在OD中找到以下代码 好像是软件系统登陆的代码 请高手帮忙怎么能找出密码或是跳过密码!
0043A087 . 52 push edx ; /SemaphoreName
0043A088 . 6A 01 push 0x1 ; |MaximumCount = 1
0043A08A . 6A 01 push 0x1 ; |InitialCount = 1
0043A08C . 6A 00 push 0x0 ; |pSecurity = NULL
0043A08E . FF15 70224900 call dword ptr ds:[<&KERNEL32.Crea>; \CreateSemaphoreA
0043A094 . 3BF4 cmp esi,esp
0043A096 . E8 75A90100 call <jmp.&MSVCRTD._chkesp>
0043A09B . 8985 CCFEFFFF mov dword ptr ss:[ebp-0x134],eax
0043A0A1 . 8BF4 mov esi,esp
0043A0A3 . FF15 DC224900 call dword ptr ds:[<&KERNEL32.GetL>; [GetLastError
0043A0A9 . 3BF4 cmp esi,esp
0043A0AB . E8 60A90100 call <jmp.&MSVCRTD._chkesp>
0043A0B0 . 3D B7000000 cmp eax,0xB7
0043A0B5 . 0F85 1B010000 jnz ProVideo.0043A1D6
0043A0BB . 8BF4 mov esi,esp
0043A0BD . 8B85 CCFEFFFF mov eax,dword ptr ss:[ebp-0x134]
0043A0C3 . 50 push eax ; /hObject
0043A0C4 . FF15 EC224900 call dword ptr ds:[<&KERNEL32.Clos>; \CloseHandle
0043A0CA . 3BF4 cmp esi,esp
0043A0CC . E8 3FA90100 call <jmp.&MSVCRTD._chkesp>
0043A0D1 . 8BF4 mov esi,esp
0043A0D3 . 6A 05 push 0x5
0043A0D5 . 8BFC mov edi,esp
0043A0D7 . FF15 782F4900 call dword ptr ds:[<&USER32.GetDes>; [GetDesktopWindow
0043A0DD . 3BFC cmp edi,esp
0043A0DF . E8 2CA90100 call <jmp.&MSVCRTD._chkesp>
0043A0E4 . 50 push eax ; |hWnd
0043A0E5 . FF15 702F4900 call dword ptr ds:[<&USER32.GetWin>; \GetWindow
0043A0EB . 3BF4 cmp esi,esp
0043A0ED . E8 1EA90100 call <jmp.&MSVCRTD._chkesp>
0043A0F2 . 8985 C8FEFFFF mov dword ptr ss:[ebp-0x138],eax
0043A0F8 > 8BF4 mov esi,esp
0043A0FA . 8B8D C8FEFFFF mov ecx,dword ptr ss:[ebp-0x138]
0043A100 . 51 push ecx ; /hWnd
0043A101 . FF15 602F4900 call dword ptr ds:[<&USER32.IsWind>; \IsWindow
0043A107 . 3BF4 cmp esi,esp
0043A109 . E8 02A90100 call <jmp.&MSVCRTD._chkesp>
0043A10E . 85C0 test eax,eax
0043A110 . 0F84 BC000000 je ProVideo.0043A1D2
0043A116 . 8BF4 mov esi,esp
0043A118 . 8B55 EC mov edx,dword ptr ss:[ebp-0x14]
0043A11B . 8B82 90000000 mov eax,dword ptr ds:[edx+0x90]
0043A121 . 50 push eax ; /Property
0043A122 . 8B8D C8FEFFFF mov ecx,dword ptr ss:[ebp-0x138] ; |
0043A128 . 51 push ecx ; |hWnd
0043A129 . FF15 6C2F4900 call dword ptr ds:[<&USER32.GetPro>; \GetPropA
0043A12F . 3BF4 cmp esi,esp
0043A131 . E8 DAA80100 call <jmp.&MSVCRTD._chkesp>
0043A136 . 85C0 test eax,eax
0043A138 . 74 75 je short ProVideo.0043A1AF
0043A13A . 8BF4 mov esi,esp
0043A13C . 8B95 C8FEFFFF mov edx,dword ptr ss:[ebp-0x138]
0043A142 . 52 push edx ; /hWnd
0043A143 . FF15 902F4900 call dword ptr ds:[<&USER32.IsIcon>; \IsIconic
0043A149 . 3BF4 cmp esi,esp
0043A14B . E8 C0A80100 call <jmp.&MSVCRTD._chkesp>
0043A150 . 85C0 test eax,eax
0043A152 . 74 18 je short ProVideo.0043A16C
0043A154 . 8BF4 mov esi,esp
0043A156 . 6A 09 push 0x9 ; /ShowState = SW_RESTORE
0043A158 . 8B85 C8FEFFFF mov eax,dword ptr ss:[ebp-0x138] ; |
0043A15E . 50 push eax ; |hWnd
0043A15F . FF15 342F4900 call dword ptr ds:[<&USER32.ShowWi>; \ShowWindow
0043A165 . 3BF4 cmp esi,esp
0043A167 . E8 A4A80100 call <jmp.&MSVCRTD._chkesp>
0043A16C > 8BF4 mov esi,esp
0043A16E . 8B8D C8FEFFFF mov ecx,dword ptr ss:[ebp-0x138]
0043A174 . 51 push ecx ; /hWnd
0043A175 . FF15 302F4900 call dword ptr ds:[<&USER32.SetFor>; \SetForegroundWindow
0043A17B . 3BF4 cmp esi,esp
0043A17D . E8 8EA80100 call <jmp.&MSVCRTD._chkesp>
0043A182 . 8BF4 mov esi,esp
0043A184 . 8B95 C8FEFFFF mov edx,dword ptr ss:[ebp-0x138]
0043A18A . 52 push edx ; /hOwner
0043A18B . FF15 742F4900 call dword ptr ds:[<&USER32.GetLas>; \GetLastActivePopup
0043A191 . 3BF4 cmp esi,esp
0043A193 . E8 78A80100 call <jmp.&MSVCRTD._chkesp>
0043A198 . 8BF4 mov esi,esp
0043A19A . 50 push eax ; /hWnd
0043A19B . FF15 302F4900 call dword ptr ds:[<&USER32.SetFor>; \SetForegroundWindow
0043A1A1 . 3BF4 cmp esi,esp
0043A1A3 . E8 68A80100 call <jmp.&MSVCRTD._chkesp>
0043A1A8 . 33C0 xor eax,eax
0043A1AA . E9 96000000 jmp ProVideo.0043A245
0043A1AF > 8BF4 mov esi,esp
0043A1B1 . 6A 02 push 0x2 ; /Relation = GW_HWNDNEXT
0043A1B3 . 8B85 C8FEFFFF mov eax,dword ptr ss:[ebp-0x138] ; |
0043A1B9 . 50 push eax ; |hWnd
0043A1BA . FF15 702F4900 call dword ptr ds:[<&USER32.GetWin>; \GetWindow
0043A1C0 . 3BF4 cmp esi,esp
0043A1C2 . E8 49A80100 call <jmp.&MSVCRTD._chkesp>
0043A1C7 . 8985 C8FEFFFF mov dword ptr ss:[ebp-0x138],eax
0043A1CD .^ E9 26FFFFFF jmp ProVideo.0043A0F8
0043A1D2 > 33C0 xor eax,eax
0043A1D4 . EB 6F jmp short ProVideo.0043A245
0043A1D6 > 68 008B4800 push ProVideo.00488B00 ; 医网联科技
0043A1DB . 8B4D EC mov ecx,dword ptr ss:[ebp-0x14]
0043A1DE . E8 EBA40100 call <jmp.&MFC42D.#4820>
0043A1E3 . 6A 00 push 0x0
0043A1E5 . 68 BFDBFF00 push 0xFFDBBF
0043A1EA . 8B4D EC mov ecx,dword ptr ss:[ebp-0x14]
0043A1ED . E8 D6A40100 call <jmp.&MFC42D.#4630>
0043A1F2 . 6A 00 push 0x0
0043A1F4 . 8D8D 98FAFFFF lea ecx,dword ptr ss:[ebp-0x568]
0043A1FA . E8 0272FCFF call ProVideo.00401401
0043A1FF . C745 FC 0700000>mov dword ptr ss:[ebp-0x4],0x7
0043A206 . 8B4D EC mov ecx,dword ptr ss:[ebp-0x14]
0043A209 . 8D95 98FAFFFF lea edx,dword ptr ss:[ebp-0x568]
0043A20F . 8951 20 mov dword ptr ds:[ecx+0x20],edx
0043A212 . 8D8D 98FAFFFF lea ecx,dword ptr ss:[ebp-0x568]
0043A218 . E8 3F9E0100 call <jmp.&MFC42D.#1862>
0043A21D . 8985 94FAFFFF mov dword ptr ss:[ebp-0x56C],eax
0043A223 . C785 84FAFFFF 0>mov dword ptr ss:[ebp-0x57C],0x0
0043A22D . C745 FC FFFFFFF>mov dword ptr ss:[ebp-0x4],-0x1
0043A234 . 8D8D 98FAFFFF lea ecx,dword ptr ss:[ebp-0x568]
0043A23A . E8 917AFCFF call ProVideo.00401CD0
0043A23F . 8B85 84FAFFFF mov eax,dword ptr ss:[ebp-0x57C]
0043A245 > 8B4D F4 mov ecx,dword ptr ss:[ebp-0xC]
0043A248 . 64:890D 0000000>mov dword ptr fs:[0],ecx
0043A24F . 5F pop edi
0043A250 . 5E pop esi
0043A251 . 5B pop ebx
0043A252 . 81C4 DC050000 add esp,0x5DC
0043A258 . 3BEC cmp ebp,esp
0043A25A . E8 B1A70100 call <jmp.&MSVCRTD._chkesp>
0043A25F . 8BE5 mov esp,ebp
0043A261 . 5D pop ebp
0043A262 . C3 retn
0043A263 CC int3
0043A264 CC int3
0043A265 CC int3
0043A266 CC int3
0043A267 CC int3
0043A268 CC int3
[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法
