很特别的CRACKME-CTF对抗-看雪-安全社区|安全招聘|kanxue.com

最新回复 (1)
skyege 雪币： 229 活跃值： (70) 能力值： ( LV6，RANK：90 ) 在线值：发帖 10 回帖 555 粉丝 0 关注私信	skyege 2 2 楼 00401201 . 55 PUSH EBP 00401202 . 8BEC MOV EBP,ESP 00401204 . 53 PUSH EBX 00401205 . 56 PUSH ESI 00401206 . 8B5D 08 MOV EBX,DWORD PTR SS:[EBP+8] 00401209 . 8B45 0C MOV EAX,DWORD PTR SS:[EBP+C] 0040120C . 83E8 10 SUB EAX,10 ; Switch (cases 10..111) 0040120F . 0F84 5C02000>JE 1.00401471 00401215 . 2D 00010000 SUB EAX,100 0040121A . 74 08 JE SHORT 1.00401224 0040121C . 48 DEC EAX 0040121D . 74 32 JE SHORT 1.00401251 0040121F . E9 55020000 JMP 1.00401479 00401224 > 803D B9B1400>CMP BYTE PTR DS:[40B1B9],0 ; Case 110 (WM_INITDIALOG) of switch 0040120C 0040122B . 74 12 JE SHORT 1.0040123F 0040122D . 68 E8B14000 PUSH 1.0040B1E8 ; /Text = "SECURE !!!" 00401232 . 6A 66 PUSH 66 ; \|ControlID = 66 (102.) 00401234 . 53 PUSH EBX ; \|hWnd 00401235 . E8 269B0000 CALL <JMP.&USER32.SetDlgItemTextA> ; \SetDlgItemTextA 0040123A . E9 3E020000 JMP 1.0040147D 0040123F > 68 F3B14000 PUSH 1.0040B1F3 ; /Text = "NOT SECURE !!!" 00401244 . 6A 66 PUSH 66 ; \|ControlID = 66 (102.) 00401246 . 53 PUSH EBX ; \|hWnd 00401247 . E8 149B0000 CALL <JMP.&USER32.SetDlgItemTextA> ; \SetDlgItemTextA 0040124C . E9 2C020000 JMP 1.0040147D 00401251 > 66:8B55 10 MOV DX,WORD PTR SS:[EBP+10] ; Case 111 (WM_COMMAND) of switch 0040120C 00401255 . 66:FFCA DEC DX 00401258 . 0F85 1F02000>JNZ 1.0040147D 0040125E . 6A 69 PUSH 69 ; /ControlID = 69 (105.) 00401260 . 53 PUSH EBX ; \|hWnd 00401261 . E8 A69A0000 CALL <JMP.&USER32.GetDlgItem> ; \GetDlgItem 00401266 . 50 PUSH EAX ; /hWnd 00401267 . E8 B89A0000 CALL <JMP.&USER32.GetWindowTextLengthA> ; \GetWindowTextLengthA 0040126C . 8BF0 MOV ESI,EAX 0040126E . 8D46 01 LEA EAX,DWORD PTR DS:[ESI+1] 00401271 . 50 PUSH EAX ; /MemSize 00401272 . 6A 40 PUSH 40 ; \|Flags = GPTR 00401274 . E8 9B990000 CALL <JMP.&kernel32.GlobalAlloc> ; \GlobalAlloc 00401279 . A3 E4D54000 MOV DWORD PTR DS:[40D5E4],EAX 0040127E . 46 INC ESI 0040127F . 56 PUSH ESI ; /Count 00401280 . FF35 E4D5400>PUSH DWORD PTR DS:[40D5E4] ; \|Buffer = 001496D8 00401286 . 6A 69 PUSH 69 ; \|ControlID = 69 (105.) 00401288 . 53 PUSH EBX ; \|hWnd 00401289 . E8 849A0000 CALL <JMP.&USER32.GetDlgItemTextA> ; \GetDlgItemTextA 0040128E . 68 4CB14000 PUSH 1.0040B14C ; ASCII "SECURITYMODE" 00401293 . FF35 E4D5400>PUSH DWORD PTR DS:[40D5E4] 00401299 . E8 86100000 CALL 1.00402324 0040129E . 83C4 08 ADD ESP,8 004012A1 . 85C0 TEST EAX,EAX 004012A3 . 75 5B JNZ SHORT 1.00401300 004012A5 . 6A 6A PUSH 6A ; /ControlID = 6A (106.) 004012A7 . 53 PUSH EBX ; \|hWnd 004012A8 . E8 5F9A0000 CALL <JMP.&USER32.GetDlgItem> ; \GetDlgItem 004012AD . 50 PUSH EAX ; /hWnd 004012AE . E8 719A0000 CALL <JMP.&USER32.GetWindowTextLengthA> ; \GetWindowTextLengthA 004012B3 . 8BF0 MOV ESI,EAX 004012B5 . 8D46 01 LEA EAX,DWORD PTR DS:[ESI+1] 004012B8 . 50 PUSH EAX ; /MemSize 004012B9 . 6A 40 PUSH 40 ; \|Flags = GPTR 004012BB . E8 54990000 CALL <JMP.&kernel32.GlobalAlloc> ; \GlobalAlloc 004012C0 . A3 E8D54000 MOV DWORD PTR DS:[40D5E8],EAX 004012C5 . 46 INC ESI 004012C6 . 56 PUSH ESI ; /Count 004012C7 . FF35 E8D5400>PUSH DWORD PTR DS:[40D5E8] ; \|Buffer = 00149700 004012CD . 6A 6A PUSH 6A ; \|ControlID = 6A (106.) 004012CF . 53 PUSH EBX ; \|hWnd 004012D0 . E8 3D9A0000 CALL <JMP.&USER32.GetDlgItemTextA> ; \GetDlgItemTextA 004012D5 . 68 02B24000 PUSH 1.0040B202 ; ASCII "SPIRITS" 004012DA . FF35 E8D5400>PUSH DWORD PTR DS:[40D5E8] 004012E0 . E8 3F100000 CALL 1.00402324 004012E5 . 83C4 08 ADD ESP,8 004012E8 . 85C0 TEST EAX,EAX 004012EA . 75 14 JNZ SHORT 1.00401300 004012EC . 68 0AB24000 PUSH 1.0040B20A ; /Text = "SECURITYMODE ENABLED." 004012F1 . 6A 65 PUSH 65 ; \|ControlID = 65 (101.) 004012F3 . 53 PUSH EBX ; \|hWnd 004012F4 . E8 679A0000 CALL <JMP.&USER32.SetDlgItemTextA> ; \SetDlgItemTextA 004012F9 . C605 C0B1400>MOV BYTE PTR DS:[40B1C0],1 00401300 > 68 65B14000 PUSH 1.0040B165 ; ASCII "START PATROL" 00401305 . FF35 E4D5400>PUSH DWORD PTR DS:[40D5E4] 0040130B . E8 14100000 CALL 1.00402324 00401310 . 83C4 08 ADD ESP,8 00401313 . 85C0 TEST EAX,EAX 00401315 . 75 3B JNZ SHORT 1.00401352 00401317 . 803D C0B1400>CMP BYTE PTR DS:[40B1C0],0 0040131E . 74 32 JE SHORT 1.00401352 00401320 . 68 20B24000 PUSH 1.0040B220 ; /Text = "PATROL STARTED." 00401325 . 6A 65 PUSH 65 ; \|ControlID = 65 (101.) 00401327 . 53 PUSH EBX ; \|hWnd 00401328 . E8 339A0000 CALL <JMP.&USER32.SetDlgItemTextA> ; \SetDlgItemTextA 0040132D . 0FBE05 BAB14>MOVSX EAX,BYTE PTR DS:[40B1BA] 00401334 . 48 DEC EAX 00401335 . 74 14 JE SHORT 1.0040134B 00401337 . 6A 30 PUSH 30 ; /Style = MB_OK\|MB_ICONEXCLAMATION\|MB_APPLMODAL 00401339 . 68 60B24000 PUSH 1.0040B260 ; \|Title = "Message" 0040133E . 68 30B24000 PUSH 1.0040B230 ; \|Text = "Your packman is disabled! Activate him first..." 00401343 . 53 PUSH EBX ; \|hOwner 00401344 . E8 F9990000 CALL <JMP.&USER32.MessageBoxA> ; \MessageBoxA 00401349 . EB 07 JMP SHORT 1.00401352 0040134B > C605 C1B1400>MOV BYTE PTR DS:[40B1C1],1 00401352 > 68 97B14000 PUSH 1.0040B197 ; ASCII "FLUSH BATTERY" 00401357 . FF35 E4D5400>PUSH DWORD PTR DS:[40D5E4] 0040135D . E8 C20F0000 CALL 1.00402324 00401362 . 83C4 08 ADD ESP,8 00401365 . 85C0 TEST EAX,EAX 00401367 . 75 5C JNZ SHORT 1.004013C5 00401369 . 803D C1B1400>CMP BYTE PTR DS:[40B1C1],0 00401370 . 74 53 JE SHORT 1.004013C5 00401372 . 803D C0B1400>CMP BYTE PTR DS:[40B1C0],0 00401379 . 74 4A JE SHORT 1.004013C5 0040137B . 803D B8B1400>CMP BYTE PTR DS:[40B1B8],0 00401382 . 74 41 JE SHORT 1.004013C5 00401384 . 6A 6A PUSH 6A ; /ControlID = 6A (106.) 00401386 . 53 PUSH EBX ; \|hWnd 00401387 . E8 80990000 CALL <JMP.&USER32.GetDlgItem> ; \GetDlgItem 0040138C . 50 PUSH EAX ; /hWnd 0040138D . E8 92990000 CALL <JMP.&USER32.GetWindowTextLengthA> ; \GetWindowTextLengthA 00401392 . 8BF0 MOV ESI,EAX 00401394 . 8D46 01 LEA EAX,DWORD PTR DS:[ESI+1] 00401397 . 50 PUSH EAX ; /MemSize 00401398 . 6A 40 PUSH 40 ; \|Flags = GPTR 0040139A . E8 75980000 CALL <JMP.&kernel32.GlobalAlloc> ; \GlobalAlloc 0040139F . A3 E8D54000 MOV DWORD PTR DS:[40D5E8],EAX 004013A4 . 46 INC ESI 004013A5 . 56 PUSH ESI ; /Count 004013A6 . FF35 E8D5400>PUSH DWORD PTR DS:[40D5E8] ; \|Buffer = 00149700 004013AC . 6A 6A PUSH 6A ; \|ControlID = 6A (106.) 004013AE . 53 PUSH EBX ; \|hWnd 004013AF . E8 5E990000 CALL <JMP.&USER32.GetDlgItemTextA> ; \GetDlgItemTextA 004013B4 . FF35 E8D5400>PUSH DWORD PTR DS:[40D5E8] ; /Arg1 = 00149700 ASCII "START PATROL" 004013BA . E8 DDFDFFFF CALL 1.0040119C ; \1.0040119C 004013BF . 59 POP ECX 004013C0 . A2 B8B14000 MOV BYTE PTR DS:[40B1B8],AL 004013C5 > 68 7EB14000 PUSH 1.0040B17E ; ASCII "START FIREWALL" 004013CA . FF35 E4D5400>PUSH DWORD PTR DS:[40D5E4] 004013D0 . E8 4F0F0000 CALL 1.00402324 004013D5 . 83C4 08 ADD ESP,8 004013D8 . 85C0 TEST EAX,EAX 004013DA . 0F85 9D00000>JNZ 1.0040147D 004013E0 . 803D C0B1400>CMP BYTE PTR DS:[40B1C0],0 004013E7 . 0F84 9000000>JE 1.0040147D 004013ED . 803D C1B1400>CMP BYTE PTR DS:[40B1C1],0 004013F4 . 0F84 8300000>JE 1.0040147D 004013FA . 6A 6A PUSH 6A ; /ControlID = 6A (106.) 004013FC . 53 PUSH EBX ; \|hWnd 004013FD . E8 0A990000 CALL <JMP.&USER32.GetDlgItem> ; \GetDlgItem 00401402 . 50 PUSH EAX ; /hWnd 00401403 . E8 1C990000 CALL <JMP.&USER32.GetWindowTextLengthA> ; \GetWindowTextLengthA 00401408 . 8BF0 MOV ESI,EAX 0040140A . 8D46 01 LEA EAX,DWORD PTR DS:[ESI+1] 0040140D . 50 PUSH EAX ; /MemSize 0040140E . 6A 40 PUSH 40 ; \|Flags = GPTR 00401410 . E8 FF970000 CALL <JMP.&kernel32.GlobalAlloc> ; \GlobalAlloc 00401415 . A3 E8D54000 MOV DWORD PTR DS:[40D5E8],EAX 0040141A . 46 INC ESI 0040141B . 56 PUSH ESI ; /Count 0040141C . FF35 E8D5400>PUSH DWORD PTR DS:[40D5E8] ; \|Buffer = 00149700 00401422 . 6A 6A PUSH 6A ; \|ControlID = 6A (106.) 00401424 . 53 PUSH EBX ; \|hWnd 00401425 . E8 E8980000 CALL <JMP.&USER32.GetDlgItemTextA> ; \GetDlgItemTextA 0040142A . FF35 E8D5400>PUSH DWORD PTR DS:[40D5E8] ; /Arg1 = 00149700 ASCII "START PATROL" 00401430 . E8 D3FCFFFF CALL 1.00401108 ; \1.00401108 00401435 . 59 POP ECX 00401436 . 84C0 TEST AL,AL 00401438 . 74 43 JE SHORT 1.0040147D 0040143A . 803D C0B1400>CMP BYTE PTR DS:[40B1C0],0 00401441 . 74 3A JE SHORT 1.0040147D 00401443 . 803D C1B1400>CMP BYTE PTR DS:[40B1C1],0 0040144A . 74 31 JE SHORT 1.0040147D 0040144C . 68 68B24000 PUSH 1.0040B268 ; /Text = "FIREWALL ENABLED." 00401451 . 6A 65 PUSH 65 ; \|ControlID = 65 (101.) 00401453 . 53 PUSH EBX ; \|hWnd 00401454 . E8 07990000 CALL <JMP.&USER32.SetDlgItemTextA> ; \SetDlgItemTextA 00401459 . 68 7AB24000 PUSH 1.0040B27A ; /Text = "SECURE !!!" 0040145E . 6A 66 PUSH 66 ; \|ControlID = 66 (102.) 00401460 . 53 PUSH EBX ; \|hWnd 00401461 . E8 FA980000 CALL <JMP.&USER32.SetDlgItemTextA> ; \SetDlgItemTextA 00401466 . C605 C2B1400>MOV BYTE PTR DS:[40B1C2],1 0040146D . EB 0E JMP SHORT 1.0040147D 0040146F . EB 0C JMP SHORT 1.0040147D 00401471 > 6A 01 PUSH 1 ; /Result = 1; Case 10 (WM_CLOSE) of switch 0040120C 00401473 . 53 PUSH EBX ; \|hWnd 00401474 . E8 6F980000 CALL <JMP.&USER32.EndDialog> ; \EndDialog 00401479 > 33C0 XOR EAX,EAX ; Default case of switch 0040120C 0040147B . EB 05 JMP SHORT 1.00401482 0040147D > B8 01000000 MOV EAX,1 00401482 > 5E POP ESI 00401483 . 5B POP EBX 00401484 . 5D POP EBP 00401485 . C2 1000 RETN 10 不怎么特别！ 2005-6-11 16:43 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

最新回复 (1)

skyege

雪币： 229

活跃值： (70)

能力值：

( LV6，RANK：90 )

在线值：

发帖

回帖

555

粉丝

关注

私信

skyege 2: 2 楼

00401201 .  55          PUSH EBP
00401202 .  8BEC       MOV EBP,ESP
00401204 .  53          PUSH EBX
00401205 .  56          PUSH ESI
00401206 .  8B5D 08    MOV EBX,DWORD PTR SS:[EBP+8]
00401209 .  8B45 0C    MOV EAX,DWORD PTR SS:[EBP+C]
0040120C .  83E8 10    SUB EAX,10                                     ;  Switch (cases 10..111)
0040120F .  0F84 5C02000>JE 1.00401471
00401215 .  2D 00010000  SUB EAX,100
0040121A .  74 08       JE SHORT 1.00401224
0040121C .  48          DEC EAX
0040121D .  74 32       JE SHORT 1.00401251
0040121F .  E9 55020000  JMP 1.00401479
00401224 >  803D B9B1400>CMP BYTE PTR DS:[40B1B9],0                      ;  Case 110 (WM_INITDIALOG) of switch 0040120C
0040122B .  74 12       JE SHORT 1.0040123F
0040122D .  68 E8B14000  PUSH 1.0040B1E8                                  ; /Text = "SECURE !!!"
00401232 .  6A 66       PUSH 66                                        ; |ControlID = 66 (102.)
00401234 .  53          PUSH EBX                                        ; |hWnd
00401235 .  E8 269B0000  CALL <JMP.&USER32.SetDlgItemTextA>             ; \SetDlgItemTextA
0040123A .  E9 3E020000  JMP 1.0040147D
0040123F >  68 F3B14000  PUSH 1.0040B1F3                                  ; /Text = "NOT SECURE !!!"
00401244 .  6A 66       PUSH 66                                        ; |ControlID = 66 (102.)
00401246 .  53          PUSH EBX                                        ; |hWnd
00401247 .  E8 149B0000  CALL <JMP.&USER32.SetDlgItemTextA>             ; \SetDlgItemTextA
0040124C .  E9 2C020000  JMP 1.0040147D
00401251 >  66:8B55 10 MOV DX,WORD PTR SS:[EBP+10]                      ;  Case 111 (WM_COMMAND) of switch 0040120C
00401255 .  66:FFCA    DEC DX
00401258 .  0F85 1F02000>JNZ 1.0040147D
0040125E .  6A 69       PUSH 69                                        ; /ControlID = 69 (105.)
00401260 .  53          PUSH EBX                                        ; |hWnd
00401261 .  E8 A69A0000  CALL <JMP.&USER32.GetDlgItem>                   ; \GetDlgItem
00401266 .  50          PUSH EAX                                        ; /hWnd
00401267 .  E8 B89A0000  CALL <JMP.&USER32.GetWindowTextLengthA>          ; \GetWindowTextLengthA
0040126C .  8BF0       MOV ESI,EAX
0040126E .  8D46 01    LEA EAX,DWORD PTR DS:[ESI+1]
00401271 .  50          PUSH EAX                                        ; /MemSize
00401272 .  6A 40       PUSH 40                                        ; |Flags = GPTR
00401274 .  E8 9B990000  CALL <JMP.&kernel32.GlobalAlloc>                ; \GlobalAlloc
00401279 .  A3 E4D54000  MOV DWORD PTR DS:[40D5E4],EAX
0040127E .  46          INC ESI
0040127F .  56          PUSH ESI                                        ; /Count
00401280 .  FF35 E4D5400>PUSH DWORD PTR DS:[40D5E4]                      ; |Buffer = 001496D8
00401286 .  6A 69       PUSH 69                                        ; |ControlID = 69 (105.)
00401288 .  53          PUSH EBX                                        ; |hWnd
00401289 .  E8 849A0000  CALL <JMP.&USER32.GetDlgItemTextA>             ; \GetDlgItemTextA
0040128E .  68 4CB14000  PUSH 1.0040B14C                                  ;  ASCII "SECURITYMODE"
00401293 .  FF35 E4D5400>PUSH DWORD PTR DS:[40D5E4]
00401299 .  E8 86100000  CALL 1.00402324
0040129E .  83C4 08    ADD ESP,8
004012A1 .  85C0       TEST EAX,EAX
004012A3 .  75 5B       JNZ SHORT 1.00401300
004012A5 .  6A 6A       PUSH 6A                                        ; /ControlID = 6A (106.)
004012A7 .  53          PUSH EBX                                        ; |hWnd
004012A8 .  E8 5F9A0000  CALL <JMP.&USER32.GetDlgItem>                   ; \GetDlgItem
004012AD .  50          PUSH EAX                                        ; /hWnd
004012AE .  E8 719A0000  CALL <JMP.&USER32.GetWindowTextLengthA>          ; \GetWindowTextLengthA
004012B3 .  8BF0       MOV ESI,EAX
004012B5 .  8D46 01    LEA EAX,DWORD PTR DS:[ESI+1]
004012B8 .  50          PUSH EAX                                        ; /MemSize
004012B9 .  6A 40       PUSH 40                                        ; |Flags = GPTR
004012BB .  E8 54990000  CALL <JMP.&kernel32.GlobalAlloc>                ; \GlobalAlloc
004012C0 .  A3 E8D54000  MOV DWORD PTR DS:[40D5E8],EAX
004012C5 .  46          INC ESI
004012C6 .  56          PUSH ESI                                        ; /Count
004012C7 .  FF35 E8D5400>PUSH DWORD PTR DS:[40D5E8]                      ; |Buffer = 00149700
004012CD .  6A 6A       PUSH 6A                                        ; |ControlID = 6A (106.)
004012CF .  53          PUSH EBX                                        ; |hWnd
004012D0 .  E8 3D9A0000  CALL <JMP.&USER32.GetDlgItemTextA>             ; \GetDlgItemTextA
004012D5 .  68 02B24000  PUSH 1.0040B202                                  ;  ASCII "SPIRITS"
004012DA .  FF35 E8D5400>PUSH DWORD PTR DS:[40D5E8]
004012E0 .  E8 3F100000  CALL 1.00402324
004012E5 .  83C4 08    ADD ESP,8
004012E8 .  85C0       TEST EAX,EAX
004012EA .  75 14       JNZ SHORT 1.00401300
004012EC .  68 0AB24000  PUSH 1.0040B20A                                  ; /Text = "SECURITYMODE ENABLED."
004012F1 .  6A 65       PUSH 65                                        ; |ControlID = 65 (101.)
004012F3 .  53          PUSH EBX                                        ; |hWnd
004012F4 .  E8 679A0000  CALL <JMP.&USER32.SetDlgItemTextA>             ; \SetDlgItemTextA
004012F9 .  C605 C0B1400>MOV BYTE PTR DS:[40B1C0],1
00401300 >  68 65B14000  PUSH 1.0040B165                                  ;  ASCII "START PATROL"
00401305 .  FF35 E4D5400>PUSH DWORD PTR DS:[40D5E4]
0040130B .  E8 14100000  CALL 1.00402324
00401310 .  83C4 08    ADD ESP,8
00401313 .  85C0       TEST EAX,EAX
00401315 .  75 3B       JNZ SHORT 1.00401352
00401317 .  803D C0B1400>CMP BYTE PTR DS:[40B1C0],0
0040131E .  74 32       JE SHORT 1.00401352
00401320 .  68 20B24000  PUSH 1.0040B220                                  ; /Text = "PATROL STARTED."
00401325 .  6A 65       PUSH 65                                        ; |ControlID = 65 (101.)
00401327 .  53          PUSH EBX                                        ; |hWnd
00401328 .  E8 339A0000  CALL <JMP.&USER32.SetDlgItemTextA>             ; \SetDlgItemTextA
0040132D .  0FBE05 BAB14>MOVSX EAX,BYTE PTR DS:[40B1BA]
00401334 .  48          DEC EAX
00401335 .  74 14       JE SHORT 1.0040134B
00401337 .  6A 30       PUSH 30                                        ; /Style = MB_OK|MB_ICONEXCLAMATION|MB_APPLMODAL
00401339 .  68 60B24000  PUSH 1.0040B260                                  ; |Title = "Message"
0040133E .  68 30B24000  PUSH 1.0040B230                                  ; |Text = "Your packman is disabled! Activate him first..."
00401343 .  53          PUSH EBX                                        ; |hOwner
00401344 .  E8 F9990000  CALL <JMP.&USER32.MessageBoxA>                   ; \MessageBoxA
00401349 .  EB 07       JMP SHORT 1.00401352
0040134B >  C605 C1B1400>MOV BYTE PTR DS:[40B1C1],1
00401352 >  68 97B14000  PUSH 1.0040B197                                  ;  ASCII "FLUSH BATTERY"
00401357 .  FF35 E4D5400>PUSH DWORD PTR DS:[40D5E4]
0040135D .  E8 C20F0000  CALL 1.00402324
00401362 .  83C4 08    ADD ESP,8
00401365 .  85C0       TEST EAX,EAX
00401367 .  75 5C       JNZ SHORT 1.004013C5
00401369 .  803D C1B1400>CMP BYTE PTR DS:[40B1C1],0
00401370 .  74 53       JE SHORT 1.004013C5
00401372 .  803D C0B1400>CMP BYTE PTR DS:[40B1C0],0
00401379 .  74 4A       JE SHORT 1.004013C5
0040137B .  803D B8B1400>CMP BYTE PTR DS:[40B1B8],0
00401382 .  74 41       JE SHORT 1.004013C5
00401384 .  6A 6A       PUSH 6A                                        ; /ControlID = 6A (106.)
00401386 .  53          PUSH EBX                                        ; |hWnd
00401387 .  E8 80990000  CALL <JMP.&USER32.GetDlgItem>                   ; \GetDlgItem
0040138C .  50          PUSH EAX                                        ; /hWnd
0040138D .  E8 92990000  CALL <JMP.&USER32.GetWindowTextLengthA>          ; \GetWindowTextLengthA
00401392 .  8BF0       MOV ESI,EAX
00401394 .  8D46 01    LEA EAX,DWORD PTR DS:[ESI+1]
00401397 .  50          PUSH EAX                                        ; /MemSize
00401398 .  6A 40       PUSH 40                                        ; |Flags = GPTR
0040139A .  E8 75980000  CALL <JMP.&kernel32.GlobalAlloc>                ; \GlobalAlloc
0040139F .  A3 E8D54000  MOV DWORD PTR DS:[40D5E8],EAX
004013A4 .  46          INC ESI
004013A5 .  56          PUSH ESI                                        ; /Count
004013A6 .  FF35 E8D5400>PUSH DWORD PTR DS:[40D5E8]                      ; |Buffer = 00149700
004013AC .  6A 6A       PUSH 6A                                        ; |ControlID = 6A (106.)
004013AE .  53          PUSH EBX                                        ; |hWnd
004013AF .  E8 5E990000  CALL <JMP.&USER32.GetDlgItemTextA>             ; \GetDlgItemTextA
004013B4 .  FF35 E8D5400>PUSH DWORD PTR DS:[40D5E8]                      ; /Arg1 = 00149700 ASCII "START PATROL"
004013BA .  E8 DDFDFFFF  CALL 1.0040119C                                  ; \1.0040119C
004013BF .  59          POP ECX
004013C0 .  A2 B8B14000  MOV BYTE PTR DS:[40B1B8],AL
004013C5 >  68 7EB14000  PUSH 1.0040B17E                                  ;  ASCII "START FIREWALL"
004013CA .  FF35 E4D5400>PUSH DWORD PTR DS:[40D5E4]
004013D0 .  E8 4F0F0000  CALL 1.00402324
004013D5 .  83C4 08    ADD ESP,8
004013D8 .  85C0       TEST EAX,EAX
004013DA .  0F85 9D00000>JNZ 1.0040147D
004013E0 .  803D C0B1400>CMP BYTE PTR DS:[40B1C0],0
004013E7 .  0F84 9000000>JE 1.0040147D
004013ED .  803D C1B1400>CMP BYTE PTR DS:[40B1C1],0
004013F4 .  0F84 8300000>JE 1.0040147D
004013FA .  6A 6A       PUSH 6A                                        ; /ControlID = 6A (106.)
004013FC .  53          PUSH EBX                                        ; |hWnd
004013FD .  E8 0A990000  CALL <JMP.&USER32.GetDlgItem>                   ; \GetDlgItem
00401402 .  50          PUSH EAX                                        ; /hWnd
00401403 .  E8 1C990000  CALL <JMP.&USER32.GetWindowTextLengthA>          ; \GetWindowTextLengthA
00401408 .  8BF0       MOV ESI,EAX
0040140A .  8D46 01    LEA EAX,DWORD PTR DS:[ESI+1]
0040140D .  50          PUSH EAX                                        ; /MemSize
0040140E .  6A 40       PUSH 40                                        ; |Flags = GPTR
00401410 .  E8 FF970000  CALL <JMP.&kernel32.GlobalAlloc>                ; \GlobalAlloc
00401415 .  A3 E8D54000  MOV DWORD PTR DS:[40D5E8],EAX
0040141A .  46          INC ESI
0040141B .  56          PUSH ESI                                        ; /Count
0040141C .  FF35 E8D5400>PUSH DWORD PTR DS:[40D5E8]                      ; |Buffer = 00149700
00401422 .  6A 6A       PUSH 6A                                        ; |ControlID = 6A (106.)
00401424 .  53          PUSH EBX                                        ; |hWnd
00401425 .  E8 E8980000  CALL <JMP.&USER32.GetDlgItemTextA>             ; \GetDlgItemTextA
0040142A .  FF35 E8D5400>PUSH DWORD PTR DS:[40D5E8]                      ; /Arg1 = 00149700 ASCII "START PATROL"
00401430 .  E8 D3FCFFFF  CALL 1.00401108                                  ; \1.00401108
00401435 .  59          POP ECX
00401436 .  84C0       TEST AL,AL
00401438 .  74 43       JE SHORT 1.0040147D
0040143A .  803D C0B1400>CMP BYTE PTR DS:[40B1C0],0
00401441 .  74 3A       JE SHORT 1.0040147D
00401443 .  803D C1B1400>CMP BYTE PTR DS:[40B1C1],0
0040144A .  74 31       JE SHORT 1.0040147D
0040144C .  68 68B24000  PUSH 1.0040B268                                  ; /Text = "FIREWALL ENABLED."
00401451 .  6A 65       PUSH 65                                        ; |ControlID = 65 (101.)
00401453 .  53          PUSH EBX                                        ; |hWnd
00401454 .  E8 07990000  CALL <JMP.&USER32.SetDlgItemTextA>             ; \SetDlgItemTextA
00401459 .  68 7AB24000  PUSH 1.0040B27A                                  ; /Text = "SECURE !!!"
0040145E .  6A 66       PUSH 66                                        ; |ControlID = 66 (102.)
00401460 .  53          PUSH EBX                                        ; |hWnd
00401461 .  E8 FA980000  CALL <JMP.&USER32.SetDlgItemTextA>             ; \SetDlgItemTextA
00401466 .  C605 C2B1400>MOV BYTE PTR DS:[40B1C2],1
0040146D .  EB 0E       JMP SHORT 1.0040147D
0040146F .  EB 0C       JMP SHORT 1.0040147D
00401471 >  6A 01       PUSH 1                                           ; /Result = 1; Case 10 (WM_CLOSE) of switch 0040120C
00401473 .  53          PUSH EBX                                        ; |hWnd
00401474 .  E8 6F980000  CALL <JMP.&USER32.EndDialog>                   ; \EndDialog
00401479 >  33C0       XOR EAX,EAX                                     ;  Default case of switch 0040120C
0040147B .  EB 05       JMP SHORT 1.00401482
0040147D >  B8 01000000  MOV EAX,1
00401482 >  5E          POP ESI
00401483 .  5B          POP EBX
00401484 .  5D          POP EBP
00401485 .  C2 1000    RETN 10

不怎么特别！

2005-6-11 16:43