能力值:
( LV8,RANK:130 )
|
-
-
2 楼
整个过程如下:
00682699 E8 482CD8FF call <jmp.&MSVBVM60.__vbaStrCmp>
0068269E 8BF0 mov esi,eax
006826A0 F7DE neg esi
006826A2 1BF6 sbb esi,esi
006826A4 46 inc esi
006826A5 F7DE neg esi
006826A7 FF75 C4 push dword ptr ss:[ebp-3C] //这里堆栈友好提示:堆栈 ss:[0012FB28]=0014E6E4, (UNICODE "123456789")我的假码
006826AA FF75 C0 push dword ptr ss:[ebp-40]
006826AD E8 342CD8FF call <jmp.&MSVBVM60.__vbaStrCmp>
006826B2 F7D8 neg eax
006826B4 1BC0 sbb eax,eax
006826B6 40 inc eax
006826B7 F7D8 neg eax
006826B9 66:23F0 and si,ax
006826BC 66:89B5 0CFFFFFF mov word ptr ss:[ebp-F4],si
006826C3 8D45 C0 lea eax,dword ptr ss:[ebp-40]
006826C6 50 push eax
006826C7 8D45 C4 lea eax,dword ptr ss:[ebp-3C]
006826CA 50 push eax
006826CB 8D45 C8 lea eax,dword ptr ss:[ebp-38]
006826CE 50 push eax
006826CF 8D45 CC lea eax,dword ptr ss:[ebp-34]
006826D2 50 push eax
006826D3 6A 04 push 4
006826D5 E8 C42BD8FF call <jmp.&MSVBVM60.__vbaFreeStrList>
006826DA 83C4 14 add esp,14
006826DD 8D45 B0 lea eax,dword ptr ss:[ebp-50]
006826E0 50 push eax
006826E1 8D45 B4 lea eax,dword ptr ss:[ebp-4C]
006826E4 50 push eax
006826E5 8D45 B8 lea eax,dword ptr ss:[ebp-48]
006826E8 50 push eax
006826E9 8D45 BC lea eax,dword ptr ss:[ebp-44]
006826EC 50 push eax
006826ED 6A 04 push 4
006826EF E8 D42BD8FF call <jmp.&MSVBVM60.__vbaFreeObjList>
006826F4 83C4 14 add esp,14
006826F7 0FBF85 0CFFFFFF movsx eax,word ptr ss:[ebp-F4]
006826FE 85C0 test eax,eax
00682700 0F84 29020000 je 特网彩票.0068292F
00682706 C745 FC 13000000 mov dword ptr ss:[ebp-4],13
0068270D 66:830D 3EC06A00 >or word ptr ds:[6AC03E],0FFFF
00682715 C745 FC 14000000 mov dword ptr ss:[ebp-4],14
0068271C 833D B4C06A00 00 cmp dword ptr ds:[6AC0B4],0
00682723 75 1B jnz short 特网彩票.00682740
00682725 68 B4C06A00 push 特网彩票.006AC0B4
0068272A 68 1CCD4000 push 特网彩票.0040CD1C
0068272F E8 8E2BD8FF call <jmp.&MSVBVM60.__vbaNew2>
00682734 C785 B8FEFFFF B4C>mov dword ptr ss:[ebp-148],特网彩票.006AC0B4
0068273E EB 0A jmp short 特网彩票.0068274A
00682740 C785 B8FEFFFF B4C>mov dword ptr ss:[ebp-148],特网彩票.006AC0B4
0068274A 8B85 B8FEFFFF mov eax,dword ptr ss:[ebp-148]
00682750 8B00 mov eax,dword ptr ds:[eax]
00682752 8B8D B8FEFFFF mov ecx,dword ptr ss:[ebp-148]
00682758 8B09 mov ecx,dword ptr ds:[ecx]
0068275A 8B09 mov ecx,dword ptr ds:[ecx]
0068275C 50 push eax
0068275D FF91 00030000 call dword ptr ds:[ecx+300]
00682763 50 push eax
00682764 8D45 BC lea eax,dword ptr ss:[ebp-44]
00682767 50 push eax
00682768 E8 6D2BD8FF call <jmp.&MSVBVM60.__vbaObjSet>
0068276D 8985 2CFFFFFF mov dword ptr ss:[ebp-D4],eax
00682773 68 28F24200 push 特网彩票.0042F228 ; UNICODE "true"
00682778 8B85 2CFFFFFF mov eax,dword ptr ss:[ebp-D4]
0068277E 8B00 mov eax,dword ptr ds:[eax]
00682780 FFB5 2CFFFFFF push dword ptr ss:[ebp-D4]
00682786 FF90 A4000000 call dword ptr ds:[eax+A4]
0068278C DBE2 fclex
0068278E 8985 28FFFFFF mov dword ptr ss:[ebp-D8],eax
00682794 83BD 28FFFFFF 00 cmp dword ptr ss:[ebp-D8],0
0068279B 7D 23 jge short 特网彩票.006827C0
0068279D 68 A4000000 push 0A4
006827A2 68 C8C94200 push 特网彩票.0042C9C8
006827A7 FFB5 2CFFFFFF push dword ptr ss:[ebp-D4]
006827AD FFB5 28FFFFFF push dword ptr ss:[ebp-D8]
006827B3 E8 1C2BD8FF call <jmp.&MSVBVM60.__vbaHresultCheckObj>
006827B8 8985 B4FEFFFF mov dword ptr ss:[ebp-14C],eax
006827BE EB 07 jmp short 特网彩票.006827C7
006827C0 83A5 B4FEFFFF 00 and dword ptr ss:[ebp-14C],0
006827C7 8D4D BC lea ecx,dword ptr ss:[ebp-44]
006827CA E8 FF2AD8FF call <jmp.&MSVBVM60.__vbaFreeObj>
006827CF C745 FC 15000000 mov dword ptr ss:[ebp-4],15
006827D6 833D A8C96A00 00 cmp dword ptr ds:[6AC9A8],0
006827DD 75 1B jnz short 特网彩票.006827FA
006827DF 68 A8C96A00 push 特网彩票.006AC9A8
006827E4 68 50D44200 push 特网彩票.0042D450
006827E9 E8 D42AD8FF call <jmp.&MSVBVM60.__vbaNew2>
006827EE C785 B0FEFFFF A8C>mov dword ptr ss:[ebp-150],特网彩票.006AC9A8
006827F8 EB 0A jmp short 特网彩票.00682804
006827FA C785 B0FEFFFF A8C>mov dword ptr ss:[ebp-150],特网彩票.006AC9A8
00682804 8B85 B0FEFFFF mov eax,dword ptr ss:[ebp-150]
0068280A 8B00 mov eax,dword ptr ds:[eax]
0068280C 8985 2CFFFFFF mov dword ptr ss:[ebp-D4],eax
00682812 FF75 08 push dword ptr ss:[ebp+8]
00682815 8D45 BC lea eax,dword ptr ss:[ebp-44]
00682818 50 push eax
00682819 E8 4A2AD8FF call <jmp.&MSVBVM60.__vbaObjSetAddref>
0068281E 50 push eax
0068281F 8B85 2CFFFFFF mov eax,dword ptr ss:[ebp-D4]
00682825 8B00 mov eax,dword ptr ds:[eax]
00682827 FFB5 2CFFFFFF push dword ptr ss:[ebp-D4]
0068282D FF50 10 call dword ptr ds:[eax+10]
00682830 DBE2 fclex
00682832 8985 28FFFFFF mov dword ptr ss:[ebp-D8],eax
00682838 83BD 28FFFFFF 00 cmp dword ptr ss:[ebp-D8],0
0068283F 7D 20 jge short 特网彩票.00682861
00682841 6A 10 push 10
00682843 68 40D44200 push 特网彩票.0042D440
00682848 FFB5 2CFFFFFF push dword ptr ss:[ebp-D4]
0068284E FFB5 28FFFFFF push dword ptr ss:[ebp-D8]
00682854 E8 7B2AD8FF call <jmp.&MSVBVM60.__vbaHresultCheckObj>
00682859 8985 ACFEFFFF mov dword ptr ss:[ebp-154],eax
0068285F EB 07 jmp short 特网彩票.00682868
00682861 83A5 ACFEFFFF 00 and dword ptr ss:[ebp-154],0
00682868 8D4D BC lea ecx,dword ptr ss:[ebp-44]
0068286B E8 5E2AD8FF call <jmp.&MSVBVM60.__vbaFreeObj>
00682870 C745 FC 16000000 mov dword ptr ss:[ebp-4],16
00682877 833D B4C06A00 00 cmp dword ptr ds:[6AC0B4],0
0068287E 75 1B jnz short 特网彩票.0068289B
00682880 68 B4C06A00 push 特网彩票.006AC0B4
00682885 68 1CCD4000 push 特网彩票.0040CD1C
0068288A E8 332AD8FF call <jmp.&MSVBVM60.__vbaNew2>
0068288F C785 A8FEFFFF B4C>mov dword ptr ss:[ebp-158],特网彩票.006AC0B4
00682899 EB 0A jmp short 特网彩票.006828A5
0068289B C785 A8FEFFFF B4C>mov dword ptr ss:[ebp-158],特网彩票.006AC0B4
006828A5 8B85 A8FEFFFF mov eax,dword ptr ss:[ebp-158]
006828AB 8B00 mov eax,dword ptr ds:[eax]
006828AD 8985 2CFFFFFF mov dword ptr ss:[ebp-D4],eax
006828B3 C785 68FFFFFF 040>mov dword ptr ss:[ebp-98],80020004
006828BD C785 60FFFFFF 0A0>mov dword ptr ss:[ebp-A0],0A
006828C7 6A 10 push 10
006828C9 58 pop eax
006828CA E8 7127D8FF call <jmp.&MSVBVM60.__vbaChkstk>
006828CF 8DB5 60FFFFFF lea esi,dword ptr ss:[ebp-A0]
006828D5 8BFC mov edi,esp
006828D7 A5 movs dword ptr es:[edi],dword ptr ds:[esi]
006828D8 A5 movs dword ptr es:[edi],dword ptr ds:[esi]
006828D9 A5 movs dword ptr es:[edi],dword ptr ds:[esi]
006828DA A5 movs dword ptr es:[edi],dword ptr ds:[esi]
006828DB 8B85 2CFFFFFF mov eax,dword ptr ss:[ebp-D4]
006828E1 8B00 mov eax,dword ptr ds:[eax]
006828E3 FFB5 2CFFFFFF push dword ptr ss:[ebp-D4]
006828E9 FF90 AC020000 call dword ptr ds:[eax+2AC]
006828EF DBE2 fclex
006828F1 8985 28FFFFFF mov dword ptr ss:[ebp-D8],eax
006828F7 83BD 28FFFFFF 00 cmp dword ptr ss:[ebp-D8],0
006828FE 7D 23 jge short 特网彩票.00682923
00682900 68 AC020000 push 2AC
00682905 68 90E94200 push 特网彩票.0042E990
0068290A FFB5 2CFFFFFF push dword ptr ss:[ebp-D4]
00682910 FFB5 28FFFFFF push dword ptr ss:[ebp-D8]
00682916 E8 B929D8FF call <jmp.&MSVBVM60.__vbaHresultCheckObj>
0068291B 8985 A4FEFFFF mov dword ptr ss:[ebp-15C],eax
00682921 EB 07 jmp short 特网彩票.0068292A
00682923 83A5 A4FEFFFF 00 and dword ptr ss:[ebp-15C],0
0068292A E9 BD040000 jmp 特网彩票.00682DEC
0068292F C745 FC 18000000 mov dword ptr ss:[ebp-4],18
00682936 8B45 08 mov eax,dword ptr ss:[ebp+8]
00682939 8B00 mov eax,dword ptr ds:[eax]
0068293B FF75 08 push dword ptr ss:[ebp+8]
0068293E FF90 10030000 call dword ptr ds:[eax+310]
00682944 50 push eax
00682945 8D45 BC lea eax,dword ptr ss:[ebp-44]
00682948 50 push eax
00682949 E8 8C29D8FF call <jmp.&MSVBVM60.__vbaObjSet>
0068294E 8985 2CFFFFFF mov dword ptr ss:[ebp-D4],eax
00682954 6A 00 push 0
00682956 8B85 2CFFFFFF mov eax,dword ptr ss:[ebp-D4]
0068295C 8B00 mov eax,dword ptr ds:[eax]
0068295E FFB5 2CFFFFFF push dword ptr ss:[ebp-D4]
00682964 FF50 5C call dword ptr ds:[eax+5C]
00682967 DBE2 fclex
00682969 8985 28FFFFFF mov dword ptr ss:[ebp-D8],eax
0068296F 83BD 28FFFFFF 00 cmp dword ptr ss:[ebp-D8],0
00682976 7D 20 jge short 特网彩票.00682998
00682978 6A 5C push 5C
0068297A 68 94C94200 push 特网彩票.0042C994
0068297F FFB5 2CFFFFFF push dword ptr ss:[ebp-D4]
00682985 FFB5 28FFFFFF push dword ptr ss:[ebp-D8]
0068298B E8 4429D8FF call <jmp.&MSVBVM60.__vbaHresultCheckObj>
00682990 8985 A0FEFFFF mov dword ptr ss:[ebp-160],eax
00682996 EB 07 jmp short 特网彩票.0068299F
00682998 83A5 A0FEFFFF 00 and dword ptr ss:[ebp-160],0
0068299F 8D4D BC lea ecx,dword ptr ss:[ebp-44]
006829A2 E8 2729D8FF call <jmp.&MSVBVM60.__vbaFreeObj>
006829A7 C745 FC 19000000 mov dword ptr ss:[ebp-4],19
006829AE 8B45 08 mov eax,dword ptr ss:[ebp+8]
006829B1 8B00 mov eax,dword ptr ds:[eax]
006829B3 FF75 08 push dword ptr ss:[ebp+8]
006829B6 FF90 00030000 call dword ptr ds:[eax+300]
006829BC 50 push eax
006829BD 8D45 BC lea eax,dword ptr ss:[ebp-44]
006829C0 50 push eax
006829C1 E8 1429D8FF call <jmp.&MSVBVM60.__vbaObjSet>
006829C6 8985 2CFFFFFF mov dword ptr ss:[ebp-D4],eax
006829CC 6A 00 push 0
006829CE 8B85 2CFFFFFF mov eax,dword ptr ss:[ebp-D4]
006829D4 8B00 mov eax,dword ptr ds:[eax]
006829D6 FFB5 2CFFFFFF push dword ptr ss:[ebp-D4]
006829DC FF50 5C call dword ptr ds:[eax+5C]
006829DF DBE2 fclex
006829E1 8985 28FFFFFF mov dword ptr ss:[ebp-D8],eax
006829E7 83BD 28FFFFFF 00 cmp dword ptr ss:[ebp-D8],0
006829EE 7D 20 jge short 特网彩票.00682A10
006829F0 6A 5C push 5C
006829F2 68 94C94200 push 特网彩票.0042C994
006829F7 FFB5 2CFFFFFF push dword ptr ss:[ebp-D4]
006829FD FFB5 28FFFFFF push dword ptr ss:[ebp-D8]
00682A03 E8 CC28D8FF call <jmp.&MSVBVM60.__vbaHresultCheckObj>
00682A08 8985 9CFEFFFF mov dword ptr ss:[ebp-164],eax
00682A0E EB 07 jmp short 特网彩票.00682A17
00682A10 83A5 9CFEFFFF 00 and dword ptr ss:[ebp-164],0
00682A17 8D4D BC lea ecx,dword ptr ss:[ebp-44]
00682A1A E8 AF28D8FF call <jmp.&MSVBVM60.__vbaFreeObj>
00682A1F C745 FC 1A000000 mov dword ptr ss:[ebp-4],1A
00682A26 8B45 08 mov eax,dword ptr ss:[ebp+8]
00682A29 8B00 mov eax,dword ptr ds:[eax]
00682A2B FF75 08 push dword ptr ss:[ebp+8]
00682A2E FF90 38030000 call dword ptr ds:[eax+338]
00682A34 50 push eax
00682A35 8D45 BC lea eax,dword ptr ss:[ebp-44]
00682A38 50 push eax
00682A39 E8 9C28D8FF call <jmp.&MSVBVM60.__vbaObjSet>
00682A3E 8985 2CFFFFFF mov dword ptr ss:[ebp-D4],eax
00682A44 6A 00 push 0
00682A46 8B85 2CFFFFFF mov eax,dword ptr ss:[ebp-D4]
00682A4C 8B00 mov eax,dword ptr ds:[eax]
00682A4E FFB5 2CFFFFFF push dword ptr ss:[ebp-D4]
00682A54 FF90 9C000000 call dword ptr ds:[eax+9C]
00682A5A DBE2 fclex
00682A5C 8985 28FFFFFF mov dword ptr ss:[ebp-D8],eax
00682A62 83BD 28FFFFFF 00 cmp dword ptr ss:[ebp-D8],0
00682A69 7D 23 jge short 特网彩票.00682A8E
00682A6B 68 9C000000 push 9C
00682A70 68 C8F14200 push 特网彩票.0042F1C8
00682A75 FFB5 2CFFFFFF push dword ptr ss:[ebp-D4]
00682A7B FFB5 28FFFFFF push dword ptr ss:[ebp-D8]
00682A81 E8 4E28D8FF call <jmp.&MSVBVM60.__vbaHresultCheckObj>
00682A86 8985 98FEFFFF mov dword ptr ss:[ebp-168],eax
00682A8C EB 07 jmp short 特网彩票.00682A95
00682A8E 83A5 98FEFFFF 00 and dword ptr ss:[ebp-168],0
00682A95 8D4D BC lea ecx,dword ptr ss:[ebp-44]
00682A98 E8 3128D8FF call <jmp.&MSVBVM60.__vbaFreeObj>
00682A9D C745 FC 1B000000 mov dword ptr ss:[ebp-4],1B
00682AA4 C785 78FFFFFF 040>mov dword ptr ss:[ebp-88],80020004
00682AAE C785 70FFFFFF 0A0>mov dword ptr ss:[ebp-90],0A
00682AB8 C745 88 04000280 mov dword ptr ss:[ebp-78],80020004
00682ABF C745 80 0A000000 mov dword ptr ss:[ebp-80],0A
00682AC6 C785 68FFFFFF 600>mov dword ptr ss:[ebp-98],特网彩票.00430560
00682AD0 C785 60FFFFFF 080>mov dword ptr ss:[ebp-A0],8
00682ADA 8D95 60FFFFFF lea edx,dword ptr ss:[ebp-A0]
00682AE0 8D4D 90 lea ecx,dword ptr ss:[ebp-70]
00682AE3 E8 1028D8FF call <jmp.&MSVBVM60.__vbaVarDup>
00682AE8 68 0C514300 push 特网彩票.0043510C
00682AED 68 14DB4200 push 特网彩票.0042DB14 ; UNICODE "
"
00682AF2 E8 BF27D8FF call <jmp.&MSVBVM60.__vbaStrCat>
00682AF7 8BD0 mov edx,eax
00682AF9 8D4D CC lea ecx,dword ptr ss:[ebp-34]
00682AFC E8 BB27D8FF call <jmp.&MSVBVM60.__vbaStrMove>
00682B01 50 push eax
00682B02 68 14DB4200 push 特网彩票.0042DB14 ; UNICODE "
"
00682B07 E8 AA27D8FF call <jmp.&MSVBVM60.__vbaStrCat>
00682B0C 8BD0 mov edx,eax
00682B0E 8D4D C8 lea ecx,dword ptr ss:[ebp-38]
00682B11 E8 A627D8FF call <jmp.&MSVBVM60.__vbaStrMove>
00682B16 50 push eax
00682B17 68 24514300 push 特网彩票.00435124
00682B1C E8 9527D8FF call <jmp.&MSVBVM60.__vbaStrCat>
00682B21 8945 A8 mov dword ptr ss:[ebp-58],eax
00682B24 C745 A0 08000000 mov dword ptr ss:[ebp-60],8
00682B2B 8D85 70FFFFFF lea eax,dword ptr ss:[ebp-90]
00682B31 50 push eax
00682B32 8D45 80 lea eax,dword ptr ss:[ebp-80]
00682B35 50 push eax
00682B36 8D45 90 lea eax,dword ptr ss:[ebp-70]
00682B39 50 push eax
00682B3A 6A 01 push 1
00682B3C 8D45 A0 lea eax,dword ptr ss:[ebp-60]
00682B3F 50 push eax
00682B40 E8 B927D8FF call <jmp.&MSVBVM60.rtcMsgBox> //到这里弹出出错对话框!
会VB的兄弟,请给我点提示~~~OK ......
|
