[原创][网络验证破解]某外挂验证转本地化-软件逆向-看雪-安全社区|安全招聘|kanxue.com

最新回复 (245) ◀ 1 2 3 4 5 6 7 8 9 10 ▶
tclma 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 11 回帖 59 粉丝 0 关注私信	tclma 26 楼 0042089C /$ 55 push ebp 0042089D \|. 8BEC mov ebp, esp 0042089F \|. 83C4 D4 add esp, -2C 004208A2 \|. B8 205B5500 mov eax, 00555B20 004208A7 \|. 53 push ebx 004208A8 \|. 56 push esi 004208A9 \|. 8B5D 08 mov ebx, dword ptr [ebp+8] 004208AC \|. E8 5BC90F00 call 0051D20C 004208B1 \|. C683 41010200>mov byte ptr [ebx+20141], 1 004208B8 \|. 83BB 1C010200>cmp dword ptr [ebx+2011C], 0 004208BF \|. 74 11 je short 004208D2 004208C1 \|. B0 01 mov al, 1 004208C3 \|. 8B55 D8 mov edx, dword ptr [ebp-28] 004208C6 \|. 64:8915 00000>mov dword ptr fs:[0], edx 004208CD \|. E9 26010000 jmp 004209F8 004208D2 \|> 68 E4010000 push 1E4 ; /Arg1 = 000001E4 004208D7 \|. E8 30B60F00 call 0051BF0C ; \cck.0051BF0C 004208DC \|. 59 pop ecx 004208DD \|. 8945 FC mov dword ptr [ebp-4], eax 004208E0 \|. 85C0 test eax, eax 004208E2 \|. 74 1B je short 004208FF 004208E4 \|. 66:C745 E8 14>mov word ptr [ebp-18], 14 004208EA \|. 8B55 FC mov edx, dword ptr [ebp-4] 004208ED \|. 52 push edx ; /Arg1 004208EE \|. E8 45030200 call 00440C38 ; \cck.00440C38 004208F3 \|. 59 pop ecx 004208F4 \|. 66:C745 E8 08>mov word ptr [ebp-18], 8 004208FA \|. 8B75 FC mov esi, dword ptr [ebp-4] 004208FD \|. EB 03 jmp short 00420902 004208FF \|> 8B75 FC mov esi, dword ptr [ebp-4] 00420902 \|> 33C0 xor eax, eax 00420904 \|. 89B3 1C010200 mov dword ptr [ebx+2011C], esi 0042090A \|. 8946 04 mov dword ptr [esi+4], eax 0042090D \|. 33D2 xor edx, edx 0042090F \|. 8956 44 mov dword ptr [esi+44], edx 00420912 \|. 33C9 xor ecx, ecx 00420914 \|. C746 48 03000>mov dword ptr [esi+48], 3 0042091B \|. 898B 20010200 mov dword ptr [ebx+20120], ecx 00420921 \|. 33C0 xor eax, eax 00420923 \|. 8983 28010200 mov dword ptr [ebx+20128], eax 00420929 \|. 8B83 38010200 mov eax, dword ptr [ebx+20138] 0042092F \|. 85C0 test eax, eax 00420931 \|. 74 1D je short 00420950 00420933 \|. 8B93 3C010200 mov edx, dword ptr [ebx+2013C] 00420939 \|. 52 push edx ; /ExitCode 0042093A \|. 50 push eax ; \|hThread 0042093B \|. E8 F2F41100 call <jmp.&kernel32.TerminateThread> ; \TerminateThread 00420940 \|. 33C9 xor ecx, ecx 00420942 \|. 33C0 xor eax, eax 00420944 \|. 898B 3C010200 mov dword ptr [ebx+2013C], ecx 0042094A \|. 8983 38010200 mov dword ptr [ebx+20138], eax 00420950 \|> 8D55 D4 lea edx, dword ptr [ebp-2C] 00420953 \|. 52 push edx ; /pThreadId 00420954 \|. 6A 00 push 0 ; \|CreationFlags = 0 00420956 \|. 6A 00 push 0 ; \|pThreadParm = NULL 00420958 \|. 68 74B34100 push 0041B374 ; \|ThreadFunction = cck.0041B374 0042095D \|. 6A 00 push 0 ; \|StackSize = 0 0042095F \|. 6A 00 push 0 ; \|pSecurity = NULL 00420961 \|. E8 68F21100 call <jmp.&kernel32.CreateThread> ; \CreateThread 00420966 \|. 8BF0 mov esi, eax 00420968 \|. 89B3 38010200 mov dword ptr [ebx+20138], esi 0042096E \|. 85F6 test esi, esi 00420970 \|. 75 25 jnz short 00420997 00420972 \|. 68 314F5500 push 00554F31 ; /认证连接线程创建失败！请尝试重启程序。如果多次发生该情况，请检查系统或联系客服 00420977 \|. 6A 03 push 3 ; \|Arg3 = 00000003 00420979 \|. 6A 00 push 0 ; \|Arg2 = 00000000 0042097B \|. A1 00145500 mov eax, dword ptr [551400] ; \| 00420980 \|. 50 push eax ; \|Arg1 => 00000000 00420981 \|. E8 02B6FFFF call 0041BF88 ; \cck.0041BF88 00420986 \|. 83C4 10 add esp, 10 00420989 \|. 33C0 xor eax, eax 0042098B \|. 8B55 D8 mov edx, dword ptr [ebp-28] 0042098E \|. 64:8915 00000>mov dword ptr fs:[0], edx 00420995 \|. EB 61 jmp short 004209F8 00420997 \|> 8D8B 3C010200 lea ecx, dword ptr [ebx+2013C] 0042099D \|. 51 push ecx ; /pExitCode 0042099E \|. 8B83 38010200 mov eax, dword ptr [ebx+20138] ; \| 004209A4 \|. 50 push eax ; \|hThread 004209A5 \|. E8 CCF21100 call <jmp.&kernel32.GetExitCodeThread>; \GetExitCodeThread 004209AA \|. 85C0 test eax, eax 004209AC \|. 75 26 jnz short 004209D4 004209AE \|. 68 814F5500 push 00554F81 ; /认证连接线程exitcode获取失败！请尝试重启程序。如果多次发生该情况，请检查系统或联系客服 004209B3 \|. 6A 03 push 3 ; \|Arg3 = 00000003 004209B5 \|. 6A 00 push 0 ; \|Arg2 = 00000000 004209B7 \|. 8B15 00145500 mov edx, dword ptr [551400] ; \| 004209BD \|. 52 push edx ; \|Arg1 => 00000000 004209BE \|. E8 C5B5FFFF call 0041BF88 ; \cck.0041BF88 004209C3 \|. 83C4 10 add esp, 10 004209C6 \|. 33C0 xor eax, eax 004209C8 \|. 8B55 D8 mov edx, dword ptr [ebp-28] 004209CB \|. 64:8915 00000>mov dword ptr fs:[0], edx 004209D2 \|. EB 24 jmp short 004209F8 004209D4 \|> 68 D94F5500 push 00554FD9 ; /认证启动 004209D9 \|. 6A 03 push 3 ; \|Arg3 = 00000003 004209DB \|. 6A 00 push 0 ; \|Arg2 = 00000000 004209DD \|. 8B0D 00145500 mov ecx, dword ptr [551400] ; \| 004209E3 \|. 51 push ecx ; \|Arg1 => 00000000 004209E4 \|. E8 9FB5FFFF call 0041BF88 ; \cck.0041BF88 004209E9 \|. 83C4 10 add esp, 10 004209EC \|. B0 01 mov al, 1 004209EE \|. 8B55 D8 mov edx, dword ptr [ebp-28] 004209F1 \|. 64:8915 00000>mov dword ptr fs:[0], edx 004209F8 \|> 5E pop esi 004209F9 \|. 5B pop ebx 004209FA \|. 8BE5 mov esp, ebp 004209FC \|. 5D pop ebp 004209FD \. C3 retn 004209FE 90 nop 004209FF 90 nop 00420A00 /$ 55 push ebp 00420A01 \|. 8BEC mov ebp, esp 00420A03 \|. 81C4 04F0FFFF add esp, -0FFC 00420A09 \|. 50 push eax 00420A0A \|. 83C4 F0 add esp, -10 00420A0D \|. 803D 3C4A5500>cmp byte ptr [554A3C], 0 00420A14 \|. 53 push ebx 00420A15 \|. 56 push esi 00420A16 \|. 57 push edi 00420A17 \|. 8B5D 08 mov ebx, dword ptr [ebp+8] 00420A1A \|. 75 1B jnz short 00420A37 00420A1C \|. 80BB 48010200>cmp byte ptr [ebx+20148], 0 00420A23 \|. 74 12 je short 00420A37 00420A25 \|. 53 push ebx ; /Arg1 00420A26 \|. E8 71FEFFFF call 0042089C ; \cck.0042089C 00420A2B \|. 59 pop ecx 00420A2C \|. 84C0 test al, al 00420A2E \|. 74 07 je short 00420A37 00420A30 \|. C605 3C4A5500>mov byte ptr [554A3C], 1 00420A37 \|> E8 C4F21100 call <jmp.&kernel32.GetTickCount> ; [GetTickCount 00420A3C \|. 8945 FC mov dword ptr [ebp-4], eax 00420A3F \|. 8B83 14010200 mov eax, dword ptr [ebx+20114] 00420A45 \|. 85C0 test eax, eax 00420A47 \|. 0F84 D3010000 je 00420C20 00420A4D \|. 8378 08 00 cmp dword ptr [eax+8], 0 00420A51 \|. 0F84 C9010000 je 00420C20 00420A57 \|. 8B83 1C010200 mov eax, dword ptr [ebx+2011C] 00420A5D \|. 85C0 test eax, eax 00420A5F \|. 0F84 BB010000 je 00420C20 00420A65 \|. 50 push eax 00420A66 \|. E8 85070200 call 004411F0 00420A6B \|. 59 pop ecx 00420A6C \|. 8B93 1C010200 mov edx, dword ptr [ebx+2011C] 00420A72 \|. 52 push edx ; /Arg1 00420A73 \|. E8 18040200 call 00440E90 ; \cck.00440E90 00420A78 \|. 59 pop ecx 00420A79 \|. 83F8 02 cmp eax, 2 00420A7C \|. 0F85 5D010000 jnz 00420BDF 00420A82 \|. 8B4D FC mov ecx, dword ptr [ebp-4] 00420A85 \|. 2B8B 20010200 sub ecx, dword ptr [ebx+20120] 00420A8B \|. 3B8B 24010200 cmp ecx, dword ptr [ebx+20124] 00420A91 \|. 0F86 07010000 jbe 00420B9E 00420A97 \|. 8B45 FC mov eax, dword ptr [ebp-4] 00420A9A \|. 8983 20010200 mov dword ptr [ebx+20120], eax 00420AA0 \|. E8 5BF21100 call <jmp.&kernel32.GetTickCount> ; [GetTickCount 00420AA5 \|. B9 E0930400 mov ecx, 493E0 00420AAA \|. 33D2 xor edx, edx 00420AAC \|. F7F1 div ecx 00420AAE \|. 8993 24010200 mov dword ptr [ebx+20124], edx 00420AB4 \|. 83BB 14010200>cmp dword ptr [ebx+20114], 0 00420ABB \|. 74 0B je short 00420AC8 00420ABD \|. 8B83 14010200 mov eax, dword ptr [ebx+20114] 00420AC3 \|. 8B70 08 mov esi, dword ptr [eax+8] 00420AC6 \|. EB 02 jmp short 00420ACA 00420AC8 \|> 33F6 xor esi, esi 00420ACA \|> 8BFE mov edi, esi 00420ACC \|. 68 00100000 push 1000 ; /Arg3 = 00001000 00420AD1 \|. C1E7 04 shl edi, 4 ; \| 00420AD4 \|. 8D85 F0EFFFFF lea eax, dword ptr [ebp-1010] ; \| 00420ADA \|. 6A 00 push 0 ; \|Arg2 = 00000000 00420ADC \|. 50 push eax ; \|Arg1 00420ADD \|. 81C7 94000000 add edi, 94 ; \| 00420AE3 \|. E8 44C20F00 call 0051CD2C ; \cck.0051CD2C 00420AE8 \|. 83C4 0C add esp, 0C 00420AEB \|. 8D95 F0EFFFFF lea edx, dword ptr [ebp-1010] 00420AF1 \|. 8955 F8 mov dword ptr [ebp-8], edx 00420AF4 \|. 8B4D F8 mov ecx, dword ptr [ebp-8] 00420AF7 \|. 66:8939 mov word ptr [ecx], di 00420AFA \|. 8B45 F8 mov eax, dword ptr [ebp-8] 00420AFD \|. 8B93 34010200 mov edx, dword ptr [ebx+20134] 00420B03 \|. 8950 48 mov dword ptr [eax+48], edx 00420B06 \|. 8B4D F8 mov ecx, dword ptr [ebp-8] 00420B09 \|. 8971 44 mov dword ptr [ecx+44], esi 00420B0C \|. 8B45 F8 mov eax, dword ptr [ebp-8] 00420B0F \|. 8B93 30010200 mov edx, dword ptr [ebx+20130] 00420B15 \|. 8950 4C mov dword ptr [eax+4C], edx 00420B18 \|. 8B4D F8 mov ecx, dword ptr [ebp-8] 00420B1B \|. 66:C741 02 00>mov word ptr [ecx+2], 0 00420B21 \|. C745 F4 94000>mov dword ptr [ebp-C], 94 00420B28 \|. 8B83 14010200 mov eax, dword ptr [ebx+20114] 00420B2E \|. 8B08 mov ecx, dword ptr [eax] 00420B30 \|. 85C9 test ecx, ecx 00420B32 \|. 74 32 je short 00420B66 00420B34 \|> 8B41 10 /mov eax, dword ptr [ecx+10] 00420B37 \|. 8D95 F0EFFFFF \|lea edx, dword ptr [ebp-1010] 00420B3D \|. 0355 F4 \|add edx, dword ptr [ebp-C] 00420B40 \|. 8B75 F4 \|mov esi, dword ptr [ebp-C] 00420B43 \|. 83C6 10 \|add esi, 10 00420B46 \|. 8975 F4 \|mov dword ptr [ebp-C], esi 00420B49 \|. 8B30 \|mov esi, dword ptr [eax] 00420B4B \|. 8932 \|mov dword ptr [edx], esi 00420B4D \|. 8B70 04 \|mov esi, dword ptr [eax+4] 00420B50 \|. 8972 04 \|mov dword ptr [edx+4], esi 00420B53 \|. 8B70 08 \|mov esi, dword ptr [eax+8] 00420B56 \|. 8972 08 \|mov dword ptr [edx+8], esi 00420B59 \|. 8B40 10 \|mov eax, dword ptr [eax+10] 00420B5C \|. 8942 0C \|mov dword ptr [edx+C], eax 00420B5F \|. 8B49 04 \|mov ecx, dword ptr [ecx+4] 00420B62 \|. 85C9 \|test ecx, ecx 00420B64 \|.^ 75 CE \jnz short 00420B34 00420B66 \|> 8D95 F0EFFFFF lea edx, dword ptr [ebp-1010] 00420B6C \|. 52 push edx ; /Arg2 00420B6D \|. 53 push ebx ; \|Arg1 00420B6E \|. E8 09010000 call 00420C7C ; \cck.00420C7C 00420B73 \|. 83C4 08 add esp, 8 00420B76 \|. 8D95 F0EFFFFF lea edx, dword ptr [ebp-1010] 00420B7C \|. 6A FF push -1 ; /Arg5 = FFFFFFFF 00420B7E \|. 6A 01 push 1 ; \|Arg4 = 00000001 00420B80 \|. 8B4D F8 mov ecx, dword ptr [ebp-8] ; \| 00420B83 \|. 0FB701 movzx eax, word ptr [ecx] ; \| 00420B86 \|. 50 push eax ; \|Arg3 00420B87 \|. 52 push edx ; \|Arg2 00420B88 \|. 8B8B 1C010200 mov ecx, dword ptr [ebx+2011C] ; \| 00420B8E \|. 51 push ecx ; \|Arg1 00420B8F \|. E8 080D0200 call 0044189C ; \cck.0044189C 00420B94 \|. 83C4 14 add esp, 14 00420B97 \|. C683 41010200>mov byte ptr [ebx+20141], 0 00420B9E \|> 8B45 FC mov eax, dword ptr [ebp-4] 00420BA1 \|. 2B83 28010200 sub eax, dword ptr [ebx+20128] 00420BA7 \|. 3D 204E0000 cmp eax, 4E20 00420BAC \|. 76 31 jbe short 00420BDF 00420BAE \|. 66:C745 F0 04>mov word ptr [ebp-10], 4 00420BB4 \|. 66:C745 F2 01>mov word ptr [ebp-E], 1 00420BBA \|. 6A FF push -1 ; /Arg5 = FFFFFFFF 00420BBC \|. 6A 01 push 1 ; \|Arg4 = 00000001 00420BBE \|. 0FB755 F0 movzx edx, word ptr [ebp-10] ; \| 00420BC2 \|. 52 push edx ; \|Arg3 00420BC3 \|. 8D4D F0 lea ecx, dword ptr [ebp-10] ; \| 00420BC6 \|. 51 push ecx ; \|Arg2 00420BC7 \|. 8B83 1C010200 mov eax, dword ptr [ebx+2011C] ; \| 00420BCD \|. 50 push eax ; \|Arg1 00420BCE \|. E8 C90C0200 call 0044189C ; \cck.0044189C 00420BD3 \|. 83C4 14 add esp, 14 00420BD6 \|. 8B55 FC mov edx, dword ptr [ebp-4] 00420BD9 \|. 8993 28010200 mov dword ptr [ebx+20128], edx 00420BDF \|> 8B8B 1C010200 mov ecx, dword ptr [ebx+2011C] 00420BE5 \|. 51 push ecx ; /Arg1 00420BE6 \|. E8 A5020200 call 00440E90 ; \cck.00440E90 00420BEB \|. 59 pop ecx 00420BEC \|. 83F8 04 cmp eax, 4 00420BEF \|. 75 2F jnz short 00420C20 00420BF1 \|. 803D 3D4A5500>cmp byte ptr [554A3D], 0 00420BF8 \|. 75 26 jnz short 00420C20 00420BFA \|. 68 E24F5500 push 00554FE2 ; /验证服务器断开链接..... 00420BFF \|. 6A 03 push 3 ; \|Arg3 = 00000003 00420C01 \|. 6A 00 push 0 ; \|Arg2 = 00000000 00420C03 \|. A1 00145500 mov eax, dword ptr [551400] ; \| 00420C08 \|. 50 push eax ; \|Arg1 => 00000000 00420C09 \|. E8 7AB3FFFF call 0041BF88 ; \cck.0041BF88 00420C0E \|. 83C4 10 add esp, 10 00420C11 \|. 33D2 xor edx, edx 00420C13 \|. 8993 44010200 mov dword ptr [ebx+20144], edx 00420C19 \|. C605 3D4A5500>mov byte ptr [554A3D], 1 00420C20 \|> 5F pop edi 00420C21 \|. 5E pop esi 00420C22 \|. 5B pop ebx 00420C23 \|. 8BE5 mov esp, ebp 00420C25 \|. 5D pop ebp 00420C26 \. C3 retn 00420C27 90 nop 00420C28 /$ 55 push ebp 00420C29 \|. 8BEC mov ebp, esp 00420C2B \|. 81C4 04F0FFFF add esp, -0FFC 00420C31 \|. 50 push eax 00420C32 \|. 53 push ebx 00420C33 \|. 8B45 0C mov eax, dword ptr [ebp+C] 00420C36 \|. 8B5D 08 mov ebx, dword ptr [ebp+8] 00420C39 \|. 8BD0 mov edx, eax 00420C3B \|. 66:837A 02 01 cmp word ptr [edx+2], 1 00420C40 \|. 74 33 je short 00420C75 00420C42 \|. 8B4D 10 mov ecx, dword ptr [ebp+10] 00420C45 \|. 51 push ecx ; /Arg3 00420C46 \|. 50 push eax ; \|Arg2 00420C47 \|. 8D85 00F0FFFF lea eax, dword ptr [ebp-1000] ; \| 00420C4D \|. 50 push eax ; \|Arg1 00420C4E \|. E8 69C00F00 call 0051CCBC ; \cck.0051CCBC 00420C53 \|. 83C4 0C add esp, 0C 00420C56 \|. 8D85 00F0FFFF lea eax, dword ptr [ebp-1000] 00420C5C \|. 50 push eax 00420C5D \|. 53 push ebx 00420C5E \|. E8 E1010000 call 00420E44 00420C63 \|. 83C4 08 add esp, 8 00420C66 \|. 8B15 784C5900 mov edx, dword ptr [594C78] ; cck._Form_Main 00420C6C \|. 8B0A mov ecx, dword ptr [edx] 00420C6E \|. 51 push ecx 00420C6F \|. E8 0082FEFF call 00408E74 00420C74 \|. 59 pop ecx 00420C75 \|> 5B pop ebx 00420C76 \|. 8BE5 mov esp, ebp 00420C78 \|. 5D pop ebp 00420C79 \. C3 retn 00420C7A 90 nop 00420C7B 90 nop 00420C7C /$ 55 push ebp 00420C7D \|. 8BEC mov ebp, esp 00420C7F \|. 83C4 F0 add esp, -10 00420C82 \|. 53 push ebx 00420C83 \|. 56 push esi 00420C84 \|. 57 push edi 00420C85 \|. 8B45 0C mov eax, dword ptr [ebp+C] 00420C88 \|. 8945 FC mov dword ptr [ebp-4], eax 00420C8B \|> E8 8C78FFFF /call 0041851C 00420C90 \|. 8BD8 \|mov ebx, eax 00420C92 \|. 8B45 FC \|mov eax, dword ptr [ebp-4] 00420C95 \|. 8958 50 \|mov dword ptr [eax+50], ebx 00420C98 \|. 81FB 00000010 \|cmp ebx, 10000000 00420C9E \|.^ 76 EB \jbe short 00420C8B 00420CA0 \|. 8B55 FC mov edx, dword ptr [ebp-4] 00420CA3 \|. 8B4A 44 mov ecx, dword ptr [edx+44] 00420CA6 \|. 894D F8 mov dword ptr [ebp-8], ecx 00420CA9 \|. B9 BC030000 mov ecx, 3BC 00420CAE \|. 8B45 FC mov eax, dword ptr [ebp-4] 00420CB1 \|. 8170 50 EF12B>xor dword ptr [eax+50], 93B712EF 00420CB8 \|. 8B55 FC mov edx, dword ptr [ebp-4] 00420CBB \|. 8B42 4C mov eax, dword ptr [edx+4C] 00420CBE \|. 33D2 xor edx, edx 00420CC0 \|. F7F1 div ecx 00420CC2 \|. 8B45 FC mov eax, dword ptr [ebp-4] 00420CC5 \|. 8B4D FC mov ecx, dword ptr [ebp-4] 00420CC8 \|. 8BFA mov edi, edx 00420CCA \|. 8B50 50 mov edx, dword ptr [eax+50] 00420CCD \|. 3151 4C xor dword ptr [ecx+4C], edx 00420CD0 \|. 8B55 FC mov edx, dword ptr [ebp-4] 00420CD3 \|. 8B04BD 3C3A55>mov eax, dword ptr [edi4+553A3C] 00420CDA \|. 3142 44 xor dword ptr [edx+44], eax 00420CDD \|. 8B45 FC mov eax, dword ptr [ebp-4] 00420CE0 \|. 8B0CBD 4C3A55>mov ecx, dword ptr [edi4+553A4C] 00420CE7 \|. 3148 48 xor dword ptr [eax+48], ecx 00420CEA \|. 33DB xor ebx, ebx 00420CEC \|. 8B45 FC mov eax, dword ptr [ebp-4] 00420CEF \|. 8D50 04 lea edx, dword ptr [eax+4] 00420CF2 \|. 8955 F4 mov dword ptr [ebp-C], edx 00420CF5 \|> 8B4D F4 /mov ecx, dword ptr [ebp-C] 00420CF8 \|. 8BF1 \|mov esi, ecx 00420CFA \|. E8 1D78FFFF \|call 0041851C 00420CFF \|. 8906 \|mov dword ptr [esi], eax 00420D01 \|. 8D043B \|lea eax, dword ptr [ebx+edi] 00420D04 \|. 8B1485 1C3A55>\|mov edx, dword ptr [eax4+553A1C] 00420D0B \|. 3B16 \|cmp edx, dword ptr [esi] 00420D0D \|.^ 72 E6 \|jb short 00420CF5 00420D0F \|. 43 \|inc ebx 00420D10 \|. 8345 F4 04 \|add dword ptr [ebp-C], 4 00420D14 \|. 83FB 10 \|cmp ebx, 10 00420D17 \|.^ 7C DC \jl short 00420CF5 00420D19 \|. 33DB xor ebx, ebx 00420D1B \|. 8B45 FC mov eax, dword ptr [ebp-4] 00420D1E \|. 8D50 54 lea edx, dword ptr [eax+54] 00420D21 \|. 8955 F0 mov dword ptr [ebp-10], edx 00420D24 \|> 8B4D F0 /mov ecx, dword ptr [ebp-10] 00420D27 \|. 8BF1 \|mov esi, ecx 00420D29 \|. E8 EE77FFFF \|call 0041851C 00420D2E \|. 8D143B \|lea edx, dword ptr [ebx+edi] 00420D31 \|. 8906 \|mov dword ptr [esi], eax 00420D33 \|. 8B06 \|mov eax, dword ptr [esi] 00420D35 \|. 3B0495 5C3A55>\|cmp eax, dword ptr [edx4+553A5C] 00420D3C \|.^ 72 E6 \|jb short 00420D24 00420D3E \|. 43 \|inc ebx 00420D3F \|. 8345 F0 04 \|add dword ptr [ebp-10], 4 00420D43 \|. 83FB 10 \|cmp ebx, 10 00420D46 \|.^ 7C DC \jl short 00420D24 00420D48 \|. 8B45 FC mov eax, dword ptr [ebp-4] 00420D4B \|. 33C9 xor ecx, ecx 00420D4D \|. 33DB xor ebx, ebx 00420D4F \|. 8D50 04 lea edx, dword ptr [eax+4] 00420D52 \|> 8B02 /mov eax, dword ptr [edx] 00420D54 \|. 83E0 0F \|and eax, 0F 00420D57 \|. 03C8 \|add ecx, eax 00420D59 \|. 83FB 0F \|cmp ebx, 0F 00420D5C \|. 74 08 \|je short 00420D66 00420D5E \|. 8B42 50 \|mov eax, dword ptr [edx+50] 00420D61 \|. 83E0 0F \|and eax, 0F 00420D64 \|. 03C8 \|add ecx, eax 00420D66 \|> 43 \|inc ebx 00420D67 \|. 83C2 04 \|add edx, 4 00420D6A \|. 83FB 10 \|cmp ebx, 10 00420D6D \|.^ 7C E3 \jl short 00420D52 00420D6F \|. 8B55 FC mov edx, dword ptr [ebp-4] 00420D72 \|. 33DB xor ebx, ebx 00420D74 \|. 8B82 90000000 mov eax, dword ptr [edx+90] 00420D7A \|. 25 0000FFFF and eax, FFFF0000 00420D7F \|. 0BC1 or eax, ecx 00420D81 \|. 8B4D FC mov ecx, dword ptr [ebp-4] 00420D84 \|. 8BD0 mov edx, eax 00420D86 \|. 8991 90000000 mov dword ptr [ecx+90], edx 00420D8C \|. 8B45 FC mov eax, dword ptr [ebp-4] 00420D8F \|. 3150 44 xor dword ptr [eax+44], edx 00420D92 \|. 8B55 FC mov edx, dword ptr [ebp-4] 00420D95 \|. 8B45 FC mov eax, dword ptr [ebp-4] 00420D98 \|. 8B8A 90000000 mov ecx, dword ptr [edx+90] 00420D9E \|. 3148 48 xor dword ptr [eax+48], ecx 00420DA1 \|. 33C0 xor eax, eax 00420DA3 \|. 3B5D F8 cmp ebx, dword ptr [ebp-8] 00420DA6 \|. 0F8D 8F000000 jge 00420E3B 00420DAC \|> 8BD3 /mov edx, ebx 00420DAE \|. C1E2 04 \|shl edx, 4 00420DB1 \|. 0355 0C \|add edx, dword ptr [ebp+C] 00420DB4 \|. 81C2 94000000 \|add edx, 94 00420DBA \|. 8D0C38 \|lea ecx, dword ptr [eax+edi] 00420DBD \|. 81E1 FF030080 \|and ecx, 800003FF 00420DC3 \|. 79 08 \|jns short 00420DCD 00420DC5 \|. 49 \|dec ecx 00420DC6 \|. 81C9 00FCFFFF \|or ecx, FFFFFC00 00420DCC \|. 41 \|inc ecx 00420DCD \|> 8B0C8D 1C3A55>\|mov ecx, dword ptr [ecx4+553A1C] 00420DD4 \|. 40 \|inc eax 00420DD5 \|. 310A \|xor dword ptr [edx], ecx 00420DD7 \|. 8D0C38 \|lea ecx, dword ptr [eax+edi] 00420DDA \|. 81E1 FF030080 \|and ecx, 800003FF 00420DE0 \|. 79 08 \|jns short 00420DEA 00420DE2 \|. 49 \|dec ecx 00420DE3 \|. 81C9 00FCFFFF \|or ecx, FFFFFC00 00420DE9 \|. 41 \|inc ecx 00420DEA \|> 8B0C8D 1C3A55>\|mov ecx, dword ptr [ecx4+553A1C] 00420DF1 \|. 40 \|inc eax 00420DF2 \|. 314A 04 \|xor dword ptr [edx+4], ecx 00420DF5 \|. 8D0C38 \|lea ecx, dword ptr [eax+edi] 00420DF8 \|. 81E1 FF030080 \|and ecx, 800003FF 00420DFE \|. 79 08 \|jns short 00420E08 00420E00 \|. 49 \|dec ecx 00420E01 \|. 81C9 00FCFFFF \|or ecx, FFFFFC00 00420E07 \|. 41 \|inc ecx 00420E08 \|> 8B0C8D 1C3A55>\|mov ecx, dword ptr [ecx4+553A1C] 00420E0F \|. 40 \|inc eax 00420E10 \|. 314A 08 \|xor dword ptr [edx+8], ecx 00420E13 \|. 8D0C38 \|lea ecx, dword ptr [eax+edi] 00420E16 \|. 81E1 FF030080 \|and ecx, 800003FF 00420E1C \|. 79 08 \|jns short 00420E26 00420E1E \|. 49 \|dec ecx 00420E1F \|. 81C9 00FCFFFF \|or ecx, FFFFFC00 00420E25 \|. 41 \|inc ecx 00420E26 \|> 8B0C8D 1C3A55>\|mov ecx, dword ptr [ecx4+553A1C] 00420E2D \|. 314A 0C \|xor dword ptr [edx+C], ecx 00420E30 \|. 40 \|inc eax 00420E31 \|. 43 \|inc ebx 00420E32 \|. 3B5D F8 \|cmp ebx, dword ptr [ebp-8] 00420E35 \|.^ 0F8C 71FFFFFF \jl 00420DAC 00420E3B \|> 5F pop edi 00420E3C \|. 5E pop esi 00420E3D \|. 5B pop ebx 00420E3E \|. 8BE5 mov esp, ebp 00420E40 \|. 5D pop ebp 00420E41 \. C3 retn 00420E42 90 nop 00420E43 90 nop 00420E44 $ 55 push ebp 00420E45 . 8BEC mov ebp, esp 00420E47 . 83C4 B8 add esp, -48 00420E4A . 33C0 xor eax, eax 00420E4C . 53 push ebx 00420E4D . 56 push esi 00420E4E . 57 push edi 00420E4F . 8945 FC mov dword ptr [ebp-4], eax 00420E52 . 8B55 0C mov edx, dword ptr [ebp+C] 00420E55 . 8955 F8 mov dword ptr [ebp-8], edx 00420E58 . 33D2 xor edx, edx 00420E5A . 8B4D F8 mov ecx, dword ptr [ebp-8] 00420E5D . 8171 44 31323>xor dword ptr [ecx+44], 88313231 00420E64 . 8B45 F8 mov eax, dword ptr [ebp-8] 00420E67 . B9 BC030000 mov ecx, 3BC 00420E6C . 8B40 44 mov eax, dword ptr [eax+44] 00420E6F . F7F1 div ecx 00420E71 . 8955 F4 mov dword ptr [ebp-C], edx 00420E74 . 8B45 F4 mov eax, dword ptr [ebp-C] 00420E77 . 8B4D F8 mov ecx, dword ptr [ebp-8] 00420E7A . 8B1485 383A55>mov edx, dword ptr [eax4+553A38] 00420E81 . 3151 48 xor dword ptr [ecx+48], edx 00420E84 . 8B45 F4 mov eax, dword ptr [ebp-C] 00420E87 . 8B4D F8 mov ecx, dword ptr [ebp-8] 00420E8A . 8B1485 483A55>mov edx, dword ptr [eax4+553A48] 00420E91 . 3151 4C xor dword ptr [ecx+4C], edx 00420E94 . 33FF xor edi, edi 00420E96 . 8B45 F8 mov eax, dword ptr [ebp-8] 00420E99 . 8B50 48 mov edx, dword ptr [eax+48] 00420E9C . 8955 F0 mov dword ptr [ebp-10], edx 00420E9F . 33C0 xor eax, eax 00420EA1 . 8945 EC mov dword ptr [ebp-14], eax 00420EA4 . 8B55 EC mov edx, dword ptr [ebp-14] 00420EA7 . 3B55 F0 cmp edx, dword ptr [ebp-10] 00420EAA . 0F8D 23020000 jge 004210D3 00420EB0 > 8B5D EC mov ebx, dword ptr [ebp-14] 00420EB3 . 8B45 F4 mov eax, dword ptr [ebp-C] 00420EB6 . C1E3 02 shl ebx, 2 00420EB9 . 03C7 add eax, edi 00420EBB . 8D1C5B lea ebx, dword ptr [ebx+ebx2] 00420EBE . 035D 0C add ebx, dword ptr [ebp+C] 00420EC1 . 81C3 90000000 add ebx, 90 00420EC7 . 25 FF030080 and eax, 800003FF 00420ECC . 79 07 jns short 00420ED5 00420ECE . 48 dec eax 00420ECF . 0D 00FCFFFF or eax, FFFFFC00 00420ED4 . 40 inc eax 00420ED5 > 8B1485 1C3A55>mov edx, dword ptr [eax4+553A1C] 00420EDC . 3113 xor dword ptr [ebx], edx 00420EDE . 8B0B mov ecx, dword ptr [ebx] 00420EE0 . 51 push ecx ; /Arg2 00420EE1 . 8B45 08 mov eax, dword ptr [ebp+8] ; \| 00420EE4 . 50 push eax ; \|Arg1 00420EE5 . E8 7EF8FFFF call 00420768 ; \cck.00420768 00420EEA . 83C4 08 add esp, 8 00420EED . 8BF0 mov esi, eax 00420EEF . 47 inc edi 00420EF0 . 8B45 F4 mov eax, dword ptr [ebp-C] 00420EF3 . 03C7 add eax, edi 00420EF5 . 25 FF030080 and eax, 800003FF 00420EFA . 79 07 jns short 00420F03 00420EFC . 48 dec eax 00420EFD . 0D 00FCFFFF or eax, FFFFFC00 00420F02 . 40 inc eax 00420F03 > 8B1485 1C3A55>mov edx, dword ptr [eax4+553A1C] 00420F0A . 3153 04 xor dword ptr [ebx+4], edx 00420F0D . 47 inc edi 00420F0E . 8B4D F4 mov ecx, dword ptr [ebp-C] 00420F11 . 03CF add ecx, edi 00420F13 . 81E1 FF030080 and ecx, 800003FF 00420F19 . 79 08 jns short 00420F23 00420F1B . 49 dec ecx 00420F1C . 81C9 00FCFFFF or ecx, FFFFFC00 00420F22 . 41 inc ecx 00420F23 > 8B048D 1C3A55>mov eax, dword ptr [ecx4+553A1C] 00420F2A . 3143 08 xor dword ptr [ebx+8], eax 00420F2D . 85F6 test esi, esi 00420F2F . 8B55 08 mov edx, dword ptr [ebp+8] 00420F32 . 8B4B 08 mov ecx, dword ptr [ebx+8] 00420F35 . 898A 30010200 mov dword ptr [edx+20130], ecx 00420F3B . 74 06 je short 00420F43 00420F3D . 8B43 08 mov eax, dword ptr [ebx+8] 00420F40 . 8946 10 mov dword ptr [esi+10], eax 00420F43 > 47 inc edi 00420F44 . 8B43 04 mov eax, dword ptr [ebx+4] 00420F47 . 3D FF000000 cmp eax, 0FF 00420F4C . 76 18 jbe short 00420F66 00420F4E . 25 00FF0000 and eax, 0FF00 00420F53 . C1E8 08 shr eax, 8 00420F56 . 85F6 test esi, esi 00420F58 . 74 43 je short 00420F9D 00420F5A . 66:8946 0C mov word ptr [esi+C], ax 00420F5E . 66:C746 0E 02>mov word ptr [esi+E], 2 00420F64 . EB 37 jmp short 00420F9D 00420F66 > 8B53 04 mov edx, dword ptr [ebx+4] 00420F69 . 4A dec edx ; Switch (cases 1..4) 00420F6A . 74 0B je short 00420F77 00420F6C . 4A dec edx 00420F6D . 74 10 je short 00420F7F 00420F6F . 4A dec edx 00420F70 . 74 15 je short 00420F87 00420F72 . 4A dec edx 00420F73 . 74 1A je short 00420F8F 00420F75 . EB 20 jmp short 00420F97 00420F77 > 66:C746 0E 03>mov word ptr [esi+E], 3 ; Case 1 of switch 00420F69 00420F7D . EB 1E jmp short 00420F9D 00420F7F > 66:C746 0E 03>mov word ptr [esi+E], 3 ; Case 2 of switch 00420F69 00420F85 . EB 16 jmp short 00420F9D 00420F87 > 66:C746 0E 04>mov word ptr [esi+E], 4 ; Case 3 of switch 00420F69 00420F8D . EB 0E jmp short 00420F9D 00420F8F > 66:C746 0E 05>mov word ptr [esi+E], 5 ; Case 4 of switch 00420F69 00420F95 . EB 06 jmp short 00420F9D 00420F97 > 66:C746 0E 03>mov word ptr [esi+E], 3 ; Default case of switch 00420F69 00420F9D > 85F6 test esi, esi 00420F9F . 0F84 E7000000 je 0042108C 00420FA5 . 0FB74E 0E movzx ecx, word ptr [esi+E] 00420FA9 . 83F9 05 cmp ecx, 5 ; Switch (cases 2..5) 00420FAC . 0F87 DA000000 ja 0042108C 00420FB2 . FF248D B90F42>jmp dword ptr [ecx4+420FB9] 00420FB9 . 8C104200 dd cck.0042108C ; 分支表被用于 00420FB2 00420FBD . 8C104200 dd cck.0042108C 00420FC1 . D60F4200 dd cck.00420FD6 00420FC5 . 20104200 dd cck.00421020 00420FC9 . 45104200 dd cck.00421045 00420FCD . 6A104200 dd cck.0042106A 00420FD1 . E9 B6000000 jmp 0042108C 00420FD6 > 8B06 mov eax, dword ptr [esi] ; Case 2 of switch 00420FA9 00420FD8 . 8D55 B8 lea edx, dword ptr [ebp-48] 00420FDB . 50 push eax ; /Arg3 00420FDC . 68 FA4F5500 push 00554FFA ; \|%d 00420FE1 . 52 push edx ; \|Arg1 00420FE2 . E8 7DF80F00 call 00520864 ; \cck.00520864 00420FE7 . 83C4 0C add esp, 0C 00420FEA . 0FBE4D B8 movsx ecx, byte ptr [ebp-48] 00420FEE . 83F9 32 cmp ecx, 32 00420FF1 . 75 06 jnz short 00420FF9 00420FF3 . 8345 FC 32 add dword ptr [ebp-4], 32 00420FF7 . EB 03 jmp short 00420FFC 00420FF9 > FF45 FC inc dword ptr [ebp-4] 00420FFC > 8B46 08 mov eax, dword ptr [esi+8] 00420FFF . 50 push eax ; /Arg7 00421000 . A1 00145500 mov eax, dword ptr [551400] ; \| 00421005 . 8B56 04 mov edx, dword ptr [esi+4] ; \| 00421008 . 52 push edx ; \|Arg6 00421009 . 8B0E mov ecx, dword ptr [esi] ; \| 0042100B . 51 push ecx ; \|Arg5 0042100C . 68 FD4F5500 push 00554FFD ; \|cdkey[%d-%d-%d]验证成功 00421011 . 6A 01 push 1 ; \|Arg3 = 00000001 00421013 . 6A 00 push 0 ; \|Arg2 = 00000000 00421015 . 50 push eax ; \|Arg1 => 00000000 00421016 . E8 6DAFFFFF call 0041BF88 ; \cck.0041BF88 0042101B . 83C4 1C add esp, 1C 0042101E . EB 6C jmp short 0042108C 00421020 > 8B56 08 mov edx, dword ptr [esi+8] ; Case 3 of switch 00420FA9 00421023 . 52 push edx ; /Arg7 00421024 . 8B15 00145500 mov edx, dword ptr [551400] ; \| 0042102A . 8B4E 04 mov ecx, dword ptr [esi+4] ; \| 0042102D . 51 push ecx ; \|Arg6 0042102E . 8B06 mov eax, dword ptr [esi] ; \| 00421030 . 50 push eax ; \|Arg5 00421031 . 68 16505500 push 00555016 ; \|cdkey[%d-%d-%d]错误，请核对 00421036 . 6A 03 push 3 ; \|Arg3 = 00000003 00421038 . 6A 00 push 0 ; \|Arg2 = 00000000 0042103A . 52 push edx ; \|Arg1 => 00000000 0042103B . E8 48AFFFFF call 0041BF88 ; \cck.0041BF88 00421040 . 83C4 1C add esp, 1C 00421043 . EB 47 jmp short 0042108C 00421045 > 8B4E 08 mov ecx, dword ptr [esi+8] ; Case 4 of switch 00420FA9 00421048 . 51 push ecx ; /Arg7 00421049 . 8B0D 00145500 mov ecx, dword ptr [551400] ; \| 0042104F . 8B46 04 mov eax, dword ptr [esi+4] ; \| 00421052 . 50 push eax ; \|Arg6 00421053 . 8B16 mov edx, dword ptr [esi] ; \| 00421055 . 52 push edx ; \|Arg5 00421056 . 68 32505500 push 00555032 ; \|cdkey[%d-%d-%d]在其他机器登陆，请勿在15分钟内重复登陆 0042105B . 6A 03 push 3 ; \|Arg3 = 00000003 0042105D . 6A 00 push 0 ; \|Arg2 = 00000000 0042105F . 51 push ecx ; \|Arg1 => 00000000 00421060 . E8 23AFFFFF call 0041BF88 ; \cck.0041BF88 00421065 . 83C4 1C add esp, 1C 00421068 . EB 22 jmp short 0042108C 0042106A > 8B46 08 mov eax, dword ptr [esi+8] ; Case 5 of switch 00420FA9 0042106D . 50 push eax ; /Arg7 0042106E . A1 00145500 mov eax, dword ptr [551400] ; \| 00421073 . 8B56 04 mov edx, dword ptr [esi+4] ; \| 00421076 . 52 push edx ; \|Arg6 00421077 . 8B0E mov ecx, dword ptr [esi] ; \| 00421079 . 51 push ecx ; \|Arg5 0042107A . 68 68505500 push 00555068 ; \|cdkey[%d-%d-%d]已经过期 0042107F . 6A 03 push 3 ; \|Arg3 = 00000003 00421081 . 6A 00 push 0 ; \|Arg2 = 00000000 00421083 . 50 push eax ; \|Arg1 => 00000000 00421084 . E8 FFAEFFFF call 0041BF88 ; \cck.0041BF88 00421089 . 83C4 1C add esp, 1C 0042108C > 8B55 F8 mov edx, dword ptr [ebp-8] ; Default case of switch 00420FA9 0042108F . 8B42 4C mov eax, dword ptr [edx+4C] 00421092 . 8B55 08 mov edx, dword ptr [ebp+8] 00421095 . 3B82 2C010200 cmp eax, dword ptr [edx+2012C] 0042109B . 72 0B jb short 004210A8 0042109D . 8B4D 08 mov ecx, dword ptr [ebp+8] 004210A0 . 8981 2C010200 mov dword ptr [ecx+2012C], eax 004210A6 . EB 1C jmp short 004210C4 004210A8 > 68 81505500 push 00555081 ; /cycle数据非法 004210AD . 6A 02 push 2 ; \|Arg3 = 00000002 004210AF . 6A 00 push 0 ; \|Arg2 = 00000000 004210B1 . A1 00145500 mov eax, dword ptr [551400] ; \| 004210B6 . 50 push eax ; \|Arg1 => 00000000 004210B7 . E8 CCAEFFFF call 0041BF88 ; \cck.0041BF88 004210BC . 83C4 10 add esp, 10 004210BF . 33D2 xor edx, edx 004210C1 . 8955 FC mov dword ptr [ebp-4], edx 004210C4 > FF45 EC inc dword ptr [ebp-14] 004210C7 . 8B4D EC mov ecx, dword ptr [ebp-14] 004210CA . 3B4D F0 cmp ecx, dword ptr [ebp-10] 004210CD .^ 0F8C DDFDFFFF jl 00420EB0 004210D3 > 837D FC 32 cmp dword ptr [ebp-4], 32 004210D7 . 7E 07 jle short 004210E0 004210D9 . C745 FC 32000>mov dword ptr [ebp-4], 32 004210E0 > 8B45 08 mov eax, dword ptr [ebp+8] 004210E3 . 8B90 44010200 mov edx, dword ptr [eax+20144] 004210E9 . 3B55 FC cmp edx, dword ptr [ebp-4] 004210EC . 7E 18 jle short 00421106 004210EE . 68 8F505500 push 0055508F ; /可用挂机数减少，请检查cdkey数量及正确性， 004210F3 . 6A 03 push 3 ; \|Arg3 = 00000003 004210F5 . 6A 00 push 0 ; \|Arg2 = 00000000 004210F7 . 8B0D 00145500 mov ecx, dword ptr [551400] ; \| 004210FD . 51 push ecx ; \|Arg1 => 00000000 004210FE . E8 85AEFFFF call 0041BF88 ; \cck.0041BF88 00421103 . 83C4 10 add esp, 10 00421106 > 8B45 08 mov eax, dword ptr [ebp+8] 00421109 . 8B55 FC mov edx, dword ptr [ebp-4] 0042110C . 8990 44010200 mov dword ptr [eax+20144], edx 00421112 . 33C0 xor eax, eax 00421114 . 8B55 F8 mov edx, dword ptr [ebp-8] 00421117 . 83C2 04 add edx, 4 0042111A > 8B1A mov ebx, dword ptr [edx] 0042111C . 8B4D F4 mov ecx, dword ptr [ebp-C] 0042111F . 03C8 add ecx, eax 00421121 . 3B1C8D 1C3A55>cmp ebx, dword ptr [ecx4+553A1C] 00421128 . 76 05 jbe short 0042112F 0042112A . 83C8 FF or eax, FFFFFFFF 0042112D . EB 5F jmp short 0042118E 0042112F > 83F8 0F cmp eax, 0F 00421132 . 74 11 je short 00421145 00421134 . 8B5A 4C mov ebx, dword ptr [edx+4C] 00421137 . 3B1C8D 5C3A55>cmp ebx, dword ptr [ecx*4+553A5C] 0042113E . 73 05 jnb short 00421145 00421140 . 83C8 FF or eax, FFFFFFFF 00421143 . EB 49 jmp short 0042118E 00421145 > 40 inc eax 00421146 . 83C2 04 add edx, 4 00421149 . 83F8 10 cmp eax, 10 0042114C .^ 7C CC jl short 0042111A 0042114E . 33DB xor ebx, ebx 00421150 . 33C9 xor ecx, ecx 00421152 . 8B45 F8 mov eax, dword ptr [ebp-8] 00421155 . 8D50 04 lea edx, dword ptr [eax+4] 00421158 > 8B02 mov eax, dword ptr [edx] 0042115A . 83E0 0F and eax, 0F 0042115D . 03D8 add ebx, eax 0042115F . 83F9 0F cmp ecx, 0F 00421162 . 74 08 je short 0042116C 00421164 . 8B42 4C mov eax, dword ptr [edx+4C] 00421167 . 83E0 0F and eax, 0F 0042116A . 03D8 add ebx, eax 0042116C > 41 inc ecx 0042116D . 83C2 04 add edx, 4 00421170 . 83F9 10 cmp ecx, 10 00421173 .^ 7C E3 jl short 00421158 00421175 . 8B55 F8 mov edx, dword ptr [ebp-8] 00421178 . 8B82 8C000000 mov eax, dword ptr [edx+8C] 0042117E . 25 FFFF0000 and eax, 0FFFF 00421183 . 3BC3 cmp eax, ebx 00421185 . 74 05 je short 0042118C 00421187 . 83C8 FF or eax, FFFFFFFF 0042118A . EB 02 jmp short 0042118E 0042118C > 33C0 xor eax, eax 0042118E > 5F pop edi 0042118F . 5E pop esi 00421190 . 5B pop ebx 00421191 . 8BE5 mov esp, ebp 00421193 . 5D pop ebp 00421194 . C3 retn 00421195 90 nop 00421196 90 nop 2007-3-30 11:51 0
tclma 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 11 回帖 59 粉丝 0 关注私信	tclma 27 楼 0041B374 . 53 push ebx 0041B375 . 56 push esi 0041B376 . A1 00145500 mov eax, dword ptr [551400] 0041B37B . 85C0 test eax, eax 0041B37D . 0F84 BC000000 je 0041B43F 0041B383 . 83B8 1C010200>cmp dword ptr [eax+2011C], 0 0041B38A . 0F84 AF000000 je 0041B43F 0041B390 . 33F6 xor esi, esi 0041B392 > 6A 00 push 0 ; /Arg5 = 00000000 0041B394 . A1 00145500 mov eax, dword ptr [551400] ; \| 0041B399 . 6A 00 push 0 ; \|Arg4 = 00000000 0041B39B . 68 AF220000 push 22AF ; \|Arg3 = 000022AF 0041B3A0 . 68 6F4A5500 push 00554A6F ; \|57.218.178.114 0041B3A5 . 8B90 1C010200 mov edx, dword ptr [eax+2011C] ; \| 0041B3AB . 52 push edx ; \|Arg1 0041B3AC . E8 3B5C0200 call 00440FEC ; \cck.00440FEC 0041B3B1 . 83C4 14 add esp, 14 0041B3B4 . 8BD8 mov ebx, eax 0041B3B6 . 84DB test bl, bl 0041B3B8 . 74 53 je short 0041B40D 0041B3BA . 6A 00 push 0 ; /Arg2 = 00000000 0041B3BC . A1 00145500 mov eax, dword ptr [551400] ; \| 0041B3C1 . 8B90 1C010200 mov edx, dword ptr [eax+2011C] ; \| 0041B3C7 . 52 push edx ; \|Arg1 0041B3C8 . E8 AB5C0200 call 00441078 ; \cck.00441078 0041B3CD . 83C4 08 add esp, 8 0041B3D0 . 8B0D 00145500 mov ecx, dword ptr [551400] 0041B3D6 . 8B81 1C010200 mov eax, dword ptr [ecx+2011C] 0041B3DC . 50 push eax ; /Arg1 0041B3DD . E8 A65C0200 call 00441088 ; \cck.00441088 0041B3E2 . 59 pop ecx 0041B3E3 . 84C0 test al, al 0041B3E5 . 75 50 jnz short 0041B437 0041B3E7 . A1 00145500 mov eax, dword ptr [551400] 0041B3EC . 8B90 1C010200 mov edx, dword ptr [eax+2011C] 0041B3F2 . 81C2 9C000000 add edx, 9C 0041B3F8 . 52 push edx ; /Arg5 0041B3F9 . 68 7E4A5500 push 00554A7E ; \|验证服务器-- %s... 0041B3FE . 6A 03 push 3 ; \|Arg3 = 00000003 0041B400 . 6A 00 push 0 ; \|Arg2 = 00000000 0041B402 . 50 push eax ; \|Arg1 => 00000000 0041B403 . E8 800B0000 call 0041BF88 ; \cck.0041BF88 0041B408 . 83C4 14 add esp, 14 0041B40B . EB 2A jmp short 0041B437 0041B40D > 46 inc esi 0041B40E . 6A 64 push 64 ; /Timeout = 100. ms 0041B410 . E8 174A1200 call <jmp.&kernel32.Sleep> ; \Sleep 0041B415 . 81FE 10270000 cmp esi, 2710 0041B41B . 7E 1A jle short 0041B437 0041B41D . 6A 03 push 3 ; /Arg2 = 00000003 0041B41F . 8B0D 00145500 mov ecx, dword ptr [551400] ; \| 0041B425 . 8B81 1C010200 mov eax, dword ptr [ecx+2011C] ; \| 0041B42B . 50 push eax ; \|Arg1 0041B42C . E8 475C0200 call 00441078 ; \cck.00441078 0041B431 . 83C4 08 add esp, 8 0041B434 . 5E pop esi 0041B435 . 5B pop ebx 0041B436 . C3 retn 0041B437 > 84DB test bl, bl 0041B439 .^ 0F84 53FFFFFF je 0041B392 0041B43F > 5E pop esi 0041B440 . 5B pop ebx 0041B441 . C3 retn 0041B442 90 nop 2007-3-30 12:02 0
nightsnek 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 1 粉丝 0 关注私信	nightsnek 28 楼好像这软件不是ASProtect 2.1x SKE的壳啊,PE查的是ASProtect 1.2x - 1.3x [Registered] -> Alexey Solodovnikov 2007-3-31 17:01 0
caifox 雪币： 229 活跃值： (70) 能力值： ( LV2，RANK：10 ) 在线值：发帖 7 回帖 39 粉丝 1 关注私信	caifox 29 楼不错不错,好好学习 2007-3-31 18:23 0
KuNgBiM 雪币： 817 活跃值： (1927) 能力值： ( LV12，RANK：2670 ) 在线值：发帖 500 回帖 2517 粉丝 20 关注私信	KuNgBiM 66 30 楼 [QUOTE=nightsnek;292743]好像这软件不是ASProtect 2.1x SKE的壳啊,PE查的是ASProtect 1.2x - 1.3x [Registered] -> Alexey Solodovnikov[/QUOTE] 用PEID的Vel插件查看 2007-3-31 18:35 0
xPLK 雪币： 375 活跃值： (12) 能力值： ( LV8，RANK：130 ) 在线值：发帖 18 回帖 705 粉丝 0 关注私信	xPLK 3 31 楼佩服佩服我也看过楼主在黑防上面发的文章都是很不错的～现在才发现是看雪的牛人 2007-3-31 20:33 0
feiproxy 雪币： 207 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 15 回帖 130 粉丝 0 关注私信	feiproxy 32 楼很早就联系老K 做这方面的项目老推辞。。。 2007-4-1 00:34 0
lenno 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 2 粉丝 0 关注私信	lenno 33 楼好东西可惜已经用不了了 2007-4-1 18:59 0
lenno 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 2 粉丝 0 关注私信	lenno 34 楼 Borland C++ 1999 这是什么用PE 看到的！！！ 2007-4-1 19:03 0
KuNgBiM 雪币： 817 活跃值： (1927) 能力值： ( LV12，RANK：2670 ) 在线值：发帖 500 回帖 2517 粉丝 20 关注私信	KuNgBiM 66 35 楼那是Borland公司推出的一款与VC++结构相似的编程语言 2007-4-1 23:57 0
lelfei 雪币： 6051 活跃值： (1441) 能力值： ( LV15，RANK：1473 ) 在线值：发帖 67 回帖 537 粉丝 16 关注私信	lelfei 23 36 楼好！收藏一下，以后遇到类似问题再来学习～ 2007-4-2 13:25 0
angelcom 雪币： 205 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 19 粉丝 0 关注私信	angelcom 37 楼牛啊虽然不怎么懂但是要收藏慢慢参透下 2007-4-2 21:15 0
huaizecun 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 1 回帖 4 粉丝 0 关注私信	huaizecun 38 楼我要向楼主学习, 2007-4-2 22:17 0
冰无情雪币： 181 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 2 回帖 7 粉丝 0 关注私信	冰无情 39 楼某个网络验证外挂，用一般工具无法确定“内壳”。OD多次调试后，发现“内壳”应该是一种反跟踪类代码。怎么也无法跟进，总是在关键指令位置循环不进。看了你这篇文章启发颇多啊。注：我对破解算还没入门。没人教啊，自己看资料，好多都看不明白意思呢。 2007-4-3 10:07 0
fengzhilv 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 2 粉丝 0 关注私信	fengzhilv 40 楼 111111 2007-4-3 14:17 0
冰无情雪币： 181 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 2 回帖 7 粉丝 0 关注私信	冰无情 41 楼 bpx closesocket 这个函数怎么会找不到呢？我查了很多API资料都没关于这个函数的。请问vb、vbs的游戏外挂网络验证该用什么命令下断点呢 2007-4-4 17:10 0
夜凉如水雪币： 136 活跃值： (105) 能力值： ( LV9，RANK：140 ) 在线值：发帖 18 回帖 719 粉丝 1 关注私信	夜凉如水 3 42 楼感谢你的精彩教程哈哈一个外挂又倒下了 2007-4-5 13:37 0
国产菜鸟雪币： 201 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 3 粉丝 0 关注私信	国产菜鸟 43 楼 2.5.2是一样的吗？ 2007-4-6 17:07 0
wmjm 雪币： 217 活跃值： (28) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 72 粉丝 0 关注私信	wmjm 44 楼好文章，认真学习一下。 2007-4-7 00:35 0
菜儿雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 7 回帖 193 粉丝 0 关注私信	菜儿 45 楼不错啊.支持K总.... 2007-4-7 07:18 0
binbinbin 雪币： 405 活跃值： (10) 能力值： ( LV9，RANK：1130 ) 在线值：发帖 51 回帖 690 粉丝 0 关注私信	binbinbin 28 46 楼哈哈。看到这篇文章我就眼睛一亮。谢谢楼主贡献精神 2007-4-7 10:23 0
arja 雪币： 205 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 13 回帖 58 粉丝 0 关注私信	arja 47 楼真的强！收藏了！！ 2007-4-8 14:22 0
marsjsb 雪币： 199 活跃值： (48) 能力值： ( LV2，RANK：10 ) 在线值：发帖 1 回帖 13 粉丝 0 关注私信	marsjsb 48 楼关于网络验证的文章太少了,强烈支持一下!! 简直可以用做一个标准教程了!! 收藏!!! 2007-4-9 19:48 0
清水一杯雪币： 128 活跃值： (13) 能力值： ( LV2，RANK：10 ) 在线值：发帖 8 回帖 29 粉丝 0 关注私信	清水一杯 49 楼看到这篇贴子我再也不能潜水了,顶!! 2007-4-9 20:03 0
yindy 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 1 粉丝 0 关注私信	yindy 50 楼开一代先风。有个问题请教老K：鄙人在调试一个软件的时候，它能检测出我正在调试它，然后他自己退出了。这该如何是好啊 2007-4-9 23:12 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

tclma

雪币： 200

活跃值： (10)

能力值：

( LV2，RANK：10 )

在线值：

发帖

11

回帖

59

粉丝

0

关注

私信

tclma: 26 楼

0042089C  /$  55          push ebp
0042089D  |.  8BEC       mov    ebp, esp
0042089F  |.  83C4 D4    add    esp, -2C
004208A2  |.  B8 205B5500 mov    eax, 00555B20
004208A7  |.  53          push ebx
004208A8  |.  56          push esi
004208A9  |.  8B5D 08    mov    ebx, dword ptr [ebp+8]
004208AC  |.  E8 5BC90F00 call 0051D20C
004208B1  |.  C683 41010200>mov    byte ptr [ebx+20141], 1
004208B8  |.  83BB 1C010200>cmp    dword ptr [ebx+2011C], 0
004208BF  |.  74 11       je    short 004208D2
004208C1  |.  B0 01       mov    al, 1
004208C3  |.  8B55 D8    mov    edx, dword ptr [ebp-28]
004208C6  |.  64:8915 00000>mov    dword ptr fs:[0], edx
004208CD  |.  E9 26010000 jmp    004209F8
004208D2  |>  68 E4010000 push 1E4                            ; /Arg1 = 000001E4
004208D7  |.  E8 30B60F00 call 0051BF0C                      ; \cck.0051BF0C
004208DC  |.  59          pop    ecx
004208DD  |.  8945 FC    mov    dword ptr [ebp-4], eax
004208E0  |.  85C0       test eax, eax
004208E2  |.  74 1B       je    short 004208FF
004208E4  |.  66:C745 E8 14>mov    word ptr [ebp-18], 14
004208EA  |.  8B55 FC    mov    edx, dword ptr [ebp-4]
004208ED  |.  52          push edx                            ; /Arg1
004208EE  |.  E8 45030200 call 00440C38                      ; \cck.00440C38
004208F3  |.  59          pop    ecx
004208F4  |.  66:C745 E8 08>mov    word ptr [ebp-18], 8
004208FA  |.  8B75 FC    mov    esi, dword ptr [ebp-4]
004208FD  |.  EB 03       jmp    short 00420902
004208FF  |>  8B75 FC    mov    esi, dword ptr [ebp-4]
00420902  |>  33C0       xor    eax, eax
00420904  |.  89B3 1C010200 mov    dword ptr [ebx+2011C], esi
0042090A  |.  8946 04    mov    dword ptr [esi+4], eax
0042090D  |.  33D2       xor    edx, edx
0042090F  |.  8956 44    mov    dword ptr [esi+44], edx
00420912  |.  33C9       xor    ecx, ecx
00420914  |.  C746 48 03000>mov    dword ptr [esi+48], 3
0042091B  |.  898B 20010200 mov    dword ptr [ebx+20120], ecx
00420921  |.  33C0       xor    eax, eax
00420923  |.  8983 28010200 mov    dword ptr [ebx+20128], eax
00420929  |.  8B83 38010200 mov    eax, dword ptr [ebx+20138]
0042092F  |.  85C0       test eax, eax
00420931  |.  74 1D       je    short 00420950
00420933  |.  8B93 3C010200 mov    edx, dword ptr [ebx+2013C]
00420939  |.  52          push edx                            ; /ExitCode
0042093A  |.  50          push eax                            ; |hThread
0042093B  |.  E8 F2F41100 call <jmp.&kernel32.TerminateThread>  ; \TerminateThread
00420940  |.  33C9       xor    ecx, ecx
00420942  |.  33C0       xor    eax, eax
00420944  |.  898B 3C010200 mov    dword ptr [ebx+2013C], ecx
0042094A  |.  8983 38010200 mov    dword ptr [ebx+20138], eax
00420950  |>  8D55 D4    lea    edx, dword ptr [ebp-2C]
00420953  |.  52          push edx                            ; /pThreadId
00420954  |.  6A 00       push 0                               ; |CreationFlags = 0
00420956  |.  6A 00       push 0                               ; |pThreadParm = NULL
00420958  |.  68 74B34100 push 0041B374                      ; |ThreadFunction = cck.0041B374
0042095D  |.  6A 00       push 0                               ; |StackSize = 0
0042095F  |.  6A 00       push 0                               ; |pSecurity = NULL
00420961  |.  E8 68F21100 call <jmp.&kernel32.CreateThread>    ; \CreateThread
00420966  |.  8BF0       mov    esi, eax
00420968  |.  89B3 38010200 mov    dword ptr [ebx+20138], esi
0042096E  |.  85F6       test esi, esi
00420970  |.  75 25       jnz    short 00420997
00420972  |.  68 314F5500 push 00554F31                      ; /认证连接线程创建失败！请尝试重启程序。如果多次发生该情况，请检查系统或联系客服
00420977  |.  6A 03       push 3                               ; |Arg3 = 00000003
00420979  |.  6A 00       push 0                               ; |Arg2 = 00000000
0042097B  |.  A1 00145500 mov    eax, dword ptr [551400]       ; |
00420980  |.  50          push eax                            ; |Arg1 => 00000000
00420981  |.  E8 02B6FFFF call 0041BF88                      ; \cck.0041BF88
00420986  |.  83C4 10    add    esp, 10
00420989  |.  33C0       xor    eax, eax
0042098B  |.  8B55 D8    mov    edx, dword ptr [ebp-28]
0042098E  |.  64:8915 00000>mov    dword ptr fs:[0], edx
00420995  |.  EB 61       jmp    short 004209F8
00420997  |>  8D8B 3C010200 lea    ecx, dword ptr [ebx+2013C]
0042099D  |.  51          push ecx                            ; /pExitCode
0042099E  |.  8B83 38010200 mov    eax, dword ptr [ebx+20138]    ; |
004209A4  |.  50          push eax                            ; |hThread
004209A5  |.  E8 CCF21100 call <jmp.&kernel32.GetExitCodeThread>; \GetExitCodeThread
004209AA  |.  85C0       test eax, eax
004209AC  |.  75 26       jnz    short 004209D4
004209AE  |.  68 814F5500 push 00554F81                      ; /认证连接线程exitcode获取失败！请尝试重启程序。如果多次发生该情况，请检查系统或联系客服
004209B3  |.  6A 03       push 3                               ; |Arg3 = 00000003
004209B5  |.  6A 00       push 0                               ; |Arg2 = 00000000
004209B7  |.  8B15 00145500 mov    edx, dword ptr [551400]       ; |
004209BD  |.  52          push edx                            ; |Arg1 => 00000000
004209BE  |.  E8 C5B5FFFF call 0041BF88                      ; \cck.0041BF88
004209C3  |.  83C4 10    add    esp, 10
004209C6  |.  33C0       xor    eax, eax
004209C8  |.  8B55 D8    mov    edx, dword ptr [ebp-28]
004209CB  |.  64:8915 00000>mov    dword ptr fs:[0], edx
004209D2  |.  EB 24       jmp    short 004209F8
004209D4  |>  68 D94F5500 push 00554FD9                      ; /认证启动
004209D9  |.  6A 03       push 3                               ; |Arg3 = 00000003
004209DB  |.  6A 00       push 0                               ; |Arg2 = 00000000
004209DD  |.  8B0D 00145500 mov    ecx, dword ptr [551400]       ; |
004209E3  |.  51          push ecx                            ; |Arg1 => 00000000
004209E4  |.  E8 9FB5FFFF call 0041BF88                      ; \cck.0041BF88
004209E9  |.  83C4 10    add    esp, 10
004209EC  |.  B0 01       mov    al, 1
004209EE  |.  8B55 D8    mov    edx, dword ptr [ebp-28]
004209F1  |.  64:8915 00000>mov    dword ptr fs:[0], edx
004209F8  |>  5E          pop    esi
004209F9  |.  5B          pop    ebx
004209FA  |.  8BE5       mov    esp, ebp
004209FC  |.  5D          pop    ebp
004209FD  \.  C3          retn
004209FE    90          nop
004209FF    90          nop
00420A00  /$  55          push ebp
00420A01  |.  8BEC       mov    ebp, esp
00420A03  |.  81C4 04F0FFFF add    esp, -0FFC
00420A09  |.  50          push eax
00420A0A  |.  83C4 F0    add    esp, -10
00420A0D  |.  803D 3C4A5500>cmp    byte ptr [554A3C], 0
00420A14  |.  53          push ebx
00420A15  |.  56          push esi
00420A16  |.  57          push edi
00420A17  |.  8B5D 08    mov    ebx, dword ptr [ebp+8]
00420A1A  |.  75 1B       jnz    short 00420A37
00420A1C  |.  80BB 48010200>cmp    byte ptr [ebx+20148], 0
00420A23  |.  74 12       je    short 00420A37
00420A25  |.  53          push ebx                            ; /Arg1
00420A26  |.  E8 71FEFFFF call 0042089C                      ; \cck.0042089C
00420A2B  |.  59          pop    ecx
00420A2C  |.  84C0       test al, al
00420A2E  |.  74 07       je    short 00420A37
00420A30  |.  C605 3C4A5500>mov    byte ptr [554A3C], 1
00420A37  |>  E8 C4F21100 call <jmp.&kernel32.GetTickCount>    ; [GetTickCount
00420A3C  |.  8945 FC    mov    dword ptr [ebp-4], eax
00420A3F  |.  8B83 14010200 mov    eax, dword ptr [ebx+20114]
00420A45  |.  85C0       test eax, eax
00420A47  |.  0F84 D3010000 je    00420C20
00420A4D  |.  8378 08 00 cmp    dword ptr [eax+8], 0
00420A51  |.  0F84 C9010000 je    00420C20
00420A57  |.  8B83 1C010200 mov    eax, dword ptr [ebx+2011C]
00420A5D  |.  85C0       test eax, eax
00420A5F  |.  0F84 BB010000 je    00420C20
00420A65  |.  50          push eax
00420A66  |.  E8 85070200 call 004411F0
00420A6B  |.  59          pop    ecx
00420A6C  |.  8B93 1C010200 mov    edx, dword ptr [ebx+2011C]
00420A72  |.  52          push edx                            ; /Arg1
00420A73  |.  E8 18040200 call 00440E90                      ; \cck.00440E90
00420A78  |.  59          pop    ecx
00420A79  |.  83F8 02    cmp    eax, 2
00420A7C  |.  0F85 5D010000 jnz    00420BDF
00420A82  |.  8B4D FC    mov    ecx, dword ptr [ebp-4]
00420A85  |.  2B8B 20010200 sub    ecx, dword ptr [ebx+20120]
00420A8B  |.  3B8B 24010200 cmp    ecx, dword ptr [ebx+20124]
00420A91  |.  0F86 07010000 jbe    00420B9E
00420A97  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
00420A9A  |.  8983 20010200 mov    dword ptr [ebx+20120], eax
00420AA0  |.  E8 5BF21100 call <jmp.&kernel32.GetTickCount>    ; [GetTickCount
00420AA5  |.  B9 E0930400 mov    ecx, 493E0
00420AAA  |.  33D2       xor    edx, edx
00420AAC  |.  F7F1       div    ecx
00420AAE  |.  8993 24010200 mov    dword ptr [ebx+20124], edx
00420AB4  |.  83BB 14010200>cmp    dword ptr [ebx+20114], 0
00420ABB  |.  74 0B       je    short 00420AC8
00420ABD  |.  8B83 14010200 mov    eax, dword ptr [ebx+20114]
00420AC3  |.  8B70 08    mov    esi, dword ptr [eax+8]
00420AC6  |.  EB 02       jmp    short 00420ACA
00420AC8  |>  33F6       xor    esi, esi
00420ACA  |>  8BFE       mov    edi, esi
00420ACC  |.  68 00100000 push 1000                            ; /Arg3 = 00001000
00420AD1  |.  C1E7 04    shl    edi, 4                         ; |
00420AD4  |.  8D85 F0EFFFFF lea    eax, dword ptr [ebp-1010]       ; |
00420ADA  |.  6A 00       push 0                               ; |Arg2 = 00000000
00420ADC  |.  50          push eax                            ; |Arg1
00420ADD  |.  81C7 94000000 add    edi, 94                         ; |
00420AE3  |.  E8 44C20F00 call 0051CD2C                      ; \cck.0051CD2C
00420AE8  |.  83C4 0C    add    esp, 0C
00420AEB  |.  8D95 F0EFFFFF lea    edx, dword ptr [ebp-1010]
00420AF1  |.  8955 F8    mov    dword ptr [ebp-8], edx
00420AF4  |.  8B4D F8    mov    ecx, dword ptr [ebp-8]
00420AF7  |.  66:8939    mov    word ptr [ecx], di
00420AFA  |.  8B45 F8    mov    eax, dword ptr [ebp-8]
00420AFD  |.  8B93 34010200 mov    edx, dword ptr [ebx+20134]
00420B03  |.  8950 48    mov    dword ptr [eax+48], edx
00420B06  |.  8B4D F8    mov    ecx, dword ptr [ebp-8]
00420B09  |.  8971 44    mov    dword ptr [ecx+44], esi
00420B0C  |.  8B45 F8    mov    eax, dword ptr [ebp-8]
00420B0F  |.  8B93 30010200 mov    edx, dword ptr [ebx+20130]
00420B15  |.  8950 4C    mov    dword ptr [eax+4C], edx
00420B18  |.  8B4D F8    mov    ecx, dword ptr [ebp-8]
00420B1B  |.  66:C741 02 00>mov    word ptr [ecx+2], 0
00420B21  |.  C745 F4 94000>mov    dword ptr [ebp-C], 94
00420B28  |.  8B83 14010200 mov    eax, dword ptr [ebx+20114]
00420B2E  |.  8B08       mov    ecx, dword ptr [eax]
00420B30  |.  85C9       test ecx, ecx
00420B32  |.  74 32       je    short 00420B66
00420B34  |>  8B41 10    /mov    eax, dword ptr [ecx+10]
00420B37  |.  8D95 F0EFFFFF |lea    edx, dword ptr [ebp-1010]
00420B3D  |.  0355 F4    |add    edx, dword ptr [ebp-C]
00420B40  |.  8B75 F4    |mov    esi, dword ptr [ebp-C]
00420B43  |.  83C6 10    |add    esi, 10
00420B46  |.  8975 F4    |mov    dword ptr [ebp-C], esi
00420B49  |.  8B30       |mov    esi, dword ptr [eax]
00420B4B  |.  8932       |mov    dword ptr [edx], esi
00420B4D  |.  8B70 04    |mov    esi, dword ptr [eax+4]
00420B50  |.  8972 04    |mov    dword ptr [edx+4], esi
00420B53  |.  8B70 08    |mov    esi, dword ptr [eax+8]
00420B56  |.  8972 08    |mov    dword ptr [edx+8], esi
00420B59  |.  8B40 10    |mov    eax, dword ptr [eax+10]
00420B5C  |.  8942 0C    |mov    dword ptr [edx+C], eax
00420B5F  |.  8B49 04    |mov    ecx, dword ptr [ecx+4]
00420B62  |.  85C9       |test ecx, ecx
00420B64  |.^ 75 CE       \jnz    short 00420B34
00420B66  |>  8D95 F0EFFFFF lea    edx, dword ptr [ebp-1010]
00420B6C  |.  52          push edx                            ; /Arg2
00420B6D  |.  53          push ebx                            ; |Arg1
00420B6E  |.  E8 09010000 call 00420C7C                      ; \cck.00420C7C
00420B73  |.  83C4 08    add    esp, 8
00420B76  |.  8D95 F0EFFFFF lea    edx, dword ptr [ebp-1010]
00420B7C  |.  6A FF       push -1                            ; /Arg5 = FFFFFFFF
00420B7E  |.  6A 01       push 1                               ; |Arg4 = 00000001
00420B80  |.  8B4D F8    mov    ecx, dword ptr [ebp-8]          ; |
00420B83  |.  0FB701       movzx eax, word ptr [ecx]             ; |
00420B86  |.  50          push eax                            ; |Arg3
00420B87  |.  52          push edx                            ; |Arg2
00420B88  |.  8B8B 1C010200 mov    ecx, dword ptr [ebx+2011C]    ; |
00420B8E  |.  51          push ecx                            ; |Arg1
00420B8F  |.  E8 080D0200 call 0044189C                      ; \cck.0044189C
00420B94  |.  83C4 14    add    esp, 14
00420B97  |.  C683 41010200>mov    byte ptr [ebx+20141], 0
00420B9E  |>  8B45 FC    mov    eax, dword ptr [ebp-4]
00420BA1  |.  2B83 28010200 sub    eax, dword ptr [ebx+20128]
00420BA7  |.  3D 204E0000 cmp    eax, 4E20
00420BAC  |.  76 31       jbe    short 00420BDF
00420BAE  |.  66:C745 F0 04>mov    word ptr [ebp-10], 4
00420BB4  |.  66:C745 F2 01>mov    word ptr [ebp-E], 1
00420BBA  |.  6A FF       push -1                            ; /Arg5 = FFFFFFFF
00420BBC  |.  6A 01       push 1                               ; |Arg4 = 00000001
00420BBE  |.  0FB755 F0    movzx edx, word ptr [ebp-10]          ; |
00420BC2  |.  52          push edx                            ; |Arg3
00420BC3  |.  8D4D F0    lea    ecx, dword ptr [ebp-10]       ; |
00420BC6  |.  51          push ecx                            ; |Arg2
00420BC7  |.  8B83 1C010200 mov    eax, dword ptr [ebx+2011C]    ; |
00420BCD  |.  50          push eax                            ; |Arg1
00420BCE  |.  E8 C90C0200 call 0044189C                      ; \cck.0044189C
00420BD3  |.  83C4 14    add    esp, 14
00420BD6  |.  8B55 FC    mov    edx, dword ptr [ebp-4]
00420BD9  |.  8993 28010200 mov    dword ptr [ebx+20128], edx
00420BDF  |>  8B8B 1C010200 mov    ecx, dword ptr [ebx+2011C]
00420BE5  |.  51          push ecx                            ; /Arg1
00420BE6  |.  E8 A5020200 call 00440E90                      ; \cck.00440E90
00420BEB  |.  59          pop    ecx
00420BEC  |.  83F8 04    cmp    eax, 4
00420BEF  |.  75 2F       jnz    short 00420C20
00420BF1  |.  803D 3D4A5500>cmp    byte ptr [554A3D], 0
00420BF8  |.  75 26       jnz    short 00420C20
00420BFA  |.  68 E24F5500 push 00554FE2                      ; /验证服务器断开链接.....
00420BFF  |.  6A 03       push 3                               ; |Arg3 = 00000003
00420C01  |.  6A 00       push 0                               ; |Arg2 = 00000000
00420C03  |.  A1 00145500 mov    eax, dword ptr [551400]       ; |
00420C08  |.  50          push eax                            ; |Arg1 => 00000000
00420C09  |.  E8 7AB3FFFF call 0041BF88                      ; \cck.0041BF88
00420C0E  |.  83C4 10    add    esp, 10
00420C11  |.  33D2       xor    edx, edx
00420C13  |.  8993 44010200 mov    dword ptr [ebx+20144], edx
00420C19  |.  C605 3D4A5500>mov    byte ptr [554A3D], 1
00420C20  |>  5F          pop    edi
00420C21  |.  5E          pop    esi
00420C22  |.  5B          pop    ebx
00420C23  |.  8BE5       mov    esp, ebp
00420C25  |.  5D          pop    ebp
00420C26  \.  C3          retn
00420C27    90          nop
00420C28  /$  55          push ebp
00420C29  |.  8BEC       mov    ebp, esp
00420C2B  |.  81C4 04F0FFFF add    esp, -0FFC
00420C31  |.  50          push eax
00420C32  |.  53          push ebx
00420C33  |.  8B45 0C    mov    eax, dword ptr [ebp+C]
00420C36  |.  8B5D 08    mov    ebx, dword ptr [ebp+8]
00420C39  |.  8BD0       mov    edx, eax
00420C3B  |.  66:837A 02 01 cmp    word ptr [edx+2], 1
00420C40  |.  74 33       je    short 00420C75
00420C42  |.  8B4D 10    mov    ecx, dword ptr [ebp+10]
00420C45  |.  51          push ecx                            ; /Arg3
00420C46  |.  50          push eax                            ; |Arg2
00420C47  |.  8D85 00F0FFFF lea    eax, dword ptr [ebp-1000]       ; |
00420C4D  |.  50          push eax                            ; |Arg1
00420C4E  |.  E8 69C00F00 call 0051CCBC                      ; \cck.0051CCBC
00420C53  |.  83C4 0C    add    esp, 0C
00420C56  |.  8D85 00F0FFFF lea    eax, dword ptr [ebp-1000]
00420C5C  |.  50          push eax
00420C5D  |.  53          push ebx
00420C5E  |.  E8 E1010000 call 00420E44
00420C63  |.  83C4 08    add    esp, 8
00420C66  |.  8B15 784C5900 mov    edx, dword ptr [594C78]       ;  cck._Form_Main
00420C6C  |.  8B0A       mov    ecx, dword ptr [edx]
00420C6E  |.  51          push ecx
00420C6F  |.  E8 0082FEFF call 00408E74
00420C74  |.  59          pop    ecx
00420C75  |>  5B          pop    ebx
00420C76  |.  8BE5       mov    esp, ebp
00420C78  |.  5D          pop    ebp
00420C79  \.  C3          retn
00420C7A    90          nop
00420C7B    90          nop
00420C7C  /$  55          push ebp
00420C7D  |.  8BEC       mov    ebp, esp
00420C7F  |.  83C4 F0    add    esp, -10
00420C82  |.  53          push ebx
00420C83  |.  56          push esi
00420C84  |.  57          push edi
00420C85  |.  8B45 0C    mov    eax, dword ptr [ebp+C]
00420C88  |.  8945 FC    mov    dword ptr [ebp-4], eax
00420C8B  |>  E8 8C78FFFF /call 0041851C
00420C90  |.  8BD8       |mov    ebx, eax
00420C92  |.  8B45 FC    |mov    eax, dword ptr [ebp-4]
00420C95  |.  8958 50    |mov    dword ptr [eax+50], ebx
00420C98  |.  81FB 00000010 |cmp    ebx, 10000000
00420C9E  |.^ 76 EB       \jbe    short 00420C8B
00420CA0  |.  8B55 FC    mov    edx, dword ptr [ebp-4]
00420CA3  |.  8B4A 44    mov    ecx, dword ptr [edx+44]
00420CA6  |.  894D F8    mov    dword ptr [ebp-8], ecx
00420CA9  |.  B9 BC030000 mov    ecx, 3BC
00420CAE  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
00420CB1  |.  8170 50 EF12B>xor    dword ptr [eax+50], 93B712EF
00420CB8  |.  8B55 FC    mov    edx, dword ptr [ebp-4]
00420CBB  |.  8B42 4C    mov    eax, dword ptr [edx+4C]
00420CBE  |.  33D2       xor    edx, edx
00420CC0  |.  F7F1       div    ecx
00420CC2  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
00420CC5  |.  8B4D FC    mov    ecx, dword ptr [ebp-4]
00420CC8  |.  8BFA       mov    edi, edx
00420CCA  |.  8B50 50    mov    edx, dword ptr [eax+50]
00420CCD  |.  3151 4C    xor    dword ptr [ecx+4C], edx
00420CD0  |.  8B55 FC    mov    edx, dword ptr [ebp-4]
00420CD3  |.  8B04BD 3C3A55>mov    eax, dword ptr [edi*4+553A3C]
00420CDA  |.  3142 44    xor    dword ptr [edx+44], eax
00420CDD  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
00420CE0  |.  8B0CBD 4C3A55>mov    ecx, dword ptr [edi*4+553A4C]
00420CE7  |.  3148 48    xor    dword ptr [eax+48], ecx
00420CEA  |.  33DB       xor    ebx, ebx
00420CEC  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
00420CEF  |.  8D50 04    lea    edx, dword ptr [eax+4]
00420CF2  |.  8955 F4    mov    dword ptr [ebp-C], edx
00420CF5  |>  8B4D F4    /mov    ecx, dword ptr [ebp-C]
00420CF8  |.  8BF1       |mov    esi, ecx
00420CFA  |.  E8 1D78FFFF |call 0041851C
00420CFF  |.  8906       |mov    dword ptr [esi], eax
00420D01  |.  8D043B       |lea    eax, dword ptr [ebx+edi]
00420D04  |.  8B1485 1C3A55>|mov    edx, dword ptr [eax*4+553A1C]
00420D0B  |.  3B16       |cmp    edx, dword ptr [esi]
00420D0D  |.^ 72 E6       |jb    short 00420CF5
00420D0F  |.  43          |inc    ebx
00420D10  |.  8345 F4 04 |add    dword ptr [ebp-C], 4
00420D14  |.  83FB 10    |cmp    ebx, 10
00420D17  |.^ 7C DC       \jl    short 00420CF5
00420D19  |.  33DB       xor    ebx, ebx
00420D1B  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
00420D1E  |.  8D50 54    lea    edx, dword ptr [eax+54]
00420D21  |.  8955 F0    mov    dword ptr [ebp-10], edx
00420D24  |>  8B4D F0    /mov    ecx, dword ptr [ebp-10]
00420D27  |.  8BF1       |mov    esi, ecx
00420D29  |.  E8 EE77FFFF |call 0041851C
00420D2E  |.  8D143B       |lea    edx, dword ptr [ebx+edi]
00420D31  |.  8906       |mov    dword ptr [esi], eax
00420D33  |.  8B06       |mov    eax, dword ptr [esi]
00420D35  |.  3B0495 5C3A55>|cmp    eax, dword ptr [edx*4+553A5C]
00420D3C  |.^ 72 E6       |jb    short 00420D24
00420D3E  |.  43          |inc    ebx
00420D3F  |.  8345 F0 04 |add    dword ptr [ebp-10], 4
00420D43  |.  83FB 10    |cmp    ebx, 10
00420D46  |.^ 7C DC       \jl    short 00420D24
00420D48  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
00420D4B  |.  33C9       xor    ecx, ecx
00420D4D  |.  33DB       xor    ebx, ebx
00420D4F  |.  8D50 04    lea    edx, dword ptr [eax+4]
00420D52  |>  8B02       /mov    eax, dword ptr [edx]
00420D54  |.  83E0 0F    |and    eax, 0F
00420D57  |.  03C8       |add    ecx, eax
00420D59  |.  83FB 0F    |cmp    ebx, 0F
00420D5C  |.  74 08       |je    short 00420D66
00420D5E  |.  8B42 50    |mov    eax, dword ptr [edx+50]
00420D61  |.  83E0 0F    |and    eax, 0F
00420D64  |.  03C8       |add    ecx, eax
00420D66  |>  43          |inc    ebx
00420D67  |.  83C2 04    |add    edx, 4
00420D6A  |.  83FB 10    |cmp    ebx, 10
00420D6D  |.^ 7C E3       \jl    short 00420D52
00420D6F  |.  8B55 FC    mov    edx, dword ptr [ebp-4]
00420D72  |.  33DB       xor    ebx, ebx
00420D74  |.  8B82 90000000 mov    eax, dword ptr [edx+90]
00420D7A  |.  25 0000FFFF and    eax, FFFF0000
00420D7F  |.  0BC1       or    eax, ecx
00420D81  |.  8B4D FC    mov    ecx, dword ptr [ebp-4]
00420D84  |.  8BD0       mov    edx, eax
00420D86  |.  8991 90000000 mov    dword ptr [ecx+90], edx
00420D8C  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
00420D8F  |.  3150 44    xor    dword ptr [eax+44], edx
00420D92  |.  8B55 FC    mov    edx, dword ptr [ebp-4]
00420D95  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
00420D98  |.  8B8A 90000000 mov    ecx, dword ptr [edx+90]
00420D9E  |.  3148 48    xor    dword ptr [eax+48], ecx
00420DA1  |.  33C0       xor    eax, eax
00420DA3  |.  3B5D F8    cmp    ebx, dword ptr [ebp-8]
00420DA6  |.  0F8D 8F000000 jge    00420E3B
00420DAC  |>  8BD3       /mov    edx, ebx
00420DAE  |.  C1E2 04    |shl    edx, 4
00420DB1  |.  0355 0C    |add    edx, dword ptr [ebp+C]
00420DB4  |.  81C2 94000000 |add    edx, 94
00420DBA  |.  8D0C38       |lea    ecx, dword ptr [eax+edi]
00420DBD  |.  81E1 FF030080 |and    ecx, 800003FF
00420DC3  |.  79 08       |jns    short 00420DCD
00420DC5  |.  49          |dec    ecx
00420DC6  |.  81C9 00FCFFFF |or    ecx, FFFFFC00
00420DCC  |.  41          |inc    ecx
00420DCD  |>  8B0C8D 1C3A55>|mov    ecx, dword ptr [ecx*4+553A1C]
00420DD4  |.  40          |inc    eax
00420DD5  |.  310A       |xor    dword ptr [edx], ecx
00420DD7  |.  8D0C38       |lea    ecx, dword ptr [eax+edi]
00420DDA  |.  81E1 FF030080 |and    ecx, 800003FF
00420DE0  |.  79 08       |jns    short 00420DEA
00420DE2  |.  49          |dec    ecx
00420DE3  |.  81C9 00FCFFFF |or    ecx, FFFFFC00
00420DE9  |.  41          |inc    ecx
00420DEA  |>  8B0C8D 1C3A55>|mov    ecx, dword ptr [ecx*4+553A1C]
00420DF1  |.  40          |inc    eax
00420DF2  |.  314A 04    |xor    dword ptr [edx+4], ecx
00420DF5  |.  8D0C38       |lea    ecx, dword ptr [eax+edi]
00420DF8  |.  81E1 FF030080 |and    ecx, 800003FF
00420DFE  |.  79 08       |jns    short 00420E08
00420E00  |.  49          |dec    ecx
00420E01  |.  81C9 00FCFFFF |or    ecx, FFFFFC00
00420E07  |.  41          |inc    ecx
00420E08  |>  8B0C8D 1C3A55>|mov    ecx, dword ptr [ecx*4+553A1C]
00420E0F  |.  40          |inc    eax
00420E10  |.  314A 08    |xor    dword ptr [edx+8], ecx
00420E13  |.  8D0C38       |lea    ecx, dword ptr [eax+edi]
00420E16  |.  81E1 FF030080 |and    ecx, 800003FF
00420E1C  |.  79 08       |jns    short 00420E26
00420E1E  |.  49          |dec    ecx
00420E1F  |.  81C9 00FCFFFF |or    ecx, FFFFFC00
00420E25  |.  41          |inc    ecx
00420E26  |>  8B0C8D 1C3A55>|mov    ecx, dword ptr [ecx*4+553A1C]
00420E2D  |.  314A 0C    |xor    dword ptr [edx+C], ecx
00420E30  |.  40          |inc    eax
00420E31  |.  43          |inc    ebx
00420E32  |.  3B5D F8    |cmp    ebx, dword ptr [ebp-8]
00420E35  |.^ 0F8C 71FFFFFF \jl    00420DAC
00420E3B  |>  5F          pop    edi
00420E3C  |.  5E          pop    esi
00420E3D  |.  5B          pop    ebx
00420E3E  |.  8BE5       mov    esp, ebp
00420E40  |.  5D          pop    ebp
00420E41  \.  C3          retn
00420E42    90          nop
00420E43    90          nop
00420E44 $  55          push ebp
00420E45 .  8BEC       mov    ebp, esp
00420E47 .  83C4 B8    add    esp, -48
00420E4A .  33C0       xor    eax, eax
00420E4C .  53          push ebx
00420E4D .  56          push esi
00420E4E .  57          push edi
00420E4F .  8945 FC    mov    dword ptr [ebp-4], eax
00420E52 .  8B55 0C    mov    edx, dword ptr [ebp+C]
00420E55 .  8955 F8    mov    dword ptr [ebp-8], edx
00420E58 .  33D2       xor    edx, edx
00420E5A .  8B4D F8    mov    ecx, dword ptr [ebp-8]
00420E5D .  8171 44 31323>xor    dword ptr [ecx+44], 88313231
00420E64 .  8B45 F8    mov    eax, dword ptr [ebp-8]
00420E67 .  B9 BC030000 mov    ecx, 3BC
00420E6C .  8B40 44    mov    eax, dword ptr [eax+44]
00420E6F .  F7F1       div    ecx
00420E71 .  8955 F4    mov    dword ptr [ebp-C], edx
00420E74 .  8B45 F4    mov    eax, dword ptr [ebp-C]
00420E77 .  8B4D F8    mov    ecx, dword ptr [ebp-8]
00420E7A .  8B1485 383A55>mov    edx, dword ptr [eax*4+553A38]
00420E81 .  3151 48    xor    dword ptr [ecx+48], edx
00420E84 .  8B45 F4    mov    eax, dword ptr [ebp-C]
00420E87 .  8B4D F8    mov    ecx, dword ptr [ebp-8]
00420E8A .  8B1485 483A55>mov    edx, dword ptr [eax*4+553A48]
00420E91 .  3151 4C    xor    dword ptr [ecx+4C], edx
00420E94 .  33FF       xor    edi, edi
00420E96 .  8B45 F8    mov    eax, dword ptr [ebp-8]
00420E99 .  8B50 48    mov    edx, dword ptr [eax+48]
00420E9C .  8955 F0    mov    dword ptr [ebp-10], edx
00420E9F .  33C0       xor    eax, eax
00420EA1 .  8945 EC    mov    dword ptr [ebp-14], eax
00420EA4 .  8B55 EC    mov    edx, dword ptr [ebp-14]
00420EA7 .  3B55 F0    cmp    edx, dword ptr [ebp-10]
00420EAA .  0F8D 23020000 jge    004210D3
00420EB0 >  8B5D EC    mov    ebx, dword ptr [ebp-14]
00420EB3 .  8B45 F4    mov    eax, dword ptr [ebp-C]
00420EB6 .  C1E3 02    shl    ebx, 2
00420EB9 .  03C7       add    eax, edi
00420EBB .  8D1C5B       lea    ebx, dword ptr [ebx+ebx*2]
00420EBE .  035D 0C    add    ebx, dword ptr [ebp+C]
00420EC1 .  81C3 90000000 add    ebx, 90
00420EC7 .  25 FF030080 and    eax, 800003FF
00420ECC .  79 07       jns    short 00420ED5
00420ECE .  48          dec    eax
00420ECF .  0D 00FCFFFF or    eax, FFFFFC00
00420ED4 .  40          inc    eax
00420ED5 >  8B1485 1C3A55>mov    edx, dword ptr [eax*4+553A1C]
00420EDC .  3113       xor    dword ptr [ebx], edx
00420EDE .  8B0B       mov    ecx, dword ptr [ebx]
00420EE0 .  51          push ecx                            ; /Arg2
00420EE1 .  8B45 08    mov    eax, dword ptr [ebp+8]          ; |
00420EE4 .  50          push eax                            ; |Arg1
00420EE5 .  E8 7EF8FFFF call 00420768                      ; \cck.00420768
00420EEA .  83C4 08    add    esp, 8
00420EED .  8BF0       mov    esi, eax
00420EEF .  47          inc    edi
00420EF0 .  8B45 F4    mov    eax, dword ptr [ebp-C]
00420EF3 .  03C7       add    eax, edi
00420EF5 .  25 FF030080 and    eax, 800003FF
00420EFA .  79 07       jns    short 00420F03
00420EFC .  48          dec    eax
00420EFD .  0D 00FCFFFF or    eax, FFFFFC00
00420F02 .  40          inc    eax
00420F03 >  8B1485 1C3A55>mov    edx, dword ptr [eax*4+553A1C]
00420F0A .  3153 04    xor    dword ptr [ebx+4], edx
00420F0D .  47          inc    edi
00420F0E .  8B4D F4    mov    ecx, dword ptr [ebp-C]
00420F11 .  03CF       add    ecx, edi
00420F13 .  81E1 FF030080 and    ecx, 800003FF
00420F19 .  79 08       jns    short 00420F23
00420F1B .  49          dec    ecx
00420F1C .  81C9 00FCFFFF or    ecx, FFFFFC00
00420F22 .  41          inc    ecx
00420F23 >  8B048D 1C3A55>mov    eax, dword ptr [ecx*4+553A1C]
00420F2A .  3143 08    xor    dword ptr [ebx+8], eax
00420F2D .  85F6       test esi, esi
00420F2F .  8B55 08    mov    edx, dword ptr [ebp+8]
00420F32 .  8B4B 08    mov    ecx, dword ptr [ebx+8]
00420F35 .  898A 30010200 mov    dword ptr [edx+20130], ecx
00420F3B .  74 06       je    short 00420F43
00420F3D .  8B43 08    mov    eax, dword ptr [ebx+8]
00420F40 .  8946 10    mov    dword ptr [esi+10], eax
00420F43 >  47          inc    edi
00420F44 .  8B43 04    mov    eax, dword ptr [ebx+4]
00420F47 .  3D FF000000 cmp    eax, 0FF
00420F4C .  76 18       jbe    short 00420F66
00420F4E .  25 00FF0000 and    eax, 0FF00
00420F53 .  C1E8 08    shr    eax, 8
00420F56 .  85F6       test esi, esi
00420F58 .  74 43       je    short 00420F9D
00420F5A .  66:8946 0C mov    word ptr [esi+C], ax
00420F5E .  66:C746 0E 02>mov    word ptr [esi+E], 2
00420F64 .  EB 37       jmp    short 00420F9D
00420F66 >  8B53 04    mov    edx, dword ptr [ebx+4]
00420F69 .  4A          dec    edx                            ;  Switch (cases 1..4)
00420F6A .  74 0B       je    short 00420F77
00420F6C .  4A          dec    edx
00420F6D .  74 10       je    short 00420F7F
00420F6F .  4A          dec    edx
00420F70 .  74 15       je    short 00420F87
00420F72 .  4A          dec    edx
00420F73 .  74 1A       je    short 00420F8F
00420F75 .  EB 20       jmp    short 00420F97
00420F77 >  66:C746 0E 03>mov    word ptr [esi+E], 3             ;  Case 1 of switch 00420F69
00420F7D .  EB 1E       jmp    short 00420F9D
00420F7F >  66:C746 0E 03>mov    word ptr [esi+E], 3             ;  Case 2 of switch 00420F69
00420F85 .  EB 16       jmp    short 00420F9D
00420F87 >  66:C746 0E 04>mov    word ptr [esi+E], 4             ;  Case 3 of switch 00420F69
00420F8D .  EB 0E       jmp    short 00420F9D
00420F8F >  66:C746 0E 05>mov    word ptr [esi+E], 5             ;  Case 4 of switch 00420F69
00420F95 .  EB 06       jmp    short 00420F9D
00420F97 >  66:C746 0E 03>mov    word ptr [esi+E], 3             ;  Default case of switch 00420F69
00420F9D >  85F6       test esi, esi
00420F9F .  0F84 E7000000 je    0042108C
00420FA5 .  0FB74E 0E    movzx ecx, word ptr [esi+E]
00420FA9 .  83F9 05    cmp    ecx, 5                         ;  Switch (cases 2..5)
00420FAC .  0F87 DA000000 ja    0042108C
00420FB2 .  FF248D B90F42>jmp    dword ptr [ecx*4+420FB9]
00420FB9 .  8C104200    dd    cck.0042108C                   ;  分支表被用于 00420FB2
00420FBD .  8C104200    dd    cck.0042108C
00420FC1 .  D60F4200    dd    cck.00420FD6
00420FC5 .  20104200    dd    cck.00421020
00420FC9 .  45104200    dd    cck.00421045
00420FCD .  6A104200    dd    cck.0042106A
00420FD1 .  E9 B6000000 jmp    0042108C
00420FD6 >  8B06       mov    eax, dword ptr [esi]          ;  Case 2 of switch 00420FA9
00420FD8 .  8D55 B8    lea    edx, dword ptr [ebp-48]
00420FDB .  50          push eax                            ; /Arg3
00420FDC .  68 FA4F5500 push 00554FFA                      ; |%d
00420FE1 .  52          push edx                            ; |Arg1
00420FE2 .  E8 7DF80F00 call 00520864                      ; \cck.00520864
00420FE7 .  83C4 0C    add    esp, 0C
00420FEA .  0FBE4D B8    movsx ecx, byte ptr [ebp-48]
00420FEE .  83F9 32    cmp    ecx, 32
00420FF1 .  75 06       jnz    short 00420FF9
00420FF3 .  8345 FC 32 add    dword ptr [ebp-4], 32
00420FF7 .  EB 03       jmp    short 00420FFC
00420FF9 >  FF45 FC    inc    dword ptr [ebp-4]
00420FFC >  8B46 08    mov    eax, dword ptr [esi+8]
00420FFF .  50          push eax                            ; /Arg7
00421000 .  A1 00145500 mov    eax, dword ptr [551400]       ; |
00421005 .  8B56 04    mov    edx, dword ptr [esi+4]          ; |
00421008 .  52          push edx                            ; |Arg6
00421009 .  8B0E       mov    ecx, dword ptr [esi]          ; |
0042100B .  51          push ecx                            ; |Arg5
0042100C .  68 FD4F5500 push 00554FFD                      ; |cdkey[%d-%d-%d]验证成功
00421011 .  6A 01       push 1                               ; |Arg3 = 00000001
00421013 .  6A 00       push 0                               ; |Arg2 = 00000000
00421015 .  50          push eax                            ; |Arg1 => 00000000
00421016 .  E8 6DAFFFFF call 0041BF88                      ; \cck.0041BF88
0042101B .  83C4 1C    add    esp, 1C
0042101E .  EB 6C       jmp    short 0042108C
00421020 >  8B56 08    mov    edx, dword ptr [esi+8]          ;  Case 3 of switch 00420FA9
00421023 .  52          push edx                            ; /Arg7
00421024 .  8B15 00145500 mov    edx, dword ptr [551400]       ; |
0042102A .  8B4E 04    mov    ecx, dword ptr [esi+4]          ; |
0042102D .  51          push ecx                            ; |Arg6
0042102E .  8B06       mov    eax, dword ptr [esi]          ; |
00421030 .  50          push eax                            ; |Arg5
00421031 .  68 16505500 push 00555016                      ; |cdkey[%d-%d-%d]错误，请核对
00421036 .  6A 03       push 3                               ; |Arg3 = 00000003
00421038 .  6A 00       push 0                               ; |Arg2 = 00000000
0042103A .  52          push edx                            ; |Arg1 => 00000000
0042103B .  E8 48AFFFFF call 0041BF88                      ; \cck.0041BF88
00421040 .  83C4 1C    add    esp, 1C
00421043 .  EB 47       jmp    short 0042108C
00421045 >  8B4E 08    mov    ecx, dword ptr [esi+8]          ;  Case 4 of switch 00420FA9
00421048 .  51          push ecx                            ; /Arg7
00421049 .  8B0D 00145500 mov    ecx, dword ptr [551400]       ; |
0042104F .  8B46 04    mov    eax, dword ptr [esi+4]          ; |
00421052 .  50          push eax                            ; |Arg6
00421053 .  8B16       mov    edx, dword ptr [esi]          ; |
00421055 .  52          push edx                            ; |Arg5
00421056 .  68 32505500 push 00555032                      ; |cdkey[%d-%d-%d]在其他机器登陆，请勿在15分钟内重复登陆
0042105B .  6A 03       push 3                               ; |Arg3 = 00000003
0042105D .  6A 00       push 0                               ; |Arg2 = 00000000
0042105F .  51          push ecx                            ; |Arg1 => 00000000
00421060 .  E8 23AFFFFF call 0041BF88                      ; \cck.0041BF88
00421065 .  83C4 1C    add    esp, 1C
00421068 .  EB 22       jmp    short 0042108C
0042106A >  8B46 08    mov    eax, dword ptr [esi+8]          ;  Case 5 of switch 00420FA9
0042106D .  50          push eax                            ; /Arg7
0042106E .  A1 00145500 mov    eax, dword ptr [551400]       ; |
00421073 .  8B56 04    mov    edx, dword ptr [esi+4]          ; |
00421076 .  52          push edx                            ; |Arg6
00421077 .  8B0E       mov    ecx, dword ptr [esi]          ; |
00421079 .  51          push ecx                            ; |Arg5
0042107A .  68 68505500 push 00555068                      ; |cdkey[%d-%d-%d]已经过期
0042107F .  6A 03       push 3                               ; |Arg3 = 00000003
00421081 .  6A 00       push 0                               ; |Arg2 = 00000000
00421083 .  50          push eax                            ; |Arg1 => 00000000
00421084 .  E8 FFAEFFFF call 0041BF88                      ; \cck.0041BF88
00421089 .  83C4 1C    add    esp, 1C
0042108C >  8B55 F8    mov    edx, dword ptr [ebp-8]          ;  Default case of switch 00420FA9
0042108F .  8B42 4C    mov    eax, dword ptr [edx+4C]
00421092 .  8B55 08    mov    edx, dword ptr [ebp+8]
00421095 .  3B82 2C010200 cmp    eax, dword ptr [edx+2012C]
0042109B .  72 0B       jb    short 004210A8
0042109D .  8B4D 08    mov    ecx, dword ptr [ebp+8]
004210A0 .  8981 2C010200 mov    dword ptr [ecx+2012C], eax
004210A6 .  EB 1C       jmp    short 004210C4
004210A8 >  68 81505500 push 00555081                      ; /cycle数据非法
004210AD .  6A 02       push 2                               ; |Arg3 = 00000002
004210AF .  6A 00       push 0                               ; |Arg2 = 00000000
004210B1 .  A1 00145500 mov    eax, dword ptr [551400]       ; |
004210B6 .  50          push eax                            ; |Arg1 => 00000000
004210B7 .  E8 CCAEFFFF call 0041BF88                      ; \cck.0041BF88
004210BC .  83C4 10    add    esp, 10
004210BF .  33D2       xor    edx, edx
004210C1 .  8955 FC    mov    dword ptr [ebp-4], edx
004210C4 >  FF45 EC    inc    dword ptr [ebp-14]
004210C7 .  8B4D EC    mov    ecx, dword ptr [ebp-14]
004210CA .  3B4D F0    cmp    ecx, dword ptr [ebp-10]
004210CD .^ 0F8C DDFDFFFF jl    00420EB0
004210D3 >  837D FC 32 cmp    dword ptr [ebp-4], 32
004210D7 .  7E 07       jle    short 004210E0
004210D9 .  C745 FC 32000>mov    dword ptr [ebp-4], 32
004210E0 >  8B45 08    mov    eax, dword ptr [ebp+8]
004210E3 .  8B90 44010200 mov    edx, dword ptr [eax+20144]
004210E9 .  3B55 FC    cmp    edx, dword ptr [ebp-4]
004210EC .  7E 18       jle    short 00421106
004210EE .  68 8F505500 push 0055508F                      ; /可用挂机数减少，请检查cdkey数量及正确性，
004210F3 .  6A 03       push 3                               ; |Arg3 = 00000003
004210F5 .  6A 00       push 0                               ; |Arg2 = 00000000
004210F7 .  8B0D 00145500 mov    ecx, dword ptr [551400]       ; |
004210FD .  51          push ecx                            ; |Arg1 => 00000000
004210FE .  E8 85AEFFFF call 0041BF88                      ; \cck.0041BF88
00421103 .  83C4 10    add    esp, 10
00421106 >  8B45 08    mov    eax, dword ptr [ebp+8]
00421109 .  8B55 FC    mov    edx, dword ptr [ebp-4]
0042110C .  8990 44010200 mov    dword ptr [eax+20144], edx
00421112 .  33C0       xor    eax, eax
00421114 .  8B55 F8    mov    edx, dword ptr [ebp-8]
00421117 .  83C2 04    add    edx, 4
0042111A >  8B1A       mov    ebx, dword ptr [edx]
0042111C .  8B4D F4    mov    ecx, dword ptr [ebp-C]
0042111F .  03C8       add    ecx, eax
00421121 .  3B1C8D 1C3A55>cmp    ebx, dword ptr [ecx*4+553A1C]
00421128 .  76 05       jbe    short 0042112F
0042112A .  83C8 FF    or    eax, FFFFFFFF
0042112D .  EB 5F       jmp    short 0042118E
0042112F >  83F8 0F    cmp    eax, 0F
00421132 .  74 11       je    short 00421145
00421134 .  8B5A 4C    mov    ebx, dword ptr [edx+4C]
00421137 .  3B1C8D 5C3A55>cmp    ebx, dword ptr [ecx*4+553A5C]
0042113E .  73 05       jnb    short 00421145
00421140 .  83C8 FF    or    eax, FFFFFFFF
00421143 .  EB 49       jmp    short 0042118E
00421145 >  40          inc    eax
00421146 .  83C2 04    add    edx, 4
00421149 .  83F8 10    cmp    eax, 10
0042114C .^ 7C CC       jl    short 0042111A
0042114E .  33DB       xor    ebx, ebx
00421150 .  33C9       xor    ecx, ecx
00421152 .  8B45 F8    mov    eax, dword ptr [ebp-8]
00421155 .  8D50 04    lea    edx, dword ptr [eax+4]
00421158 >  8B02       mov    eax, dword ptr [edx]
0042115A .  83E0 0F    and    eax, 0F
0042115D .  03D8       add    ebx, eax
0042115F .  83F9 0F    cmp    ecx, 0F
00421162 .  74 08       je    short 0042116C
00421164 .  8B42 4C    mov    eax, dword ptr [edx+4C]
00421167 .  83E0 0F    and    eax, 0F
0042116A .  03D8       add    ebx, eax
0042116C >  41          inc    ecx
0042116D .  83C2 04    add    edx, 4
00421170 .  83F9 10    cmp    ecx, 10
00421173 .^ 7C E3       jl    short 00421158
00421175 .  8B55 F8    mov    edx, dword ptr [ebp-8]
00421178 .  8B82 8C000000 mov    eax, dword ptr [edx+8C]
0042117E .  25 FFFF0000 and    eax, 0FFFF
00421183 .  3BC3       cmp    eax, ebx
00421185 .  74 05       je    short 0042118C
00421187 .  83C8 FF    or    eax, FFFFFFFF
0042118A .  EB 02       jmp    short 0042118E
0042118C >  33C0       xor    eax, eax
0042118E >  5F          pop    edi
0042118F .  5E          pop    esi
00421190 .  5B          pop    ebx
00421191 .  8BE5       mov    esp, ebp
00421193 .  5D          pop    ebp
00421194 .  C3          retn
00421195    90          nop
00421196    90          nop

2007-3-30 11:51

0

tclma

雪币： 200

活跃值： (10)

能力值：

( LV2，RANK：10 )

在线值：

发帖

11

回帖

59

粉丝

0

关注

私信

tclma: 27 楼

0041B374 .  53          push ebx
0041B375 .  56          push esi
0041B376 .  A1 00145500 mov    eax, dword ptr [551400]
0041B37B .  85C0       test eax, eax
0041B37D .  0F84 BC000000 je    0041B43F
0041B383 .  83B8 1C010200>cmp    dword ptr [eax+2011C], 0
0041B38A .  0F84 AF000000 je    0041B43F
0041B390 .  33F6       xor    esi, esi
0041B392 >  6A 00       push 0                               ; /Arg5 = 00000000
0041B394 .  A1 00145500 mov    eax, dword ptr [551400]       ; |
0041B399 .  6A 00       push 0                               ; |Arg4 = 00000000
0041B39B .  68 AF220000 push 22AF                            ; |Arg3 = 000022AF
0041B3A0 .  68 6F4A5500 push 00554A6F                      ; |57.218.178.114
0041B3A5 .  8B90 1C010200 mov    edx, dword ptr [eax+2011C]    ; |
0041B3AB .  52          push edx                            ; |Arg1
0041B3AC .  E8 3B5C0200 call 00440FEC                      ; \cck.00440FEC
0041B3B1 .  83C4 14    add    esp, 14
0041B3B4 .  8BD8       mov    ebx, eax
0041B3B6 .  84DB       test bl, bl
0041B3B8 .  74 53       je    short 0041B40D
0041B3BA .  6A 00       push 0                               ; /Arg2 = 00000000
0041B3BC .  A1 00145500 mov    eax, dword ptr [551400]       ; |
0041B3C1 .  8B90 1C010200 mov    edx, dword ptr [eax+2011C]    ; |
0041B3C7 .  52          push edx                            ; |Arg1
0041B3C8 .  E8 AB5C0200 call 00441078                      ; \cck.00441078
0041B3CD .  83C4 08    add    esp, 8
0041B3D0 .  8B0D 00145500 mov    ecx, dword ptr [551400]
0041B3D6 .  8B81 1C010200 mov    eax, dword ptr [ecx+2011C]
0041B3DC .  50          push eax                            ; /Arg1
0041B3DD .  E8 A65C0200 call 00441088                      ; \cck.00441088
0041B3E2 .  59          pop    ecx
0041B3E3 .  84C0       test al, al
0041B3E5 .  75 50       jnz    short 0041B437
0041B3E7 .  A1 00145500 mov    eax, dword ptr [551400]
0041B3EC .  8B90 1C010200 mov    edx, dword ptr [eax+2011C]
0041B3F2 .  81C2 9C000000 add    edx, 9C
0041B3F8 .  52          push edx                            ; /Arg5
0041B3F9 .  68 7E4A5500 push 00554A7E                      ; |验证服务器-- %s...
0041B3FE .  6A 03       push 3                               ; |Arg3 = 00000003
0041B400 .  6A 00       push 0                               ; |Arg2 = 00000000
0041B402 .  50          push eax                            ; |Arg1 => 00000000
0041B403 .  E8 800B0000 call 0041BF88                      ; \cck.0041BF88
0041B408 .  83C4 14    add    esp, 14
0041B40B .  EB 2A       jmp    short 0041B437
0041B40D >  46          inc    esi
0041B40E .  6A 64       push 64                            ; /Timeout = 100. ms
0041B410 .  E8 174A1200 call <jmp.&kernel32.Sleep>          ; \Sleep
0041B415 .  81FE 10270000 cmp    esi, 2710
0041B41B .  7E 1A       jle    short 0041B437
0041B41D .  6A 03       push 3                               ; /Arg2 = 00000003
0041B41F .  8B0D 00145500 mov    ecx, dword ptr [551400]       ; |
0041B425 .  8B81 1C010200 mov    eax, dword ptr [ecx+2011C]    ; |
0041B42B .  50          push eax                            ; |Arg1
0041B42C .  E8 475C0200 call 00441078                      ; \cck.00441078
0041B431 .  83C4 08    add    esp, 8
0041B434 .  5E          pop    esi
0041B435 .  5B          pop    ebx
0041B436 .  C3          retn
0041B437 >  84DB       test bl, bl
0041B439 .^ 0F84 53FFFFFF je    0041B392
0041B43F >  5E          pop    esi
0041B440 .  5B          pop    ebx
0041B441 .  C3          retn
0041B442    90          nop

2007-3-30 12:02

0