如下所示,我用w32dsm反编译了一个VB软件的机器码和汇编语言,但看不明白,特别是机器码的78,79是什么意思?
如果要爆破,怎么修改?
谢谢前辈了! 软件下载
http://u.115.com/file/t9b5eff2cb
:00438A09 7956 jns 00438A61
:00438A0B 61 popad
:00438A0C 6C insb
:00438A0D 7565 jne 00438A74
:00438A0F 000C00 add byte ptr [eax+eax], cl
:00438A12 6C insb
:00438A13 000000000000000000 BYTE 9 DUP(0)
:00438A1C 0A00 or al, byte ptr [eax]
:00438A1E 0000 add byte ptr [eax], al
:00438A20 3A6768 cmp ah, byte ptr [edi+68]
:00438A23 56 push esi
:00438A24 01781A add dword ptr [eax+1A], edi
:00438A27 FF20 jmp dword ptr [eax]
:00438A29 000000 BYTE 3 DUP(0)
:00438A2C 1000 adc byte ptr [eax], al
:00438A2E 0000 add byte ptr [eax], al
:00438A30 2C67 sub al, 67 本软件尚未注册
:00438A32 6F outsd
:00454A14 1200 adc al, byte ptr [eax]
:00454A16 0000 add byte ptr [eax], al
:00454A18 A860 test al, 60
:00454A1A A16C096793 mov eax, dword ptr [9367096C]
:00454A1F 8F6551 pop [ebp+51]
:00454A22 E86C8C5101 call 0196D693
:00454A27 7802 js 00454A2B 这句不明白?
:00454A29 3000 xor byte ptr [eax], al
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00454A27(C)
|
:00454A2B 0020 add byte ptr [eax], ah
:00454A2D 000000 BYTE 3 DUP(0)
:00454A30 E86C8C5110 call 1096D6A1 注册成功!
:00454A35 629F5201FF00 bound ebx, dword ptr [edi+00FF0152]
:00454A3B 90 nop
:00454A3C FA cli
:00454A3D 51 push ecx
:00454A3E 2C67 sub al, 67
:00454A40 0B7A8F or edi, dword ptr [edx-71]
:00454A43 5E pop esi
:00454A44 765E jbe 00454AA4 这句不明白?
:00454A46 CD91 int 91
:00454A48 B065 mov al, 65
:00454A4A D08F4C880230 ror byte ptr [edi+3002884C], 1
:00454A50 00000000 BYTE 4 DUP(0)
:00454A54 0C00 or al, 00
:00454A56 0000 add byte ptr [eax], al
:00454A58 E86C8C5101 call 0196D6C9 注册码不对!
:00454A5D 780D js 00454A6C
:00454A5F 4E dec esi
:00454A60 F9 stc
[课程]Linux pwn 探索篇!