-
-
[旧帖]
[讨论]这段是花指令吗?
0.00雪花
-
发表于:
2012-8-20 00:17
1436
-
00451FD3 > $ 52 PUSH EDX ; ntdll.KiFastSystemCallRet
00451FD4 . BA 64000000 MOV EDX,64
00451FD9 > 85D2 TEST EDX,EDX
00451FDB . 74 1D JE SHORT aa.00451FFA
00451FDD . B9 00100000 MOV ECX,1000
00451FE2 > 85C9 TEST ECX,ECX
00451FE4 . 74 07 JE SHORT aa.00451FED
00451FE6 . 01C8 ADD EAX,ECX
00451FE8 . 01D8 ADD EAX,EBX
00451FEA . 49 DEC ECX
00451FEB .^ EB F5 JMP SHORT aa.00451FE2
00451FED > 52 PUSH EDX
00451FEE . 54 PUSH ESP ; /String2
00451FEF . 54 PUSH ESP ; |String1
00451FF0 . FF15 33005400 CALL DWORD PTR DS:[<&kernel32.lstrcpy>] ; \lstrcpyA
00451FF6 . 5A POP EDX
00451FF7 . 4A DEC EDX
00451FF8 .^ EB DF JMP SHORT aa.00451FD9
00451FFA > 5A POP EDX
00451FFB .- E9 00203A00 JMP aa.007F4000
我分析这段是花指令,请大牛鉴定?
[课程]Android-CTF解题方法汇总!