这段代码把 edi,esi 变来变去做什么,看不明白,哪位帮忙看看!!
参数2个:
00435310 /$ 56 push esi
00435311 |. 57 push edi
00435312 |. 8B7C24 0C mov edi, dword ptr [esp+C]
00435316 |. 85FF test edi, edi 取参数
00435318 |. 7C 5B jl short 00435375
0043531A |. 8B7424 10 mov esi, dword ptr [esp+10]
0043531E |. 85F6 test esi, esi 取参数
00435320 |. 7C 53 jl short 00435375
开始:
00435322 |. B8 89888888 mov eax, 88888889 是除以 1e 么?
00435327 |. F7EF imul edi
00435329 |. 03D7 add edx, edi 这句干嘛用的?为为什么是加(add),而下面那段时减(sub),
0043532B |. C1FA 04 sar edx, 4
0043532E |. 8BC2 mov eax, edx
00435330 |. C1E8 1F shr eax, 1F
00435333 |. 03C2 add eax, edx
00435335 |. 8BD0 mov edx, eax
00435337 |. C1E2 04 shl edx, 4
0043533A |. 2BD0 sub edx, eax
0043533C |. 03D2 add edx, edx
0043533E |. 53 push ebx
0043533F |. 8BDA mov ebx, edx
00435341 |. B8 77777777 mov eax, 77777777 是除以 什么啊?
00435346 |. F7EE imul esi
00435348 |. 2BD6 sub edx, esi 这句干嘛用的?为为什么是减(sub),而上面那段时加(add)
0043534A |. C1FA 04 sar edx, 4
0043534D |. 8BC2 mov eax, edx
0043534F |. C1E8 1F shr eax, 1F
00435352 |. 03C2 add eax, edx
00435354 |. 2BC3 sub eax, ebx
00435356 |. 03C7 add eax, edi
00435358 |. 8BD0 mov edx, eax
0043535A |. C1E2 04 shl edx, 4
0043535D |. 2BD0 sub edx, eax
0043535F |. 8D0456 lea eax, dword ptr [esi+edx*2]
00435362 |. 69C0 880A0000 imul eax, eax, 0A88
00435368 |. 8B8408 A42829>mov eax, dword ptr [eax+ecx+2928A4] ; 取基址 ecx 可以认为固定:00815618
0043536F |. 5B pop ebx
00435370 |. 5F pop edi
00435371 |. 5E pop esi
00435372 |. C2 0800 retn 8
[课程]FART 脱壳王!加量不加价!FART作者讲授!
这段代码好熟悉,记得龙之谷里面的某个过程似乎和这个很像啊
