[求助]没有加密狗，求逆向分折算法。-付费问答-看雪-安全社区|安全招聘|kanxue.com

最新回复 (8)
wwwhaorenu 雪币： 530 活跃值： (15) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 16 粉丝 0 关注私信	wwwhaorenu 2 楼临时会员版是不是没人来看啊大神都不来这里的吧 2014-3-17 20:00 0
lianbei 雪币： 0 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 1 粉丝 0 关注私信	lianbei 3 楼 11111 2014-3-18 02:35 0
wwwhaorenu 雪币： 530 活跃值： (15) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 16 粉丝 0 关注私信	wwwhaorenu 4 楼从字符串找不到软件提示can't find softdog,找不到断点。求高手指点。 7C921000 > 64:8B0D 1800000>mov ecx,dword ptr fs:[18] 7C921007 8B5424 04 mov edx,dword ptr ss:[esp+4] 7C92100B 837A 14 00 cmp dword ptr ds:[edx+14],0 7C92100F 75 4F jnz short ntdll.7C921060 7C921011 F0:FF42 04 lock inc dword ptr ds:[edx+4] 7C921015 75 19 jnz short ntdll.7C921030 7C921017 8B41 24 mov eax,dword ptr ds:[ecx+24] 7C92101A 8942 0C mov dword ptr ds:[edx+C],eax 7C92101D C742 08 0100000>mov dword ptr ds:[edx+8],1 7C921024 33C0 xor eax,eax 7C921026 C2 0400 retn 4 7C921029 8DA424 00000000 lea esp,dword ptr ss:[esp] 7C921030 8B41 24 mov eax,dword ptr ds:[ecx+24] 7C921033 3942 0C cmp dword ptr ds:[edx+C],eax 7C921036 75 08 jnz short ntdll.7C921040 7C921038 FF42 08 inc dword ptr ds:[edx+8] 7C92103B 33C0 xor eax,eax 7C92103D C2 0400 retn 4 7C921040 52 push edx 7C921041 E8 518A0100 call ntdll.RtlpWaitForCriticalSection 7C921046 64:8B0D 1800000>mov ecx,dword ptr fs:[18] 7C92104D 8B5424 04 mov edx,dword ptr ss:[esp+4] 7C921051 ^ EB C4 jmp short ntdll.7C921017 7C921053 8DA424 00000000 lea esp,dword ptr ss:[esp] 7C92105A 8D9B 00000000 lea ebx,dword ptr ds:[ebx] 7C921060 8B41 24 mov eax,dword ptr ds:[ecx+24] 7C921063 3942 0C cmp dword ptr ds:[edx+C],eax 7C921066 75 18 jnz short ntdll.7C921080 7C921068 F0:FF42 04 lock inc dword ptr ds:[edx+4] 7C92106C FF42 08 inc dword ptr ds:[edx+8] 7C92106F 33C0 xor eax,eax 7C921071 C2 0400 retn 4 7C921074 8DA424 00000000 lea esp,dword ptr ss:[esp] 7C92107B 05 00000000 add eax,0 7C921080 FF72 14 push dword ptr ds:[edx+14] 7C921083 B8 FFFFFFFF mov eax,-1 7C921088 B9 00000000 mov ecx,0 7C92108D F0:0FB14A 04 lock cmpxchg dword ptr ds:[edx+4],ecx 7C921092 75 1C jnz short ntdll.7C9210B0 7C921094 83C4 04 add esp,4 7C921097 64:8B0D 1800000>mov ecx,dword ptr fs:[18] 7C92109E 8B41 24 mov eax,dword ptr ds:[ecx+24] 7C9210A1 8942 0C mov dword ptr ds:[edx+C],eax 7C9210A4 C742 08 0100000>mov dword ptr ds:[edx+8],1 7C9210AB 33C0 xor eax,eax 7C9210AD C2 0400 retn 4 7C9210B0 837A 04 01 cmp dword ptr ds:[edx+4],1 7C9210B4 7D 0D jge short ntdll.7C9210C3 7C9210B6 F3: prefix rep: 7C9210B7 90 nop 7C9210B8 837A 04 FF cmp dword ptr ds:[edx+4],-1 7C9210BC ^ 74 C5 je short ntdll.7C921083 7C9210BE FF0C24 dec dword ptr ss:[esp] 7C9210C1 ^ 75 F3 jnz short ntdll.7C9210B6 7C9210C3 83C4 04 add esp,4 7C9210C6 64:8B0D 1800000>mov ecx,dword ptr fs:[18] 7C9210CD ^ E9 3FFFFFFF jmp ntdll.7C921011 7C9210D2 8DA424 00000000 lea esp,dword ptr ss:[esp] 7C9210D9 8DA424 00000000 lea esp,dword ptr ss:[esp] 7C9210E0 > 8B5424 04 mov edx,dword ptr ss:[esp+4] 7C9210E4 33C0 xor eax,eax 7C9210E6 FF4A 08 dec dword ptr ds:[edx+8] 7C9210E9 75 25 jnz short ntdll.7C921110 7C9210EB 8942 0C mov dword ptr ds:[edx+C],eax 7C9210EE F0:FF4A 04 lock dec dword ptr ds:[edx+4] 7C9210F2 7D 03 jge short ntdll.7C9210F7 7C9210F4 C2 0400 retn 4 7C9210F7 52 push edx 7C9210F8 E8 628A0100 call ntdll.RtlpUnWaitCriticalSection 7C9210FD 33C0 xor eax,eax 7C9210FF C2 0400 retn 4 7C921102 8DA424 00000000 lea esp,dword ptr ss:[esp] 7C921109 8DA424 00000000 lea esp,dword ptr ss:[esp] 7C921110 F0:FF4A 04 lock dec dword ptr ds:[edx+4] 7C921114 C2 0400 retn 4 7C921117 90 nop 7C921118 > 8B4C24 04 mov ecx,dword ptr ss:[esp+4] 7C92111C B8 FFFFFFFF mov eax,-1 7C921121 BA 00000000 mov edx,0 7C921126 F0:0FB151 04 lock cmpxchg dword ptr ds:[ecx+4],edx 7C92112B 75 18 jnz short ntdll.7C921145 7C92112D 64:A1 24000000 mov eax,dword ptr fs:[24] 7C921133 8941 0C mov dword ptr ds:[ecx+C],eax 7C921136 C741 08 0100000>mov dword ptr ds:[ecx+8],1 7C92113D B8 01000000 mov eax,1 7C921142 C2 0400 retn 4 7C921145 64:A1 24000000 mov eax,dword ptr fs:[24] 7C92114B 3941 0C cmp dword ptr ds:[ecx+C],eax 7C92114E 74 07 je short ntdll.7C921157 7C921150 33C0 xor eax,eax 7C921152 F3: prefix rep: 7C921153 90 nop 7C921154 C2 0400 retn 4 7C921157 F0:FF41 04 lock inc dword ptr ds:[ecx+4] 7C92115B FF41 08 inc dword ptr ds:[ecx+8] 7C92115E B8 01000000 mov eax,1 7C921163 C2 0400 retn 4 7C921166 > 8D4424 10 lea eax,dword ptr ss:[esp+10] 7C92116A 894424 04 mov dword ptr ss:[esp+4],eax 7C92116E 33ED xor ebp,ebp 7C921170 E9 DA870100 jmp ntdll.7C93994F 7C921175 90 nop 7C921176 55 push ebp 7C921177 8BEC mov ebp,esp 7C921179 56 push esi 7C92117A 57 push edi 7C92117B 53 push ebx 7C92117C 8BF4 mov esi,esp 7C92117E FF75 14 push dword ptr ss:[ebp+14] 7C921181 FF75 10 push dword ptr ss:[ebp+10] 7C921184 FF75 0C push dword ptr ss:[ebp+C] 7C921187 FF55 08 call dword ptr ss:[ebp+8] 7C92118A 8BE6 mov esp,esi 7C92118C 5B pop ebx 7C92118D 5F pop edi 7C92118E 5E pop esi 7C92118F 5D pop ebp 7C921190 C2 1000 retn 10 7C921193 90 nop 7C921194 90 nop 7C921195 90 nop 7C921196 90 nop 7C921197 90 nop 7C921198 > 8BFF mov edi,edi 7C92119A 55 push ebp 7C92119B 8BEC mov ebp,esp 7C92119D 56 push esi 7C92119E 57 push edi 7C92119F 64:A1 18000000 mov eax,dword ptr fs:[18] 7C9211A5 8BB0 B0010000 mov esi,dword ptr ds:[eax+1B0] 7C9211AB 85F6 test esi,esi 7C9211AD 8B7D 0C mov edi,dword ptr ss:[ebp+C] 7C9211B0 0F85 1DED0000 jnz ntdll.7C92FED3 7C9211B6 85FF test edi,edi 7C9211B8 0F85 1EED0000 jnz ntdll.7C92FEDC 7C9211BE 803D 94E0997C 0>cmp byte ptr ds:[7C99E094],0 7C9211C5 0F85 11ED0000 jnz ntdll.7C92FEDC 7C9211CB 8B45 08 mov eax,dword ptr ss:[ebp+8] 7C9211CE 8348 10 10 or dword ptr ds:[eax+10],10 7C9211D2 5F pop edi 7C9211D3 5E pop esi 7C9211D4 5D pop ebp 7C9211D5 C2 0800 retn 8 7C9211D8 90 nop 7C9211D9 90 nop 7C9211DA 90 nop 7C9211DB 90 nop 7C9211DC 90 nop 7C9211DD > 8BFF mov edi,edi 7C9211DF 55 push ebp 7C9211E0 8BEC mov ebp,esp 7C9211E2 83EC 54 sub esp,54 7C9211E5 56 push esi 7C9211E6 64:A1 18000000 mov eax,dword ptr fs:[18] 7C9211EC 803D 94E0997C 0>cmp byte ptr ds:[7C99E094],0 7C9211F3 8B75 08 mov esi,dword ptr ss:[ebp+8] 7C9211F6 8945 FC mov dword ptr ss:[ebp-4],eax 7C9211F9 0F85 F7EC0000 jnz ntdll.7C92FEF6 7C9211FF F646 10 10 test byte ptr ds:[esi+10],10 7C921203 0F84 EDEC0000 je ntdll.7C92FEF6 7C921209 5E pop esi 7C92120A C9 leave 7C92120B C2 0400 retn 4 7C92120E > CC int3 7C92120F C3 retn 7C921210 8BFF mov edi,edi 7C921212 > CC int3 7C921213 C3 retn 7C921214 8BFF mov edi,edi 7C921216 8B4424 04 mov eax,dword ptr ss:[esp+4] 7C92121A CC int3 7C92121B C2 0400 retn 4 7C92121E > 64:A1 18000000 mov eax,dword ptr fs:[18] 7C921224 C3 retn 7C921225 > 57 push edi 7C921226 8B7C24 0C mov edi,dword ptr ss:[esp+C] 7C92122A 8B5424 08 mov edx,dword ptr ss:[esp+8] 7C92122E C702 00000000 mov dword ptr ds:[edx],0 7C921234 897A 04 mov dword ptr ds:[edx+4],edi 7C921237 0BFF or edi,edi 7C921239 74 1E je short ntdll.7C921259 7C92123B 83C9 FF or ecx,FFFFFFFF 7C92123E 33C0 xor eax,eax 7C921240 F2:AE repne scas byte ptr es:[edi] 7C921242 F7D1 not ecx 7C921244 81F9 FFFF0000 cmp ecx,0FFFF 7C92124A 76 05 jbe short ntdll.7C921251 7C92124C B9 FFFF0000 mov ecx,0FFFF 7C921251 66:894A 02 mov word ptr ds:[edx+2],cx 7C921255 49 dec ecx 7C921256 66:890A mov word ptr ds:[edx],cx 7C921259 5F pop edi 7C92125A C2 0800 retn 8 7C92125D > 57 push edi 7C92125E 8B7C24 0C mov edi,dword ptr ss:[esp+C] 7C921262 8B5424 08 mov edx,dword ptr ss:[esp+8] 7C921266 C702 00000000 mov dword ptr ds:[edx],0 7C92126C 897A 04 mov dword ptr ds:[edx+4],edi 7C92126F 0BFF or edi,edi 7C921271 74 1E je short ntdll.7C921291 7C921273 83C9 FF or ecx,FFFFFFFF 7C921276 33C0 xor eax,eax 7C921278 F2:AE repne scas byte ptr es:[edi] 7C92127A F7D1 not ecx 7C92127C 81F9 FFFF0000 cmp ecx,0FFFF 7C921282 76 05 jbe short ntdll.7C921289 7C921284 B9 FFFF0000 mov ecx,0FFFF 7C921289 66:894A 02 mov word ptr ds:[edx+2],cx 7C92128D 49 dec ecx 7C92128E 66:890A mov word ptr ds:[edx],cx 7C921291 5F pop edi 7C921292 C2 0800 retn 8 7C921295 > 57 push edi 7C921296 8B7C24 0C mov edi,dword ptr ss:[esp+C] 7C92129A 8B5424 08 mov edx,dword ptr ss:[esp+8] 7C92129E C702 00000000 mov dword ptr ds:[edx],0 7C9212A4 897A 04 mov dword ptr ds:[edx+4],edi 7C9212A7 0BFF or edi,edi 7C9212A9 74 22 je short ntdll.7C9212CD 7C9212AB 83C9 FF or ecx,FFFFFFFF 7C9212AE 33C0 xor eax,eax 7C9212B0 66:F2:AF repne scas word ptr es:[edi] 7C9212B3 F7D1 not ecx 7C9212B5 D1E1 shl ecx,1 7C9212B7 81F9 FEFF0000 cmp ecx,0FFFE 7C9212BD 76 05 jbe short ntdll.7C9212C4 7C9212BF B9 FEFF0000 mov ecx,0FFFE 7C9212C4 66:894A 02 mov word ptr ds:[edx+2],cx 7C9212C8 49 dec ecx 7C9212C9 49 dec ecx 7C9212CA 66:890A mov word ptr ds:[edx],cx 7C9212CD 5F pop edi 7C9212CE C2 0800 retn 8 7C9212D1 > 83EC 0C sub esp,0C 7C9212D4 DD1424 fst qword ptr ss:[esp] 7C9212D7 E8 DDCF0000 call ntdll.7C92E2B9 7C9212DC E8 0D000000 call ntdll.7C9212EE 7C9212E1 83C4 0C add esp,0C 7C9212E4 C3 retn 7C9212E5 > 8D5424 04 lea edx,dword ptr ss:[esp+4] 7C9212E9 E8 88CF0000 call ntdll.7C92E276 7C9212EE 52 push edx 7C9212EF 9B wait 7C9212F0 D93C24 fstcw word ptr ss:[esp] 7C9212F3 74 50 je short ntdll.7C921345 7C9212F5 66:813C24 7F02 cmp word ptr ss:[esp],27F 7C9212FB 74 06 je short ntdll.7C921303 7C9212FD D92D 7CE7927C fldcw word ptr ds:[7C92E77C] 7C921303 D9FE fsin 7C921305 9B wait 7C921306 DFE0 fstsw ax 7C921308 9E sahf 7C921309 7A 1D jpe short ntdll.7C921328 7C92130B 833D ACE0997C 0>cmp dword ptr ds:[7C99E0AC],0 7C921312 0F85 B7CF0000 jnz ntdll.7C92E2CF 7C921318 BA 1E000000 mov edx,1E 7C92131D 8D0D 30E0997C lea ecx,dword ptr ds:[7C99E030] 7C921323 E9 B4CF0000 jmp ntdll.7C92E2DC 7C921328 DB2D 94E6927C fld tbyte ptr ds:[7C92E694] 7C92132E D9C9 fxch st(1) 7C921330 D9F5 fprem1 7C921332 9B wait 7C921333 DFE0 fstsw ax 7C921335 9E sahf 7C921336 7A F8 jpe short ntdll.7C921330 7C921338 DDD9 fstp st(1) 7C92133A D9FE fsin 7C92133C ^ EB CD jmp short ntdll.7C92130B 7C92133E E8 1ACF0000 call ntdll.7C92E25D 7C921343 EB 1B jmp short ntdll.7C921360 7C921345 A9 FFFF0F00 test eax,0FFFFF 7C92134A ^ 75 F2 jnz short ntdll.7C92133E 7C92134C 837C24 08 00 cmp dword ptr ss:[esp+8],0 7C921351 ^ 75 EB jnz short ntdll.7C92133E 7C921353 DDD8 fstp st 7C921355 DB2D 68E0997C fld tbyte ptr ds:[7C99E068] 7C92135B B8 01000000 mov eax,1 7C921360 833D ACE0997C 0>cmp dword ptr ds:[7C99E0AC],0 7C921367 0F85 62CF0000 jnz ntdll.7C92E2CF 7C92136D BA 1E000000 mov edx,1E 7C921372 8D0D 30E0997C lea ecx,dword ptr ds:[7C99E030] 7C921378 E8 92D00000 call ntdll.7C92E40F 7C92137D 5A pop edx 7C92137E C3 retn 7C92137F > 83EC 0C sub esp,0C 7C921382 DD1424 fst qword ptr ss:[esp] 7C921385 E8 2FCF0000 call ntdll.7C92E2B9 7C92138A E8 0D000000 call ntdll.7C92139C 7C92138F 83C4 0C add esp,0C 7C921392 C3 retn 7C921393 > 8D5424 04 lea edx,dword ptr ss:[esp+4] 7C921397 E8 DACE0000 call ntdll.7C92E276 7C92139C 52 push edx 7C92139D 9B wait 7C92139E D93C24 fstcw word ptr ss:[esp] 7C9213A1 8B4424 0C mov eax,dword ptr ss:[esp+C] 7C9213A5 74 53 je short ntdll.7C9213FA 7C9213A7 66:813C24 7F02 cmp word ptr ss:[esp],27F 7C9213AD 74 05 je short ntdll.7C9213B4 7C9213AF E8 92CE0000 call ntdll.7C92E246 7C9213B4 A9 00000080 test eax,80000000 7C9213B9 75 1F jnz short ntdll.7C9213DA 7C9213BB D9FA fsqrt 7C9213BD 833D ACE0997C 0>cmp dword ptr ds:[7C99E0AC],0 7C9213C4 0F85 05CF0000 jnz ntdll.7C92E2CF 7C9213CA BA 05000000 mov edx,5 7C9213CF 8D0D 40E0997C lea ecx,dword ptr ds:[7C99E040] 7C9213D5 E9 02CF0000 jmp ntdll.7C92E2DC 7C9213DA A9 0000F07F test eax,7FF00000 7C9213DF 75 2E jnz short ntdll.7C92140F 7C9213E1 A9 FFFF0F00 test eax,0FFFFF 7C9213E6 75 27 jnz short ntdll.7C92140F 7C9213E8 837C24 08 00 cmp dword ptr ss:[esp+8],0 7C9213ED ^ 74 CE je short ntdll.7C9213BD 7C9213EF EB 1E jmp short ntdll.7C92140F 7C9213F1 ^ EB CA jmp short ntdll.7C9213BD 7C9213F3 E8 65CE0000 call ntdll.7C92E25D 7C9213F8 EB 22 jmp short ntdll.7C92141C 7C9213FA A9 FFFF0F00 test eax,0FFFFF 7C9213FF ^ 75 F2 jnz short ntdll.7C9213F3 7C921401 837C24 08 00 cmp dword ptr ss:[esp+8],0 7C921406 ^ 75 EB jnz short ntdll.7C9213F3 7C921408 25 00000080 and eax,80000000 7C92140D ^ 74 AE je short ntdll.7C9213BD 7C92140F DDD8 fstp st 7C921411 DB2D 68E0997C fld tbyte ptr ds:[7C99E068] 7C921417 B8 01000000 mov eax,1 7C92141C 833D ACE0997C 0>cmp dword ptr ds:[7C99E0AC],0 7C921423 0F85 A6CE0000 jnz ntdll.7C92E2CF 7C921429 BA 05000000 mov edx,5 7C92142E 8D0D 40E0997C lea ecx,dword ptr ds:[7C99E040] 7C921434 E8 D6CF0000 call ntdll.7C92E40F 7C921439 5A pop edx 7C92143A C3 retn 7C92143B > 57 push edi 7C92143C 56 push esi 7C92143D 53 push ebx 7C92143E 33FF xor edi,edi 7C921440 8B4424 14 mov eax,dword ptr ss:[esp+14] 7C921444 0BC0 or eax,eax 7C921446 7D 14 jge short ntdll.7C92145C 7C921448 47 inc edi 7C921449 8B5424 10 mov edx,dword ptr ss:[esp+10] 7C92144D F7D8 neg eax 7C92144F F7DA neg edx 7C921451 83D8 00 sbb eax,0 7C921454 894424 14 mov dword ptr ss:[esp+14],eax 7C921458 895424 10 mov dword ptr ss:[esp+10],edx 7C92145C 8B4424 1C mov eax,dword ptr ss:[esp+1C] 7C921460 0BC0 or eax,eax 7C921462 7D 14 jge short ntdll.7C921478 7C921464 47 inc edi 7C921465 8B5424 18 mov edx,dword ptr ss:[esp+18] 7C921469 F7D8 neg eax 7C92146B F7DA neg edx 7C92146D 83D8 00 sbb eax,0 7C921470 894424 1C mov dword ptr ss:[esp+1C],eax 7C921474 895424 18 mov dword ptr ss:[esp+18],edx 7C921478 0BC0 or eax,eax 7C92147A 75 18 jnz short ntdll.7C921494 7C92147C 8B4C24 18 mov ecx,dword ptr ss:[esp+18] 7C921480 8B4424 14 mov eax,dword ptr ss:[esp+14] 7C921484 33D2 xor edx,edx 7C921486 F7F1 div ecx 7C921488 8BD8 mov ebx,eax 7C92148A 8B4424 10 mov eax,dword ptr ss:[esp+10] 7C92148E F7F1 div ecx 7C921490 8BD3 mov edx,ebx 7C921492 EB 41 jmp short ntdll.7C9214D5 7C921494 8BD8 mov ebx,eax 7C921496 8B4C24 18 mov ecx,dword ptr ss:[esp+18] 7C92149A 8B5424 14 mov edx,dword ptr ss:[esp+14] 7C92149E 8B4424 10 mov eax,dword ptr ss:[esp+10] 7C9214A2 D1EB shr ebx,1 7C9214A4 D1D9 rcr ecx,1 7C9214A6 D1EA shr edx,1 7C9214A8 D1D8 rcr eax,1 7C9214AA 0BDB or ebx,ebx 7C9214AC ^ 75 F4 jnz short ntdll.7C9214A2 7C9214AE F7F1 div ecx 7C9214B0 8BF0 mov esi,eax 7C9214B2 F76424 1C mul dword ptr ss:[esp+1C] 7C9214B6 8BC8 mov ecx,eax 7C9214B8 8B4424 18 mov eax,dword ptr ss:[esp+18] 7C9214BC F7E6 mul esi 7C9214BE 03D1 add edx,ecx 7C9214C0 72 0E jb short ntdll.7C9214D0 7C9214C2 3B5424 14 cmp edx,dword ptr ss:[esp+14] 7C9214C6 77 08 ja short ntdll.7C9214D0 7C9214C8 72 07 jb short ntdll.7C9214D1 7C9214CA 3B4424 10 cmp eax,dword ptr ss:[esp+10] 7C9214CE 76 01 jbe short ntdll.7C9214D1 7C9214D0 4E dec esi 7C9214D1 33D2 xor edx,edx 7C9214D3 8BC6 mov eax,esi 7C9214D5 4F dec edi 7C9214D6 75 07 jnz short ntdll.7C9214DF 7C9214D8 F7DA neg edx 7C9214DA F7D8 neg eax 7C9214DC 83DA 00 sbb edx,0 7C9214DF 5B pop ebx 7C9214E0 5E pop esi 7C9214E1 5F pop edi 7C9214E2 C2 1000 retn 10 7C9214E5 > 57 push edi 7C9214E6 56 push esi 7C9214E7 55 push ebp 7C9214E8 33FF xor edi,edi 7C9214EA 33ED xor ebp,ebp 7C9214EC 8B4424 14 mov eax,dword ptr ss:[esp+14] 省略。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。 2014-3-18 14:03 0
weizhang 雪币： 50 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 1 粉丝 0 关注私信	weizhang 5 楼那只能从初级的东西学习走，不要贪快，日积月累就成大牛 2014-3-18 18:57 0
ddssaa 雪币： 153 活跃值： (361) 能力值： ( LV2，RANK：10 ) 在线值：发帖 2 回帖 133 粉丝 1 关注私信	ddssaa 6 楼下这个断点 CreatefileA 慢慢跟 2014-3-18 23:46 0
lcwwq 雪币： 100 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 2 回帖 26 粉丝 0 关注私信	lcwwq 7 楼加密狗破解高手是不大想说的，网上资料很少 2014-3-19 00:23 0
wwwhaorenu 雪币： 530 活跃值： (15) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 16 粉丝 0 关注私信	wwwhaorenu 8 楼断点 CreatefileA 和断点kernel32.CreateFileA我都无法找到 2014-3-19 17:38 0
wwwniw 雪币： 150 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 8 粉丝 0 关注私信	wwwniw 9 楼临时会员版是不是没人来看啊大神都不来这里的吧 2014-3-19 22:13 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

wwwhaorenu

雪币： 530

活跃值： (15)

能力值：

( LV2，RANK：10 )

在线值：

发帖

4

回帖

16

粉丝

0

关注

私信

wwwhaorenu: 2 楼

临时会员版是不是没人来看啊大神都不来这里的吧

2014-3-17 20:00

0

lianbei

雪币： 0

活跃值： (10)

能力值：

( LV2，RANK：10 )

在线值：

发帖

0

回帖

1

粉丝

0

关注

私信

lianbei: 3 楼

11111

2014-3-18 02:35

0

wwwhaorenu

雪币： 530

活跃值： (15)

能力值：

( LV2，RANK：10 )

在线值：

发帖

4

回帖

16

粉丝

0

关注

私信

wwwhaorenu: 4 楼

从字符串找不到软件提示can't find softdog,找不到断点。求高手指点。
7C921000 >  64:8B0D 1800000>mov ecx,dword ptr fs:[18]
7C921007 8B5424 04    mov edx,dword ptr ss:[esp+4]
7C92100B 837A 14 00    cmp dword ptr ds:[edx+14],0
7C92100F 75 4F          jnz short ntdll.7C921060
7C921011 F0:FF42 04    lock inc dword ptr ds:[edx+4]
7C921015 75 19          jnz short ntdll.7C921030
7C921017 8B41 24       mov eax,dword ptr ds:[ecx+24]
7C92101A 8942 0C       mov dword ptr ds:[edx+C],eax
7C92101D C742 08 0100000>mov dword ptr ds:[edx+8],1
7C921024 33C0          xor eax,eax
7C921026 C2 0400       retn 4
7C921029 8DA424 00000000 lea esp,dword ptr ss:[esp]
7C921030 8B41 24       mov eax,dword ptr ds:[ecx+24]
7C921033 3942 0C       cmp dword ptr ds:[edx+C],eax
7C921036 75 08          jnz short ntdll.7C921040
7C921038 FF42 08       inc dword ptr ds:[edx+8]
7C92103B 33C0          xor eax,eax
7C92103D C2 0400       retn 4
7C921040 52             push edx
7C921041 E8 518A0100    call ntdll.RtlpWaitForCriticalSection
7C921046 64:8B0D 1800000>mov ecx,dword ptr fs:[18]
7C92104D 8B5424 04    mov edx,dword ptr ss:[esp+4]
7C921051  ^ EB C4          jmp short ntdll.7C921017
7C921053 8DA424 00000000 lea esp,dword ptr ss:[esp]
7C92105A 8D9B 00000000 lea ebx,dword ptr ds:[ebx]
7C921060 8B41 24       mov eax,dword ptr ds:[ecx+24]
7C921063 3942 0C       cmp dword ptr ds:[edx+C],eax
7C921066 75 18          jnz short ntdll.7C921080
7C921068 F0:FF42 04    lock inc dword ptr ds:[edx+4]
7C92106C FF42 08       inc dword ptr ds:[edx+8]
7C92106F 33C0          xor eax,eax
7C921071 C2 0400       retn 4
7C921074 8DA424 00000000 lea esp,dword ptr ss:[esp]
7C92107B 05 00000000    add eax,0
7C921080 FF72 14       push dword ptr ds:[edx+14]
7C921083 B8 FFFFFFFF    mov eax,-1
7C921088 B9 00000000    mov ecx,0
7C92108D F0:0FB14A 04 lock cmpxchg dword ptr ds:[edx+4],ecx
7C921092 75 1C          jnz short ntdll.7C9210B0
7C921094 83C4 04       add esp,4
7C921097 64:8B0D 1800000>mov ecx,dword ptr fs:[18]
7C92109E 8B41 24       mov eax,dword ptr ds:[ecx+24]
7C9210A1 8942 0C       mov dword ptr ds:[edx+C],eax
7C9210A4 C742 08 0100000>mov dword ptr ds:[edx+8],1
7C9210AB 33C0          xor eax,eax
7C9210AD C2 0400       retn 4
7C9210B0 837A 04 01    cmp dword ptr ds:[edx+4],1
7C9210B4 7D 0D          jge short ntdll.7C9210C3
7C9210B6 F3:          prefix rep:
7C9210B7 90             nop
7C9210B8 837A 04 FF    cmp dword ptr ds:[edx+4],-1
7C9210BC  ^ 74 C5          je short ntdll.7C921083
7C9210BE FF0C24       dec dword ptr ss:[esp]
7C9210C1  ^ 75 F3          jnz short ntdll.7C9210B6
7C9210C3 83C4 04       add esp,4
7C9210C6 64:8B0D 1800000>mov ecx,dword ptr fs:[18]
7C9210CD  ^ E9 3FFFFFFF    jmp ntdll.7C921011
7C9210D2 8DA424 00000000 lea esp,dword ptr ss:[esp]
7C9210D9 8DA424 00000000 lea esp,dword ptr ss:[esp]
7C9210E0 >  8B5424 04    mov edx,dword ptr ss:[esp+4]
7C9210E4 33C0          xor eax,eax
7C9210E6 FF4A 08       dec dword ptr ds:[edx+8]
7C9210E9 75 25          jnz short ntdll.7C921110
7C9210EB 8942 0C       mov dword ptr ds:[edx+C],eax
7C9210EE F0:FF4A 04    lock dec dword ptr ds:[edx+4]
7C9210F2 7D 03          jge short ntdll.7C9210F7
7C9210F4 C2 0400       retn 4
7C9210F7 52             push edx
7C9210F8 E8 628A0100    call ntdll.RtlpUnWaitCriticalSection
7C9210FD 33C0          xor eax,eax
7C9210FF C2 0400       retn 4
7C921102 8DA424 00000000 lea esp,dword ptr ss:[esp]
7C921109 8DA424 00000000 lea esp,dword ptr ss:[esp]
7C921110 F0:FF4A 04    lock dec dword ptr ds:[edx+4]
7C921114 C2 0400       retn 4
7C921117 90             nop
7C921118 >  8B4C24 04    mov ecx,dword ptr ss:[esp+4]
7C92111C B8 FFFFFFFF    mov eax,-1
7C921121 BA 00000000    mov edx,0
7C921126 F0:0FB151 04 lock cmpxchg dword ptr ds:[ecx+4],edx
7C92112B 75 18          jnz short ntdll.7C921145
7C92112D 64:A1 24000000  mov eax,dword ptr fs:[24]
7C921133 8941 0C       mov dword ptr ds:[ecx+C],eax
7C921136 C741 08 0100000>mov dword ptr ds:[ecx+8],1
7C92113D B8 01000000    mov eax,1
7C921142 C2 0400       retn 4
7C921145 64:A1 24000000  mov eax,dword ptr fs:[24]
7C92114B 3941 0C       cmp dword ptr ds:[ecx+C],eax
7C92114E 74 07          je short ntdll.7C921157
7C921150 33C0          xor eax,eax
7C921152 F3:          prefix rep:
7C921153 90             nop
7C921154 C2 0400       retn 4
7C921157 F0:FF41 04    lock inc dword ptr ds:[ecx+4]
7C92115B FF41 08       inc dword ptr ds:[ecx+8]
7C92115E B8 01000000    mov eax,1
7C921163 C2 0400       retn 4
7C921166 >  8D4424 10    lea eax,dword ptr ss:[esp+10]
7C92116A 894424 04    mov dword ptr ss:[esp+4],eax
7C92116E 33ED          xor ebp,ebp
7C921170 E9 DA870100    jmp ntdll.7C93994F
7C921175 90             nop
7C921176 55             push ebp
7C921177 8BEC          mov ebp,esp
7C921179 56             push esi
7C92117A 57             push edi
7C92117B 53             push ebx
7C92117C 8BF4          mov esi,esp
7C92117E FF75 14       push dword ptr ss:[ebp+14]
7C921181 FF75 10       push dword ptr ss:[ebp+10]
7C921184 FF75 0C       push dword ptr ss:[ebp+C]
7C921187 FF55 08       call dword ptr ss:[ebp+8]
7C92118A 8BE6          mov esp,esi
7C92118C 5B             pop ebx
7C92118D 5F             pop edi
7C92118E 5E             pop esi
7C92118F 5D             pop ebp
7C921190 C2 1000       retn 10
7C921193 90             nop
7C921194 90             nop
7C921195 90             nop
7C921196 90             nop
7C921197 90             nop
7C921198 >  8BFF          mov edi,edi
7C92119A 55             push ebp
7C92119B 8BEC          mov ebp,esp
7C92119D 56             push esi
7C92119E 57             push edi
7C92119F 64:A1 18000000  mov eax,dword ptr fs:[18]
7C9211A5 8BB0 B0010000 mov esi,dword ptr ds:[eax+1B0]
7C9211AB 85F6          test esi,esi
7C9211AD 8B7D 0C       mov edi,dword ptr ss:[ebp+C]
7C9211B0 0F85 1DED0000 jnz ntdll.7C92FED3
7C9211B6 85FF          test edi,edi
7C9211B8 0F85 1EED0000 jnz ntdll.7C92FEDC
7C9211BE 803D 94E0997C 0>cmp byte ptr ds:[7C99E094],0
7C9211C5 0F85 11ED0000 jnz ntdll.7C92FEDC
7C9211CB 8B45 08       mov eax,dword ptr ss:[ebp+8]
7C9211CE 8348 10 10    or dword ptr ds:[eax+10],10
7C9211D2 5F             pop edi
7C9211D3 5E             pop esi
7C9211D4 5D             pop ebp
7C9211D5 C2 0800       retn 8
7C9211D8 90             nop
7C9211D9 90             nop
7C9211DA 90             nop
7C9211DB 90             nop
7C9211DC 90             nop
7C9211DD >  8BFF          mov edi,edi
7C9211DF 55             push ebp
7C9211E0 8BEC          mov ebp,esp
7C9211E2 83EC 54       sub esp,54
7C9211E5 56             push esi
7C9211E6 64:A1 18000000  mov eax,dword ptr fs:[18]
7C9211EC 803D 94E0997C 0>cmp byte ptr ds:[7C99E094],0
7C9211F3 8B75 08       mov esi,dword ptr ss:[ebp+8]
7C9211F6 8945 FC       mov dword ptr ss:[ebp-4],eax
7C9211F9 0F85 F7EC0000 jnz ntdll.7C92FEF6
7C9211FF F646 10 10    test byte ptr ds:[esi+10],10
7C921203 0F84 EDEC0000 je ntdll.7C92FEF6
7C921209 5E             pop esi
7C92120A C9             leave
7C92120B C2 0400       retn 4
7C92120E >  CC             int3
7C92120F C3             retn
7C921210 8BFF          mov edi,edi
7C921212 >  CC             int3
7C921213 C3             retn
7C921214 8BFF          mov edi,edi
7C921216 8B4424 04    mov eax,dword ptr ss:[esp+4]
7C92121A CC             int3
7C92121B C2 0400       retn 4
7C92121E >  64:A1 18000000  mov eax,dword ptr fs:[18]
7C921224 C3             retn
7C921225 >  57             push edi
7C921226 8B7C24 0C    mov edi,dword ptr ss:[esp+C]
7C92122A 8B5424 08    mov edx,dword ptr ss:[esp+8]
7C92122E C702 00000000 mov dword ptr ds:[edx],0
7C921234 897A 04       mov dword ptr ds:[edx+4],edi
7C921237 0BFF          or edi,edi
7C921239 74 1E          je short ntdll.7C921259
7C92123B 83C9 FF       or ecx,FFFFFFFF
7C92123E 33C0          xor eax,eax
7C921240 F2:AE          repne scas byte ptr es:[edi]
7C921242 F7D1          not ecx
7C921244 81F9 FFFF0000 cmp ecx,0FFFF
7C92124A 76 05          jbe short ntdll.7C921251
7C92124C B9 FFFF0000    mov ecx,0FFFF
7C921251 66:894A 02    mov word ptr ds:[edx+2],cx
7C921255 49             dec ecx
7C921256 66:890A       mov word ptr ds:[edx],cx
7C921259 5F             pop edi
7C92125A C2 0800       retn 8
7C92125D >  57             push edi
7C92125E 8B7C24 0C    mov edi,dword ptr ss:[esp+C]
7C921262 8B5424 08    mov edx,dword ptr ss:[esp+8]
7C921266 C702 00000000 mov dword ptr ds:[edx],0
7C92126C 897A 04       mov dword ptr ds:[edx+4],edi
7C92126F 0BFF          or edi,edi
7C921271 74 1E          je short ntdll.7C921291
7C921273 83C9 FF       or ecx,FFFFFFFF
7C921276 33C0          xor eax,eax
7C921278 F2:AE          repne scas byte ptr es:[edi]
7C92127A F7D1          not ecx
7C92127C 81F9 FFFF0000 cmp ecx,0FFFF
7C921282 76 05          jbe short ntdll.7C921289
7C921284 B9 FFFF0000    mov ecx,0FFFF
7C921289 66:894A 02    mov word ptr ds:[edx+2],cx
7C92128D 49             dec ecx
7C92128E 66:890A       mov word ptr ds:[edx],cx
7C921291 5F             pop edi
7C921292 C2 0800       retn 8
7C921295 >  57             push edi
7C921296 8B7C24 0C    mov edi,dword ptr ss:[esp+C]
7C92129A 8B5424 08    mov edx,dword ptr ss:[esp+8]
7C92129E C702 00000000 mov dword ptr ds:[edx],0
7C9212A4 897A 04       mov dword ptr ds:[edx+4],edi
7C9212A7 0BFF          or edi,edi
7C9212A9 74 22          je short ntdll.7C9212CD
7C9212AB 83C9 FF       or ecx,FFFFFFFF
7C9212AE 33C0          xor eax,eax
7C9212B0 66:F2:AF       repne scas word ptr es:[edi]
7C9212B3 F7D1          not ecx
7C9212B5 D1E1          shl ecx,1
7C9212B7 81F9 FEFF0000 cmp ecx,0FFFE
7C9212BD 76 05          jbe short ntdll.7C9212C4
7C9212BF B9 FEFF0000    mov ecx,0FFFE
7C9212C4 66:894A 02    mov word ptr ds:[edx+2],cx
7C9212C8 49             dec ecx
7C9212C9 49             dec ecx
7C9212CA 66:890A       mov word ptr ds:[edx],cx
7C9212CD 5F             pop edi
7C9212CE C2 0800       retn 8
7C9212D1 >  83EC 0C       sub esp,0C
7C9212D4 DD1424       fst qword ptr ss:[esp]
7C9212D7 E8 DDCF0000    call ntdll.7C92E2B9
7C9212DC E8 0D000000    call ntdll.7C9212EE
7C9212E1 83C4 0C       add esp,0C
7C9212E4 C3             retn
7C9212E5 >  8D5424 04    lea edx,dword ptr ss:[esp+4]
7C9212E9 E8 88CF0000    call ntdll.7C92E276
7C9212EE 52             push edx
7C9212EF 9B             wait
7C9212F0 D93C24       fstcw word ptr ss:[esp]
7C9212F3 74 50          je short ntdll.7C921345
7C9212F5 66:813C24 7F02  cmp word ptr ss:[esp],27F
7C9212FB 74 06          je short ntdll.7C921303
7C9212FD D92D 7CE7927C fldcw word ptr ds:[7C92E77C]
7C921303 D9FE          fsin
7C921305 9B             wait
7C921306 DFE0          fstsw ax
7C921308 9E             sahf
7C921309 7A 1D          jpe short ntdll.7C921328
7C92130B 833D ACE0997C 0>cmp dword ptr ds:[7C99E0AC],0
7C921312 0F85 B7CF0000 jnz ntdll.7C92E2CF
7C921318 BA 1E000000    mov edx,1E
7C92131D 8D0D 30E0997C lea ecx,dword ptr ds:[7C99E030]
7C921323 E9 B4CF0000    jmp ntdll.7C92E2DC
7C921328 DB2D 94E6927C fld tbyte ptr ds:[7C92E694]
7C92132E D9C9          fxch st(1)
7C921330 D9F5          fprem1
7C921332 9B             wait
7C921333 DFE0          fstsw ax
7C921335 9E             sahf
7C921336 7A F8          jpe short ntdll.7C921330
7C921338 DDD9          fstp st(1)
7C92133A D9FE          fsin
7C92133C  ^ EB CD          jmp short ntdll.7C92130B
7C92133E E8 1ACF0000    call ntdll.7C92E25D
7C921343 EB 1B          jmp short ntdll.7C921360
7C921345 A9 FFFF0F00    test eax,0FFFFF
7C92134A  ^ 75 F2          jnz short ntdll.7C92133E
7C92134C 837C24 08 00 cmp dword ptr ss:[esp+8],0
7C921351  ^ 75 EB          jnz short ntdll.7C92133E
7C921353 DDD8          fstp st
7C921355 DB2D 68E0997C fld tbyte ptr ds:[7C99E068]
7C92135B B8 01000000    mov eax,1
7C921360 833D ACE0997C 0>cmp dword ptr ds:[7C99E0AC],0
7C921367 0F85 62CF0000 jnz ntdll.7C92E2CF
7C92136D BA 1E000000    mov edx,1E
7C921372 8D0D 30E0997C lea ecx,dword ptr ds:[7C99E030]
7C921378 E8 92D00000    call ntdll.7C92E40F
7C92137D 5A             pop edx
7C92137E C3             retn
7C92137F >  83EC 0C       sub esp,0C
7C921382 DD1424       fst qword ptr ss:[esp]
7C921385 E8 2FCF0000    call ntdll.7C92E2B9
7C92138A E8 0D000000    call ntdll.7C92139C
7C92138F 83C4 0C       add esp,0C
7C921392 C3             retn
7C921393 >  8D5424 04    lea edx,dword ptr ss:[esp+4]
7C921397 E8 DACE0000    call ntdll.7C92E276
7C92139C 52             push edx
7C92139D 9B             wait
7C92139E D93C24       fstcw word ptr ss:[esp]
7C9213A1 8B4424 0C    mov eax,dword ptr ss:[esp+C]
7C9213A5 74 53          je short ntdll.7C9213FA
7C9213A7 66:813C24 7F02  cmp word ptr ss:[esp],27F
7C9213AD 74 05          je short ntdll.7C9213B4
7C9213AF E8 92CE0000    call ntdll.7C92E246
7C9213B4 A9 00000080    test eax,80000000
7C9213B9 75 1F          jnz short ntdll.7C9213DA
7C9213BB D9FA          fsqrt
7C9213BD 833D ACE0997C 0>cmp dword ptr ds:[7C99E0AC],0
7C9213C4 0F85 05CF0000 jnz ntdll.7C92E2CF
7C9213CA BA 05000000    mov edx,5
7C9213CF 8D0D 40E0997C lea ecx,dword ptr ds:[7C99E040]
7C9213D5 E9 02CF0000    jmp ntdll.7C92E2DC
7C9213DA A9 0000F07F    test eax,7FF00000
7C9213DF 75 2E          jnz short ntdll.7C92140F
7C9213E1 A9 FFFF0F00    test eax,0FFFFF
7C9213E6 75 27          jnz short ntdll.7C92140F
7C9213E8 837C24 08 00 cmp dword ptr ss:[esp+8],0
7C9213ED  ^ 74 CE          je short ntdll.7C9213BD
7C9213EF EB 1E          jmp short ntdll.7C92140F
7C9213F1  ^ EB CA          jmp short ntdll.7C9213BD
7C9213F3 E8 65CE0000    call ntdll.7C92E25D
7C9213F8 EB 22          jmp short ntdll.7C92141C
7C9213FA A9 FFFF0F00    test eax,0FFFFF
7C9213FF  ^ 75 F2          jnz short ntdll.7C9213F3
7C921401 837C24 08 00 cmp dword ptr ss:[esp+8],0
7C921406  ^ 75 EB          jnz short ntdll.7C9213F3
7C921408 25 00000080    and eax,80000000
7C92140D  ^ 74 AE          je short ntdll.7C9213BD
7C92140F DDD8          fstp st
7C921411 DB2D 68E0997C fld tbyte ptr ds:[7C99E068]
7C921417 B8 01000000    mov eax,1
7C92141C 833D ACE0997C 0>cmp dword ptr ds:[7C99E0AC],0
7C921423 0F85 A6CE0000 jnz ntdll.7C92E2CF
7C921429 BA 05000000    mov edx,5
7C92142E 8D0D 40E0997C lea ecx,dword ptr ds:[7C99E040]
7C921434 E8 D6CF0000    call ntdll.7C92E40F
7C921439 5A             pop edx
7C92143A C3             retn
7C92143B >  57             push edi
7C92143C 56             push esi
7C92143D 53             push ebx
7C92143E 33FF          xor edi,edi
7C921440 8B4424 14    mov eax,dword ptr ss:[esp+14]
7C921444 0BC0          or eax,eax
7C921446 7D 14          jge short ntdll.7C92145C
7C921448 47             inc edi
7C921449 8B5424 10    mov edx,dword ptr ss:[esp+10]
7C92144D F7D8          neg eax
7C92144F F7DA          neg edx
7C921451 83D8 00       sbb eax,0
7C921454 894424 14    mov dword ptr ss:[esp+14],eax
7C921458 895424 10    mov dword ptr ss:[esp+10],edx
7C92145C 8B4424 1C    mov eax,dword ptr ss:[esp+1C]
7C921460 0BC0          or eax,eax
7C921462 7D 14          jge short ntdll.7C921478
7C921464 47             inc edi
7C921465 8B5424 18    mov edx,dword ptr ss:[esp+18]
7C921469 F7D8          neg eax
7C92146B F7DA          neg edx
7C92146D 83D8 00       sbb eax,0
7C921470 894424 1C    mov dword ptr ss:[esp+1C],eax
7C921474 895424 18    mov dword ptr ss:[esp+18],edx
7C921478 0BC0          or eax,eax
7C92147A 75 18          jnz short ntdll.7C921494
7C92147C 8B4C24 18    mov ecx,dword ptr ss:[esp+18]
7C921480 8B4424 14    mov eax,dword ptr ss:[esp+14]
7C921484 33D2          xor edx,edx
7C921486 F7F1          div ecx
7C921488 8BD8          mov ebx,eax
7C92148A 8B4424 10    mov eax,dword ptr ss:[esp+10]
7C92148E F7F1          div ecx
7C921490 8BD3          mov edx,ebx
7C921492 EB 41          jmp short ntdll.7C9214D5
7C921494 8BD8          mov ebx,eax
7C921496 8B4C24 18    mov ecx,dword ptr ss:[esp+18]
7C92149A 8B5424 14    mov edx,dword ptr ss:[esp+14]
7C92149E 8B4424 10    mov eax,dword ptr ss:[esp+10]
7C9214A2 D1EB          shr ebx,1
7C9214A4 D1D9          rcr ecx,1
7C9214A6 D1EA          shr edx,1
7C9214A8 D1D8          rcr eax,1
7C9214AA 0BDB          or ebx,ebx
7C9214AC  ^ 75 F4          jnz short ntdll.7C9214A2
7C9214AE F7F1          div ecx
7C9214B0 8BF0          mov esi,eax
7C9214B2 F76424 1C    mul dword ptr ss:[esp+1C]
7C9214B6 8BC8          mov ecx,eax
7C9214B8 8B4424 18    mov eax,dword ptr ss:[esp+18]
7C9214BC F7E6          mul esi
7C9214BE 03D1          add edx,ecx
7C9214C0 72 0E          jb short ntdll.7C9214D0
7C9214C2 3B5424 14    cmp edx,dword ptr ss:[esp+14]
7C9214C6 77 08          ja short ntdll.7C9214D0
7C9214C8 72 07          jb short ntdll.7C9214D1
7C9214CA 3B4424 10    cmp eax,dword ptr ss:[esp+10]
7C9214CE 76 01          jbe short ntdll.7C9214D1
7C9214D0 4E             dec esi
7C9214D1 33D2          xor edx,edx
7C9214D3 8BC6          mov eax,esi
7C9214D5 4F             dec edi
7C9214D6 75 07          jnz short ntdll.7C9214DF
7C9214D8 F7DA          neg edx
7C9214DA F7D8          neg eax
7C9214DC 83DA 00       sbb edx,0
7C9214DF 5B             pop ebx
7C9214E0 5E             pop esi
7C9214E1 5F             pop edi
7C9214E2 C2 1000       retn 10
7C9214E5 >  57             push edi
7C9214E6 56             push esi
7C9214E7 55             push ebp
7C9214E8 33FF          xor edi,edi
7C9214EA 33ED          xor ebp,ebp
7C9214EC 8B4424 14    mov eax,dword ptr ss:[esp+14]
省略。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。

2014-3-18 14:03

0