能力值:
( LV2,RANK:10 )
|
-
-
3 楼
我也跟了,找出用户名,密码的算法循环了,但是看的头大了,没搞明白
0043FD68 . E8 FB800600 CALL 012_添加.004A7E68 ; 取用户名
0043FD6D . 8D55 EC LEA EDX,DWORD PTR SS:[EBP-14]
0043FD70 . 8BC3 MOV EAX,EBX
0043FD72 . 8B12 MOV EDX,DWORD PTR DS:[EDX]
0043FD74 . E8 33F30200 CALL 012_添加.0046F0AC
0043FD79 . FF8D 54FFFFFF DEC DWORD PTR SS:[EBP-AC]
0043FD7F . 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
0043FD82 . BA 02000000 MOV EDX,2
0043FD87 . E8 187E0600 CALL 012_添加.004A7BA4
0043FD8C . FF8D 54FFFFFF DEC DWORD PTR SS:[EBP-AC]
0043FD92 . 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
0043FD95 . BA 02000000 MOV EDX,2
0043FD9A . E8 057E0600 CALL 012_添加.004A7BA4
0043FD9F . 66:C785 48FFF>MOV WORD PTR SS:[EBP-B8],44
0043FDA8 . 33C9 XOR ECX,ECX
0043FDAA . 894D E8 MOV DWORD PTR SS:[EBP-18],ECX
0043FDAD . 8D55 E8 LEA EDX,DWORD PTR SS:[EBP-18]
0043FDB0 . FF85 54FFFFFF INC DWORD PTR SS:[EBP-AC]
0043FDB6 . 8B86 E0020000 MOV EAX,DWORD PTR DS:[ESI+2E0]
0043FDBC . E8 BBF20200 CALL 012_添加.0046F07C
0043FDC1 . 837D E8 00 CMP DWORD PTR SS:[EBP-18],0 ; 判断用户名是否为空
0043FDC5 . 74 05 JE SHORT 012_添加.0043FDCC ; 用户名为空跳入
0043FDC7 . 8B4D E8 MOV ECX,DWORD PTR SS:[EBP-18] ; 用户名放入ecx
0043FDCA . EB 05 JMP SHORT 012_添加.0043FDD1
0043FDCC > B9 B87F4C00 MOV ECX,012_添加.004C7FB8
0043FDD1 > 8BF9 MOV EDI,ECX
0043FDD3 . 33C0 XOR EAX,EAX
0043FDD5 . 56 PUSH ESI
0043FDD6 . 83C9 FF OR ECX,FFFFFFFF ; ecx置为0xffffffff
0043FDD9 . F2:AE REPNE SCAS BYTE PTR ES:[EDI] ; CX<>0 且ZF=0重复执行字符串指令
0043FDDB . F7D1 NOT ECX
0043FDDD . 2BF9 SUB EDI,ECX
0043FDDF . 8DB5 34FEFFFF LEA ESI,DWORD PTR SS:[EBP-1CC]
0043FDE5 . 87F7 XCHG EDI,ESI
0043FDE7 . 8BD1 MOV EDX,ECX
0043FDE9 . 8BC7 MOV EAX,EDI
0043FDEB . C1E9 02 SHR ECX,2
0043FDEE . 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
0043FDF1 . F3:A5 REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS>
0043FDF3 . 8BCA MOV ECX,EDX
0043FDF5 . BA 02000000 MOV EDX,2
0043FDFA . 83E1 03 AND ECX,3
0043FDFD . F3:A4 REP MOVS BYTE PTR ES:[EDI],BYTE PTR DS:[>
0043FDFF . 5E POP ESI
0043FE00 . FF8D 54FFFFFF DEC DWORD PTR SS:[EBP-AC]
0043FE06 . E8 997D0600 CALL 012_添加.004A7BA4
0043FE0B . 66:C785 48FFF>MOV WORD PTR SS:[EBP-B8],50
0043FE14 . 66:C785 48FFF>MOV WORD PTR SS:[EBP-B8],5C
0043FE1D . 8B9E E8020000 MOV EBX,DWORD PTR DS:[ESI+2E8]
0043FE23 . 33C0 XOR EAX,EAX
0043FE25 . 8945 E4 MOV DWORD PTR SS:[EBP-1C],EAX
0043FE28 . 81C3 08020000 ADD EBX,208
0043FE2E . FF85 54FFFFFF INC DWORD PTR SS:[EBP-AC]
0043FE34 . 8D55 E4 LEA EDX,DWORD PTR SS:[EBP-1C]
0043FE37 . 8B03 MOV EAX,DWORD PTR DS:[EBX]
0043FE39 . 8B08 MOV ECX,DWORD PTR DS:[EAX]
0043FE3B . FF51 1C CALL DWORD PTR DS:[ECX+1C]
0043FE3E . 8D55 E4 LEA EDX,DWORD PTR SS:[EBP-1C]
0043FE41 . 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
0043FE44 . E8 8B7D0600 CALL 012_添加.004A7BD4
0043FE49 . FF8D 54FFFFFF DEC DWORD PTR SS:[EBP-AC]
0043FE4F . 8D45 E4 LEA EAX,DWORD PTR SS:[EBP-1C]
0043FE52 . BA 02000000 MOV EDX,2
0043FE57 . E8 487D0600 CALL 012_添加.004A7BA4 ; 取密码
0043FE5C . 66:C785 48FFF>MOV WORD PTR SS:[EBP-B8],68
0043FE65 . 837D F8 00 CMP DWORD PTR SS:[EBP-8],0
0043FE69 . 74 05 JE SHORT 012_添加.0043FE70
0043FE6B . 8B4D F8 MOV ECX,DWORD PTR SS:[EBP-8]
0043FE6E . EB 05 JMP SHORT 012_添加.0043FE75
0043FE70 > B9 B97F4C00 MOV ECX,012_添加.004C7FB9
0043FE75 > 51 PUSH ECX ; /Arg3
0043FE76 . 56 PUSH ESI ; |Arg2
0043FE77 . 33C0 XOR EAX,EAX ; |
0043FE79 . 8D55 E0 LEA EDX,DWORD PTR SS:[EBP-20] ; |
0043FE7C . 8945 E0 MOV DWORD PTR SS:[EBP-20],EAX ; |
0043FE7F . 52 PUSH EDX ; |Arg1
0043FE80 . FF85 54FFFFFF INC DWORD PTR SS:[EBP-AC] ; |
0043FE86 . E8 C90B0000 CALL 012_添加.00440A54 ; \012_添加.00440A54
0043FE8B . 83C4 0C ADD ESP,0C
0043FE8E . 8D55 E0 LEA EDX,DWORD PTR SS:[EBP-20]
0043FE91 . 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
0043FE94 . E8 3B7D0600 CALL 012_添加.004A7BD4
0043FE99 . FF8D 54FFFFFF DEC DWORD PTR SS:[EBP-AC]
0043FE9F . 8D45 E0 LEA EAX,DWORD PTR SS:[EBP-20]
0043FEA2 . BA 02000000 MOV EDX,2
0043FEA7 . E8 F87C0600 CALL 012_添加.004A7BA4
0043FEAC . 837D F8 00 CMP DWORD PTR SS:[EBP-8],0 ; 判断密码是否为空
0043FEB0 . 74 05 JE SHORT 012_添加.0043FEB7 ; 密码为空提示
0043FEB2 . 8B7D F8 MOV EDI,DWORD PTR SS:[EBP-8]
0043FEB5 . EB 05 JMP SHORT 012_添加.0043FEBC
0043FEB7 > BF BA7F4C00 MOV EDI,012_添加.004C7FBA
0043FEBC > 57 PUSH EDI ; 密码入栈
0043FEBD . E8 8A9C0500 CALL 012_添加.00499B4C ; 密码算法
0043FEC2 . 59 POP ECX
0043FEC3 . 8985 34FFFFFF MOV DWORD PTR SS:[EBP-CC],EAX
0043FEC9 . 8B85 34FFFFFF MOV EAX,DWORD PTR SS:[EBP-CC]
0043FECF . 83C0 FB ADD EAX,-5
0043FED2 . 50 PUSH EAX ; /Arg3
0043FED3 . 57 PUSH EDI ; |Arg2
0043FED4 . 56 PUSH ESI ; |Arg1
0043FED5 . E8 1A0C0000 CALL 012_添加.00440AF4 ; \012_添加.00440AF4
0043FEDA . 83C4 0C ADD ESP,0C
0043FEDD . 0FB7D8 MOVZX EBX,AX
0043FEE0 . 6A 05 PUSH 5 ; /Arg3 = 00000005
0043FEE2 . 8B85 34FFFFFF MOV EAX,DWORD PTR SS:[EBP-CC] ; |
0043FEE8 . 03C7 ADD EAX,EDI ; |
0043FEEA . 83C0 FB ADD EAX,-5 ; |
0043FEED . 50 PUSH EAX ; |Arg2
0043FEEE . 8D95 34F8FFFF LEA EDX,DWORD PTR SS:[EBP-7CC] ; |
0043FEF4 . 52 PUSH EDX ; |Arg1
0043FEF5 . E8 AE9A0500 CALL 012_添加.004999A8 ; \012_添加.004999A8
0043FEFA . C685 39F8FFFF>MOV BYTE PTR SS:[EBP-7C7],0
0043FF01 . 66:C785 48FFF>MOV WORD PTR SS:[EBP-B8],74
0043FF0A . 83C4 0C ADD ESP,0C
0043FF0D . 8D95 34F8FFFF LEA EDX,DWORD PTR SS:[EBP-7CC]
0043FF13 . 8D45 DC LEA EAX,DWORD PTR SS:[EBP-24]
0043FF16 . E8 8D7B0600 CALL 012_添加.004A7AA8 ; 算法可疑
0043FF1B . 8BD0 MOV EDX,EAX
0043FF1D . FF85 54FFFFFF INC DWORD PTR SS:[EBP-AC]
0043FF23 . 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
0043FF26 . E8 A97C0600 CALL 012_添加.004A7BD4
0043FF2B . FF8D 54FFFFFF DEC DWORD PTR SS:[EBP-AC]
0043FF31 . 8D45 DC LEA EAX,DWORD PTR SS:[EBP-24]
0043FF34 . BA 02000000 MOV EDX,2
0043FF39 . E8 667C0600 CALL 012_添加.004A7BA4
0043FF3E . 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
0043FF41 . E8 AA7F0600 CALL 012_添加.004A7EF0
0043FF46 . 3BD8 CMP EBX,EAX
0043FF48 . 0F84 81000000 JE 012_添加.0043FFCF
0043FF4E . 66:C785 48FFF>MOV WORD PTR SS:[EBP-B8],80
0043FF57 . BA BB7F4C00 MOV EDX,012_添加.004C7FBB
0043FF5C . 8D45 D8 LEA EAX,DWORD PTR SS:[EBP-28]
0043FF5F . E8 447B0600 CALL 012_添加.004A7AA8
0043FF64 . FF85 54FFFFFF INC DWORD PTR SS:[EBP-AC]
0043FF6A . 8B00 MOV EAX,DWORD PTR DS:[EAX]
0043FF6C . E8 7BA00200 CALL 012_添加.00469FEC ; 弹出错误call
|