-
-
[求助]我是菜菜,刚学算法分析,高手帮我分析下这2个算法.
-
发表于:
2006-2-9 17:37
4406
-
[求助]我是菜菜,刚学算法分析,高手帮我分析下这2个算法.
我刚刚学分析算法,汇编只晓得一点点,找了个例子本想自己分析一下,可是实在是功力不够,请高手帮助.
算法1:
0048916C /$ 55
push ebp
0048916D |. 8BEC
mov ebp,
esp
0048916F |. 51
push ecx
00489170 |. 53
push ebx
00489171 |. 56
push esi
00489172 |. 57
push edi
00489173 |. 8BF9
mov edi,
ecx
00489175 |. 8BDA
mov ebx,
edx
00489177 |. 8945 FC
mov dword ptr ss:[
ebp-4],
eax
0048917A |. 8B45 FC
mov eax,
dword ptr ss:[
ebp-4]
0048917D |. E8 16AEF7FF
call CrackMe.00403F98
00489182 |. 33C0
xor eax,
eax
00489184 |. 55
push ebp
00489185 |. 68 F9914800
push CrackMe.004891F9
0048918A |. 64:FF30
push dword ptr fs:[
eax]
0048918D |. 64:8920
mov dword ptr fs:[
eax],
esp
00489190 |. A1 008F4900
mov eax,
dword ptr ds:[498F00]
00489195 |. 8918
mov dword ptr ds:[
eax],
ebx
00489197 |. 8B45 FC
mov eax,
dword ptr ss:[
ebp-4]
0048919A |. E8 45ACF7FF
call CrackMe.00403DE4
0048919F |. 85C0
test eax,
eax
004891A1 |. 7E 36
jle short CrackMe.004891D9
004891A3 |. 8B45 FC
mov eax,
dword ptr ss:[
ebp-4]
004891A6 |. E8 39ACF7FF
call CrackMe.00403DE4
004891AB |. 8BF0
mov esi,
eax
004891AD |. 4E
dec esi
004891AE |. 85F6
test esi,
esi
004891B0 |. 72 27
jb short CrackMe.004891D9
004891B2 |. 46
inc esi
004891B3 |. 33DB
xor ebx,
ebx
004891B5 |> B8 00010000 /
mov eax,100
004891BA |. E8 F999F7FF |
call CrackMe.00402BB8
004891BF |. 8B55 FC |
mov edx,
dword ptr ss:[
ebp-4]
004891C2 |. 0FB6141A |
movzx edx,
byte ptr ds:[
edx+
ebx]
004891C6 |. 33C2 |
xor eax,
edx
004891C8 |. 50 |
push eax
004891C9 |. 8D45 FC |
lea eax,
dword ptr ss:[
ebp-4]
004891CC |. E8 E3ADF7FF |
call CrackMe.00403FB4
004891D1 |. 5A |
pop edx
004891D2 |. 881418 |
mov byte ptr ds:[
eax+
ebx],
dl
004891D5 |. 43 |
inc ebx
004891D6 |. 4E |
dec esi
004891D7 |.^ 75 DC \
jnz short CrackMe.004891B5
004891D9 |> 8BC7
mov eax,
edi
004891DB |. 8B55 FC
mov edx,
dword ptr ss:[
ebp-4]
004891DE |. E8 D5A9F7FF
call CrackMe.00403BB8
004891E3 |. 33C0
xor eax,
eax
004891E5 |. 5A
pop edx
004891E6 |. 59
pop ecx
004891E7 |. 59
pop ecx
004891E8 |. 64:8910
mov dword ptr fs:[
eax],
edx
004891EB |. 68 00924800
push CrackMe.00489200
004891F0 |> 8D45 FC
lea eax,
dword ptr ss:[
ebp-4]
004891F3 |. E8 6CA9F7FF
call CrackMe.00403B64
004891F8 \. C3
retn
004891F9 .- E9 FEA3F7FF
jmp CrackMe.004035FC
004891FE .^ EB F0
jmp short CrackMe.004891F0
00489200 . 5F
pop edi
00489201 . 5E
pop esi
00489202 . 5B
pop ebx
00489203 . 59
pop ecx
00489204 . 5D
pop ebp
00489205 . C3
retn
算法2:
004528F4 /$ 55
push ebp
004528F5 |. 8BEC
mov ebp,
esp
004528F7 |. 83C4 CC
add esp,-34
004528FA |. 53
push ebx
004528FB |. 56
push esi
004528FC |. 33DB
xor ebx,
ebx
004528FE |. 895D CC
mov dword ptr ss:[
ebp-34],
ebx
00452901 |. 895D D0
mov dword ptr ss:[
ebp-30],
ebx
00452904 |. 895D D4
mov dword ptr ss:[
ebp-2C],
ebx
00452907 |. 895D E0
mov dword ptr ss:[
ebp-20],
ebx
0045290A |. 894D F0
mov dword ptr ss:[
ebp-10],
ecx
0045290D |. 8BF2
mov esi,
edx
0045290F |. 8BD8
mov ebx,
eax
00452911 |. 8B45 F0
mov eax,
dword ptr ss:[
ebp-10]
00452914 |. E8 E715FBFF
call CrackMe.00403F00
00452919 |. 8B45 08
mov eax,
dword ptr ss:[
ebp+8]
0045291C |. E8 DF15FBFF
call CrackMe.00403F00
00452921 |. 33C0
xor eax,
eax
00452923 |. 55
push ebp
00452924 |. 68 312A4500
push CrackMe.00452A31
00452929 |. 64:FF30
push dword ptr fs:[
eax]
0045292C |. 64:8920
mov dword ptr fs:[
eax],
esp
0045292F |. 8975 F4
mov dword ptr ss:[
ebp-C],
esi
00452932 |. 895D FC
mov dword ptr ss:[
ebp-4],
ebx
00452935 |. 8D45 E6
lea eax,
dword ptr ss:[
ebp-1A]
00452938 |. E8 07010000
call CrackMe.00452A44
0045293D |. 8D55 D4
lea edx,
dword ptr ss:[
ebp-2C]
00452940 |. 8B45 F0
mov eax,
dword ptr ss:[
ebp-10]
00452943 |. E8 3CFEFFFF
call CrackMe.00452784
00452948 |. 8B55 D4
mov edx,
dword ptr ss:[
ebp-2C]
0045294B |. 8D45 F0
lea eax,
dword ptr ss:[
ebp-10]
0045294E |. E8 1112FBFF
call CrackMe.00403B64
00452953 |. 8B45 F0
mov eax,
dword ptr ss:[
ebp-10]
00452956 |. E8 F113FBFF
call CrackMe.00403D4C
0045295B |. 48
dec eax
0045295C |. 85C0
test eax,
eax
0045295E |. 7C 3A
jl short CrackMe.0045299A
00452960 |. 40
inc eax
00452961 |. 8945 D8
mov dword ptr ss:[
ebp-28],
eax
00452964 |. C745 DC 000>
mov dword ptr ss:[
ebp-24],0
0045296B |> 8B45 F0 /
mov eax,
dword ptr ss:[
ebp-10]
0045296E |. 8B55 DC |
mov edx,
dword ptr ss:[
ebp-24]
00452971 |. 8A0C10 |
mov cl,
byte ptr ds:[
eax+
edx]
00452974 |. BE 0A000000 |
mov esi,0A
00452979 |. B8 C47B4500 |
mov eax,CrackMe.00457BC4
0045297E |. 8D55 E6 |
lea edx,
dword ptr ss:[
ebp-1A]
00452981 |> 33DB |/
xor ebx,
ebx
00452983 |. 8AD9 ||
mov bl,
cl
00452985 |. 8D1C9B ||
lea ebx,
dword ptr ds:[
ebx+
ebx*4]
00452988 |. 8A1C58 ||
mov bl,
byte ptr ds:[
eax+
ebx*2]
0045298B |. 301A ||
xor byte ptr ds:[
edx],
bl
0045298D |. 42 ||
inc edx
0045298E |. 40 ||
inc eax
0045298F |. 4E ||
dec esi
00452990 |.^ 75 EF |\
jnz short CrackMe.00452981
00452992 |. FF45 DC |
inc dword ptr ss:[
ebp-24]
00452995 |. FF4D D8 |
dec dword ptr ss:[
ebp-28]
00452998 |.^ 75 D1 \
jnz short CrackMe.0045296B
0045299A |> 8D55 D0
lea edx,
dword ptr ss:[
ebp-30]
0045299D |. 8B45 08
mov eax,
dword ptr ss:[
ebp+8]
004529A0 |. E8 DFFDFFFF
call CrackMe.00452784
004529A5 |. 8B55 D0
mov edx,
dword ptr ss:[
ebp-30]
004529A8 |. 8D45 08
lea eax,
dword ptr ss:[
ebp+8]
004529AB |. E8 B411FBFF
call CrackMe.00403B64
004529B0 |. 55
push ebp
004529B1 |. 8D55 CC
lea edx,
dword ptr ss:[
ebp-34]
004529B4 |. 8B45 08
mov eax,
dword ptr ss:[
ebp+8]
004529B7 |. E8 1CFCFFFF
call CrackMe.004525D8
004529BC |. 59
pop ecx
004529BD |. 8B55 CC
mov edx,
dword ptr ss:[
ebp-34]
004529C0 |. 8D45 E0
lea eax,
dword ptr ss:[
ebp-20]
004529C3 |. E8 9C11FBFF
call CrackMe.00403B64
004529C8 |. 8B45 E0
mov eax,
dword ptr ss:[
ebp-20]
004529CB |. E8 7C13FBFF
call CrackMe.00403D4C
004529D0 |. 83F8 0A
cmp eax,0A
004529D3 |. 74 04
je short CrackMe.004529D9
004529D5 |. 33DB
xor ebx,
ebx
004529D7 |. EB 25
jmp short CrackMe.004529FE
004529D9 |> 33C0
xor eax,
eax
004529DB |. 8945 DC
mov dword ptr ss:[
ebp-24],
eax
004529DE |. 8D45 E6
lea eax,
dword ptr ss:[
ebp-1A]
004529E1 |> 8B55 E0 /
mov edx,
dword ptr ss:[
ebp-20]
004529E4 |. 8B4D DC |
mov ecx,
dword ptr ss:[
ebp-24]
004529E7 |. 8A140A |
mov dl,
byte ptr ds:[
edx+
ecx]
004529EA |. 3A10 |
cmp dl,
byte ptr ds:[
eax]
004529EC |. 74 04 |
je short CrackMe.004529F2
004529EE |. 33DB |
xor ebx,
ebx
004529F0 |. EB 0C |
jmp short CrackMe.004529FE
004529F2 |> FF45 DC |
inc dword ptr ss:[
ebp-24]
004529F5 |. 40 |
inc eax
004529F6 |. 837D DC 0A |
cmp dword ptr ss:[
ebp-24],0A
004529FA |.^ 75 E5 \
jnz short CrackMe.004529E1
004529FC |. B3 01
mov bl,1
004529FE |> 33C0
xor eax,
eax
00452A00 |. 5A
pop edx
00452A01 |. 59
pop ecx
00452A02 |. 59
pop ecx
00452A03 |. 64:8910
mov dword ptr fs:[
eax],
edx
00452A06 |. 68 382A4500
push CrackMe.00452A38
00452A0B |> 8D45 CC
lea eax,
dword ptr ss:[
ebp-34]
00452A0E |. BA 03000000
mov edx,3
00452A13 |. E8 D810FBFF
call CrackMe.00403AF0
00452A18 |. 8D45 E0
lea eax,
dword ptr ss:[
ebp-20]
00452A1B |. E8 AC10FBFF
call CrackMe.00403ACC
00452A20 |. 8D45 F0
lea eax,
dword ptr ss:[
ebp-10]
00452A23 |. E8 A410FBFF
call CrackMe.00403ACC
00452A28 |. 8D45 08
lea eax,
dword ptr ss:[
ebp+8]
00452A2B |. E8 9C10FBFF
call CrackMe.00403ACC
00452A30 \. C3
retn
00452A31 .- E9 2E0BFBFF
jmp CrackMe.00403564
00452A36 .^ EB D3
jmp short CrackMe.00452A0B
00452A38 . 8BC3
mov eax,
ebx
00452A3A . 5E
pop esi
00452A3B . 5B
pop ebx
00452A3C . 8BE5
mov esp,
ebp
00452A3E . 5D
pop ebp
00452A3F . C2 0400
retn 4
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
