-
-
[旧帖] [求助]新人如和爆破.网络验证. 0.00雪花
-
发表于: 2007-1-30 11:16
-
004204DC /$ 55 push ebp
004204DD |. 8BEC mov ebp, esp
004204DF |. 83C4 D8 add esp, -28
004204E2 |. B8 D85B5500 mov eax, 00555BD8
004204E7 |. 53 push ebx
004204E8 |. 56 push esi
004204E9 |. 8B75 08 mov esi, dword ptr [ebp+8]
004204EC |. E8 FFCD0F00 call 0051D2F0
004204F1 |. 6A 34 push 34
004204F3 |. E8 F8BA0F00 call 0051BFF0
004204F8 |. 59 pop ecx
004204F9 |. 8945 FC mov dword ptr [ebp-4], eax
004204FC |. 85C0 test eax, eax
004204FE |. 74 1B je short 0042051B
00420500 |. 66:C745 E8 14>mov word ptr [ebp-18], 14
00420506 |. 8B55 FC mov edx, dword ptr [ebp-4]
00420509 |. 52 push edx
0042050A |. E8 616F0100 call 00437470
0042050F |. 59 pop ecx
00420510 |. 66:C745 E8 08>mov word ptr [ebp-18], 8
00420516 |. 8B5D FC mov ebx, dword ptr [ebp-4]
00420519 |. EB 03 jmp short 0042051E
0042051B |> 8B5D FC mov ebx, dword ptr [ebp-4]
0042051E |> 8B45 14 mov eax, dword ptr [ebp+14]
00420521 |. 50 push eax
00420522 |. 8B55 10 mov edx, dword ptr [ebp+10]
00420525 |. 52 push edx
00420526 |. 8B4D 0C mov ecx, dword ptr [ebp+C]
00420529 |. 51 push ecx
0042052A |. 53 push ebx
0042052B |. E8 40700100 call 00437570
00420530 |. 83C4 10 add esp, 10
00420533 |. 53 push ebx
00420534 |. 8B46 38 mov eax, dword ptr [esi+38]
00420537 |. 50 push eax
00420538 |. E8 3FFB0300 call 0046007C
0042053D |. 83C4 08 add esp, 8
00420540 |. 8B55 D8 mov edx, dword ptr [ebp-28]
00420543 |. 64:8915 00000>mov dword ptr fs:[0], edx
0042054A |. 5E pop esi
0042054B |. 5B pop ebx
0042054C |. 8BE5 mov esp, ebp
0042054E |. 5D pop ebp
0042054F \. C3 retn
00420550 04 db 04
00420551 00 db 00
00420552 00 db 00
00420553 00 db 00
00420554 90 nop
00420555 00 db 00
00420556 0C db 0C
00420557 00 db 00
00420558 6C164200 dd dumped_.0042166C
0042055C . 43 43 6D 64 5>ascii "CCmdSysInfo *",0
0042056A 90 nop
0042056B 90 nop
0042056C $ 55 push ebp
0042056D . 8BEC mov ebp, esp
0042056F . 83C4 D4 add esp, -2C
00420572 . B8 085C5500 mov eax, 00555C08
00420577 . 53 push ebx
00420578 . 56 push esi
00420579 . 8B5D 08 mov ebx, dword ptr [ebp+8]
0042057C . E8 6FCD0F00 call 0051D2F0
00420581 . 8B53 38 mov edx, dword ptr [ebx+38]
00420584 . 8B1A mov ebx, dword ptr [edx]
00420586 . 85DB test ebx, ebx
00420588 . 74 6C je short 004205F6
0042058A > 8BC3 mov eax, ebx
0042058C . 8B5B 04 mov ebx, dword ptr [ebx+4]
0042058F . 0FBE50 30 movsx edx, byte ptr [eax+30]
00420593 . 83FA 04 cmp edx, 4
00420596 . 77 5A ja short 004205F2
00420598 . FF2495 9F0542>jmp dword ptr [edx*4+42059F]
0042059F . F2054200 dd dumped_.004205F2
004205A3 . B5054200 dd dumped_.004205B5
004205A7 . F2054200 dd dumped_.004205F2
004205AB . BE054200 dd dumped_.004205BE
004205AF . C7054200 dd dumped_.004205C7
004205B3 . EB 3D jmp short 004205F2
004205B5 > 50 push eax
004205B6 . E8 81700100 call 0043763C
004205BB . 59 pop ecx
004205BC . EB 34 jmp short 004205F2
004205BE > 50 push eax
004205BF . E8 20700100 call 004375E4
004205C4 . 59 pop ecx
004205C5 . EB 2B jmp short 004205F2
004205C7 > 85C0 test eax, eax
004205C9 . 74 27 je short 004205F2
004205CB . 8BF0 mov esi, eax
004205CD . 8975 F8 mov dword ptr [ebp-8], esi
004205D0 . 85F6 test esi, esi
004205D2 . 74 1E je short 004205F2
004205D4 . 8B06 mov eax, dword ptr [esi]
004205D6 . 8945 FC mov dword ptr [ebp-4], eax
004205D9 . 66:C745 E4 14>mov word ptr [ebp-1C], 14
004205DF . 6A 03 push 3
004205E1 . 8B55 F8 mov edx, dword ptr [ebp-8]
004205E4 . 52 push edx
004205E5 . 8B0A mov ecx, dword ptr [edx]
004205E7 . FF11 call dword ptr [ecx]
004205E9 . 66:C745 E4 08>mov word ptr [ebp-1C], 8
004205EF . 83C4 08 add esp, 8
004205F2 > 85DB test ebx, ebx
004205F4 .^ 75 94 jnz short 0042058A
004205F6 > 8B45 D4 mov eax, dword ptr [ebp-2C]
004205F9 . 64:A3 0000000>mov dword ptr fs:[0], eax
004205FF . 5E pop esi
00420600 . 5B pop ebx
00420601 . 8BE5 mov esp, ebp
00420603 . 5D pop ebp
00420604 . C3 retn
00420605 90 nop
00420606 90 nop
00420607 90 nop
00420608 08 db 08
00420609 00 db 00
0042060A 00 db 00
0042060B 00 db 00
0042060C 00 db 00
0042060D 04 db 04
0042060E 10 db 10
0042060F 00 db 00
00420610 50054200 dd dumped_.00420550
00420614 02 db 02
00420615 00 db 00
00420616 00 db 00
00420617 00 db 00
00420618 . 43 43 6D 64 5>ascii "CCmdSysInfo *[2]"
00420628 . 00 ascii 0
00420629 90 nop
0042062A 90 nop
0042062B 90 nop
0042062C /$ 55 push ebp
0042062D |. 8BEC mov ebp, esp
0042062F |. 53 push ebx
00420630 |. 56 push esi
00420631 |. 8B75 0C mov esi, dword ptr [ebp+C]
00420634 |. 68 CD505500 push 005550CD
00420639 |. 8B45 10 mov eax, dword ptr [ebp+10]
0042063C |. 50 push eax
0042063D |. E8 AECB0F00 call 0051D1F0
00420642 |. 83C4 08 add esp, 8
00420645 |. 8BD8 mov ebx, eax
00420647 |. 53 push ebx
00420648 |. E8 0309FFFF call 00410F50
0042064D |. 59 pop ecx
0042064E |. 8906 mov dword ptr [esi], eax
00420650 |. 68 CF505500 push 005550CF
00420655 |. 6A 00 push 0
00420657 |. E8 94CB0F00 call 0051D1F0
0042065C |. 83C4 08 add esp, 8
0042065F |. 8BD8 mov ebx, eax
00420661 |. 53 push ebx
00420662 |. E8 E908FFFF call 00410F50
00420667 |. 59 pop ecx
00420668 |. 8946 04 mov dword ptr [esi+4], eax
0042066B |. 68 D1505500 push 005550D1
00420670 |. 6A 00 push 0
00420672 |. E8 79CB0F00 call 0051D1F0
00420677 |. 83C4 08 add esp, 8
0042067A |. 8BD8 mov ebx, eax
0042067C |. 53 push ebx
0042067D |. E8 CE08FFFF call 00410F50
00420682 |. 59 pop ecx
00420683 |. 8946 08 mov dword ptr [esi+8], eax
00420686 |. 5E pop esi
00420687 |. 5B pop ebx
00420688 |. 5D pop ebp
00420689 \. C3 retn
0042068A 90 nop
0042068B 90 nop
0042068C /$ 55 push ebp
0042068D |. 8BEC mov ebp, esp
0042068F |. 81C4 F8FCFFFF add esp, -308
00420695 |. 53 push ebx
00420696 |. 56 push esi
00420697 |. 8B75 08 mov esi, dword ptr [ebp+8]
0042069A |. 68 D9505500 push 005550D9
0042069F |. 68 F3585900 push 005958F3
004206A4 |. 68 D3505500 push 005550D3
004206A9 |. 8D85 08FEFFFF lea eax, dword ptr [ebp-1F8]
004206AF |. 50 push eax
004206B0 |. E8 93021000 call 00520948
004206B5 |. 83C4 10 add esp, 10
004206B8 |. 33D2 xor edx, edx
004206BA |. 8996 18010200 mov dword ptr [esi+20118], edx
004206C0 |. 8D8D 08FEFFFF lea ecx, dword ptr [ebp-1F8]
004206C6 |. 51 push ecx
004206C7 |. E8 5C08FFFF call 00410F28
004206CC |. 59 pop ecx
004206CD |. 84C0 test al, al
004206CF |. 0F84 C1000000 je 00420796
004206D5 |. 68 E3505500 push 005550E3
004206DA |. 8D85 08FEFFFF lea eax, dword ptr [ebp-1F8]
004206E0 |. 50 push eax
004206E1 |. E8 E6E90F00 call 0051F0CC
004206E6 |. 83C4 08 add esp, 8
004206E9 |. 8945 FC mov dword ptr [ebp-4], eax
004206EC |> 8B55 FC /mov edx, dword ptr [ebp-4]
004206EF |. 8D8D 08FDFFFF |lea ecx, dword ptr [ebp-2F8]
004206F5 |. 52 |push edx
004206F6 |. 68 00010000 |push 100
004206FB |. 51 |push ecx
004206FC |. E8 53E60F00 |call 0051ED54
00420701 |. 83C4 0C |add esp, 0C
00420704 |. 85C0 |test eax, eax
00420706 |. 0F84 80000000 |je 0042078C
0042070C |. 8D85 08FDFFFF |lea eax, dword ptr [ebp-2F8]
00420712 |. 50 |push eax
00420713 |. E8 2CC80F00 |call 0051CF44
00420718 |. 59 |pop ecx
00420719 |. 8BD8 |mov ebx, eax
0042071B |. 33D2 |xor edx, edx
0042071D |. 8D85 08FDFFFF |lea eax, dword ptr [ebp-2F8]
00420723 |. 3BDA |cmp ebx, edx
00420725 |. 7E 18 |jle short 0042073F
00420727 |> 0FBE08 |/movsx ecx, byte ptr [eax]
0042072A |. 83F9 0D ||cmp ecx, 0D
0042072D |. 74 05 ||je short 00420734
0042072F |. 83F9 0A ||cmp ecx, 0A
00420732 |. 75 05 ||jnz short 00420739
00420734 |> C600 00 ||mov byte ptr [eax], 0
00420737 |. EB 06 ||jmp short 0042073F
00420739 |> 42 ||inc edx
0042073A |. 40 ||inc eax
0042073B |. 3BDA ||cmp ebx, edx
0042073D |.^ 7F E8 |\jg short 00420727
0042073F |> 6A 10 |push 10
00420741 |. 6A 00 |push 0
00420743 |. 8D85 F8FCFFFF |lea eax, dword ptr [ebp-308]
00420749 |. 50 |push eax
0042074A |. E8 C1C60F00 |call 0051CE10
0042074F |. 83C4 0C |add esp, 0C
00420752 |. 8D95 08FDFFFF |lea edx, dword ptr [ebp-2F8]
00420758 |. 52 |push edx
00420759 |. 8D8D F8FCFFFF |lea ecx, dword ptr [ebp-308]
0042075F |. 51 |push ecx
00420760 |. 56 |push esi
00420761 |. E8 C6FEFFFF |call 0042062C
00420766 |. 83C4 0C |add esp, 0C
00420769 |. 8B85 00FDFFFF |mov eax, dword ptr [ebp-300]
0042076F |. 50 |push eax
00420770 |. 8B95 FCFCFFFF |mov edx, dword ptr [ebp-304]
00420776 |. 52 |push edx
00420777 |. 8B8D F8FCFFFF |mov ecx, dword ptr [ebp-308]
0042077D |. 51 |push ecx
0042077E |. 56 |push esi
0042077F |. E8 B0000000 |call 00420834
00420784 |. 83C4 10 |add esp, 10
00420787 |.^ E9 60FFFFFF \jmp 004206EC
0042078C |> 8B45 FC mov eax, dword ptr [ebp-4]
0042078F |. 50 push eax
00420790 |. E8 8FE40F00 call 0051EC24
00420795 |. 59 pop ecx
00420796 |> 5E pop esi
00420797 |. 5B pop ebx
00420798 |. 8BE5 mov esp, ebp
0042079A |. 5D pop ebp
0042079B \. C3 retn
0042079C /$ 55 push ebp
0042079D |. 8BEC mov ebp, esp
0042079F |. 81C4 A8FDFFFF add esp, -258
004207A5 |. 53 push ebx
004207A6 |. 56 push esi
004207A7 |. 8B5D 08 mov ebx, dword ptr [ebp+8]
004207AA |. 68 EC505500 push 005550EC
004207AF |. 68 F3585900 push 005958F3
004207B4 |. 68 E6505500 push 005550E6
004207B9 |. 8D85 0CFEFFFF lea eax, dword ptr [ebp-1F4]
004207BF |. 50 push eax
004207C0 |. E8 83011000 call 00520948
004207C5 |. 83C4 10 add esp, 10
004207C8 |. 68 F6505500 push 005550F6
004207CD |. 8D95 0CFEFFFF lea edx, dword ptr [ebp-1F4]
004207D3 |. 52 push edx
004207D4 |. E8 F3E80F00 call 0051F0CC
004207D9 |. 83C4 08 add esp, 8
004207DC |. 8BF0 mov esi, eax
004207DE |. 85F6 test esi, esi
004207E0 |. 74 45 je short 00420827
004207E2 |. 8B83 14010200 mov eax, dword ptr [ebx+20114]
004207E8 |. 8B18 mov ebx, dword ptr [eax]
004207EA |. 85DB test ebx, ebx
004207EC |. 74 39 je short 00420827
004207EE |> 8B43 10 /mov eax, dword ptr [ebx+10]
004207F1 |. 8B50 08 |mov edx, dword ptr [eax+8]
004207F4 |. 52 |push edx
004207F5 |. 8D95 A8FDFFFF |lea edx, dword ptr [ebp-258]
004207FB |. 8B48 04 |mov ecx, dword ptr [eax+4]
004207FE |. 51 |push ecx
004207FF |. 8B00 |mov eax, dword ptr [eax]
00420801 |. 50 |push eax
00420802 |. 68 F9505500 |push 005550F9
00420807 |. 52 |push edx
00420808 |. E8 3B011000 |call 00520948
0042080D |. 83C4 14 |add esp, 14
00420810 |. 56 |push esi
00420811 |. 8D8D A8FDFFFF |lea ecx, dword ptr [ebp-258]
00420817 |. 51 |push ecx
00420818 |. E8 F7E90F00 |call 0051F214
0042081D |. 83C4 08 |add esp, 8
00420820 |. 8B5B 04 |mov ebx, dword ptr [ebx+4]
00420823 |. 85DB |test ebx, ebx
00420825 |.^ 75 C7 \jnz short 004207EE
00420827 |> 56 push esi
00420828 |. E8 F7E30F00 call 0051EC24
0042082D |. 59 pop ecx
0042082E |. 5E pop esi
0042082F |. 5B pop ebx
00420830 |. 8BE5 mov esp, ebp
00420832 |. 5D pop ebp
00420833 \. C3 retn
00420834 /$ 55 push ebp
00420835 |. 8BEC mov ebp, esp
00420837 |. 83C4 D4 add esp, -2C
0042083A |. B8 485C5500 mov eax, 00555C48
0042083F |. 53 push ebx
00420840 |. 56 push esi
00420841 |. 57 push edi
00420842 |. 8B75 08 mov esi, dword ptr [ebp+8]
00420845 |. E8 A6CA0F00 call 0051D2F0
0042084A |. 83BE 14010200>cmp dword ptr [esi+20114], 0
00420851 |. 75 33 jnz short 00420886
00420853 |. 6A 0C push 0C
00420855 |. E8 96B70F00 call 0051BFF0
0042085A |. 59 pop ecx
0042085B |. 8945 FC mov dword ptr [ebp-4], eax
0042085E |. 85C0 test eax, eax
00420860 |. 74 1B je short 0042087D
00420862 |. 66:C745 E4 14>mov word ptr [ebp-1C], 14
00420868 |. 8B55 FC mov edx, dword ptr [ebp-4]
0042086B |. 52 push edx
0042086C |. E8 37F70300 call 0045FFA8
00420871 |. 59 pop ecx
00420872 |. 66:C745 E4 08>mov word ptr [ebp-1C], 8
00420878 |. 8B4D FC mov ecx, dword ptr [ebp-4]
0042087B |. EB 03 jmp short 00420880
0042087D |> 8B4D FC mov ecx, dword ptr [ebp-4]
00420880 |> 898E 14010200 mov dword ptr [esi+20114], ecx
00420886 |> 8B86 14010200 mov eax, dword ptr [esi+20114]
0042088C |. 8B00 mov eax, dword ptr [eax]
0042088E |. 85C0 test eax, eax
00420890 |. 74 32 je short 004208C4
00420892 |> 8B50 10 /mov edx, dword ptr [eax+10]
00420895 |. 8B0A |mov ecx, dword ptr [edx]
00420897 |. 3B4D 0C |cmp ecx, dword ptr [ebp+C]
0042089A |. 75 21 |jnz short 004208BD
0042089C |. 8B4A 04 |mov ecx, dword ptr [edx+4]
0042089F |. 3B4D 10 |cmp ecx, dword ptr [ebp+10]
004208A2 |. 75 19 |jnz short 004208BD
004208A4 |. 8B52 08 |mov edx, dword ptr [edx+8]
004208A7 |. 3B55 14 |cmp edx, dword ptr [ebp+14]
004208AA |. 75 11 |jnz short 004208BD
004208AC |. 33C0 |xor eax, eax
004208AE |. 8B55 D4 |mov edx, dword ptr [ebp-2C]
004208B1 |. 64:8915 00000>|mov dword ptr fs:[0], edx
004208B8 |. E9 84000000 |jmp 00420941
004208BD |> 8B40 04 |mov eax, dword ptr [eax+4]
004208C0 |. 85C0 |test eax, eax
004208C2 |.^ 75 CE \jnz short 00420892
004208C4 |> 6A 14 push 14
004208C6 |. E8 25B70F00 call 0051BFF0
004208CB |. 59 pop ecx
004208CC |. 8945 F8 mov dword ptr [ebp-8], eax
004208CF |. 85C0 test eax, eax
004208D1 |. 74 1B je short 004208EE
004208D3 |. 66:C745 E4 2C>mov word ptr [ebp-1C], 2C
004208D9 |. 8B4D F8 mov ecx, dword ptr [ebp-8]
004208DC |. 51 push ecx
004208DD |. E8 BAF50300 call 0045FE9C
004208E2 |. 59 pop ecx
004208E3 |. 66:C745 E4 20>mov word ptr [ebp-1C], 20
004208E9 |. 8B7D F8 mov edi, dword ptr [ebp-8]
004208EC |. EB 03 jmp short 004208F1
004208EE |> 8B7D F8 mov edi, dword ptr [ebp-8]
004208F1 |> 6A 14 push 14
004208F3 |. E8 F8B60F00 call 0051BFF0
004208F8 |. 59 pop ecx
004208F9 |. 8BD8 mov ebx, eax
004208FB |. 6A 14 push 14
004208FD |. 6A 00 push 0
004208FF |. 53 push ebx
00420900 |. E8 0BC50F00 call 0051CE10
00420905 |. 83C4 0C add esp, 0C
00420908 |. 8B45 0C mov eax, dword ptr [ebp+C]
0042090B |. 8903 mov dword ptr [ebx], eax
0042090D |. 8B55 10 mov edx, dword ptr [ebp+10]
00420910 |. 8953 04 mov dword ptr [ebx+4], edx
00420913 |. 8B4D 14 mov ecx, dword ptr [ebp+14]
00420916 |. 894B 08 mov dword ptr [ebx+8], ecx
00420919 |. 8B86 30010200 mov eax, dword ptr [esi+20130]
0042091F |. 8943 10 mov dword ptr [ebx+10], eax
00420922 |. 895F 10 mov dword ptr [edi+10], ebx
00420925 |. 57 push edi
00420926 |. 8B96 14010200 mov edx, dword ptr [esi+20114]
0042092C |. 52 push edx
0042092D |. E8 4AF70300 call 0046007C
00420932 |. 83C4 08 add esp, 8
00420935 |. 8BC3 mov eax, ebx
00420937 |. 8B55 D4 mov edx, dword ptr [ebp-2C]
0042093A |. 64:8915 00000>mov dword ptr fs:[0], edx
00420941 |> 5F pop edi
00420942 |. 5E pop esi
00420943 |. 5B pop ebx
00420944 |. 8BE5 mov esp, ebp
00420946 |. 5D pop ebp
00420947 \. C3 retn
00420948 /$ 55 push ebp
00420949 |. 8BEC mov ebp, esp
0042094B |. 83C4 D4 add esp, -2C
0042094E |. B8 905C5500 mov eax, 00555C90
00420953 |. 53 push ebx
00420954 |. 56 push esi
00420955 |. 8B5D 08 mov ebx, dword ptr [ebp+8]
00420958 |. E8 93C90F00 call 0051D2F0
0042095D |. 83BB 14010200>cmp dword ptr [ebx+20114], 0
00420964 |. 75 0E jnz short 00420974
00420966 |. 8B55 D4 mov edx, dword ptr [ebp-2C]
00420969 |. 64:8915 00000>mov dword ptr fs:[0], edx
00420970 |. 8BC2 mov eax, edx
00420972 |. EB 5B jmp short 004209CF
00420974 |> 8B4D 0C mov ecx, dword ptr [ebp+C]
00420977 |. 51 push ecx
00420978 |. 8B83 14010200 mov eax, dword ptr [ebx+20114]
0042097E |. 50 push eax
0042097F |. E8 74F70300 call 004600F8
00420984 |. 83C4 08 add esp, 8
00420987 |. 8BD8 mov ebx, eax
00420989 |. 85DB test ebx, ebx
0042098B |. 74 0E je short 0042099B
0042098D |. 8B43 10 mov eax, dword ptr [ebx+10]
00420990 |. 85C0 test eax, eax
00420992 |. 74 07 je short 0042099B
00420994 |. 50 push eax
00420995 |. E8 22B60F00 call 0051BFBC
0042099A |. 59 pop ecx
0042099B |> 85DB test ebx, ebx
0042099D |. 74 27 je short 004209C6
0042099F |. 8BF3 mov esi, ebx
004209A1 |. 8975 F8 mov dword ptr [ebp-8], esi
004209A4 |. 85F6 test esi, esi
004209A6 |. 74 1E je short 004209C6
004209A8 |. 8B06 mov eax, dword ptr [esi]
004209AA |. 8945 FC mov dword ptr [ebp-4], eax
004209AD |. 66:C745 E4 14>mov word ptr [ebp-1C], 14
004209B3 |. 6A 03 push 3
004209B5 |. 8B55 F8 mov edx, dword ptr [ebp-8]
004209B8 |. 52 push edx
004209B9 |. 8B0A mov ecx, dword ptr [edx]
004209BB |. FF11 call dword ptr [ecx]
004209BD |. 66:C745 E4 08>mov word ptr [ebp-1C], 8
004209C3 |. 83C4 08 add esp, 8
004209C6 |> 8B45 D4 mov eax, dword ptr [ebp-2C]
004209C9 |. 64:A3 0000000>mov dword ptr fs:[0], eax
004209CF |> 5E pop esi
004209D0 |. 5B pop ebx
004209D1 |. 8BE5 mov esp, ebp
004209D3 |. 5D pop ebp
004209D4 \. C3 retn
004209D5 90 nop
004209D6 90 nop
004209D7 90 nop
004209D8 08 db 08
004209D9 00 db 00
004209DA 00 db 00
004209DB 00 db 00
004209DC 00 db 00
004209DD 04 db 04
004209DE 10 db 10
004209DF 00 db 00
004209E0 E0C74100 dd dumped_.0041C7E0
004209E4 02 db 02
004209E5 00 db 00
004209E6 00 db 00
004209E7 00 db 00
004209E8 . 43 41 4C 69 7>ascii "CAListItem *[2]",0
004209F8 /$ 55 push ebp
004209F9 |. 8BEC mov ebp, esp
004209FB |. 8B4D 0C mov ecx, dword ptr [ebp+C]
004209FE |. 8B45 08 mov eax, dword ptr [ebp+8]
00420A01 |. 8B90 14010200 mov edx, dword ptr [eax+20114]
00420A07 |. 85D2 test edx, edx
00420A09 |. 75 04 jnz short 00420A0F
00420A0B |. 33C0 xor eax, eax
00420A0D |. 5D pop ebp
00420A0E |. C3 retn
00420A0F |> 8B02 mov eax, dword ptr [edx]
00420A11 |. 85C0 test eax, eax
00420A13 |. 74 12 je short 00420A27
00420A15 |> 8B50 10 /mov edx, dword ptr [eax+10]
00420A18 |. 3B0A |cmp ecx, dword ptr [edx]
00420A1A |. 75 04 |jnz short 00420A20
00420A1C |. 8BC2 |mov eax, edx
00420A1E |. 5D |pop ebp
00420A1F |. C3 |retn
00420A20 |> 8B40 04 |mov eax, dword ptr [eax+4]
00420A23 |. 85C0 |test eax, eax
00420A25 |.^ 75 EE \jnz short 00420A15
00420A27 |> 33C0 xor eax, eax
00420A29 |. 5D pop ebp
00420A2A \. C3 retn
00420A2B 90 nop
00420A2C /$ 55 push ebp
00420A2D |. 8BEC mov ebp, esp
00420A2F |. 53 push ebx
00420A30 |. 8B5D 08 mov ebx, dword ptr [ebp+8]
00420A33 |. 33C0 xor eax, eax
00420A35 |. 8983 1C010200 mov dword ptr [ebx+2011C], eax
00420A3B |. 33D2 xor edx, edx
00420A3D |. 8993 38010200 mov dword ptr [ebx+20138], edx
00420A43 |. 33C9 xor ecx, ecx
00420A45 |. 898B 3C010200 mov dword ptr [ebx+2013C], ecx
00420A4B |. 33C0 xor eax, eax
00420A4D |. 8983 20010200 mov dword ptr [ebx+20120], eax
00420A53 |. 33D2 xor edx, edx
00420A55 |. 8993 28010200 mov dword ptr [ebx+20128], edx
00420A5B |. 33C9 xor ecx, ecx
00420A5D |. 898B 24010200 mov dword ptr [ebx+20124], ecx
00420A63 |. 53 push ebx
00420A64 |. E8 43000000 call 00420AAC
00420A69 |. 59 pop ecx
00420A6A |> E8 497DFFFF call 004187B8
00420A6F |. 3D 00000010 cmp eax, 10000000
00420A74 |.^ 76 F4 jbe short 00420A6A
00420A76 |. 8983 30010200 mov dword ptr [ebx+20130], eax
00420A7C |. 33C0 xor eax, eax
00420A7E |. C683 41010200>mov byte ptr [ebx+20141], 0
00420A85 |. 8983 44010200 mov dword ptr [ebx+20144], eax
00420A8B |. C683 48010200>mov byte ptr [ebx+20148], 0
00420A92 |. E8 E93F1000 call 00524A80
00420A97 |. 8983 34010200 mov dword ptr [ebx+20134], eax
00420A9D |. 33D2 xor edx, edx
00420A9F |. 8993 2C010200 mov dword ptr [ebx+2012C], edx
00420AA5 |. B0 01 mov al, 1
00420AA7 |. 5B pop ebx
00420AA8 |. 5D pop ebp
00420AA9 \. C3 retn
00420AAA 90 nop
00420AAB 90 nop
00420AAC /$ 55 push ebp
00420AAD |. 8BEC mov ebp, esp
00420AAF |. 83C4 D8 add esp, -28
00420AB2 |. B8 C05C5500 mov eax, 00555CC0
00420AB7 |. 53 push ebx
00420AB8 |. 8B5D 08 mov ebx, dword ptr [ebp+8]
00420ABB |. E8 30C80F00 call 0051D2F0
00420AC0 |. 8B83 38010200 mov eax, dword ptr [ebx+20138]
00420AC6 |. 85C0 test eax, eax
00420AC8 |. 74 1D je short 00420AE7
00420ACA |. 8B93 3C010200 mov edx, dword ptr [ebx+2013C]
00420AD0 |. 52 push edx
00420AD1 |. 50 push eax
00420AD2 |. E8 5DF41100 call <jmp.&kernel32.TerminateThread>
00420AD7 |. 33C9 xor ecx, ecx
00420AD9 |. 33C0 xor eax, eax
00420ADB |. 898B 3C010200 mov dword ptr [ebx+2013C], ecx
00420AE1 |. 8983 38010200 mov dword ptr [ebx+20138], eax
00420AE7 |> 8B83 1C010200 mov eax, dword ptr [ebx+2011C]
00420AED |. 85C0 test eax, eax
00420AEF |. 74 2B je short 00420B1C
00420AF1 |. 8945 FC mov dword ptr [ebp-4], eax
00420AF4 |. 837D FC 00 cmp dword ptr [ebp-4], 0
00420AF8 |. 74 1A je short 00420B14
00420AFA |. 66:C745 E8 14>mov word ptr [ebp-18], 14
00420B00 |. 6A 03 push 3
00420B02 |. 8B55 FC mov edx, dword ptr [ebp-4]
00420B05 |. 52 push edx
00420B06 |. E8 91030200 call 00440E9C
00420B0B |. 66:C745 E8 08>mov word ptr [ebp-18], 8
00420B11 |. 83C4 08 add esp, 8
00420B14 |> 33C9 xor ecx, ecx
00420B16 |. 898B 1C010200 mov dword ptr [ebx+2011C], ecx
00420B1C |> 8B45 D8 mov eax, dword ptr [ebp-28]
00420B1F |. 64:A3 0000000>mov dword ptr fs:[0], eax
00420B25 |. 5B pop ebx
00420B26 |. 8BE5 mov esp, ebp
00420B28 |. 5D pop ebp
00420B29 \. C3 retn
00420B2A 90 nop
00420B2B 90 nop
00420B2C /$ 55 push ebp
00420B2D |. 8BEC mov ebp, esp
00420B2F |. 83C4 D4 add esp, -2C
00420B32 |. B8 F05C5500 mov eax, 00555CF0
00420B37 |. 53 push ebx
00420B38 |. 56 push esi
00420B39 |. 8B5D 08 mov ebx, dword ptr [ebp+8]
00420B3C |. E8 AFC70F00 call 0051D2F0
00420B41 |. C683 41010200>mov byte ptr [ebx+20141], 1
00420B48 |. 83BB 1C010200>cmp dword ptr [ebx+2011C], 0
00420B4F |. 74 11 je short 00420B62
00420B51 |. B0 01 mov al, 1
00420B53 |. 8B55 D8 mov edx, dword ptr [ebp-28]
00420B56 |. 64:8915 00000>mov dword ptr fs:[0], edx
00420B5D |. E9 26010000 jmp 00420C88
00420B62 |> 68 E4010000 push 1E4
00420B67 |. E8 84B40F00 call 0051BFF0
00420B6C |. 59 pop ecx
00420B6D |. 8945 FC mov dword ptr [ebp-4], eax
00420B70 |. 85C0 test eax, eax
00420B72 |. 74 1B je short 00420B8F
00420B74 |. 66:C745 E8 14>mov word ptr [ebp-18], 14
00420B7A |. 8B55 FC mov edx, dword ptr [ebp-4]
00420B7D |. 52 push edx
00420B7E |. E8 15020200 call 00440D98
00420B83 |. 59 pop ecx
00420B84 |. 66:C745 E8 08>mov word ptr [ebp-18], 8
00420B8A |. 8B75 FC mov esi, dword ptr [ebp-4]
00420B8D |. EB 03 jmp short 00420B92
00420B8F |> 8B75 FC mov esi, dword ptr [ebp-4]
00420B92 |> 33C0 xor eax, eax
00420B94 |. 89B3 1C010200 mov dword ptr [ebx+2011C], esi
00420B9A |. 8946 04 mov dword ptr [esi+4], eax
00420B9D |. 33D2 xor edx, edx
00420B9F |. 8956 44 mov dword ptr [esi+44], edx
00420BA2 |. 33C9 xor ecx, ecx
00420BA4 |. C746 48 03000>mov dword ptr [esi+48], 3
00420BAB |. 898B 20010200 mov dword ptr [ebx+20120], ecx
00420BB1 |. 33C0 xor eax, eax
00420BB3 |. 8983 28010200 mov dword ptr [ebx+20128], eax
00420BB9 |. 8B83 38010200 mov eax, dword ptr [ebx+20138]
00420BBF |. 85C0 test eax, eax
00420BC1 |. 74 1D je short 00420BE0
00420BC3 |. 8B93 3C010200 mov edx, dword ptr [ebx+2013C]
00420BC9 |. 52 push edx
00420BCA |. 50 push eax
00420BCB |. E8 64F31100 call <jmp.&kernel32.TerminateThread>
00420BD0 |. 33C9 xor ecx, ecx
00420BD2 |. 33C0 xor eax, eax
00420BD4 |. 898B 3C010200 mov dword ptr [ebx+2013C], ecx
00420BDA |. 8983 38010200 mov dword ptr [ebx+20138], eax
00420BE0 |> 8D55 D4 lea edx, dword ptr [ebp-2C]
00420BE3 |. 52 push edx
00420BE4 |. 6A 00 push 0
00420BE6 |. 6A 00 push 0
00420BE8 |. 68 10B64100 push 0041B610
00420BED |. 6A 00 push 0
00420BEF |. 6A 00 push 0
00420BF1 |. E8 DAF01100 call <jmp.&kernel32.CreateThread>
00420BF6 |. 8BF0 mov esi, eax
00420BF8 |. 89B3 38010200 mov dword ptr [ebx+20138], esi
00420BFE |. 85F6 test esi, esi
00420C00 |. 75 25 jnz short 00420C27
possible stringdata Ref from Data Obj ->"认证连接线程创建失败!请尝试重启程序. 00420C02 |. 68 04515500 push 00555104
00420C07 |. 6A 03 push 3
00420C09 |. 6A 00 push 0
00420C0B |. A1 B4155500 mov eax, dword ptr [5515B4]
00420C10 |. 50 push eax
00420C11 |. E8 06B6FFFF call 0041C21C
00420C16 |. 83C4 10 add esp, 10
00420C19 |. 33C0 xor eax, eax
00420C1B |. 8B55 D8 mov edx, dword ptr [ebp-28]
00420C1E |. 64:8915 00000>mov dword ptr fs:[0], edx
00420C25 |. EB 61 jmp short 00420C88
00420C27 |> 8D8B 3C010200 lea ecx, dword ptr [ebx+2013C]
00420C2D |. 51 push ecx
00420C2E |. 8B83 38010200 mov eax, dword ptr [ebx+20138]
00420C34 |. 50 push eax
00420C35 |. E8 3EF11100 call <jmp.&kernel32.GetExitCodeThread>
00420C3A |. 85C0 test eax, eax
00420C3C |. 75 26 jnz short 00420C64
possible stringdata Ref from Data Obj -> 认证连接线程ExitCode获取失败!请尝试重启程序 00420C3E |. 68 54515500 push 00555154
00420C43 |. 6A 03 push 3
00420C45 |. 6A 00 push 0
00420C47 |. 8B15 B4155500 mov edx, dword ptr [5515B4]
00420C4D |. 52 push edx
00420C4E |. E8 C9B5FFFF call 0041C21C
00420C53 |. 83C4 10 add esp, 10
00420C56 |. 33C0 xor eax, eax
00420C58 |. 8B55 D8 mov edx, dword ptr [ebp-28]
00420C5B |. 64:8915 00000>mov dword ptr fs:[0], edx
00420C62 |. EB 24 jmp short 00420C88
possible stringdata Ref from Data Obj -> "认证启动" 00420C64 |> 6 8 AC515500 push 005551AC
00420C69 |. 6A 03 push 3
00420C6B |. 6A 00 push 0
00420C6D |. 8B0D B4155500 mov ecx, dword ptr [5515B4]
00420C73 |. 51 push ecx
00420C74 |. E8 A3B5FFFF call 0041C21C
00420C79 |. 83C4 10 add esp, 10
00420C7C |. B0 01 mov al, 1
00420C7E |. 8B55 D8 mov edx, dword ptr [ebp-28]
00420C81 |. 64:8915 00000>mov dword ptr fs:[0], edx
00420C88 |> 5E pop esi
00420C89 |. 5B pop ebx
00420C8A |. 8BE5 mov esp, ebp
00420C8C |. 5D pop ebp
00420C8D \. C3 retn
00420C8E 90 nop
00420C8F 90 nop
00420C90 /$ 55 push ebp
00420C91 |. 8BEC mov ebp, esp
00420C93 |. 81C4 04F0FFFF add esp, -0FFC
00420C99 |. 50 push eax
00420C9A |. 83C4 F0 add esp, -10
00420C9D |. 803D 104C5500>cmp byte ptr [554C10], 0
00420CA4 |. 53 push ebx
00420CA5 |. 56 push esi
00420CA6 |. 57 push edi
00420CA7 |. 8B5D 08 mov ebx, dword ptr [ebp+8]
00420CAA |. 75 1B jnz short 00420CC7
00420CAC |. 80BB 48010200>cmp byte ptr [ebx+20148], 0
00420CB3 |. 74 12 je short 00420CC7
00420CB5 |. 53 push ebx
00420CB6 |. E8 71FEFFFF call 00420B2C
00420CBB |. 59 pop ecx
00420CBC |. 84C0 test al, al
00420CBE |. 74 07 je short 00420CC7
00420CC0 |. C605 104C5500>mov byte ptr [554C10], 1
00420CC7 |> E8 36F11100 call <jmp.&kernel32.GetTickCount>
00420CCC |. 8945 FC mov dword ptr [ebp-4], eax
00420CCF |. 8B83 14010200 mov eax, dword ptr [ebx+20114]
00420CD5 |. 85C0 test eax, eax
00420CD7 |. 0F84 D3010000 je 00420EB0
00420CDD |. 8378 08 00 cmp dword ptr [eax+8], 0
00420CE1 |. 0F84 C9010000 je 00420EB0
00420CE7 |. 8B83 1C010200 mov eax, dword ptr [ebx+2011C]
00420CED |. 85C0 test eax, eax
00420CEF |. 0F84 BB010000 je 00420EB0
00420CF5 |. 50 push eax
00420CF6 |. E8 55060200 call 00441350
00420CFB |. 59 pop ecx
00420CFC |. 8B93 1C010200 mov edx, dword ptr [ebx+2011C]
00420D02 |. 52 push edx
00420D03 |. E8 E8020200 call 00440FF0
00420D08 |. 59 pop ecx
00420D09 |. 83F8 02 cmp eax, 2
00420D0C |. 0F85 5D010000 jnz 00420E6F
00420D12 |. 8B4D FC mov ecx, dword ptr [ebp-4]
00420D15 |. 2B8B 20010200 sub ecx, dword ptr [ebx+20120]
00420D1B |. 3B8B 24010200 cmp ecx, dword ptr [ebx+20124]
00420D21 |. 0F86 07010000 jbe 00420E2E
00420D27 |. 8B45 FC mov eax, dword ptr [ebp-4]
00420D2A |. 8983 20010200 mov dword ptr [ebx+20120], eax
00420D30 |. E8 CDF01100 call <jmp.&kernel32.GetTickCount>
00420D35 |. B9 E0930400 mov ecx, 493E0
00420D3A |. 33D2 xor edx, edx
00420D3C |. F7F1 div ecx
00420D3E |. 8993 24010200 mov dword ptr [ebx+20124], edx
00420D44 |. 83BB 14010200>cmp dword ptr [ebx+20114], 0
00420D4B |. 74 0B je short 00420D58
00420D4D |. 8B83 14010200 mov eax, dword ptr [ebx+20114]
00420D53 |. 8B70 08 mov esi, dword ptr [eax+8]
00420D56 |. EB 02 jmp short 00420D5A
00420D58 |> 33F6 xor esi, esi
00420D5A |> 8BFE mov edi, esi
00420D5C |. 68 00100000 push 1000
00420D61 |. C1E7 04 shl edi, 4
00420D64 |. 8D85 F0EFFFFF lea eax, dword ptr [ebp-1010]
00420D6A |. 6A 00 push 0
00420D6C |. 50 push eax
00420D6D |. 81C7 94000000 add edi, 94
00420D73 |. E8 98C00F00 call 0051CE10
00420D78 |. 83C4 0C add esp, 0C
00420D7B |. 8D95 F0EFFFFF lea edx, dword ptr [ebp-1010]
00420D81 |. 8955 F8 mov dword ptr [ebp-8], edx
00420D84 |. 8B4D F8 mov ecx, dword ptr [ebp-8]
00420D87 |. 66:8939 mov word ptr [ecx], di
00420D8A |. 8B45 F8 mov eax, dword ptr [ebp-8]
00420D8D |. 8B93 34010200 mov edx, dword ptr [ebx+20134]
00420D93 |. 8950 48 mov dword ptr [eax+48], edx
00420D96 |. 8B4D F8 mov ecx, dword ptr [ebp-8]
00420D99 |. 8971 44 mov dword ptr [ecx+44], esi
00420D9C |. 8B45 F8 mov eax, dword ptr [ebp-8]
00420D9F |. 8B93 30010200 mov edx, dword ptr [ebx+20130]
00420DA5 |. 8950 4C mov dword ptr [eax+4C], edx
00420DA8 |. 8B4D F8 mov ecx, dword ptr [ebp-8]
00420DAB |. 66:C741 02 00>mov word ptr [ecx+2], 0
00420DB1 |. C745 F4 94000>mov dword ptr [ebp-C], 94
00420DB8 |. 8B83 14010200 mov eax, dword ptr [ebx+20114]
00420DBE |. 8B08 mov ecx, dword ptr [eax]
00420DC0 |. 85C9 test ecx, ecx
00420DC2 |. 74 32 je short 00420DF6
00420DC4 |> 8B41 10 /mov eax, dword ptr [ecx+10]
00420DC7 |. 8D95 F0EFFFFF |lea edx, dword ptr [ebp-1010]
00420DCD |. 0355 F4 |add edx, dword ptr [ebp-C]
00420DD0 |. 8B75 F4 |mov esi, dword ptr [ebp-C]
00420DD3 |. 83C6 10 |add esi, 10
00420DD6 |. 8975 F4 |mov dword ptr [ebp-C], esi
00420DD9 |. 8B30 |mov esi, dword ptr [eax]
00420DDB |. 8932 |mov dword ptr [edx], esi
00420DDD |. 8B70 04 |mov esi, dword ptr [eax+4]
00420DE0 |. 8972 04 |mov dword ptr [edx+4], esi
00420DE3 |. 8B70 08 |mov esi, dword ptr [eax+8]
00420DE6 |. 8972 08 |mov dword ptr [edx+8], esi
00420DE9 |. 8B40 10 |mov eax, dword ptr [eax+10]
00420DEC |. 8942 0C |mov dword ptr [edx+C], eax
00420DEF |. 8B49 04 |mov ecx, dword ptr [ecx+4]
00420DF2 |. 85C9 |test ecx, ecx
00420DF4 |.^ 75 CE \jnz short 00420DC4
00420DF6 |> 8D95 F0EFFFFF lea edx, dword ptr [ebp-1010]
00420DFC |. 52 push edx
00420DFD |. 53 push ebx
00420DFE |. E8 09010000 call 00420F0C
00420E03 |. 83C4 08 add esp, 8
00420E06 |. 8D95 F0EFFFFF lea edx, dword ptr [ebp-1010]
00420E0C |. 6A FF push -1
00420E0E |. 6A 01 push 1
00420E10 |. 8B4D F8 mov ecx, dword ptr [ebp-8]
00420E13 |. 0FB701 movzx eax, word ptr [ecx]
00420E16 |. 50 push eax
00420E17 |. 52 push edx
00420E18 |. 8B8B 1C010200 mov ecx, dword ptr [ebx+2011C]
00420E1E |. 51 push ecx
00420E1F |. E8 DC0B0200 call 00441A00
00420E24 |. 83C4 14 add esp, 14
00420E27 |. C683 41010200>mov byte ptr [ebx+20141], 0
00420E2E |> 8B45 FC mov eax, dword ptr [ebp-4]
00420E31 |. 2B83 28010200 sub eax, dword ptr [ebx+20128]
00420E37 |. 3D 204E0000 cmp eax, 4E20
00420E3C |. 76 31 jbe short 00420E6F
00420E3E |. 66:C745 F0 04>mov word ptr [ebp-10], 4
00420E44 |. 66:C745 F2 01>mov word ptr [ebp-E], 1
00420E4A |. 6A FF push -1
00420E4C |. 6A 01 push 1
00420E4E |. 0FB755 F0 movzx edx, word ptr [ebp-10]
00420E52 |. 52 push edx
00420E53 |. 8D4D F0 lea ecx, dword ptr [ebp-10]
00420E56 |. 51 push ecx
00420E57 |. 8B83 1C010200 mov eax, dword ptr [ebx+2011C]
00420E5E |. E8 9D0B0200 call 00441A00
00420E63 |. 83C4 14 add esp, 14
00420E66 |. 8B55 FC mov edx, dword ptr [ebp-4]
00420E69 |. 8993 28010200 mov dword ptr [ebx+20128], edx
00420E6F |> 8B8B 1C010200 mov ecx, dword ptr [ebx+2011C]
00420E75 |. 51 push ecx
00420E76 |. E8 75010200 call 00440FF0
00420E7B |. 59 pop ecx
00420E7C |. 83F8 04 cmp eax, 4
00420E7F |. 75 2F jnz short 00420EB0
00420E81 |. 803D 114C5500>cmp byte ptr [554C11], 0
00420E88 |. 75 26 jnz short 00420EB0
possible stringdata Ref from Data Obj -> 验证服务器断开链接 00420E8A |. 68 B5515500 push 005551B5
00420E8F |. 6A 03 push 3
00420E91 |. 6A 00 push 0
00420E93 |. A1 B4155500 mov eax, dword ptr [5515B4]
00420E98 |. 50 push eax
00420E99 |. E8 7EB3FFFF call 0041C21C
00420E9E |. 83C4 10 add esp, 10
00420EA1 |. 33D2 xor edx, edx
00420EA3 |. 8993 44010200 mov dword ptr [ebx+20144], edx
00420EA9 |. C605 114C5500>mov byte ptr [554C11], 1
00420EB0 |> 5F pop edi
00420EB1 |. 5E pop esi
00420EB2 |. 5B pop ebx
00420EB3 |. 8BE5 mov esp, ebp
00420EB5 |. 5D pop ebp
00420EB6 \. C3 retn
00420EB7 90 nop
00420EB8 /$ 55 push ebp
00420EB9 |. 8BEC mov ebp, esp
00420EBB |. 81C4 04F0FFFF add esp, -0FFC
00420EC1 |. 50 push eax
00420EC2 |. 53 push ebx
00420EC3 |. 8B45 0C mov eax, dword ptr [ebp+C]
00420EC6 |. 8B5D 08 mov ebx, dword ptr [ebp+8]
00420EC9 |. 8BD0 mov edx, eax
00420ECB |. 66:837A 02 01 cmp word ptr [edx+2], 1
00420ED0 |. 74 33 je short 00420F05
00420ED2 |. 8B4D 10 mov ecx, dword ptr [ebp+10]
00420ED5 |. 51 push ecx
00420ED6 |. 50 push eax
00420ED7 |. 8D85 00F0FFFF lea eax, dword ptr [ebp-1000]
00420EDD |. 50 push eax
00420EDE |. E8 BDBE0F00 call 0051CDA0
00420EE3 |. 83C4 0C add esp, 0C
00420EE6 |. 8D85 00F0FFFF lea eax, dword ptr [ebp-1000]
00420EEC |. 50 push eax
00420EED |. 53 push ebx
00420EEE |. E8 E1010000 call 004210D4
00420EF3 |. 83C4 08 add esp, 8
00420EF6 |. 8B15 9C4F5900 mov edx, dword ptr [594F9C]
00420EFC |. 8B0A mov ecx, dword ptr [edx]
00420EFE |. 51 push ecx
00420EFF |. E8 707FFEFF call 00408E74
00420F04 |. 59 pop ecx
00420F05 |> 5B pop ebx
00420F06 |. 8BE5 mov esp, ebp
00420F08 |. 5D pop ebp
00420F09 \. C3 retn
00420F0A 90 nop
00420F0B 90 nop
00420F0C /$ 55 push ebp
00420F0D |. 8BEC mov ebp, esp
00420F0F |. 83C4 F0 add esp, -10
00420F12 |. 53 push ebx
00420F13 |. 56 push esi
00420F14 |. 57 push edi
00420F15 |. 8B45 0C mov eax, dword ptr [ebp+C]
00420F18 |. 8945 FC mov dword ptr [ebp-4], eax
00420F1B |> E8 9878FFFF /call 004187B8
00420F20 |. 8BD8 |mov ebx, eax
00420F22 |. 8B45 FC |mov eax, dword ptr [ebp-4]
00420F25 |. 8958 50 |mov dword ptr [eax+50], ebx
00420F28 |. 81FB 00000010 |cmp ebx, 10000000
00420F2E |.^ 76 EB \jbe short 00420F1B
00420F30 |. 8B55 FC mov edx, dword ptr [ebp-4]
00420F33 |. 8B4A 44 mov ecx, dword ptr [edx+44]
00420F36 |. 894D F8 mov dword ptr [ebp-8], ecx
00420F39 |. B9 BC030000 mov ecx, 3BC
00420F3E |. 8B45 FC mov eax, dword ptr [ebp-4]
00420F41 |. 8170 50 EF12B>xor dword ptr [eax+50], 93B712EF
00420F48 |. 8B55 FC mov edx, dword ptr [ebp-4]
00420F4B |. 8B42 4C mov eax, dword ptr [edx+4C]
00420F4E |. 33D2 xor edx, edx
00420F50 |. F7F1 div ecx
00420F52 |. 8B45 FC mov eax, dword ptr [ebp-4]
00420F55 |. 8B4D FC mov ecx, dword ptr [ebp-4]
00420F58 |. 8BFA mov edi, edx
00420F5A |. 8B50 50 mov edx, dword ptr [eax+50]
00420F5D |. 3151 4C xor dword ptr [ecx+4C], edx
00420F60 |. 8B55 FC mov edx, dword ptr [ebp-4]
00420F63 |. 8B04BD 103C55>mov eax, dword ptr [edi*4+553C10]
00420F6A |. 3142 44 xor dword ptr [edx+44], eax
00420F6D |. 8B45 FC mov eax, dword ptr [ebp-4]
00420F70 |. 8B0CBD 203C55>mov ecx, dword ptr [edi*4+553C20]
00420F77 |. 3148 48 xor dword ptr [eax+48], ecx
00420F7A |. 33DB xor ebx, ebx
00420F7C |. 8B45 FC mov eax, dword ptr [ebp-4]
00420F7F |. 8D50 04 lea edx, dword ptr [eax+4]
00420F82 |. 8955 F4 mov dword ptr [ebp-C], edx
00420F85 |> 8B4D F4 /mov ecx, dword ptr [ebp-C]
00420F88 |. 8BF1 |mov esi, ecx
00420F8A |. E8 2978FFFF |call 004187B8
00420F8F |. 8906 |mov dword ptr [esi], eax
00420F91 |. 8D043B |lea eax, dword ptr [ebx+edi]
00420F94 |. 8B1485 F03B55>|mov edx, dword ptr [eax*4+553BF0]
00420F9B |. 3B16 |cmp edx, dword ptr [esi]
00420F9D |.^ 72 E6 |jb short 00420F85
00420F9F |. 43 |inc ebx
00420FA0 |. 8345 F4 04 |add dword ptr [ebp-C], 4
00420FA4 |. 83FB 10 |cmp ebx, 10
00420FA7 |.^ 7C DC \jl short 00420F85
00420FA9 |. 33DB xor ebx, ebx
00420FAB |. 8B45 FC mov eax, dword ptr [ebp-4]
00420FAE |. 8D50 54 lea edx, dword ptr [eax+54]
00420FB1 |. 8955 F0 mov dword ptr [ebp-10], edx
00420FB4 |> 8B4D F0 /mov ecx, dword ptr [ebp-10]
00420FB7 |. 8BF1 |mov esi, ecx
00420FB9 |. E8 FA77FFFF |call 004187B8
00420FBE |. 8D143B |lea edx, dword ptr [ebx+edi]
00420FC1 |. 8906 |mov dword ptr [esi], eax
00420FC3 |. 8B06 |mov eax, dword ptr [esi]
00420FC5 |. 3B0495 303C55>|cmp eax, dword ptr [edx*4+553C30]
00420FCC |.^ 72 E6 |jb short 00420FB4
00420FCE |. 43 |inc ebx
00420FCF |. 8345 F0 04 |add dword ptr [ebp-10], 4
00420FD3 |. 83FB 10 |cmp ebx, 10
00420FD6 |.^ 7C DC \jl short 00420FB4
00420FD8 |. 8B45 FC mov eax, dword ptr [ebp-4]
00420FDB |. 33C9 xor ecx, ecx
00420FDD |. 33DB xor ebx, ebx
00420FDF |. 8D50 04 lea edx, dword ptr [eax+4]
00420FE2 |> 8B02 /mov eax, dword ptr [edx]
00420FE4 |. 83E0 0F |and eax, 0F
00420FE7 |. 03C8 |add ecx, eax
00420FE9 |. 83FB 0F |cmp ebx, 0F
00420FEC |. 74 08 |je short 00420FF6
00420FEE |. 8B42 50 |mov eax, dword ptr [edx+50]
00420FF1 |. 83E0 0F |and eax, 0F
00420FF4 |. 03C8 |add ecx, eax
00420FF6 |> 43 |inc ebx
00420FF7 |. 83C2 04 |add edx, 4
00420FFA |. 83FB 10 |cmp ebx, 10
00420FFD |.^ 7C E3 \jl short 00420FE2
00420FFF |. 8B55 FC mov edx, dword ptr [ebp-4]
00421002 |. 33DB xor ebx, ebx
00421004 |. 8B82 90000000 mov eax, dword ptr [edx+90]
0042100A |. 25 0000FFFF and eax, FFFF0000
0042100F |. 0BC1 or eax, ecx
00421011 |. 8B4D FC mov ecx, dword ptr [ebp-4]
00421014 |. 8BD0 mov edx, eax
00421016 |. 8991 90000000 mov dword ptr [ecx+90], edx
0042101C |. 8B45 FC mov eax, dword ptr [ebp-4]
0042101F |. 3150 44 xor dword ptr [eax+44], edx
00421022 |. 8B55 FC mov edx, dword ptr [ebp-4]
00421025 |. 8B45 FC mov eax, dword ptr [ebp-4]
00421028 |. 8B8A 90000000 mov ecx, dword ptr [edx+90]
0042102E |. 3148 48 xor dword ptr [eax+48], ecx
00421031 |. 33C0 xor eax, eax
00421033 |. 3B5D F8 cmp ebx, dword ptr [ebp-8]
00421036 |. 0F8D 8F000000 jge 004210CB
0042103C |> 8BD3 /mov edx, ebx
0042103E |. C1E2 04 |shl edx, 4
00421041 |. 0355 0C |add edx, dword ptr [ebp+C]
00421044 |. 81C2 94000000 |add edx, 94
0042104A |. 8D0C38 |lea ecx, dword ptr [eax+edi]
0042104D |. 81E1 FF030080 |and ecx, 800003FF
00421053 |. 79 08 |jns short 0042105D
00421055 |. 49 |dec ecx
00421056 |. 81C9 00FCFFFF |or ecx, FFFFFC00
0042105C |. 41 |inc ecx
0042105D |> 8B0C8D F03B55>|mov ecx, dword ptr [ecx*4+553BF0]
00421064 |. 40 |inc eax
00421065 |. 310A |xor dword ptr [edx], ecx
00421067 |. 8D0C38 |lea ecx, dword ptr [eax+edi]
0042106A |. 81E1 FF030080 |and ecx, 800003FF
00421070 |. 79 08 |jns short 0042107A
00421072 |. 49 |dec ecx
00421073 |. 81C9 00FCFFFF |or ecx, FFFFFC00
00421079 |. 41 |inc ecx
0042107A |> 8B0C8D F03B55>|mov ecx, dword ptr [ecx*4+553BF0]
00421081 |. 40 |inc eax
00421082 |. 314A 04 |xor dword ptr [edx+4], ecx
00421085 |. 8D0C38 |lea ecx, dword ptr [eax+edi]
00421088 |. 81E1 FF030080 |and ecx, 800003FF
0042108E |. 79 08 |jns short 00421098
00421090 |. 49 |dec ecx
00421091 |. 81C9 00FCFFFF |or ecx, FFFFFC00
00421097 |. 41 |inc ecx
00421098 |> 8B0C8D F03B55>|mov ecx, dword ptr [ecx*4+553BF0]
0042109F |. 40 |inc eax
004210A0 |. 314A 08 |xor dword ptr [edx+8], ecx
004210A3 |. 8D0C38 |lea ecx, dword ptr [eax+edi]
004210A6 |. 81E1 FF030080 |and ecx, 800003FF
004210AC |. 79 08 |jns short 004210B6
004210AE |. 49 |dec ecx
004210AF |. 81C9 00FCFFFF |or ecx, FFFFFC00
004210B5 |. 41 |inc ecx
004210B6 |> 8B0C8D F03B55>|mov ecx, dword ptr [ecx*4+553BF0]
004210BD |. 314A 0C |xor dword ptr [edx+C], ecx
004210C0 |. 40 |inc eax
004210C1 |. 43 |inc ebx
004210C2 |. 3B5D F8 |cmp ebx, dword ptr [ebp-8]
004210C5 |.^ 0F8C 71FFFFFF \jl 0042103C
004210CB |> 5F pop edi
004210CC |. 5E pop esi
004210CD |. 5B pop ebx
004210CE |. 8BE5 mov esp, ebp
004210D0 |. 5D pop ebp
004210D1 \. C3 retn
004210D2 90 nop
004210D3 90 nop
004210D4 $ 55 push ebp
004210D5 . 8BEC mov ebp, esp
004210D7 . 83C4 F0 add esp, -10
004210DA . 33C0 xor eax, eax
004210DC . 53 push ebx
004210DD . 56 push esi
004210DE . 57 push edi
004210DF . 8945 FC mov dword ptr [ebp-4], eax
004210E2 . 8B55 0C mov edx, dword ptr [ebp+C]
004210E5 . 8955 F8 mov dword ptr [ebp-8], edx
004210E8 . 33D2 xor edx, edx
004210EA . 8B4D F8 mov ecx, dword ptr [ebp-8]
004210ED . 8171 44 31323>xor dword ptr [ecx+44], 88313231
004210F4 . 8B45 F8 mov eax, dword ptr [ebp-8]
004210F7 . B9 BC030000 mov ecx, 3BC
004210FC . 8B40 44 mov eax, dword ptr [eax+44]
004210FF . F7F1 div ecx
00421101 . 8BFA mov edi, edx
00421103 . 8B55 F8 mov edx, dword ptr [ebp-8]
00421106 . 8B04BD 0C3C55>mov eax, dword ptr [edi*4+553C0C]
0042110D . 3142 48 xor dword ptr [edx+48], eax
00421110 . 8B45 F8 mov eax, dword ptr [ebp-8]
00421113 . 8B0CBD 1C3C55>mov ecx, dword ptr [edi*4+553C1C]
0042111A . 3148 4C xor dword ptr [eax+4C], ecx
0042111D . 33F6 xor esi, esi
0042111F . 8B55 F8 mov edx, dword ptr [ebp-8]
00421122 . 8B4A 48 mov ecx, dword ptr [edx+48]
00421125 . 894D F4 mov dword ptr [ebp-C], ecx
00421128 . 33C0 xor eax, eax
0042112A . 8945 F0 mov dword ptr [ebp-10], eax
0042112D . 8B55 F0 mov edx, dword ptr [ebp-10]
00421130 . 3B55 F4 cmp edx, dword ptr [ebp-C]
00421133 . /0F8D FD010000 jge 00421336
00421139 > |8B5D F0 mov ebx, dword ptr [ebp-10]
0042113C . |C1E3 02 shl ebx, 2
0042113F . |8D1C5B lea ebx, dword ptr [ebx+ebx*2]
00421142 . |035D 0C add ebx, dword ptr [ebp+C]
00421145 . |81C3 90000000 add ebx, 90
0042114B . |8D043E lea eax, dword ptr [esi+edi]
0042114E . |25 FF030080 and eax, 800003FF
00421153 . |79 07 jns short 0042115C
00421155 . |48 dec eax
00421156 . |0D 00FCFFFF or eax, FFFFFC00
0042115B . |40 inc eax
0042115C > |8B1485 F03B55>mov edx, dword ptr [eax*4+553BF0]
00421163 . |3113 xor dword ptr [ebx], edx
00421165 . |8B0B mov ecx, dword ptr [ebx]
00421167 . |51 push ecx
00421168 . |8B45 08 mov eax, dword ptr [ebp+8]
0042116B . |50 push eax
0042116C . |E8 87F8FFFF call 004209F8
00421171 . |83C4 08 add esp, 8
00421174 . |46 inc esi
00421175 . |8D143E lea edx, dword ptr [esi+edi]
00421178 . |81E2 FF030080 and edx, 800003FF
0042117E . |79 08 jns short 00421188
00421180 . |4A dec edx
00421181 . |81CA 00FCFFFF or edx, FFFFFC00
00421187 . |42 inc edx
00421188 > |8B0C95 F03B55>mov ecx, dword ptr [edx*4+553BF0]
0042118F . |46 inc esi
00421190 . |314B 04 xor dword ptr [ebx+4], ecx
00421193 . |8D143E lea edx, dword ptr [esi+edi]
00421196 . |81E2 FF030080 and edx, 800003FF
0042119C . |79 08 jns short 004211A6
0042119E . |4A dec edx
0042119F . |81CA 00FCFFFF or edx, FFFFFC00
004211A5 . |42 inc edx
004211A6 > |8B0C95 F03B55>mov ecx, dword ptr [edx*4+553BF0]
004211AD . |314B 08 xor dword ptr [ebx+8], ecx
004211B0 . |85C0 test eax, eax
004211B2 . |8B55 08 mov edx, dword ptr [ebp+8]
004211B5 . |8B4B 08 mov ecx, dword ptr [ebx+8]
004211B8 . |898A 30010200 mov dword ptr [edx+20130], ecx
004211BE . |74 06 je short 004211C6
004211C0 . |8B53 08 mov edx, dword ptr [ebx+8]
004211C3 . |8950 10 mov dword ptr [eax+10], edx
004211C6 > |46 inc esi
004211C7 . |8B53 04 mov edx, dword ptr [ebx+4]
004211CA . |81FA FF000000 cmp edx, 0FF
004211D0 . |76 19 jbe short 004211EB
004211D2 . |81E2 00FF0000 and edx, 0FF00
004211D8 . |C1EA 08 shr edx, 8
004211DB . |85C0 test eax, eax
004211DD . |74 43 je short 00421222
004211DF . |66:8950 0C mov word ptr [eax+C], dx
004211E3 . |66:C740 0E 02>mov word ptr [eax+E], 2
004211E9 . |EB 37 jmp short 00421222
004211EB > |8B4B 04 mov ecx, dword ptr [ebx+4]
004211EE . |49 dec ecx
004211EF . |74 0B je short 004211FC
004211F1 . |49 dec ecx
004211F2 . |74 10 je short 00421204
004211F4 . |49 dec ecx
004211F5 . |74 15 je short 0042120C
004211F7 . |49 dec ecx
004211F8 . |74 1A je short 00421214
004211FA . |EB 20 jmp short 0042121C
004211FC > |66:C740 0E 03>mov word ptr [eax+E], 3
00421202 . |EB 1E jmp short 00421222
00421204 > |66:C740 0E 03>mov word ptr [eax+E], 3
0042120A . |EB 16 jmp short 00421222
0042120C > |66:C740 0E 04>mov word ptr [eax+E], 4
00421212 . |EB 0E jmp short 00421222
00421214 > |66:C740 0E 05>mov word ptr [eax+E], 5
0042121A . |EB 06 jmp short 00421222
0042121C > |66:C740 0E 03>mov word ptr [eax+E], 3
00421222 > |85C0 test eax, eax
00421224 . |0F84 C5000000 je 004212EF
0042122A . |0FB750 0E movzx edx, word ptr [eax+E]
0042122A . 0FB750 0E movzx edx, word ptr [eax+E]
0042122E . 83FA 05 cmp edx, 5
00421231 . 0F87 B8000000 ja 004212EF
00421237 . FF2495 3E1242>jmp dword ptr [edx*4+42123E]
0042123E . EF124200 dd dumped_.004212EF
00421242 . EF124200 dd dumped_.004212EF
00421246 . 5B124200 dd dumped_.0042125B
0042124A . 83124200 dd dumped_.00421283
0042124E . A7124200 dd dumped_.004212A7
00421252 . CC124200 dd dumped_.004212CC
00421256 . E9 94000000 jmp 004212EF
0042125B > FF45 FC inc dword ptr [ebp-4]
0042125E . 8B48 08 mov ecx, dword ptr [eax+8]
00421261 . 51 push ecx
00421262 . 8B0D B4155500 mov ecx, dword ptr [5515B4]
00421268 . 8B50 04 mov edx, dword ptr [eax+4]
0042126B . 52 push edx
0042126C . 8B00 mov eax, dword ptr [eax]
0042126E . 50 push eax
possible stringdata Ref from Data Obj -> cdkey[%d-%d-%d]验证成功 " 0042126F . 68 CD515500 push 005551CD
00421274 . 6A 01 push 1
00421276 . 6A 00 push 0
00421278 . 51 push ecx
00421279 . E8 9EAFFFFF call 0041C21C
0042127E . 83C4 1C add esp, 1C
00421281 . EB 6C jmp short 004212EF
00421281 . /EB 6C jmp short 004212EF
00421283 > |8B50 08 mov edx, dword ptr [eax+8]
00421286 . |52 push edx
00421287 . |8B48 04 mov ecx, dword ptr [eax+4]
0042128A . |51 push ecx
0042128B . |8B00 mov eax, dword ptr [eax]
0042128D . |50 push eax
possible stringdata Ref from Data Obj -> cdkey[%d-%d-%d]错误,请核对"
00421293 . |6A 03 push 3
00421295 . |6A 00 push 0
00421297 . |A1 B4155500 mov eax, dword ptr [5515B4]
0042129C . |50 push eax
0042129D . |E8 7AAFFFFF call 0041C21C
004212A2 . |83C4 1C add esp, 1C
004212A5 . |EB 48 jmp short 004212EF
004212A7 > |8B50 08 mov edx, dword ptr [eax+8]
004212AA . |52 push edx
004212AB . |8B15 B4155500 mov edx, dword ptr [5515B4]
004212B1 . |8B48 04 mov ecx, dword ptr [eax+4]
004212B4 . |51 push ecx
004212B5 . |8B00 mov eax, dword ptr [eax]
004212B7 . |50 push eax
possible stringdata Ref from Data Obj -> "cdkey[%d-%d-%d]在其他机器登陆,请勿在10分钟内重 004212B8 . |68 02525500 push 00555202
004212BD . |6A 03 push 3
004212BF . |6A 00 push 0
004212C1 . |52 push edx
004212C2 . |E8 55AFFFFF call 0041C21C
004212C7 . |83C4 1C add esp, 1C
004212CA . |EB 23 jmp short 004212EF
004212CC > |8B48 08 mov ecx, dword ptr [eax+8]
004212CF . |51 push ecx
004212CF . 51 push ecx
004212D0 . 8B0D B4155500 mov ecx, dword ptr [5515B4]
004212D6 . 8B50 04 mov edx, dword ptr [eax+4]
004212D9 . 52 push edx
004212DA . 8B00 mov eax, dword ptr [eax]
004212DC . 50 push eax
possible stringdata Ref from Data Obj -> "cdkey[%d-%d-%d]已经过期 " 004212DD . 68 38525500 push 00555238
004212E2 . 6A 03 push 3
004212E4 . 6A 00 push 0
004212E6 . 51 push ecx
004212E7 . E8 30AFFFFF call 0041C21C
004212EC . 83C4 1C add esp, 1C
004212EF > 8B45 F8 mov eax, dword ptr [ebp-8]
004212F2 . 8B55 08 mov edx, dword ptr [ebp+8]
004212F5 . 8B40 4C mov eax, dword ptr [eax+4C]
004212F8 . 3B82 2C010200 cmp eax, dword ptr [edx+2012C]
004212FE . 72 0B jb short 0042130B
00421300 . 8B4D 08 mov ecx, dword ptr [ebp+8]
00421303 . 8981 2C010200 mov dword ptr [ecx+2012C], eax
00421309 . EB 1C jmp short 00421327
possible stringdata Ref from Data Obj -> "cycle数据非法" 0042130B > 68 51525500 push 00555251
00421310 . 6A 02 push 2
00421312 . 6A 00 push 0
00421314 . A1 B4155500 mov eax, dword ptr [5515B4]
00421319 . 50 push eax
0042131A . E8 FDAEFFFF call 0041C21C
0042131F . 83C4 10 add esp, 10
00421322 . 33D2 xor edx, edx
00421324 . 8955 FC mov dword ptr [ebp-4], edx
00421327 > FF45 F0 inc dword ptr [ebp-10]
0042132A . 8B4D F0 mov ecx, dword ptr [ebp-10]
0042132D . 3B4D F4 cmp ecx, dword ptr [ebp-C]
00421330 .^ 0F8C 03FEFFFF jl 00421139
00421336 > 837D FC 32 cmp dword ptr [ebp-4], 32
0042133A . 7E 07 jle short 00421343
0042133C . C745 FC 32000>mov dword ptr [ebp-4], 32
00421343 > 8B45 08 mov eax, dword ptr [ebp+8]
00421346 . 8B90 44010200 mov edx, dword ptr [eax+20144]
0042134C . 3B55 FC cmp edx, dword ptr [ebp-4]
0042134F . 7E 18 jle short 00421369
possible stringdata Ref from Data Obj 可用挂机数减少.请检查cdkey数量.及正确性 00421351 . 68 5F525500 push 0055525F
00421356 . 6A 03 push 3
00421358 . 6A 00 push 0
0042135A . 8B0D B4155500 mov ecx, dword ptr [5515B4]
00421360 . 51 push ecx
00421361 . E8 B6AEFFFF call 0041C21C
00421366 . 83C4 10 add esp, 10
00421369 > 8B45 08 mov eax, dword ptr [ebp+8]
0042136C . 8B55 FC mov edx, dword ptr [ebp-4]
0042136F . 8990 44010200 mov dword ptr [eax+20144], edx
00421375 . 33C0 xor eax, eax
00421377 . 8B55 F8 mov edx, dword ptr [ebp-8]
0042137A . 83C2 04 add edx, 4
0042137D > 8B1A mov ebx, dword ptr [edx]
0042137F . 8D0C38 lea ecx, dword ptr [eax+edi]
00421382 . 3B1C8D F03B55>cmp ebx, dword ptr [ecx*4+553BF0]
00421389 . 76 05 jbe short 00421390
0042138B . 83C8 FF or eax, FFFFFFFF
0042138E . EB 5F jmp short 004213EF
00421390 > 83F8 0F cmp eax, 0F
00421393 . 74 11 je short 004213A6
00421395 . 8B5A 4C mov ebx, dword ptr [edx+4C]
00421398 . 3B1C8D 303C55>cmp ebx, dword ptr [ecx*4+553C30]
0042139F . 73 05 jnb short 004213A6
004213A1 . 83C8 FF or eax, FFFFFFFF
004213A4 . EB 49 jmp short 004213EF
004213A6 > 40 inc eax
004213A7 . 83C2 04 add edx, 4
004213AA . 83F8 10 cmp eax, 10
004213AD .^ 7C CE jl short 0042137D
004213AF . 33DB xor ebx, ebx
004213B1 . 33C9 xor ecx, ecx
004213B3 . 8B45 F8 mov eax, dword ptr [ebp-8]
004213B6 . 8D50 04 lea edx, dword ptr [eax+4]
004213B9 > 8B02 mov eax, dword ptr [edx]
004213BB . 83E0 0F and eax, 0F
004213BE . 03D8 add ebx, eax
004213C0 . 83F9 0F cmp ecx, 0F
004213C3 . 74 08 je short 004213CD
004213C5 . 8B42 4C mov eax, dword ptr [edx+4C]
004213C8 . 83E0 0F and eax, 0F
004213CB . 03D8 add ebx, eax
004213CD > 41 inc ecx
004213CE . 83C2 04 add edx, 4
004213D1 . 83F9 10 cmp ecx, 10
004213D4 .^ 7C E3 jl short 004213B9
004213D6 . 8B55 F8 mov edx, dword ptr [ebp-8]
004213D9 . 8B82 8C000000 mov eax, dword ptr [edx+8C]
004213DF . 25 FFFF0000 and eax, 0FFFF
004213E4 . 3BC3 cmp eax, ebx
004213E6 . 74 05 je short 004213ED
004213E8 . 83C8 FF or eax, FFFFFFFF
004213EB . EB 02 jmp short 004213EF
004213ED > 33C0 xor eax, eax
004213EF > 5F pop edi
004213F0 . 5E pop esi
004213F1 . 5B pop ebx
004213F2 . 8BE5 mov esp, ebp
004213F4 . 5D pop ebp
004213F5 . C3 retn
004213F6 90 nop
004213F7 90 nop
004213F8 /$ 55 push ebp
004213F9 |. 8BEC mov ebp, esp
004213FB |. 83C4 D8 add esp, -28
004213FE |. 8945 FC mov dword ptr [ebp-4], eax
00421401 |. B8 905E5500 mov eax, 00555E90
00421406 |. E8 E5BE0F00 call 0051D2F0
0042140B |. 66:C745 E8 08>mov word ptr [ebp-18], 8
00421411 |. 8B55 FC mov edx, dword ptr [ebp-4]
00421414 |. 33C9 xor ecx, ecx
00421416 |. 890A mov dword ptr [edx], ecx
00421418 |. 8B45 D8 mov eax, dword ptr [ebp-28]
0042141B |. 64:A3 0000000>mov dword ptr fs:[0], eax
00421421 |. 8B45 FC mov eax, dword ptr [ebp-4]
00421424 |. 8BE5 mov esp, ebp
00421426 |. 5D pop ebp
00421427 \. C3 retn
这是我找到的字符串的位置.如和爆破.网络验证.
我谁便输入错注册吗,显示""认证启动" 过一会又显示:"验证服务器断开链接"
请大家指点.壳我脱掉了
004204DD |. 8BEC mov ebp, esp
004204DF |. 83C4 D8 add esp, -28
004204E2 |. B8 D85B5500 mov eax, 00555BD8
004204E7 |. 53 push ebx
004204E8 |. 56 push esi
004204E9 |. 8B75 08 mov esi, dword ptr [ebp+8]
004204EC |. E8 FFCD0F00 call 0051D2F0
004204F1 |. 6A 34 push 34
004204F3 |. E8 F8BA0F00 call 0051BFF0
004204F8 |. 59 pop ecx
004204F9 |. 8945 FC mov dword ptr [ebp-4], eax
004204FC |. 85C0 test eax, eax
004204FE |. 74 1B je short 0042051B
00420500 |. 66:C745 E8 14>mov word ptr [ebp-18], 14
00420506 |. 8B55 FC mov edx, dword ptr [ebp-4]
00420509 |. 52 push edx
0042050A |. E8 616F0100 call 00437470
0042050F |. 59 pop ecx
00420510 |. 66:C745 E8 08>mov word ptr [ebp-18], 8
00420516 |. 8B5D FC mov ebx, dword ptr [ebp-4]
00420519 |. EB 03 jmp short 0042051E
0042051B |> 8B5D FC mov ebx, dword ptr [ebp-4]
0042051E |> 8B45 14 mov eax, dword ptr [ebp+14]
00420521 |. 50 push eax
00420522 |. 8B55 10 mov edx, dword ptr [ebp+10]
00420525 |. 52 push edx
00420526 |. 8B4D 0C mov ecx, dword ptr [ebp+C]
00420529 |. 51 push ecx
0042052A |. 53 push ebx
0042052B |. E8 40700100 call 00437570
00420530 |. 83C4 10 add esp, 10
00420533 |. 53 push ebx
00420534 |. 8B46 38 mov eax, dword ptr [esi+38]
00420537 |. 50 push eax
00420538 |. E8 3FFB0300 call 0046007C
0042053D |. 83C4 08 add esp, 8
00420540 |. 8B55 D8 mov edx, dword ptr [ebp-28]
00420543 |. 64:8915 00000>mov dword ptr fs:[0], edx
0042054A |. 5E pop esi
0042054B |. 5B pop ebx
0042054C |. 8BE5 mov esp, ebp
0042054E |. 5D pop ebp
0042054F \. C3 retn
00420550 04 db 04
00420551 00 db 00
00420552 00 db 00
00420553 00 db 00
00420554 90 nop
00420555 00 db 00
00420556 0C db 0C
00420557 00 db 00
00420558 6C164200 dd dumped_.0042166C
0042055C . 43 43 6D 64 5>ascii "CCmdSysInfo *",0
0042056A 90 nop
0042056B 90 nop
0042056C $ 55 push ebp
0042056D . 8BEC mov ebp, esp
0042056F . 83C4 D4 add esp, -2C
00420572 . B8 085C5500 mov eax, 00555C08
00420577 . 53 push ebx
00420578 . 56 push esi
00420579 . 8B5D 08 mov ebx, dword ptr [ebp+8]
0042057C . E8 6FCD0F00 call 0051D2F0
00420581 . 8B53 38 mov edx, dword ptr [ebx+38]
00420584 . 8B1A mov ebx, dword ptr [edx]
00420586 . 85DB test ebx, ebx
00420588 . 74 6C je short 004205F6
0042058A > 8BC3 mov eax, ebx
0042058C . 8B5B 04 mov ebx, dword ptr [ebx+4]
0042058F . 0FBE50 30 movsx edx, byte ptr [eax+30]
00420593 . 83FA 04 cmp edx, 4
00420596 . 77 5A ja short 004205F2
00420598 . FF2495 9F0542>jmp dword ptr [edx*4+42059F]
0042059F . F2054200 dd dumped_.004205F2
004205A3 . B5054200 dd dumped_.004205B5
004205A7 . F2054200 dd dumped_.004205F2
004205AB . BE054200 dd dumped_.004205BE
004205AF . C7054200 dd dumped_.004205C7
004205B3 . EB 3D jmp short 004205F2
004205B5 > 50 push eax
004205B6 . E8 81700100 call 0043763C
004205BB . 59 pop ecx
004205BC . EB 34 jmp short 004205F2
004205BE > 50 push eax
004205BF . E8 20700100 call 004375E4
004205C4 . 59 pop ecx
004205C5 . EB 2B jmp short 004205F2
004205C7 > 85C0 test eax, eax
004205C9 . 74 27 je short 004205F2
004205CB . 8BF0 mov esi, eax
004205CD . 8975 F8 mov dword ptr [ebp-8], esi
004205D0 . 85F6 test esi, esi
004205D2 . 74 1E je short 004205F2
004205D4 . 8B06 mov eax, dword ptr [esi]
004205D6 . 8945 FC mov dword ptr [ebp-4], eax
004205D9 . 66:C745 E4 14>mov word ptr [ebp-1C], 14
004205DF . 6A 03 push 3
004205E1 . 8B55 F8 mov edx, dword ptr [ebp-8]
004205E4 . 52 push edx
004205E5 . 8B0A mov ecx, dword ptr [edx]
004205E7 . FF11 call dword ptr [ecx]
004205E9 . 66:C745 E4 08>mov word ptr [ebp-1C], 8
004205EF . 83C4 08 add esp, 8
004205F2 > 85DB test ebx, ebx
004205F4 .^ 75 94 jnz short 0042058A
004205F6 > 8B45 D4 mov eax, dword ptr [ebp-2C]
004205F9 . 64:A3 0000000>mov dword ptr fs:[0], eax
004205FF . 5E pop esi
00420600 . 5B pop ebx
00420601 . 8BE5 mov esp, ebp
00420603 . 5D pop ebp
00420604 . C3 retn
00420605 90 nop
00420606 90 nop
00420607 90 nop
00420608 08 db 08
00420609 00 db 00
0042060A 00 db 00
0042060B 00 db 00
0042060C 00 db 00
0042060D 04 db 04
0042060E 10 db 10
0042060F 00 db 00
00420610 50054200 dd dumped_.00420550
00420614 02 db 02
00420615 00 db 00
00420616 00 db 00
00420617 00 db 00
00420618 . 43 43 6D 64 5>ascii "CCmdSysInfo *[2]"
00420628 . 00 ascii 0
00420629 90 nop
0042062A 90 nop
0042062B 90 nop
0042062C /$ 55 push ebp
0042062D |. 8BEC mov ebp, esp
0042062F |. 53 push ebx
00420630 |. 56 push esi
00420631 |. 8B75 0C mov esi, dword ptr [ebp+C]
00420634 |. 68 CD505500 push 005550CD
00420639 |. 8B45 10 mov eax, dword ptr [ebp+10]
0042063C |. 50 push eax
0042063D |. E8 AECB0F00 call 0051D1F0
00420642 |. 83C4 08 add esp, 8
00420645 |. 8BD8 mov ebx, eax
00420647 |. 53 push ebx
00420648 |. E8 0309FFFF call 00410F50
0042064D |. 59 pop ecx
0042064E |. 8906 mov dword ptr [esi], eax
00420650 |. 68 CF505500 push 005550CF
00420655 |. 6A 00 push 0
00420657 |. E8 94CB0F00 call 0051D1F0
0042065C |. 83C4 08 add esp, 8
0042065F |. 8BD8 mov ebx, eax
00420661 |. 53 push ebx
00420662 |. E8 E908FFFF call 00410F50
00420667 |. 59 pop ecx
00420668 |. 8946 04 mov dword ptr [esi+4], eax
0042066B |. 68 D1505500 push 005550D1
00420670 |. 6A 00 push 0
00420672 |. E8 79CB0F00 call 0051D1F0
00420677 |. 83C4 08 add esp, 8
0042067A |. 8BD8 mov ebx, eax
0042067C |. 53 push ebx
0042067D |. E8 CE08FFFF call 00410F50
00420682 |. 59 pop ecx
00420683 |. 8946 08 mov dword ptr [esi+8], eax
00420686 |. 5E pop esi
00420687 |. 5B pop ebx
00420688 |. 5D pop ebp
00420689 \. C3 retn
0042068A 90 nop
0042068B 90 nop
0042068C /$ 55 push ebp
0042068D |. 8BEC mov ebp, esp
0042068F |. 81C4 F8FCFFFF add esp, -308
00420695 |. 53 push ebx
00420696 |. 56 push esi
00420697 |. 8B75 08 mov esi, dword ptr [ebp+8]
0042069A |. 68 D9505500 push 005550D9
0042069F |. 68 F3585900 push 005958F3
004206A4 |. 68 D3505500 push 005550D3
004206A9 |. 8D85 08FEFFFF lea eax, dword ptr [ebp-1F8]
004206AF |. 50 push eax
004206B0 |. E8 93021000 call 00520948
004206B5 |. 83C4 10 add esp, 10
004206B8 |. 33D2 xor edx, edx
004206BA |. 8996 18010200 mov dword ptr [esi+20118], edx
004206C0 |. 8D8D 08FEFFFF lea ecx, dword ptr [ebp-1F8]
004206C6 |. 51 push ecx
004206C7 |. E8 5C08FFFF call 00410F28
004206CC |. 59 pop ecx
004206CD |. 84C0 test al, al
004206CF |. 0F84 C1000000 je 00420796
004206D5 |. 68 E3505500 push 005550E3
004206DA |. 8D85 08FEFFFF lea eax, dword ptr [ebp-1F8]
004206E0 |. 50 push eax
004206E1 |. E8 E6E90F00 call 0051F0CC
004206E6 |. 83C4 08 add esp, 8
004206E9 |. 8945 FC mov dword ptr [ebp-4], eax
004206EC |> 8B55 FC /mov edx, dword ptr [ebp-4]
004206EF |. 8D8D 08FDFFFF |lea ecx, dword ptr [ebp-2F8]
004206F5 |. 52 |push edx
004206F6 |. 68 00010000 |push 100
004206FB |. 51 |push ecx
004206FC |. E8 53E60F00 |call 0051ED54
00420701 |. 83C4 0C |add esp, 0C
00420704 |. 85C0 |test eax, eax
00420706 |. 0F84 80000000 |je 0042078C
0042070C |. 8D85 08FDFFFF |lea eax, dword ptr [ebp-2F8]
00420712 |. 50 |push eax
00420713 |. E8 2CC80F00 |call 0051CF44
00420718 |. 59 |pop ecx
00420719 |. 8BD8 |mov ebx, eax
0042071B |. 33D2 |xor edx, edx
0042071D |. 8D85 08FDFFFF |lea eax, dword ptr [ebp-2F8]
00420723 |. 3BDA |cmp ebx, edx
00420725 |. 7E 18 |jle short 0042073F
00420727 |> 0FBE08 |/movsx ecx, byte ptr [eax]
0042072A |. 83F9 0D ||cmp ecx, 0D
0042072D |. 74 05 ||je short 00420734
0042072F |. 83F9 0A ||cmp ecx, 0A
00420732 |. 75 05 ||jnz short 00420739
00420734 |> C600 00 ||mov byte ptr [eax], 0
00420737 |. EB 06 ||jmp short 0042073F
00420739 |> 42 ||inc edx
0042073A |. 40 ||inc eax
0042073B |. 3BDA ||cmp ebx, edx
0042073D |.^ 7F E8 |\jg short 00420727
0042073F |> 6A 10 |push 10
00420741 |. 6A 00 |push 0
00420743 |. 8D85 F8FCFFFF |lea eax, dword ptr [ebp-308]
00420749 |. 50 |push eax
0042074A |. E8 C1C60F00 |call 0051CE10
0042074F |. 83C4 0C |add esp, 0C
00420752 |. 8D95 08FDFFFF |lea edx, dword ptr [ebp-2F8]
00420758 |. 52 |push edx
00420759 |. 8D8D F8FCFFFF |lea ecx, dword ptr [ebp-308]
0042075F |. 51 |push ecx
00420760 |. 56 |push esi
00420761 |. E8 C6FEFFFF |call 0042062C
00420766 |. 83C4 0C |add esp, 0C
00420769 |. 8B85 00FDFFFF |mov eax, dword ptr [ebp-300]
0042076F |. 50 |push eax
00420770 |. 8B95 FCFCFFFF |mov edx, dword ptr [ebp-304]
00420776 |. 52 |push edx
00420777 |. 8B8D F8FCFFFF |mov ecx, dword ptr [ebp-308]
0042077D |. 51 |push ecx
0042077E |. 56 |push esi
0042077F |. E8 B0000000 |call 00420834
00420784 |. 83C4 10 |add esp, 10
00420787 |.^ E9 60FFFFFF \jmp 004206EC
0042078C |> 8B45 FC mov eax, dword ptr [ebp-4]
0042078F |. 50 push eax
00420790 |. E8 8FE40F00 call 0051EC24
00420795 |. 59 pop ecx
00420796 |> 5E pop esi
00420797 |. 5B pop ebx
00420798 |. 8BE5 mov esp, ebp
0042079A |. 5D pop ebp
0042079B \. C3 retn
0042079C /$ 55 push ebp
0042079D |. 8BEC mov ebp, esp
0042079F |. 81C4 A8FDFFFF add esp, -258
004207A5 |. 53 push ebx
004207A6 |. 56 push esi
004207A7 |. 8B5D 08 mov ebx, dword ptr [ebp+8]
004207AA |. 68 EC505500 push 005550EC
004207AF |. 68 F3585900 push 005958F3
004207B4 |. 68 E6505500 push 005550E6
004207B9 |. 8D85 0CFEFFFF lea eax, dword ptr [ebp-1F4]
004207BF |. 50 push eax
004207C0 |. E8 83011000 call 00520948
004207C5 |. 83C4 10 add esp, 10
004207C8 |. 68 F6505500 push 005550F6
004207CD |. 8D95 0CFEFFFF lea edx, dword ptr [ebp-1F4]
004207D3 |. 52 push edx
004207D4 |. E8 F3E80F00 call 0051F0CC
004207D9 |. 83C4 08 add esp, 8
004207DC |. 8BF0 mov esi, eax
004207DE |. 85F6 test esi, esi
004207E0 |. 74 45 je short 00420827
004207E2 |. 8B83 14010200 mov eax, dword ptr [ebx+20114]
004207E8 |. 8B18 mov ebx, dword ptr [eax]
004207EA |. 85DB test ebx, ebx
004207EC |. 74 39 je short 00420827
004207EE |> 8B43 10 /mov eax, dword ptr [ebx+10]
004207F1 |. 8B50 08 |mov edx, dword ptr [eax+8]
004207F4 |. 52 |push edx
004207F5 |. 8D95 A8FDFFFF |lea edx, dword ptr [ebp-258]
004207FB |. 8B48 04 |mov ecx, dword ptr [eax+4]
004207FE |. 51 |push ecx
004207FF |. 8B00 |mov eax, dword ptr [eax]
00420801 |. 50 |push eax
00420802 |. 68 F9505500 |push 005550F9
00420807 |. 52 |push edx
00420808 |. E8 3B011000 |call 00520948
0042080D |. 83C4 14 |add esp, 14
00420810 |. 56 |push esi
00420811 |. 8D8D A8FDFFFF |lea ecx, dword ptr [ebp-258]
00420817 |. 51 |push ecx
00420818 |. E8 F7E90F00 |call 0051F214
0042081D |. 83C4 08 |add esp, 8
00420820 |. 8B5B 04 |mov ebx, dword ptr [ebx+4]
00420823 |. 85DB |test ebx, ebx
00420825 |.^ 75 C7 \jnz short 004207EE
00420827 |> 56 push esi
00420828 |. E8 F7E30F00 call 0051EC24
0042082D |. 59 pop ecx
0042082E |. 5E pop esi
0042082F |. 5B pop ebx
00420830 |. 8BE5 mov esp, ebp
00420832 |. 5D pop ebp
00420833 \. C3 retn
00420834 /$ 55 push ebp
00420835 |. 8BEC mov ebp, esp
00420837 |. 83C4 D4 add esp, -2C
0042083A |. B8 485C5500 mov eax, 00555C48
0042083F |. 53 push ebx
00420840 |. 56 push esi
00420841 |. 57 push edi
00420842 |. 8B75 08 mov esi, dword ptr [ebp+8]
00420845 |. E8 A6CA0F00 call 0051D2F0
0042084A |. 83BE 14010200>cmp dword ptr [esi+20114], 0
00420851 |. 75 33 jnz short 00420886
00420853 |. 6A 0C push 0C
00420855 |. E8 96B70F00 call 0051BFF0
0042085A |. 59 pop ecx
0042085B |. 8945 FC mov dword ptr [ebp-4], eax
0042085E |. 85C0 test eax, eax
00420860 |. 74 1B je short 0042087D
00420862 |. 66:C745 E4 14>mov word ptr [ebp-1C], 14
00420868 |. 8B55 FC mov edx, dword ptr [ebp-4]
0042086B |. 52 push edx
0042086C |. E8 37F70300 call 0045FFA8
00420871 |. 59 pop ecx
00420872 |. 66:C745 E4 08>mov word ptr [ebp-1C], 8
00420878 |. 8B4D FC mov ecx, dword ptr [ebp-4]
0042087B |. EB 03 jmp short 00420880
0042087D |> 8B4D FC mov ecx, dword ptr [ebp-4]
00420880 |> 898E 14010200 mov dword ptr [esi+20114], ecx
00420886 |> 8B86 14010200 mov eax, dword ptr [esi+20114]
0042088C |. 8B00 mov eax, dword ptr [eax]
0042088E |. 85C0 test eax, eax
00420890 |. 74 32 je short 004208C4
00420892 |> 8B50 10 /mov edx, dword ptr [eax+10]
00420895 |. 8B0A |mov ecx, dword ptr [edx]
00420897 |. 3B4D 0C |cmp ecx, dword ptr [ebp+C]
0042089A |. 75 21 |jnz short 004208BD
0042089C |. 8B4A 04 |mov ecx, dword ptr [edx+4]
0042089F |. 3B4D 10 |cmp ecx, dword ptr [ebp+10]
004208A2 |. 75 19 |jnz short 004208BD
004208A4 |. 8B52 08 |mov edx, dword ptr [edx+8]
004208A7 |. 3B55 14 |cmp edx, dword ptr [ebp+14]
004208AA |. 75 11 |jnz short 004208BD
004208AC |. 33C0 |xor eax, eax
004208AE |. 8B55 D4 |mov edx, dword ptr [ebp-2C]
004208B1 |. 64:8915 00000>|mov dword ptr fs:[0], edx
004208B8 |. E9 84000000 |jmp 00420941
004208BD |> 8B40 04 |mov eax, dword ptr [eax+4]
004208C0 |. 85C0 |test eax, eax
004208C2 |.^ 75 CE \jnz short 00420892
004208C4 |> 6A 14 push 14
004208C6 |. E8 25B70F00 call 0051BFF0
004208CB |. 59 pop ecx
004208CC |. 8945 F8 mov dword ptr [ebp-8], eax
004208CF |. 85C0 test eax, eax
004208D1 |. 74 1B je short 004208EE
004208D3 |. 66:C745 E4 2C>mov word ptr [ebp-1C], 2C
004208D9 |. 8B4D F8 mov ecx, dword ptr [ebp-8]
004208DC |. 51 push ecx
004208DD |. E8 BAF50300 call 0045FE9C
004208E2 |. 59 pop ecx
004208E3 |. 66:C745 E4 20>mov word ptr [ebp-1C], 20
004208E9 |. 8B7D F8 mov edi, dword ptr [ebp-8]
004208EC |. EB 03 jmp short 004208F1
004208EE |> 8B7D F8 mov edi, dword ptr [ebp-8]
004208F1 |> 6A 14 push 14
004208F3 |. E8 F8B60F00 call 0051BFF0
004208F8 |. 59 pop ecx
004208F9 |. 8BD8 mov ebx, eax
004208FB |. 6A 14 push 14
004208FD |. 6A 00 push 0
004208FF |. 53 push ebx
00420900 |. E8 0BC50F00 call 0051CE10
00420905 |. 83C4 0C add esp, 0C
00420908 |. 8B45 0C mov eax, dword ptr [ebp+C]
0042090B |. 8903 mov dword ptr [ebx], eax
0042090D |. 8B55 10 mov edx, dword ptr [ebp+10]
00420910 |. 8953 04 mov dword ptr [ebx+4], edx
00420913 |. 8B4D 14 mov ecx, dword ptr [ebp+14]
00420916 |. 894B 08 mov dword ptr [ebx+8], ecx
00420919 |. 8B86 30010200 mov eax, dword ptr [esi+20130]
0042091F |. 8943 10 mov dword ptr [ebx+10], eax
00420922 |. 895F 10 mov dword ptr [edi+10], ebx
00420925 |. 57 push edi
00420926 |. 8B96 14010200 mov edx, dword ptr [esi+20114]
0042092C |. 52 push edx
0042092D |. E8 4AF70300 call 0046007C
00420932 |. 83C4 08 add esp, 8
00420935 |. 8BC3 mov eax, ebx
00420937 |. 8B55 D4 mov edx, dword ptr [ebp-2C]
0042093A |. 64:8915 00000>mov dword ptr fs:[0], edx
00420941 |> 5F pop edi
00420942 |. 5E pop esi
00420943 |. 5B pop ebx
00420944 |. 8BE5 mov esp, ebp
00420946 |. 5D pop ebp
00420947 \. C3 retn
00420948 /$ 55 push ebp
00420949 |. 8BEC mov ebp, esp
0042094B |. 83C4 D4 add esp, -2C
0042094E |. B8 905C5500 mov eax, 00555C90
00420953 |. 53 push ebx
00420954 |. 56 push esi
00420955 |. 8B5D 08 mov ebx, dword ptr [ebp+8]
00420958 |. E8 93C90F00 call 0051D2F0
0042095D |. 83BB 14010200>cmp dword ptr [ebx+20114], 0
00420964 |. 75 0E jnz short 00420974
00420966 |. 8B55 D4 mov edx, dword ptr [ebp-2C]
00420969 |. 64:8915 00000>mov dword ptr fs:[0], edx
00420970 |. 8BC2 mov eax, edx
00420972 |. EB 5B jmp short 004209CF
00420974 |> 8B4D 0C mov ecx, dword ptr [ebp+C]
00420977 |. 51 push ecx
00420978 |. 8B83 14010200 mov eax, dword ptr [ebx+20114]
0042097E |. 50 push eax
0042097F |. E8 74F70300 call 004600F8
00420984 |. 83C4 08 add esp, 8
00420987 |. 8BD8 mov ebx, eax
00420989 |. 85DB test ebx, ebx
0042098B |. 74 0E je short 0042099B
0042098D |. 8B43 10 mov eax, dword ptr [ebx+10]
00420990 |. 85C0 test eax, eax
00420992 |. 74 07 je short 0042099B
00420994 |. 50 push eax
00420995 |. E8 22B60F00 call 0051BFBC
0042099A |. 59 pop ecx
0042099B |> 85DB test ebx, ebx
0042099D |. 74 27 je short 004209C6
0042099F |. 8BF3 mov esi, ebx
004209A1 |. 8975 F8 mov dword ptr [ebp-8], esi
004209A4 |. 85F6 test esi, esi
004209A6 |. 74 1E je short 004209C6
004209A8 |. 8B06 mov eax, dword ptr [esi]
004209AA |. 8945 FC mov dword ptr [ebp-4], eax
004209AD |. 66:C745 E4 14>mov word ptr [ebp-1C], 14
004209B3 |. 6A 03 push 3
004209B5 |. 8B55 F8 mov edx, dword ptr [ebp-8]
004209B8 |. 52 push edx
004209B9 |. 8B0A mov ecx, dword ptr [edx]
004209BB |. FF11 call dword ptr [ecx]
004209BD |. 66:C745 E4 08>mov word ptr [ebp-1C], 8
004209C3 |. 83C4 08 add esp, 8
004209C6 |> 8B45 D4 mov eax, dword ptr [ebp-2C]
004209C9 |. 64:A3 0000000>mov dword ptr fs:[0], eax
004209CF |> 5E pop esi
004209D0 |. 5B pop ebx
004209D1 |. 8BE5 mov esp, ebp
004209D3 |. 5D pop ebp
004209D4 \. C3 retn
004209D5 90 nop
004209D6 90 nop
004209D7 90 nop
004209D8 08 db 08
004209D9 00 db 00
004209DA 00 db 00
004209DB 00 db 00
004209DC 00 db 00
004209DD 04 db 04
004209DE 10 db 10
004209DF 00 db 00
004209E0 E0C74100 dd dumped_.0041C7E0
004209E4 02 db 02
004209E5 00 db 00
004209E6 00 db 00
004209E7 00 db 00
004209E8 . 43 41 4C 69 7>ascii "CAListItem *[2]",0
004209F8 /$ 55 push ebp
004209F9 |. 8BEC mov ebp, esp
004209FB |. 8B4D 0C mov ecx, dword ptr [ebp+C]
004209FE |. 8B45 08 mov eax, dword ptr [ebp+8]
00420A01 |. 8B90 14010200 mov edx, dword ptr [eax+20114]
00420A07 |. 85D2 test edx, edx
00420A09 |. 75 04 jnz short 00420A0F
00420A0B |. 33C0 xor eax, eax
00420A0D |. 5D pop ebp
00420A0E |. C3 retn
00420A0F |> 8B02 mov eax, dword ptr [edx]
00420A11 |. 85C0 test eax, eax
00420A13 |. 74 12 je short 00420A27
00420A15 |> 8B50 10 /mov edx, dword ptr [eax+10]
00420A18 |. 3B0A |cmp ecx, dword ptr [edx]
00420A1A |. 75 04 |jnz short 00420A20
00420A1C |. 8BC2 |mov eax, edx
00420A1E |. 5D |pop ebp
00420A1F |. C3 |retn
00420A20 |> 8B40 04 |mov eax, dword ptr [eax+4]
00420A23 |. 85C0 |test eax, eax
00420A25 |.^ 75 EE \jnz short 00420A15
00420A27 |> 33C0 xor eax, eax
00420A29 |. 5D pop ebp
00420A2A \. C3 retn
00420A2B 90 nop
00420A2C /$ 55 push ebp
00420A2D |. 8BEC mov ebp, esp
00420A2F |. 53 push ebx
00420A30 |. 8B5D 08 mov ebx, dword ptr [ebp+8]
00420A33 |. 33C0 xor eax, eax
00420A35 |. 8983 1C010200 mov dword ptr [ebx+2011C], eax
00420A3B |. 33D2 xor edx, edx
00420A3D |. 8993 38010200 mov dword ptr [ebx+20138], edx
00420A43 |. 33C9 xor ecx, ecx
00420A45 |. 898B 3C010200 mov dword ptr [ebx+2013C], ecx
00420A4B |. 33C0 xor eax, eax
00420A4D |. 8983 20010200 mov dword ptr [ebx+20120], eax
00420A53 |. 33D2 xor edx, edx
00420A55 |. 8993 28010200 mov dword ptr [ebx+20128], edx
00420A5B |. 33C9 xor ecx, ecx
00420A5D |. 898B 24010200 mov dword ptr [ebx+20124], ecx
00420A63 |. 53 push ebx
00420A64 |. E8 43000000 call 00420AAC
00420A69 |. 59 pop ecx
00420A6A |> E8 497DFFFF call 004187B8
00420A6F |. 3D 00000010 cmp eax, 10000000
00420A74 |.^ 76 F4 jbe short 00420A6A
00420A76 |. 8983 30010200 mov dword ptr [ebx+20130], eax
00420A7C |. 33C0 xor eax, eax
00420A7E |. C683 41010200>mov byte ptr [ebx+20141], 0
00420A85 |. 8983 44010200 mov dword ptr [ebx+20144], eax
00420A8B |. C683 48010200>mov byte ptr [ebx+20148], 0
00420A92 |. E8 E93F1000 call 00524A80
00420A97 |. 8983 34010200 mov dword ptr [ebx+20134], eax
00420A9D |. 33D2 xor edx, edx
00420A9F |. 8993 2C010200 mov dword ptr [ebx+2012C], edx
00420AA5 |. B0 01 mov al, 1
00420AA7 |. 5B pop ebx
00420AA8 |. 5D pop ebp
00420AA9 \. C3 retn
00420AAA 90 nop
00420AAB 90 nop
00420AAC /$ 55 push ebp
00420AAD |. 8BEC mov ebp, esp
00420AAF |. 83C4 D8 add esp, -28
00420AB2 |. B8 C05C5500 mov eax, 00555CC0
00420AB7 |. 53 push ebx
00420AB8 |. 8B5D 08 mov ebx, dword ptr [ebp+8]
00420ABB |. E8 30C80F00 call 0051D2F0
00420AC0 |. 8B83 38010200 mov eax, dword ptr [ebx+20138]
00420AC6 |. 85C0 test eax, eax
00420AC8 |. 74 1D je short 00420AE7
00420ACA |. 8B93 3C010200 mov edx, dword ptr [ebx+2013C]
00420AD0 |. 52 push edx
00420AD1 |. 50 push eax
00420AD2 |. E8 5DF41100 call <jmp.&kernel32.TerminateThread>
00420AD7 |. 33C9 xor ecx, ecx
00420AD9 |. 33C0 xor eax, eax
00420ADB |. 898B 3C010200 mov dword ptr [ebx+2013C], ecx
00420AE1 |. 8983 38010200 mov dword ptr [ebx+20138], eax
00420AE7 |> 8B83 1C010200 mov eax, dword ptr [ebx+2011C]
00420AED |. 85C0 test eax, eax
00420AEF |. 74 2B je short 00420B1C
00420AF1 |. 8945 FC mov dword ptr [ebp-4], eax
00420AF4 |. 837D FC 00 cmp dword ptr [ebp-4], 0
00420AF8 |. 74 1A je short 00420B14
00420AFA |. 66:C745 E8 14>mov word ptr [ebp-18], 14
00420B00 |. 6A 03 push 3
00420B02 |. 8B55 FC mov edx, dword ptr [ebp-4]
00420B05 |. 52 push edx
00420B06 |. E8 91030200 call 00440E9C
00420B0B |. 66:C745 E8 08>mov word ptr [ebp-18], 8
00420B11 |. 83C4 08 add esp, 8
00420B14 |> 33C9 xor ecx, ecx
00420B16 |. 898B 1C010200 mov dword ptr [ebx+2011C], ecx
00420B1C |> 8B45 D8 mov eax, dword ptr [ebp-28]
00420B1F |. 64:A3 0000000>mov dword ptr fs:[0], eax
00420B25 |. 5B pop ebx
00420B26 |. 8BE5 mov esp, ebp
00420B28 |. 5D pop ebp
00420B29 \. C3 retn
00420B2A 90 nop
00420B2B 90 nop
00420B2C /$ 55 push ebp
00420B2D |. 8BEC mov ebp, esp
00420B2F |. 83C4 D4 add esp, -2C
00420B32 |. B8 F05C5500 mov eax, 00555CF0
00420B37 |. 53 push ebx
00420B38 |. 56 push esi
00420B39 |. 8B5D 08 mov ebx, dword ptr [ebp+8]
00420B3C |. E8 AFC70F00 call 0051D2F0
00420B41 |. C683 41010200>mov byte ptr [ebx+20141], 1
00420B48 |. 83BB 1C010200>cmp dword ptr [ebx+2011C], 0
00420B4F |. 74 11 je short 00420B62
00420B51 |. B0 01 mov al, 1
00420B53 |. 8B55 D8 mov edx, dword ptr [ebp-28]
00420B56 |. 64:8915 00000>mov dword ptr fs:[0], edx
00420B5D |. E9 26010000 jmp 00420C88
00420B62 |> 68 E4010000 push 1E4
00420B67 |. E8 84B40F00 call 0051BFF0
00420B6C |. 59 pop ecx
00420B6D |. 8945 FC mov dword ptr [ebp-4], eax
00420B70 |. 85C0 test eax, eax
00420B72 |. 74 1B je short 00420B8F
00420B74 |. 66:C745 E8 14>mov word ptr [ebp-18], 14
00420B7A |. 8B55 FC mov edx, dword ptr [ebp-4]
00420B7D |. 52 push edx
00420B7E |. E8 15020200 call 00440D98
00420B83 |. 59 pop ecx
00420B84 |. 66:C745 E8 08>mov word ptr [ebp-18], 8
00420B8A |. 8B75 FC mov esi, dword ptr [ebp-4]
00420B8D |. EB 03 jmp short 00420B92
00420B8F |> 8B75 FC mov esi, dword ptr [ebp-4]
00420B92 |> 33C0 xor eax, eax
00420B94 |. 89B3 1C010200 mov dword ptr [ebx+2011C], esi
00420B9A |. 8946 04 mov dword ptr [esi+4], eax
00420B9D |. 33D2 xor edx, edx
00420B9F |. 8956 44 mov dword ptr [esi+44], edx
00420BA2 |. 33C9 xor ecx, ecx
00420BA4 |. C746 48 03000>mov dword ptr [esi+48], 3
00420BAB |. 898B 20010200 mov dword ptr [ebx+20120], ecx
00420BB1 |. 33C0 xor eax, eax
00420BB3 |. 8983 28010200 mov dword ptr [ebx+20128], eax
00420BB9 |. 8B83 38010200 mov eax, dword ptr [ebx+20138]
00420BBF |. 85C0 test eax, eax
00420BC1 |. 74 1D je short 00420BE0
00420BC3 |. 8B93 3C010200 mov edx, dword ptr [ebx+2013C]
00420BC9 |. 52 push edx
00420BCA |. 50 push eax
00420BCB |. E8 64F31100 call <jmp.&kernel32.TerminateThread>
00420BD0 |. 33C9 xor ecx, ecx
00420BD2 |. 33C0 xor eax, eax
00420BD4 |. 898B 3C010200 mov dword ptr [ebx+2013C], ecx
00420BDA |. 8983 38010200 mov dword ptr [ebx+20138], eax
00420BE0 |> 8D55 D4 lea edx, dword ptr [ebp-2C]
00420BE3 |. 52 push edx
00420BE4 |. 6A 00 push 0
00420BE6 |. 6A 00 push 0
00420BE8 |. 68 10B64100 push 0041B610
00420BED |. 6A 00 push 0
00420BEF |. 6A 00 push 0
00420BF1 |. E8 DAF01100 call <jmp.&kernel32.CreateThread>
00420BF6 |. 8BF0 mov esi, eax
00420BF8 |. 89B3 38010200 mov dword ptr [ebx+20138], esi
00420BFE |. 85F6 test esi, esi
00420C00 |. 75 25 jnz short 00420C27
possible stringdata Ref from Data Obj ->"认证连接线程创建失败!请尝试重启程序. 00420C02 |. 68 04515500 push 00555104
00420C07 |. 6A 03 push 3
00420C09 |. 6A 00 push 0
00420C0B |. A1 B4155500 mov eax, dword ptr [5515B4]
00420C10 |. 50 push eax
00420C11 |. E8 06B6FFFF call 0041C21C
00420C16 |. 83C4 10 add esp, 10
00420C19 |. 33C0 xor eax, eax
00420C1B |. 8B55 D8 mov edx, dword ptr [ebp-28]
00420C1E |. 64:8915 00000>mov dword ptr fs:[0], edx
00420C25 |. EB 61 jmp short 00420C88
00420C27 |> 8D8B 3C010200 lea ecx, dword ptr [ebx+2013C]
00420C2D |. 51 push ecx
00420C2E |. 8B83 38010200 mov eax, dword ptr [ebx+20138]
00420C34 |. 50 push eax
00420C35 |. E8 3EF11100 call <jmp.&kernel32.GetExitCodeThread>
00420C3A |. 85C0 test eax, eax
00420C3C |. 75 26 jnz short 00420C64
possible stringdata Ref from Data Obj -> 认证连接线程ExitCode获取失败!请尝试重启程序 00420C3E |. 68 54515500 push 00555154
00420C43 |. 6A 03 push 3
00420C45 |. 6A 00 push 0
00420C47 |. 8B15 B4155500 mov edx, dword ptr [5515B4]
00420C4D |. 52 push edx
00420C4E |. E8 C9B5FFFF call 0041C21C
00420C53 |. 83C4 10 add esp, 10
00420C56 |. 33C0 xor eax, eax
00420C58 |. 8B55 D8 mov edx, dword ptr [ebp-28]
00420C5B |. 64:8915 00000>mov dword ptr fs:[0], edx
00420C62 |. EB 24 jmp short 00420C88
possible stringdata Ref from Data Obj -> "认证启动" 00420C64 |> 6 8 AC515500 push 005551AC
00420C69 |. 6A 03 push 3
00420C6B |. 6A 00 push 0
00420C6D |. 8B0D B4155500 mov ecx, dword ptr [5515B4]
00420C73 |. 51 push ecx
00420C74 |. E8 A3B5FFFF call 0041C21C
00420C79 |. 83C4 10 add esp, 10
00420C7C |. B0 01 mov al, 1
00420C7E |. 8B55 D8 mov edx, dword ptr [ebp-28]
00420C81 |. 64:8915 00000>mov dword ptr fs:[0], edx
00420C88 |> 5E pop esi
00420C89 |. 5B pop ebx
00420C8A |. 8BE5 mov esp, ebp
00420C8C |. 5D pop ebp
00420C8D \. C3 retn
00420C8E 90 nop
00420C8F 90 nop
00420C90 /$ 55 push ebp
00420C91 |. 8BEC mov ebp, esp
00420C93 |. 81C4 04F0FFFF add esp, -0FFC
00420C99 |. 50 push eax
00420C9A |. 83C4 F0 add esp, -10
00420C9D |. 803D 104C5500>cmp byte ptr [554C10], 0
00420CA4 |. 53 push ebx
00420CA5 |. 56 push esi
00420CA6 |. 57 push edi
00420CA7 |. 8B5D 08 mov ebx, dword ptr [ebp+8]
00420CAA |. 75 1B jnz short 00420CC7
00420CAC |. 80BB 48010200>cmp byte ptr [ebx+20148], 0
00420CB3 |. 74 12 je short 00420CC7
00420CB5 |. 53 push ebx
00420CB6 |. E8 71FEFFFF call 00420B2C
00420CBB |. 59 pop ecx
00420CBC |. 84C0 test al, al
00420CBE |. 74 07 je short 00420CC7
00420CC0 |. C605 104C5500>mov byte ptr [554C10], 1
00420CC7 |> E8 36F11100 call <jmp.&kernel32.GetTickCount>
00420CCC |. 8945 FC mov dword ptr [ebp-4], eax
00420CCF |. 8B83 14010200 mov eax, dword ptr [ebx+20114]
00420CD5 |. 85C0 test eax, eax
00420CD7 |. 0F84 D3010000 je 00420EB0
00420CDD |. 8378 08 00 cmp dword ptr [eax+8], 0
00420CE1 |. 0F84 C9010000 je 00420EB0
00420CE7 |. 8B83 1C010200 mov eax, dword ptr [ebx+2011C]
00420CED |. 85C0 test eax, eax
00420CEF |. 0F84 BB010000 je 00420EB0
00420CF5 |. 50 push eax
00420CF6 |. E8 55060200 call 00441350
00420CFB |. 59 pop ecx
00420CFC |. 8B93 1C010200 mov edx, dword ptr [ebx+2011C]
00420D02 |. 52 push edx
00420D03 |. E8 E8020200 call 00440FF0
00420D08 |. 59 pop ecx
00420D09 |. 83F8 02 cmp eax, 2
00420D0C |. 0F85 5D010000 jnz 00420E6F
00420D12 |. 8B4D FC mov ecx, dword ptr [ebp-4]
00420D15 |. 2B8B 20010200 sub ecx, dword ptr [ebx+20120]
00420D1B |. 3B8B 24010200 cmp ecx, dword ptr [ebx+20124]
00420D21 |. 0F86 07010000 jbe 00420E2E
00420D27 |. 8B45 FC mov eax, dword ptr [ebp-4]
00420D2A |. 8983 20010200 mov dword ptr [ebx+20120], eax
00420D30 |. E8 CDF01100 call <jmp.&kernel32.GetTickCount>
00420D35 |. B9 E0930400 mov ecx, 493E0
00420D3A |. 33D2 xor edx, edx
00420D3C |. F7F1 div ecx
00420D3E |. 8993 24010200 mov dword ptr [ebx+20124], edx
00420D44 |. 83BB 14010200>cmp dword ptr [ebx+20114], 0
00420D4B |. 74 0B je short 00420D58
00420D4D |. 8B83 14010200 mov eax, dword ptr [ebx+20114]
00420D53 |. 8B70 08 mov esi, dword ptr [eax+8]
00420D56 |. EB 02 jmp short 00420D5A
00420D58 |> 33F6 xor esi, esi
00420D5A |> 8BFE mov edi, esi
00420D5C |. 68 00100000 push 1000
00420D61 |. C1E7 04 shl edi, 4
00420D64 |. 8D85 F0EFFFFF lea eax, dword ptr [ebp-1010]
00420D6A |. 6A 00 push 0
00420D6C |. 50 push eax
00420D6D |. 81C7 94000000 add edi, 94
00420D73 |. E8 98C00F00 call 0051CE10
00420D78 |. 83C4 0C add esp, 0C
00420D7B |. 8D95 F0EFFFFF lea edx, dword ptr [ebp-1010]
00420D81 |. 8955 F8 mov dword ptr [ebp-8], edx
00420D84 |. 8B4D F8 mov ecx, dword ptr [ebp-8]
00420D87 |. 66:8939 mov word ptr [ecx], di
00420D8A |. 8B45 F8 mov eax, dword ptr [ebp-8]
00420D8D |. 8B93 34010200 mov edx, dword ptr [ebx+20134]
00420D93 |. 8950 48 mov dword ptr [eax+48], edx
00420D96 |. 8B4D F8 mov ecx, dword ptr [ebp-8]
00420D99 |. 8971 44 mov dword ptr [ecx+44], esi
00420D9C |. 8B45 F8 mov eax, dword ptr [ebp-8]
00420D9F |. 8B93 30010200 mov edx, dword ptr [ebx+20130]
00420DA5 |. 8950 4C mov dword ptr [eax+4C], edx
00420DA8 |. 8B4D F8 mov ecx, dword ptr [ebp-8]
00420DAB |. 66:C741 02 00>mov word ptr [ecx+2], 0
00420DB1 |. C745 F4 94000>mov dword ptr [ebp-C], 94
00420DB8 |. 8B83 14010200 mov eax, dword ptr [ebx+20114]
00420DBE |. 8B08 mov ecx, dword ptr [eax]
00420DC0 |. 85C9 test ecx, ecx
00420DC2 |. 74 32 je short 00420DF6
00420DC4 |> 8B41 10 /mov eax, dword ptr [ecx+10]
00420DC7 |. 8D95 F0EFFFFF |lea edx, dword ptr [ebp-1010]
00420DCD |. 0355 F4 |add edx, dword ptr [ebp-C]
00420DD0 |. 8B75 F4 |mov esi, dword ptr [ebp-C]
00420DD3 |. 83C6 10 |add esi, 10
00420DD6 |. 8975 F4 |mov dword ptr [ebp-C], esi
00420DD9 |. 8B30 |mov esi, dword ptr [eax]
00420DDB |. 8932 |mov dword ptr [edx], esi
00420DDD |. 8B70 04 |mov esi, dword ptr [eax+4]
00420DE0 |. 8972 04 |mov dword ptr [edx+4], esi
00420DE3 |. 8B70 08 |mov esi, dword ptr [eax+8]
00420DE6 |. 8972 08 |mov dword ptr [edx+8], esi
00420DE9 |. 8B40 10 |mov eax, dword ptr [eax+10]
00420DEC |. 8942 0C |mov dword ptr [edx+C], eax
00420DEF |. 8B49 04 |mov ecx, dword ptr [ecx+4]
00420DF2 |. 85C9 |test ecx, ecx
00420DF4 |.^ 75 CE \jnz short 00420DC4
00420DF6 |> 8D95 F0EFFFFF lea edx, dword ptr [ebp-1010]
00420DFC |. 52 push edx
00420DFD |. 53 push ebx
00420DFE |. E8 09010000 call 00420F0C
00420E03 |. 83C4 08 add esp, 8
00420E06 |. 8D95 F0EFFFFF lea edx, dword ptr [ebp-1010]
00420E0C |. 6A FF push -1
00420E0E |. 6A 01 push 1
00420E10 |. 8B4D F8 mov ecx, dword ptr [ebp-8]
00420E13 |. 0FB701 movzx eax, word ptr [ecx]
00420E16 |. 50 push eax
00420E17 |. 52 push edx
00420E18 |. 8B8B 1C010200 mov ecx, dword ptr [ebx+2011C]
00420E1E |. 51 push ecx
00420E1F |. E8 DC0B0200 call 00441A00
00420E24 |. 83C4 14 add esp, 14
00420E27 |. C683 41010200>mov byte ptr [ebx+20141], 0
00420E2E |> 8B45 FC mov eax, dword ptr [ebp-4]
00420E31 |. 2B83 28010200 sub eax, dword ptr [ebx+20128]
00420E37 |. 3D 204E0000 cmp eax, 4E20
00420E3C |. 76 31 jbe short 00420E6F
00420E3E |. 66:C745 F0 04>mov word ptr [ebp-10], 4
00420E44 |. 66:C745 F2 01>mov word ptr [ebp-E], 1
00420E4A |. 6A FF push -1
00420E4C |. 6A 01 push 1
00420E4E |. 0FB755 F0 movzx edx, word ptr [ebp-10]
00420E52 |. 52 push edx
00420E53 |. 8D4D F0 lea ecx, dword ptr [ebp-10]
00420E56 |. 51 push ecx
00420E57 |. 8B83 1C010200 mov eax, dword ptr [ebx+2011C]
00420E5E |. E8 9D0B0200 call 00441A00
00420E63 |. 83C4 14 add esp, 14
00420E66 |. 8B55 FC mov edx, dword ptr [ebp-4]
00420E69 |. 8993 28010200 mov dword ptr [ebx+20128], edx
00420E6F |> 8B8B 1C010200 mov ecx, dword ptr [ebx+2011C]
00420E75 |. 51 push ecx
00420E76 |. E8 75010200 call 00440FF0
00420E7B |. 59 pop ecx
00420E7C |. 83F8 04 cmp eax, 4
00420E7F |. 75 2F jnz short 00420EB0
00420E81 |. 803D 114C5500>cmp byte ptr [554C11], 0
00420E88 |. 75 26 jnz short 00420EB0
possible stringdata Ref from Data Obj -> 验证服务器断开链接 00420E8A |. 68 B5515500 push 005551B5
00420E8F |. 6A 03 push 3
00420E91 |. 6A 00 push 0
00420E93 |. A1 B4155500 mov eax, dword ptr [5515B4]
00420E98 |. 50 push eax
00420E99 |. E8 7EB3FFFF call 0041C21C
00420E9E |. 83C4 10 add esp, 10
00420EA1 |. 33D2 xor edx, edx
00420EA3 |. 8993 44010200 mov dword ptr [ebx+20144], edx
00420EA9 |. C605 114C5500>mov byte ptr [554C11], 1
00420EB0 |> 5F pop edi
00420EB1 |. 5E pop esi
00420EB2 |. 5B pop ebx
00420EB3 |. 8BE5 mov esp, ebp
00420EB5 |. 5D pop ebp
00420EB6 \. C3 retn
00420EB7 90 nop
00420EB8 /$ 55 push ebp
00420EB9 |. 8BEC mov ebp, esp
00420EBB |. 81C4 04F0FFFF add esp, -0FFC
00420EC1 |. 50 push eax
00420EC2 |. 53 push ebx
00420EC3 |. 8B45 0C mov eax, dword ptr [ebp+C]
00420EC6 |. 8B5D 08 mov ebx, dword ptr [ebp+8]
00420EC9 |. 8BD0 mov edx, eax
00420ECB |. 66:837A 02 01 cmp word ptr [edx+2], 1
00420ED0 |. 74 33 je short 00420F05
00420ED2 |. 8B4D 10 mov ecx, dword ptr [ebp+10]
00420ED5 |. 51 push ecx
00420ED6 |. 50 push eax
00420ED7 |. 8D85 00F0FFFF lea eax, dword ptr [ebp-1000]
00420EDD |. 50 push eax
00420EDE |. E8 BDBE0F00 call 0051CDA0
00420EE3 |. 83C4 0C add esp, 0C
00420EE6 |. 8D85 00F0FFFF lea eax, dword ptr [ebp-1000]
00420EEC |. 50 push eax
00420EED |. 53 push ebx
00420EEE |. E8 E1010000 call 004210D4
00420EF3 |. 83C4 08 add esp, 8
00420EF6 |. 8B15 9C4F5900 mov edx, dword ptr [594F9C]
00420EFC |. 8B0A mov ecx, dword ptr [edx]
00420EFE |. 51 push ecx
00420EFF |. E8 707FFEFF call 00408E74
00420F04 |. 59 pop ecx
00420F05 |> 5B pop ebx
00420F06 |. 8BE5 mov esp, ebp
00420F08 |. 5D pop ebp
00420F09 \. C3 retn
00420F0A 90 nop
00420F0B 90 nop
00420F0C /$ 55 push ebp
00420F0D |. 8BEC mov ebp, esp
00420F0F |. 83C4 F0 add esp, -10
00420F12 |. 53 push ebx
00420F13 |. 56 push esi
00420F14 |. 57 push edi
00420F15 |. 8B45 0C mov eax, dword ptr [ebp+C]
00420F18 |. 8945 FC mov dword ptr [ebp-4], eax
00420F1B |> E8 9878FFFF /call 004187B8
00420F20 |. 8BD8 |mov ebx, eax
00420F22 |. 8B45 FC |mov eax, dword ptr [ebp-4]
00420F25 |. 8958 50 |mov dword ptr [eax+50], ebx
00420F28 |. 81FB 00000010 |cmp ebx, 10000000
00420F2E |.^ 76 EB \jbe short 00420F1B
00420F30 |. 8B55 FC mov edx, dword ptr [ebp-4]
00420F33 |. 8B4A 44 mov ecx, dword ptr [edx+44]
00420F36 |. 894D F8 mov dword ptr [ebp-8], ecx
00420F39 |. B9 BC030000 mov ecx, 3BC
00420F3E |. 8B45 FC mov eax, dword ptr [ebp-4]
00420F41 |. 8170 50 EF12B>xor dword ptr [eax+50], 93B712EF
00420F48 |. 8B55 FC mov edx, dword ptr [ebp-4]
00420F4B |. 8B42 4C mov eax, dword ptr [edx+4C]
00420F4E |. 33D2 xor edx, edx
00420F50 |. F7F1 div ecx
00420F52 |. 8B45 FC mov eax, dword ptr [ebp-4]
00420F55 |. 8B4D FC mov ecx, dword ptr [ebp-4]
00420F58 |. 8BFA mov edi, edx
00420F5A |. 8B50 50 mov edx, dword ptr [eax+50]
00420F5D |. 3151 4C xor dword ptr [ecx+4C], edx
00420F60 |. 8B55 FC mov edx, dword ptr [ebp-4]
00420F63 |. 8B04BD 103C55>mov eax, dword ptr [edi*4+553C10]
00420F6A |. 3142 44 xor dword ptr [edx+44], eax
00420F6D |. 8B45 FC mov eax, dword ptr [ebp-4]
00420F70 |. 8B0CBD 203C55>mov ecx, dword ptr [edi*4+553C20]
00420F77 |. 3148 48 xor dword ptr [eax+48], ecx
00420F7A |. 33DB xor ebx, ebx
00420F7C |. 8B45 FC mov eax, dword ptr [ebp-4]
00420F7F |. 8D50 04 lea edx, dword ptr [eax+4]
00420F82 |. 8955 F4 mov dword ptr [ebp-C], edx
00420F85 |> 8B4D F4 /mov ecx, dword ptr [ebp-C]
00420F88 |. 8BF1 |mov esi, ecx
00420F8A |. E8 2978FFFF |call 004187B8
00420F8F |. 8906 |mov dword ptr [esi], eax
00420F91 |. 8D043B |lea eax, dword ptr [ebx+edi]
00420F94 |. 8B1485 F03B55>|mov edx, dword ptr [eax*4+553BF0]
00420F9B |. 3B16 |cmp edx, dword ptr [esi]
00420F9D |.^ 72 E6 |jb short 00420F85
00420F9F |. 43 |inc ebx
00420FA0 |. 8345 F4 04 |add dword ptr [ebp-C], 4
00420FA4 |. 83FB 10 |cmp ebx, 10
00420FA7 |.^ 7C DC \jl short 00420F85
00420FA9 |. 33DB xor ebx, ebx
00420FAB |. 8B45 FC mov eax, dword ptr [ebp-4]
00420FAE |. 8D50 54 lea edx, dword ptr [eax+54]
00420FB1 |. 8955 F0 mov dword ptr [ebp-10], edx
00420FB4 |> 8B4D F0 /mov ecx, dword ptr [ebp-10]
00420FB7 |. 8BF1 |mov esi, ecx
00420FB9 |. E8 FA77FFFF |call 004187B8
00420FBE |. 8D143B |lea edx, dword ptr [ebx+edi]
00420FC1 |. 8906 |mov dword ptr [esi], eax
00420FC3 |. 8B06 |mov eax, dword ptr [esi]
00420FC5 |. 3B0495 303C55>|cmp eax, dword ptr [edx*4+553C30]
00420FCC |.^ 72 E6 |jb short 00420FB4
00420FCE |. 43 |inc ebx
00420FCF |. 8345 F0 04 |add dword ptr [ebp-10], 4
00420FD3 |. 83FB 10 |cmp ebx, 10
00420FD6 |.^ 7C DC \jl short 00420FB4
00420FD8 |. 8B45 FC mov eax, dword ptr [ebp-4]
00420FDB |. 33C9 xor ecx, ecx
00420FDD |. 33DB xor ebx, ebx
00420FDF |. 8D50 04 lea edx, dword ptr [eax+4]
00420FE2 |> 8B02 /mov eax, dword ptr [edx]
00420FE4 |. 83E0 0F |and eax, 0F
00420FE7 |. 03C8 |add ecx, eax
00420FE9 |. 83FB 0F |cmp ebx, 0F
00420FEC |. 74 08 |je short 00420FF6
00420FEE |. 8B42 50 |mov eax, dword ptr [edx+50]
00420FF1 |. 83E0 0F |and eax, 0F
00420FF4 |. 03C8 |add ecx, eax
00420FF6 |> 43 |inc ebx
00420FF7 |. 83C2 04 |add edx, 4
00420FFA |. 83FB 10 |cmp ebx, 10
00420FFD |.^ 7C E3 \jl short 00420FE2
00420FFF |. 8B55 FC mov edx, dword ptr [ebp-4]
00421002 |. 33DB xor ebx, ebx
00421004 |. 8B82 90000000 mov eax, dword ptr [edx+90]
0042100A |. 25 0000FFFF and eax, FFFF0000
0042100F |. 0BC1 or eax, ecx
00421011 |. 8B4D FC mov ecx, dword ptr [ebp-4]
00421014 |. 8BD0 mov edx, eax
00421016 |. 8991 90000000 mov dword ptr [ecx+90], edx
0042101C |. 8B45 FC mov eax, dword ptr [ebp-4]
0042101F |. 3150 44 xor dword ptr [eax+44], edx
00421022 |. 8B55 FC mov edx, dword ptr [ebp-4]
00421025 |. 8B45 FC mov eax, dword ptr [ebp-4]
00421028 |. 8B8A 90000000 mov ecx, dword ptr [edx+90]
0042102E |. 3148 48 xor dword ptr [eax+48], ecx
00421031 |. 33C0 xor eax, eax
00421033 |. 3B5D F8 cmp ebx, dword ptr [ebp-8]
00421036 |. 0F8D 8F000000 jge 004210CB
0042103C |> 8BD3 /mov edx, ebx
0042103E |. C1E2 04 |shl edx, 4
00421041 |. 0355 0C |add edx, dword ptr [ebp+C]
00421044 |. 81C2 94000000 |add edx, 94
0042104A |. 8D0C38 |lea ecx, dword ptr [eax+edi]
0042104D |. 81E1 FF030080 |and ecx, 800003FF
00421053 |. 79 08 |jns short 0042105D
00421055 |. 49 |dec ecx
00421056 |. 81C9 00FCFFFF |or ecx, FFFFFC00
0042105C |. 41 |inc ecx
0042105D |> 8B0C8D F03B55>|mov ecx, dword ptr [ecx*4+553BF0]
00421064 |. 40 |inc eax
00421065 |. 310A |xor dword ptr [edx], ecx
00421067 |. 8D0C38 |lea ecx, dword ptr [eax+edi]
0042106A |. 81E1 FF030080 |and ecx, 800003FF
00421070 |. 79 08 |jns short 0042107A
00421072 |. 49 |dec ecx
00421073 |. 81C9 00FCFFFF |or ecx, FFFFFC00
00421079 |. 41 |inc ecx
0042107A |> 8B0C8D F03B55>|mov ecx, dword ptr [ecx*4+553BF0]
00421081 |. 40 |inc eax
00421082 |. 314A 04 |xor dword ptr [edx+4], ecx
00421085 |. 8D0C38 |lea ecx, dword ptr [eax+edi]
00421088 |. 81E1 FF030080 |and ecx, 800003FF
0042108E |. 79 08 |jns short 00421098
00421090 |. 49 |dec ecx
00421091 |. 81C9 00FCFFFF |or ecx, FFFFFC00
00421097 |. 41 |inc ecx
00421098 |> 8B0C8D F03B55>|mov ecx, dword ptr [ecx*4+553BF0]
0042109F |. 40 |inc eax
004210A0 |. 314A 08 |xor dword ptr [edx+8], ecx
004210A3 |. 8D0C38 |lea ecx, dword ptr [eax+edi]
004210A6 |. 81E1 FF030080 |and ecx, 800003FF
004210AC |. 79 08 |jns short 004210B6
004210AE |. 49 |dec ecx
004210AF |. 81C9 00FCFFFF |or ecx, FFFFFC00
004210B5 |. 41 |inc ecx
004210B6 |> 8B0C8D F03B55>|mov ecx, dword ptr [ecx*4+553BF0]
004210BD |. 314A 0C |xor dword ptr [edx+C], ecx
004210C0 |. 40 |inc eax
004210C1 |. 43 |inc ebx
004210C2 |. 3B5D F8 |cmp ebx, dword ptr [ebp-8]
004210C5 |.^ 0F8C 71FFFFFF \jl 0042103C
004210CB |> 5F pop edi
004210CC |. 5E pop esi
004210CD |. 5B pop ebx
004210CE |. 8BE5 mov esp, ebp
004210D0 |. 5D pop ebp
004210D1 \. C3 retn
004210D2 90 nop
004210D3 90 nop
004210D4 $ 55 push ebp
004210D5 . 8BEC mov ebp, esp
004210D7 . 83C4 F0 add esp, -10
004210DA . 33C0 xor eax, eax
004210DC . 53 push ebx
004210DD . 56 push esi
004210DE . 57 push edi
004210DF . 8945 FC mov dword ptr [ebp-4], eax
004210E2 . 8B55 0C mov edx, dword ptr [ebp+C]
004210E5 . 8955 F8 mov dword ptr [ebp-8], edx
004210E8 . 33D2 xor edx, edx
004210EA . 8B4D F8 mov ecx, dword ptr [ebp-8]
004210ED . 8171 44 31323>xor dword ptr [ecx+44], 88313231
004210F4 . 8B45 F8 mov eax, dword ptr [ebp-8]
004210F7 . B9 BC030000 mov ecx, 3BC
004210FC . 8B40 44 mov eax, dword ptr [eax+44]
004210FF . F7F1 div ecx
00421101 . 8BFA mov edi, edx
00421103 . 8B55 F8 mov edx, dword ptr [ebp-8]
00421106 . 8B04BD 0C3C55>mov eax, dword ptr [edi*4+553C0C]
0042110D . 3142 48 xor dword ptr [edx+48], eax
00421110 . 8B45 F8 mov eax, dword ptr [ebp-8]
00421113 . 8B0CBD 1C3C55>mov ecx, dword ptr [edi*4+553C1C]
0042111A . 3148 4C xor dword ptr [eax+4C], ecx
0042111D . 33F6 xor esi, esi
0042111F . 8B55 F8 mov edx, dword ptr [ebp-8]
00421122 . 8B4A 48 mov ecx, dword ptr [edx+48]
00421125 . 894D F4 mov dword ptr [ebp-C], ecx
00421128 . 33C0 xor eax, eax
0042112A . 8945 F0 mov dword ptr [ebp-10], eax
0042112D . 8B55 F0 mov edx, dword ptr [ebp-10]
00421130 . 3B55 F4 cmp edx, dword ptr [ebp-C]
00421133 . /0F8D FD010000 jge 00421336
00421139 > |8B5D F0 mov ebx, dword ptr [ebp-10]
0042113C . |C1E3 02 shl ebx, 2
0042113F . |8D1C5B lea ebx, dword ptr [ebx+ebx*2]
00421142 . |035D 0C add ebx, dword ptr [ebp+C]
00421145 . |81C3 90000000 add ebx, 90
0042114B . |8D043E lea eax, dword ptr [esi+edi]
0042114E . |25 FF030080 and eax, 800003FF
00421153 . |79 07 jns short 0042115C
00421155 . |48 dec eax
00421156 . |0D 00FCFFFF or eax, FFFFFC00
0042115B . |40 inc eax
0042115C > |8B1485 F03B55>mov edx, dword ptr [eax*4+553BF0]
00421163 . |3113 xor dword ptr [ebx], edx
00421165 . |8B0B mov ecx, dword ptr [ebx]
00421167 . |51 push ecx
00421168 . |8B45 08 mov eax, dword ptr [ebp+8]
0042116B . |50 push eax
0042116C . |E8 87F8FFFF call 004209F8
00421171 . |83C4 08 add esp, 8
00421174 . |46 inc esi
00421175 . |8D143E lea edx, dword ptr [esi+edi]
00421178 . |81E2 FF030080 and edx, 800003FF
0042117E . |79 08 jns short 00421188
00421180 . |4A dec edx
00421181 . |81CA 00FCFFFF or edx, FFFFFC00
00421187 . |42 inc edx
00421188 > |8B0C95 F03B55>mov ecx, dword ptr [edx*4+553BF0]
0042118F . |46 inc esi
00421190 . |314B 04 xor dword ptr [ebx+4], ecx
00421193 . |8D143E lea edx, dword ptr [esi+edi]
00421196 . |81E2 FF030080 and edx, 800003FF
0042119C . |79 08 jns short 004211A6
0042119E . |4A dec edx
0042119F . |81CA 00FCFFFF or edx, FFFFFC00
004211A5 . |42 inc edx
004211A6 > |8B0C95 F03B55>mov ecx, dword ptr [edx*4+553BF0]
004211AD . |314B 08 xor dword ptr [ebx+8], ecx
004211B0 . |85C0 test eax, eax
004211B2 . |8B55 08 mov edx, dword ptr [ebp+8]
004211B5 . |8B4B 08 mov ecx, dword ptr [ebx+8]
004211B8 . |898A 30010200 mov dword ptr [edx+20130], ecx
004211BE . |74 06 je short 004211C6
004211C0 . |8B53 08 mov edx, dword ptr [ebx+8]
004211C3 . |8950 10 mov dword ptr [eax+10], edx
004211C6 > |46 inc esi
004211C7 . |8B53 04 mov edx, dword ptr [ebx+4]
004211CA . |81FA FF000000 cmp edx, 0FF
004211D0 . |76 19 jbe short 004211EB
004211D2 . |81E2 00FF0000 and edx, 0FF00
004211D8 . |C1EA 08 shr edx, 8
004211DB . |85C0 test eax, eax
004211DD . |74 43 je short 00421222
004211DF . |66:8950 0C mov word ptr [eax+C], dx
004211E3 . |66:C740 0E 02>mov word ptr [eax+E], 2
004211E9 . |EB 37 jmp short 00421222
004211EB > |8B4B 04 mov ecx, dword ptr [ebx+4]
004211EE . |49 dec ecx
004211EF . |74 0B je short 004211FC
004211F1 . |49 dec ecx
004211F2 . |74 10 je short 00421204
004211F4 . |49 dec ecx
004211F5 . |74 15 je short 0042120C
004211F7 . |49 dec ecx
004211F8 . |74 1A je short 00421214
004211FA . |EB 20 jmp short 0042121C
004211FC > |66:C740 0E 03>mov word ptr [eax+E], 3
00421202 . |EB 1E jmp short 00421222
00421204 > |66:C740 0E 03>mov word ptr [eax+E], 3
0042120A . |EB 16 jmp short 00421222
0042120C > |66:C740 0E 04>mov word ptr [eax+E], 4
00421212 . |EB 0E jmp short 00421222
00421214 > |66:C740 0E 05>mov word ptr [eax+E], 5
0042121A . |EB 06 jmp short 00421222
0042121C > |66:C740 0E 03>mov word ptr [eax+E], 3
00421222 > |85C0 test eax, eax
00421224 . |0F84 C5000000 je 004212EF
0042122A . |0FB750 0E movzx edx, word ptr [eax+E]
0042122A . 0FB750 0E movzx edx, word ptr [eax+E]
0042122E . 83FA 05 cmp edx, 5
00421231 . 0F87 B8000000 ja 004212EF
00421237 . FF2495 3E1242>jmp dword ptr [edx*4+42123E]
0042123E . EF124200 dd dumped_.004212EF
00421242 . EF124200 dd dumped_.004212EF
00421246 . 5B124200 dd dumped_.0042125B
0042124A . 83124200 dd dumped_.00421283
0042124E . A7124200 dd dumped_.004212A7
00421252 . CC124200 dd dumped_.004212CC
00421256 . E9 94000000 jmp 004212EF
0042125B > FF45 FC inc dword ptr [ebp-4]
0042125E . 8B48 08 mov ecx, dword ptr [eax+8]
00421261 . 51 push ecx
00421262 . 8B0D B4155500 mov ecx, dword ptr [5515B4]
00421268 . 8B50 04 mov edx, dword ptr [eax+4]
0042126B . 52 push edx
0042126C . 8B00 mov eax, dword ptr [eax]
0042126E . 50 push eax
possible stringdata Ref from Data Obj -> cdkey[%d-%d-%d]验证成功 " 0042126F . 68 CD515500 push 005551CD
00421274 . 6A 01 push 1
00421276 . 6A 00 push 0
00421278 . 51 push ecx
00421279 . E8 9EAFFFFF call 0041C21C
0042127E . 83C4 1C add esp, 1C
00421281 . EB 6C jmp short 004212EF
00421281 . /EB 6C jmp short 004212EF
00421283 > |8B50 08 mov edx, dword ptr [eax+8]
00421286 . |52 push edx
00421287 . |8B48 04 mov ecx, dword ptr [eax+4]
0042128A . |51 push ecx
0042128B . |8B00 mov eax, dword ptr [eax]
0042128D . |50 push eax
possible stringdata Ref from Data Obj -> cdkey[%d-%d-%d]错误,请核对"
00421293 . |6A 03 push 3
00421295 . |6A 00 push 0
00421297 . |A1 B4155500 mov eax, dword ptr [5515B4]
0042129C . |50 push eax
0042129D . |E8 7AAFFFFF call 0041C21C
004212A2 . |83C4 1C add esp, 1C
004212A5 . |EB 48 jmp short 004212EF
004212A7 > |8B50 08 mov edx, dword ptr [eax+8]
004212AA . |52 push edx
004212AB . |8B15 B4155500 mov edx, dword ptr [5515B4]
004212B1 . |8B48 04 mov ecx, dword ptr [eax+4]
004212B4 . |51 push ecx
004212B5 . |8B00 mov eax, dword ptr [eax]
004212B7 . |50 push eax
possible stringdata Ref from Data Obj -> "cdkey[%d-%d-%d]在其他机器登陆,请勿在10分钟内重 004212B8 . |68 02525500 push 00555202
004212BD . |6A 03 push 3
004212BF . |6A 00 push 0
004212C1 . |52 push edx
004212C2 . |E8 55AFFFFF call 0041C21C
004212C7 . |83C4 1C add esp, 1C
004212CA . |EB 23 jmp short 004212EF
004212CC > |8B48 08 mov ecx, dword ptr [eax+8]
004212CF . |51 push ecx
004212CF . 51 push ecx
004212D0 . 8B0D B4155500 mov ecx, dword ptr [5515B4]
004212D6 . 8B50 04 mov edx, dword ptr [eax+4]
004212D9 . 52 push edx
004212DA . 8B00 mov eax, dword ptr [eax]
004212DC . 50 push eax
possible stringdata Ref from Data Obj -> "cdkey[%d-%d-%d]已经过期 " 004212DD . 68 38525500 push 00555238
004212E2 . 6A 03 push 3
004212E4 . 6A 00 push 0
004212E6 . 51 push ecx
004212E7 . E8 30AFFFFF call 0041C21C
004212EC . 83C4 1C add esp, 1C
004212EF > 8B45 F8 mov eax, dword ptr [ebp-8]
004212F2 . 8B55 08 mov edx, dword ptr [ebp+8]
004212F5 . 8B40 4C mov eax, dword ptr [eax+4C]
004212F8 . 3B82 2C010200 cmp eax, dword ptr [edx+2012C]
004212FE . 72 0B jb short 0042130B
00421300 . 8B4D 08 mov ecx, dword ptr [ebp+8]
00421303 . 8981 2C010200 mov dword ptr [ecx+2012C], eax
00421309 . EB 1C jmp short 00421327
possible stringdata Ref from Data Obj -> "cycle数据非法" 0042130B > 68 51525500 push 00555251
00421310 . 6A 02 push 2
00421312 . 6A 00 push 0
00421314 . A1 B4155500 mov eax, dword ptr [5515B4]
00421319 . 50 push eax
0042131A . E8 FDAEFFFF call 0041C21C
0042131F . 83C4 10 add esp, 10
00421322 . 33D2 xor edx, edx
00421324 . 8955 FC mov dword ptr [ebp-4], edx
00421327 > FF45 F0 inc dword ptr [ebp-10]
0042132A . 8B4D F0 mov ecx, dword ptr [ebp-10]
0042132D . 3B4D F4 cmp ecx, dword ptr [ebp-C]
00421330 .^ 0F8C 03FEFFFF jl 00421139
00421336 > 837D FC 32 cmp dword ptr [ebp-4], 32
0042133A . 7E 07 jle short 00421343
0042133C . C745 FC 32000>mov dword ptr [ebp-4], 32
00421343 > 8B45 08 mov eax, dword ptr [ebp+8]
00421346 . 8B90 44010200 mov edx, dword ptr [eax+20144]
0042134C . 3B55 FC cmp edx, dword ptr [ebp-4]
0042134F . 7E 18 jle short 00421369
possible stringdata Ref from Data Obj 可用挂机数减少.请检查cdkey数量.及正确性 00421351 . 68 5F525500 push 0055525F
00421356 . 6A 03 push 3
00421358 . 6A 00 push 0
0042135A . 8B0D B4155500 mov ecx, dword ptr [5515B4]
00421360 . 51 push ecx
00421361 . E8 B6AEFFFF call 0041C21C
00421366 . 83C4 10 add esp, 10
00421369 > 8B45 08 mov eax, dword ptr [ebp+8]
0042136C . 8B55 FC mov edx, dword ptr [ebp-4]
0042136F . 8990 44010200 mov dword ptr [eax+20144], edx
00421375 . 33C0 xor eax, eax
00421377 . 8B55 F8 mov edx, dword ptr [ebp-8]
0042137A . 83C2 04 add edx, 4
0042137D > 8B1A mov ebx, dword ptr [edx]
0042137F . 8D0C38 lea ecx, dword ptr [eax+edi]
00421382 . 3B1C8D F03B55>cmp ebx, dword ptr [ecx*4+553BF0]
00421389 . 76 05 jbe short 00421390
0042138B . 83C8 FF or eax, FFFFFFFF
0042138E . EB 5F jmp short 004213EF
00421390 > 83F8 0F cmp eax, 0F
00421393 . 74 11 je short 004213A6
00421395 . 8B5A 4C mov ebx, dword ptr [edx+4C]
00421398 . 3B1C8D 303C55>cmp ebx, dword ptr [ecx*4+553C30]
0042139F . 73 05 jnb short 004213A6
004213A1 . 83C8 FF or eax, FFFFFFFF
004213A4 . EB 49 jmp short 004213EF
004213A6 > 40 inc eax
004213A7 . 83C2 04 add edx, 4
004213AA . 83F8 10 cmp eax, 10
004213AD .^ 7C CE jl short 0042137D
004213AF . 33DB xor ebx, ebx
004213B1 . 33C9 xor ecx, ecx
004213B3 . 8B45 F8 mov eax, dword ptr [ebp-8]
004213B6 . 8D50 04 lea edx, dword ptr [eax+4]
004213B9 > 8B02 mov eax, dword ptr [edx]
004213BB . 83E0 0F and eax, 0F
004213BE . 03D8 add ebx, eax
004213C0 . 83F9 0F cmp ecx, 0F
004213C3 . 74 08 je short 004213CD
004213C5 . 8B42 4C mov eax, dword ptr [edx+4C]
004213C8 . 83E0 0F and eax, 0F
004213CB . 03D8 add ebx, eax
004213CD > 41 inc ecx
004213CE . 83C2 04 add edx, 4
004213D1 . 83F9 10 cmp ecx, 10
004213D4 .^ 7C E3 jl short 004213B9
004213D6 . 8B55 F8 mov edx, dword ptr [ebp-8]
004213D9 . 8B82 8C000000 mov eax, dword ptr [edx+8C]
004213DF . 25 FFFF0000 and eax, 0FFFF
004213E4 . 3BC3 cmp eax, ebx
004213E6 . 74 05 je short 004213ED
004213E8 . 83C8 FF or eax, FFFFFFFF
004213EB . EB 02 jmp short 004213EF
004213ED > 33C0 xor eax, eax
004213EF > 5F pop edi
004213F0 . 5E pop esi
004213F1 . 5B pop ebx
004213F2 . 8BE5 mov esp, ebp
004213F4 . 5D pop ebp
004213F5 . C3 retn
004213F6 90 nop
004213F7 90 nop
004213F8 /$ 55 push ebp
004213F9 |. 8BEC mov ebp, esp
004213FB |. 83C4 D8 add esp, -28
004213FE |. 8945 FC mov dword ptr [ebp-4], eax
00421401 |. B8 905E5500 mov eax, 00555E90
00421406 |. E8 E5BE0F00 call 0051D2F0
0042140B |. 66:C745 E8 08>mov word ptr [ebp-18], 8
00421411 |. 8B55 FC mov edx, dword ptr [ebp-4]
00421414 |. 33C9 xor ecx, ecx
00421416 |. 890A mov dword ptr [edx], ecx
00421418 |. 8B45 D8 mov eax, dword ptr [ebp-28]
0042141B |. 64:A3 0000000>mov dword ptr fs:[0], eax
00421421 |. 8B45 FC mov eax, dword ptr [ebp-4]
00421424 |. 8BE5 mov esp, ebp
00421426 |. 5D pop ebp
00421427 \. C3 retn
这是我找到的字符串的位置.如和爆破.网络验证.
我谁便输入错注册吗,显示""认证启动" 过一会又显示:"验证服务器断开链接"
请大家指点.壳我脱掉了
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
|
|
|
|
|
|
|
|
|
|
|
 我想不会,很想学一下,不过,现在不到火候呢
|
