谁能告诉我，它的注册算法？-付费问答-看雪-安全社区|安全招聘|kanxue.com

[旧帖] 谁能告诉我，它的注册算法？ 0.00雪花

发表于: 2013-2-2 13:14 1247

[旧帖] 谁能告诉我，它的注册算法？ 0.00雪花

biziran

2013-2-2 13:14

1247

0040602A    CC          int3
0040602B    CC          int3
0040602C    CC          int3
0040602D    CC          int3
0040602E    CC          int3
0040602F    CC          int3
00406030  /.  55          push ebp
00406031  |.  8BEC       mov    ebp, esp
00406033  |.  81EC 64060000 sub    esp, 664
00406039  |.  A1 84C25700 mov    eax, dword ptr [57C284]
0040603E  |.  33C5       xor    eax, ebp
00406040  |.  8945 FC    mov    dword ptr [ebp-4], eax
00406043  |.  53          push ebx
00406044  |.  56          push esi
00406045  |.  57          push edi
00406046  |.  68 F2010000 push 1F2
0040604B  |.  8BF1       mov    esi, ecx
0040604D  |.  33FF       xor    edi, edi
0040604F  |.  8D8D FEFDFFFF lea    ecx, dword ptr [ebp-202]
00406055  |.  33C0       xor    eax, eax
00406057  |.  57          push edi
00406058  |.  51          push ecx
00406059  |.  66:8985 FCFDF>mov    word ptr [ebp-204], ax
00406060  |.  E8 6BF50F00 call 005055D0
00406065  |.  83C4 0C    add    esp, 0C
00406068  |.  6A 01       push 1
0040606A  |.  8BCE       mov    ecx, esi
0040606C  |.  89BD 9CF9FFFF mov    dword ptr [ebp-664], edi
00406072  |.  89BD A0F9FFFF mov    dword ptr [ebp-660], edi
00406078  |.  E8 D2DD0000 call 00413E4F
0040607D  |.  8B96 94000000 mov    edx, dword ptr [esi+94]
00406083  |.  52          push edx
00406084  |.  8D45 F0    lea    eax, dword ptr [ebp-10]
00406087  |.  6A 09       push 9
00406089  |.  50          push eax
0040608A  |.  E8 74DA0F00 call 00503B03
0040608F  |.  83C4 0C    add    esp, 0C
00406092  |.  8D9D FCFDFFFF lea    ebx, dword ptr [ebp-204]
00406098  |.  8D55 F0    lea    edx, dword ptr [ebp-10]
0040609B  |.  8BCE       mov    ecx, esi
0040609D  |.  E8 0E020000 call 004062B0
004060A2  |.  84C0       test al, al
004060A4  |.  0F84 E9010000 je    00406293
004060AA  |.  8BC3       mov    eax, ebx
004060AC  |.  8D50 01    lea    edx, dword ptr [eax+1]
004060AF  |.  90          nop
004060B0  |>  8A08       /mov    cl, byte ptr [eax]
004060B2  |.  40          |inc    eax
004060B3  |.  84C9       |test cl, cl
004060B5  |.^ 75 F9       \jnz    short 004060B0
004060B7  |.  2BC2       sub    eax, edx
004060B9  |.  50          push eax
004060BA  |.  8D8D FCFDFFFF lea    ecx, dword ptr [ebp-204]
004060C0  |.  51          push ecx
004060C1  |.  8D8E 98000000 lea    ecx, dword ptr [esi+98]
004060C7  |.  E8 A4BEFFFF call 00401F70
004060CC  |.  8B96 94000000 mov    edx, dword ptr [esi+94]
004060D2  |.  52          push edx
004060D3  |.  8D85 A4F9FFFF lea    eax, dword ptr [ebp-65C]
004060D9  |.  68 58020000 push 258
004060DE  |.  50          push eax
004060DF  |.  E8 1FDA0F00 call 00503B03
004060E4  |.  8B8E 98000000 mov    ecx, dword ptr [esi+98]
004060EA  |.  51          push ecx
004060EB  |.  8D95 A4F9FFFF lea    edx, dword ptr [ebp-65C]
004060F1  |.  68 58020000 push 258
004060F6  |.  52          push edx
004060F7  |.  E8 EADB0F00 call 00503CE6
004060FC  |.  8B3D 24285300 mov    edi, dword ptr [<&USER32.GetFore>;  USER32.GetForegroundWindow
00406102  |.  83C4 18    add    esp, 18
00406105  |.  6A 00       push 0                               ; /Enable = FALSE
00406107  |.  FFD7       call edi                            ; |[GetForegroundWindow
00406109  |.  8B1D 54275300 mov    ebx, dword ptr [<&USER32.EnableW>; |USER32.EnableWindow
0040610F  |.  50          push eax                            ; |hWnd
00406110  |.  FFD3       call ebx                            ; \EnableWindow
00406112  |.  6A 01       push 1
00406114  |.  FF15 20285300 call dword ptr [<&USER32.BlockInput>] ;  USER32.BlockInput
0040611A  |.  8D85 A4F9FFFF lea    eax, dword ptr [ebp-65C]
00406120  |.  50          push eax
00406121  |.  8D8D 9CF9FFFF lea    ecx, dword ptr [ebp-664]
00406127  |.  51          push ecx
00406128  |.  8D95 A0F9FFFF lea    edx, dword ptr [ebp-660]
0040612E  |.  B9 5F000000 mov    ecx, 5F
00406133  |.  E8 A8BFFFFF call 004020E0
00406138  |.  83C4 08    add    esp, 8
0040613B  |.  6A 01       push 1
0040613D  |.  85C0       test eax, eax
0040613F  |.  0F85 25010000 jnz    0040626A
00406145  |.  FFD7       call edi
00406147  |.  50          push eax
00406148  |.  FFD3       call ebx
0040614A  |.  6A 00       push 0
0040614C  |.  FF15 20285300 call dword ptr [<&USER32.BlockInput>] ;  USER32.BlockInput
00406152  |.  83BD 9CF9FFFF>cmp    dword ptr [ebp-664], 0
00406159  |.  0F84 EE000000 je    0040624D
0040615F  |.  8D95 A4F9FFFF lea    edx, dword ptr [ebp-65C]
00406165  |.  52          push edx
00406166  |.  E8 FEDB0F00 call 00503D69
0040616B  |.  83C4 04    add    esp, 4
0040616E  |.  83F8 63    cmp    eax, 63                         ;  Switch (cases 1F..63)
00406171  |.  75 1D       jnz    short 00406190
00406173  |.  6A 00       push 0                               ;  Case 63 of switch 0040616E
00406175  |.  6A 00       push 0
00406177  |.  68 64C15500 push 0055C164                      ;  成功注册，无时间限制
0040617C  |.  8BCE       mov    ecx, esi
0040617E  |.  E8 35DA0000 call 00413BB8
00406183  |.  8B06       mov    eax, dword ptr [esi]
00406185  |.  8B90 7C010000 mov    edx, dword ptr [eax+17C]
0040618B  |.  E9 FF000000 jmp    0040628F
00406190  |>  8D48 E1    lea    ecx, dword ptr [eax-1F]
00406193  |.  83F9 3B    cmp    ecx, 3B
00406196  |.  77 43       ja    short 004061DB
00406198  |.  83C0 E2    add    eax, -1E                      ;  Cases 1F,20,21,22,23,24,25,26,27,28,29,2A,2B,2C,2D,2E,2F,30,31,32,33,34,35,36,37,38,39,3A,3B,3C,3D,3E,3F,40,41,42,43,44,45,46,47,48,49,4A,4B,4C,4D,4E,4F,50,51,52,53,54,55,56,57,58... of switch 0040616E
0040619B  |.  8D95 FCFBFFFF lea    edx, dword ptr [ebp-404]
004061A1  |.  83F8 07    cmp    eax, 7
004061A4  |.  75 08       jnz    short 004061AE
004061A6  |.  50          push eax
004061A7  |.  68 7CC15500 push 0055C17C                      ;  成功注册，期限：一周
004061AC  |.  EB 06       jmp    short 004061B4
004061AE  |>  50          push eax
004061AF  |.  68 94C15500 push 0055C194                      ;  成功注册，期限：%d天
004061B4  |>  E8 47060000 call 00406800                      ;  Cases 1,2,3,4,5,6,7,8,9,A,B of switch 004061DB
004061B9  |.  83C4 08    add    esp, 8
004061BC  |.  6A 00       push 0
004061BE  |.  6A 00       push 0
004061C0  |.  8D95 FCFBFFFF lea    edx, dword ptr [ebp-404]
004061C6  |.  52          push edx
004061C7  |.  8BCE       mov    ecx, esi
004061C9  |.  E8 EAD90000 call 00413BB8
004061CE  |.  8B06       mov    eax, dword ptr [esi]
004061D0  |.  8B90 7C010000 mov    edx, dword ptr [eax+17C]
004061D6  |.  E9 B4000000 jmp    0040628F
004061DB  |>  83F8 18    cmp    eax, 18                         ;  Switch (cases 0..18)
004061DE  |.  75 1D       jnz    short 004061FD
004061E0  |.  6A 00       push 0                               ;  Case 18 of switch 004061DB
004061E2  |.  6A 00       push 0
004061E4  |.  68 ACC15500 push 0055C1AC                      ;  成功注册，二年期限
004061E9  |.  8BCE       mov    ecx, esi
004061EB  |.  E8 C8D90000 call 00413BB8
004061F0  |.  8B06       mov    eax, dword ptr [esi]
004061F2  |.  8B90 7C010000 mov    edx, dword ptr [eax+17C]
004061F8  |.  E9 92000000 jmp    0040628F
004061FD  |>  83F8 0C    cmp    eax, 0C
00406200  |.  75 1A       jnz    short 0040621C
00406202  |.  6A 00       push 0                               ;  Case C of switch 004061DB
00406204  |.  6A 00       push 0
00406206  |.  68 C0C15500 push 0055C1C0                      ;  成功注册，一年期限
0040620B  |.  8BCE       mov    ecx, esi
0040620D  |.  E8 A6D90000 call 00413BB8
00406212  |.  8B06       mov    eax, dword ptr [esi]
00406214  |.  8B90 7C010000 mov    edx, dword ptr [eax+17C]
0040621A  |.  EB 73       jmp    short 0040628F
0040621C  |>  85C0       test eax, eax
0040621E  |.  75 09       jnz    short 00406229
00406220  |.  50          push eax                            ;  Case 0 of switch 004061DB
00406221  |.  50          push eax
00406222  |.  68 D4C15500 push 0055C1D4                      ;  不支持在虚拟机中注册！
00406227  |.  EB 57       jmp    short 00406280
00406229  |>  8D48 FF    lea    ecx, dword ptr [eax-1]
0040622C  |.  83F9 0A    cmp    ecx, 0A
0040622F  |.  77 11       ja    short 00406242
00406231  |.  50          push eax
00406232  |.  68 ECC15500 push 0055C1EC                      ;  成功注册，期限：%d个月
00406237  |.  8D95 FCFBFFFF lea    edx, dword ptr [ebp-404]
0040623D  |.^ E9 72FFFFFF jmp    004061B4
00406242  |>  6A 00       push 0
00406244  |.  6A 00       push 0
00406246  |.  68 04C25500 push 0055C204                      ;  未知的状态
0040624B  |.  EB 33       jmp    short 00406280
0040624D  |>  83BD A0F9FFFF>cmp    dword ptr [ebp-660], 9
00406254  |.  6A 00       push 0
00406256  |.  8BCE       mov    ecx, esi
00406258  |.  6A 00       push 0
0040625A  |.  75 07       jnz    short 00406263
0040625C  |.  68 10C25500 push 0055C210                      ;  过期注册码，注册不成功！
00406261  |.  EB 1F       jmp    short 00406282
00406263  |>  68 6CC25500 push 0055C26C                      ;  注册不成功！
00406268  |.  EB 18       jmp    short 00406282
0040626A  |>  FFD7       call edi
0040626C  |.  50          push eax
0040626D  |.  FFD3       call ebx
0040626F  |.  6A 00       push 0
00406271  |.  FF15 20285300 call dword ptr [<&USER32.BlockInput>] ;  USER32.BlockInput
00406277  |.  6A 00       push 0
00406279  |.  6A 00       push 0
0040627B  |.  68 9CC25500 push 0055C29C                      ;  不成功！
00406280  |>  8BCE       mov    ecx, esi                      ;  Default case of switch 004061DB
00406282  |>  E8 31D90000 call 00413BB8
00406287  |.  8B06       mov    eax, dword ptr [esi]
00406289  |.  8B90 80010000 mov    edx, dword ptr [eax+180]
0040628F  |>  8BCE       mov    ecx, esi
00406291  |.  FFD2       call edx
00406293  |>  8B4D FC    mov    ecx, dword ptr [ebp-4]
00406296  |.  5F          pop    edi
00406297  |.  5E          pop    esi
00406298  |.  33CD       xor    ecx, ebp
0040629A  |.  5B          pop    ebx
0040629B  |.  E8 B4C90F00 call 00502C54
004062A0  |.  8BE5       mov    esp, ebp
004062A2  |.  5D          pop    ebp
004062A3  \.  C3          retn

0040602A    CC          int3
0040602B    CC          int3
0040602C    CC          int3
0040602D    CC          int3
0040602E    CC          int3
0040602F    CC          int3
00406030  /.  55          push ebp
00406031  |.  8BEC       mov    ebp, esp
00406033  |.  81EC 64060000 sub    esp, 664
00406039  |.  A1 84C25700 mov    eax, dword ptr [57C284]
0040603E  |.  33C5       xor    eax, ebp
00406040  |.  8945 FC    mov    dword ptr [ebp-4], eax
00406043  |.  53          push ebx
00406044  |.  56          push esi
00406045  |.  57          push edi
00406046  |.  68 F2010000 push 1F2
0040604B  |.  8BF1       mov    esi, ecx
0040604D  |.  33FF       xor    edi, edi
0040604F  |.  8D8D FEFDFFFF lea    ecx, dword ptr [ebp-202]
00406055  |.  33C0       xor    eax, eax
00406057  |.  57          push edi
00406058  |.  51          push ecx
00406059  |.  66:8985 FCFDF>mov    word ptr [ebp-204], ax
00406060  |.  E8 6BF50F00 call 005055D0
00406065  |.  83C4 0C    add    esp, 0C
00406068  |.  6A 01       push 1
0040606A  |.  8BCE       mov    ecx, esi
0040606C  |.  89BD 9CF9FFFF mov    dword ptr [ebp-664], edi
00406072  |.  89BD A0F9FFFF mov    dword ptr [ebp-660], edi
00406078  |.  E8 D2DD0000 call 00413E4F
0040607D  |.  8B96 94000000 mov    edx, dword ptr [esi+94]
00406083  |.  52          push edx
00406084  |.  8D45 F0    lea    eax, dword ptr [ebp-10]
00406087  |.  6A 09       push 9
00406089  |.  50          push eax
0040608A  |.  E8 74DA0F00 call 00503B03
0040608F  |.  83C4 0C    add    esp, 0C
00406092  |.  8D9D FCFDFFFF lea    ebx, dword ptr [ebp-204]
00406098  |.  8D55 F0    lea    edx, dword ptr [ebp-10]
0040609B  |.  8BCE       mov    ecx, esi
0040609D  |.  E8 0E020000 call 004062B0
004060A2  |.  84C0       test al, al
004060A4  |.  0F84 E9010000 je    00406293
004060AA  |.  8BC3       mov    eax, ebx
004060AC  |.  8D50 01    lea    edx, dword ptr [eax+1]
004060AF  |.  90          nop
004060B0  |>  8A08       /mov    cl, byte ptr [eax]
004060B2  |.  40          |inc    eax
004060B3  |.  84C9       |test cl, cl
004060B5  |.^ 75 F9       \jnz    short 004060B0
004060B7  |.  2BC2       sub    eax, edx
004060B9  |.  50          push eax
004060BA  |.  8D8D FCFDFFFF lea    ecx, dword ptr [ebp-204]
004060C0  |.  51          push ecx
004060C1  |.  8D8E 98000000 lea    ecx, dword ptr [esi+98]
004060C7  |.  E8 A4BEFFFF call 00401F70
004060CC  |.  8B96 94000000 mov    edx, dword ptr [esi+94]
004060D2  |.  52          push edx
004060D3  |.  8D85 A4F9FFFF lea    eax, dword ptr [ebp-65C]
004060D9  |.  68 58020000 push 258
004060DE  |.  50          push eax
004060DF  |.  E8 1FDA0F00 call 00503B03
004060E4  |.  8B8E 98000000 mov    ecx, dword ptr [esi+98]
004060EA  |.  51          push ecx
004060EB  |.  8D95 A4F9FFFF lea    edx, dword ptr [ebp-65C]
004060F1  |.  68 58020000 push 258
004060F6  |.  52          push edx
004060F7  |.  E8 EADB0F00 call 00503CE6
004060FC  |.  8B3D 24285300 mov    edi, dword ptr [<&USER32.GetFore>;  USER32.GetForegroundWindow
00406102  |.  83C4 18    add    esp, 18
00406105  |.  6A 00       push 0                               ; /Enable = FALSE
00406107  |.  FFD7       call edi                            ; |[GetForegroundWindow
00406109  |.  8B1D 54275300 mov    ebx, dword ptr [<&USER32.EnableW>; |USER32.EnableWindow
0040610F  |.  50          push eax                            ; |hWnd
00406110  |.  FFD3       call ebx                            ; \EnableWindow
00406112  |.  6A 01       push 1
00406114  |.  FF15 20285300 call dword ptr [<&USER32.BlockInput>] ;  USER32.BlockInput
0040611A  |.  8D85 A4F9FFFF lea    eax, dword ptr [ebp-65C]
00406120  |.  50          push eax
00406121  |.  8D8D 9CF9FFFF lea    ecx, dword ptr [ebp-664]
00406127  |.  51          push ecx
00406128  |.  8D95 A0F9FFFF lea    edx, dword ptr [ebp-660]
0040612E  |.  B9 5F000000 mov    ecx, 5F
00406133  |.  E8 A8BFFFFF call 004020E0
00406138  |.  83C4 08    add    esp, 8
0040613B  |.  6A 01       push 1
0040613D  |.  85C0       test eax, eax
0040613F  |.  0F85 25010000 jnz    0040626A
00406145  |.  FFD7       call edi
00406147  |.  50          push eax
00406148  |.  FFD3       call ebx
0040614A  |.  6A 00       push 0
0040614C  |.  FF15 20285300 call dword ptr [<&USER32.BlockInput>] ;  USER32.BlockInput
00406152  |.  83BD 9CF9FFFF>cmp    dword ptr [ebp-664], 0
00406159  |.  0F84 EE000000 je    0040624D
0040615F  |.  8D95 A4F9FFFF lea    edx, dword ptr [ebp-65C]
00406165  |.  52          push edx
00406166  |.  E8 FEDB0F00 call 00503D69
0040616B  |.  83C4 04    add    esp, 4
0040616E  |.  83F8 63    cmp    eax, 63                         ;  Switch (cases 1F..63)
00406171  |.  75 1D       jnz    short 00406190
00406173  |.  6A 00       push 0                               ;  Case 63 of switch 0040616E
00406175  |.  6A 00       push 0
00406177  |.  68 64C15500 push 0055C164                      ;  成功注册，无时间限制
0040617C  |.  8BCE       mov    ecx, esi
0040617E  |.  E8 35DA0000 call 00413BB8
00406183  |.  8B06       mov    eax, dword ptr [esi]
00406185  |.  8B90 7C010000 mov    edx, dword ptr [eax+17C]
0040618B  |.  E9 FF000000 jmp    0040628F
00406190  |>  8D48 E1    lea    ecx, dword ptr [eax-1F]
00406193  |.  83F9 3B    cmp    ecx, 3B
00406196  |.  77 43       ja    short 004061DB
00406198  |.  83C0 E2    add    eax, -1E                      ;  Cases 1F,20,21,22,23,24,25,26,27,28,29,2A,2B,2C,2D,2E,2F,30,31,32,33,34,35,36,37,38,39,3A,3B,3C,3D,3E,3F,40,41,42,43,44,45,46,47,48,49,4A,4B,4C,4D,4E,4F,50,51,52,53,54,55,56,57,58... of switch 0040616E
0040619B  |.  8D95 FCFBFFFF lea    edx, dword ptr [ebp-404]
004061A1  |.  83F8 07    cmp    eax, 7
004061A4  |.  75 08       jnz    short 004061AE
004061A6  |.  50          push eax
004061A7  |.  68 7CC15500 push 0055C17C                      ;  成功注册，期限：一周
004061AC  |.  EB 06       jmp    short 004061B4
004061AE  |>  50          push eax
004061AF  |.  68 94C15500 push 0055C194                      ;  成功注册，期限：%d天
004061B4  |>  E8 47060000 call 00406800                      ;  Cases 1,2,3,4,5,6,7,8,9,A,B of switch 004061DB
004061B9  |.  83C4 08    add    esp, 8
004061BC  |.  6A 00       push 0
004061BE  |.  6A 00       push 0
004061C0  |.  8D95 FCFBFFFF lea    edx, dword ptr [ebp-404]
004061C6  |.  52          push edx
004061C7  |.  8BCE       mov    ecx, esi
004061C9  |.  E8 EAD90000 call 00413BB8
004061CE  |.  8B06       mov    eax, dword ptr [esi]
004061D0  |.  8B90 7C010000 mov    edx, dword ptr [eax+17C]
004061D6  |.  E9 B4000000 jmp    0040628F
004061DB  |>  83F8 18    cmp    eax, 18                         ;  Switch (cases 0..18)
004061DE  |.  75 1D       jnz    short 004061FD
004061E0  |.  6A 00       push 0                               ;  Case 18 of switch 004061DB
004061E2  |.  6A 00       push 0
004061E4  |.  68 ACC15500 push 0055C1AC                      ;  成功注册，二年期限
004061E9  |.  8BCE       mov    ecx, esi
004061EB  |.  E8 C8D90000 call 00413BB8
004061F0  |.  8B06       mov    eax, dword ptr [esi]
004061F2  |.  8B90 7C010000 mov    edx, dword ptr [eax+17C]
004061F8  |.  E9 92000000 jmp    0040628F
004061FD  |>  83F8 0C    cmp    eax, 0C
00406200  |.  75 1A       jnz    short 0040621C
00406202  |.  6A 00       push 0                               ;  Case C of switch 004061DB
00406204  |.  6A 00       push 0
00406206  |.  68 C0C15500 push 0055C1C0                      ;  成功注册，一年期限
0040620B  |.  8BCE       mov    ecx, esi
0040620D  |.  E8 A6D90000 call 00413BB8
00406212  |.  8B06       mov    eax, dword ptr [esi]
00406214  |.  8B90 7C010000 mov    edx, dword ptr [eax+17C]
0040621A  |.  EB 73       jmp    short 0040628F
0040621C  |>  85C0       test eax, eax
0040621E  |.  75 09       jnz    short 00406229
00406220  |.  50          push eax                            ;  Case 0 of switch 004061DB
00406221  |.  50          push eax
00406222  |.  68 D4C15500 push 0055C1D4                      ;  不支持在虚拟机中注册！
00406227  |.  EB 57       jmp    short 00406280
00406229  |>  8D48 FF    lea    ecx, dword ptr [eax-1]
0040622C  |.  83F9 0A    cmp    ecx, 0A
0040622F  |.  77 11       ja    short 00406242
00406231  |.  50          push eax
00406232  |.  68 ECC15500 push 0055C1EC                      ;  成功注册，期限：%d个月
00406237  |.  8D95 FCFBFFFF lea    edx, dword ptr [ebp-404]
0040623D  |.^ E9 72FFFFFF jmp    004061B4
00406242  |>  6A 00       push 0
00406244  |.  6A 00       push 0
00406246  |.  68 04C25500 push 0055C204                      ;  未知的状态
0040624B  |.  EB 33       jmp    short 00406280
0040624D  |>  83BD A0F9FFFF>cmp    dword ptr [ebp-660], 9
00406254  |.  6A 00       push 0
00406256  |.  8BCE       mov    ecx, esi
00406258  |.  6A 00       push 0
0040625A  |.  75 07       jnz    short 00406263
0040625C  |.  68 10C25500 push 0055C210                      ;  过期注册码，注册不成功！
00406261  |.  EB 1F       jmp    short 00406282
00406263  |>  68 6CC25500 push 0055C26C                      ;  注册不成功！
00406268  |.  EB 18       jmp    short 00406282
0040626A  |>  FFD7       call edi
0040626C  |.  50          push eax
0040626D  |.  FFD3       call ebx
0040626F  |.  6A 00       push 0
00406271  |.  FF15 20285300 call dword ptr [<&USER32.BlockInput>] ;  USER32.BlockInput
00406277  |.  6A 00       push 0
00406279  |.  6A 00       push 0
0040627B  |.  68 9CC25500 push 0055C29C                      ;  不成功！
00406280  |>  8BCE       mov    ecx, esi                      ;  Default case of switch 004061DB
00406282  |>  E8 31D90000 call 00413BB8
00406287  |.  8B06       mov    eax, dword ptr [esi]
00406289  |.  8B90 80010000 mov    edx, dword ptr [eax+180]
0040628F  |>  8BCE       mov    ecx, esi
00406291  |.  FFD2       call edx
00406293  |>  8B4D FC    mov    ecx, dword ptr [ebp-4]
00406296  |.  5F          pop    edi
00406297  |.  5E          pop    esi
00406298  |.  33CD       xor    ecx, ebp
0040629A  |.  5B          pop    ebx
0040629B  |.  E8 B4C90F00 call 00502C54
004062A0  |.  8BE5       mov    esp, ebp
004062A2  |.  5D          pop    ebp
004062A3  \.  C3          retn

[课程]Linux pwn 探索篇！

收藏・0

免费・0

支持

最新回复 (3)
purpleroc 雪币： 329 活跃值： (230) 能力值： ( LV13，RANK：320 ) 在线值：发帖 32 回帖 277 粉丝 0 关注私信	purpleroc 6 2 楼上传软件吧。那样方便些。不然，一些call都不知道是跳转到哪去的。 2013-2-2 16:27 0
biziran 雪币： 0 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 2 回帖 4 粉丝 0 关注私信	biziran 3 楼 http://pan.baidu.com/share/link?shareid=366850&uk=2165157655 GUI界面 http://pan.baidu.com/share/link?shareid=366955&uk=2165157655 后台程序，谢谢了 2013-2-17 17:02 0
biziran 雪币： 0 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 2 回帖 4 粉丝 0 关注私信	biziran 4 楼没人回答，呜呜:'( 2013-3-1 20:50 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

biziran

发帖

回帖

RANK

关注

私信

他的文章

关于我们

联系我们

企业服务

看雪公众号

最新回复 (3)
purpleroc 雪币： 329 活跃值： (230) 能力值： ( LV13，RANK：320 ) 在线值：发帖 32 回帖 277 粉丝 0 关注私信	purpleroc 6 2 楼上传软件吧。那样方便些。不然，一些call都不知道是跳转到哪去的。 2013-2-2 16:27 0
biziran 雪币： 0 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 2 回帖 4 粉丝 0 关注私信	biziran 3 楼 http://pan.baidu.com/share/link?shareid=366850&uk=2165157655 GUI界面 http://pan.baidu.com/share/link?shareid=366955&uk=2165157655 后台程序，谢谢了 2013-2-17 17:02 0
biziran 雪币： 0 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 2 回帖 4 粉丝 0 关注私信	biziran 4 楼没人回答，呜呜:'( 2013-3-1 20:50 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复