004414A0 key> $ 55 push ebp
004414A1 . 8BEC mov ebp,esp
004414A3 . E9 B5000000 jmp keygenme.0044155D
004414A8 > 50 push eax
004414A9 . FF75 9C push dword ptr ss:[ebp-64]
004414AC .^ E9 2DFFFFFF jmp keygenme.004413DE
004414B1 > 33D2 xor edx,edx
004414B3 . 8AD4 mov dl,ah
004414B5 . 8915 88794700 mov dword ptr ds:[477988],edx
004414BB .^ EB 91 jmp short keygenme.0044144E
004414BD > 59 pop ecx
004414BE .^ EB C8 jmp short keygenme.00441488
004414C0 > E8 1B840000 call keygenme.004498E0
004414C5 . 59 pop ecx
004414C6 . 85C0 test eax,eax
004414C8 .^ EB 9F jmp short keygenme.00441469
004414CA > 50 push eax
004414CB . E8 A2B00100 call keygenme.0045C572
004414D0 . 8945 A0 mov dword ptr ss:[ebp-60],eax
004414D3 .^ EB C3 jmp short keygenme.00441498
004414D5 > 75 70 jnz short keygenme.00441547
004414D7 . 6A 10 push 10
004414D9 . E8 39FFFFFF call keygenme.00441417
004414DE .^ EB A2 jmp short keygenme.00441482
004414E0 > 51 push ecx
004414E1 . E8 0C760000 call keygenme.00448AF2
004414E6 . 59 pop ecx
004414E7 .^ EB D4 jmp short keygenme.004414BD
004414E9 > E8 8C7D0000 call keygenme.0044927A
每三行左右就一个JMP到别处.严重影响分析.问一下如何解决?
暂时想到是新建一块内存空间.把乱七八糟的代码重新在下面排序.但遇到本身的有的转跳必定出错.大家有更好的方法吗?
[课程]Linux pwn 探索篇!