|
|
|
|
|
|
|
[求助]第一次见这样的
什么也没有分析出来 应该就是数据。。。。 ctrl+a 之后前面没有任何变化。。。。 里面有一个数据是我要用了修改的,请教改怎么做? ------------------------- 是不一样了。。。。 那下什么断才合适呢。。。。 00403CA3 CA db CA 00403CA4 5B db 5B ; CHAR '[' 00403CA5 B4 db B4 00403CA6 41 db 41 ; CHAR 'A' 00403CA7 02 db 02 00403CA8 08 db 08 00403CA9 24 db 24 ; CHAR '$' 00403CAA . C8 2B6319 enter 632B, 19 爆破之后会出现错误提示就提示这个地址可以的话最好是能直接赋值 00403CAE . F4 hlt 00403CAF . 34 B9 xor al, 0B9 00403CB1 . 62BD 7FDCC941 bound edi, qword ptr [ebp+41C9DC7F] 00403CB7 . 3F aas |
|
[求助]验证爆破之后的问题
有没有高手可以求证? |
|
[求助]验证爆破之后的问题
楼上说的有道理。 但是关键看来还是je这里的问题,我仅仅是做了一个判断,原来是je则跳 但是改成jne则跳的时候却没有符值 0041E052 . /0F84 B2010000 je 0041E20A 0041E20A=0041E20A 这一句就不明白了,自身怎么会不=自身呢? 关键。。。NOP也可以 0041E052 . /0F85 B2010000 je 0041E20A 关键跳直接做成jne,于是直接跳下面 0041E058 . |8B3D A4104000 mov edi, dword ptr [<&MSVBVM60.__vba>; MSVBVM60.__vbaVarDup 这里的edi是取值取的什么 0041E05E . |8D95 64FFFFFF lea edx, dword ptr [ebp-9C] 0041E064 . |8D4D A4 lea ecx, dword ptr [ebp-5C] 0041E067 . |C785 6CFFFFFF>mov dword ptr [ebp-94], 004086AC 0041E071 . |C785 64FFFFFF>mov dword ptr [ebp-9C], 8 0041E07B . |FFD7 call edi ; <&MSVBVM60.__vbaVarDup> 0041E07D . |8D95 74FFFFFF lea edx, dword ptr [ebp-8C] 0041E083 . |8D4D B4 lea ecx, dword ptr [ebp-4C] 0041E086 . |C785 7CFFFFFF>mov dword ptr [ebp-84], 00408680 0041E090 . |C785 74FFFFFF>mov dword ptr [ebp-8C], 8 0041E09A . |FFD7 call edi 0041E09C . |8D55 84 lea edx, dword ptr [ebp-7C] 0041E09F . |8D45 94 lea eax, dword ptr [ebp-6C] 0041E0A2 . |52 push edx 0041E0A3 . |8D4D A4 lea ecx, dword ptr [ebp-5C] 0041E0A6 . |50 push eax 0041E0A7 . |51 push ecx 0041E0A8 . |8D55 B4 lea edx, dword ptr [ebp-4C] 0041E0AB . |6A 00 push 0 0041E0AD . |52 push edx 0041E0AE . |FF15 30104000 call dword ptr [<&MSVBVM60.#595>] ; MSVBVM60.rtcMsgBox 0041E0B4 . |8D45 84 lea eax, dword ptr [ebp-7C] 0041E0B7 . |8D4D 94 lea ecx, dword ptr [ebp-6C] 0041E0BA . |50 push eax 0041E0BB . |8D55 A4 lea edx, dword ptr [ebp-5C] 0041E0BE . |51 push ecx 0041E0BF . |8D45 B4 lea eax, dword ptr [ebp-4C] 0041E0C2 . |52 push edx 0041E0C3 . |50 push eax 0041E0C4 . |6A 04 push 4 0041E0C6 . |FF15 14104000 call dword ptr [<&MSVBVM60.__vbaFreeV>; MSVBVM60.__vbaFreeVarList 0041E0CC . |8B0E mov ecx, dword ptr [esi] 0041E0CE . |83C4 14 add esp, 14 0041E0D1 . |56 push esi 0041E0D2 . |FF91 98040000 call dword ptr [ecx+498] 0041E0D8 . |8D55 D4 lea edx, dword ptr [ebp-2C] 0041E0DB . |50 push eax 0041E0DC . |52 push edx 0041E0DD . |FFD3 call ebx 0041E0DF . |8BF8 mov edi, eax 0041E0E1 . |68 BC864000 push 004086BC 0041E0E6 . |57 push edi 0041E0E7 . |8B07 mov eax, dword ptr [edi] 0041E0E9 . |FF90 5C010000 call dword ptr [eax+15C] 0041E0EF . |85C0 test eax, eax 0041E0F1 . |DBE2 fclex 0041E0F3 . |7D 12 jge short 0041E107 0041E0F5 . |68 5C010000 push 15C 0041E0FA . |68 E0844000 push 004084E0 0041E0FF . |57 push edi 0041E100 . |50 push eax 0041E101 . |FF15 24104000 call dword ptr [<&MSVBVM60.__vbaHresu>; MSVBVM60.__vbaHresultCheckObj 0041E107 > |8D4D D4 lea ecx, dword ptr [ebp-2C] 0041E10A . |FF15 C0104000 call dword ptr [<&MSVBVM60.__vbaFreeO>; MSVBVM60.__vbaFreeObj 0041E110 . |8B0E mov ecx, dword ptr [esi] 0041E112 . |56 push esi 0041E113 . |FF91 94040000 call dword ptr [ecx+494] 0041E119 . |8D55 D4 lea edx, dword ptr [ebp-2C] 0041E11C . |50 push eax 0041E11D . |52 push edx 0041E11E . |FFD3 call ebx 0041E120 . |8BF8 mov edi, eax 0041E122 . |6A 00 push 0 0041E124 . |57 push edi 0041E125 . |8B07 mov eax, dword ptr [edi] 0041E127 . |FF90 8C000000 call dword ptr [eax+8C] 0041E12D . |85C0 test eax, eax 0041E12F . |DBE2 fclex 0041E131 . |7D 12 jge short 0041E145 0041E133 . |68 8C000000 push 8C 0041E138 . |68 C0864000 push 004086C0 0041E13D . |57 push edi 0041E13E . |50 push eax 0041E13F . |FF15 24104000 call dword ptr [<&MSVBVM60.__vbaHresu>; MSVBVM60.__vbaHresultCheckObj 0041E145 > |8D4D D4 lea ecx, dword ptr [ebp-2C] 0041E148 . |FF15 C0104000 call dword ptr [<&MSVBVM60.__vbaFreeO>; MSVBVM60.__vbaFreeObj 0041E14E . |8B0E mov ecx, dword ptr [esi] 0041E150 . |56 push esi 0041E151 . |FF91 98040000 call dword ptr [ecx+498] 0041E157 . |8D55 D4 lea edx, dword ptr [ebp-2C] 0041E15A . |50 push eax 0041E15B . |52 push edx 0041E15C . |FFD3 call ebx 0041E15E . |8BF8 mov edi, eax 0041E160 . |6A 00 push 0 0041E162 . |57 push edi 0041E163 . |8B07 mov eax, dword ptr [edi] 0041E165 . |FF90 8C000000 call dword ptr [eax+8C] 0041E16B . |85C0 test eax, eax 0041E16D . |DBE2 fclex 0041E16F . |7D 12 jge short 0041E183 0041E171 . |68 8C000000 push 8C 0041E176 . |68 E0844000 push 004084E0 0041E17B . |57 push edi 0041E17C . |50 push eax 0041E17D . |FF15 24104000 call dword ptr [<&MSVBVM60.__vbaHresu>; MSVBVM60.__vbaHresultCheckObj 0041E183 > |8B3D C0104000 mov edi, dword ptr [<&MSVBVM60.__vba>; MSVBVM60.__vbaFreeObj 0041E189 . |8D4D D4 lea ecx, dword ptr [ebp-2C] 0041E18C . |FFD7 call edi ; <&MSVBVM60.__vbaFreeObj> 0041E18E . |8B0E mov ecx, dword ptr [esi] 0041E190 . |56 push esi 0041E191 . |FF91 88040000 call dword ptr [ecx+488] 0041E197 . |8D55 D4 lea edx, dword ptr [ebp-2C] 0041E19A . |50 push eax 0041E19B . |52 push edx 0041E19C . |FFD3 call ebx 0041E19E . |8BF0 mov esi, eax 0041E1A0 . |68 D4864000 push 004086D4 0041E1A5 . |56 push esi 0041E1A6 . |8B06 mov eax, dword ptr [esi] 0041E1A8 . |FF50 54 call dword ptr [eax+54] 0041E1AB . |85C0 test eax, eax 0041E1AD . |DBE2 fclex 0041E1AF . |7D 0F jge short 0041E1C0 0041E1B1 . |6A 54 push 54 0041E1B3 . |68 E0864000 push 004086E0 0041E1B8 . |56 push esi 0041E1B9 . |50 push eax 0041E1BA . |FF15 24104000 call dword ptr [<&MSVBVM60.__vbaHresu>; MSVBVM60.__vbaHresultCheckObj 0041E1C0 > |8D4D D4 lea ecx, dword ptr [ebp-2C] 0041E1C3 . |FFD7 call edi 0041E1C5 . |A1 10004200 mov eax, dword ptr [420010] 0041E1CA . |85C0 test eax, eax 0041E1CC . |75 10 jnz short 0041E1DE 0041E1CE . |68 10004200 push 00420010 ; /Arg2 = 00420010 0041E1D3 . |68 148E4000 push 00408E14 ; |Arg1 = 00408E14 0041E1D8 . |FF15 88104000 call dword ptr [<&MSVBVM60.__vbaNew2>>; \__vbaNew2 0041E1DE > |8B35 10004200 mov esi, dword ptr [420010] 0041E1E4 . |68 F4864000 push 004086F4 0041E1E9 . |56 push esi 0041E1EA . |8B0E mov ecx, dword ptr [esi] 0041E1EC . |FF51 54 call dword ptr [ecx+54] 0041E1EF . |85C0 test eax, eax 0041E1F1 . |DBE2 fclex 0041E1F3 . |0F8D 85000000 jge 0041E27E 0041E1F9 . |6A 54 push 54 0041E1FB . |68 947E4000 push 00407E94 0041E200 . |56 push esi 0041E201 . |50 push eax 0041E202 . |FF15 24104000 call dword ptr [<&MSVBVM60.__vbaHresu>; MSVBVM60.__vbaHresultCheckObj 0041E208 . |EB 74 jmp short 0041E27E 0041E20A > \8B35 A4104000 mov esi, dword ptr [<&MSVBVM60.__vba>; MSVBVM60.__vbaVarDup 直接跳到这里 这里的esi呢? 0041E210 . BF 08000000 mov edi, 8 0041E215 . 8D95 64FFFFFF lea edx, dword ptr [ebp-9C] 0041E21B . 8D4D A4 lea ecx, dword ptr [ebp-5C] 0041E21E . C785 6CFFFFFF>mov dword ptr [ebp-94], 00408760 0041E228 . 89BD 64FFFFFF mov dword ptr [ebp-9C], edi 0041E22E . FFD6 call esi ; <&MSVBVM60.__vbaVarDup> 这里的2个好象是关键call 0041E230 . 8D95 74FFFFFF lea edx, dword ptr [ebp-8C] 0041E236 . 8D4D B4 lea ecx, dword ptr [ebp-4C] 0041E239 . C785 7CFFFFFF>mov dword ptr [ebp-84], 0040873C 0041E243 . 89BD 74FFFFFF mov dword ptr [ebp-8C], edi 0041E249 . FFD6 call esi 还有这个 0041E24B . 8D55 84 lea edx, dword ptr [ebp-7C] 0041E24E . 8D45 94 lea eax, dword ptr [ebp-6C] 0041E251 . 52 push edx 0041E252 . 8D4D A4 lea ecx, dword ptr [ebp-5C] 0041E255 . 50 push eax 0041E256 . 51 push ecx 0041E257 . 8D55 B4 lea edx, dword ptr [ebp-4C] 0041E25A . 6A 00 push 0 0041E25C . 52 push edx |
|
[求助]菜鸟学破解之破文+求教问题集。
考虑在选择的时候还出现提示框,继续下bp rtcMsgBox 断到了这里: 660DC5F3 >/$ 55 push ebp 660DC5F4 |. 8BEC mov ebp, esp 660DC5F6 |. 83EC 4C sub esp, 4C 660DC5F9 |. 8B4D 14 mov ecx, dword ptr [ebp+14] 660DC5FC |. 53 push ebx 660DC5FD |. 56 push esi 660DC5FE |. 57 push edi 660DC5FF |. 66:8339 0A cmp word ptr [ecx], 0A 660DC603 |. B8 04000280 mov eax, 80020004 660DC608 |. 0F85 FC000000 jnz 660DC70A 660DC60E |. 3941 08 cmp dword ptr [ecx+8], eax 660DC611 |. 0F85 F3000000 jnz 660DC70A 660DC617 |. 834D FC FF or dword ptr [ebp-4], FFFFFFFF 660DC61B |. 33F6 xor esi, esi 660DC61D |> 8B4D 18 mov ecx, dword ptr [ebp+18] 660DC620 |. 66:8339 0A cmp word ptr [ecx], 0A 660DC624 |. 0F85 EA000000 jnz 660DC714 660DC62A |. 3941 08 cmp dword ptr [ecx+8], eax 660DC62D |. 0F85 E1000000 jnz 660DC714 660DC633 |. 834D F8 FF or dword ptr [ebp-8], FFFFFFFF 660DC637 |> 8B7D 10 mov edi, dword ptr [ebp+10] 660DC63A |. 66:833F 0A cmp word ptr [edi], 0A 660DC63E |. 0F85 D8000000 jnz 660DC71C 660DC644 |. 3947 08 cmp dword ptr [edi+8], eax 660DC647 |. 0F85 CF000000 jnz 660DC71C 660DC64D |. 834D F4 FF or dword ptr [ebp-C], FFFFFFFF 660DC651 |> FF75 08 push dword ptr [ebp+8] 660DC654 |. 8D45 D4 lea eax, dword ptr [ebp-2C] 660DC657 |. 8975 F0 mov dword ptr [ebp-10], esi 660DC65A |. 50 push eax 660DC65B |. E8 A5040000 call 660DCB05 660DC660 |. 8BD8 mov ebx, eax 660DC662 |. 8B45 DC mov eax, dword ptr [ebp-24] 660DC665 |. 8945 E8 mov dword ptr [ebp-18], eax 660DC668 |. 8B45 0C mov eax, dword ptr [ebp+C] 660DC66B |. 83E0 0F and eax, 0F 660DC66E |. 895D E4 mov dword ptr [ebp-1C], ebx 660DC671 |. 3C 05 cmp al, 5 660DC673 |. 7F 1C jg short 660DC691 660DC675 |. 8B45 0C mov eax, dword ptr [ebp+C] 660DC678 |. 25 F0000000 and eax, 0F0 660DC67D |. 83F8 40 cmp eax, 40 660DC680 |. 7F 0F jg short 660DC691 660DC682 |. 8B45 0C mov eax, dword ptr [ebp+C] 660DC685 |. 25 000F0000 and eax, 0F00 660DC68A |. 3D 00030000 cmp eax, 300 660DC68F |. 7E 03 jle short 660DC694 660DC691 |> 8975 0C mov dword ptr [ebp+C], esi 660DC694 |> 66:3975 F4 cmp word ptr [ebp-C], si 660DC698 |. 8B35 E8190066 mov esi, dword ptr [<&OLEAUT32.#6>] ; OLEAUT32.SysFreeString 660DC69E |. 0F84 80000000 je 660DC724 660DC6A4 |. 8365 10 00 and dword ptr [ebp+10], 0 660DC6A8 |. 8365 08 00 and dword ptr [ebp+8], 0 660DC6AC |> 33C0 xor eax, eax 660DC6AE |. 66:3945 FC cmp word ptr [ebp-4], ax 660DC6B2 |. 0F84 A7000000 je 660DC75F 660DC6B8 |. 66:3945 F8 cmp word ptr [ebp-8], ax 660DC6BC |. 0F84 97000000 je 660DC759 660DC6C2 |. 8945 EC mov dword ptr [ebp-14], eax 660DC6C5 |. 33FF xor edi, edi 660DC6C7 |> 8B55 E8 mov edx, dword ptr [ebp-18] 660DC6CA |. 85D2 test edx, edx 660DC6CC |. 75 03 jnz short 660DC6D1 660DC6CE |. 8D55 F0 lea edx, dword ptr [ebp-10] 660DC6D1 |> 8B4D 08 mov ecx, dword ptr [ebp+8] 660DC6D4 |. 85C9 test ecx, ecx 660DC6D6 |. 75 09 jnz short 660DC6E1 660DC6D8 |. 66:394D F4 cmp word ptr [ebp-C], cx 660DC6DC |. 75 03 jnz short 660DC6E1 660DC6DE |. 8D4D F0 lea ecx, dword ptr [ebp-10] 660DC6E1 |> 6A 01 push 1 ; /Arg6 = 00000001 660DC6E3 |. 50 push eax ; |Arg5 660DC6E4 |. 57 push edi ; |Arg4 660DC6E5 |. FF75 0C push dword ptr [ebp+C] ; |Arg3 660DC6E8 |. 51 push ecx ; |Arg2 660DC6E9 |. 52 push edx ; |Arg1 660DC6EA |. E8 FC72F8FF call 660639EB ; \MSVBVM60.660639EB 660DC6EF |. FF75 E4 push dword ptr [ebp-1C] 660DC6F2 |. 8BF8 mov edi, eax 660DC6F4 |. FFD6 call esi 660DC6F6 |. FF75 10 push dword ptr [ebp+10] 660DC6F9 |. FFD6 call esi 660DC6FB |. FF75 EC push dword ptr [ebp-14] 660DC6FE |. FFD6 call esi 660DC700 |. 0FBFC7 movsx eax, di 660DC703 |. 5F pop edi 660DC704 |. 5E pop esi 660DC705 |. 5B pop ebx 660DC706 |. C9 leave 660DC707 |. C2 1400 retn 14 660DC70A |> 33F6 xor esi, esi 660DC70C |. 8975 FC mov dword ptr [ebp-4], esi 660DC70F |.^ E9 09FFFFFF jmp 660DC61D 660DC714 |> 8975 F8 mov dword ptr [ebp-8], esi 660DC717 |.^ E9 1BFFFFFF jmp 660DC637 660DC71C |> 8975 F4 mov dword ptr [ebp-C], esi 660DC71F |.^ E9 2DFFFFFF jmp 660DC651 660DC724 |> 8D45 B4 lea eax, dword ptr [ebp-4C] 660DC727 |. 66:8365 D4 00 and word ptr [ebp-2C], 0 660DC72C |. 50 push eax ; /Arg4 660DC72D |. 8D45 10 lea eax, dword ptr [ebp+10] ; | 660DC730 |. 50 push eax ; |Arg3 660DC731 |. 8D45 D4 lea eax, dword ptr [ebp-2C] ; | 660DC734 |. 57 push edi ; |Arg2 660DC735 |. 50 push eax ; |Arg1 660DC736 |. E8 00040000 call 660DCB3B ; \MSVBVM60.660DCB3B 660DC73B |. 8BF8 mov edi, eax 660DC73D |. 85FF test edi, edi 660DC73F |. 7D 0D jge short 660DC74E 660DC741 |. 53 push ebx 660DC742 |. FFD6 call esi 660DC744 |. 8D45 B4 lea eax, dword ptr [ebp-4C] 660DC747 |. 50 push eax ; /Arg2 660DC748 |. 57 push edi ; |Arg1 660DC749 |. E8 FBC7FFFF call 660D8F49 ; \MSVBVM60.660D8F49 660DC74E |> 8B45 DC mov eax, dword ptr [ebp-24] 660DC751 |. 8945 08 mov dword ptr [ebp+8], eax 660DC754 |.^ E9 53FFFFFF jmp 660DC6AC 660DC759 |> 66:3945 FC cmp word ptr [ebp-4], ax 660DC75D |. 75 54 jnz short 660DC7B3 660DC75F |> 66:3945 F8 cmp word ptr [ebp-8], ax 660DC763 |. 75 4E jnz short 660DC7B3 660DC765 |. 66:8945 D4 mov word ptr [ebp-2C], ax 660DC769 |. 8D45 B4 lea eax, dword ptr [ebp-4C] 660DC76C |. 50 push eax ; /Arg4 660DC76D |. 8D45 EC lea eax, dword ptr [ebp-14] ; | 660DC770 |. 50 push eax ; |Arg3 660DC771 |. 8D45 D4 lea eax, dword ptr [ebp-2C] ; | 660DC774 |. FF75 14 push dword ptr [ebp+14] ; |Arg2 660DC777 |. 50 push eax ; |Arg1 660DC778 |. E8 BE030000 call 660DCB3B ; \MSVBVM60.660DCB3B 660DC77D |. 8BF8 mov edi, eax 660DC77F |. 85FF test edi, edi 660DC781 |. 7D 12 jge short 660DC795 660DC783 |. 53 push ebx 660DC784 |. FFD6 call esi 660DC786 |. FF75 10 push dword ptr [ebp+10] 660DC789 |. FFD6 call esi 660DC78B |. 8D45 B4 lea eax, dword ptr [ebp-4C] 660DC78E |. 50 push eax ; /Arg2 660DC78F |. 57 push edi ; |Arg1 660DC790 |. E8 B4C7FFFF call 660D8F49 ; \MSVBVM60.660D8F49 660DC795 |> 8B7D DC mov edi, dword ptr [ebp-24] 660DC798 |. 66:8365 D4 00 and word ptr [ebp-2C], 0 660DC79D |. 6A 03 push 3 ; /Arg3 = 00000003 660DC79F |. 8D45 D4 lea eax, dword ptr [ebp-2C] ; | 660DC7A2 |. FF75 18 push dword ptr [ebp+18] ; |Arg2 660DC7A5 |. 50 push eax ; |Arg1 660DC7A6 |. E8 FC410000 call 660E09A7 ; \MSVBVM60.660E09A7 660DC7AB |. 8B45 DC mov eax, dword ptr [ebp-24] 660DC7AE |.^ E9 14FFFFFF jmp 660DC6C7 660DC7B3 |> 53 push ebx 660DC7B4 |. FFD6 call esi 660DC7B6 |. FF75 10 push dword ptr [ebp+10] 660DC7B9 |. FFD6 call esi 660DC7BB |. 6A 05 push 5 660DC7BD |. E8 F115FFFF call 660CDDB3 660DC7C2 >|$ 55 push ebp 660DC7C3 |. 8BEC mov ebp, esp 660DC7C5 |. 83EC 54 sub esp, 54 660DC7C8 |. 8B45 1C mov eax, dword ptr [ebp+1C] 660DC7CB |. 53 push ebx 660DC7CC |. 56 push esi 660DC7CD |. 57 push edi 660DC7CE |. 66:8338 0A cmp word ptr [eax], 0A 660DC7D2 |. BF 04000280 mov edi, 80020004 660DC7D7 |. 0F85 5F010000 jnz 660DC93C 660DC7DD |. 3978 08 cmp dword ptr [eax+8], edi 660DC7E0 |. 0F85 56010000 jnz 660DC93C 660DC7E6 |. 834D F8 FF or dword ptr [ebp-8], FFFFFFFF 660DC7EA |. 33F6 xor esi, esi 660DC7EC |> 8B45 20 mov eax, dword ptr [ebp+20] 660DC7EF |. 66:8338 0A cmp word ptr [eax], 0A 660DC7F3 |. 0F85 4D010000 jnz 660DC946 660DC7F9 |. 3978 08 cmp dword ptr [eax+8], edi 660DC7FC |. 0F85 44010000 jnz 660DC946 660DC802 |. 834D F4 FF or dword ptr [ebp-C], FFFFFFFF 660DC806 |> 8B5D 0C mov ebx, dword ptr [ebp+C] 660DC809 |. 66:833B 0A cmp word ptr [ebx], 0A 660DC80D |. 0F85 3B010000 jnz 660DC94E 660DC813 |. 397B 08 cmp dword ptr [ebx+8], edi 660DC816 |. 0F85 32010000 jnz 660DC94E 660DC81C |. 834D F0 FF or dword ptr [ebp-10], FFFFFFFF 660DC820 |> FF75 08 push dword ptr [ebp+8] 660DC823 |. 8D45 CC lea eax, dword ptr [ebp-34] 660DC826 |. 8975 E8 mov dword ptr [ebp-18], esi 660DC829 |. 50 push eax 660DC82A |. E8 D6020000 call 660DCB05 660DC82F |. 66:3975 F0 cmp word ptr [ebp-10], si 660DC833 |. 8B35 E8190066 mov esi, dword ptr [<&OLEAUT32.#6>] ; OLEAUT32.SysFreeString 660DC839 |. 8945 0C mov dword ptr [ebp+C], eax 660DC83C |. 8B45 D4 mov eax, dword ptr [ebp-2C] 660DC83F |. 8945 DC mov dword ptr [ebp-24], eax 660DC842 |. 0F84 0E010000 je 660DC956 660DC848 |. 8365 08 00 and dword ptr [ebp+8], 0 660DC84C |. 8365 E0 00 and dword ptr [ebp-20], 0 660DC850 |> 8B45 10 mov eax, dword ptr [ebp+10] 660DC853 |. 66:8338 0A cmp word ptr [eax], 0A 660DC857 |. 0F85 2B010000 jnz 660DC988 660DC85D |. 3978 08 cmp dword ptr [eax+8], edi 660DC860 |. 0F85 22010000 jnz 660DC988 660DC866 |. 83C9 FF or ecx, FFFFFFFF 660DC869 |> 66:85C9 test cx, cx 660DC86C |. 0F84 1D010000 je 660DC98F 660DC872 |. 8365 FC 00 and dword ptr [ebp-4], 0 660DC876 |. 8365 EC 00 and dword ptr [ebp-14], 0 660DC87A |> 8B45 14 mov eax, dword ptr [ebp+14] 660DC87D |. 66:8365 CC 00 and word ptr [ebp-34], 0 660DC882 |. 66:8338 0A cmp word ptr [eax], 0A 660DC886 |. 0F85 3A010000 jnz 660DC9C6 660DC88C |. 3978 08 cmp dword ptr [eax+8], edi 660DC88F |. 0F85 31010000 jnz 660DC9C6 660DC895 |. 83C9 FF or ecx, FFFFFFFF 660DC898 |> 66:85C9 test cx, cx 660DC89B |. 0F84 2C010000 je 660DC9CD 660DC8A1 |. BB 00000080 mov ebx, 80000000 660DC8A6 |. 895D 14 mov dword ptr [ebp+14], ebx 660DC8A9 |> 8B45 18 mov eax, dword ptr [ebp+18] 660DC8AC |. 66:8338 0A cmp word ptr [eax], 0A 660DC8B0 |. 0F85 63010000 jnz 660DCA19 660DC8B6 |. 3978 08 cmp dword ptr [eax+8], edi 660DC8B9 |. 0F85 5A010000 jnz 660DCA19 660DC8BF |. 83C9 FF or ecx, FFFFFFFF 660DC8C2 |> 66:85C9 test cx, cx 660DC8C5 |. 0F84 55010000 je 660DCA20 660DC8CB |. 895D 10 mov dword ptr [ebp+10], ebx 660DC8CE |> 33FF xor edi, edi 660DC8D0 |. 66:397D F8 cmp word ptr [ebp-8], di 660DC8D4 |. 0F84 96010000 je 660DCA70 660DC8DA |. 66:397D F4 cmp word ptr [ebp-C], di 660DC8DE |. 0F84 82010000 je 660DCA66 660DC8E4 |. 897D E4 mov dword ptr [ebp-1C], edi 660DC8E7 |. 33DB xor ebx, ebx 660DC8E9 |> 8B55 DC mov edx, dword ptr [ebp-24] 660DC8EC |. 85D2 test edx, edx 660DC8EE |. 75 03 jnz short 660DC8F3 660DC8F0 |. 8D55 E8 lea edx, dword ptr [ebp-18] 660DC8F3 |> 8B4D E0 mov ecx, dword ptr [ebp-20] 660DC8F6 |. 85C9 test ecx, ecx 660DC8F8 |. 75 09 jnz short 660DC903 660DC8FA |. 66:394D F0 cmp word ptr [ebp-10], cx 660DC8FE |. 75 03 jnz short 660DC903 660DC900 |. 8D4D E8 lea ecx, dword ptr [ebp-18] 660DC903 |> 8B45 EC mov eax, dword ptr [ebp-14] 660DC906 |. 85C0 test eax, eax 660DC908 |. 75 03 jnz short 660DC90D 660DC90A |. 8D45 E8 lea eax, dword ptr [ebp-18] 660DC90D |> 57 push edi ; /Arg7 660DC90E |. 53 push ebx ; |Arg6 660DC90F |. FF75 10 push dword ptr [ebp+10] ; |Arg5 660DC912 |. FF75 14 push dword ptr [ebp+14] ; |Arg4 660DC915 |. 50 push eax ; |Arg3 660DC916 |. 51 push ecx ; |Arg2 660DC917 |. 52 push edx ; |Arg1 660DC918 |. E8 176EF8FF call 66063734 ; \MSVBVM60.66063734 660DC91D |. FF75 0C push dword ptr [ebp+C] 660DC920 |. 8BF8 mov edi, eax 660DC922 |. FFD6 call esi 660DC924 |. FF75 08 push dword ptr [ebp+8] 660DC927 |. FFD6 call esi 660DC929 |. FF75 FC push dword ptr [ebp-4] 660DC92C |. FFD6 call esi 660DC92E |. FF75 E4 push dword ptr [ebp-1C] 660DC931 |. FFD6 call esi 660DC933 |. 8BC7 mov eax, edi 660DC935 |. 5F pop edi 660DC936 |. 5E pop esi 660DC937 |. 5B pop ebx 660DC938 |. C9 leave 660DC939 |. C2 1C00 retn 1C 660DC93C |> 33F6 xor esi, esi 660DC93E |. 8975 F8 mov dword ptr [ebp-8], esi 660DC941 |.^ E9 A6FEFFFF jmp 660DC7EC 660DC946 |> 8975 F4 mov dword ptr [ebp-C], esi 660DC949 |.^ E9 B8FEFFFF jmp 660DC806 660DC94E |> 8975 F0 mov dword ptr [ebp-10], esi 660DC951 |.^ E9 CAFEFFFF jmp 660DC820 660DC956 |> 8D45 AC lea eax, dword ptr [ebp-54] 660DC959 |. 50 push eax ; /Arg4 660DC95A |. 8D45 08 lea eax, dword ptr [ebp+8] ; | 660DC95D |. 50 push eax ; |Arg3 660DC95E |. 8D45 CC lea eax, dword ptr [ebp-34] ; | 660DC961 |. 53 push ebx ; |Arg2 660DC962 |. 50 push eax ; |Arg1 660DC963 |. E8 D3010000 call 660DCB3B ; \MSVBVM60.660DCB3B 660DC968 |. 8BD8 mov ebx, eax 660DC96A |. 85DB test ebx, ebx 660DC96C |. 7D 0F jge short 660DC97D 660DC96E |. FF75 0C push dword ptr [ebp+C] 660DC971 |. FFD6 call esi 660DC973 |. 8D45 AC lea eax, dword ptr [ebp-54] 660DC976 |. 50 push eax ; /Arg2 660DC977 |. 53 push ebx ; |Arg1 660DC978 |. E8 CCC5FFFF call 660D8F49 ; \MSVBVM60.660D8F49 660DC97D |> 8B45 D4 mov eax, dword ptr [ebp-2C] 660DC980 |. 8945 E0 mov dword ptr [ebp-20], eax 660DC983 |.^ E9 C8FEFFFF jmp 660DC850 660DC988 |> 33C9 xor ecx, ecx 660DC98A |.^ E9 DAFEFFFF jmp 660DC869 660DC98F |> 8D4D AC lea ecx, dword ptr [ebp-54] 660DC992 |. 51 push ecx ; /Arg4 660DC993 |. 8D4D FC lea ecx, dword ptr [ebp-4] ; | 660DC996 |. 51 push ecx ; |Arg3 660DC997 |. 50 push eax ; |Arg2 660DC998 |. 8D45 CC lea eax, dword ptr [ebp-34] ; | 660DC99B |. 50 push eax ; |Arg1 660DC99C |. E8 9A010000 call 660DCB3B ; \MSVBVM60.660DCB3B 660DC9A1 |. 8BD8 mov ebx, eax 660DC9A3 |. 85DB test ebx, ebx 660DC9A5 |. 7D 14 jge short 660DC9BB 660DC9A7 |. FF75 0C push dword ptr [ebp+C] 660DC9AA |. FFD6 call esi 660DC9AC |. FF75 08 push dword ptr [ebp+8] 660DC9AF |. FFD6 call esi 660DC9B1 |. 8D45 AC lea eax, dword ptr [ebp-54] 660DC9B4 |. 50 push eax ; /Arg2 660DC9B5 |. 53 push ebx ; |Arg1 660DC9B6 |. E8 8EC5FFFF call 660D8F49 ; \MSVBVM60.660D8F49 660DC9BB |> 8B45 D4 mov eax, dword ptr [ebp-2C] 660DC9BE |. 8945 EC mov dword ptr [ebp-14], eax 660DC9C1 |.^ E9 B4FEFFFF jmp 660DC87A 660DC9C6 |> 33C9 xor ecx, ecx 660DC9C8 |.^ E9 CBFEFFFF jmp 660DC898 660DC9CD |> 8D4D AC lea ecx, dword ptr [ebp-54] 660DC9D0 |. 51 push ecx 660DC9D1 |. 6A 02 push 2 660DC9D3 |. 50 push eax 660DC9D4 |. 8D45 CC lea eax, dword ptr [ebp-34] 660DC9D7 |. 50 push eax 660DC9D8 |. E8 B23F0000 call 660E098F 660DC9DD |. 8BF8 mov edi, eax 660DC9DF |. 85FF test edi, edi 660DC9E1 |. 7D 19 jge short 660DC9FC 660DC9E3 |. FF75 0C push dword ptr [ebp+C] 660DC9E6 |. FFD6 call esi 660DC9E8 |. FF75 08 push dword ptr [ebp+8] 660DC9EB |. FFD6 call esi 660DC9ED |. FF75 FC push dword ptr [ebp-4] 660DC9F0 |. FFD6 call esi 660DC9F2 |. 8D45 AC lea eax, dword ptr [ebp-54] 660DC9F5 |. 50 push eax ; /Arg2 660DC9F6 |. 57 push edi ; |Arg1 660DC9F7 |. E8 4DC5FFFF call 660D8F49 ; \MSVBVM60.660D8F49 660DC9FC |> 0FBF45 D4 movsx eax, word ptr [ebp-2C] 660DCA00 |. BB 00000080 mov ebx, 80000000 660DCA05 |. 8945 14 mov dword ptr [ebp+14], eax 660DCA08 |. 3BC3 cmp eax, ebx 660DCA0A |. 75 03 jnz short 660DCA0F 660DCA0C |. FF45 14 inc dword ptr [ebp+14] 660DCA0F |> BF 04000280 mov edi, 80020004 660DCA14 |.^ E9 90FEFFFF jmp 660DC8A9 660DCA19 |> 33C9 xor ecx, ecx 660DCA1B |.^ E9 A2FEFFFF jmp 660DC8C2 660DCA20 |> 8D4D AC lea ecx, dword ptr [ebp-54] 660DCA23 |. 51 push ecx 660DCA24 |. 6A 02 push 2 660DCA26 |. 50 push eax 660DCA27 |. 8D45 CC lea eax, dword ptr [ebp-34] 660DCA2A |. 50 push eax 660DCA2B |. E8 5F3F0000 call 660E098F 660DCA30 |. 8BF8 mov edi, eax 660DCA32 |. 85FF test edi, edi 660DCA34 |. 7D 19 jge short 660DCA4F 660DCA36 |. FF75 0C push dword ptr [ebp+C] 660DCA39 |. FFD6 call esi 660DCA3B |. FF75 08 push dword ptr [ebp+8] 660DCA3E |. FFD6 call esi 660DCA40 |. FF75 FC push dword ptr [ebp-4] 660DCA43 |. FFD6 call esi 660DCA45 |. 8D45 AC lea eax, dword ptr [ebp-54] 660DCA48 |. 50 push eax ; /Arg2 660DCA49 |. 57 push edi ; |Arg1 660DCA4A |. E8 FAC4FFFF call 660D8F49 ; \MSVBVM60.660D8F49 660DCA4F |> 0FBF45 D4 movsx eax, word ptr [ebp-2C] 660DCA53 |. 3BC3 cmp eax, ebx 660DCA55 |. 8945 10 mov dword ptr [ebp+10], eax 660DCA58 |.^ 0F85 70FEFFFF jnz 660DC8CE 660DCA5E |. FF45 10 inc dword ptr [ebp+10] 660DCA61 |.^ E9 68FEFFFF jmp 660DC8CE 660DCA66 |> 66:397D F8 cmp word ptr [ebp-8], di 660DCA6A |. 0F85 7F000000 jnz 660DCAEF 660DCA70 |> 66:397D F4 cmp word ptr [ebp-C], di 660DCA74 |. 75 79 jnz short 660DCAEF 660DCA76 |. 8D45 AC lea eax, dword ptr [ebp-54] 660DCA79 |. 50 push eax ; /Arg4 660DCA7A |. 8D45 E4 lea eax, dword ptr [ebp-1C] ; | 660DCA7D |. 50 push eax ; |Arg3 660DCA7E |. 8D45 CC lea eax, dword ptr [ebp-34] ; | 660DCA81 |. FF75 1C push dword ptr [ebp+1C] ; |Arg2 660DCA84 |. 50 push eax ; |Arg1 660DCA85 |. E8 B1000000 call 660DCB3B ; \MSVBVM60.660DCB3B 660DCA8A |. 8BF8 mov edi, eax 660DCA8C |. 85FF test edi, edi 660DCA8E |. 7D 19 jge short 660DCAA9 660DCA90 |. FF75 0C push dword ptr [ebp+C] 660DCA93 |. FFD6 call esi 660DCA95 |. FF75 08 push dword ptr [ebp+8] 660DCA98 |. FFD6 call esi 660DCA9A |. FF75 FC push dword ptr [ebp-4] 660DCA9D |. FFD6 call esi 660DCA9F |. 8D45 AC lea eax, dword ptr [ebp-54] 660DCAA2 |. 50 push eax ; /Arg2 660DCAA3 |. 57 push edi ; |Arg1 660DCAA4 |. E8 A0C4FFFF call 660D8F49 ; \MSVBVM60.660D8F49 660DCAA9 |> 8D45 AC lea eax, dword ptr [ebp-54] 660DCAAC |. 8B5D D4 mov ebx, dword ptr [ebp-2C] 660DCAAF |. 66:8365 CC 00 and word ptr [ebp-34], 0 660DCAB4 |. 50 push eax 660DCAB5 |. 6A 03 push 3 660DCAB7 |. 8D45 CC lea eax, dword ptr [ebp-34] 660DCABA |. FF75 20 push dword ptr [ebp+20] 660DCABD |. 50 push eax 660DCABE |. E8 CC3E0000 call 660E098F 660DCAC3 |. 8BF8 mov edi, eax 660DCAC5 |. 85FF test edi, edi 660DCAC7 |. 7D 1E jge short 660DCAE7 660DCAC9 |. FF75 0C push dword ptr [ebp+C] 660DCACC |. FFD6 call esi 660DCACE |. FF75 08 push dword ptr [ebp+8] 660DCAD1 |. FFD6 call esi 660DCAD3 |. FF75 FC push dword ptr [ebp-4] 660DCAD6 |. FFD6 call esi 660DCAD8 |. FF75 E4 push dword ptr [ebp-1C] 660DCADB |. FFD6 call esi 660DCADD |. 8D45 AC lea eax, dword ptr [ebp-54] 660DCAE0 |. 50 push eax ; /Arg2 660DCAE1 |. 57 push edi ; |Arg1 660DCAE2 |. E8 62C4FFFF call 660D8F49 ; \MSVBVM60.660D8F49 660DCAE7 |> 8B7D D4 mov edi, dword ptr [ebp-2C] 660DCAEA |.^ E9 FAFDFFFF jmp 660DC8E9 660DCAEF |> FF75 0C push dword ptr [ebp+C] 660DCAF2 |. FFD6 call esi 660DCAF4 |. FF75 08 push dword ptr [ebp+8] 660DCAF7 |. FFD6 call esi 660DCAF9 |. FF75 FC push dword ptr [ebp-4] 660DCAFC |. FFD6 call esi 660DCAFE |. 6A 05 push 5 660DCB00 |. E8 AE12FFFF call 660CDDB3 660DCB05 |$ 55 push ebp 660DCB06 |. 8BEC mov ebp, esp 660DCB08 |. 83EC 20 sub esp, 20 660DCB0B |. 57 push edi 660DCB0C |. 6A 08 push 8 660DCB0E |. 59 pop ecx 660DCB0F |. 33C0 xor eax, eax 660DCB11 |. 8D7D E0 lea edi, dword ptr [ebp-20] 660DCB14 |. F3:AB rep stos dword ptr es:[edi] 660DCB16 |. 8D45 E0 lea eax, dword ptr [ebp-20] 660DCB19 |. 50 push eax ; /Arg2 660DCB1A |. 8D45 E0 lea eax, dword ptr [ebp-20] ; | 660DCB1D |. 50 push eax ; |/Arg4 660DCB1E |. 8D45 0C lea eax, dword ptr [ebp+C] ; || 660DCB21 |. 50 push eax ; ||Arg3 660DCB22 |. FF75 0C push dword ptr [ebp+C] ; ||Arg2 660DCB25 |. FF75 08 push dword ptr [ebp+8] ; ||Arg1 660DCB28 |. E8 0E000000 call 660DCB3B ; |\MSVBVM60.660DCB3B 660DCB2D |. 50 push eax ; |Arg1 660DCB2E |. E8 16C4FFFF call 660D8F49 ; \MSVBVM60.660D8F49 660DCB33 |. 8B45 0C mov eax, dword ptr [ebp+C] 660DCB36 |. 5F pop edi 660DCB37 |. C9 leave 660DCB38 \. C2 0800 retn 8 这里是一个判断和写入的过程,要想解决上面的问题只有在这里看了 但是不怎么明白。。。。 |
|
|
|
[求助]关于网络验证!
因该是这样写没人看懂吧。! |
|
[求助]菜鸟学破解之破文+求教问题集。
请教。。。 出现错误了: --------------------------- play提示 --------------------------- 0X00403CAA指令引用0X011227内存,该内存不能为;READ --------------------------- 确定 --------------------------- 这里改怎么做。说明该破解上面的做法有待考证!!! |
|
|
|
[推荐]Asprotect 2.3 Ske Inline Patching Tutorial By Thunderpwr
正在学习, ................................... 中. |
|
Asprotect 2.XX SKE IAT Fixer v1.02.
是因为你们用的是ollyscript运行脚本的版本是0.97不支持. 请用ODbgscript运行.
我也遇到,不过peid虽然检测是1.2x-1.3x的,但是用插件检测就是 Version: ASProtect 2.3 SKE build 06.26 Beta [Extract] V楼主大大的脚本好象不支持,希望楼主大大赶紧更新脚本啊,这年头能救活一大家子呢. |
|
[求助]程序用OD载入时出现如下情况是什么原因?
求助无人管,自己顶一西啊 |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值