004A6842 |. 8A694A00 DD A7DC8_.004A698A
004A6846 |. 78694A00 DD A7DC8_.004A6978
004A684A |. 66694A00 DD A7DC8_.004A6966
004A684E |. 54694A00 DD A7DC8_.004A6954
004A6852 |. 3F694A00 DD A7DC8_.004A693F
004A6856 |. 2A694A00 DD A7DC8_.004A692A
004A685A |. 15694A00 DD A7DC8_.004A6915
004A685E |. 00694A00 DD A7DC8_.004A6900
004A6862 |. EB684A00 DD A7DC8_.004A68EB
004A6866 |. D6684A00 DD A7DC8_.004A68D6
004A686A |. C1684A00 DD A7DC8_.004A68C1
004A686E |. 8B684A00 DD A7DC8_.004A688B
004A6872 |. 76684A00 DD A7DC8_.004A6876
004A6876 |> BA A46A4A00 MOV EDX,A7DC8_.004A6AA4 ; Case 0 of switch 004A682B
004A687B |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390]
004A6881 |. E8 6236FAFF CALL A7DC8_.00449EE8
004A6886 |. E9 58010000 JMP A7DC8_.004A69E3
004A688B |> 68 D86A4A00 PUSH A7DC8_.004A6AD8 ; Case FFFFFFFF of switch 004A682B
004A6890 |. FFB6 B4030000 PUSH DWORD PTR DS:[ESI+3B4]
004A6896 |. 68 F06A4A00 PUSH A7DC8_.004A6AF0
004A689B |. 8D85 E8FDFFFF LEA EAX,DWORD PTR SS:[EBP-218]
004A68A1 |. BA 03000000 MOV EDX,3
004A68A6 |. E8 35DDF5FF CALL A7DC8_.004045E0
004A68AB |. 8B95 E8FDFFFF MOV EDX,DWORD PTR SS:[EBP-218]
004A68B1 |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390]
004A68B7 |. E8 2C36FAFF CALL A7DC8_.00449EE8
004A68BC |. E9 22010000 JMP A7DC8_.004A69E3
004A68C1 |> BA 006B4A00 MOV EDX,A7DC8_.004A6B00 ; 帐/密错误; Case FFFFFFFE of switch 004A682B
004A68C6 |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390]
004A68CC |. E8 1736FAFF CALL A7DC8_.00449EE8
004A68D1 |. E9 0D010000 JMP A7DC8_.004A69E3
关键跳转在004A6842-004A6876处,可是为什么我该成JMP等命令都不成功啊~
004A6876是密码帐户正确的地址,请问怎么才能实现~
[课程]FART 脱壳王!加量不加价!FART作者讲授!