-
-
[原创]签到题
-
发表于:
2020-5-3 11:25
4904
-
拖入IDA,通过搜索提示文本Wrong,定位到提示函数内部,返回一层F5得到如下代码
BOOL __thiscall sub_401990(CWnd *this)
{
struct CString *v1; // ST04_4
CWnd *v2; // eax
int v3; // eax
BOOL result; // eax
int v5; // [esp+0h] [ebp-6Ch]
int v6; // [esp+4Ch] [ebp-20h]
char *Str; // [esp+50h] [ebp-1Ch]
int v8; // [esp+54h] [ebp-18h]
CWnd *v9; // [esp+58h] [ebp-14h]
int *v10; // [esp+5Ch] [ebp-10h]
int v11; // [esp+68h] [ebp-4h]
v10 = &v5;
v9 = this;
v11 = 0;
((void (*)(void))loc_4019BE)();
v8 = 668;
MEMORY[0x29C] = 6;
v11 = -1;
v1 = (CWnd *)((char *)v9 + 96);
v2 = CWnd::GetDlgItem(v9, 1002);
CWnd::GetWindowTextA(v2, v1);
v3 = sub_401AB0((char *)v9 + 96);
Str = CString::GetBuffer((CWnd *)((char *)v9 + 96), v3);
v6 = atoi(Str);
if ( v6 / 2 == 80 )
result = RightBox();
else
result = WrongBox();
return result;
}
很明显的正确的判断条件是v6/2=80 也就是说满足正确的结果是80*2=160
而v6是通过atoi这个函数得来的,逆函数位itoa所以正确的注册码为
字符串形式的160
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
