习题二 echap512.exe code * Referenced by a CALL at Address: |:004011A9 | :0040120B C8000000 enter 0000, 00 :0040120F 53 push ebx :00401210 52 push edx :00401211 33C0 xor eax, eax :00401213 B8A6204000 mov eax, 004020A6 ----把输入的密码放入EAX :00401218 803800 cmp byte ptr [eax], 00 :0040121B 7460 je 0040127D :0040121D 33DB xor ebx, ebx :0040121F 33D2 xor edx, edx :00401221 8A18 mov bl, byte ptr [eax] ----开始处理密码 过程见下(1) :00401223 C1C308 rol ebx, 08 :00401226 03D3 add edx, ebx ----处理后的都放入EDX :00401228 40 inc eax :00401229 803800 cmp byte ptr [eax], 00 :0040122C 75F3 jne 00401221 :0040122E 52 push edx :0040122F 6854204000 push 00402054 :00401234 68BF204000 push 004020BF :00401239 E88F000000 Call 004012CD :0040123E BBBF204000 mov ebx, 004020BF ----与正确的开始比较 :00401243 803B38 cmp byte ptr [ebx], 38 :00401246 7535 jne 0040127D :00401248 807B0144 cmp byte ptr [ebx+01], 44 :0040124C 752F jne 0040127D :0040124E 807B0243 cmp byte ptr [ebx+02], 43 :00401252 7529 jne 0040127D :00401254 807B0341 cmp byte ptr [ebx+03], 41 :00401258 7523 jne 0040127D :0040125A 807B0446 cmp byte ptr [ebx+04], 46 :0040125E 751D jne 0040127D :00401260 807B0533 cmp byte ptr [ebx+05], 33 :00401264 7517 jne 0040127D :00401266 807B0636 cmp byte ptr [ebx+06], 36 :0040126A 7511 jne 0040127D :0040126C 807B0738 cmp byte ptr [ebx+07], 38 :00401270 750B jne 0040127D :00401272 B801000000 mov eax, 00000001 :00401277 5A pop edx :00401278 5B pop ebx :00401279 C9 leave :0040127A C20400 ret 0004 (1)过程分析: 如果输入123456 过程: 00 00 31 00 00 31 32 00 31 32 33 00 32 33 34 31 33 34 35 32 +) 34 35 36 33 结果: CB 00 35 96 而正确的应为:8D CA F3 68 我们通过上面的模拟分析可以大致的了解运算过程,由于相加结果是如上的有很多,我们就可以大胆的假设,来推出一组数。 我就推出一组6位的:""$%=) ZXEM 2000.3.23
[注意]APP应用上架合规检测服务,协助应用顺利上架!
谢谢, 上次看到一次,后来找不到了.
