在注册表HKEY_LOCAL_MACHINE\SOFTWARE\AVINFO\DVRGateway 的password生成的密文怎样与设备的明文比较通过验证,能改成明文或通过验证吗?
::00415562:: 8D4C24 24 LEA ECX, DWORD PTR [ESP+24]
::00415566:: E8 05ECFFFF CALL 00414170 \:JMPUP
::0041556B:: 3D B80B0000 CMP EAX, BB8
::00415570:: A3 78804200 MOV DWORD PTR [428078], EAX
::00415575:: 73 0A JNB SHORT 00415581 \:JMPDOWN
::00415577:: C705 78804200 B80B0000 MOV DWORD PTR [428078], BB8
::00415581:: 68 044F4200 PUSH 424F04 \:BYJMP JmpBy:0041555B,00415575, \->: UserName
::00415586:: 8D4C24 24 LEA ECX, DWORD PTR [ESP+24]
::0041558A:: E8 31ECFFFF CALL 004141C0 \:JMPUP
::0041558F:: 85C0 TEST EAX, EAX
::00415591:: 75 3A JNZ SHORT 004155CD \:JMPDOWN
::00415593:: C64424 18 61 MOV BYTE PTR [ESP+18], 61
::00415598:: C64424 19 64 MOV BYTE PTR [ESP+19], 64
::0041559D:: C64424 1A 6D MOV BYTE PTR [ESP+1A], 6D
::004155A2:: C64424 1B 69 MOV BYTE PTR [ESP+1B], 69
::004155A7:: 8B4C24 18 MOV ECX, DWORD PTR [ESP+18]
::004155AB:: B0 6E MOV AL, 6E
::004155AD:: 890D 7C804200 MOV DWORD PTR [42807C], ECX
::004155B3:: 68 7C804200 PUSH 42807C
::004155B8:: 68 044F4200 PUSH 424F04 \->: UserName
::004155BD:: 8D4C24 28 LEA ECX, DWORD PTR [ESP+28]
::004155C1:: A2 80804200 MOV BYTE PTR [428080], AL
::004155C6:: E8 35ECFFFF CALL 00414200 \:JMPUP
::004155CB:: EB 3C JMP SHORT 00415609 \:JMPDOWN
::004155CD:: 8D5424 30 LEA EDX, DWORD PTR [ESP+30] \:BYJMP JmpBy:00415591,
::004155D1:: 68 044F4200 PUSH 424F04 \->: UserName
::004155D6:: 52 PUSH EDX
::004155D7:: 8D4C24 28 LEA ECX, DWORD PTR [ESP+28]
::004155DB:: E8 40ECFFFF CALL 00414220 \:JMPUP
::004155E0:: 8B4424 34 MOV EAX, DWORD PTR [ESP+34]
::004155E4:: 3BC3 CMP EAX, EBX
::004155E6:: 75 05 JNZ SHORT 004155ED \:JMPDOWN
::004155E8:: B8 08F54100 MOV EAX, 41F508
::004155ED:: 8B08 MOV ECX, DWORD PTR [EAX] \:BYJMP JmpBy:004155E6,
::004155EF:: 6A 01 PUSH 1
::004155F1:: 890D 7C804200 MOV DWORD PTR [42807C], ECX
::004155F7:: 8B50 04 MOV EDX, DWORD PTR [EAX+4]
::004155FA:: 8D4C24 34 LEA ECX, DWORD PTR [ESP+34]
::004155FE:: 8915 80804200 MOV DWORD PTR [428080], EDX
::00415604:: E8 77D1FFFF CALL 00412780 \:JMPUP
::00415609:: 68 F84E4200 PUSH 424EF8 \:BYJMP JmpBy:004155CB, \->: PassWord
::0041560E:: 8D4C24 24 LEA ECX, DWORD PTR [ESP+24]
::00415612:: E8 A9EBFFFF CALL 004141C0 \:JMPUP
::00415617:: 85C0 TEST EAX, EAX
::00415619:: 75 4D JNZ SHORT 00415668 \:JMPDOWN
::0041561B:: 53 PUSH EBX
::0041561C:: 68 244E4200 PUSH 424E24 \->: SY秇u`氿%s
::00415621:: C64424 20 31 MOV BYTE PTR [ESP+20], 31
::00415626:: C64424 21 32 MOV BYTE PTR [ESP+21], 32
::0041562B:: C64424 22 33 MOV BYTE PTR [ESP+22], 33
::00415630:: C64424 23 34 MOV BYTE PTR [ESP+23], 34
::00415635:: C64424 24 35 MOV BYTE PTR [ESP+24], 35
::0041563A:: E8 B1DFFFFF CALL 004135F0 \:JMPUP
::0041563F:: 8D4424 20 LEA EAX, DWORD PTR [ESP+20]
::00415643:: 68 98814200 PUSH 428198
::00415648:: 50 PUSH EAX
::00415649:: E8 A2E1FFFF CALL 004137F0 \:JMPUP
::0041564E:: 83C4 10 ADD ESP, 10
::00415651:: 8D4C24 20 LEA ECX, DWORD PTR [ESP+20]
::00415655:: 6A 08 PUSH 8
::00415657:: 68 98814200 PUSH 428198
::0041565C:: 68 EC4E4200 PUSH 424EEC \->: Password
::00415661:: E8 6AECFFFF CALL 004142D0 \:JMPUP
::00415666:: EB 5B JMP SHORT 004156C3 \:JMPDOWN
::00415668:: 8A4C24 13 MOV CL, BYTE PTR [ESP+13] \:BYJMP JmpBy:00415619,
::0041566C:: 53 PUSH EBX
::0041566D:: 884C24 34 MOV BYTE PTR [ESP+34], CL
::00415671:: 8D4C24 34 LEA ECX, DWORD PTR [ESP+34]
::00415675:: E8 06D1FFFF CALL 00412780 \:JMPUP
::0041567A:: 8D5424 30 LEA EDX, DWORD PTR [ESP+30]
::0041567E:: 8D4C24 20 LEA ECX, DWORD PTR [ESP+20]
::00415682:: 52 PUSH EDX
::00415683:: 68 F84E4200 PUSH 424EF8 \->: PassWord
::00415688:: C68424 80000000 05 MOV BYTE PTR [ESP+80], 5
::00415690:: E8 EBE6FFFF CALL 00413D80 \:JMPUP
::00415695:: 8B4424 34 MOV EAX, DWORD PTR [ESP+34]
::00415699:: 3BC3 CMP EAX, EBX
::0041569B:: 75 05 JNZ SHORT 004156A2 \:JMPDOWN
::0041569D:: B8 08F54100 MOV EAX, 41F508
::004156A2:: 8B08 MOV ECX, DWORD PTR [EAX] \:BYJMP JmpBy:0041569B,
::004156A4:: 6A 01 PUSH 1
::004156A6:: 890D 98814200 MOV DWORD PTR [428198], ECX
::004156AC:: 8B50 04 MOV EDX, DWORD PTR [EAX+4]
::004156AF:: 8D4C24 34 LEA ECX, DWORD PTR [ESP+34]
::004156B3:: 8915 9C814200 MOV DWORD PTR [42819C], EDX
::004156B9:: C64424 7C 02 MOV BYTE PTR [ESP+7C], 2
::004156BE:: E8 BDD0FFFF CALL 00412780 \:JMPUP
::004156C3:: 68 DC4E4200 PUSH 424EDC \:BYJMP JmpBy:00415666, \->: InActiveUnit
::004156C8:: 8D4C24 24 LEA ECX, DWORD PTR [ESP+24]
::004156CC:: E8 8FE5FFFF CALL 00413C60 \:JMPUP
::004156D1:: 85C0 TEST EAX, EAX
::004156D3:: 75 1C JNZ SHORT 004156F1 \:JMPDOWN
::004156D5:: 68 DC4E4200 PUSH 424EDC \->: InActiveUnit
::004156DA:: 8D4C24 24 LEA ECX, DWORD PTR [ESP+24]
::004156DE:: E8 DDE4FFFF CALL 00413BC0 \:JMPUP
::004156E3:: 68 C8404200 PUSH 4240C8 \->: ActiveUnit
::004156E8:: 8D4C24 24 LEA ECX, DWORD PTR [ESP+24]
::004156EC:: E8 CFE4FFFF CALL 00413BC0 \:JMPUP
::004156F1:: 68 02000080 PUSH 80000002 \:BYJMP JmpBy:0041520F,004156D3,
::004156F6:: 8D4C24 2C LEA ECX, DWORD PTR [ESP+2C]
::004156FA:: E8 71E4FFFF CALL 00413B70 \:JMPUP
::004156FF:: 8A4424 13 MOV AL, BYTE PTR [ESP+13]
::00415703:: 53 PUSH EBX
::00415704:: 8D4C24 44 LEA ECX, DWORD PTR [ESP+44]
::00415708:: C64424 7C 06 MOV BYTE PTR [ESP+7C], 6
::0041570D:: 884424 44 MOV BYTE PTR [ESP+44], AL
::00415711:: E8 6AD0FFFF CALL 00412780 \:JMPUP
::00415716:: BF B04E4200 MOV EDI, 424EB0 \->: \SOFTWARE\AVINFO\DVRGateway\InActiveUnit
::0041571B:: 83C9 FF OR ECX, FFFFFFFF
::0041571E:: 33C0 XOR EAX, EAX
::00415720:: 6A 01 PUSH 1
::00415722:: F2 REPNE SCAS BYTE PTR ES:[EDI]
::00415723:: AE SCAS BYTE PTR ES:[EDI]
::00415724:: F7D1 NOT ECX
::00415726:: 49 DEC ECX
::00415727:: 8BE9 MOV EBP, ECX
::00415729:: 8D4C24 44 LEA ECX, DWORD PTR [ESP+44]
::0041572D:: 55 PUSH EBP
::0041572E:: E8 FDD3FFFF CALL 00412B30 \:JMPUP
::00415733:: 84C0 TEST AL, AL
::00415735:: 74 25 JE SHORT 0041575C \:JMPDOWN
::00415737:: 8B7C24 44 MOV EDI, DWORD PTR [ESP+44]
::0041573B:: 8BCD MOV ECX, EBP
::0041573D:: 8BD1 MOV EDX, ECX
::0041573F:: BE B04E4200 MOV ESI, 424EB0 \->: \SOFTWARE\AVINFO\DVRGateway\InActiveUnit
::00415744:: C1E9 02 SHR ECX, 2
::00415747:: F3 REP MOVS DWORD PTR ES:[EDI], DWORD PTR [ESI]
::00415748:: A5 MOVS DWORD PTR ES:[EDI], DWORD PTR [ESI]
::00415749:: 8BCA MOV ECX, EDX
::0041574B:: 83E1 03 AND ECX, 3
::0041574E:: F3 REP MOVS DWORD PTR ES:[EDI], DWORD PTR [ESI]
::0041574F:: A4 MOVS BYTE PTR ES:[EDI], BYTE PTR [ESI]
::00415750:: 8B4424 44 MOV EAX, DWORD PTR [ESP+44]
::00415754:: 896C24 48 MOV DWORD PTR [ESP+48], EBP
::00415758:: C60428 00 MOV BYTE PTR [EAX+EBP], 0
::0041575C:: 8B4424 44 MOV EAX, DWORD PTR [ESP+44] \:BYJMP JmpBy:00415735,
::00415760:: 33F6 XOR ESI, ESI
::00415762:: B3 07 MOV BL, 7
::00415764:: 3BC6 CMP EAX, ESI
::00415766:: 885C24 78 MOV BYTE PTR [ESP+78], BL
::0041576A:: 75 05 JNZ SHORT 00415771 \:JMPDOWN
::0041576C:: B8 08F54100 MOV EAX, 41F508
::00415771:: 6A 01 PUSH 1 \:BYJMP JmpBy:0041576A,
::00415773:: 50 PUSH EAX
::00415774:: 8D4C24 30 LEA ECX, DWORD PTR [ESP+30]
::00415778:: E8 13E7FFFF CALL 00413E90 \:JMPUP
::0041577D:: 85C0 TEST EAX, EAX
::0041577F:: 0F84 6C010000 JE 004158F1 \:JMPDOWN
::00415785:: 8A4C24 13 MOV CL, BYTE PTR [ESP+13]
::00415789:: 897424 34 MOV DWORD PTR [ESP+34], ESI
::0041578D:: 884C24 30 MOV BYTE PTR [ESP+30], CL
::00415791:: 897424 38 MOV DWORD PTR [ESP+38], ESI
::00415795:: 897424 3C MOV DWORD PTR [ESP+3C], ESI
::00415799:: 8D5424 30 LEA EDX, DWORD PTR [ESP+30]
::0041579D:: 8D4C24 28 LEA ECX, DWORD PTR [ESP+28]
::004157A1:: 52 PUSH EDX
::004157A2:: C64424 7C 08 MOV BYTE PTR [ESP+7C], 8
::004157A7:: E8 54EBFFFF CALL 00414300 \:JMPUP
::004157AC:: 8B4C24 34 MOV ECX, DWORD PTR [ESP+34]
::004157B0:: 3BCE CMP ECX, ESI
::004157B2:: 75 04 JNZ SHORT 004157B8 \:JMPDOWN
::004157B4:: 33C0 XOR EAX, EAX
::004157B6:: EB 09 JMP SHORT 004157C1 \:JMPDOWN
::004157B8:: 8B4424 38 MOV EAX, DWORD PTR [ESP+38] \:BYJMP JmpBy:004157B2,
::004157BC:: 2BC1 SUB EAX, ECX
::004157BE:: C1F8 04 SAR EAX, 4
::004157C1:: 50 PUSH EAX \:BYJMP JmpBy:004157B6,
::004157C2:: 68 944E4200 PUSH 424E94 \->: InActiveUnitKey Size : %d\x0A
::004157C7:: E8 E4F6FFFF CALL 00414EB0 \:JMPUP
::004157CC:: 83C4 08 ADD ESP, 8
::004157CF:: 33ED XOR EBP, EBP
::004157D1:: 33FF XOR EDI, EDI
::004157D3:: 8B4424 34 MOV EAX, DWORD PTR [ESP+34] \:BYJMP JmpBy:004158B3,
::004157D7:: 8B4C24 38 MOV ECX, DWORD PTR [ESP+38]
::004157DB:: 3BC6 CMP EAX, ESI
::004157DD:: 0F84 D5000000 JE 004158B8 \:JMPDOWN
::004157E3:: 8BD1 MOV EDX, ECX
::004157E5:: 2BD0 SUB EDX, EAX
::004157E7:: C1FA 04 SAR EDX, 4
::004157EA:: 3BEA CMP EBP, EDX
::004157EC:: 0F83 C6000000 JNB 004158B8 \:JMPDOWN
::004157F2:: 8B4438 04 MOV EAX, DWORD PTR [EAX+EDI+4]
::004157F6:: 3BC6 CMP EAX, ESI
::004157F8:: 75 05 JNZ SHORT 004157FF \:JMPDOWN
::004157FA:: B8 08F54100 MOV EAX, 41F508
::004157FF:: 50 PUSH EAX \:BYJMP JmpBy:004157F8,
::00415800:: 8D4C24 2C LEA ECX, DWORD PTR [ESP+2C]
::00415804:: E8 57E4FFFF CALL 00413C60 \:JMPUP
::00415809:: 8B4424 34 MOV EAX, DWORD PTR [ESP+34]
::0041580D:: 8B4438 04 MOV EAX, DWORD PTR [EAX+EDI+4]
::00415811:: 3BC6 CMP EAX, ESI
::00415813:: 75 05 JNZ SHORT 0041581A \:JMPDOWN
::00415815:: B8 08F54100 MOV EAX, 41F508
::0041581A:: 50 PUSH EAX \:BYJMP JmpBy:00415813,
::0041581B:: FF15 50F24100 CALL DWORD PTR [41F250] >>>: WS2_32.DLL:WS2_32:NoName0006
::00415821:: 68 8C4E4200 PUSH 424E8C \->: DVRPort
::00415826:: 8D4C24 2C LEA ECX, DWORD PTR [ESP+2C]
::0041582A:: 894424 1C MOV DWORD PTR [ESP+1C], EAX
::0041582E:: E8 3DE9FFFF CALL 00414170 \:JMPUP
::00415833:: 50 PUSH EAX
::00415834:: FF15 4CF24100 CALL DWORD PTR [41F24C] >>>: WS2_32.DLL:WS2_32:NoName0005
::0041583A:: 8B4C24 34 MOV ECX, DWORD PTR [ESP+34]
::0041583E:: 66:894424 1C MOV WORD PTR [ESP+1C], AX
::00415843:: 8B4439 04 MOV EAX, DWORD PTR [ECX+EDI+4]
::00415847:: 3BC6 CMP EAX, ESI
::00415849:: BE 08F54100 MOV ESI, 41F508
::0041584E:: 74 02 JE SHORT 00415852 \:JMPDOWN
::00415850:: 8BF0 MOV ESI, EAX
::00415852:: 68 8C4E4200 PUSH 424E8C \:BYJMP JmpBy:0041584E, \->: DVRPort
::00415857:: 8D4C24 2C LEA ECX, DWORD PTR [ESP+2C]
::0041585B:: E8 10E9FFFF CALL 00414170 \:JMPUP
::00415860:: 50 PUSH EAX
::00415861:: 56 PUSH ESI
::00415862:: 68 744E4200 PUSH 424E74 \->: DvrIP:%s,DvrPort:%d\x0A
::00415867:: E8 44F6FFFF CALL 00414EB0 \:JMPUP
::0041586C:: A1 A8814200 MOV EAX, DWORD PTR [4281A8]
::00415871:: 83C4 0C ADD ESP, C
::00415874:: 8D5424 18 LEA EDX, DWORD PTR [ESP+18]
::00415878:: B9 A0814200 MOV ECX, 4281A0
::0041587D:: 52 PUSH EDX
::0041587E:: 6A 01 PUSH 1
::00415880:: 50 PUSH EAX
::00415881:: E8 AA010000 CALL 00415A30 \:JMPDOWN
::00415886:: 8B4424 44 MOV EAX, DWORD PTR [ESP+44]
::0041588A:: 85C0 TEST EAX, EAX
::0041588C:: 75 05 JNZ SHORT 00415893 \:JMPDOWN
::0041588E:: B8 08F54100 MOV EAX, 41F508
::00415893:: 6A 00 PUSH 0 \:BYJMP JmpBy:0041588C,
::00415895:: 50 PUSH EAX
::00415896:: 8D4C24 30 LEA ECX, DWORD PTR [ESP+30]
::0041589A:: E8 F1E5FFFF CALL 00413E90 \:JMPUP
::0041589F:: 68 DC4E4200 PUSH 424EDC \->: InActiveUnit
[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法
