请各路大神帮忙分析一解压算法-软件逆向-看雪-安全社区|安全招聘|kanxue.com

请各路大神帮忙分析一解压算法

发表于: 2011-8-23 15:46 5393

请各路大神帮忙分析一解压算法

themars

2011-8-23 15:46

5393

下面这个函数的实现了一个解压算法, 我的目的是要将这个解压算法还原成高级语言, 但是实在看的一头雾水
烦请各路大神帮忙看看，能提供一下思路也是好的，万分感谢
此函数接收4个参数
Buf: Pbyte; (一个压缩的Buf)
Len: Integer; (Buf的长度)
UnZipBuf: Pbyte; (存放解压后的Buf)
UnLen: PInt; (解压后的Buf的长度)

0042C520  /$  8B4424 10    mov    eax, dword ptr [esp+10]
0042C524  |.  8B5424 08    mov    edx, dword ptr [esp+8]          ;  Len(Buf)
0042C528  |.  53          push ebx
0042C529  |.  8B5C24 10    mov    ebx, dword ptr [esp+10]       ;  UnZipBuf
0042C52D  |.  8B00       mov    eax, dword ptr [eax]          ;  Len(UnZipBuf)
0042C52F  |.  55          push ebp
0042C530  |.  56          push esi
0042C531  |.  8B7424 10    mov    esi, dword ptr [esp+10]       ;  Buf
0042C535  |.  57          push edi
0042C536  |.  8D3C18       lea    edi, dword ptr [eax+ebx]
0042C539  |.  85F6       test esi, esi
0042C53B  |.  8BCB       mov    ecx, ebx
0042C53D  |.  8D2C16       lea    ebp, dword ptr [esi+edx]
0042C540  |.  897C24 14    mov    dword ptr [esp+14], edi
0042C544  |.  0F84 6E030000 je    0042C8B8
0042C54A  |.  83FA 03    cmp    edx, 3
0042C54D  |.  0F82 65030000 jb    0042C8B8
0042C553  |.  837C24 20 00  cmp    dword ptr [esp+20], 0
0042C558  |.  0F84 5A030000 je    0042C8B8
0042C55E  |.  85DB       test ebx, ebx
0042C560  |.  0F84 52030000 je    0042C8B8
0042C566  |.  83F8 01    cmp    eax, 1
0042C569  |.  0F82 49030000 jb    0042C8B8
0042C56F  |.  8B4424 20    mov    eax, dword ptr [esp+20]
0042C573  |.  C700 00000000 mov    dword ptr [eax], 0
0042C579  |.  8A45 FF    mov    al, byte ptr [ebp-1]
0042C57C  |.  84C0       test al, al
0042C57E  |.  0F85 1F030000 jnz    0042C8A3
0042C584  |.  8A45 FE    mov    al, byte ptr [ebp-2]
0042C587  |.  84C0       test al, al
0042C589  |.  0F85 14030000 jnz    0042C8A3
0042C58F  |.  807D FD 11 cmp    byte ptr [ebp-3], 11
0042C593  |.  0F85 0A030000 jnz    0042C8A3
0042C599  |.  8A06       mov    al, byte ptr [esi]
0042C59B  |.  3C 11       cmp    al, 11
0042C59D  |.  76 39       jbe    short 0042C5D8
0042C59F  |.  25 FF000000 and    eax, 0FF
0042C5A4  |.  83E8 11    sub    eax, 11
0042C5A7  |.  46          inc    esi
0042C5A8  |.  83F8 04    cmp    eax, 4
0042C5AB  |.  0F82 1C010000 jb    0042C6CD
0042C5B1  |.  2BFB       sub    edi, ebx
0042C5B3  |.  3BF8       cmp    edi, eax
0042C5B5  |.  0F82 FD020000 jb    0042C8B8
0042C5BB  |.  8BD5       mov    edx, ebp
0042C5BD  |.  8D78 01    lea    edi, dword ptr [eax+1]
0042C5C0  |.  2BD6       sub    edx, esi
0042C5C2  |.  3BD7       cmp    edx, edi
0042C5C4  |.  0F82 EE020000 jb    0042C8B8
0042C5CA  |>  8A16       /mov    dl, byte ptr [esi]
0042C5CC  |.  8811       |mov    byte ptr [ecx], dl
0042C5CE  |.  41          |inc    ecx
0042C5CF  |.  46          |inc    esi
0042C5D0  |.  48          |dec    eax
0042C5D1  |.^ 75 F7       \jnz    short 0042C5CA
0042C5D3  |.  E9 97000000 jmp    0042C66F
0042C5D8  |>  33C0       xor    eax, eax
0042C5DA  |.  8A06       mov    al, byte ptr [esi]
0042C5DC  |.  46          inc    esi
0042C5DD  |.  83F8 10    cmp    eax, 10
0042C5E0  |.  0F83 12010000 jnb    0042C6F8
0042C5E6  |.  85C0       test eax, eax
0042C5E8  |.  75 29       jnz    short 0042C613
0042C5EA  |.  3BF5       cmp    esi, ebp
0042C5EC  |.  0F87 C6020000 ja    0042C8B8
0042C5F2  |.  803E 00    cmp    byte ptr [esi], 0
0042C5F5  |.  75 13       jnz    short 0042C60A
0042C5F7  |>  05 FF000000 /add    eax, 0FF
0042C5FC  |.  46          |inc    esi
0042C5FD  |.  3BF5       |cmp    esi, ebp
0042C5FF  |.  0F87 B3020000 |ja    0042C8B8
0042C605  |.  803E 00    |cmp    byte ptr [esi], 0
0042C608  |.^ 74 ED       \je    short 0042C5F7
0042C60A  |>  33D2       xor    edx, edx
0042C60C  |.  8A16       mov    dl, byte ptr [esi]
0042C60E  |.  46          inc    esi
0042C60F  |.  8D4410 0F    lea    eax, dword ptr [eax+edx+F]
0042C613  |>  8B5424 14    mov    edx, dword ptr [esp+14]
0042C617  |.  8D78 03    lea    edi, dword ptr [eax+3]
0042C61A  |.  2BD1       sub    edx, ecx
0042C61C  |.  3BD7       cmp    edx, edi
0042C61E  |.  0F82 94020000 jb    0042C8B8
0042C624  |.  8BD5       mov    edx, ebp
0042C626  |.  8D78 04    lea    edi, dword ptr [eax+4]
0042C629  |.  2BD6       sub    edx, esi
0042C62B  |.  3BD7       cmp    edx, edi
0042C62D  |.  0F82 85020000 jb    0042C8B8
0042C633  |.  8B16       mov    edx, dword ptr [esi]
0042C635  |.  83C6 04    add    esi, 4
0042C638  |.  8911       mov    dword ptr [ecx], edx
0042C63A  |.  83C1 04    add    ecx, 4
0042C63D  |.  48          dec    eax                            ; Switch (cases 1..4)
0042C63E  |.  74 2F       je    short 0042C66F
0042C640  |.  83F8 04    cmp    eax, 4
0042C643  |.  72 21       jb    short 0042C666
0042C645  |>  8B16       /mov    edx, dword ptr [esi]          ;  Default case of switch 0042C63D
0042C647  |.  83E8 04    |sub    eax, 4
0042C64A  |.  8911       |mov    dword ptr [ecx], edx
0042C64C  |.  83C1 04    |add    ecx, 4
0042C64F  |.  83C6 04    |add    esi, 4
0042C652  |.  83F8 04    |cmp    eax, 4
0042C655  |.^ 73 EE       \jnb    short 0042C645
0042C657  |.  85C0       test eax, eax
0042C659  |.  76 14       jbe    short 0042C66F
0042C65B  |>  8A16       /mov    dl, byte ptr [esi]
0042C65D  |.  8811       |mov    byte ptr [ecx], dl
0042C65F  |.  41          |inc    ecx
0042C660  |.  46          |inc    esi
0042C661  |.  48          |dec    eax
0042C662  |.^ 75 F7       \jnz    short 0042C65B
0042C664  |.  EB 09       jmp    short 0042C66F
0042C666  |>  8A16       /mov    dl, byte ptr [esi]             ;  Cases 2,3,4 of switch 0042C63D
0042C668  |.  8811       |mov    byte ptr [ecx], dl
0042C66A  |.  41          |inc    ecx
0042C66B  |.  46          |inc    esi
0042C66C  |.  48          |dec    eax
0042C66D  |.^ 75 F7       \jnz    short 0042C666
0042C66F  |>  33C0       xor    eax, eax                      ;  Case 1 of switch 0042C63D
0042C671  |.  8A06       mov    al, byte ptr [esi]
0042C673  |.  46          inc    esi
0042C674  |.  83F8 10    cmp    eax, 10
0042C677  |.  73 7F       jnb    short 0042C6F8
0042C679  |.  33D2       xor    edx, edx
0042C67B  |.  8A16       mov    dl, byte ptr [esi]
0042C67D  |.  8BFA       mov    edi, edx
0042C67F  |.  8BD1       mov    edx, ecx
0042C681  |.  C1E7 02    shl    edi, 2
0042C684  |.  2BD7       sub    edx, edi
0042C686  |.  C1E8 02    shr    eax, 2
0042C689  |.  2BD0       sub    edx, eax
0042C68B  |.  81EA 01080000 sub    edx, 801
0042C691  |.  46          inc    esi
0042C692  |.  3BD3       cmp    edx, ebx
0042C694  |.  0F82 1E020000 jb    0042C8B8
0042C69A  |.  8B4424 14    mov    eax, dword ptr [esp+14]
0042C69E  |.  2BC1       sub    eax, ecx
0042C6A0  |.  83F8 03    cmp    eax, 3
0042C6A3  |.  0F8C 0F020000 jl    0042C8B8
0042C6A9  |.  8A02       mov    al, byte ptr [edx]
0042C6AB  |.  8801       mov    byte ptr [ecx], al
0042C6AD  |.  8A42 01    mov    al, byte ptr [edx+1]
0042C6B0  |.  41          inc    ecx
0042C6B1  |.  42          inc    edx
0042C6B2  |.  8801       mov    byte ptr [ecx], al
0042C6B4  |.  8A52 01    mov    dl, byte ptr [edx+1]
0042C6B7  |.  41          inc    ecx
0042C6B8  |.  8811       mov    byte ptr [ecx], dl
0042C6BA  |.  41          inc    ecx
0042C6BB  |.  EB 04       jmp    short 0042C6C1
0042C6BD  |>  8B5C24 1C    mov    ebx, dword ptr [esp+1C]
0042C6C1  |>  8A46 FE    mov    al, byte ptr [esi-2]
0042C6C4  |.  83E0 03    and    eax, 3
0042C6C7  |.^ 0F84 0BFFFFFF je    0042C5D8
0042C6CD  |>  8B5424 14    mov    edx, dword ptr [esp+14]
0042C6D1  |.  2BD1       sub    edx, ecx
0042C6D3  |.  3BD0       cmp    edx, eax
0042C6D5  |.  0F82 DD010000 jb    0042C8B8
0042C6DB  |.  8BD5       mov    edx, ebp
0042C6DD  |.  8D78 01    lea    edi, dword ptr [eax+1]
0042C6E0  |.  2BD6       sub    edx, esi
0042C6E2  |.  3BD7       cmp    edx, edi
0042C6E4  |.  0F82 CE010000 jb    0042C8B8
0042C6EA  |>  8A16       /mov    dl, byte ptr [esi]
0042C6EC  |.  8811       |mov    byte ptr [ecx], dl
0042C6EE  |.  41          |inc    ecx
0042C6EF  |.  46          |inc    esi
0042C6F0  |.  48          |dec    eax
0042C6F1  |.^ 75 F7       \jnz    short 0042C6EA
0042C6F3  |.  33C0       xor    eax, eax
0042C6F5  |.  8A06       mov    al, byte ptr [esi]
0042C6F7  |.  46          inc    esi
0042C6F8  |>  83F8 40    cmp    eax, 40                         ;  Switch (cases 0..3F)
0042C6FB  |.  72 3D       jb    short 0042C73A
0042C6FD  |.  8BD0       mov    edx, eax                      ;  Default case of switch 0042C6F8
0042C6FF  |.  8BF9       mov    edi, ecx
0042C701  |.  C1EA 02    shr    edx, 2
0042C704  |.  83E2 07    and    edx, 7
0042C707  |.  2BFA       sub    edi, edx
0042C709  |.  33D2       xor    edx, edx
0042C70B  |.  8A16       mov    dl, byte ptr [esi]
0042C70D  |.  C1E2 03    shl    edx, 3
0042C710  |.  2BFA       sub    edi, edx
0042C712  |.  4F          dec    edi
0042C713  |.  46          inc    esi
0042C714  |.  C1E8 05    shr    eax, 5
0042C717  |.  48          dec    eax
0042C718  |.  3BFB       cmp    edi, ebx
0042C71A  |.  0F82 98010000 jb    0042C8B8
0042C720  |.  8B5424 14    mov    edx, dword ptr [esp+14]
0042C724  |.  8D58 02    lea    ebx, dword ptr [eax+2]
0042C727  |.  2BD1       sub    edx, ecx
0042C729  |.  3BD3       cmp    edx, ebx
0042C72B  |.  0F83 1A010000 jnb    0042C84B
0042C731  |.  5F          pop    edi
0042C732  |.  5E          pop    esi
0042C733  |.  5D          pop    ebp
0042C734  |.  33C0       xor    eax, eax
0042C736  |.  5B          pop    ebx
0042C737  |.  C2 1000    retn 10
0042C73A  |>  83F8 20    cmp    eax, 20
0042C73D  |.  72 40       jb    short 0042C77F
0042C73F  |.  83E0 1F    and    eax, 1F                         ;  Cases 20,21,22,23,24,25,26,27,28,29,2A,2B,2C,2D,2E,2F,30,31,32,33,34,35,36,37,38,39,3A,3B,3C,3D,3E,3F of switch 0042C6F8
0042C742  |.  75 29       jnz    short 0042C76D
0042C744  |.  3BF5       cmp    esi, ebp
0042C746  |.  0F87 6C010000 ja    0042C8B8
0042C74C  |.  803E 00    cmp    byte ptr [esi], 0
0042C74F  |.  75 13       jnz    short 0042C764
0042C751  |>  05 FF000000 /add    eax, 0FF
0042C756  |.  46          |inc    esi
0042C757  |.  3BF5       |cmp    esi, ebp
0042C759  |.  0F87 59010000 |ja    0042C8B8
0042C75F  |.  803E 00    |cmp    byte ptr [esi], 0
0042C762  |.^ 74 ED       \je    short 0042C751
0042C764  |>  33D2       xor    edx, edx
0042C766  |.  8A16       mov    dl, byte ptr [esi]
0042C768  |.  46          inc    esi
0042C769  |.  8D4410 1F    lea    eax, dword ptr [eax+edx+1F]
0042C76D  |>  33D2       xor    edx, edx
0042C76F  |.  8BF9       mov    edi, ecx
0042C771  |.  66:8B16    mov    dx, word ptr [esi]
0042C774  |.  C1EA 02    shr    edx, 2
0042C777  |.  2BFA       sub    edi, edx
0042C779  |.  4F          dec    edi
0042C77A  |.  83C6 02    add    esi, 2
0042C77D  |.  EB 70       jmp    short 0042C7EF
0042C77F  |>  83F8 10    cmp    eax, 10
0042C782  |.  0F82 DE000000 jb    0042C866
0042C788  |.  8BD0       mov    edx, eax                      ;  Cases 10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F of switch 0042C6F8
0042C78A  |.  8BF9       mov    edi, ecx
0042C78C  |.  83E2 08    and    edx, 8
0042C78F  |.  C1E2 0B    shl    edx, 0B
0042C792  |.  2BFA       sub    edi, edx
0042C794  |.  83E0 07    and    eax, 7
0042C797  |.  75 29       jnz    short 0042C7C2
0042C799  |.  3BF5       cmp    esi, ebp
0042C79B  |.  0F87 17010000 ja    0042C8B8
0042C7A1  |.  803E 00    cmp    byte ptr [esi], 0
0042C7A4  |.  75 13       jnz    short 0042C7B9
0042C7A6  |>  05 FF000000 /add    eax, 0FF
0042C7AB  |.  46          |inc    esi
0042C7AC  |.  3BF5       |cmp    esi, ebp
0042C7AE  |.  0F87 04010000 |ja    0042C8B8
0042C7B4  |.  803E 00    |cmp    byte ptr [esi], 0
0042C7B7  |.^ 74 ED       \je    short 0042C7A6
0042C7B9  |>  33D2       xor    edx, edx
0042C7BB  |.  8A16       mov    dl, byte ptr [esi]
0042C7BD  |.  46          inc    esi
0042C7BE  |.  8D4410 07    lea    eax, dword ptr [eax+edx+7]
0042C7C2  |>  33D2       xor    edx, edx
0042C7C4  |.  66:8B16    mov    dx, word ptr [esi]
0042C7C7  |.  83C6 02    add    esi, 2
0042C7CA  |.  C1EA 02    shr    edx, 2
0042C7CD  |.  2BFA       sub    edi, edx
0042C7CF  |.  3BF9       cmp    edi, ecx
0042C7D1  |.  75 16       jnz    short 0042C7E9
0042C7D3  |.  8B4424 20    mov    eax, dword ptr [esp+20]
0042C7D7  |.  2BCB       sub    ecx, ebx
0042C7D9  |.  5F          pop    edi
0042C7DA  |.  8908       mov    dword ptr [eax], ecx
0042C7DC  |.  33C0       xor    eax, eax
0042C7DE  |.  3BF5       cmp    esi, ebp
0042C7E0  |.  5E          pop    esi
0042C7E1  |.  5D          pop    ebp
0042C7E2  |.  5B          pop    ebx
0042C7E3  |.  0F94C0       sete al
0042C7E6  |.  C2 1000    retn 10
0042C7E9  |>  81EF 00400000 sub    edi, 4000
0042C7EF  |>  3BFB       cmp    edi, ebx
0042C7F1  |.  0F82 C1000000 jb    0042C8B8
0042C7F7  |.  8B5424 14    mov    edx, dword ptr [esp+14]
0042C7FB  |.  8D58 02    lea    ebx, dword ptr [eax+2]
0042C7FE  |.  2BD1       sub    edx, ecx
0042C800  |.  3BD3       cmp    edx, ebx
0042C802  |.  0F82 B0000000 jb    0042C8B8
0042C808  |.  83F8 06    cmp    eax, 6
0042C80B  |.  72 3E       jb    short 0042C84B
0042C80D  |.  8BD1       mov    edx, ecx
0042C80F  |.  2BD7       sub    edx, edi
0042C811  |.  83FA 04    cmp    edx, 4
0042C814  |.  7C 35       jl    short 0042C84B
0042C816  |.  8B17       mov    edx, dword ptr [edi]
0042C818  |.  83C7 04    add    edi, 4
0042C81B  |.  8911       mov    dword ptr [ecx], edx
0042C81D  |.  83C1 04    add    ecx, 4
0042C820  |.  83E8 02    sub    eax, 2
0042C823  |>  8B17       /mov    edx, dword ptr [edi]
0042C825  |.  83E8 04    |sub    eax, 4
0042C828  |.  8911       |mov    dword ptr [ecx], edx
0042C82A  |.  83C1 04    |add    ecx, 4
0042C82D  |.  83C7 04    |add    edi, 4
0042C830  |.  83F8 04    |cmp    eax, 4
0042C833  |.^ 73 EE       \jnb    short 0042C823
0042C835  |.  85C0       test eax, eax
0042C837  |.^ 0F86 80FEFFFF jbe    0042C6BD
0042C83D  |>  8A17       /mov    dl, byte ptr [edi]
0042C83F  |.  8811       |mov    byte ptr [ecx], dl
0042C841  |.  41          |inc    ecx
0042C842  |.  47          |inc    edi
0042C843  |.  48          |dec    eax
0042C844  |.^ 75 F7       \jnz    short 0042C83D
0042C846  |.^ E9 72FEFFFF jmp    0042C6BD
0042C84B  |>  8A17       mov    dl, byte ptr [edi]
0042C84D  |.  8811       mov    byte ptr [ecx], dl
0042C84F  |.  8A57 01    mov    dl, byte ptr [edi+1]
0042C852  |.  41          inc    ecx
0042C853  |.  47          inc    edi
0042C854  |.  8811       mov    byte ptr [ecx], dl
0042C856  |.  41          inc    ecx
0042C857  |.  47          inc    edi
0042C858  |>  8A17       /mov    dl, byte ptr [edi]
0042C85A  |.  8811       |mov    byte ptr [ecx], dl
0042C85C  |.  41          |inc    ecx
0042C85D  |.  47          |inc    edi
0042C85E  |.  48          |dec    eax
0042C85F  |.^ 75 F7       \jnz    short 0042C858
0042C861  |.^ E9 57FEFFFF jmp    0042C6BD
0042C866  |>  33D2       xor    edx, edx                      ;  Cases 0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F of switch 0042C6F8
0042C868  |.  8A16       mov    dl, byte ptr [esi]
0042C86A  |.  8BFA       mov    edi, edx
0042C86C  |.  8BD1       mov    edx, ecx
0042C86E  |.  C1E7 02    shl    edi, 2
0042C871  |.  2BD7       sub    edx, edi
0042C873  |.  C1E8 02    shr    eax, 2
0042C876  |.  2BD0       sub    edx, eax
0042C878  |.  8A42 FF    mov    al, byte ptr [edx-1]
0042C87B  |.  4A          dec    edx
0042C87C  |.  46          inc    esi
0042C87D  |.  8801       mov    byte ptr [ecx], al
0042C87F  |.  41          inc    ecx
0042C880  |.  8A42 01    mov    al, byte ptr [edx+1]
0042C883  |.  42          inc    edx
0042C884  |.  8801       mov    byte ptr [ecx], al
0042C886  |.  41          inc    ecx
0042C887  |.  3BD3       cmp    edx, ebx
0042C889  |.  72 2D       jb    short 0042C8B8
0042C88B  |.  8B5424 14    mov    edx, dword ptr [esp+14]
0042C88F  |.  2BD1       sub    edx, ecx
0042C891  |.  83FA 02    cmp    edx, 2
0042C894  |.^ 0F8D 27FEFFFF jge    0042C6C1
0042C89A  |.  5F          pop    edi
0042C89B  |.  5E          pop    esi
0042C89C  |.  5D          pop    ebp
0042C89D  |.  33C0       xor    eax, eax
0042C89F  |.  5B          pop    ebx
0042C8A0  |.  C2 1000    retn 10
0042C8A3  |>  52          push edx

此处可NOP掉,是与解压无关的调用
0042C8A4  |.  68 78305800 push 00583078                      ;  ASCII "Compressor: invalid decompress block [%d bytes]"
0042C8A9  |.  6A 01       push 1
0042C8AB  |.  68 58655900 push 00596558
0042C8B0  |.  E8 4BDB0700 call 004AA400
0042C8B5  |.  83C4 10    add    esp, 10

0042C8B8  |>  5F          pop    edi
0042C8B9  |.  5E          pop    esi
0042C8BA  |.  5D          pop    ebp
0042C8BB  |.  33C0       xor    eax, eax
0042C8BD  |.  5B          pop    ebx
0042C8BE  \.  C2 1000    retn 10

列举两个解压前后的例子
(1)
解压前的Buf(149):
00FDCD60                      -0A 39 00 00 00 01 00 00
00FDCD70  00 55 31 30 31 00 29 00-00 05 3D 0A D7 A3 08 2D
00FDCD80  E9 40 29 48 00 88 01 0B-02 62 00 00 75 27 00 00
00FDCD90  55 53 44 43 48 46 8A 02-00 04 B8 00 00 03 00 64
00FDCDA0  00 00 00 59 EB 4D 4E 03-00 00 00 06 81 C3 B1 2E
00FDCDB0  6E E9 3F C8 03 27 18 00-01 8E C1 51 4E 27 30 00
00FDCDC0  27 21 00 F0 DC 04 FE 00-49 C0 E8 03 00 05 29 5C
00FDCDD0  8F C2 F5 28 2D C0 9A 08-ED 2F BB 27 E9 3F D7 A3
00FDCDE0  70 3D 0A 18 91 27 7C 00-FC 04 20 03 1C 00 FC 14
00FDCDF0  01 00 00 F0 3F 34 1E 02-00 00 11 00 00

解压后的Buf(272)
00FDCE00             39 00 00 00-01 00 00 00 55 31 30 31
00FDCE10  00 00 00 00 00 00 00 00-00 00 00 00 3D 0A D7 A3
00FDCE20  08 2D E9 40 00 00 00 00-00 00 00 00 00 00 00 00
00FDCE30  00 00 00 00 02 62 00 00-75 27 00 00 55 53 44 43
00FDCE40  48 46 00 00 00 00 00 00-04 00 00 00 00 00 00 00
00FDCE50  64 00 00 00 59 EB 4D 4E-03 00 00 00 06 81 C3 B1
00FDCE60  2E 6E E9 3F 00 00 00 00-00 00 00 00 00 00 00 00
00FDCE70  00 00 00 00 8E C1 51 4E-00 00 00 00 00 00 00 00
00FDCE80  00 00 00 00 00 00 00 00-00 00 F0 3F 00 00 00 00
00FDCE90  00 00 F0 3F 00 00 00 00-00 00 49 C0 00 00 00 00
00FDCEA0  00 00 00 00 29 5C 8F C2-F5 28 2D C0 9A 08 ED 2F
00FDCEB0  BB 27 E9 3F D7 A3 70 3D-0A 18 91 C0 00 00 00 00
00FDCEC0  00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00
00FDCED0  00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00
00FDCEE0  00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00
00FDCEF0  04 00 00 00 00 00 00 00-00 00 F0 3F 8E C1 51 4E
00FDCF00  00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00
00FDCF10  00 00 00 00

(2)
解压前的Buf(135):
00FDCC70  09 31 00 00 00 00 00 00-00 55 31 30 31 7C 00 EC
00FDCC80  00 05 52 B8 1E 85 F3 BF-E9 40 FC 01 FC 00 0B E9
00FDCC90  67 00 00 75 27 00 00 55-53 44 4A 50 59 B5 02 02
00FDCCA0  B8 00 06 00 0A 00 00 00-0E C1 51 4E 78 01 04 0A
00FDCCB0  D7 B7 1E 85 2B 53 2F FC-00 6C 03 30 0E 00 F0 3F
00FDCCC0  2C 4E 00 14 C0 2C 3C 00-07 00 00 48 E1 7A 14 AE
00FDCCD0  27 53 40 7F 12 EB 51 1F-2F 7C 00 2E BC 00 32 3D
00FDCCE0  00 04 27 52 00 F0 3F FC-14 27 48 00 04 00 00 00
00FDCCF0  00 00 00 00 11 00 00

解压后的Buf(272)
00FDCCF0                                     31 00 00 00
00FDCD00  00 00 00 00 55 31 30 31-00 00 00 00 00 00 00 00
00FDCD10  00 00 00 00 52 B8 1E 85-F3 BF E9 40 00 00 00 00
00FDCD20  00 00 00 00 00 00 00 00-00 00 00 00 E9 67 00 00
00FDCD30  75 27 00 00 55 53 44 4A-50 59 00 00 00 00 00 00
00FDCD40  02 00 00 00 00 00 00 00-0A 00 00 00 0E C1 51 4E
00FDCD50  00 00 00 00 0A D7 B7 1E-85 2B 53 40 00 00 00 00
00FDCD60  00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00
00FDCD70  00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00
00FDCD80  00 00 F0 3F 00 00 00 00-00 00 00 00 00 00 00 00
00FDCD90  00 00 14 C0 00 00 00 00-00 00 00 00 00 00 00 00
00FDCDA0  00 00 00 00 48 E1 7A 14-AE 27 53 40 52 B8 1E 85
00FDCDB0  EB 51 1F C0 00 00 00 00-00 00 00 00 00 00 00 00
00FDCDC0  00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00
00FDCDD0  00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00
00FDCDE0  00 00 00 00 00 00 00 00-04 00 00 00 00 00 00 00
00FDCDF0  00 00 F0 3F 0E C1 51 4E-00 00 00 00 00 00 00 00
00FDCE00  00 00 00 00 00 00 00 00-00 00 00 00

[培训]内核驱动高级班，冲击BAT一流互联网大厂工作，每周日13:00-18:00直播授课

#调试逆向

收藏・1

免费・0

支持

最新回复 (5)
themars 雪币： 14 活跃值： (33) 能力值： ( LV2，RANK：10 ) 在线值：发帖 5 回帖 36 粉丝 0 关注私信	themars 2 楼居然没有人提出看法各路大神快快显灵啊提供一点思路也好啊可能是哪种压缩算法的类型 2011-8-24 16:37 0
nimadehi 雪币： 6 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 1 回帖 5 粉丝 0 关注私信	nimadehi 3 楼很好。。楼主算法解决没有。。我也碰到这个算法了。不过好像还有点区别。。不过都是类似把000这些数据压缩掉 2011-12-30 09:47 0
exile 雪币： 2105 活跃值： (424) 能力值： ( LV4，RANK：50 ) 在线值：发帖 21 回帖 1266 粉丝 2 关注私信	exile 1 4 楼 lzo算法 12345 2011-12-30 11:45 0
nimadehi 雪币： 6 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 1 回帖 5 粉丝 0 关注私信	nimadehi 5 楼楼上这位仁兄。可否帮我看看我这个与楼主的是不是同样的。 00429E9B /$ 55 push ebp ; 解压缩算法 00429E9C \|. 8BEC mov ebp,esp 00429E9E \|. 83EC 1C sub esp,1C 00429EA1 \|. 894D E4 mov [local.7],ecx 00429EA4 \|. 8B45 10 mov eax,[arg.3] 00429EA7 \|. 8945 F8 mov [local.2],eax 00429EAA \|. 8B4D 08 mov ecx,[arg.1] 00429EAD \|. 894D EC mov [local.5],ecx 00429EB0 \|. 8B55 08 mov edx,[arg.1] 00429EB3 \|. 0355 0C add edx,[arg.2] 00429EB6 \|. 8955 FC mov [local.1],edx 00429EB9 \|. 8B45 14 mov eax,[arg.4] 00429EBC \|. 8B4D 10 mov ecx,[arg.3] 00429EBF \|. 0308 add ecx,dword ptr ds:[eax] 00429EC1 \|. 894D E8 mov [local.6],ecx 00429EC4 \|. 837D 08 00 cmp [arg.1],0 00429EC8 \|. 74 1A je short manager.00429EE4 00429ECA \|. 837D 0C 03 cmp [arg.2],3 00429ECE \|. 72 14 jb short manager.00429EE4 00429ED0 \|. 837D 14 00 cmp [arg.4],0 00429ED4 \|. 74 0E je short manager.00429EE4 00429ED6 \|. 837D 10 00 cmp [arg.3],0 00429EDA \|. 74 08 je short manager.00429EE4 00429EDC \|. 8B55 14 mov edx,[arg.4] 00429EDF \|. 833A 01 cmp dword ptr ds:[edx],1 00429EE2 \|. 73 07 jnb short manager.00429EEB 00429EE4 \|> 33C0 xor eax,eax 00429EE6 \|. E9 76070000 jmp manager.0042A661 00429EEB \|> 8B45 14 mov eax,[arg.4] 00429EEE \|. C700 00000000 mov dword ptr ds:[eax],0 00429EF4 \|. 8B4D FC mov ecx,[local.1] 00429EF7 \|. 33D2 xor edx,edx 00429EF9 \|. 8A51 FF mov dl,byte ptr ds:[ecx-1] 00429EFC \|. 85D2 test edx,edx 00429EFE \|. 75 19 jnz short manager.00429F19 00429F00 \|. 8B45 FC mov eax,[local.1] 00429F03 \|. 33C9 xor ecx,ecx 00429F05 \|. 8A48 FE mov cl,byte ptr ds:[eax-2] 00429F08 \|. 85C9 test ecx,ecx 00429F0A \|. 75 0D jnz short manager.00429F19 00429F0C \|. 8B55 FC mov edx,[local.1] 00429F0F \|. 33C0 xor eax,eax 00429F11 \|. 8A42 FD mov al,byte ptr ds:[edx-3] 00429F14 \|. 83F8 11 cmp eax,11 00429F17 \|. 74 21 je short manager.00429F3A 00429F19 \|> 8B4D 0C mov ecx,[arg.2] 00429F1C \|. 51 push ecx ; /Arg5 00429F1D \|. 68 70155200 push manager.00521570 ; \|Arg4 = 00521570 ASCII "Compressor: invalid decompress block [%d bytes]" 00429F22 \|. 6A 00 push 0 ; \|Arg3 = 00000000 00429F24 \|. 6A 04 push 4 ; \|Arg2 = 00000004 00429F26 \|. 68 30C85200 push manager.0052C830 ; \|Arg1 = 0052C830 00429F2B \|. E8 F9A0FFFF call manager.00424029 ; \manager.00424029 00429F30 \|. 83C4 14 add esp,14 00429F33 \|. 33C0 xor eax,eax 00429F35 \|. E9 27070000 jmp manager.0042A661 00429F3A \|> 8B55 EC mov edx,[local.5] 00429F3D \|. 33C0 xor eax,eax 00429F3F \|. 8A02 mov al,byte ptr ds:[edx] 00429F41 \|. 83F8 11 cmp eax,11 00429F44 \|. 7E 7A jle short manager.00429FC0 00429F46 \|. 8B4D EC mov ecx,[local.5] 00429F49 \|. 33D2 xor edx,edx 00429F4B \|. 8A11 mov dl,byte ptr ds:[ecx] 00429F4D \|. 83EA 11 sub edx,11 00429F50 \|. 8955 F4 mov [local.3],edx 00429F53 \|. 8B45 EC mov eax,[local.5] 00429F56 \|. 83C0 01 add eax,1 00429F59 \|. 8945 EC mov [local.5],eax 00429F5C \|. 837D F4 04 cmp [local.3],4 00429F60 \|. 73 05 jnb short manager.00429F67 00429F62 \|. E9 F5060000 jmp manager.0042A65C 00429F67 \|> 8B4D E8 mov ecx,[local.6] 00429F6A \|. 2B4D F8 sub ecx,[local.2] 00429F6D \|. 3B4D F4 cmp ecx,[local.3] 00429F70 \|. 73 07 jnb short manager.00429F79 00429F72 \|. 33C0 xor eax,eax 00429F74 \|. E9 E8060000 jmp manager.0042A661 00429F79 \|> 8B55 FC mov edx,[local.1] 00429F7C \|. 2B55 EC sub edx,[local.5] 00429F7F \|. 8B45 F4 mov eax,[local.3] 00429F82 \|. 83C0 01 add eax,1 00429F85 \|. 3BD0 cmp edx,eax 00429F87 \|. 73 07 jnb short manager.00429F90 00429F89 \|. 33C0 xor eax,eax 00429F8B \|. E9 D1060000 jmp manager.0042A661 00429F90 \|> 8B4D F8 /mov ecx,[local.2] 00429F93 \|. 8B55 EC \|mov edx,[local.5] 00429F96 \|. 8A02 \|mov al,byte ptr ds:[edx] 00429F98 \|. 8801 \|mov byte ptr ds:[ecx],al 00429F9A \|. 8B4D F8 \|mov ecx,[local.2] 00429F9D \|. 83C1 01 \|add ecx,1 00429FA0 \|. 894D F8 \|mov [local.2],ecx 00429FA3 \|. 8B55 EC \|mov edx,[local.5] 00429FA6 \|. 83C2 01 \|add edx,1 00429FA9 \|. 8955 EC \|mov [local.5],edx 00429FAC \|. 8B45 F4 \|mov eax,[local.3] 00429FAF \|. 83E8 01 \|sub eax,1 00429FB2 \|. 8945 F4 \|mov [local.3],eax 00429FB5 \|. 837D F4 00 \|cmp [local.3],0 00429FB9 \|.^ 77 D5 \ja short manager.00429F90 00429FBB \|. E9 97060000 jmp manager.0042A657 00429FC0 \|> B9 01000000 mov ecx,1 00429FC5 \|. 85C9 test ecx,ecx 00429FC7 \|. 0F84 57060000 je manager.0042A624 00429FCD \|. 8B55 EC mov edx,[local.5] 00429FD0 \|. 33C0 xor eax,eax 00429FD2 \|. 8A02 mov al,byte ptr ds:[edx] 00429FD4 \|. 8945 F4 mov [local.3],eax 00429FD7 \|. 8B4D EC mov ecx,[local.5] 00429FDA \|. 83C1 01 add ecx,1 00429FDD \|. 894D EC mov [local.5],ecx 00429FE0 \|. 837D F4 10 cmp [local.3],10 00429FE4 \|. 72 05 jb short manager.00429FEB 00429FE6 \|. E9 67060000 jmp manager.0042A652 00429FEB \|> 837D F4 00 cmp [local.3],0 00429FEF \|. 75 5A jnz short manager.0042A04B 00429FF1 \|. 8B55 EC mov edx,[local.5] 00429FF4 \|. 3B55 FC cmp edx,[local.1] 00429FF7 \|. 76 07 jbe short manager.0042A000 00429FF9 \|. 33C0 xor eax,eax 00429FFB \|. E9 61060000 jmp manager.0042A661 0042A000 \|> 8B45 EC /mov eax,[local.5] 0042A003 \|. 33C9 \|xor ecx,ecx 0042A005 \|. 8A08 \|mov cl,byte ptr ds:[eax] 0042A007 \|. 85C9 \|test ecx,ecx 0042A009 \|. 75 26 \|jnz short manager.0042A031 0042A00B \|. 8B55 F4 \|mov edx,[local.3] 0042A00E \|. 81C2 FF000000 \|add edx,0FF 0042A014 \|. 8955 F4 \|mov [local.3],edx 0042A017 \|. 8B45 EC \|mov eax,[local.5] 0042A01A \|. 83C0 01 \|add eax,1 0042A01D \|. 8945 EC \|mov [local.5],eax 0042A020 \|. 8B4D EC \|mov ecx,[local.5] 0042A023 \|. 3B4D FC \|cmp ecx,[local.1] 0042A026 \|. 76 07 \|jbe short manager.0042A02F 0042A028 \|. 33C0 \|xor eax,eax 0042A02A \|. E9 32060000 \|jmp manager.0042A661 0042A02F \|>^ EB CF \jmp short manager.0042A000 0042A031 \|> 8B55 EC mov edx,[local.5] 0042A034 \|. 33C0 xor eax,eax 0042A036 \|. 8A02 mov al,byte ptr ds:[edx] 0042A038 \|. 8B4D F4 mov ecx,[local.3] 0042A03B \|. 8D5401 0F lea edx,dword ptr ds:[ecx+eax+F] 0042A03F \|. 8955 F4 mov [local.3],edx 0042A042 \|. 8B45 EC mov eax,[local.5] 0042A045 \|. 83C0 01 add eax,1 0042A048 \|. 8945 EC mov [local.5],eax 0042A04B \|> 8B4D E8 mov ecx,[local.6] 0042A04E \|. 2B4D F8 sub ecx,[local.2] 0042A051 \|. 8B55 F4 mov edx,[local.3] 0042A054 \|. 83C2 03 add edx,3 0042A057 \|. 3BCA cmp ecx,edx 0042A059 \|. 73 07 jnb short manager.0042A062 0042A05B \|. 33C0 xor eax,eax 0042A05D \|. E9 FF050000 jmp manager.0042A661 0042A062 \|> 8B45 FC mov eax,[local.1] 0042A065 \|. 2B45 EC sub eax,[local.5] 0042A068 \|. 8B4D F4 mov ecx,[local.3] 0042A06B \|. 83C1 04 add ecx,4 0042A06E \|. 3BC1 cmp eax,ecx 0042A070 \|. 73 07 jnb short manager.0042A079 0042A072 \|. 33C0 xor eax,eax 0042A074 \|. E9 E8050000 jmp manager.0042A661 0042A079 \|> 8B55 F8 mov edx,[local.2] 0042A07C \|. 8B45 EC mov eax,[local.5] 0042A07F \|. 8B08 mov ecx,dword ptr ds:[eax] 0042A081 \|. 890A mov dword ptr ds:[edx],ecx 0042A083 \|. 8B55 F8 mov edx,[local.2] 0042A086 \|. 83C2 04 add edx,4 0042A089 \|. 8955 F8 mov [local.2],edx 0042A08C \|. 8B45 EC mov eax,[local.5] 0042A08F \|. 83C0 04 add eax,4 0042A092 \|. 8945 EC mov [local.5],eax 0042A095 \|. 8B4D F4 mov ecx,[local.3] 0042A098 \|. 83E9 01 sub ecx,1 0042A09B \|. 894D F4 mov [local.3],ecx 0042A09E \|. 837D F4 00 cmp [local.3],0 0042A0A2 \|. 0F86 8F000000 jbe manager.0042A137 0042A0A8 \|. 837D F4 04 cmp [local.3],4 0042A0AC \|. 72 5E jb short manager.0042A10C 0042A0AE \|> 8B55 F8 /mov edx,[local.2] 0042A0B1 \|. 8B45 EC \|mov eax,[local.5] 0042A0B4 \|. 8B08 \|mov ecx,dword ptr ds:[eax] 0042A0B6 \|. 890A \|mov dword ptr ds:[edx],ecx 0042A0B8 \|. 8B55 F8 \|mov edx,[local.2] 0042A0BB \|. 83C2 04 \|add edx,4 0042A0BE \|. 8955 F8 \|mov [local.2],edx 0042A0C1 \|. 8B45 EC \|mov eax,[local.5] 0042A0C4 \|. 83C0 04 \|add eax,4 0042A0C7 \|. 8945 EC \|mov [local.5],eax 0042A0CA \|. 8B4D F4 \|mov ecx,[local.3] 0042A0CD \|. 83E9 04 \|sub ecx,4 0042A0D0 \|. 894D F4 \|mov [local.3],ecx 0042A0D3 \|. 837D F4 04 \|cmp [local.3],4 0042A0D7 \|.^ 73 D5 \jnb short manager.0042A0AE 0042A0D9 \|. 837D F4 00 cmp [local.3],0 0042A0DD \|. 76 2B jbe short manager.0042A10A 0042A0DF \|> 8B55 F8 /mov edx,[local.2] 0042A0E2 \|. 8B45 EC \|mov eax,[local.5] 0042A0E5 \|. 8A08 \|mov cl,byte ptr ds:[eax] 0042A0E7 \|. 880A \|mov byte ptr ds:[edx],cl 0042A0E9 \|. 8B55 F8 \|mov edx,[local.2] 0042A0EC \|. 83C2 01 \|add edx,1 0042A0EF \|. 8955 F8 \|mov [local.2],edx 0042A0F2 \|. 8B45 EC \|mov eax,[local.5] 0042A0F5 \|. 83C0 01 \|add eax,1 0042A0F8 \|. 8945 EC \|mov [local.5],eax 0042A0FB \|. 8B4D F4 \|mov ecx,[local.3] 0042A0FE \|. 83E9 01 \|sub ecx,1 0042A101 \|. 894D F4 \|mov [local.3],ecx 0042A104 \|. 837D F4 00 \|cmp [local.3],0 0042A108 \|.^ 77 D5 \ja short manager.0042A0DF 0042A10A \|> EB 2B jmp short manager.0042A137 0042A10C \|> 8B55 F8 /mov edx,[local.2] 0042A10F \|. 8B45 EC \|mov eax,[local.5] 0042A112 \|. 8A08 \|mov cl,byte ptr ds:[eax] 0042A114 \|. 880A \|mov byte ptr ds:[edx],cl 0042A116 \|. 8B55 F8 \|mov edx,[local.2] 0042A119 \|. 83C2 01 \|add edx,1 0042A11C \|. 8955 F8 \|mov [local.2],edx 0042A11F \|. 8B45 EC \|mov eax,[local.5] 0042A122 \|. 83C0 01 \|add eax,1 0042A125 \|. 8945 EC \|mov [local.5],eax 0042A128 \|. 8B4D F4 \|mov ecx,[local.3] 0042A12B \|. 83E9 01 \|sub ecx,1 0042A12E \|. 894D F4 \|mov [local.3],ecx 0042A131 \|. 837D F4 00 \|cmp [local.3],0 0042A135 \|.^ 77 D5 \ja short manager.0042A10C 0042A137 \|> 8B55 EC mov edx,[local.5] 0042A13A \|. 33C0 xor eax,eax 0042A13C \|. 8A02 mov al,byte ptr ds:[edx] 0042A13E \|. 8945 F4 mov [local.3],eax 0042A141 \|. 8B4D EC mov ecx,[local.5] 0042A144 \|. 83C1 01 add ecx,1 0042A147 \|. 894D EC mov [local.5],ecx 0042A14A \|. 837D F4 10 cmp [local.3],10 0042A14E \|. 72 05 jb short manager.0042A155 0042A150 \|. E9 F8040000 jmp manager.0042A64D 0042A155 \|> 8B55 F8 mov edx,[local.2] 0042A158 \|. 81EA 01080000 sub edx,801 0042A15E \|. 8955 F0 mov [local.4],edx 0042A161 \|. 8B45 F4 mov eax,[local.3] 0042A164 \|. C1E8 02 shr eax,2 0042A167 \|. 8B4D F0 mov ecx,[local.4] 0042A16A \|. 2BC8 sub ecx,eax 0042A16C \|. 894D F0 mov [local.4],ecx 0042A16F \|. 8B55 EC mov edx,[local.5] 0042A172 \|. 33C0 xor eax,eax 0042A174 \|. 8A02 mov al,byte ptr ds:[edx] 0042A176 \|. C1E0 02 shl eax,2 0042A179 \|. 8B4D F0 mov ecx,[local.4] 0042A17C \|. 2BC8 sub ecx,eax 0042A17E \|. 894D F0 mov [local.4],ecx 0042A181 \|. 8B55 EC mov edx,[local.5] 0042A184 \|. 83C2 01 add edx,1 0042A187 \|. 8955 EC mov [local.5],edx 0042A18A \|. 8B45 F0 mov eax,[local.4] 0042A18D \|. 3B45 10 cmp eax,[arg.3] 0042A190 \|. 73 07 jnb short manager.0042A199 0042A192 \|. 33C0 xor eax,eax 0042A194 \|. E9 C8040000 jmp manager.0042A661 0042A199 \|> 8B4D E8 mov ecx,[local.6] 0042A19C \|. 2B4D F8 sub ecx,[local.2] 0042A19F \|. 83F9 03 cmp ecx,3 0042A1A2 \|. 7D 07 jge short manager.0042A1AB 0042A1A4 \|. 33C0 xor eax,eax 0042A1A6 \|. E9 B6040000 jmp manager.0042A661 0042A1AB \|> 8B55 F8 mov edx,[local.2] 0042A1AE \|. 8B45 F0 mov eax,[local.4] 0042A1B1 \|. 8A08 mov cl,byte ptr ds:[eax] 0042A1B3 \|. 880A mov byte ptr ds:[edx],cl 0042A1B5 \|. 8B55 F8 mov edx,[local.2] 0042A1B8 \|. 83C2 01 add edx,1 0042A1BB \|. 8955 F8 mov [local.2],edx 0042A1BE \|. 8B45 F0 mov eax,[local.4] 0042A1C1 \|. 83C0 01 add eax,1 0042A1C4 \|. 8945 F0 mov [local.4],eax 0042A1C7 \|. 8B4D F8 mov ecx,[local.2] 0042A1CA \|. 8B55 F0 mov edx,[local.4] 0042A1CD \|. 8A02 mov al,byte ptr ds:[edx] 0042A1CF \|. 8801 mov byte ptr ds:[ecx],al 0042A1D1 \|. 8B4D F8 mov ecx,[local.2] 0042A1D4 \|. 83C1 01 add ecx,1 0042A1D7 \|. 894D F8 mov [local.2],ecx 0042A1DA \|. 8B55 F0 mov edx,[local.4] 0042A1DD \|. 83C2 01 add edx,1 0042A1E0 \|. 8955 F0 mov [local.4],edx 0042A1E3 \|. 8B45 F8 mov eax,[local.2] 0042A1E6 \|. 8B4D F0 mov ecx,[local.4] 0042A1E9 \|. 8A11 mov dl,byte ptr ds:[ecx] 0042A1EB \|. 8810 mov byte ptr ds:[eax],dl 0042A1ED \|. 8B45 F8 mov eax,[local.2] 0042A1F0 \|. 83C0 01 add eax,1 0042A1F3 \|. 8945 F8 mov [local.2],eax 0042A1F6 \|. E9 4D040000 jmp manager.0042A648 0042A1FB \|> B9 01000000 mov ecx,1 0042A200 \|. 85C9 test ecx,ecx 0042A202 \|. 0F84 17040000 je manager.0042A61F 0042A208 \|> 837D F4 40 cmp [local.3],40 0042A20C \|. 72 6C jb short manager.0042A27A 0042A20E \|. 8B55 F8 mov edx,[local.2] 0042A211 \|. 83EA 01 sub edx,1 0042A214 \|. 8955 F0 mov [local.4],edx 0042A217 \|. 8B45 F4 mov eax,[local.3] 0042A21A \|. C1E8 02 shr eax,2 0042A21D \|. 83E0 07 and eax,7 0042A220 \|. 8B4D F0 mov ecx,[local.4] 0042A223 \|. 2BC8 sub ecx,eax 0042A225 \|. 894D F0 mov [local.4],ecx 0042A228 \|. 8B55 EC mov edx,[local.5] 0042A22B \|. 33C0 xor eax,eax 0042A22D \|. 8A02 mov al,byte ptr ds:[edx] 0042A22F \|. C1E0 03 shl eax,3 0042A232 \|. 8B4D F0 mov ecx,[local.4] 0042A235 \|. 2BC8 sub ecx,eax 0042A237 \|. 894D F0 mov [local.4],ecx 0042A23A \|. 8B55 EC mov edx,[local.5] 0042A23D \|. 83C2 01 add edx,1 0042A240 \|. 8955 EC mov [local.5],edx 0042A243 \|. 8B45 F4 mov eax,[local.3] 0042A246 \|. C1E8 05 shr eax,5 0042A249 \|. 83E8 01 sub eax,1 0042A24C \|. 8945 F4 mov [local.3],eax 0042A24F \|. 8B4D F0 mov ecx,[local.4] 0042A252 \|. 3B4D 10 cmp ecx,[arg.3] 0042A255 \|. 73 07 jnb short manager.0042A25E 0042A257 \|. 33C0 xor eax,eax 0042A259 \|. E9 03040000 jmp manager.0042A661 0042A25E \|> 8B55 E8 mov edx,[local.6] 0042A261 \|. 2B55 F8 sub edx,[local.2] 0042A264 \|. 8B45 F4 mov eax,[local.3] 0042A267 \|. 83C0 02 add eax,2 0042A26A \|. 3BD0 cmp edx,eax 0042A26C \|. 73 07 jnb short manager.0042A275 0042A26E \|. 33C0 xor eax,eax 0042A270 \|. E9 EC030000 jmp manager.0042A661 0042A275 \|> E9 C9030000 jmp manager.0042A643 0042A27A \|> 837D F4 20 cmp [local.3],20 ; 读取完名字判断20 0042A27E \|. 0F82 93000000 jb manager.0042A317 0042A284 \|. 8B4D F4 mov ecx,[local.3] ; 20到ECX 0042A287 \|. 83E1 1F and ecx,1F 0042A28A \|. 894D F4 mov [local.3],ecx 0042A28D \|. 837D F4 00 cmp [local.3],0 0042A291 \|. 75 5A jnz short manager.0042A2ED 0042A293 \|. 8B55 EC mov edx,[local.5] 0042A296 \|. 3B55 FC cmp edx,[local.1] 0042A299 \|. 76 07 jbe short manager.0042A2A2 0042A29B \|. 33C0 xor eax,eax 0042A29D \|. E9 BF030000 jmp manager.0042A661 0042A2A2 \|> 8B45 EC /mov eax,[local.5] ; local是指针5 0042A2A5 \|. 33C9 \|xor ecx,ecx 0042A2A7 \|. 8A08 \|mov cl,byte ptr ds:[eax] ; 读取名字后面第2个字节到CL 0042A2A9 \|. 85C9 \|test ecx,ecx ; 判断是否为空 0042A2AB \|. 75 26 \|jnz short manager.0042A2D3 ; 如果不为空则跳 0042A2AD \|. 8B55 F4 \|mov edx,[local.3] 0042A2B0 \|. 81C2 FF000000 \|add edx,0FF 0042A2B6 \|. 8955 F4 \|mov [local.3],edx 0042A2B9 \|. 8B45 EC \|mov eax,[local.5] 0042A2BC \|. 83C0 01 \|add eax,1 0042A2BF \|. 8945 EC \|mov [local.5],eax 0042A2C2 \|. 8B4D EC \|mov ecx,[local.5] 0042A2C5 \|. 3B4D FC \|cmp ecx,[local.1] 0042A2C8 \|. 76 07 \|jbe short manager.0042A2D1 0042A2CA \|. 33C0 \|xor eax,eax 0042A2CC \|. E9 90030000 \|jmp manager.0042A661 0042A2D1 \|>^ EB CF \jmp short manager.0042A2A2 0042A2D3 \|> 8B55 EC mov edx,[local.5] 0042A2D6 \|. 33C0 xor eax,eax 0042A2D8 \|. 8A02 mov al,byte ptr ds:[edx] ; 读取了指针5的数据 0042A2DA \|. 8B4D F4 mov ecx,[local.3] ; 读取指针X数据 0042A2DD \|. 8D5401 1F lea edx,dword ptr ds:[ecx+eax+1F] ; EDX=ECX+EAX+1F 0042A2E1 \|. 8955 F4 mov [local.3],edx ; 结果保存回指针X 0042A2E4 \|. 8B45 EC mov eax,[local.5] 0042A2E7 \|. 83C0 01 add eax,1 0042A2EA \|. 8945 EC mov [local.5],eax ; 指针5自增 0042A2ED \|> 8B4D F8 mov ecx,[local.2] ; 保存数据的地指指针到ECX 0042A2F0 \|. 83E9 01 sub ecx,1 0042A2F3 \|. 894D F0 mov [local.4],ecx ; 保存地址数据指针-1=指针4 0042A2F6 \|. 8B55 EC mov edx,[local.5] 0042A2F9 \|. 33C0 xor eax,eax 0042A2FB \|. 66:8B02 mov ax,word ptr ds:[edx] ; 读取word的指针5数据 0042A2FE \|. C1F8 02 sar eax,2 ; eax除4 0042A301 \|. 8B4D F0 mov ecx,[local.4] 0042A304 \|. 2BC8 sub ecx,eax 0042A306 \|. 894D F0 mov [local.4],ecx ; 结果+指针4到指针4 0042A309 \|. 8B55 EC mov edx,[local.5] 0042A30C \|. 83C2 02 add edx,2 0042A30F \|. 8955 EC mov [local.5],edx ; 指针5+2 0042A312 \|. E9 61010000 jmp manager.0042A478 0042A317 \|> 837D F4 10 cmp [local.3],10 0042A31B \|. 0F82 D0000000 jb manager.0042A3F1 0042A321 \|. 8B45 F8 mov eax,[local.2] 0042A324 \|. 8945 F0 mov [local.4],eax 0042A327 \|. 8B4D F4 mov ecx,[local.3] 0042A32A \|. 83E1 08 and ecx,8 0042A32D \|. C1E1 0B shl ecx,0B 0042A330 \|. 8B55 F0 mov edx,[local.4] 0042A333 \|. 2BD1 sub edx,ecx 0042A335 \|. 8955 F0 mov [local.4],edx 0042A338 \|. 8B45 F4 mov eax,[local.3] 0042A33B \|. 83E0 07 and eax,7 0042A33E \|. 8945 F4 mov [local.3],eax 0042A341 \|. 837D F4 00 cmp [local.3],0 0042A345 \|. 75 5A jnz short manager.0042A3A1 0042A347 \|. 8B4D EC mov ecx,[local.5] 0042A34A \|. 3B4D FC cmp ecx,[local.1] 0042A34D \|. 76 07 jbe short manager.0042A356 0042A34F \|. 33C0 xor eax,eax 0042A351 \|. E9 0B030000 jmp manager.0042A661 0042A356 \|> 8B55 EC /mov edx,[local.5] 0042A359 \|. 33C0 \|xor eax,eax 0042A35B \|. 8A02 \|mov al,byte ptr ds:[edx] 0042A35D \|. 85C0 \|test eax,eax 0042A35F \|. 75 26 \|jnz short manager.0042A387 0042A361 \|. 8B4D F4 \|mov ecx,[local.3] 0042A364 \|. 81C1 FF000000 \|add ecx,0FF 0042A36A \|. 894D F4 \|mov [local.3],ecx 0042A36D \|. 8B55 EC \|mov edx,[local.5] 0042A370 \|. 83C2 01 \|add edx,1 0042A373 \|. 8955 EC \|mov [local.5],edx 0042A376 \|. 8B45 EC \|mov eax,[local.5] 0042A379 \|. 3B45 FC \|cmp eax,[local.1] 0042A37C \|. 76 07 \|jbe short manager.0042A385 0042A37E \|. 33C0 \|xor eax,eax 0042A380 \|. E9 DC020000 \|jmp manager.0042A661 0042A385 \|>^ EB CF \jmp short manager.0042A356 0042A387 \|> 8B4D EC mov ecx,[local.5] 0042A38A \|. 33D2 xor edx,edx 0042A38C \|. 8A11 mov dl,byte ptr ds:[ecx] 0042A38E \|. 8B45 F4 mov eax,[local.3] 0042A391 \|. 8D4C10 07 lea ecx,dword ptr ds:[eax+edx+7] 0042A395 \|. 894D F4 mov [local.3],ecx 0042A398 \|. 8B55 EC mov edx,[local.5] 0042A39B \|. 83C2 01 add edx,1 0042A39E \|. 8955 EC mov [local.5],edx 0042A3A1 \|> 8B45 EC mov eax,[local.5] 0042A3A4 \|. 33C9 xor ecx,ecx 0042A3A6 \|. 66:8B08 mov cx,word ptr ds:[eax] 0042A3A9 \|. C1F9 02 sar ecx,2 0042A3AC \|. 8B55 F0 mov edx,[local.4] 0042A3AF \|. 2BD1 sub edx,ecx 0042A3B1 \|. 8955 F0 mov [local.4],edx 0042A3B4 \|. 8B45 EC mov eax,[local.5] 0042A3B7 \|. 83C0 02 add eax,2 0042A3BA \|. 8945 EC mov [local.5],eax 0042A3BD \|. 8B4D F0 mov ecx,[local.4] 0042A3C0 \|. 3B4D F8 cmp ecx,[local.2] 0042A3C3 \|. 75 1B jnz short manager.0042A3E0 0042A3C5 \|. 8B55 F8 mov edx,[local.2] 0042A3C8 \|. 2B55 10 sub edx,[arg.3] 0042A3CB \|. 8B45 14 mov eax,[arg.4] 0042A3CE \|. 8910 mov dword ptr ds:[eax],edx 0042A3D0 \|. 8B4D EC mov ecx,[local.5] 0042A3D3 \|. 33C0 xor eax,eax 0042A3D5 \|. 3B4D FC cmp ecx,[local.1] 0042A3D8 \|. 0F94C0 sete al 0042A3DB \|. E9 81020000 jmp manager.0042A661 0042A3E0 \|> 8B55 F0 mov edx,[local.4] 0042A3E3 \|. 81EA 00400000 sub edx,4000 0042A3E9 \|. 8955 F0 mov [local.4],edx 0042A3EC \|. E9 87000000 jmp manager.0042A478 0042A3F1 \|> 8B45 F8 mov eax,[local.2] 0042A3F4 \|. 83E8 01 sub eax,1 0042A3F7 \|. 8945 F0 mov [local.4],eax 0042A3FA \|. 8B4D F4 mov ecx,[local.3] 0042A3FD \|. C1E9 02 shr ecx,2 0042A400 \|. 8B55 F0 mov edx,[local.4] 0042A403 \|. 2BD1 sub edx,ecx 0042A405 \|. 8955 F0 mov [local.4],edx 0042A408 \|. 8B45 EC mov eax,[local.5] 0042A40B \|. 33C9 xor ecx,ecx 0042A40D \|. 8A08 mov cl,byte ptr ds:[eax] 0042A40F \|. C1E1 02 shl ecx,2 0042A412 \|. 8B55 F0 mov edx,[local.4] 0042A415 \|. 2BD1 sub edx,ecx 0042A417 \|. 8955 F0 mov [local.4],edx 0042A41A \|. 8B45 EC mov eax,[local.5] 0042A41D \|. 83C0 01 add eax,1 0042A420 \|. 8945 EC mov [local.5],eax 0042A423 \|. 8B4D F8 mov ecx,[local.2] 0042A426 \|. 8B55 F0 mov edx,[local.4] 0042A429 \|. 8A02 mov al,byte ptr ds:[edx] 0042A42B \|. 8801 mov byte ptr ds:[ecx],al 0042A42D \|. 8B4D F8 mov ecx,[local.2] 0042A430 \|. 83C1 01 add ecx,1 0042A433 \|. 894D F8 mov [local.2],ecx 0042A436 \|. 8B55 F0 mov edx,[local.4] 0042A439 \|. 83C2 01 add edx,1 0042A43C \|. 8955 F0 mov [local.4],edx 0042A43F \|. 8B45 F8 mov eax,[local.2] 0042A442 \|. 8B4D F0 mov ecx,[local.4] 0042A445 \|. 8A11 mov dl,byte ptr ds:[ecx] 0042A447 \|. 8810 mov byte ptr ds:[eax],dl 0042A449 \|. 8B45 F8 mov eax,[local.2] 0042A44C \|. 83C0 01 add eax,1 0042A44F \|. 8945 F8 mov [local.2],eax 0042A452 \|. 8B4D F0 mov ecx,[local.4] 0042A455 \|. 3B4D 10 cmp ecx,[arg.3] 0042A458 \|. 73 07 jnb short manager.0042A461 0042A45A \|. 33C0 xor eax,eax 0042A45C \|. E9 00020000 jmp manager.0042A661 0042A461 \|> 8B55 E8 mov edx,[local.6] 0042A464 \|. 2B55 F8 sub edx,[local.2] 0042A467 \|. 83FA 02 cmp edx,2 0042A46A \|. 7D 07 jge short manager.0042A473 0042A46C \|. 33C0 xor eax,eax 0042A46E \|. E9 EE010000 jmp manager.0042A661 0042A473 \|> E9 C6010000 jmp manager.0042A63E 0042A478 \|> 8B45 F0 mov eax,[local.4] 0042A47B \|. 3B45 10 cmp eax,[arg.3] 0042A47E \|. 73 07 jnb short manager.0042A487 0042A480 \|. 33C0 xor eax,eax 0042A482 \|. E9 DA010000 jmp manager.0042A661 0042A487 \|> 8B4D E8 mov ecx,[local.6] 0042A48A \|. 2B4D F8 sub ecx,[local.2] 0042A48D \|. 8B55 F4 mov edx,[local.3] 0042A490 \|. 83C2 02 add edx,2 0042A493 \|. 3BCA cmp ecx,edx 0042A495 \|. 73 07 jnb short manager.0042A49E 0042A497 \|. 33C0 xor eax,eax 0042A499 \|. E9 C3010000 jmp manager.0042A661 0042A49E \|> 837D F4 06 cmp [local.3],6 0042A4A2 \|. 0F82 92000000 jb manager.0042A53A 0042A4A8 \|. 8B45 F8 mov eax,[local.2] 0042A4AB \|. 2B45 F0 sub eax,[local.4] 0042A4AE \|. 83F8 04 cmp eax,4 0042A4B1 \|. 0F8C 83000000 jl manager.0042A53A 0042A4B7 \|. 8B4D F8 mov ecx,[local.2] 0042A4BA \|. 8B55 F0 mov edx,[local.4] 0042A4BD \|. 8B02 mov eax,dword ptr ds:[edx] 0042A4BF \|. 8901 mov dword ptr ds:[ecx],eax 0042A4C1 \|. 8B4D F8 mov ecx,[local.2] 0042A4C4 \|. 83C1 04 add ecx,4 0042A4C7 \|. 894D F8 mov [local.2],ecx 0042A4CA \|. 8B55 F0 mov edx,[local.4] 0042A4CD \|. 83C2 04 add edx,4 0042A4D0 \|. 8955 F0 mov [local.4],edx 0042A4D3 \|. 8B45 F4 mov eax,[local.3] 0042A4D6 \|. 83E8 02 sub eax,2 0042A4D9 \|. 8945 F4 mov [local.3],eax ; 这里控制这复制字节集的长度 0042A4DC \|> 8B4D F8 /mov ecx,[local.2] 0042A4DF \|. 8B55 F0 \|mov edx,[local.4] 0042A4E2 \|. 8B02 \|mov eax,dword ptr ds:[edx] 0042A4E4 \|. 8901 \|mov dword ptr ds:[ecx],eax 0042A4E6 \|. 8B4D F8 \|mov ecx,[local.2] 0042A4E9 \|. 83C1 04 \|add ecx,4 0042A4EC \|. 894D F8 \|mov [local.2],ecx 0042A4EF \|. 8B55 F0 \|mov edx,[local.4] 0042A4F2 \|. 83C2 04 \|add edx,4 0042A4F5 \|. 8955 F0 \|mov [local.4],edx 0042A4F8 \|. 8B45 F4 \|mov eax,[local.3] 0042A4FB \|. 83E8 04 \|sub eax,4 0042A4FE \|. 8945 F4 \|mov [local.3],eax 0042A501 \|. 837D F4 04 \|cmp [local.3],4 0042A505 \|.^ 73 D5 \jnb short manager.0042A4DC ; 循环复制上一个人的数据 0042A507 \|. 837D F4 00 cmp [local.3],0 0042A50B \|. 76 2B jbe short manager.0042A538 0042A50D \|> 8B4D F8 /mov ecx,[local.2] 0042A510 \|. 8B55 F0 \|mov edx,[local.4] 0042A513 \|. 8A02 \|mov al,byte ptr ds:[edx] 0042A515 \|. 8801 \|mov byte ptr ds:[ecx],al 0042A517 \|. 8B4D F8 \|mov ecx,[local.2] 0042A51A \|. 83C1 01 \|add ecx,1 0042A51D \|. 894D F8 \|mov [local.2],ecx 0042A520 \|. 8B55 F0 \|mov edx,[local.4] 0042A523 \|. 83C2 01 \|add edx,1 0042A526 \|. 8955 F0 \|mov [local.4],edx 0042A529 \|. 8B45 F4 \|mov eax,[local.3] 0042A52C \|. 83E8 01 \|sub eax,1 0042A52F \|. 8945 F4 \|mov [local.3],eax 0042A532 \|. 837D F4 00 \|cmp [local.3],0 0042A536 \|.^ 77 D5 \ja short manager.0042A50D 0042A538 \|> EB 63 jmp short manager.0042A59D 0042A53A \|> 8B4D F8 mov ecx,[local.2] 0042A53D \|. 8B55 F0 mov edx,[local.4] 0042A540 \|. 8A02 mov al,byte ptr ds:[edx] 0042A542 \|. 8801 mov byte ptr ds:[ecx],al 0042A544 \|. 8B4D F8 mov ecx,[local.2] 0042A547 \|. 83C1 01 add ecx,1 0042A54A \|. 894D F8 mov [local.2],ecx 0042A54D \|. 8B55 F0 mov edx,[local.4] 0042A550 \|. 83C2 01 add edx,1 0042A553 \|. 8955 F0 mov [local.4],edx 0042A556 \|. 8B45 F8 mov eax,[local.2] 0042A559 \|. 8B4D F0 mov ecx,[local.4] 0042A55C \|. 8A11 mov dl,byte ptr ds:[ecx] 0042A55E \|. 8810 mov byte ptr ds:[eax],dl 0042A560 \|. 8B45 F8 mov eax,[local.2] 0042A563 \|. 83C0 01 add eax,1 0042A566 \|. 8945 F8 mov [local.2],eax 0042A569 \|. 8B4D F0 mov ecx,[local.4] 0042A56C \|. 83C1 01 add ecx,1 0042A56F \|. 894D F0 mov [local.4],ecx 0042A572 \|> 8B55 F8 /mov edx,[local.2] 0042A575 \|. 8B45 F0 \|mov eax,[local.4] 0042A578 \|. 8A08 \|mov cl,byte ptr ds:[eax] 0042A57A \|. 880A \|mov byte ptr ds:[edx],cl 0042A57C \|. 8B55 F8 \|mov edx,[local.2] 0042A57F \|. 83C2 01 \|add edx,1 0042A582 \|. 8955 F8 \|mov [local.2],edx 0042A585 \|. 8B45 F0 \|mov eax,[local.4] 0042A588 \|. 83C0 01 \|add eax,1 0042A58B \|. 8945 F0 \|mov [local.4],eax 0042A58E \|. 8B4D F4 \|mov ecx,[local.3] 0042A591 \|. 83E9 01 \|sub ecx,1 0042A594 \|. 894D F4 \|mov [local.3],ecx 0042A597 \|. 837D F4 00 \|cmp [local.3],0 0042A59B \|.^ 77 D5 \ja short manager.0042A572 0042A59D \|> 8B55 EC mov edx,[local.5] 0042A5A0 \|. 33C0 xor eax,eax 0042A5A2 \|. 8A42 FE mov al,byte ptr ds:[edx-2] 0042A5A5 \|. 83E0 03 and eax,3 0042A5A8 \|. 8945 F4 mov [local.3],eax 0042A5AB \|. 837D F4 00 cmp [local.3],0 0042A5AF \|. 75 02 jnz short manager.0042A5B3 0042A5B1 \|. EB 6C jmp short manager.0042A61F 0042A5B3 \|> 8B4D E8 mov ecx,[local.6] 0042A5B6 \|. 2B4D F8 sub ecx,[local.2] 0042A5B9 \|. 3B4D F4 cmp ecx,[local.3] 0042A5BC \|. 73 07 jnb short manager.0042A5C5 0042A5BE \|. 33C0 xor eax,eax 0042A5C0 \|. E9 9C000000 jmp manager.0042A661 0042A5C5 \|> 8B55 FC mov edx,[local.1] 0042A5C8 \|. 2B55 EC sub edx,[local.5] 0042A5CB \|. 8B45 F4 mov eax,[local.3] 0042A5CE \|. 83C0 01 add eax,1 0042A5D1 \|. 3BD0 cmp edx,eax 0042A5D3 \|. 73 07 jnb short manager.0042A5DC 0042A5D5 \|. 33C0 xor eax,eax 0042A5D7 \|. E9 85000000 jmp manager.0042A661 0042A5DC \|> 8B4D F8 /mov ecx,[local.2] 0042A5DF \|. 8B55 EC \|mov edx,[local.5] 0042A5E2 \|. 8A02 \|mov al,byte ptr ds:[edx] 0042A5E4 \|. 8801 \|mov byte ptr ds:[ecx],al 0042A5E6 \|. 8B4D F8 \|mov ecx,[local.2] 0042A5E9 \|. 83C1 01 \|add ecx,1 0042A5EC \|. 894D F8 \|mov [local.2],ecx 0042A5EF \|. 8B55 EC \|mov edx,[local.5] 0042A5F2 \|. 83C2 01 \|add edx,1 0042A5F5 \|. 8955 EC \|mov [local.5],edx 0042A5F8 \|. 8B45 F4 \|mov eax,[local.3] 0042A5FB \|. 83E8 01 \|sub eax,1 0042A5FE \|. 8945 F4 \|mov [local.3],eax 0042A601 \|. 837D F4 00 \|cmp [local.3],0 0042A605 \|.^ 77 D5 \ja short manager.0042A5DC 0042A607 \|. 8B4D EC mov ecx,[local.5] 0042A60A \|. 33D2 xor edx,edx 0042A60C \|. 8A11 mov dl,byte ptr ds:[ecx] 0042A60E \|. 8955 F4 mov [local.3],edx 0042A611 \|. 8B45 EC mov eax,[local.5] 0042A614 \|. 83C0 01 add eax,1 0042A617 \|. 8945 EC mov [local.5],eax 0042A61A \|.^ E9 DCFBFFFF jmp manager.0042A1FB 0042A61F \|>^ E9 9CF9FFFF jmp manager.00429FC0 0042A624 \|> 8B4D F8 mov ecx,[local.2] 0042A627 \|. 2B4D 10 sub ecx,[arg.3] 0042A62A \|. 8B55 14 mov edx,[arg.4] 0042A62D \|. 890A mov dword ptr ds:[edx],ecx 0042A62F \|. 8B45 EC mov eax,[local.5] 0042A632 \|. 33C9 xor ecx,ecx 0042A634 \|. 3B45 FC cmp eax,[local.1] 0042A637 \|. 0F94C1 sete cl 0042A63A \|. 8BC1 mov eax,ecx 0042A63C \|. EB 23 jmp short manager.0042A661 0042A63E \|>^ E9 5AFFFFFF jmp manager.0042A59D 0042A643 \|>^ E9 F2FEFFFF jmp manager.0042A53A 0042A648 \|>^ E9 50FFFFFF jmp manager.0042A59D 0042A64D \|>^ E9 B6FBFFFF jmp manager.0042A208 0042A652 \|>^ E9 B1FBFFFF jmp manager.0042A208 0042A657 \|>^ E9 DBFAFFFF jmp manager.0042A137 0042A65C \|>^ E9 52FFFFFF jmp manager.0042A5B3 0042A661 \|> 8BE5 mov esp,ebp 0042A663 \|. 5D pop ebp 0042A664 \. C2 1000 retn 10 2012-1-3 05:44 0
exile 雪币： 2105 活跃值： (424) 能力值： ( LV4，RANK：50 ) 在线值：发帖 21 回帖 1266 粉丝 2 关注私信	exile 1 6 楼你找一段解压前和解压后的数据试试不就知道了 2012-1-3 14:41 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

themars

发帖

回帖

RANK

关注

私信

他的文章

关于我们

联系我们

企业服务

看雪公众号

最新回复 (5)
themars 雪币： 14 活跃值： (33) 能力值： ( LV2，RANK：10 ) 在线值：发帖 5 回帖 36 粉丝 0 关注私信	themars 2 楼居然没有人提出看法各路大神快快显灵啊提供一点思路也好啊可能是哪种压缩算法的类型 2011-8-24 16:37 0
nimadehi 雪币： 6 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 1 回帖 5 粉丝 0 关注私信	nimadehi 3 楼很好。。楼主算法解决没有。。我也碰到这个算法了。不过好像还有点区别。。不过都是类似把000这些数据压缩掉 2011-12-30 09:47 0
exile 雪币： 2105 活跃值： (424) 能力值： ( LV4，RANK：50 ) 在线值：发帖 21 回帖 1266 粉丝 2 关注私信	exile 1 4 楼 lzo算法 12345 2011-12-30 11:45 0
nimadehi 雪币： 6 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 1 回帖 5 粉丝 0 关注私信	nimadehi 5 楼楼上这位仁兄。可否帮我看看我这个与楼主的是不是同样的。 00429E9B /$ 55 push ebp ; 解压缩算法 00429E9C \|. 8BEC mov ebp,esp 00429E9E \|. 83EC 1C sub esp,1C 00429EA1 \|. 894D E4 mov [local.7],ecx 00429EA4 \|. 8B45 10 mov eax,[arg.3] 00429EA7 \|. 8945 F8 mov [local.2],eax 00429EAA \|. 8B4D 08 mov ecx,[arg.1] 00429EAD \|. 894D EC mov [local.5],ecx 00429EB0 \|. 8B55 08 mov edx,[arg.1] 00429EB3 \|. 0355 0C add edx,[arg.2] 00429EB6 \|. 8955 FC mov [local.1],edx 00429EB9 \|. 8B45 14 mov eax,[arg.4] 00429EBC \|. 8B4D 10 mov ecx,[arg.3] 00429EBF \|. 0308 add ecx,dword ptr ds:[eax] 00429EC1 \|. 894D E8 mov [local.6],ecx 00429EC4 \|. 837D 08 00 cmp [arg.1],0 00429EC8 \|. 74 1A je short manager.00429EE4 00429ECA \|. 837D 0C 03 cmp [arg.2],3 00429ECE \|. 72 14 jb short manager.00429EE4 00429ED0 \|. 837D 14 00 cmp [arg.4],0 00429ED4 \|. 74 0E je short manager.00429EE4 00429ED6 \|. 837D 10 00 cmp [arg.3],0 00429EDA \|. 74 08 je short manager.00429EE4 00429EDC \|. 8B55 14 mov edx,[arg.4] 00429EDF \|. 833A 01 cmp dword ptr ds:[edx],1 00429EE2 \|. 73 07 jnb short manager.00429EEB 00429EE4 \|> 33C0 xor eax,eax 00429EE6 \|. E9 76070000 jmp manager.0042A661 00429EEB \|> 8B45 14 mov eax,[arg.4] 00429EEE \|. C700 00000000 mov dword ptr ds:[eax],0 00429EF4 \|. 8B4D FC mov ecx,[local.1] 00429EF7 \|. 33D2 xor edx,edx 00429EF9 \|. 8A51 FF mov dl,byte ptr ds:[ecx-1] 00429EFC \|. 85D2 test edx,edx 00429EFE \|. 75 19 jnz short manager.00429F19 00429F00 \|. 8B45 FC mov eax,[local.1] 00429F03 \|. 33C9 xor ecx,ecx 00429F05 \|. 8A48 FE mov cl,byte ptr ds:[eax-2] 00429F08 \|. 85C9 test ecx,ecx 00429F0A \|. 75 0D jnz short manager.00429F19 00429F0C \|. 8B55 FC mov edx,[local.1] 00429F0F \|. 33C0 xor eax,eax 00429F11 \|. 8A42 FD mov al,byte ptr ds:[edx-3] 00429F14 \|. 83F8 11 cmp eax,11 00429F17 \|. 74 21 je short manager.00429F3A 00429F19 \|> 8B4D 0C mov ecx,[arg.2] 00429F1C \|. 51 push ecx ; /Arg5 00429F1D \|. 68 70155200 push manager.00521570 ; \|Arg4 = 00521570 ASCII "Compressor: invalid decompress block [%d bytes]" 00429F22 \|. 6A 00 push 0 ; \|Arg3 = 00000000 00429F24 \|. 6A 04 push 4 ; \|Arg2 = 00000004 00429F26 \|. 68 30C85200 push manager.0052C830 ; \|Arg1 = 0052C830 00429F2B \|. E8 F9A0FFFF call manager.00424029 ; \manager.00424029 00429F30 \|. 83C4 14 add esp,14 00429F33 \|. 33C0 xor eax,eax 00429F35 \|. E9 27070000 jmp manager.0042A661 00429F3A \|> 8B55 EC mov edx,[local.5] 00429F3D \|. 33C0 xor eax,eax 00429F3F \|. 8A02 mov al,byte ptr ds:[edx] 00429F41 \|. 83F8 11 cmp eax,11 00429F44 \|. 7E 7A jle short manager.00429FC0 00429F46 \|. 8B4D EC mov ecx,[local.5] 00429F49 \|. 33D2 xor edx,edx 00429F4B \|. 8A11 mov dl,byte ptr ds:[ecx] 00429F4D \|. 83EA 11 sub edx,11 00429F50 \|. 8955 F4 mov [local.3],edx 00429F53 \|. 8B45 EC mov eax,[local.5] 00429F56 \|. 83C0 01 add eax,1 00429F59 \|. 8945 EC mov [local.5],eax 00429F5C \|. 837D F4 04 cmp [local.3],4 00429F60 \|. 73 05 jnb short manager.00429F67 00429F62 \|. E9 F5060000 jmp manager.0042A65C 00429F67 \|> 8B4D E8 mov ecx,[local.6] 00429F6A \|. 2B4D F8 sub ecx,[local.2] 00429F6D \|. 3B4D F4 cmp ecx,[local.3] 00429F70 \|. 73 07 jnb short manager.00429F79 00429F72 \|. 33C0 xor eax,eax 00429F74 \|. E9 E8060000 jmp manager.0042A661 00429F79 \|> 8B55 FC mov edx,[local.1] 00429F7C \|. 2B55 EC sub edx,[local.5] 00429F7F \|. 8B45 F4 mov eax,[local.3] 00429F82 \|. 83C0 01 add eax,1 00429F85 \|. 3BD0 cmp edx,eax 00429F87 \|. 73 07 jnb short manager.00429F90 00429F89 \|. 33C0 xor eax,eax 00429F8B \|. E9 D1060000 jmp manager.0042A661 00429F90 \|> 8B4D F8 /mov ecx,[local.2] 00429F93 \|. 8B55 EC \|mov edx,[local.5] 00429F96 \|. 8A02 \|mov al,byte ptr ds:[edx] 00429F98 \|. 8801 \|mov byte ptr ds:[ecx],al 00429F9A \|. 8B4D F8 \|mov ecx,[local.2] 00429F9D \|. 83C1 01 \|add ecx,1 00429FA0 \|. 894D F8 \|mov [local.2],ecx 00429FA3 \|. 8B55 EC \|mov edx,[local.5] 00429FA6 \|. 83C2 01 \|add edx,1 00429FA9 \|. 8955 EC \|mov [local.5],edx 00429FAC \|. 8B45 F4 \|mov eax,[local.3] 00429FAF \|. 83E8 01 \|sub eax,1 00429FB2 \|. 8945 F4 \|mov [local.3],eax 00429FB5 \|. 837D F4 00 \|cmp [local.3],0 00429FB9 \|.^ 77 D5 \ja short manager.00429F90 00429FBB \|. E9 97060000 jmp manager.0042A657 00429FC0 \|> B9 01000000 mov ecx,1 00429FC5 \|. 85C9 test ecx,ecx 00429FC7 \|. 0F84 57060000 je manager.0042A624 00429FCD \|. 8B55 EC mov edx,[local.5] 00429FD0 \|. 33C0 xor eax,eax 00429FD2 \|. 8A02 mov al,byte ptr ds:[edx] 00429FD4 \|. 8945 F4 mov [local.3],eax 00429FD7 \|. 8B4D EC mov ecx,[local.5] 00429FDA \|. 83C1 01 add ecx,1 00429FDD \|. 894D EC mov [local.5],ecx 00429FE0 \|. 837D F4 10 cmp [local.3],10 00429FE4 \|. 72 05 jb short manager.00429FEB 00429FE6 \|. E9 67060000 jmp manager.0042A652 00429FEB \|> 837D F4 00 cmp [local.3],0 00429FEF \|. 75 5A jnz short manager.0042A04B 00429FF1 \|. 8B55 EC mov edx,[local.5] 00429FF4 \|. 3B55 FC cmp edx,[local.1] 00429FF7 \|. 76 07 jbe short manager.0042A000 00429FF9 \|. 33C0 xor eax,eax 00429FFB \|. E9 61060000 jmp manager.0042A661 0042A000 \|> 8B45 EC /mov eax,[local.5] 0042A003 \|. 33C9 \|xor ecx,ecx 0042A005 \|. 8A08 \|mov cl,byte ptr ds:[eax] 0042A007 \|. 85C9 \|test ecx,ecx 0042A009 \|. 75 26 \|jnz short manager.0042A031 0042A00B \|. 8B55 F4 \|mov edx,[local.3] 0042A00E \|. 81C2 FF000000 \|add edx,0FF 0042A014 \|. 8955 F4 \|mov [local.3],edx 0042A017 \|. 8B45 EC \|mov eax,[local.5] 0042A01A \|. 83C0 01 \|add eax,1 0042A01D \|. 8945 EC \|mov [local.5],eax 0042A020 \|. 8B4D EC \|mov ecx,[local.5] 0042A023 \|. 3B4D FC \|cmp ecx,[local.1] 0042A026 \|. 76 07 \|jbe short manager.0042A02F 0042A028 \|. 33C0 \|xor eax,eax 0042A02A \|. E9 32060000 \|jmp manager.0042A661 0042A02F \|>^ EB CF \jmp short manager.0042A000 0042A031 \|> 8B55 EC mov edx,[local.5] 0042A034 \|. 33C0 xor eax,eax 0042A036 \|. 8A02 mov al,byte ptr ds:[edx] 0042A038 \|. 8B4D F4 mov ecx,[local.3] 0042A03B \|. 8D5401 0F lea edx,dword ptr ds:[ecx+eax+F] 0042A03F \|. 8955 F4 mov [local.3],edx 0042A042 \|. 8B45 EC mov eax,[local.5] 0042A045 \|. 83C0 01 add eax,1 0042A048 \|. 8945 EC mov [local.5],eax 0042A04B \|> 8B4D E8 mov ecx,[local.6] 0042A04E \|. 2B4D F8 sub ecx,[local.2] 0042A051 \|. 8B55 F4 mov edx,[local.3] 0042A054 \|. 83C2 03 add edx,3 0042A057 \|. 3BCA cmp ecx,edx 0042A059 \|. 73 07 jnb short manager.0042A062 0042A05B \|. 33C0 xor eax,eax 0042A05D \|. E9 FF050000 jmp manager.0042A661 0042A062 \|> 8B45 FC mov eax,[local.1] 0042A065 \|. 2B45 EC sub eax,[local.5] 0042A068 \|. 8B4D F4 mov ecx,[local.3] 0042A06B \|. 83C1 04 add ecx,4 0042A06E \|. 3BC1 cmp eax,ecx 0042A070 \|. 73 07 jnb short manager.0042A079 0042A072 \|. 33C0 xor eax,eax 0042A074 \|. E9 E8050000 jmp manager.0042A661 0042A079 \|> 8B55 F8 mov edx,[local.2] 0042A07C \|. 8B45 EC mov eax,[local.5] 0042A07F \|. 8B08 mov ecx,dword ptr ds:[eax] 0042A081 \|. 890A mov dword ptr ds:[edx],ecx 0042A083 \|. 8B55 F8 mov edx,[local.2] 0042A086 \|. 83C2 04 add edx,4 0042A089 \|. 8955 F8 mov [local.2],edx 0042A08C \|. 8B45 EC mov eax,[local.5] 0042A08F \|. 83C0 04 add eax,4 0042A092 \|. 8945 EC mov [local.5],eax 0042A095 \|. 8B4D F4 mov ecx,[local.3] 0042A098 \|. 83E9 01 sub ecx,1 0042A09B \|. 894D F4 mov [local.3],ecx 0042A09E \|. 837D F4 00 cmp [local.3],0 0042A0A2 \|. 0F86 8F000000 jbe manager.0042A137 0042A0A8 \|. 837D F4 04 cmp [local.3],4 0042A0AC \|. 72 5E jb short manager.0042A10C 0042A0AE \|> 8B55 F8 /mov edx,[local.2] 0042A0B1 \|. 8B45 EC \|mov eax,[local.5] 0042A0B4 \|. 8B08 \|mov ecx,dword ptr ds:[eax] 0042A0B6 \|. 890A \|mov dword ptr ds:[edx],ecx 0042A0B8 \|. 8B55 F8 \|mov edx,[local.2] 0042A0BB \|. 83C2 04 \|add edx,4 0042A0BE \|. 8955 F8 \|mov [local.2],edx 0042A0C1 \|. 8B45 EC \|mov eax,[local.5] 0042A0C4 \|. 83C0 04 \|add eax,4 0042A0C7 \|. 8945 EC \|mov [local.5],eax 0042A0CA \|. 8B4D F4 \|mov ecx,[local.3] 0042A0CD \|. 83E9 04 \|sub ecx,4 0042A0D0 \|. 894D F4 \|mov [local.3],ecx 0042A0D3 \|. 837D F4 04 \|cmp [local.3],4 0042A0D7 \|.^ 73 D5 \jnb short manager.0042A0AE 0042A0D9 \|. 837D F4 00 cmp [local.3],0 0042A0DD \|. 76 2B jbe short manager.0042A10A 0042A0DF \|> 8B55 F8 /mov edx,[local.2] 0042A0E2 \|. 8B45 EC \|mov eax,[local.5] 0042A0E5 \|. 8A08 \|mov cl,byte ptr ds:[eax] 0042A0E7 \|. 880A \|mov byte ptr ds:[edx],cl 0042A0E9 \|. 8B55 F8 \|mov edx,[local.2] 0042A0EC \|. 83C2 01 \|add edx,1 0042A0EF \|. 8955 F8 \|mov [local.2],edx 0042A0F2 \|. 8B45 EC \|mov eax,[local.5] 0042A0F5 \|. 83C0 01 \|add eax,1 0042A0F8 \|. 8945 EC \|mov [local.5],eax 0042A0FB \|. 8B4D F4 \|mov ecx,[local.3] 0042A0FE \|. 83E9 01 \|sub ecx,1 0042A101 \|. 894D F4 \|mov [local.3],ecx 0042A104 \|. 837D F4 00 \|cmp [local.3],0 0042A108 \|.^ 77 D5 \ja short manager.0042A0DF 0042A10A \|> EB 2B jmp short manager.0042A137 0042A10C \|> 8B55 F8 /mov edx,[local.2] 0042A10F \|. 8B45 EC \|mov eax,[local.5] 0042A112 \|. 8A08 \|mov cl,byte ptr ds:[eax] 0042A114 \|. 880A \|mov byte ptr ds:[edx],cl 0042A116 \|. 8B55 F8 \|mov edx,[local.2] 0042A119 \|. 83C2 01 \|add edx,1 0042A11C \|. 8955 F8 \|mov [local.2],edx 0042A11F \|. 8B45 EC \|mov eax,[local.5] 0042A122 \|. 83C0 01 \|add eax,1 0042A125 \|. 8945 EC \|mov [local.5],eax 0042A128 \|. 8B4D F4 \|mov ecx,[local.3] 0042A12B \|. 83E9 01 \|sub ecx,1 0042A12E \|. 894D F4 \|mov [local.3],ecx 0042A131 \|. 837D F4 00 \|cmp [local.3],0 0042A135 \|.^ 77 D5 \ja short manager.0042A10C 0042A137 \|> 8B55 EC mov edx,[local.5] 0042A13A \|. 33C0 xor eax,eax 0042A13C \|. 8A02 mov al,byte ptr ds:[edx] 0042A13E \|. 8945 F4 mov [local.3],eax 0042A141 \|. 8B4D EC mov ecx,[local.5] 0042A144 \|. 83C1 01 add ecx,1 0042A147 \|. 894D EC mov [local.5],ecx 0042A14A \|. 837D F4 10 cmp [local.3],10 0042A14E \|. 72 05 jb short manager.0042A155 0042A150 \|. E9 F8040000 jmp manager.0042A64D 0042A155 \|> 8B55 F8 mov edx,[local.2] 0042A158 \|. 81EA 01080000 sub edx,801 0042A15E \|. 8955 F0 mov [local.4],edx 0042A161 \|. 8B45 F4 mov eax,[local.3] 0042A164 \|. C1E8 02 shr eax,2 0042A167 \|. 8B4D F0 mov ecx,[local.4] 0042A16A \|. 2BC8 sub ecx,eax 0042A16C \|. 894D F0 mov [local.4],ecx 0042A16F \|. 8B55 EC mov edx,[local.5] 0042A172 \|. 33C0 xor eax,eax 0042A174 \|. 8A02 mov al,byte ptr ds:[edx] 0042A176 \|. C1E0 02 shl eax,2 0042A179 \|. 8B4D F0 mov ecx,[local.4] 0042A17C \|. 2BC8 sub ecx,eax 0042A17E \|. 894D F0 mov [local.4],ecx 0042A181 \|. 8B55 EC mov edx,[local.5] 0042A184 \|. 83C2 01 add edx,1 0042A187 \|. 8955 EC mov [local.5],edx 0042A18A \|. 8B45 F0 mov eax,[local.4] 0042A18D \|. 3B45 10 cmp eax,[arg.3] 0042A190 \|. 73 07 jnb short manager.0042A199 0042A192 \|. 33C0 xor eax,eax 0042A194 \|. E9 C8040000 jmp manager.0042A661 0042A199 \|> 8B4D E8 mov ecx,[local.6] 0042A19C \|. 2B4D F8 sub ecx,[local.2] 0042A19F \|. 83F9 03 cmp ecx,3 0042A1A2 \|. 7D 07 jge short manager.0042A1AB 0042A1A4 \|. 33C0 xor eax,eax 0042A1A6 \|. E9 B6040000 jmp manager.0042A661 0042A1AB \|> 8B55 F8 mov edx,[local.2] 0042A1AE \|. 8B45 F0 mov eax,[local.4] 0042A1B1 \|. 8A08 mov cl,byte ptr ds:[eax] 0042A1B3 \|. 880A mov byte ptr ds:[edx],cl 0042A1B5 \|. 8B55 F8 mov edx,[local.2] 0042A1B8 \|. 83C2 01 add edx,1 0042A1BB \|. 8955 F8 mov [local.2],edx 0042A1BE \|. 8B45 F0 mov eax,[local.4] 0042A1C1 \|. 83C0 01 add eax,1 0042A1C4 \|. 8945 F0 mov [local.4],eax 0042A1C7 \|. 8B4D F8 mov ecx,[local.2] 0042A1CA \|. 8B55 F0 mov edx,[local.4] 0042A1CD \|. 8A02 mov al,byte ptr ds:[edx] 0042A1CF \|. 8801 mov byte ptr ds:[ecx],al 0042A1D1 \|. 8B4D F8 mov ecx,[local.2] 0042A1D4 \|. 83C1 01 add ecx,1 0042A1D7 \|. 894D F8 mov [local.2],ecx 0042A1DA \|. 8B55 F0 mov edx,[local.4] 0042A1DD \|. 83C2 01 add edx,1 0042A1E0 \|. 8955 F0 mov [local.4],edx 0042A1E3 \|. 8B45 F8 mov eax,[local.2] 0042A1E6 \|. 8B4D F0 mov ecx,[local.4] 0042A1E9 \|. 8A11 mov dl,byte ptr ds:[ecx] 0042A1EB \|. 8810 mov byte ptr ds:[eax],dl 0042A1ED \|. 8B45 F8 mov eax,[local.2] 0042A1F0 \|. 83C0 01 add eax,1 0042A1F3 \|. 8945 F8 mov [local.2],eax 0042A1F6 \|. E9 4D040000 jmp manager.0042A648 0042A1FB \|> B9 01000000 mov ecx,1 0042A200 \|. 85C9 test ecx,ecx 0042A202 \|. 0F84 17040000 je manager.0042A61F 0042A208 \|> 837D F4 40 cmp [local.3],40 0042A20C \|. 72 6C jb short manager.0042A27A 0042A20E \|. 8B55 F8 mov edx,[local.2] 0042A211 \|. 83EA 01 sub edx,1 0042A214 \|. 8955 F0 mov [local.4],edx 0042A217 \|. 8B45 F4 mov eax,[local.3] 0042A21A \|. C1E8 02 shr eax,2 0042A21D \|. 83E0 07 and eax,7 0042A220 \|. 8B4D F0 mov ecx,[local.4] 0042A223 \|. 2BC8 sub ecx,eax 0042A225 \|. 894D F0 mov [local.4],ecx 0042A228 \|. 8B55 EC mov edx,[local.5] 0042A22B \|. 33C0 xor eax,eax 0042A22D \|. 8A02 mov al,byte ptr ds:[edx] 0042A22F \|. C1E0 03 shl eax,3 0042A232 \|. 8B4D F0 mov ecx,[local.4] 0042A235 \|. 2BC8 sub ecx,eax 0042A237 \|. 894D F0 mov [local.4],ecx 0042A23A \|. 8B55 EC mov edx,[local.5] 0042A23D \|. 83C2 01 add edx,1 0042A240 \|. 8955 EC mov [local.5],edx 0042A243 \|. 8B45 F4 mov eax,[local.3] 0042A246 \|. C1E8 05 shr eax,5 0042A249 \|. 83E8 01 sub eax,1 0042A24C \|. 8945 F4 mov [local.3],eax 0042A24F \|. 8B4D F0 mov ecx,[local.4] 0042A252 \|. 3B4D 10 cmp ecx,[arg.3] 0042A255 \|. 73 07 jnb short manager.0042A25E 0042A257 \|. 33C0 xor eax,eax 0042A259 \|. E9 03040000 jmp manager.0042A661 0042A25E \|> 8B55 E8 mov edx,[local.6] 0042A261 \|. 2B55 F8 sub edx,[local.2] 0042A264 \|. 8B45 F4 mov eax,[local.3] 0042A267 \|. 83C0 02 add eax,2 0042A26A \|. 3BD0 cmp edx,eax 0042A26C \|. 73 07 jnb short manager.0042A275 0042A26E \|. 33C0 xor eax,eax 0042A270 \|. E9 EC030000 jmp manager.0042A661 0042A275 \|> E9 C9030000 jmp manager.0042A643 0042A27A \|> 837D F4 20 cmp [local.3],20 ; 读取完名字判断20 0042A27E \|. 0F82 93000000 jb manager.0042A317 0042A284 \|. 8B4D F4 mov ecx,[local.3] ; 20到ECX 0042A287 \|. 83E1 1F and ecx,1F 0042A28A \|. 894D F4 mov [local.3],ecx 0042A28D \|. 837D F4 00 cmp [local.3],0 0042A291 \|. 75 5A jnz short manager.0042A2ED 0042A293 \|. 8B55 EC mov edx,[local.5] 0042A296 \|. 3B55 FC cmp edx,[local.1] 0042A299 \|. 76 07 jbe short manager.0042A2A2 0042A29B \|. 33C0 xor eax,eax 0042A29D \|. E9 BF030000 jmp manager.0042A661 0042A2A2 \|> 8B45 EC /mov eax,[local.5] ; local是指针5 0042A2A5 \|. 33C9 \|xor ecx,ecx 0042A2A7 \|. 8A08 \|mov cl,byte ptr ds:[eax] ; 读取名字后面第2个字节到CL 0042A2A9 \|. 85C9 \|test ecx,ecx ; 判断是否为空 0042A2AB \|. 75 26 \|jnz short manager.0042A2D3 ; 如果不为空则跳 0042A2AD \|. 8B55 F4 \|mov edx,[local.3] 0042A2B0 \|. 81C2 FF000000 \|add edx,0FF 0042A2B6 \|. 8955 F4 \|mov [local.3],edx 0042A2B9 \|. 8B45 EC \|mov eax,[local.5] 0042A2BC \|. 83C0 01 \|add eax,1 0042A2BF \|. 8945 EC \|mov [local.5],eax 0042A2C2 \|. 8B4D EC \|mov ecx,[local.5] 0042A2C5 \|. 3B4D FC \|cmp ecx,[local.1] 0042A2C8 \|. 76 07 \|jbe short manager.0042A2D1 0042A2CA \|. 33C0 \|xor eax,eax 0042A2CC \|. E9 90030000 \|jmp manager.0042A661 0042A2D1 \|>^ EB CF \jmp short manager.0042A2A2 0042A2D3 \|> 8B55 EC mov edx,[local.5] 0042A2D6 \|. 33C0 xor eax,eax 0042A2D8 \|. 8A02 mov al,byte ptr ds:[edx] ; 读取了指针5的数据 0042A2DA \|. 8B4D F4 mov ecx,[local.3] ; 读取指针X数据 0042A2DD \|. 8D5401 1F lea edx,dword ptr ds:[ecx+eax+1F] ; EDX=ECX+EAX+1F 0042A2E1 \|. 8955 F4 mov [local.3],edx ; 结果保存回指针X 0042A2E4 \|. 8B45 EC mov eax,[local.5] 0042A2E7 \|. 83C0 01 add eax,1 0042A2EA \|. 8945 EC mov [local.5],eax ; 指针5自增 0042A2ED \|> 8B4D F8 mov ecx,[local.2] ; 保存数据的地指指针到ECX 0042A2F0 \|. 83E9 01 sub ecx,1 0042A2F3 \|. 894D F0 mov [local.4],ecx ; 保存地址数据指针-1=指针4 0042A2F6 \|. 8B55 EC mov edx,[local.5] 0042A2F9 \|. 33C0 xor eax,eax 0042A2FB \|. 66:8B02 mov ax,word ptr ds:[edx] ; 读取word的指针5数据 0042A2FE \|. C1F8 02 sar eax,2 ; eax除4 0042A301 \|. 8B4D F0 mov ecx,[local.4] 0042A304 \|. 2BC8 sub ecx,eax 0042A306 \|. 894D F0 mov [local.4],ecx ; 结果+指针4到指针4 0042A309 \|. 8B55 EC mov edx,[local.5] 0042A30C \|. 83C2 02 add edx,2 0042A30F \|. 8955 EC mov [local.5],edx ; 指针5+2 0042A312 \|. E9 61010000 jmp manager.0042A478 0042A317 \|> 837D F4 10 cmp [local.3],10 0042A31B \|. 0F82 D0000000 jb manager.0042A3F1 0042A321 \|. 8B45 F8 mov eax,[local.2] 0042A324 \|. 8945 F0 mov [local.4],eax 0042A327 \|. 8B4D F4 mov ecx,[local.3] 0042A32A \|. 83E1 08 and ecx,8 0042A32D \|. C1E1 0B shl ecx,0B 0042A330 \|. 8B55 F0 mov edx,[local.4] 0042A333 \|. 2BD1 sub edx,ecx 0042A335 \|. 8955 F0 mov [local.4],edx 0042A338 \|. 8B45 F4 mov eax,[local.3] 0042A33B \|. 83E0 07 and eax,7 0042A33E \|. 8945 F4 mov [local.3],eax 0042A341 \|. 837D F4 00 cmp [local.3],0 0042A345 \|. 75 5A jnz short manager.0042A3A1 0042A347 \|. 8B4D EC mov ecx,[local.5] 0042A34A \|. 3B4D FC cmp ecx,[local.1] 0042A34D \|. 76 07 jbe short manager.0042A356 0042A34F \|. 33C0 xor eax,eax 0042A351 \|. E9 0B030000 jmp manager.0042A661 0042A356 \|> 8B55 EC /mov edx,[local.5] 0042A359 \|. 33C0 \|xor eax,eax 0042A35B \|. 8A02 \|mov al,byte ptr ds:[edx] 0042A35D \|. 85C0 \|test eax,eax 0042A35F \|. 75 26 \|jnz short manager.0042A387 0042A361 \|. 8B4D F4 \|mov ecx,[local.3] 0042A364 \|. 81C1 FF000000 \|add ecx,0FF 0042A36A \|. 894D F4 \|mov [local.3],ecx 0042A36D \|. 8B55 EC \|mov edx,[local.5] 0042A370 \|. 83C2 01 \|add edx,1 0042A373 \|. 8955 EC \|mov [local.5],edx 0042A376 \|. 8B45 EC \|mov eax,[local.5] 0042A379 \|. 3B45 FC \|cmp eax,[local.1] 0042A37C \|. 76 07 \|jbe short manager.0042A385 0042A37E \|. 33C0 \|xor eax,eax 0042A380 \|. E9 DC020000 \|jmp manager.0042A661 0042A385 \|>^ EB CF \jmp short manager.0042A356 0042A387 \|> 8B4D EC mov ecx,[local.5] 0042A38A \|. 33D2 xor edx,edx 0042A38C \|. 8A11 mov dl,byte ptr ds:[ecx] 0042A38E \|. 8B45 F4 mov eax,[local.3] 0042A391 \|. 8D4C10 07 lea ecx,dword ptr ds:[eax+edx+7] 0042A395 \|. 894D F4 mov [local.3],ecx 0042A398 \|. 8B55 EC mov edx,[local.5] 0042A39B \|. 83C2 01 add edx,1 0042A39E \|. 8955 EC mov [local.5],edx 0042A3A1 \|> 8B45 EC mov eax,[local.5] 0042A3A4 \|. 33C9 xor ecx,ecx 0042A3A6 \|. 66:8B08 mov cx,word ptr ds:[eax] 0042A3A9 \|. C1F9 02 sar ecx,2 0042A3AC \|. 8B55 F0 mov edx,[local.4] 0042A3AF \|. 2BD1 sub edx,ecx 0042A3B1 \|. 8955 F0 mov [local.4],edx 0042A3B4 \|. 8B45 EC mov eax,[local.5] 0042A3B7 \|. 83C0 02 add eax,2 0042A3BA \|. 8945 EC mov [local.5],eax 0042A3BD \|. 8B4D F0 mov ecx,[local.4] 0042A3C0 \|. 3B4D F8 cmp ecx,[local.2] 0042A3C3 \|. 75 1B jnz short manager.0042A3E0 0042A3C5 \|. 8B55 F8 mov edx,[local.2] 0042A3C8 \|. 2B55 10 sub edx,[arg.3] 0042A3CB \|. 8B45 14 mov eax,[arg.4] 0042A3CE \|. 8910 mov dword ptr ds:[eax],edx 0042A3D0 \|. 8B4D EC mov ecx,[local.5] 0042A3D3 \|. 33C0 xor eax,eax 0042A3D5 \|. 3B4D FC cmp ecx,[local.1] 0042A3D8 \|. 0F94C0 sete al 0042A3DB \|. E9 81020000 jmp manager.0042A661 0042A3E0 \|> 8B55 F0 mov edx,[local.4] 0042A3E3 \|. 81EA 00400000 sub edx,4000 0042A3E9 \|. 8955 F0 mov [local.4],edx 0042A3EC \|. E9 87000000 jmp manager.0042A478 0042A3F1 \|> 8B45 F8 mov eax,[local.2] 0042A3F4 \|. 83E8 01 sub eax,1 0042A3F7 \|. 8945 F0 mov [local.4],eax 0042A3FA \|. 8B4D F4 mov ecx,[local.3] 0042A3FD \|. C1E9 02 shr ecx,2 0042A400 \|. 8B55 F0 mov edx,[local.4] 0042A403 \|. 2BD1 sub edx,ecx 0042A405 \|. 8955 F0 mov [local.4],edx 0042A408 \|. 8B45 EC mov eax,[local.5] 0042A40B \|. 33C9 xor ecx,ecx 0042A40D \|. 8A08 mov cl,byte ptr ds:[eax] 0042A40F \|. C1E1 02 shl ecx,2 0042A412 \|. 8B55 F0 mov edx,[local.4] 0042A415 \|. 2BD1 sub edx,ecx 0042A417 \|. 8955 F0 mov [local.4],edx 0042A41A \|. 8B45 EC mov eax,[local.5] 0042A41D \|. 83C0 01 add eax,1 0042A420 \|. 8945 EC mov [local.5],eax 0042A423 \|. 8B4D F8 mov ecx,[local.2] 0042A426 \|. 8B55 F0 mov edx,[local.4] 0042A429 \|. 8A02 mov al,byte ptr ds:[edx] 0042A42B \|. 8801 mov byte ptr ds:[ecx],al 0042A42D \|. 8B4D F8 mov ecx,[local.2] 0042A430 \|. 83C1 01 add ecx,1 0042A433 \|. 894D F8 mov [local.2],ecx 0042A436 \|. 8B55 F0 mov edx,[local.4] 0042A439 \|. 83C2 01 add edx,1 0042A43C \|. 8955 F0 mov [local.4],edx 0042A43F \|. 8B45 F8 mov eax,[local.2] 0042A442 \|. 8B4D F0 mov ecx,[local.4] 0042A445 \|. 8A11 mov dl,byte ptr ds:[ecx] 0042A447 \|. 8810 mov byte ptr ds:[eax],dl 0042A449 \|. 8B45 F8 mov eax,[local.2] 0042A44C \|. 83C0 01 add eax,1 0042A44F \|. 8945 F8 mov [local.2],eax 0042A452 \|. 8B4D F0 mov ecx,[local.4] 0042A455 \|. 3B4D 10 cmp ecx,[arg.3] 0042A458 \|. 73 07 jnb short manager.0042A461 0042A45A \|. 33C0 xor eax,eax 0042A45C \|. E9 00020000 jmp manager.0042A661 0042A461 \|> 8B55 E8 mov edx,[local.6] 0042A464 \|. 2B55 F8 sub edx,[local.2] 0042A467 \|. 83FA 02 cmp edx,2 0042A46A \|. 7D 07 jge short manager.0042A473 0042A46C \|. 33C0 xor eax,eax 0042A46E \|. E9 EE010000 jmp manager.0042A661 0042A473 \|> E9 C6010000 jmp manager.0042A63E 0042A478 \|> 8B45 F0 mov eax,[local.4] 0042A47B \|. 3B45 10 cmp eax,[arg.3] 0042A47E \|. 73 07 jnb short manager.0042A487 0042A480 \|. 33C0 xor eax,eax 0042A482 \|. E9 DA010000 jmp manager.0042A661 0042A487 \|> 8B4D E8 mov ecx,[local.6] 0042A48A \|. 2B4D F8 sub ecx,[local.2] 0042A48D \|. 8B55 F4 mov edx,[local.3] 0042A490 \|. 83C2 02 add edx,2 0042A493 \|. 3BCA cmp ecx,edx 0042A495 \|. 73 07 jnb short manager.0042A49E 0042A497 \|. 33C0 xor eax,eax 0042A499 \|. E9 C3010000 jmp manager.0042A661 0042A49E \|> 837D F4 06 cmp [local.3],6 0042A4A2 \|. 0F82 92000000 jb manager.0042A53A 0042A4A8 \|. 8B45 F8 mov eax,[local.2] 0042A4AB \|. 2B45 F0 sub eax,[local.4] 0042A4AE \|. 83F8 04 cmp eax,4 0042A4B1 \|. 0F8C 83000000 jl manager.0042A53A 0042A4B7 \|. 8B4D F8 mov ecx,[local.2] 0042A4BA \|. 8B55 F0 mov edx,[local.4] 0042A4BD \|. 8B02 mov eax,dword ptr ds:[edx] 0042A4BF \|. 8901 mov dword ptr ds:[ecx],eax 0042A4C1 \|. 8B4D F8 mov ecx,[local.2] 0042A4C4 \|. 83C1 04 add ecx,4 0042A4C7 \|. 894D F8 mov [local.2],ecx 0042A4CA \|. 8B55 F0 mov edx,[local.4] 0042A4CD \|. 83C2 04 add edx,4 0042A4D0 \|. 8955 F0 mov [local.4],edx 0042A4D3 \|. 8B45 F4 mov eax,[local.3] 0042A4D6 \|. 83E8 02 sub eax,2 0042A4D9 \|. 8945 F4 mov [local.3],eax ; 这里控制这复制字节集的长度 0042A4DC \|> 8B4D F8 /mov ecx,[local.2] 0042A4DF \|. 8B55 F0 \|mov edx,[local.4] 0042A4E2 \|. 8B02 \|mov eax,dword ptr ds:[edx] 0042A4E4 \|. 8901 \|mov dword ptr ds:[ecx],eax 0042A4E6 \|. 8B4D F8 \|mov ecx,[local.2] 0042A4E9 \|. 83C1 04 \|add ecx,4 0042A4EC \|. 894D F8 \|mov [local.2],ecx 0042A4EF \|. 8B55 F0 \|mov edx,[local.4] 0042A4F2 \|. 83C2 04 \|add edx,4 0042A4F5 \|. 8955 F0 \|mov [local.4],edx 0042A4F8 \|. 8B45 F4 \|mov eax,[local.3] 0042A4FB \|. 83E8 04 \|sub eax,4 0042A4FE \|. 8945 F4 \|mov [local.3],eax 0042A501 \|. 837D F4 04 \|cmp [local.3],4 0042A505 \|.^ 73 D5 \jnb short manager.0042A4DC ; 循环复制上一个人的数据 0042A507 \|. 837D F4 00 cmp [local.3],0 0042A50B \|. 76 2B jbe short manager.0042A538 0042A50D \|> 8B4D F8 /mov ecx,[local.2] 0042A510 \|. 8B55 F0 \|mov edx,[local.4] 0042A513 \|. 8A02 \|mov al,byte ptr ds:[edx] 0042A515 \|. 8801 \|mov byte ptr ds:[ecx],al 0042A517 \|. 8B4D F8 \|mov ecx,[local.2] 0042A51A \|. 83C1 01 \|add ecx,1 0042A51D \|. 894D F8 \|mov [local.2],ecx 0042A520 \|. 8B55 F0 \|mov edx,[local.4] 0042A523 \|. 83C2 01 \|add edx,1 0042A526 \|. 8955 F0 \|mov [local.4],edx 0042A529 \|. 8B45 F4 \|mov eax,[local.3] 0042A52C \|. 83E8 01 \|sub eax,1 0042A52F \|. 8945 F4 \|mov [local.3],eax 0042A532 \|. 837D F4 00 \|cmp [local.3],0 0042A536 \|.^ 77 D5 \ja short manager.0042A50D 0042A538 \|> EB 63 jmp short manager.0042A59D 0042A53A \|> 8B4D F8 mov ecx,[local.2] 0042A53D \|. 8B55 F0 mov edx,[local.4] 0042A540 \|. 8A02 mov al,byte ptr ds:[edx] 0042A542 \|. 8801 mov byte ptr ds:[ecx],al 0042A544 \|. 8B4D F8 mov ecx,[local.2] 0042A547 \|. 83C1 01 add ecx,1 0042A54A \|. 894D F8 mov [local.2],ecx 0042A54D \|. 8B55 F0 mov edx,[local.4] 0042A550 \|. 83C2 01 add edx,1 0042A553 \|. 8955 F0 mov [local.4],edx 0042A556 \|. 8B45 F8 mov eax,[local.2] 0042A559 \|. 8B4D F0 mov ecx,[local.4] 0042A55C \|. 8A11 mov dl,byte ptr ds:[ecx] 0042A55E \|. 8810 mov byte ptr ds:[eax],dl 0042A560 \|. 8B45 F8 mov eax,[local.2] 0042A563 \|. 83C0 01 add eax,1 0042A566 \|. 8945 F8 mov [local.2],eax 0042A569 \|. 8B4D F0 mov ecx,[local.4] 0042A56C \|. 83C1 01 add ecx,1 0042A56F \|. 894D F0 mov [local.4],ecx 0042A572 \|> 8B55 F8 /mov edx,[local.2] 0042A575 \|. 8B45 F0 \|mov eax,[local.4] 0042A578 \|. 8A08 \|mov cl,byte ptr ds:[eax] 0042A57A \|. 880A \|mov byte ptr ds:[edx],cl 0042A57C \|. 8B55 F8 \|mov edx,[local.2] 0042A57F \|. 83C2 01 \|add edx,1 0042A582 \|. 8955 F8 \|mov [local.2],edx 0042A585 \|. 8B45 F0 \|mov eax,[local.4] 0042A588 \|. 83C0 01 \|add eax,1 0042A58B \|. 8945 F0 \|mov [local.4],eax 0042A58E \|. 8B4D F4 \|mov ecx,[local.3] 0042A591 \|. 83E9 01 \|sub ecx,1 0042A594 \|. 894D F4 \|mov [local.3],ecx 0042A597 \|. 837D F4 00 \|cmp [local.3],0 0042A59B \|.^ 77 D5 \ja short manager.0042A572 0042A59D \|> 8B55 EC mov edx,[local.5] 0042A5A0 \|. 33C0 xor eax,eax 0042A5A2 \|. 8A42 FE mov al,byte ptr ds:[edx-2] 0042A5A5 \|. 83E0 03 and eax,3 0042A5A8 \|. 8945 F4 mov [local.3],eax 0042A5AB \|. 837D F4 00 cmp [local.3],0 0042A5AF \|. 75 02 jnz short manager.0042A5B3 0042A5B1 \|. EB 6C jmp short manager.0042A61F 0042A5B3 \|> 8B4D E8 mov ecx,[local.6] 0042A5B6 \|. 2B4D F8 sub ecx,[local.2] 0042A5B9 \|. 3B4D F4 cmp ecx,[local.3] 0042A5BC \|. 73 07 jnb short manager.0042A5C5 0042A5BE \|. 33C0 xor eax,eax 0042A5C0 \|. E9 9C000000 jmp manager.0042A661 0042A5C5 \|> 8B55 FC mov edx,[local.1] 0042A5C8 \|. 2B55 EC sub edx,[local.5] 0042A5CB \|. 8B45 F4 mov eax,[local.3] 0042A5CE \|. 83C0 01 add eax,1 0042A5D1 \|. 3BD0 cmp edx,eax 0042A5D3 \|. 73 07 jnb short manager.0042A5DC 0042A5D5 \|. 33C0 xor eax,eax 0042A5D7 \|. E9 85000000 jmp manager.0042A661 0042A5DC \|> 8B4D F8 /mov ecx,[local.2] 0042A5DF \|. 8B55 EC \|mov edx,[local.5] 0042A5E2 \|. 8A02 \|mov al,byte ptr ds:[edx] 0042A5E4 \|. 8801 \|mov byte ptr ds:[ecx],al 0042A5E6 \|. 8B4D F8 \|mov ecx,[local.2] 0042A5E9 \|. 83C1 01 \|add ecx,1 0042A5EC \|. 894D F8 \|mov [local.2],ecx 0042A5EF \|. 8B55 EC \|mov edx,[local.5] 0042A5F2 \|. 83C2 01 \|add edx,1 0042A5F5 \|. 8955 EC \|mov [local.5],edx 0042A5F8 \|. 8B45 F4 \|mov eax,[local.3] 0042A5FB \|. 83E8 01 \|sub eax,1 0042A5FE \|. 8945 F4 \|mov [local.3],eax 0042A601 \|. 837D F4 00 \|cmp [local.3],0 0042A605 \|.^ 77 D5 \ja short manager.0042A5DC 0042A607 \|. 8B4D EC mov ecx,[local.5] 0042A60A \|. 33D2 xor edx,edx 0042A60C \|. 8A11 mov dl,byte ptr ds:[ecx] 0042A60E \|. 8955 F4 mov [local.3],edx 0042A611 \|. 8B45 EC mov eax,[local.5] 0042A614 \|. 83C0 01 add eax,1 0042A617 \|. 8945 EC mov [local.5],eax 0042A61A \|.^ E9 DCFBFFFF jmp manager.0042A1FB 0042A61F \|>^ E9 9CF9FFFF jmp manager.00429FC0 0042A624 \|> 8B4D F8 mov ecx,[local.2] 0042A627 \|. 2B4D 10 sub ecx,[arg.3] 0042A62A \|. 8B55 14 mov edx,[arg.4] 0042A62D \|. 890A mov dword ptr ds:[edx],ecx 0042A62F \|. 8B45 EC mov eax,[local.5] 0042A632 \|. 33C9 xor ecx,ecx 0042A634 \|. 3B45 FC cmp eax,[local.1] 0042A637 \|. 0F94C1 sete cl 0042A63A \|. 8BC1 mov eax,ecx 0042A63C \|. EB 23 jmp short manager.0042A661 0042A63E \|>^ E9 5AFFFFFF jmp manager.0042A59D 0042A643 \|>^ E9 F2FEFFFF jmp manager.0042A53A 0042A648 \|>^ E9 50FFFFFF jmp manager.0042A59D 0042A64D \|>^ E9 B6FBFFFF jmp manager.0042A208 0042A652 \|>^ E9 B1FBFFFF jmp manager.0042A208 0042A657 \|>^ E9 DBFAFFFF jmp manager.0042A137 0042A65C \|>^ E9 52FFFFFF jmp manager.0042A5B3 0042A661 \|> 8BE5 mov esp,ebp 0042A663 \|. 5D pop ebp 0042A664 \. C2 1000 retn 10 2012-1-3 05:44 0
exile 雪币： 2105 活跃值： (424) 能力值： ( LV4，RANK：50 ) 在线值：发帖 21 回帖 1266 粉丝 2 关注私信	exile 1 6 楼你找一段解压前和解压后的数据试试不就知道了 2012-1-3 14:41 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复