-
-
[旧帖]
[求助]一个登录代码的核心部分,请各位看看是什么逻辑过程
0.00雪花
-
发表于:
2012-10-31 16:30
1643
-
[旧帖] [求助]一个登录代码的核心部分,请各位看看是什么逻辑过程
0.00雪花
int __cdecl TC_Login(int a1, __int16 a2, const void *a3, int a4)
{
int v4; // eax@1
unsigned int v5; // ebp@5
void *v6; // eax@5
void *v7; // edi@5
int v8; // ebp@6
int v9; // esi@6
int v10; // edi@25
int i; // ecx@25
int v12; // esi@29
unsigned int v13; // ecx@30
int v14; // edi@30
int j; // ecx@30
int result; // eax@35
void *v17; // [sp+14h] [bp-1070h]@1
int v18; // [sp+18h] [bp-106Ch]@2
void *v19; // [sp+24h] [bp-1060h]@5
int v20; // [sp+28h] [bp-105Ch]@5
int v21; // [sp+2Ch] [bp-1058h]@1
int v22; // [sp+30h] [bp-1054h]@35
unsigned int v23; // [sp+34h] [bp-1050h]@5
char v24; // [sp+38h] [bp-104Ch]@5
v4 = sub_1004E5EF();
AFX_MAINTAIN_STATE2::AFX_MAINTAIN_STATE2(&v21, v4);
v17 = 0;
if ( a2 )
{
v17 = operator new(3274 * a2);
sub_1004DC60(v17, a2);
v18 = a2;
}
else
{
v18 = 0;
}
if ( a2 > 0 )
{
v5 = 800 * a2;
v23 = 800 * a2;
v6 = operator new(800 * a2);
memcpy(v6, a3, 4 * ((unsigned int)(800 * a2) >> 2));
v19 = v6;
sub_1005A690(&v24, (int)"tdx_zjzh_tztz_@#$", 17);
v7 = v19;
sub_1005A880(v19, 800 * a2);
v20 = 0;
if ( v18 > 0 )
{
v8 = (int)((char *)v19 + 2);
v9 = 0;
do
{
memset((char *)v17 + v9, 0, 0xCC8u);
*(_WORD *)((char *)v17 + v9 + 3272) = 0;
*((_BYTE *)v17 + v9) = *(_BYTE *)(v8 - 2);
*((_BYTE *)v17 + v9 + 64) ^= (a4 == 1 ^ *((_BYTE *)v17 + v9 + 64)) & 1;
*((_BYTE *)v17 + v9 + 64) |= 2u;
*((_BYTE *)v17 + v9 + 64) &= 3u;
if ( v8 != -769 && *(_BYTE *)(v8 + 769) )
{
strncpy((char *)v17 + v9 + 1, (const char *)(v8 + 769), 0x3Fu);
*((_BYTE *)v17 + v9 + 63) = 0;
}
else
{
*((_BYTE *)v17 + v9 + 1) = 0;
}
if ( v8 && *(_BYTE *)v8 )
{
strncpy((char *)v17 + v9 + 65, (const char *)v8, 0x40u);
*((_BYTE *)v17 + v9 + 128) = 0;
}
else
{
*((_BYTE *)v17 + v9 + 65) = 0;
}
if ( v8 != -256 && *(_BYTE *)(v8 + 256) )
{
strncpy((char *)v17 + v9 + 129, (const char *)(v8 + 256), 0x400u);
*((_BYTE *)v17 + v9 + 1152) = 0;
}
else
{
*((_BYTE *)v17 + v9 + 129) = 0;
}
*((_BYTE *)v17 + v9 + 1153) = *(_BYTE *)(v8 + 512);
if ( v8 != -513 && *(_BYTE *)(v8 + 513) )
{
strncpy((char *)v17 + v9 + 1154, (const char *)(v8 + 513), 0x800u);
*((_BYTE *)v17 + v9 + 3201) = 0;
}
else
{
*((_BYTE *)v17 + v9 + 1154) = 0;
}
v8 += 800;
*(_DWORD *)((char *)v17 + v9 + 3202) = 3274;
*(_DWORD *)((char *)v17 + v9 + 3206) = *(_WORD *)(v8 - 25);
v9 += 3274;
++v20;
}
while ( v20 < v18 );
v5 = v23;
v7 = v19;
}
memset(v7, 0, 4 * (v5 >> 2));
v10 = (int)((char *)v7 + 4 * (v5 >> 2));
for ( i = v5 & 3; i; --i )
*(_BYTE *)v10++ = 0;
operator delete(v19);
}
v12 = sub_10019280(v17, v18);
if ( v18 > 0 )
{
v13 = (unsigned int)(3274 * v18) >> 2;
memset(v17, 0, 4 * v13);
v14 = (int)((char *)v17 + 4 * v13);
for ( j = -54 * (_BYTE)v18 & 3; j; --j )
*(_BYTE *)v14++ = 0;
sub_1004D800(0, -1);
}
if ( v17 )
{
operator delete(v17);
*(_DWORD *)(v22 + 4) = v21;
result = v12;
}
else
{
*(_DWORD *)(v22 + 4) = v21;
result = v12;
}
return result;
}
以上是用IDA逆出来的代码
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课