|
[讨论]如何在反汇编代码中识别C++类及其虚函数表?
不大清楚,刚才逆向了VC的Dialog看看,如果要找窗口的CDialog类的话,只要在IDA的字符串中搜索 "CDialog",然后取两次引用,就会看到这样的表 .rdata:100356F0 CDlgBasic dd offset ClassName ; DATA XREF: sub_10001700+2Do .rdata:100356F4 dd offset sub_10001750 .rdata:100356F8 dd offset nullsub_11 .rdata:100356FC dd offset sub_1002C945 .rdata:10035700 dd offset sub_1002DED0 .rdata:10035704 dd offset sub_1002C5C4 .rdata:10035708 dd offset sub_1002ECC4 .rdata:1003570C dd offset sub_1002C5CA .rdata:10035710 dd offset sub_1002C5CA .rdata:10035714 dd offset sub_1002C5CD .rdata:10035718 dd offset sub_10001800 .rdata:1003571C dd offset sub_1002C653 .rdata:10035720 dd offset sub_1002C605 .rdata:10035724 dd offset sub_1002C64D .rdata:10035728 dd offset sub_1002C611 .rdata:1003572C dd offset sub_1002C60B .rdata:10035730 dd offset sub_1002C649 .rdata:10035734 dd offset sub_1002ECC4 .rdata:10035738 dd offset sub_1002ECC4 .rdata:1003573C dd offset sub_1002ECC4 .rdata:10035740 dd offset nullsub_4 .rdata:10035744 dd offset sub_1002DCD7 .rdata:10035748 dd offset sub_1002DEE1 .rdata:1003574C dd offset sub_1002DCB7 .rdata:10035750 dd offset sub_1002ECC9 .rdata:10035754 dd offset sub_1002DFEF .rdata:10035758 dd offset sub_1002ECC4 .rdata:1003575C dd offset sub_1002E2D4 .rdata:10035760 dd offset sub_1002F81B .rdata:10035764 dd offset sub_1002F822 .rdata:10035768 dd offset sub_1002E9DC .rdata:1003576C dd offset sub_1002EA68 .rdata:10035770 dd offset sub_1002DF75 .rdata:10035774 dd offset sub_100017A0 .rdata:10035778 dd offset sub_100016E0 .rdata:1003577C dd offset sub_100016F0 .rdata:10035780 dd offset sub_1002C8AC .rdata:10035784 dd offset sub_1002FC26 .rdata:10035788 dd offset sub_1002E3FC .rdata:1003578C dd offset sub_1002E440 .rdata:10035790 dd offset sub_1002DF2E .rdata:10035794 dd offset nullsub_4 .rdata:10035798 dd offset sub_1002EE07 .rdata:1003579C dd offset sub_1002D0BB .rdata:100357A0 dd offset sub_1002C5CA .rdata:100357A4 dd offset sub_1002CCEE .rdata:100357A8 dd offset sub_1002CDB0 .rdata:100357AC dd offset OnInitDialog .rdata:100357B0 dd offset nullsub_12 .rdata:100357B4 dd offset sub_1002D09A .rdata:100357B8 dd offset sub_1002D0B3 ClassName 就是指向CDialog的类名,下边大多数是CDialog类继承来的成员,自己写的成员函数一般在该表的最下边 |
|
我想找游戏中的HP地址并且这地址在每台机器上都能显示出HP来
回朔,追出程序是如何定位在此动态地址上的 |
|
[VC]Advanced Installer 3.81 注册文件算法分析
顶的说,提小冷也顶下 |
|
[原创]由字符串参考想到的。。。
二哥的脱文中也提到过此方法,对小程序还可以,对大点的程序,说不定会搞死OD |
|
|
|
[VC]pdfFactory Pro 2.51 注册算法分析
支持 forever |
|
逆向初步,增加XP记事本功能,使用背景色,文字颜色,下划线,删除线
把那顶置的功能一起弄一下吧,我想用 |
|
[求助]关于OllyDbg数据窗口的搜索问题
Alt+M 搜吧 |
|
解决ollydbg调试程序cpu应用率高达100%的问题
不得不顶,正在愁这个问题了 |
|
------来来来,试试这个------
XP SP1下运行不了 |
|
|
|
[讨论]请问该如何调试dll
直接去分析加载该DLL的执行程序啊,看执行程序是如何调用的 |
|
[VC][简单]CDSpace V5.1.0 注册算法分析
好久不见 ForEver 了 |
|
[VC][简单]CDSpace V5.1.0 注册算法分析
对于使用了MFC42.DLL库的VC程序,我发现可以搜索命令顺序 PUSH DWORD PTR [EAX+14] PUSH DWORD PTR [EBP+C] PUSH DWORD PTR [EBP+8] PUSH EDI 来找到控件处理消息时的对应函数地址 PUSH DWORD PTR [EAX+14] 这地方会显示函数地址 不管有无MessageBox提示,都很有效,还可以对其他某些控件消息处理也有效果 程序如果是VC中静态编译的话,直接在其程序中搜索命令顺序,否则就是在MFC42.DLL库中搜索命令顺序 |
|
[原创]史上最搞笑的破解,只要你懂得Ctrl+C就可以破解
............... |
|
|
|
请问如何跟服务端程序?
HttpSendRequest 发送数据 InternetConnect 连接服务器 HttpOpenRequest 设置些xxx 断这些函数差不多了 还有接收的是HttpQueryInfo函数,接收内容看该函数的标志 |
|
[求助]如何对获取网卡IP的这类下断
我收藏的一段代码 void InsertChildItem(CListCtrl& m_list, int nItem, const char* szInsertText, const char* szText) { m_list.InsertItem(nItem, szInsertText); m_list.SetItemText(nItem, 1, szText); } void Network(CListCtrl& m_list, CListCtrl& m_Childlist) { DWORD dwIndex; DWORD dwNumber; DWORD dwResult; ULONG OutBufLen; IP_ADAPTER_INFO AdapterInfo; PIP_ADDR_STRING pAddrString; PIP_ADAPTER_INFO pAdapterNext; MIB_IFROW IfRow; char buffer[256] = ""; int index = 0; int ChildIndex = 0; OutBufLen = sizeof(IP_ADAPTER_INFO); dwResult = GetAdaptersInfo(&AdapterInfo,&OutBufLen); if(dwResult == ERROR_BUFFER_OVERFLOW) { GetAdaptersInfo(&AdapterInfo,&OutBufLen); } else if (dwResult != ERROR_SUCCESS) { wsprintf(buffer, "GetAdaptersInfo Error: %d\n",GetLastError()); InsertChildItem(m_list, index++, "错误", buffer); return; } pAdapterNext = &AdapterInfo; while(pAdapterNext != NULL) { InsertChildItem(m_list, index++, "适配器名称", pAdapterNext->AdapterName); InsertChildItem(m_list, index++, "描述", pAdapterNext->Description); dwIndex = pAdapterNext->Index; ZeroMemory(buffer, 256); char temp[256] = ""; for(dwNumber = 0;dwNumber < pAdapterNext->AddressLength - 1; dwNumber++) { wsprintf(temp, "%.2X-", pAdapterNext->Address[dwNumber]); strcat(buffer, temp); } wsprintf(temp, "%.2X", pAdapterNext->Address[dwNumber]); strcat(buffer, temp); InsertChildItem(m_list, index++, "绑定地址", buffer); switch(pAdapterNext->Type) { case MIB_IF_TYPE_OTHER: wsprintf(buffer, "%s", "其他"); break; case MIB_IF_TYPE_ETHERNET: wsprintf(buffer, "%s", "以太网络"); break; case MIB_IF_TYPE_FDDI: wsprintf(buffer, "%s", "FDDI"); break; case MIB_IF_TYPE_PPP: wsprintf(buffer, "%s", "PPP"); break; case MIB_IF_TYPE_LOOPBACK: wsprintf(buffer, "%s", "路由"); break; case MIB_IF_TYPE_SLIP: wsprintf(buffer, "%s", "串行线路接口协议"); break; default: wsprintf(buffer, "%s", "未知"); break; } InsertChildItem(m_list, index++, "类型", buffer); printf("IpAddressList:\t %s\t\t%s\n","IP Address","Subnet Mask"); pAddrString = &pAdapterNext->IpAddressList; ZeroMemory(buffer, 256); ZeroMemory(temp, 256); while(pAddrString != NULL) { wsprintf(temp, "%s / %s",pAddrString->IpAddress.String,pAddrString->IpMask.String); strcat(buffer, temp); pAddrString = pAddrString->Next; } InsertChildItem(m_list, index++, "IP地址/掩码", buffer); pAddrString = &pAdapterNext->GatewayList; printf("GatewayList:\t %s\n",pAddrString->IpAddress.String); pAddrString = pAddrString->Next; ZeroMemory(buffer, 256); ZeroMemory(temp, 256); while(pAddrString != NULL) { wsprintf(temp, "%s",pAddrString->IpAddress.String); strcat(buffer, temp); pAddrString = pAddrString->Next; } InsertChildItem(m_list, index++, "网关", buffer); if(pAdapterNext->DhcpEnabled != 0) { ZeroMemory(buffer, 256); ZeroMemory(temp, 256); wsprintf(temp, "%s",pAdapterNext->DhcpServer.IpAddress.String); strcat(buffer, temp); strcat(buffer, "\t\t"); pAddrString = pAdapterNext->DhcpServer.Next; while(pAddrString != NULL) { wsprintf(temp, "%s", pAddrString->IpAddress); strcat(buffer, temp); pAddrString = pAddrString->Next; } InsertChildItem(m_list, index++, "DHCP服务器", buffer); } if(pAdapterNext->HaveWins != 0) { wsprintf(temp, "%s", pAdapterNext->PrimaryWinsServer); InsertChildItem(m_list, index++, "主要WinsSvr", buffer); wsprintf(temp, "%s", pAdapterNext->SecondaryWinsServer); InsertChildItem(m_list, index++, "次要WinsSvr", buffer); } InsertChildItem(m_list, index++, "租约获得", asctime(gmtime(&pAdapterNext->LeaseObtained))); InsertChildItem(m_list, index++, "租约期满", asctime(gmtime(&pAdapterNext->LeaseExpires))); IfRow.dwIndex = dwIndex; if((dwResult = GetIfEntry(&IfRow)) != NO_ERROR) { printf("GetIfEntry Error: %d\n",dwResult); break; } wsprintf(buffer, "%d",IfRow.dwMtu); InsertChildItem(m_list, index++, "MTU", buffer); wsprintf(buffer, "%d Kbps", IfRow.dwSpeed/1000); InsertChildItem(m_list, index++, "网速", buffer); switch(IfRow.dwOperStatus) { case MIB_IF_OPER_STATUS_NON_OPERATIONAL: wsprintf(buffer, "%s", "LAN Adapter Disabled"); break; case MIB_IF_OPER_STATUS_UNREACHABLE: wsprintf(buffer, "%s", "WAN Adapter Disconnected"); break; case MIB_IF_OPER_STATUS_DISCONNECTED: wsprintf(buffer, "%s", "LAN Adapters Disconnected or WAN Adapters no Carrier"); break; case MIB_IF_OPER_STATUS_CONNECTING: wsprintf(buffer, "%s", "WAN Adapter Connecting"); break; case MIB_IF_OPER_STATUS_CONNECTED: wsprintf(buffer, "%s", "WAN Adapter Connected"); break; case MIB_IF_OPER_STATUS_OPERATIONAL: wsprintf(buffer, "%s", "LAN Adapter Default Status"); break; default: wsprintf(buffer, "%s", "未知"); break; } InsertChildItem(m_list, index++, "网络类型", buffer); wsprintf(buffer, "%d", IfRow.dwInUnknownProtos); InsertChildItem(m_list, index++, "未知记录", buffer); wsprintf(buffer, "%5d%8d%8d%8d\n", IfRow.dwOutUcastPkts,IfRow.dwOutNUcastPkts,IfRow.dwOutErrors,IfRow.dwOutOctets); InsertChildItem(m_Childlist, ChildIndex++, "发送", buffer); wsprintf(buffer, "%5d%8d%8d%8d\n",IfRow.dwInUcastPkts,IfRow.dwInNUcastPkts,IfRow.dwInErrors,IfRow.dwInOctets); InsertChildItem(m_Childlist, ChildIndex++, "接收", buffer); wsprintf(buffer, "%5d%8d%8d%8d\n", IfRow.dwInUcastPkts + IfRow.dwOutUcastPkts, IfRow.dwInNUcastPkts + IfRow.dwOutNUcastPkts, IfRow.dwInErrors + IfRow.dwOutErrors, IfRow.dwInOctets + IfRow.dwOutOctets); InsertChildItem(m_Childlist, ChildIndex++, "合计", buffer); pAdapterNext = pAdapterNext->Next; } } 效果如下: 项目: 适配器名称 值: {FBE02A64-5415-4771-BC7C-975751C609AB} 项目: 描述 值: Realtek RTL8139 Family PCI Fast Ethernet NIC - 数据包计划程序微型端口 项目: 绑定地址 值: 00-E0-7C-E9-51-91 项目: 类型 值: 以太网络 项目: IP地址/掩码 值: 192.168.1.3 / 255.255.255.0 项目: DHCP服务器 值: 192.168.1.1 项目: 租约获得 值: Tue Mar 21 12:16:21 2006 项目: 租约期满 值: Wed Mar 22 12:16:21 2006 项目: MTU 值: 1500 项目: 网速 值: 100000 Kbps 项目: 网络类型 值: LAN Adapter Default Status 项目: 未知记录 值: 0 |
|
|
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值