov edx, ebx 004D3815 8B38 mov edi, [eax] 004D3817 FF570C call dword ptr [edi+$0C] 004D381A 8B55D8 mov edx, [ebp-$28] * Possible String Reference to: '已完成' | 004D381D B884394D00 mov eax, $004D3984 * Reference to: system.@LStrPos; | 004D3822 E83109F3FF call 00404158 004D3827 8BD0 mov edx, eax 004D3829 8D45D8 lea eax, [ebp-$28] 004D382C B906000000 mov ecx, $00000006 * Reference to: system.@LStrDelete; | 004D3831 E87E08F3FF call 004040B4 * Reference to control mem_GoPlace : TMemo | 004D3836 8B861C050000 mov eax, [esi+$051C] 004D383C 8B8008020000 mov eax, [eax+$0208] 004D3842 8B4DD8 mov ecx, [ebp-$28] 004D3845 8BD3 mov edx, ebx 004D3847 8B38 mov edi, [eax] 004D3849 FF5720 call dword ptr [edi+$20] 004D384C 8D8D78FFFFFF lea ecx, [ebp+$FFFFFF78] * Reference to control mem_GoPlace : TMemo | 004D3852 8B861C050000 mov eax, [esi+$051C] 004D3858 8B8008020000 mov eax, [eax+$0208] 004D385E 8BD3 mov edx, ebx 004D3860 8B38 mov edi, [eax] 004D3862 FF570C call dword ptr [edi+$0C] 004D3865 8B9578FFFFFF mov edx, [ebp+$FFFFFF78] * Possible String Reference to: '已完成' | 004D386B B884394D00 mov eax, $004D3984 * Reference to: system.@LStrPos; | 004D3870 E8E308F3FF call 00404158 004D3875 85C0 test eax, eax 004D3877 7F8B jnle 004D3804 004D3879 EB48 jmp 004D38C3 004D387B 8D4DD8 lea ecx, [ebp-$28] * Reference to control mem_GoPlace : TMemo | 004D387E 8B861C050000 mov eax, [esi+$051C] 004D3884 8B8008020000 mov eax, [eax+$0208] 004D388A 8BD3 mov edx, ebx 004D388C 8B38 mov edi, [eax] 004D388E FF570C call dword ptr [edi+$0C] 004D3891 8B55D8 mov edx, [ebp-$28] * Possible String Reference to: '完成了走路' | 004D3894 B894394D00 mov eax, $004D3994 * Reference to: system.@LStrPos; | 004D3899 E8BA08F3FF call 00404158 004D389E 8BD0 mov edx, eax 004D38A0 8D45D8 lea eax, [ebp-$28] 004D38A3 B90A000000 mov ecx, $0000000A * Reference to: system.@LStrDelete; | 004D38A8 E80708F3FF call 004040B4 * Reference to control mem_GoPlace : TMemo | 004D38AD 8B861C050000 mov eax, [esi+$051C] 004D38B3 8B8008020000 mov eax, [eax+$0208] 004D38B9 8B4DD8 mov ecx, [ebp-$28] 004D38BC 8BD3 mov edx, ebx 004D38BE 8B38 mov edi, [eax] 004D38C0 FF5720 call dword ptr [edi+$20] 004D38C3 8D8D74FFFFFF lea ecx, [ebp+$FFFFFF74] * Reference to control mem_GoPlace : TMemo | 004D38C9 8B861C050000 mov eax, [esi+$051C] 004D38CF 8B8008020000 mov eax, [eax+$0208] 004D38D5 8BD3 mov edx, ebx 004D38D7 8B38 mov edi, [eax] 004D38D9 FF570C call dword ptr [edi+$0C] 004D38DC 8B9574FFFFFF mov edx, [ebp+$FFFFFF74] * Possible String Reference to: '完成了走路' | 004D38E2 B894394D00 mov eax, $004D3994 * Reference to: system.@LStrPos; | 004D38E7 E86C08F3FF call 00404158 004D38EC 85C0 test eax, eax 004D38EE 7F8B jnle 004D387B 004D38F0 43 inc ebx 004D38F1 FF4DD0 dec dword ptr [ebp-$30] 004D38F4 0F8552FFFFFF jnz 004D384C 004D38FA FF45F8 inc dword ptr [ebp-$08] 004D38FD FF4DD4 dec dword ptr [ebp-$2C] 004D3900 0F850CFCFFFF jnz 004D3512 004D3906 A1E0214E00 mov eax, dword ptr [$004E21E0] 004D390B C70001000000 mov dword ptr [eax], $00000001 004D3911 A158204E00 mov eax, dword ptr [$004E2058] 004D3916 33D2 xor edx, edx 004D3918 8910 mov [eax], edx 004D391A A158204E00 mov eax, dword ptr [$004E2058] 004D391F 33D2 xor edx, edx 004D3921 895004 mov [eax+$04], edx 004D3924 A138214E00 mov eax, dword ptr [$004E2138] 004D3929 33D2 xor edx, edx 004D392B 8910 mov [eax], edx 004D392D B201 mov dl, $01 * Reference to control timerGoDest : TTimer | 004D392F 8B8620050000 mov eax, [esi+$0520] * Reference to: extctrls.TTimer.SetEnabled(TTimer;Boolean); | or: psock.TThreadTimer.SetEnabled(TThreadTimer;System.Boolean); | 004D3935 E81E18F8FF call 00455158 004D393A 33C0 xor eax, eax 004D393C 5A pop edx 004D393D 59 pop ecx 004D393E 59 pop ecx 004D393F 648910 mov fs:[eax], edx ****** FINALLY | * Possible String Reference to: '_^[嬪]? | 004D3942 6874394D00 push $004D3974 004D3947 8D8574FFFFFF lea eax, [ebp+$FFFFFF74] 004D394D BA17000000 mov edx, $00000017 * Reference to: system.@LStrArrayClr; | 004D3952 E8B902F3FF call 00403C10 004D3957 8D45D8 lea eax, [ebp-$28] * Reference to: system.@LStrClr(String;String); | 004D395A E88D02F3FF call 00403BEC 004D395F 8D45E0 lea eax, [ebp-$20] 004D3962 BA05000000 mov edx, $00000005 * Reference to: system.@LStrArrayClr; | 004D3967 E8A402F3FF call 00403C10 004D396C C3 ret * Reference to: system.@HandleFinally; | 004D396D E9F6FCF2FF jmp 00403668 004D3972 EBD3 jmp 004D3947 ****** END | 004D3974 5F pop edi 004D3975 5E pop esi 004D3976 5B pop ebx 004D3977 8BE5 mov esp, ebp 004D3979 5D pop ebp 004D397A C3 ret |
|
[求助]关于dede 反汇编Delphi 的问题?
* Reference to control mem_GoPlace : TMemo | 004D2FAB 8B861C050000 mov eax, [esi+$051C] 004D2FB1 8B8008020000 mov eax, [eax+$0208] 004D2FB7 8B10 mov edx, [eax] 004D2FB9 FF5214 call dword ptr [edx+$14] 004D2FBC 48 dec eax 004D2FBD 83F800 cmp eax, +$00 004D2FC0 7C48 jl 004D300A //不大等于 004D2FC2 8945F8 mov [ebp-$08], eax 004D2FC5 8D4DC8 lea ecx, [ebp-$38] * Reference to control mem_GoPlace : TMemo | 004D2FC8 8B861C050000 mov eax, [esi+$051C] 004D2FCE 8B8008020000 mov eax, [eax+$0208] 004D2FD4 8B55F8 mov edx, [ebp-$08] 004D2FD7 8B38 mov edi, [eax] 004D2FD9 FF570C call dword ptr [edi+$0C] 004D2FDC 8B45C8 mov eax, [ebp-$38] 004D2FDF 8D55CC lea edx, [ebp-$34] * Reference to: sysutils.Trim(AnsiString):AnsiString; | 004D2FE2 E8495AF3FF call 00408A30 004D2FE7 837DCC00 cmp dword ptr [ebp-$34], +$00 004D2FEB 751D jnz 004D300A * Reference to control mem_GoPlace : TMemo | 004D2FED 8B861C050000 mov eax, [esi+$051C] 004D2FF3 8B8008020000 mov eax, [eax+$0208] 004D2FF9 8B55F8 mov edx, [ebp-$08] 004D2FFC 8B08 mov ecx, [eax] 004D2FFE FF5144 call dword ptr [ecx+$44] 004D3001 FF4DF8 dec dword ptr [ebp-$08] 004D3004 837DF8FF cmp dword ptr [ebp-$08], -$01 004D3008 75BB jnz 004D2FC5 * Reference to control mem_GoPlace : TMemo | 004D300A 8B861C050000 mov eax, [esi+$051C] 004D3010 8B8008020000 mov eax, [eax+$0208] 004D3016 8B10 mov edx, [eax] 004D3018 FF5214 call dword ptr [edx+$14] 004D301B 85C0 test eax, eax 004D301D 7507 jnz 004D3026 004D301F B301 mov bl, $01 004D3021 E9B6000000 jmp 004D30DC * Reference to control mem_GoPlace : TMemo | 004D3026 8B861C050000 mov eax, [esi+$051C] 004D302C 8B8008020000 mov eax, [eax+$0208] 004D3032 8B10 mov edx, [eax] 004D3034 FF5214 call dword ptr [edx+$14] 004D3037 8BD0 mov edx, eax 004D3039 4A dec edx 004D303A 8D4DC4 lea ecx, [ebp-$3C] * Reference to control mem_GoPlace : TMemo | 004D303D 8B861C050000 mov eax, [esi+$051C] 004D3043 8B8008020000 mov eax, [eax+$0208] 004D3049 8B38 mov edi, [eax] 004D304B FF570C call dword ptr [edi+$0C] 004D304E 8B55C4 mov edx, [ebp-$3C] * Possible String Reference to: '已完成' | 004D3051 B884394D00 mov eax, $004D3984 * Reference to: system.@LStrPos; | 004D3056 E8FD10F3FF call 00404158 004D305B 85C0 test eax, eax 004D305D 7E3B jle 004D309A * Reference to control mem_GoPlace : TMemo | 004D305F 8B861C050000 mov eax, [esi+$051C] 004D3065 8B8008020000 mov eax, [eax+$0208] 004D306B 8B10 mov edx, [eax] 004D306D FF5214 call dword ptr [edx+$14] 004D3070 8BD0 mov edx, eax 004D3072 4A dec edx 004D3073 8D4DC0 lea ecx, [ebp-$40] * Reference to control mem_GoPlace : TMemo | 004D3076 8B861C050000 mov eax, [esi+$051C] 004D307C 8B8008020000 mov eax, [eax+$0208] 004D3082 8B38 mov edi, [eax] 004D3084 FF570C call dword ptr [edi+$0C] 004D3087 8B55C0 mov edx, [ebp-$40] * Possible String Reference to: '完成了走路' | 004D308A B894394D00 mov eax, $004D3994 * Reference to: system.@LStrPos; | 004D308F E8C410F3FF call 00404158 004D3094 85C0 test eax, eax 004D3096 7F02 jnle 004D309A 004D3098 B301 mov bl, $01 * Reference to control mem_GoPlace : TMemo | 004D309A 8B861C050000 mov eax, [esi+$051C] 004D30A0 8B400C mov eax, [eax+$0C] 004D30A3 8B155C204E00 mov edx, [$004E205C] 004D30A9 3B02 cmp eax, [edx] 004D30AB 7413 jz 004D30C0 004D30AD 8B155C204E00 mov edx, [$004E205C] 004D30B3 8902 mov [edx], eax 004D30B5 A13C234E00 mov eax, dword ptr [$004E233C] 004D30BA 33D2 xor edx, edx 004D30BC 8910 mov [eax], edx 004D30BE EB1C jmp 004D30DC 004D30C0 A13C234E00 mov eax, dword ptr [$004E233C] 004D30C5 FF00 inc dword ptr [eax] 004D30C7 A13C234E00 mov eax, dword ptr [$004E233C] 004D30CC 83380C cmp dword ptr [eax], +$0C 004D30CF 7E0B jle 004D30DC 004D30D1 A13C234E00 mov eax, dword ptr [$004E233C] 004D30D6 33D2 xor edx, edx 004D30D8 8910 mov [eax], edx 004D30DA B301 mov bl, $01 004D30DC 84DB test bl, bl 004D30DE 0F8499000000 jz 004D317D 004D30E4 6A00 push $00 004D30E6 A1A4204E00 mov eax, dword ptr [$004E20A4] 004D30EB B901000000 mov ecx, $00000001 004D30F0 8B15A48F4D00 mov edx, [$004D8FA4] * Reference to: system.@DynArraySetLength; | 004D30F6 E84D25F3FF call 00405648 004D30FB 83C404 add esp, +$04 * Reference to control mem_GoPlace : TMemo | 004D30FE 8B861C050000 mov eax, [esi+$051C] 004D3104 8B8008020000 mov eax, [eax+$0208] 004D310A 8B10 mov edx, [eax] 004D310C FF5240 call dword ptr [edx+$40] 004D310F BA01000000 mov edx, $00000001 * Possible String Reference to: '跑钱便笺' | 004D3114 B8A8394D00 mov eax, $004D39A8 | 004D3119 E82AB10000 call 004DE248 004D311E 83F8FF cmp eax, ff 004D3121 7E10 jle 004D3133 004D3123 8BD0 mov edx, eax 004D3125 66B86D19 mov ax, $196D | 004D3129 E86E9D0000 call 004DCE9C 004D312E E907080000 jmp 004D393A * Possible String Reference to: '完成了本轮全部任务' |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值