[求助]很简单的IF ELSE END IF, VB反汇编，高手帮看看-软件逆向-看雪-安全社区|安全招聘|kanxue.com

最新回复 (4)
bios 雪币： 219 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 5 回帖 58 粉丝 0 关注私信	bios 2 楼目前用VB编的软件还是比较安全的. 2007-5-10 13:31 0
qinyuanwei 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 23 粉丝 0 关注私信	qinyuanwei 3 楼那VB的EXE怎么破？ 2007-5-10 13:45 0
qinyuanwei 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 23 粉丝 0 关注私信	qinyuanwei 4 楼高手和菜鸟一起帮我找，急！！！！呀。它的全部代码：＝＝＝＝＝＝＝＝＝＝＝＝＝＝ 004019BE CC INT3 004019BF CC INT3 004019C0 > 55 PUSH EBP 004019C1 . 8BEC MOV EBP,ESP 004019C3 . 83EC 0C SUB ESP,0C 004019C6 . 68 96104000 PUSH <JMP.&MSVBVM60.__vbaExceptHandler> ; SE 处理程序安装 004019CB . 64:A1 0000000>MOV EAX,DWORD PTR FS:[0] 004019D1 . 50 PUSH EAX 004019D2 . 64:8925 00000>MOV DWORD PTR FS:[0],ESP 004019D9 . 81EC 8C000000 SUB ESP,8C 004019DF . 53 PUSH EBX 004019E0 . 56 PUSH ESI 004019E1 . 57 PUSH EDI 004019E2 . 8965 F4 MOV DWORD PTR SS:[EBP-C],ESP 004019E5 . C745 F8 80104>MOV DWORD PTR SS:[EBP-8],工程1.00401080 004019EC . 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8] 004019EF . 8BC8 MOV ECX,EAX 004019F1 . 83E1 01 AND ECX,1 004019F4 . 894D FC MOV DWORD PTR SS:[EBP-4],ECX 004019F7 . 24 FE AND AL,0FE 004019F9 . 50 PUSH EAX 004019FA . 8945 08 MOV DWORD PTR SS:[EBP+8],EAX 004019FD . 8B10 MOV EDX,DWORD PTR DS:[EAX] 004019FF . FF52 04 CALL DWORD PTR DS:[EDX+4] 00401A02 . B9 04000280 MOV ECX,80020004 00401A07 . 33F6 XOR ESI,ESI 00401A09 . 894D B0 MOV DWORD PTR SS:[EBP-50],ECX 00401A0C . B8 0A000000 MOV EAX,0A 00401A11 . 894D C0 MOV DWORD PTR SS:[EBP-40],ECX 00401A14 . 894D D0 MOV DWORD PTR SS:[EBP-30],ECX 00401A17 . 8975 C8 MOV DWORD PTR SS:[EBP-38],ESI 00401A1A . 8975 B8 MOV DWORD PTR SS:[EBP-48],ESI 00401A1D . 8975 A8 MOV DWORD PTR SS:[EBP-58],ESI 00401A20 . 8975 98 MOV DWORD PTR SS:[EBP-68],ESI 00401A23 . 8D55 98 LEA EDX,DWORD PTR SS:[EBP-68] 00401A26 . 8D4D D8 LEA ECX,DWORD PTR SS:[EBP-28] 00401A29 . 8975 D8 MOV DWORD PTR SS:[EBP-28],ESI 00401A2C . 8945 A8 MOV DWORD PTR SS:[EBP-58],EAX 00401A2F . 8945 B8 MOV DWORD PTR SS:[EBP-48],EAX 00401A32 . 8945 C8 MOV DWORD PTR SS:[EBP-38],EAX 00401A35 . C745 A0 D4144>MOV DWORD PTR SS:[EBP-60],工程1.004014D4 ; else 00401A3C . C745 98 08000>MOV DWORD PTR SS:[EBP-68],8 00401A43 . FF15 68104000 CALL DWORD PTR DS:[<&MSVBVM60.__vbaVarDup>] ; MSVBVM60.__vbaVarDup 00401A49 . 8D45 A8 LEA EAX,DWORD PTR SS:[EBP-58] 00401A4C . 8D4D B8 LEA ECX,DWORD PTR SS:[EBP-48] 00401A4F . 50 PUSH EAX 00401A50 . 8D55 C8 LEA EDX,DWORD PTR SS:[EBP-38] 00401A53 . 51 PUSH ECX 00401A54 . 52 PUSH EDX 00401A55 . 8D45 D8 LEA EAX,DWORD PTR SS:[EBP-28] 00401A58 . 56 PUSH ESI 00401A59 . 50 PUSH EAX 00401A5A . FF15 18104000 CALL DWORD PTR DS:[<&MSVBVM60.#595>] ; MSVBVM60.rtcMsgBox 00401A60 . 8D4D A8 LEA ECX,DWORD PTR SS:[EBP-58] 00401A63 . 8D55 B8 LEA EDX,DWORD PTR SS:[EBP-48] 00401A66 . 51 PUSH ECX 00401A67 . 8D45 C8 LEA EAX,DWORD PTR SS:[EBP-38] 00401A6A . 52 PUSH EDX 00401A6B . 8D4D D8 LEA ECX,DWORD PTR SS:[EBP-28] 00401A6E . 50 PUSH EAX 00401A6F . 51 PUSH ECX 00401A70 . 6A 04 PUSH 4 00401A72 . FF15 08104000 CALL DWORD PTR DS:[<&MSVBVM60.__vbaFreeVarLi>; MSVBVM60.__vbaFreeVarList 00401A78 . 83C4 14 ADD ESP,14 00401A7B . 8975 FC MOV DWORD PTR SS:[EBP-4],ESI 00401A7E . 68 A21A4000 PUSH 工程1.00401AA2 00401A83 . EB 1C JMP SHORT 工程1.00401AA1 00401A85 . 8D55 A8 LEA EDX,DWORD PTR SS:[EBP-58] 00401A88 . 8D45 B8 LEA EAX,DWORD PTR SS:[EBP-48] 00401A8B . 52 PUSH EDX 00401A8C . 8D4D C8 LEA ECX,DWORD PTR SS:[EBP-38] 00401A8F . 50 PUSH EAX 00401A90 . 8D55 D8 LEA EDX,DWORD PTR SS:[EBP-28] 00401A93 . 51 PUSH ECX 00401A94 . 52 PUSH EDX 00401A95 . 6A 04 PUSH 4 00401A97 . FF15 08104000 CALL DWORD PTR DS:[<&MSVBVM60.__vbaFreeVarLi>; MSVBVM60.__vbaFreeVarList 00401A9D . 83C4 14 ADD ESP,14 00401AA0 . C3 RETN 00401AA1 > C3 RETN ; RET 用作跳转到 00401AA2 ＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝到址结束。 2007-5-10 14:14 0
qinyuanwei 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 23 粉丝 0 关注私信	qinyuanwei 5 楼找到答案了。 it's packed code it's cheater. 2007-5-10 15:19 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

最新回复 (4)
bios 雪币： 219 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 5 回帖 58 粉丝 0 关注私信	bios 2 楼目前用VB编的软件还是比较安全的. 2007-5-10 13:31 0
qinyuanwei 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 23 粉丝 0 关注私信	qinyuanwei 3 楼那VB的EXE怎么破？ 2007-5-10 13:45 0
qinyuanwei 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 23 粉丝 0 关注私信	qinyuanwei 4 楼高手和菜鸟一起帮我找，急！！！！呀。它的全部代码：＝＝＝＝＝＝＝＝＝＝＝＝＝＝ 004019BE CC INT3 004019BF CC INT3 004019C0 > 55 PUSH EBP 004019C1 . 8BEC MOV EBP,ESP 004019C3 . 83EC 0C SUB ESP,0C 004019C6 . 68 96104000 PUSH <JMP.&MSVBVM60.__vbaExceptHandler> ; SE 处理程序安装 004019CB . 64:A1 0000000>MOV EAX,DWORD PTR FS:[0] 004019D1 . 50 PUSH EAX 004019D2 . 64:8925 00000>MOV DWORD PTR FS:[0],ESP 004019D9 . 81EC 8C000000 SUB ESP,8C 004019DF . 53 PUSH EBX 004019E0 . 56 PUSH ESI 004019E1 . 57 PUSH EDI 004019E2 . 8965 F4 MOV DWORD PTR SS:[EBP-C],ESP 004019E5 . C745 F8 80104>MOV DWORD PTR SS:[EBP-8],工程1.00401080 004019EC . 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8] 004019EF . 8BC8 MOV ECX,EAX 004019F1 . 83E1 01 AND ECX,1 004019F4 . 894D FC MOV DWORD PTR SS:[EBP-4],ECX 004019F7 . 24 FE AND AL,0FE 004019F9 . 50 PUSH EAX 004019FA . 8945 08 MOV DWORD PTR SS:[EBP+8],EAX 004019FD . 8B10 MOV EDX,DWORD PTR DS:[EAX] 004019FF . FF52 04 CALL DWORD PTR DS:[EDX+4] 00401A02 . B9 04000280 MOV ECX,80020004 00401A07 . 33F6 XOR ESI,ESI 00401A09 . 894D B0 MOV DWORD PTR SS:[EBP-50],ECX 00401A0C . B8 0A000000 MOV EAX,0A 00401A11 . 894D C0 MOV DWORD PTR SS:[EBP-40],ECX 00401A14 . 894D D0 MOV DWORD PTR SS:[EBP-30],ECX 00401A17 . 8975 C8 MOV DWORD PTR SS:[EBP-38],ESI 00401A1A . 8975 B8 MOV DWORD PTR SS:[EBP-48],ESI 00401A1D . 8975 A8 MOV DWORD PTR SS:[EBP-58],ESI 00401A20 . 8975 98 MOV DWORD PTR SS:[EBP-68],ESI 00401A23 . 8D55 98 LEA EDX,DWORD PTR SS:[EBP-68] 00401A26 . 8D4D D8 LEA ECX,DWORD PTR SS:[EBP-28] 00401A29 . 8975 D8 MOV DWORD PTR SS:[EBP-28],ESI 00401A2C . 8945 A8 MOV DWORD PTR SS:[EBP-58],EAX 00401A2F . 8945 B8 MOV DWORD PTR SS:[EBP-48],EAX 00401A32 . 8945 C8 MOV DWORD PTR SS:[EBP-38],EAX 00401A35 . C745 A0 D4144>MOV DWORD PTR SS:[EBP-60],工程1.004014D4 ; else 00401A3C . C745 98 08000>MOV DWORD PTR SS:[EBP-68],8 00401A43 . FF15 68104000 CALL DWORD PTR DS:[<&MSVBVM60.__vbaVarDup>] ; MSVBVM60.__vbaVarDup 00401A49 . 8D45 A8 LEA EAX,DWORD PTR SS:[EBP-58] 00401A4C . 8D4D B8 LEA ECX,DWORD PTR SS:[EBP-48] 00401A4F . 50 PUSH EAX 00401A50 . 8D55 C8 LEA EDX,DWORD PTR SS:[EBP-38] 00401A53 . 51 PUSH ECX 00401A54 . 52 PUSH EDX 00401A55 . 8D45 D8 LEA EAX,DWORD PTR SS:[EBP-28] 00401A58 . 56 PUSH ESI 00401A59 . 50 PUSH EAX 00401A5A . FF15 18104000 CALL DWORD PTR DS:[<&MSVBVM60.#595>] ; MSVBVM60.rtcMsgBox 00401A60 . 8D4D A8 LEA ECX,DWORD PTR SS:[EBP-58] 00401A63 . 8D55 B8 LEA EDX,DWORD PTR SS:[EBP-48] 00401A66 . 51 PUSH ECX 00401A67 . 8D45 C8 LEA EAX,DWORD PTR SS:[EBP-38] 00401A6A . 52 PUSH EDX 00401A6B . 8D4D D8 LEA ECX,DWORD PTR SS:[EBP-28] 00401A6E . 50 PUSH EAX 00401A6F . 51 PUSH ECX 00401A70 . 6A 04 PUSH 4 00401A72 . FF15 08104000 CALL DWORD PTR DS:[<&MSVBVM60.__vbaFreeVarLi>; MSVBVM60.__vbaFreeVarList 00401A78 . 83C4 14 ADD ESP,14 00401A7B . 8975 FC MOV DWORD PTR SS:[EBP-4],ESI 00401A7E . 68 A21A4000 PUSH 工程1.00401AA2 00401A83 . EB 1C JMP SHORT 工程1.00401AA1 00401A85 . 8D55 A8 LEA EDX,DWORD PTR SS:[EBP-58] 00401A88 . 8D45 B8 LEA EAX,DWORD PTR SS:[EBP-48] 00401A8B . 52 PUSH EDX 00401A8C . 8D4D C8 LEA ECX,DWORD PTR SS:[EBP-38] 00401A8F . 50 PUSH EAX 00401A90 . 8D55 D8 LEA EDX,DWORD PTR SS:[EBP-28] 00401A93 . 51 PUSH ECX 00401A94 . 52 PUSH EDX 00401A95 . 6A 04 PUSH 4 00401A97 . FF15 08104000 CALL DWORD PTR DS:[<&MSVBVM60.__vbaFreeVarLi>; MSVBVM60.__vbaFreeVarList 00401A9D . 83C4 14 ADD ESP,14 00401AA0 . C3 RETN 00401AA1 > C3 RETN ; RET 用作跳转到 00401AA2 ＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝到址结束。 2007-5-10 14:14 0
qinyuanwei 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 23 粉丝 0 关注私信	qinyuanwei 5 楼找到答案了。 it's packed code it's cheater. 2007-5-10 15:19 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复