看看这个软件的加密方法-付费问答-看雪-安全社区|安全招聘|kanxue.com

最新回复 (3)
fonge 雪币： 263 活跃值： (10) 能力值： ( LV9，RANK：210 ) 在线值：发帖 38 回帖 1071 粉丝 0 关注私信	fonge 5 2 楼我也想玩玩！老大别封贴！关注结果…… 2007-1-25 17:48 0
wfp 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 23 粉丝 0 关注私信	wfp 3 楼恳请各位指教。 2007-3-2 14:26 0
blackchar 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 7 回帖 27 粉丝 0 关注私信	blackchar 4 楼楼主兄弟借一个地方，谢谢。我已经脱了一个代理软件的壳了只不过找不到关键跳转希望各位达人帮忙看看 004A66A8 /. 55 PUSH EBP 004A66A9 \|. 8BEC MOV EBP,ESP 004A66AB \|. 81C4 E0FDFFFF ADD ESP,-220 004A66B1 \|. 53 PUSH EBX 004A66B2 \|. 56 PUSH ESI 004A66B3 \|. 33C9 XOR ECX,ECX 004A66B5 \|. 898D E4FDFFFF MOV DWORD PTR SS:[EBP-21C],ECX 004A66BB \|. 898D E0FDFFFF MOV DWORD PTR SS:[EBP-220],ECX 004A66C1 \|. 898D E8FDFFFF MOV DWORD PTR SS:[EBP-218],ECX 004A66C7 \|. 898D FCFDFFFF MOV DWORD PTR SS:[EBP-204],ECX 004A66CD \|. 898D F4FDFFFF MOV DWORD PTR SS:[EBP-20C],ECX 004A66D3 \|. 898D F0FDFFFF MOV DWORD PTR SS:[EBP-210],ECX 004A66D9 \|. 898D ECFDFFFF MOV DWORD PTR SS:[EBP-214],ECX 004A66DF \|. 898D F8FDFFFF MOV DWORD PTR SS:[EBP-208],ECX 004A66E5 \|. 8BF0 MOV ESI,EAX 004A66E7 \|. 33C0 XOR EAX,EAX 004A66E9 \|. 55 PUSH EBP 004A66EA \|. 68 3F6A4A00 PUSH dumped_.004A6A3F 004A66EF \|. 64:FF30 PUSH DWORD PTR FS:[EAX] 004A66F2 \|. 64:8920 MOV DWORD PTR FS:[EAX],ESP 004A66F5 \|. 33D2 XOR EDX,EDX 004A66F7 \|. 8B86 48030000 MOV EAX,DWORD PTR DS:[ESI+348] 004A66FD \|. 8B08 MOV ECX,DWORD PTR DS:[EAX] 004A66FF \|. FF51 64 CALL DWORD PTR DS:[ECX+64] 004A6702 \|. BA 546A4A00 MOV EDX,dumped_.004A6A54 ; 检测帐号是否可用,请稍侯... 004A6707 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A670D \|. E8 D637FAFF CALL dumped_.00449EE8 004A6712 \|. 8B86 A4030000 MOV EAX,DWORD PTR DS:[ESI+3A4] 004A6718 \|. E8 03E0F5FF CALL dumped_.00404720 004A671D \|. 50 PUSH EAX ; /IniFileName 004A671E \|. 68 00010000 PUSH 100 ; \|BufSize = 100 (256.) 004A6723 \|. 8D85 01FFFFFF LEA EAX,DWORD PTR SS:[EBP-FF] ; \| 004A6729 \|. 50 PUSH EAX ; \|ReturnBuffer 004A672A \|. 68 706A4A00 PUSH dumped_.004A6A70 ; \|Default = "" 004A672F \|. 68 746A4A00 PUSH dumped_.004A6A74 ; \|ip 004A6734 \|. 68 786A4A00 PUSH dumped_.004A6A78 ; \|target1 004A6739 \|. E8 5601F6FF CALL <JMP.&kernel32.GetPrivateProfileStr>; \GetPrivateProfileStringA 004A673E \|. 8D95 00FFFFFF LEA EDX,DWORD PTR SS:[EBP-100] 004A6744 \|. 92 XCHG EAX,EDX 004A6745 \|. E8 9AC4F5FF CALL dumped_.00402BE4 004A674A \|. 8B86 A4030000 MOV EAX,DWORD PTR DS:[ESI+3A4] 004A6750 \|. E8 CBDFF5FF CALL dumped_.00404720 004A6755 \|. 50 PUSH EAX ; /IniFileName 004A6756 \|. 6A 00 PUSH 0 ; \|Default = 0 004A6758 \|. 68 806A4A00 PUSH dumped_.004A6A80 ; \|port 004A675D \|. 68 786A4A00 PUSH dumped_.004A6A78 ; \|target1 004A6762 \|. E8 2501F6FF CALL <JMP.&kernel32.GetPrivateProfileInt>; \GetPrivateProfileIntA 004A6767 \|. 8BD8 MOV EBX,EAX 004A6769 \|. 8B86 A0030000 MOV EAX,DWORD PTR DS:[ESI+3A0] 004A676F \|. E8 ACDFF5FF CALL dumped_.00404720 004A6774 \|. 50 PUSH EAX ; /IniFileName 004A6775 \|. 68 00010000 PUSH 100 ; \|BufSize = 100 (256.) 004A677A \|. 8D85 01FEFFFF LEA EAX,DWORD PTR SS:[EBP-1FF] ; \| 004A6780 \|. 50 PUSH EAX ; \|ReturnBuffer 004A6781 \|. 68 706A4A00 PUSH dumped_.004A6A70 ; \|Default = "" 004A6786 \|. 68 886A4A00 PUSH dumped_.004A6A88 ; \|serverip 004A678B \|. 68 946A4A00 PUSH dumped_.004A6A94 ; \|main 004A6790 \|. E8 FF00F6FF CALL <JMP.&kernel32.GetPrivateProfileStr>; \GetPrivateProfileStringA 004A6795 \|. 8D95 00FEFFFF LEA EDX,DWORD PTR SS:[EBP-200] 004A679B \|. 92 XCHG EAX,EDX 004A679C \|. E8 43C4F5FF CALL dumped_.00402BE4 004A67A1 \|. 8D85 FCFDFFFF LEA EAX,DWORD PTR SS:[EBP-204] 004A67A7 \|. 8D95 00FEFFFF LEA EDX,DWORD PTR SS:[EBP-200] 004A67AD \|. E8 12DDF5FF CALL dumped_.004044C4 004A67B2 \|. 8B85 FCFDFFFF MOV EAX,DWORD PTR SS:[EBP-204] 004A67B8 \|. 50 PUSH EAX 004A67B9 \|. 8D95 F8FDFFFF LEA EDX,DWORD PTR SS:[EBP-208] 004A67BF \|. 8B86 0C030000 MOV EAX,DWORD PTR DS:[ESI+30C] 004A67C5 \|. E8 EE36FAFF CALL dumped_.00449EB8 004A67CA \|. 8B85 F8FDFFFF MOV EAX,DWORD PTR SS:[EBP-208] 004A67D0 \|. E8 BF22F6FF CALL dumped_.00408A94 004A67D5 \|. 50 PUSH EAX 004A67D6 \|. 8D85 F4FDFFFF LEA EAX,DWORD PTR SS:[EBP-20C] 004A67DC \|. 8D95 00FFFFFF LEA EDX,DWORD PTR SS:[EBP-100] 004A67E2 \|. E8 DDDCF5FF CALL dumped_.004044C4 004A67E7 \|. 8B85 F4FDFFFF MOV EAX,DWORD PTR SS:[EBP-20C] 004A67ED \|. 50 PUSH EAX 004A67EE \|. 53 PUSH EBX 004A67EF \|. 8D95 F0FDFFFF LEA EDX,DWORD PTR SS:[EBP-210] 004A67F5 \|. 8B86 24030000 MOV EAX,DWORD PTR DS:[ESI+324] 004A67FB \|. E8 B836FAFF CALL dumped_.00449EB8 004A6800 \|. 8B85 F0FDFFFF MOV EAX,DWORD PTR SS:[EBP-210] 004A6806 \|. 50 PUSH EAX 004A6807 \|. 8D95 ECFDFFFF LEA EDX,DWORD PTR SS:[EBP-214] 004A680D \|. 8B86 20030000 MOV EAX,DWORD PTR DS:[ESI+320] 004A6813 \|. E8 A036FAFF CALL dumped_.00449EB8 004A6818 \|. 8B95 ECFDFFFF MOV EDX,DWORD PTR SS:[EBP-214] 004A681E \|. 8BC6 MOV EAX,ESI 004A6820 \|. 59 POP ECX 004A6821 \|. E8 F6EEFFFF CALL dumped_.004A571C 004A6826 \|. 8BD8 MOV EBX,EAX 004A6828 \|. 0FBEC3 MOVSX EAX,BL 004A682B \|. 83C0 0D ADD EAX,0D ; Switch (cases 0..FFFFFFFF) 004A682E \|. 83F8 0D CMP EAX,0D 004A6831 \|. 0F87 77010000 JA dumped_.004A69AE 004A6837 \|. FF2485 3E684A>JMP DWORD PTR DS:[EAX*4+4A683E] 004A683E \|. 9C694A00 DD dumped_.004A699C ; 分支表被用于 004A6837 004A6842 \|. 8A694A00 DD dumped_.004A698A 004A6846 \|. 78694A00 DD dumped_.004A6978 004A684A \|. 66694A00 DD dumped_.004A6966 004A684E \|. 54694A00 DD dumped_.004A6954 004A6852 \|. 3F694A00 DD dumped_.004A693F 004A6856 \|. 2A694A00 DD dumped_.004A692A 004A685A \|. 15694A00 DD dumped_.004A6915 004A685E \|. 00694A00 DD dumped_.004A6900 004A6862 \|. EB684A00 DD dumped_.004A68EB 004A6866 \|. D6684A00 DD dumped_.004A68D6 004A686A \|. C1684A00 DD dumped_.004A68C1 004A686E \|. 8B684A00 DD dumped_.004A688B 004A6872 \|. 76684A00 DD dumped_.004A6876 004A6876 \|> BA A46A4A00 MOV EDX,dumped_.004A6AA4 ; Case 0 of switch 004A682B 004A687B \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6881 \|. E8 6236FAFF CALL dumped_.00449EE8 004A6886 \|. E9 58010000 JMP dumped_.004A69E3 004A688B \|> 68 D86A4A00 PUSH dumped_.004A6AD8 ; Case FFFFFFFF of switch 004A682B 004A6890 \|. FFB6 B4030000 PUSH DWORD PTR DS:[ESI+3B4] 004A6896 \|. 68 F06A4A00 PUSH dumped_.004A6AF0 004A689B \|. 8D85 E8FDFFFF LEA EAX,DWORD PTR SS:[EBP-218] 004A68A1 \|. BA 03000000 MOV EDX,3 004A68A6 \|. E8 35DDF5FF CALL dumped_.004045E0 004A68AB \|. 8B95 E8FDFFFF MOV EDX,DWORD PTR SS:[EBP-218] 004A68B1 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A68B7 \|. E8 2C36FAFF CALL dumped_.00449EE8 004A68BC \|. E9 22010000 JMP dumped_.004A69E3 004A68C1 \|> BA 006B4A00 MOV EDX,dumped_.004A6B00 ; 帐/密错误; Case FFFFFFFE of switch 004A682B 004A68C6 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A68CC \|. E8 1736FAFF CALL dumped_.00449EE8 004A68D1 E9 0D010000 JMP dumped_.004A69E3 004A68D6 \|> BA 146B4A00 MOV EDX,dumped_.004A6B14 ; sql错误; Case FFFFFFFD of switch 004A682B 004A68DB \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A68E1 \|. E8 0236FAFF CALL dumped_.00449EE8 004A68E6 \|. E9 F8000000 JMP dumped_.004A69E3 004A68EB \|> BA 246B4A00 MOV EDX,dumped_.004A6B24 ; 等级不够; Case FFFFFFFC of switch 004A682B 004A68F0 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A68F6 \|. E8 ED35FAFF CALL dumped_.00449EE8 004A68FB \|. E9 E3000000 JMP dumped_.004A69E3 004A6900 \|> BA 386B4A00 MOV EDX,dumped_.004A6B38 ; 到期; Case FFFFFFFB of switch 004A682B 004A6905 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A690B \|. E8 D835FAFF CALL dumped_.00449EE8 004A6910 \|. E9 CE000000 JMP dumped_.004A69E3 004A6915 \|> BA 486B4A00 MOV EDX,dumped_.004A6B48 ; 冻结; Case FFFFFFFA of switch 004A682B 004A691A \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6920 \|. E8 C335FAFF CALL dumped_.00449EE8 004A6925 \|. E9 B9000000 JMP dumped_.004A69E3 004A692A \|> BA 586B4A00 MOV EDX,dumped_.004A6B58 ; 测试号:srcip已测试过; Case FFFFFFF9 of switch 004A682B 004A692F \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6935 \|. E8 AE35FAFF CALL dumped_.00449EE8 004A693A \|. E9 A4000000 JMP dumped_.004A69E3 004A693F \|> BA 786B4A00 MOV EDX,dumped_.004A6B78 ; 测试号:srcip段已测试过; Case FFFFFFF8 of switch 004A682B 004A6944 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A694A \|. E8 9935FAFF CALL dumped_.00449EE8 004A694F \|. E9 8F000000 JMP dumped_.004A69E3 004A6954 \|> BA 986B4A00 MOV EDX,dumped_.004A6B98 ; 测试号:srcip同时连接过多; Case FFFFFFF7 of switch 004A682B 004A6959 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A695F \|. E8 8435FAFF CALL dumped_.00449EE8 004A6964 \|. EB 7D JMP SHORT dumped_.004A69E3 004A6966 \|> BA BC6B4A00 MOV EDX,dumped_.004A6BBC ; 帐/密太长; Case FFFFFFF6 of switch 004A682B 004A696B \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6971 \|. E8 7235FAFF CALL dumped_.00449EE8 004A6976 \|. EB 6B JMP SHORT dumped_.004A69E3 004A6978 \|> BA D06B4A00 MOV EDX,dumped_.004A6BD0 ; 帐/密有非法字符; Case FFFFFFF5 of switch 004A682B 004A697D \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6983 \|. E8 6035FAFF CALL dumped_.00449EE8 004A6988 \|. EB 59 JMP SHORT dumped_.004A69E3 004A698A \|> BA E86B4A00 MOV EDX,dumped_.004A6BE8 ; 目标服务器/端口连不上; Case FFFFFFF4 of switch 004A682B 004A698F \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6995 \|. E8 4E35FAFF CALL dumped_.00449EE8 004A699A \|. EB 47 JMP SHORT dumped_.004A69E3 004A699C \|> BA 086C4A00 MOV EDX,dumped_.004A6C08 ; 选择的服务器/端口组合有误; Case FFFFFFF3 of switch 004A682B 004A69A1 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A69A7 \|. E8 3C35FAFF CALL dumped_.00449EE8 004A69AC \|. EB 35 JMP SHORT dumped_.004A69E3 004A69AE \|> 8D95 E0FDFFFF LEA EDX,DWORD PTR SS:[EBP-220] ; Default case of switch 004A682B 004A69B4 \|. 0FBEC3 MOVSX EAX,BL 004A69B7 \|. E8 9C1FF6FF CALL dumped_.00408958 004A69BC \|. 8B8D E0FDFFFF MOV ECX,DWORD PTR SS:[EBP-220] 004A69C2 \|. 8D85 E4FDFFFF LEA EAX,DWORD PTR SS:[EBP-21C] 004A69C8 \|. BA 2C6C4A00 MOV EDX,dumped_.004A6C2C ; 未知错误 004A69CD \|. E8 9ADBF5FF CALL dumped_.0040456C 004A69D2 \|. 8B95 E4FDFFFF MOV EDX,DWORD PTR SS:[EBP-21C] 004A69D8 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A69DE \|. E8 0535FAFF CALL dumped_.00449EE8 004A69E3 \|> B2 01 MOV DL,1 004A69E5 \|. 8B86 48030000 MOV EAX,DWORD PTR DS:[ESI+348] 004A69EB \|. 8B08 MOV ECX,DWORD PTR DS:[EAX] 004A69ED \|. FF51 64 CALL DWORD PTR DS:[ECX+64] 004A69F0 \|. 33C0 XOR EAX,EAX 004A69F2 \|. 5A POP EDX 004A69F3 \|. 59 POP ECX 004A69F4 \|. 59 POP ECX 004A69F5 \|. 64:8910 MOV DWORD PTR FS:[EAX],EDX 004A69F8 \|. 68 466A4A00 PUSH dumped_.004A6A46 004A69FD \|> 8D85 E0FDFFFF LEA EAX,DWORD PTR SS:[EBP-220] 004A6A03 \|. BA 03000000 MOV EDX,3 004A6A08 \|. E8 77D8F5FF CALL dumped_.00404284 004A6A0D \|. 8D85 ECFDFFFF LEA EAX,DWORD PTR SS:[EBP-214] 004A6A13 \|. BA 02000000 MOV EDX,2 004A6A18 \|. E8 67D8F5FF CALL dumped_.00404284 004A6A1D \|. 8D85 F4FDFFFF LEA EAX,DWORD PTR SS:[EBP-20C] 004A6A23 \|. E8 38D8F5FF CALL dumped_.00404260 004A6A28 \|. 8D85 F8FDFFFF LEA EAX,DWORD PTR SS:[EBP-208] 004A6A2E \|. E8 2DD8F5FF CALL dumped_.00404260 004A6A33 \|. 8D85 FCFDFFFF LEA EAX,DWORD PTR SS:[EBP-204] 004A6A39 \|. E8 22D8F5FF CALL dumped_.00404260 004A6A3E \. C3 RETN 2007-3-2 16:24 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

最新回复 (3)
fonge 雪币： 263 活跃值： (10) 能力值： ( LV9，RANK：210 ) 在线值：发帖 38 回帖 1071 粉丝 0 关注私信	fonge 5 2 楼我也想玩玩！老大别封贴！关注结果…… 2007-1-25 17:48 0
wfp 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 23 粉丝 0 关注私信	wfp 3 楼恳请各位指教。 2007-3-2 14:26 0
blackchar 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 7 回帖 27 粉丝 0 关注私信	blackchar 4 楼楼主兄弟借一个地方，谢谢。我已经脱了一个代理软件的壳了只不过找不到关键跳转希望各位达人帮忙看看 004A66A8 /. 55 PUSH EBP 004A66A9 \|. 8BEC MOV EBP,ESP 004A66AB \|. 81C4 E0FDFFFF ADD ESP,-220 004A66B1 \|. 53 PUSH EBX 004A66B2 \|. 56 PUSH ESI 004A66B3 \|. 33C9 XOR ECX,ECX 004A66B5 \|. 898D E4FDFFFF MOV DWORD PTR SS:[EBP-21C],ECX 004A66BB \|. 898D E0FDFFFF MOV DWORD PTR SS:[EBP-220],ECX 004A66C1 \|. 898D E8FDFFFF MOV DWORD PTR SS:[EBP-218],ECX 004A66C7 \|. 898D FCFDFFFF MOV DWORD PTR SS:[EBP-204],ECX 004A66CD \|. 898D F4FDFFFF MOV DWORD PTR SS:[EBP-20C],ECX 004A66D3 \|. 898D F0FDFFFF MOV DWORD PTR SS:[EBP-210],ECX 004A66D9 \|. 898D ECFDFFFF MOV DWORD PTR SS:[EBP-214],ECX 004A66DF \|. 898D F8FDFFFF MOV DWORD PTR SS:[EBP-208],ECX 004A66E5 \|. 8BF0 MOV ESI,EAX 004A66E7 \|. 33C0 XOR EAX,EAX 004A66E9 \|. 55 PUSH EBP 004A66EA \|. 68 3F6A4A00 PUSH dumped_.004A6A3F 004A66EF \|. 64:FF30 PUSH DWORD PTR FS:[EAX] 004A66F2 \|. 64:8920 MOV DWORD PTR FS:[EAX],ESP 004A66F5 \|. 33D2 XOR EDX,EDX 004A66F7 \|. 8B86 48030000 MOV EAX,DWORD PTR DS:[ESI+348] 004A66FD \|. 8B08 MOV ECX,DWORD PTR DS:[EAX] 004A66FF \|. FF51 64 CALL DWORD PTR DS:[ECX+64] 004A6702 \|. BA 546A4A00 MOV EDX,dumped_.004A6A54 ; 检测帐号是否可用,请稍侯... 004A6707 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A670D \|. E8 D637FAFF CALL dumped_.00449EE8 004A6712 \|. 8B86 A4030000 MOV EAX,DWORD PTR DS:[ESI+3A4] 004A6718 \|. E8 03E0F5FF CALL dumped_.00404720 004A671D \|. 50 PUSH EAX ; /IniFileName 004A671E \|. 68 00010000 PUSH 100 ; \|BufSize = 100 (256.) 004A6723 \|. 8D85 01FFFFFF LEA EAX,DWORD PTR SS:[EBP-FF] ; \| 004A6729 \|. 50 PUSH EAX ; \|ReturnBuffer 004A672A \|. 68 706A4A00 PUSH dumped_.004A6A70 ; \|Default = "" 004A672F \|. 68 746A4A00 PUSH dumped_.004A6A74 ; \|ip 004A6734 \|. 68 786A4A00 PUSH dumped_.004A6A78 ; \|target1 004A6739 \|. E8 5601F6FF CALL <JMP.&kernel32.GetPrivateProfileStr>; \GetPrivateProfileStringA 004A673E \|. 8D95 00FFFFFF LEA EDX,DWORD PTR SS:[EBP-100] 004A6744 \|. 92 XCHG EAX,EDX 004A6745 \|. E8 9AC4F5FF CALL dumped_.00402BE4 004A674A \|. 8B86 A4030000 MOV EAX,DWORD PTR DS:[ESI+3A4] 004A6750 \|. E8 CBDFF5FF CALL dumped_.00404720 004A6755 \|. 50 PUSH EAX ; /IniFileName 004A6756 \|. 6A 00 PUSH 0 ; \|Default = 0 004A6758 \|. 68 806A4A00 PUSH dumped_.004A6A80 ; \|port 004A675D \|. 68 786A4A00 PUSH dumped_.004A6A78 ; \|target1 004A6762 \|. E8 2501F6FF CALL <JMP.&kernel32.GetPrivateProfileInt>; \GetPrivateProfileIntA 004A6767 \|. 8BD8 MOV EBX,EAX 004A6769 \|. 8B86 A0030000 MOV EAX,DWORD PTR DS:[ESI+3A0] 004A676F \|. E8 ACDFF5FF CALL dumped_.00404720 004A6774 \|. 50 PUSH EAX ; /IniFileName 004A6775 \|. 68 00010000 PUSH 100 ; \|BufSize = 100 (256.) 004A677A \|. 8D85 01FEFFFF LEA EAX,DWORD PTR SS:[EBP-1FF] ; \| 004A6780 \|. 50 PUSH EAX ; \|ReturnBuffer 004A6781 \|. 68 706A4A00 PUSH dumped_.004A6A70 ; \|Default = "" 004A6786 \|. 68 886A4A00 PUSH dumped_.004A6A88 ; \|serverip 004A678B \|. 68 946A4A00 PUSH dumped_.004A6A94 ; \|main 004A6790 \|. E8 FF00F6FF CALL <JMP.&kernel32.GetPrivateProfileStr>; \GetPrivateProfileStringA 004A6795 \|. 8D95 00FEFFFF LEA EDX,DWORD PTR SS:[EBP-200] 004A679B \|. 92 XCHG EAX,EDX 004A679C \|. E8 43C4F5FF CALL dumped_.00402BE4 004A67A1 \|. 8D85 FCFDFFFF LEA EAX,DWORD PTR SS:[EBP-204] 004A67A7 \|. 8D95 00FEFFFF LEA EDX,DWORD PTR SS:[EBP-200] 004A67AD \|. E8 12DDF5FF CALL dumped_.004044C4 004A67B2 \|. 8B85 FCFDFFFF MOV EAX,DWORD PTR SS:[EBP-204] 004A67B8 \|. 50 PUSH EAX 004A67B9 \|. 8D95 F8FDFFFF LEA EDX,DWORD PTR SS:[EBP-208] 004A67BF \|. 8B86 0C030000 MOV EAX,DWORD PTR DS:[ESI+30C] 004A67C5 \|. E8 EE36FAFF CALL dumped_.00449EB8 004A67CA \|. 8B85 F8FDFFFF MOV EAX,DWORD PTR SS:[EBP-208] 004A67D0 \|. E8 BF22F6FF CALL dumped_.00408A94 004A67D5 \|. 50 PUSH EAX 004A67D6 \|. 8D85 F4FDFFFF LEA EAX,DWORD PTR SS:[EBP-20C] 004A67DC \|. 8D95 00FFFFFF LEA EDX,DWORD PTR SS:[EBP-100] 004A67E2 \|. E8 DDDCF5FF CALL dumped_.004044C4 004A67E7 \|. 8B85 F4FDFFFF MOV EAX,DWORD PTR SS:[EBP-20C] 004A67ED \|. 50 PUSH EAX 004A67EE \|. 53 PUSH EBX 004A67EF \|. 8D95 F0FDFFFF LEA EDX,DWORD PTR SS:[EBP-210] 004A67F5 \|. 8B86 24030000 MOV EAX,DWORD PTR DS:[ESI+324] 004A67FB \|. E8 B836FAFF CALL dumped_.00449EB8 004A6800 \|. 8B85 F0FDFFFF MOV EAX,DWORD PTR SS:[EBP-210] 004A6806 \|. 50 PUSH EAX 004A6807 \|. 8D95 ECFDFFFF LEA EDX,DWORD PTR SS:[EBP-214] 004A680D \|. 8B86 20030000 MOV EAX,DWORD PTR DS:[ESI+320] 004A6813 \|. E8 A036FAFF CALL dumped_.00449EB8 004A6818 \|. 8B95 ECFDFFFF MOV EDX,DWORD PTR SS:[EBP-214] 004A681E \|. 8BC6 MOV EAX,ESI 004A6820 \|. 59 POP ECX 004A6821 \|. E8 F6EEFFFF CALL dumped_.004A571C 004A6826 \|. 8BD8 MOV EBX,EAX 004A6828 \|. 0FBEC3 MOVSX EAX,BL 004A682B \|. 83C0 0D ADD EAX,0D ; Switch (cases 0..FFFFFFFF) 004A682E \|. 83F8 0D CMP EAX,0D 004A6831 \|. 0F87 77010000 JA dumped_.004A69AE 004A6837 \|. FF2485 3E684A>JMP DWORD PTR DS:[EAX*4+4A683E] 004A683E \|. 9C694A00 DD dumped_.004A699C ; 分支表被用于 004A6837 004A6842 \|. 8A694A00 DD dumped_.004A698A 004A6846 \|. 78694A00 DD dumped_.004A6978 004A684A \|. 66694A00 DD dumped_.004A6966 004A684E \|. 54694A00 DD dumped_.004A6954 004A6852 \|. 3F694A00 DD dumped_.004A693F 004A6856 \|. 2A694A00 DD dumped_.004A692A 004A685A \|. 15694A00 DD dumped_.004A6915 004A685E \|. 00694A00 DD dumped_.004A6900 004A6862 \|. EB684A00 DD dumped_.004A68EB 004A6866 \|. D6684A00 DD dumped_.004A68D6 004A686A \|. C1684A00 DD dumped_.004A68C1 004A686E \|. 8B684A00 DD dumped_.004A688B 004A6872 \|. 76684A00 DD dumped_.004A6876 004A6876 \|> BA A46A4A00 MOV EDX,dumped_.004A6AA4 ; Case 0 of switch 004A682B 004A687B \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6881 \|. E8 6236FAFF CALL dumped_.00449EE8 004A6886 \|. E9 58010000 JMP dumped_.004A69E3 004A688B \|> 68 D86A4A00 PUSH dumped_.004A6AD8 ; Case FFFFFFFF of switch 004A682B 004A6890 \|. FFB6 B4030000 PUSH DWORD PTR DS:[ESI+3B4] 004A6896 \|. 68 F06A4A00 PUSH dumped_.004A6AF0 004A689B \|. 8D85 E8FDFFFF LEA EAX,DWORD PTR SS:[EBP-218] 004A68A1 \|. BA 03000000 MOV EDX,3 004A68A6 \|. E8 35DDF5FF CALL dumped_.004045E0 004A68AB \|. 8B95 E8FDFFFF MOV EDX,DWORD PTR SS:[EBP-218] 004A68B1 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A68B7 \|. E8 2C36FAFF CALL dumped_.00449EE8 004A68BC \|. E9 22010000 JMP dumped_.004A69E3 004A68C1 \|> BA 006B4A00 MOV EDX,dumped_.004A6B00 ; 帐/密错误; Case FFFFFFFE of switch 004A682B 004A68C6 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A68CC \|. E8 1736FAFF CALL dumped_.00449EE8 004A68D1 E9 0D010000 JMP dumped_.004A69E3 004A68D6 \|> BA 146B4A00 MOV EDX,dumped_.004A6B14 ; sql错误; Case FFFFFFFD of switch 004A682B 004A68DB \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A68E1 \|. E8 0236FAFF CALL dumped_.00449EE8 004A68E6 \|. E9 F8000000 JMP dumped_.004A69E3 004A68EB \|> BA 246B4A00 MOV EDX,dumped_.004A6B24 ; 等级不够; Case FFFFFFFC of switch 004A682B 004A68F0 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A68F6 \|. E8 ED35FAFF CALL dumped_.00449EE8 004A68FB \|. E9 E3000000 JMP dumped_.004A69E3 004A6900 \|> BA 386B4A00 MOV EDX,dumped_.004A6B38 ; 到期; Case FFFFFFFB of switch 004A682B 004A6905 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A690B \|. E8 D835FAFF CALL dumped_.00449EE8 004A6910 \|. E9 CE000000 JMP dumped_.004A69E3 004A6915 \|> BA 486B4A00 MOV EDX,dumped_.004A6B48 ; 冻结; Case FFFFFFFA of switch 004A682B 004A691A \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6920 \|. E8 C335FAFF CALL dumped_.00449EE8 004A6925 \|. E9 B9000000 JMP dumped_.004A69E3 004A692A \|> BA 586B4A00 MOV EDX,dumped_.004A6B58 ; 测试号:srcip已测试过; Case FFFFFFF9 of switch 004A682B 004A692F \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6935 \|. E8 AE35FAFF CALL dumped_.00449EE8 004A693A \|. E9 A4000000 JMP dumped_.004A69E3 004A693F \|> BA 786B4A00 MOV EDX,dumped_.004A6B78 ; 测试号:srcip段已测试过; Case FFFFFFF8 of switch 004A682B 004A6944 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A694A \|. E8 9935FAFF CALL dumped_.00449EE8 004A694F \|. E9 8F000000 JMP dumped_.004A69E3 004A6954 \|> BA 986B4A00 MOV EDX,dumped_.004A6B98 ; 测试号:srcip同时连接过多; Case FFFFFFF7 of switch 004A682B 004A6959 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A695F \|. E8 8435FAFF CALL dumped_.00449EE8 004A6964 \|. EB 7D JMP SHORT dumped_.004A69E3 004A6966 \|> BA BC6B4A00 MOV EDX,dumped_.004A6BBC ; 帐/密太长; Case FFFFFFF6 of switch 004A682B 004A696B \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6971 \|. E8 7235FAFF CALL dumped_.00449EE8 004A6976 \|. EB 6B JMP SHORT dumped_.004A69E3 004A6978 \|> BA D06B4A00 MOV EDX,dumped_.004A6BD0 ; 帐/密有非法字符; Case FFFFFFF5 of switch 004A682B 004A697D \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6983 \|. E8 6035FAFF CALL dumped_.00449EE8 004A6988 \|. EB 59 JMP SHORT dumped_.004A69E3 004A698A \|> BA E86B4A00 MOV EDX,dumped_.004A6BE8 ; 目标服务器/端口连不上; Case FFFFFFF4 of switch 004A682B 004A698F \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6995 \|. E8 4E35FAFF CALL dumped_.00449EE8 004A699A \|. EB 47 JMP SHORT dumped_.004A69E3 004A699C \|> BA 086C4A00 MOV EDX,dumped_.004A6C08 ; 选择的服务器/端口组合有误; Case FFFFFFF3 of switch 004A682B 004A69A1 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A69A7 \|. E8 3C35FAFF CALL dumped_.00449EE8 004A69AC \|. EB 35 JMP SHORT dumped_.004A69E3 004A69AE \|> 8D95 E0FDFFFF LEA EDX,DWORD PTR SS:[EBP-220] ; Default case of switch 004A682B 004A69B4 \|. 0FBEC3 MOVSX EAX,BL 004A69B7 \|. E8 9C1FF6FF CALL dumped_.00408958 004A69BC \|. 8B8D E0FDFFFF MOV ECX,DWORD PTR SS:[EBP-220] 004A69C2 \|. 8D85 E4FDFFFF LEA EAX,DWORD PTR SS:[EBP-21C] 004A69C8 \|. BA 2C6C4A00 MOV EDX,dumped_.004A6C2C ; 未知错误 004A69CD \|. E8 9ADBF5FF CALL dumped_.0040456C 004A69D2 \|. 8B95 E4FDFFFF MOV EDX,DWORD PTR SS:[EBP-21C] 004A69D8 \|. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A69DE \|. E8 0535FAFF CALL dumped_.00449EE8 004A69E3 \|> B2 01 MOV DL,1 004A69E5 \|. 8B86 48030000 MOV EAX,DWORD PTR DS:[ESI+348] 004A69EB \|. 8B08 MOV ECX,DWORD PTR DS:[EAX] 004A69ED \|. FF51 64 CALL DWORD PTR DS:[ECX+64] 004A69F0 \|. 33C0 XOR EAX,EAX 004A69F2 \|. 5A POP EDX 004A69F3 \|. 59 POP ECX 004A69F4 \|. 59 POP ECX 004A69F5 \|. 64:8910 MOV DWORD PTR FS:[EAX],EDX 004A69F8 \|. 68 466A4A00 PUSH dumped_.004A6A46 004A69FD \|> 8D85 E0FDFFFF LEA EAX,DWORD PTR SS:[EBP-220] 004A6A03 \|. BA 03000000 MOV EDX,3 004A6A08 \|. E8 77D8F5FF CALL dumped_.00404284 004A6A0D \|. 8D85 ECFDFFFF LEA EAX,DWORD PTR SS:[EBP-214] 004A6A13 \|. BA 02000000 MOV EDX,2 004A6A18 \|. E8 67D8F5FF CALL dumped_.00404284 004A6A1D \|. 8D85 F4FDFFFF LEA EAX,DWORD PTR SS:[EBP-20C] 004A6A23 \|. E8 38D8F5FF CALL dumped_.00404260 004A6A28 \|. 8D85 F8FDFFFF LEA EAX,DWORD PTR SS:[EBP-208] 004A6A2E \|. E8 2DD8F5FF CALL dumped_.00404260 004A6A33 \|. 8D85 FCFDFFFF LEA EAX,DWORD PTR SS:[EBP-204] 004A6A39 \|. E8 22D8F5FF CALL dumped_.00404260 004A6A3E \. C3 RETN 2007-3-2 16:24 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

[旧帖] 看看这个软件的加密方法 0.00雪花