1010F495 /$ 55 PUSH EBP
1010F496 |. 8BEC MOV EBP,ESP
1010F498 |. 51 PUSH ECX
1010F499 |. 0FBE05 C84513>MOVSX EAX,BYTE PTR DS:[101345C8]
1010F4A0 |. 85C0 TEST EAX,EAX
1010F4A2 |. 75 05 JNZ SHORT WLOPlus.1010F4A9
1010F4A4 |. E8 1BFFFFFF CALL WLOPlus.1010F3C4
1010F4A9 |> 33C9 XOR ECX,ECX
1010F4AB |. 8A0D C5451310 MOV CL,BYTE PTR DS:[101345C5]
1010F4B1 |. 85C9 TEST ECX,ECX
1010F4B3 |. 75 7B JNZ SHORT WLOPlus.1010F530
1010F4B5 |. 33D2 XOR EDX,EDX
1010F4B7 |. 8A15 C4451310 MOV DL,BYTE PTR DS:[101345C4]
1010F4BD |. 85D2 TEST EDX,EDX
1010F4BF |. 75 6F JNZ SHORT WLOPlus.1010F530
1010F4C1 |. 833D D0471310>CMP DWORD PTR DS:[101347D0],0
1010F4C8 |. 74 41 JE SHORT WLOPlus.1010F50B
1010F4CA |. 8B45 0C MOV EAX,DWORD PTR SS:[EBP+C]
1010F4CD |. 50 PUSH EAX
1010F4CE |. 6A 00 PUSH 0
1010F4D0 |. 68 80010000 PUSH 180
1010F4D5 |. 8B0D D0471310 MOV ECX,DWORD PTR DS:[101347D0]
1010F4DB |. 51 PUSH ECX
1010F4DC |. FF15 74021310 CALL DWORD PTR DS:[<&USER32.SendMessageA>]
1010F4E2 |. 8945 FC MOV DWORD PTR SS:[EBP-4],EAX
1010F4E5 |. 6A 00 PUSH 0
1010F4E7 |. 8B55 FC MOV EDX,DWORD PTR SS:[EBP-4]
1010F4EA |. 52 PUSH EDX
1010F4EB |. 68 86010000 PUSH 186
1010F4F0 |. A1 D0471310 MOV EAX,DWORD PTR DS:[101347D0]
1010F4F5 |. 50 PUSH EAX
1010F4F6 |. FF15 74021310 CALL DWORD PTR DS:[<&USER32.SendMessageA>]
1010F4FC |. 8B0D D0471310 MOV ECX,DWORD PTR DS:[101347D0]
1010F502 |. 51 PUSH ECX
1010F503 |. FF15 08021310 CALL DWORD PTR DS:[<&USER32.UpdateWindow>]
1010F509 |. EB 25 JMP SHORT WLOPlus.1010F530
1010F50B |> 68 01000100 PUSH 10001
1010F510 |. 68 C8451310 PUSH WLOPlus.101345C8
1010F515 |. 8B55 0C MOV EDX,DWORD PTR SS:[EBP+C]
1010F518 |. 52 PUSH EDX
1010F519 |. 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
1010F51C |. 50 PUSH EAX
1010F51D |. FF15 20021310 CALL DWORD PTR DS:[<&USER32.MessageBoxA>]
1010F523 |. 83F8 02 CMP EAX,2
1010F526 |. 75 08 JNZ SHORT WLOPlus.1010F530
1010F528 |. 6A 01 PUSH 1
1010F52A |. FF15 14011310 CALL DWORD PTR DS:[<&KERNEL32.ExitProcess>>
1010F530 |> 8BE5 MOV ESP,EBP
1010F532 |. 5D POP EBP
1010F533 \. C3 RETN
这是一个DLL的文件,我想问一下,在这段程序中是怎么跳到exitprocess这个函数的?整个程序中都没有找到直接跳到这个函数的语句,所以初步判断是循环,不知道是不是,有没有人可以帮回答一下?
[课程]Android-CTF解题方法汇总!