提取出来的，自己感觉是关键的地方，但分析不出来关键位置-付费问答-看雪-安全社区|安全招聘|kanxue.com

[旧帖] 提取出来的，自己感觉是关键的地方，但分析不出来关键位置 0.00雪花

发表于: 2010-12-27 22:11 2386

[旧帖] 提取出来的，自己感觉是关键的地方，但分析不出来关键位置 0.00雪花

zyxlxj

2010-12-27 22:11

2386

0050A3E0 $- FF25 504A5700 jmp    dword ptr [<&netclient.Open_Netd>;  netclien.Open_Netdog
0050A3E6    8BC0       mov    eax, eax
0050A3E8 $- FF25 4C4A5700 jmp    dword ptr [<&netclient.Close_Net>;  netclien.Close_Netdog
0050A3EE    8BC0       mov    eax, eax
0050A3F0 $- FF25 484A5700 jmp    dword ptr [<&netclient.Read_All_>;  netclien.Read_All_Capibility
0050A3F6    8BC0       mov    eax, eax
0050A3F8 $- FF25 444A5700 jmp    dword ptr [<&netclient.Read_Rand>;  netclien.Read_Random
0050A3FE    8BC0       mov    eax, eax
0050A400 $- FF25 404A5700 jmp    dword ptr [<&netclient.Check_Pas>;  netclien.Check_Password
0050A406    8BC0       mov    eax, eax
0050A408 $- FF25 3C4A5700 jmp    dword ptr [<&netclient.Read_Main>;  netclien.Read_Main
0050A40E    8BC0       mov    eax, eax
0050A410  /$  52          push edx
0050A411    E8 EAFFFFFF call <jmp.&netclient.Check_Password>
0050A416  \.  C3          retn
0050A417    90          nop
0050A418  /$  E8 CBFFFFFF call <jmp.&netclient.Close_Netdog>
0050A41D  \.  C3          retn
0050A41E    8BC0       mov    eax, eax
0050A420  /$  55          push ebp
0050A421  |.  8BEC       mov    ebp, esp
0050A423  |.  33C9       xor    ecx, ecx
0050A425  |.  51          push ecx
0050A426  |.  51          push ecx
0050A427  |.  51          push ecx
0050A428  |.  51          push ecx
0050A429  |.  53          push ebx
0050A42A  |.  56          push esi
0050A42B  |.  8BDA       mov    ebx, edx
0050A42D  |.  33C0       xor    eax, eax
0050A42F  |.  55          push ebp
0050A430  |.  68 ACA45000 push 0050A4AC
0050A435  |.  64:FF30    push dword ptr fs:[eax]
0050A438  |.  64:8920    mov    dword ptr fs:[eax], esp
0050A43B  |.  8D45 F4    lea    eax, dword ptr [ebp-C]
0050A43E  |.  8BD3       mov    edx, ebx
0050A440  |.  E8 5FA6EFFF call 00404AA4
0050A445  |.  8B45 F4    mov    eax, dword ptr [ebp-C]
0050A448  |.  8D4D F8    lea    ecx, dword ptr [ebp-8]
0050A44B  |.  BA 04000000 mov    edx, 4
0050A450  |.  E8 0F54F4FF call 0044F864
0050A455  |.  8B45 F8    mov    eax, dword ptr [ebp-8]
0050A458  |.  E8 CBF6EFFF call 00409B28
0050A45D  |.  8BF0       mov    esi, eax
0050A45F  |.  8BC3       mov    eax, ebx
0050A461  |.  E8 5AFCEFFF call 0040A0C0
0050A466  |.  83E8 04    sub    eax, 4
0050A469  |.  50          push eax
0050A46A  |.  8D45 F0    lea    eax, dword ptr [ebp-10]
0050A46D  |.  8BD3       mov    edx, ebx
0050A46F  |.  E8 30A6EFFF call 00404AA4
0050A474  |.  8B45 F0    mov    eax, dword ptr [ebp-10]
0050A477  |.  8D4D FC    lea    ecx, dword ptr [ebp-4]
0050A47A  |.  5A          pop    edx
0050A47B  |.  E8 C853F4FF call 0044F848
0050A480  |.  56          push esi
0050A481  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
0050A484  |.  E8 DBA8EFFF call 00404D64
0050A489  |.  50          push eax
0050A48A  |.  E8 51FFFFFF call <jmp.&netclient.Open_Netdog>
0050A48F  |.  8BD8       mov    ebx, eax
0050A491  |.  33C0       xor    eax, eax
0050A493  |.  5A          pop    edx
0050A494  |.  59          pop    ecx
0050A495  |.  59          pop    ecx
0050A496  |.  64:8910    mov    dword ptr fs:[eax], edx
0050A499  |.  68 B3A45000 push 0050A4B3
0050A49E  |>  8D45 F0    lea    eax, dword ptr [ebp-10]
0050A4A1  |.  BA 04000000 mov    edx, 4
0050A4A6  |.  E8 2DA4EFFF call 004048D8
0050A4AB  \.  C3          retn
0050A4AC .^ E9 2B9DEFFF jmp    004041DC
0050A4B1 .^ EB EB       jmp    short 0050A49E
0050A4B3 .  8BC3       mov    eax, ebx
0050A4B5 .  5E          pop    esi
0050A4B6 .  5B          pop    ebx
0050A4B7 .  8BE5       mov    esp, ebp
0050A4B9 .  5D          pop    ebp
0050A4BA .  C3          retn
0050A4BB    90          nop
0050A4BC  /$  55          push ebp
0050A4BD  |.  57          push edi
0050A4BE  |.  83C4 B8    add    esp, -48
0050A4C1  |.  8BFA       mov    edi, edx
0050A4C3  |.  B8 41000000 mov    eax, 41
0050A4C8  |.  8D5424 04    lea    edx, dword ptr [esp+4]
0050A4CC  |>  C602 00    /mov    byte ptr [edx], 0
0050A4CF  |.  42          |inc    edx
0050A4D0  |.  48          |dec    eax
0050A4D1  |.^ 75 F9       \jnz    short 0050A4CC
0050A4D3  |.  8D4424 04    lea    eax, dword ptr [esp+4]
0050A4D7  |.  50          push eax
0050A4D8  |.  E8 13FFFFFF call <jmp.&netclient.Read_All_Capibil>
0050A4DD  |.  890424       mov    dword ptr [esp], eax
0050A4E0  |.  85C0       test eax, eax
0050A4E2  |.  75 1F       jnz    short 0050A503
0050A4E4  |.  33C9       xor    ecx, ecx
0050A4E6  |.  33C0       xor    eax, eax
0050A4E8  |.  8D7424 04    lea    esi, dword ptr [esp+4]
0050A4EC  |>  8A16       /mov    dl, byte ptr [esi]
0050A4EE  |.  84D2       |test dl, dl
0050A4F0  |.  75 02       |jnz    short 0050A4F4
0050A4F2  |.  B1 01       |mov    cl, 1
0050A4F4  |>  80F9 01    |cmp    cl, 1
0050A4F7  |.  74 03       |je    short 0050A4FC
0050A4F9  |.  881407       |mov    byte ptr [edi+eax], dl
0050A4FC  |>  40          |inc    eax
0050A4FD  |.  46          |inc    esi
0050A4FE  |.  83F8 41    |cmp    eax, 41
0050A501  |.^ 75 E9       \jnz    short 0050A4EC
0050A503  |>  8B0424       mov    eax, dword ptr [esp]
0050A506  |.  83C4 48    add    esp, 48
0050A509  |.  5F          pop    edi
0050A50A  |.  5E          pop    esi
0050A50B  \.  C3          retn
0050A50C  /$  55          push ebp
0050A50D  |.  8BEC       mov    ebp, esp
0050A50F  |.  8B45 08    mov    eax, dword ptr [ebp+8]
0050A512  |.  50          push eax
0050A513  |.  51          push ecx
0050A514  |.  52          push edx
0050A515  |.  E8 EEFEFFFF call <jmp.&netclient.Read_Main>
0050A51A  |.  5D          pop    ebp
0050A51B  \.  C2 0400    retn 4
0050A51E    8BC0       mov    eax, eax
0050A520  /$  53          push ebx
0050A521  |.  56          push esi
0050A522  |.  57          push edi
0050A523  |.  8BF2       mov    esi, edx
0050A525  |.  8BD8       mov    ebx, eax
0050A527  |.  837B 44 00 cmp    dword ptr [ebx+44], 0
0050A52B  |.  75 14       jnz    short 0050A541
0050A52D  |.  56          push esi
0050A52E  |.  E8 C5FEFFFF call <jmp.&netclient.Read_Random>
0050A533  |.  8BF8       mov    edi, eax
0050A535  |.  8D43 44    lea    eax, dword ptr [ebx+44]
0050A538  |.  8BD6       mov    edx, esi
0050A53A  |.  E8 65A5EFFF call 00404AA4
0050A53F  |.  EB 1E       jmp    short 0050A55F
0050A541  |>  8B43 44    mov    eax, dword ptr [ebx+44]
0050A544  |.  E8 1BA8EFFF call 00404D64
0050A549  |.  8BF8       mov    edi, eax
0050A54B  |.  8BC7       mov    eax, edi
0050A54D  |.  E8 6EFBEFFF call 0040A0C0
0050A552  |.  50          push eax
0050A553  |.  8BD7       mov    edx, edi
0050A555  |.  8BC6       mov    eax, esi
0050A557  |.  59          pop    ecx
0050A558  |.  E8 F3FBEFFF call 0040A150
0050A55D  |.  33FF       xor    edi, edi
0050A55F  |>  8BC7       mov    eax, edi
0050A561  |.  5F          pop    edi
0050A562  |.  5E          pop    esi
0050A563  |.  5B          pop    ebx
0050A564  \.  C3          retn
0050A565    8D40 00    lea    eax, dword ptr [eax]
0050A568  /$  55          push ebp
0050A569  |.  8BEC       mov    ebp, esp
0050A56B  |.  83C4 CC    add    esp, -34
0050A56E  |.  53          push ebx
0050A56F  |.  56          push esi
0050A570  |.  33DB       xor    ebx, ebx
0050A572  |.  895D F4    mov    dword ptr [ebp-C], ebx
0050A575  |.  895D F0    mov    dword ptr [ebp-10], ebx
0050A578  |.  894D F8    mov    dword ptr [ebp-8], ecx
0050A57B  |.  8955 FC    mov    dword ptr [ebp-4], edx
0050A57E  |.  8BF0       mov    esi, eax
0050A580  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
0050A583  |.  E8 CCA7EFFF call 00404D54
0050A588  |.  8B45 F8    mov    eax, dword ptr [ebp-8]
0050A58B  |.  E8 C4A7EFFF call 00404D54
0050A590  |.  33C0       xor    eax, eax
0050A592  |.  55          push ebp
0050A593  |.  68 62A65000 push 0050A662
0050A598  |.  64:FF30    push dword ptr fs:[eax]
0050A59B  |.  64:8920    mov    dword ptr fs:[eax], esp
0050A59E  |.  33DB       xor    ebx, ebx
0050A5A0  |.  33C0       xor    eax, eax
0050A5A2  |.  8946 40    mov    dword ptr [esi+40], eax
0050A5A5  |.  8D45 F4    lea    eax, dword ptr [ebp-C]
0050A5A8  |.  E8 07A3EFFF call 004048B4
0050A5AD  |.  8D45 F0    lea    eax, dword ptr [ebp-10]
0050A5B0  |.  E8 FFA2EFFF call 004048B4
0050A5B5  |.  837D FC 00 cmp    dword ptr [ebp-4], 0
0050A5B9  |.  74 06       je    short 0050A5C1
0050A5BB  |.  837D F8 00 cmp    dword ptr [ebp-8], 0
0050A5BF  |.  75 09       jnz    short 0050A5CA
0050A5C1  |>  C746 40 01000>mov    dword ptr [esi+40], 1
0050A5C8  |.  EB 7D       jmp    short 0050A647
0050A5CA  |>  8D45 F0    lea    eax, dword ptr [ebp-10]
0050A5CD  |.  8B4D F8    mov    ecx, dword ptr [ebp-8]
0050A5D0  |.  8B55 FC    mov    edx, dword ptr [ebp-4]
0050A5D3  |.  E8 E0A5EFFF call 00404BB8
0050A5D8  |.  8B45 F0    mov    eax, dword ptr [ebp-10]
0050A5DB  |.  E8 84A7EFFF call 00404D64
0050A5E0  |.  8BD0       mov    edx, eax
0050A5E2  |.  8BC6       mov    eax, esi
0050A5E4  |.  E8 37FEFFFF call 0050A420
0050A5E9  |.  8BD0       mov    edx, eax
0050A5EB  |.  85D2       test edx, edx
0050A5ED  |.  74 05       je    short 0050A5F4
0050A5EF  |.  8956 40    mov    dword ptr [esi+40], edx
0050A5F2  |.  EB 53       jmp    short 0050A647
0050A5F4  |>  BA 24000000 mov    edx, 24
0050A5F9  |.  8D45 CC    lea    eax, dword ptr [ebp-34]
0050A5FC  |>  C600 00    /mov    byte ptr [eax], 0
0050A5FF  |.  40          |inc    eax
0050A600  |.  4A          |dec    edx
0050A601  |.^ 75 F9       \jnz    short 0050A5FC
0050A603  |.  8D55 CC    lea    edx, dword ptr [ebp-34]
0050A606  |.  8BC6       mov    eax, esi
0050A608  |.  E8 AFFEFFFF call 0050A4BC
0050A60D  |.  8BD0       mov    edx, eax
0050A60F  |.  85D2       test edx, edx
0050A611  |.  74 0C       je    short 0050A61F
0050A613  |.  8956 40    mov    dword ptr [esi+40], edx
0050A616  |.  8BC6       mov    eax, esi
0050A618  |.  E8 FBFDFFFF call 0050A418
0050A61D  |.  EB 28       jmp    short 0050A647
0050A61F  |>  8D45 F4    lea    eax, dword ptr [ebp-C]
0050A622  |.  8D55 CC    lea    edx, dword ptr [ebp-34]
0050A625  |.  B9 24000000 mov    ecx, 24
0050A62A  |.  E8 EDA4EFFF call 00404B1C
0050A62F  |.  837D F4 00 cmp    dword ptr [ebp-C], 0
0050A633  |.  75 10       jnz    short 0050A645
0050A635  |.  C746 40 09000>mov    dword ptr [esi+40], 9
0050A63C  |.  8BC6       mov    eax, esi
0050A63E  |.  E8 D5FDFFFF call 0050A418
0050A643  |.  EB 02       jmp    short 0050A647
0050A645  |>  B3 01       mov    bl, 1
0050A647  |>  33C0       xor    eax, eax
0050A649  |.  5A          pop    edx
0050A64A  |.  59          pop    ecx
0050A64B  |.  59          pop    ecx
0050A64C  |.  64:8910    mov    dword ptr fs:[eax], edx
0050A64F  |.  68 69A65000 push 0050A669
0050A654  |>  8D45 F0    lea    eax, dword ptr [ebp-10]
0050A657  |.  BA 04000000 mov    edx, 4
0050A65C  |.  E8 77A2EFFF call 004048D8
0050A661  \.  C3          retn
0050A662 .^ E9 759BEFFF jmp    004041DC
0050A667 .^ EB EB       jmp    short 0050A654
0050A669 .  8BC3       mov    eax, ebx
0050A66B .  5E          pop    esi
0050A66C .  5B          pop    ebx
0050A66D .  8BE5       mov    esp, ebp
0050A66F .  5D          pop    ebp
0050A670 .  C3          retn
0050A671    8D40 00    lea    eax, dword ptr [eax]
0050A674  /$  E8 9FFDFFFF call 0050A418
0050A679  \.  C3          retn
0050A67A    8BC0       mov    eax, eax
0050A67C  /$  55          push ebp
0050A67D  |.  8BEC       mov    ebp, esp
0050A67F  |.  83C4 EC    add    esp, -14
0050A682  |.  53          push ebx
0050A683  |.  894D F8    mov    dword ptr [ebp-8], ecx
0050A686  |.  8955 FC    mov    dword ptr [ebp-4], edx
0050A689  |.  8BD8       mov    ebx, eax
0050A68B  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
0050A68E  |.  E8 C1A6EFFF call 00404D54
0050A693  |.  8B45 F8    mov    eax, dword ptr [ebp-8]
0050A696  |.  E8 B9A6EFFF call 00404D54
0050A69B  |.  33C0       xor    eax, eax
0050A69D  |.  55          push ebp
0050A69E  |.  68 7EA75000 push 0050A77E
0050A6A3  |.  64:FF30    push dword ptr fs:[eax]
0050A6A6  |.  64:8920    mov    dword ptr fs:[eax], esp
0050A6A9  |.  C645 F7 00 mov    byte ptr [ebp-9], 0
0050A6AD  |.  33C0       xor    eax, eax
0050A6AF  |.  8943 40    mov    dword ptr [ebx+40], eax
0050A6B2  |.  837D FC 00 cmp    dword ptr [ebp-4], 0
0050A6B6  |.  75 0B       jnz    short 0050A6C3
0050A6B8  |.  8D45 FC    lea    eax, dword ptr [ebp-4]
0050A6BB  |.  8B53 34    mov    edx, dword ptr [ebx+34]
0050A6BE  |.  E8 89A2EFFF call 0040494C
0050A6C3  |>  837D FC 00 cmp    dword ptr [ebp-4], 0
0050A6C7  |.  75 13       jnz    short 0050A6DC
0050A6C9  |.  C743 40 01000>mov    dword ptr [ebx+40], 1
0050A6D0  |.  8BC3       mov    eax, ebx
0050A6D2  |.  E8 41FDFFFF call 0050A418
0050A6D7  |.  E9 87000000 jmp    0050A763
0050A6DC  |>  837D F8 00 cmp    dword ptr [ebp-8], 0
0050A6E0  |.  75 0B       jnz    short 0050A6ED
0050A6E2  |.  8D45 F8    lea    eax, dword ptr [ebp-8]
0050A6E5  |.  8B53 30    mov    edx, dword ptr [ebx+30]
0050A6E8  |.  E8 5FA2EFFF call 0040494C
0050A6ED  |>  837D F8 00 cmp    dword ptr [ebp-8], 0
0050A6F1  |.  75 10       jnz    short 0050A703
0050A6F3  |.  C743 40 01000>mov    dword ptr [ebx+40], 1
0050A6FA  |.  8BC3       mov    eax, ebx
0050A6FC  |.  E8 17FDFFFF call 0050A418
0050A701  |.  EB 60       jmp    short 0050A763
0050A703  |>  BA 0A000000 mov    edx, 0A
0050A708  |.  8D45 ED    lea    eax, dword ptr [ebp-13]
0050A70B  |>  C600 00    /mov    byte ptr [eax], 0
0050A70E  |.  40          |inc    eax
0050A70F  |.  4A          |dec    edx
0050A710  |.^ 75 F9       \jnz    short 0050A70B
0050A712  |.  8D55 ED    lea    edx, dword ptr [ebp-13]
0050A715  |.  8BC3       mov    eax, ebx
0050A717  |.  E8 04FEFFFF call 0050A520
0050A71C  |.  8BD0       mov    edx, eax
0050A71E  |.  85D2       test edx, edx
0050A720  |.  74 0C       je    short 0050A72E
0050A722  |.  8953 40    mov    dword ptr [ebx+40], edx
0050A725  |.  8BC3       mov    eax, ebx
0050A727  |.  E8 ECFCFFFF call 0050A418
0050A72C  |.  EB 35       jmp    short 0050A763
0050A72E  |>  8B45 F8    mov    eax, dword ptr [ebp-8]
0050A731  |.  50          push eax
0050A732  |.  8D4D ED    lea    ecx, dword ptr [ebp-13]
0050A735  |.  8B55 FC    mov    edx, dword ptr [ebp-4]
0050A738  |.  8BC3       mov    eax, ebx
0050A73A  |.  E8 79F8FFFF call 00509FB8
0050A73F  |.  8038 00    cmp    byte ptr [eax], 0
0050A742  |.  74 1F       je    short 0050A763
0050A744  |.  8BD0       mov    edx, eax
0050A746  |.  8BC3       mov    eax, ebx
0050A748  |.  E8 C3FCFFFF call 0050A410
0050A74D  |.  8BD0       mov    edx, eax
0050A74F  |.  85D2       test edx, edx
0050A751  |.  74 0C       je    short 0050A75F
0050A753  |.  8953 40    mov    dword ptr [ebx+40], edx
0050A756  |.  8BC3       mov    eax, ebx
0050A758  |.  E8 BBFCFFFF call 0050A418
0050A75D  |.  EB 04       jmp    short 0050A763
0050A75F  |>  C645 F7 01 mov    byte ptr [ebp-9], 1
0050A763  |>  33C0       xor    eax, eax
0050A765  |.  5A          pop    edx
0050A766  |.  59          pop    ecx
0050A767  |.  59          pop    ecx
0050A768  |.  64:8910    mov    dword ptr fs:[eax], edx
0050A76B  |.  68 85A75000 push 0050A785
0050A770  |>  8D45 F8    lea    eax, dword ptr [ebp-8]
0050A773  |.  BA 02000000 mov    edx, 2
0050A778  |.  E8 5BA1EFFF call 004048D8
0050A77D  \.  C3          retn
0050A77E .^ E9 599AEFFF jmp    004041DC
0050A783 .^ EB EB       jmp    short 0050A770
0050A785 .  8A45 F7    mov    al, byte ptr [ebp-9]
0050A788 .  5B          pop    ebx
0050A789 .  8BE5       mov    esp, ebp
0050A78B .  5D          pop    ebp
0050A78C .  C3          retn
0050A78D    8D40 00    lea    eax, dword ptr [eax]
0050A790  /$  55          push ebp
0050A791  |.  8BEC       mov    ebp, esp
0050A793  |.  81C4 24FFFFFF add    esp, -0DC
0050A799  |.  53          push ebx
0050A79A  |.  56          push esi
0050A79B  |.  33DB       xor    ebx, ebx
0050A79D  |.  899D 24FFFFFF mov    dword ptr [ebp-DC], ebx
0050A7A3  |.  899D 28FFFFFF mov    dword ptr [ebp-D8], ebx
0050A7A9  |.  895D EC    mov    dword ptr [ebp-14], ebx
0050A7AC  |.  895D E8    mov    dword ptr [ebp-18], ebx
0050A7AF  |.  8BD9       mov    ebx, ecx
0050A7B1  |.  8BF2       mov    esi, edx
0050A7B3  |.  8945 FC    mov    dword ptr [ebp-4], eax
0050A7B6  |.  8B45 08    mov    eax, dword ptr [ebp+8]
0050A7B9  |.  E8 96A5EFFF call 00404D54
0050A7BE  |.  33C0       xor    eax, eax
0050A7C0  |.  55          push ebp
0050A7C1  |.  68 40A95000 push 0050A940
0050A7C6  |.  64:FF30    push dword ptr fs:[eax]
0050A7C9  |.  64:8920    mov    dword ptr fs:[eax], esp
0050A7CC  |.  C645 FB 00 mov    byte ptr [ebp-5], 0
0050A7D0  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
0050A7D3  |.  33D2       xor    edx, edx
0050A7D5  |.  8950 40    mov    dword ptr [eax+40], edx
0050A7D8  |.  8D45 EC    lea    eax, dword ptr [ebp-14]
0050A7DB  |.  E8 D4A0EFFF call 004048B4
0050A7E0  |.  8D45 E8    lea    eax, dword ptr [ebp-18]
0050A7E3  |.  E8 CCA0EFFF call 004048B4
0050A7E8  |.  8BC3       mov    eax, ebx
0050A7EA  |.  2BC6       sub    eax, esi
0050A7EC  |.  8945 E4    mov    dword ptr [ebp-1C], eax
0050A7EF  |.  B8 B6000000 mov    eax, 0B6
0050A7F4  |.  8D95 2EFFFFFF lea    edx, dword ptr [ebp-D2]
0050A7FA  |>  C602 00    /mov    byte ptr [edx], 0
0050A7FD  |.  42          |inc    edx
0050A7FE  |.  48          |dec    eax
0050A7FF  |.^ 75 F9       \jnz    short 0050A7FA
0050A801  |.  53          push ebx
0050A802  |.  8D95 2EFFFFFF lea    edx, dword ptr [ebp-D2]
0050A808  |.  8BCE       mov    ecx, esi
0050A80A  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
0050A80D  |.  E8 FAFCFFFF call 0050A50C
0050A812  |.  85C0       test eax, eax
0050A814  |.  74 13       je    short 0050A829
0050A816  |.  8B55 FC    mov    edx, dword ptr [ebp-4]
0050A819  |.  8942 40    mov    dword ptr [edx+40], eax
0050A81C  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
0050A81F  |.  E8 F4FBFFFF call 0050A418
0050A824  |.  E9 E4000000 jmp    0050A90D
0050A829  |>  8B5D E4    mov    ebx, dword ptr [ebp-1C]
0050A82C  |.  85DB       test ebx, ebx
0050A82E  |.  7C 26       jl    short 0050A856
0050A830  |.  43          inc    ebx
0050A831  |.  8DB5 2EFFFFFF lea    esi, dword ptr [ebp-D2]
0050A837  |>  8D85 28FFFFFF /lea    eax, dword ptr [ebp-D8]
0050A83D  |.  8A16       |mov    dl, byte ptr [esi]
0050A83F  |.  E8 50A2EFFF |call 00404A94
0050A844  |.  8B95 28FFFFFF |mov    edx, dword ptr [ebp-D8]
0050A84A  |.  8D45 EC    |lea    eax, dword ptr [ebp-14]
0050A84D  |.  E8 22A3EFFF |call 00404B74
0050A852  |.  46          |inc    esi
0050A853  |.  4B          |dec    ebx
0050A854  |.^ 75 E1       \jnz    short 0050A837
0050A856  |>  B8 0A000000 mov    eax, 0A
0050A85B  |.  8D55 F1    lea    edx, dword ptr [ebp-F]
0050A85E  |>  C602 00    /mov    byte ptr [edx], 0
0050A861  |.  42          |inc    edx
0050A862  |.  48          |dec    eax
0050A863  |.^ 75 F9       \jnz    short 0050A85E
0050A865  |.  8D55 F1    lea    edx, dword ptr [ebp-F]
0050A868  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
0050A86B  |.  E8 B0FCFFFF call 0050A520
0050A870  |.  85C0       test eax, eax
0050A872  |.  74 13       je    short 0050A887
0050A874  |.  8B55 FC    mov    edx, dword ptr [ebp-4]
0050A877  |.  8942 40    mov    dword ptr [edx+40], eax
0050A87A  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
0050A87D  |.  E8 96FBFFFF call 0050A418
0050A882  |.  E9 86000000 jmp    0050A90D
0050A887  |>  837D 08 00 cmp    dword ptr [ebp+8], 0
0050A88B  |.  75 0E       jnz    short 0050A89B
0050A88D  |.  8D45 08    lea    eax, dword ptr [ebp+8]
0050A890  |.  8B55 FC    mov    edx, dword ptr [ebp-4]
0050A893  |.  8B52 30    mov    edx, dword ptr [edx+30]
0050A896  |.  E8 B1A0EFFF call 0040494C
0050A89B  |>  837D 08 00 cmp    dword ptr [ebp+8], 0
0050A89F  |.  75 14       jnz    short 0050A8B5
0050A8A1  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
0050A8A4  |.  C740 40 01000>mov    dword ptr [eax+40], 1
0050A8AB  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
0050A8AE  |.  E8 65FBFFFF call 0050A418
0050A8B3  |.  EB 58       jmp    short 0050A90D
0050A8B5  |>  8B45 08    mov    eax, dword ptr [ebp+8]
0050A8B8  |.  50          push eax
0050A8B9  |.  8D45 E8    lea    eax, dword ptr [ebp-18]
0050A8BC  |.  50          push eax
0050A8BD  |.  8D85 24FFFFFF lea    eax, dword ptr [ebp-DC]
0050A8C3  |.  8D55 F1    lea    edx, dword ptr [ebp-F]
0050A8C6  |.  B9 0A000000 mov    ecx, 0A
0050A8CB  |.  E8 4CA2EFFF call 00404B1C
0050A8D0  |.  8B8D 24FFFFFF mov    ecx, dword ptr [ebp-DC]
0050A8D6  |.  8B55 EC    mov    edx, dword ptr [ebp-14]
0050A8D9  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
0050A8DC  |.  E8 8FF8FFFF call 0050A170
0050A8E1  |.  837D E8 00 cmp    dword ptr [ebp-18], 0
0050A8E5  |.  75 14       jnz    short 0050A8FB
0050A8E7  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
0050A8EA  |.  C740 40 01000>mov    dword ptr [eax+40], 1
0050A8F1  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
0050A8F4  |.  E8 1FFBFFFF call 0050A418
0050A8F9  |.  EB 12       jmp    short 0050A90D
0050A8FB  |>  8B45 FC    mov    eax, dword ptr [ebp-4]
0050A8FE  |.  83C0 48    add    eax, 48
0050A901  |.  8B55 E8    mov    edx, dword ptr [ebp-18]
0050A904  |.  E8 FF9FEFFF call 00404908
0050A909  |.  C645 FB 01 mov    byte ptr [ebp-5], 1
0050A90D  |>  33C0       xor    eax, eax
0050A90F  |.  5A          pop    edx
0050A910  |.  59          pop    ecx
0050A911  |.  59          pop    ecx
0050A912  |.  64:8910    mov    dword ptr fs:[eax], edx
0050A915  |.  68 47A95000 push 0050A947
0050A91A  |>  8D85 24FFFFFF lea    eax, dword ptr [ebp-DC]
0050A920  |.  BA 02000000 mov    edx, 2
0050A925  |.  E8 AE9FEFFF call 004048D8
0050A92A  |.  8D45 E8    lea    eax, dword ptr [ebp-18]
0050A92D  |.  BA 02000000 mov    edx, 2
0050A932  |.  E8 A19FEFFF call 004048D8
0050A937  |.  8D45 08    lea    eax, dword ptr [ebp+8]
0050A93A  |.  E8 759FEFFF call 004048B4
0050A93F  \.  C3          retn
0050A940 .^ E9 9798EFFF jmp    004041DC
0050A945 .^ EB D3       jmp    short 0050A91A
0050A947 .  8A45 FB    mov    al, byte ptr [ebp-5]
0050A94A .  5E          pop    esi
0050A94B .  5B          pop    ebx
0050A94C .  8BE5       mov    esp, ebp
0050A94E .  5D          pop    ebp
0050A94F .  C2 0400    retn 4
0050A952    8BC0       mov    eax, eax
0050A954  /$  55          push ebp
0050A955  |.  8BEC       mov    ebp, esp
0050A957  |.  83C4 D4    add    esp, -2C
0050A95A  |.  53          push ebx
0050A95B  |.  56          push esi
0050A95C  |.  57          push edi
0050A95D  |.  33C9       xor    ecx, ecx
0050A95F  |.  894D D4    mov    dword ptr [ebp-2C], ecx
0050A962  |.  894D FC    mov    dword ptr [ebp-4], ecx
0050A965  |.  8BFA       mov    edi, edx
0050A967  |.  8BF0       mov    esi, eax
0050A969  |.  33C0       xor    eax, eax
0050A96B  |.  55          push ebp
0050A96C  |.  68 FFA95000 push 0050A9FF
0050A971  |.  64:FF30    push dword ptr fs:[eax]
0050A974  |.  64:8920    mov    dword ptr fs:[eax], esp
0050A977  |.  8BC7       mov    eax, edi
0050A979  |.  E8 369FEFFF call 004048B4
0050A97E  |.  33C0       xor    eax, eax
0050A980  |.  8946 40    mov    dword ptr [esi+40], eax
0050A983  |.  8D45 FC    lea    eax, dword ptr [ebp-4]
0050A986  |.  E8 299FEFFF call 004048B4
0050A98B  |.  BB 24000000 mov    ebx, 24
0050A990  |.  8D45 D8    lea    eax, dword ptr [ebp-28]
0050A993  |>  C600 00    /mov    byte ptr [eax], 0
0050A996  |.  40          |inc    eax
0050A997  |.  4B          |dec    ebx
0050A998  |.^ 75 F9       \jnz    short 0050A993
0050A99A  |.  8D55 D8    lea    edx, dword ptr [ebp-28]
0050A99D  |.  8BC6       mov    eax, esi
0050A99F  |.  E8 18FBFFFF call 0050A4BC
0050A9A4  |.  8BD8       mov    ebx, eax
0050A9A6  |.  85DB       test ebx, ebx
0050A9A8  |.  74 0C       je    short 0050A9B6
0050A9AA  |.  895E 40    mov    dword ptr [esi+40], ebx
0050A9AD  |.  8BC6       mov    eax, esi
0050A9AF  |.  E8 64FAFFFF call 0050A418
0050A9B4  |.  EB 2B       jmp    short 0050A9E1
0050A9B6  |>  BB 08000000 mov    ebx, 8
0050A9BB  |.  8D75 D8    lea    esi, dword ptr [ebp-28]
0050A9BE  |>  8D45 D4    /lea    eax, dword ptr [ebp-2C]
0050A9C1  |.  8A16       |mov    dl, byte ptr [esi]
0050A9C3  |.  E8 CCA0EFFF |call 00404A94
0050A9C8  |.  8B55 D4    |mov    edx, dword ptr [ebp-2C]
0050A9CB  |.  8D45 FC    |lea    eax, dword ptr [ebp-4]
0050A9CE  |.  E8 A1A1EFFF |call 00404B74
0050A9D3  |.  46          |inc    esi
0050A9D4  |.  4B          |dec    ebx
0050A9D5  |.^ 75 E7       \jnz    short 0050A9BE
0050A9D7  |.  8BC7       mov    eax, edi
0050A9D9  |.  8B55 FC    mov    edx, dword ptr [ebp-4]
0050A9DC  |.  E8 279FEFFF call 00404908
0050A9E1  |>  33C0       xor    eax, eax
0050A9E3  |.  5A          pop    edx
0050A9E4  |.  59          pop    ecx
0050A9E5  |.  59          pop    ecx
0050A9E6  |.  64:8910    mov    dword ptr fs:[eax], edx
0050A9E9  |.  68 06AA5000 push 0050AA06
0050A9EE  |>  8D45 D4    lea    eax, dword ptr [ebp-2C]
0050A9F1  |.  E8 BE9EEFFF call 004048B4
0050A9F6  |.  8D45 FC    lea    eax, dword ptr [ebp-4]
0050A9F9  |.  E8 B69EEFFF call 004048B4
0050A9FE  \.  C3          retn
0050A9FF .^ E9 D897EFFF jmp    004041DC
0050AA04 .^ EB E8       jmp    short 0050A9EE
0050AA06 .  5F          pop    edi
0050AA07 .  5E          pop    esi
0050AA08 .  5B          pop    ebx
0050AA09 .  8BE5       mov    esp, ebp
0050AA0B .  5D          pop    ebp
0050AA0C .  C3          retn
0050AA0D    8D40 00    lea    eax, dword ptr [eax]
0050AA10  /$  55          push ebp
0050AA11  |.  8BEC       mov    ebp, esp
0050AA13  |.  83C4 D4    add    esp, -2C
0050AA16  |.  53          push ebx
0050AA17  |.  56          push esi
0050AA18  |.  57          push edi
0050AA19  |.  33C9       xor    ecx, ecx
0050AA1B  |.  894D D4    mov    dword ptr [ebp-2C], ecx
0050AA1E  |.  894D FC    mov    dword ptr [ebp-4], ecx
0050AA21  |.  8BFA       mov    edi, edx
0050AA23  |.  8BF0       mov    esi, eax
0050AA25  |.  33C0       xor    eax, eax
0050AA27  |.  55          push ebp
0050AA28  |.  68 BBAA5000 push 0050AABB
0050AA2D  |.  64:FF30    push dword ptr fs:[eax]
0050AA30  |.  64:8920    mov    dword ptr fs:[eax], esp
0050AA33  |.  8BC7       mov    eax, edi
0050AA35  |.  E8 7A9EEFFF call 004048B4
0050AA3A  |.  33C0       xor    eax, eax
0050AA3C  |.  8946 40    mov    dword ptr [esi+40], eax
0050AA3F  |.  8D45 FC    lea    eax, dword ptr [ebp-4]
0050AA42  |.  E8 6D9EEFFF call 004048B4
0050AA47  |.  BB 24000000 mov    ebx, 24
0050AA4C  |.  8D45 D8    lea    eax, dword ptr [ebp-28]
0050AA4F  |>  C600 00    /mov    byte ptr [eax], 0
0050AA52  |.  40          |inc    eax
0050AA53  |.  4B          |dec    ebx
0050AA54  |.^ 75 F9       \jnz    short 0050AA4F
0050AA56  |.  8D55 D8    lea    edx, dword ptr [ebp-28]
0050AA59  |.  8BC6       mov    eax, esi
0050AA5B  |.  E8 5CFAFFFF call 0050A4BC
0050AA60  |.  8BD8       mov    ebx, eax
0050AA62  |.  85DB       test ebx, ebx
0050AA64  |.  74 0C       je    short 0050AA72
0050AA66  |.  895E 40    mov    dword ptr [esi+40], ebx
0050AA69  |.  8BC6       mov    eax, esi
0050AA6B  |.  E8 A8F9FFFF call 0050A418
0050AA70  |.  EB 2B       jmp    short 0050AA9D
0050AA72  |>  BB 08000000 mov    ebx, 8
0050AA77  |.  8D75 E6    lea    esi, dword ptr [ebp-1A]
0050AA7A  |>  8D45 D4    /lea    eax, dword ptr [ebp-2C]
0050AA7D  |.  8A16       |mov    dl, byte ptr [esi]
0050AA7F  |.  E8 10A0EFFF |call 00404A94
0050AA84  |.  8B55 D4    |mov    edx, dword ptr [ebp-2C]
0050AA87  |.  8D45 FC    |lea    eax, dword ptr [ebp-4]
0050AA8A  |.  E8 E5A0EFFF |call 00404B74
0050AA8F  |.  46          |inc    esi
0050AA90  |.  4B          |dec    ebx
0050AA91  |.^ 75 E7       \jnz    short 0050AA7A
0050AA93  |.  8BC7       mov    eax, edi
0050AA95  |.  8B55 FC    mov    edx, dword ptr [ebp-4]
0050AA98  |.  E8 6B9EEFFF call 00404908
0050AA9D  |>  33C0       xor    eax, eax
0050AA9F  |.  5A          pop    edx
0050AAA0  |.  59          pop    ecx
0050AAA1  |.  59          pop    ecx
0050AAA2  |.  64:8910    mov    dword ptr fs:[eax], edx
0050AAA5  |.  68 C2AA5000 push 0050AAC2
0050AAAA  |>  8D45 D4    lea    eax, dword ptr [ebp-2C]
0050AAAD  |.  E8 029EEFFF call 004048B4
0050AAB2  |.  8D45 FC    lea    eax, dword ptr [ebp-4]
0050AAB5  |.  E8 FA9DEFFF call 004048B4
0050AABA  \.  C3          retn
0050AABB .^ E9 1C97EFFF jmp    004041DC
0050AAC0 .^ EB E8       jmp    short 0050AAAA
0050AAC2 .  5F          pop    edi
0050AAC3 .  5E          pop    esi
0050AAC4 .  5B          pop    ebx
0050AAC5 .  8BE5       mov    esp, ebp
0050AAC7 .  5D          pop    ebp
0050AAC8 .  C3          retn
0050AAC9    8D40 00    lea    eax, dword ptr [eax]
0050AACC .  55          push ebp
0050AACD .  8BEC       mov    ebp, esp
0050AACF .  33C0       xor    eax, eax
0050AAD1 .  55          push ebp
0050AAD2 .  68 F1AA5000 push 0050AAF1
0050AAD7 .  64:FF30    push dword ptr fs:[eax]
0050AADA .  64:8920    mov    dword ptr fs:[eax], esp
0050AADD .  FF05 A82F5700 inc    dword ptr [572FA8]
0050AAE3 .  33C0       xor    eax, eax
0050AAE5 .  5A          pop    edx
0050AAE6 .  59          pop    ecx
0050AAE7 .  59          pop    ecx
0050AAE8 .  64:8910    mov    dword ptr fs:[eax], edx
0050AAEB .  68 F8AA5000 push 0050AAF8
0050AAF0 >  C3          retn                                  ;  RET 用作跳转到 0050AAF8
0050AAF1 .^ E9 E696EFFF jmp    004041DC
0050AAF6 .^ EB F8       jmp    short 0050AAF0
0050AAF8 >  5D          pop    ebp
0050AAF9 .  C3          retn
0050AAFA    8BC0       mov    eax, eax
0050AAFC .  832D A82F5700>sub    dword ptr [572FA8], 1
0050AB03 .  C3          retn
0050AB04 .  55          push ebp
0050AB05 .  8BEC       mov    ebp, esp
0050AB07 .  33C0       xor    eax, eax
0050AB09 .  55          push ebp
0050AB0A .  68 B1AB5000 push 0050ABB1
0050AB0F .  64:FF30    push dword ptr fs:[eax]
0050AB12 .  64:8920    mov    dword ptr fs:[eax], esp
0050AB15 .  FF05 F02F5700 inc    dword ptr [572FF0]
0050AB1B    E9 9A000000 jmp    0050ABBA
0050AB20    00B8 EC2F5700 add    byte ptr [eax+572FEC], bh
0050AB26 .  E8 899DEFFF call 004048B4
0050AB2B .  B8 E82F5700 mov    eax, 00572FE8
0050AB30 .  E8 7F9DEFFF call 004048B4
0050AB35 .  B8 E42F5700 mov    eax, 00572FE4
0050AB3A .  E8 759DEFFF call 004048B4
0050AB3F .  B8 D82F5700 mov    eax, 00572FD8
0050AB44 .  E8 6B9DEFFF call 004048B4
0050AB49 .  B8 D42F5700 mov    eax, 00572FD4
0050AB4E .  E8 619DEFFF call 004048B4
0050AB53 .  B8 D02F5700 mov    eax, 00572FD0
0050AB58 .  E8 579DEFFF call 004048B4
0050AB5D .  B8 CC2F5700 mov    eax, 00572FCC
0050AB62 .  E8 4D9DEFFF call 004048B4
0050AB67 .  B8 C82F5700 mov    eax, 00572FC8
0050AB6C .  E8 439DEFFF call 004048B4
0050AB71 .  B8 C02F5700 mov    eax, 00572FC0
0050AB76 .  E8 399DEFFF call 004048B4
0050AB7B .  B8 BC2F5700 mov    eax, 00572FBC
0050AB80 .  E8 2F9DEFFF call 004048B4
0050AB85 .  B8 B82F5700 mov    eax, 00572FB8
0050AB8A .  E8 259DEFFF call 004048B4
0050AB8F .  B8 B42F5700 mov    eax, 00572FB4
0050AB94 .  E8 1B9DEFFF call 004048B4
0050AB99 .  B8 B02F5700 mov    eax, 00572FB0
0050AB9E .  E8 119DEFFF call 004048B4
0050ABA3 >  33C0       xor    eax, eax
0050ABA5 .  5A          pop    edx
0050ABA6 .  59          pop    ecx
0050ABA7 .  59          pop    ecx
0050ABA8 .  64:8910    mov    dword ptr fs:[eax], edx
0050ABAB .  68 B8AB5000 push 0050ABB8
0050ABB0 >  C3          retn                                  ;  RET 用作跳转到 0050ABB8
0050ABB1 .^ E9 2696EFFF jmp    004041DC
0050ABB6 .^ EB F8       jmp    short 0050ABB0
0050ABB8 >  5D          pop    ebp
0050ABB9 .  C3          retn
0050ABBA    8BC0       mov    eax, eax
0050ABBC .  832D F02F5700>sub    dword ptr [572FF0], 1
0050ABC3 .  C3          retn
0050ABC4 .  C8AB5000    dd    YDYL.0050ABC8
0050ABC8    0E          db    0E
0050ABC9 .  0E          db    0E
0050ABCA .  54 72 63 64 5>ascii "Trcd_arrayname"

[课程]Android-CTF解题方法汇总！

收藏・0

免费・0

支持

最新回复 (3)
zyxlxj 雪币： 43 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 39 粉丝 0 关注私信	zyxlxj 2 楼求助高手如何跳出加密狗限制 2010-12-27 22:16 0
zyxlxj 雪币： 43 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 39 粉丝 0 关注私信	zyxlxj 3 楼没有人帮忙吗？ 2010-12-28 09:18 0
惊叹号雪币： 36 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 1 回帖 11 粉丝 0 关注私信	惊叹号 4 楼路过，学习。。。。 2010-12-28 09:40 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

zyxlxj

发帖

回帖

RANK

关注

私信

他的文章

关于我们

联系我们

企业服务

看雪公众号

最新回复 (3)
zyxlxj 雪币： 43 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 39 粉丝 0 关注私信	zyxlxj 2 楼求助高手如何跳出加密狗限制 2010-12-27 22:16 0
zyxlxj 雪币： 43 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 39 粉丝 0 关注私信	zyxlxj 3 楼没有人帮忙吗？ 2010-12-28 09:18 0
惊叹号雪币： 36 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 1 回帖 11 粉丝 0 关注私信	惊叹号 4 楼路过，学习。。。。 2010-12-28 09:40 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复