能力值:
( LV9,RANK:250 )
|
-
-
26 楼
貌似,上面只是个str->byte array的转换.要求是16进制元组 
|
能力值:
( LV9,RANK:250 )
|
-
-
27 楼
CALL crackme0.003C0486 是字符范围校验(16进制元组)
003C0832 8BFF MOV EDI,EDI
003C0834 55 PUSH EBP
003C0835 8BEC MOV EBP,ESP
003C0837 51 PUSH ECX
003C0838 51 PUSH ECX
003C0839 53 PUSH EBX
003C083A 56 PUSH ESI
003C083B EB 0B JMP SHORT crackme0.003C0848
003C083D 90 NOP
003C083E 90 NOP
003C083F 90 NOP
003C0840 90 NOP
003C0841 90 NOP
003C0842 90 NOP
003C0843 90 NOP
003C0844 90 NOP
003C0845 90 NOP
003C0846 90 NOP
003C0847 90 NOP
003C0848 8B5D 20 MOV EBX,DWORD PTR SS:[EBP+20]
003C084B 33F6 XOR ESI,ESI
003C084D 8933 MOV DWORD PTR DS:[EBX],ESI
003C084F EB 0B JMP SHORT crackme0.003C085C
003C0851 90 NOP
003C0852 90 NOP
003C0853 90 NOP
003C0854 90 NOP
003C0855 90 NOP
003C0856 90 NOP
003C0857 90 NOP
003C0858 90 NOP
003C0859 90 NOP
003C085A 90 NOP
003C085B 90 NOP
003C085C 8973 04 MOV DWORD PTR DS:[EBX+4],ESI
003C085F EB 0B JMP SHORT crackme0.003C086C
003C0861 90 NOP
003C0862 90 NOP
003C0863 90 NOP
003C0864 90 NOP
003C0865 90 NOP
003C0866 90 NOP
003C0867 90 NOP
003C0868 90 NOP
003C0869 90 NOP
003C086A 90 NOP
003C086B 90 NOP
003C086C 8B45 1C MOV EAX,DWORD PTR SS:[EBP+1C]
003C086F 2D 04801B47 SUB EAX,471B8004
003C0874 0F84 C8010000 JE crackme0.003C0A42
003C087A 6A 04 PUSH 4
003C087C 59 POP ECX
003C087D 2BC1 SUB EAX,ECX
003C087F 0F84 96010000 JE crackme0.003C0A1B
003C0885 2BC1 SUB EAX,ECX
003C0887 0F84 2B010000 JE crackme0.003C09B8
003C088D 2BC1 SUB EAX,ECX
003C088F 0F84 B4000000 JE crackme0.003C0949
003C0895 2BC1 SUB EAX,ECX
003C0897 74 25 JE SHORT crackme0.003C08BE
003C0899 EB 0B JMP SHORT crackme0.003C08A6
003C089B 90 NOP
003C089C 90 NOP
003C089D 90 NOP
003C089E 90 NOP
003C089F 90 NOP
003C08A0 90 NOP
003C08A1 90 NOP
003C08A2 90 NOP
003C08A3 90 NOP
003C08A4 90 NOP
003C08A5 90 NOP
003C08A6 C703 100000C0 MOV DWORD PTR DS:[EBX],C0000010
003C08AC EB 0B JMP SHORT crackme0.003C08B9
003C08AE 90 NOP
003C08AF 90 NOP
003C08B0 90 NOP
003C08B1 90 NOP
003C08B2 90 NOP
003C08B3 90 NOP
003C08B4 90 NOP
003C08B5 90 NOP
003C08B6 90 NOP
003C08B7 90 NOP
003C08B8 90 NOP
003C08B9 E9 C4010000 JMP crackme0.003C0A82
003C08BE EB 0B JMP SHORT crackme0.003C08CB
003C08C0 90 NOP
003C08C1 90 NOP
003C08C2 90 NOP
003C08C3 90 NOP
003C08C4 90 NOP
003C08C5 90 NOP
003C08C6 90 NOP
003C08C7 90 NOP
003C08C8 90 NOP
003C08C9 90 NOP
003C08CA 90 NOP
003C08CB 6A 08 PUSH 8
003C08CD 8D45 0C LEA EAX,DWORD PTR SS:[EBP+C]
003C08D0 50 PUSH EAX
003C08D1 FF75 0C PUSH DWORD PTR SS:[EBP+C]
003C08D4 E8 35FCFFFF CALL crackme0.003C050E
003C08D9 84C0 TEST AL,AL
003C08DB 0F84 A1010000 JE crackme0.003C0A82
003C08E1 EB 0B JMP SHORT crackme0.003C08EE
003C08E3 90 NOP
003C08E4 90 NOP
003C08E5 90 NOP
003C08E6 90 NOP
003C08E7 90 NOP
003C08E8 90 NOP
003C08E9 90 NOP
003C08EA 90 NOP
003C08EB 90 NOP
003C08EC 90 NOP
003C08ED 90 NOP
003C08EE 817D 0C 8B1D0000 CMP DWORD PTR SS:[EBP+C],1D8B
003C08F5 75 40 JNZ SHORT crackme0.003C0937
003C08F7 57 PUSH EDI
003C08F8 EB 0B JMP SHORT crackme0.003C0905
003C08FA 90 NOP
003C08FB 90 NOP
003C08FC 90 NOP
003C08FD 90 NOP
003C08FE 90 NOP
003C08FF 90 NOP
003C0900 90 NOP
003C0901 90 NOP
003C0902 90 NOP
003C0903 90 NOP
003C0904 90 NOP
003C0905 8B45 14 MOV EAX,DWORD PTR SS:[EBP+14]
003C0908 BE 1C083C00 MOV ESI,crackme0.003C081C
003C090D 8BF8 MOV EDI,EAX
003C090F A5 MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI]
003C0910 A4 MOVS BYTE PTR ES:[EDI],BYTE PTR DS:[ESI]
003C0911 EB 0B JMP SHORT crackme0.003C091E
003C0913 90 NOP
003C0914 90 NOP
003C0915 90 NOP
003C0916 90 NOP
003C0917 90 NOP
003C0918 90 NOP
003C0919 90 NOP
003C091A 90 NOP
003C091B 90 NOP
003C091C 90 NOP
003C091D 90 NOP
003C091E 8D78 05 LEA EDI,DWORD PTR DS:[EAX+5]
003C0921 BE 24083C00 MOV ESI,crackme0.003C0824
003C0926 A5 MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI]
003C0927 A5 MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI]
003C0928 A4 MOVS BYTE PTR ES:[EDI],BYTE PTR DS:[ESI]
003C0929 EB 0B JMP SHORT crackme0.003C0936
003C092B 90 NOP
003C092C 90 NOP
003C092D 90 NOP
003C092E 90 NOP
003C092F 90 NOP
003C0930 90 NOP
003C0931 90 NOP
003C0932 90 NOP
003C0933 90 NOP
003C0934 90 NOP
003C0935 90 NOP
003C0936 5F POP EDI
003C0937 EB 0B JMP SHORT crackme0.003C0944
003C0939 90 NOP
003C093A 90 NOP
003C093B 90 NOP
003C093C 90 NOP
003C093D 90 NOP
003C093E 90 NOP
003C093F 90 NOP
003C0940 90 NOP
003C0941 90 NOP
003C0942 90 NOP
003C0943 90 NOP
003C0944 E9 39010000 JMP crackme0.003C0A82
003C0949 EB 0B JMP SHORT crackme0.003C0956
003C094B 90 NOP
003C094C 90 NOP
003C094D 90 NOP
003C094E 90 NOP
003C094F 90 NOP
003C0950 90 NOP
003C0951 90 NOP
003C0952 90 NOP
003C0953 90 NOP
003C0954 90 NOP
003C0955 90 NOP
003C0956 6A 10 PUSH 10
003C0958 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
003C095B 50 PUSH EAX
003C095C FF75 0C PUSH DWORD PTR SS:[EBP+C]
003C095F E8 AAFBFFFF CALL crackme0.003C050E
003C0964 84C0 TEST AL,AL
003C0966 0F84 16010000 JE crackme0.003C0A82
003C096C EB 0B JMP SHORT crackme0.003C0979
003C096E 90 NOP
003C096F 90 NOP
003C0970 90 NOP
003C0971 90 NOP
003C0972 90 NOP
003C0973 90 NOP
003C0974 90 NOP
003C0975 90 NOP
003C0976 90 NOP
003C0977 90 NOP
003C0978 90 NOP
003C0979 817D F8 6CDEFEC0 CMP DWORD PTR SS:[EBP-8],C0FEDE6C
003C0980 0F85 FC000000 JNZ crackme0.003C0A82
003C0986 817D FC 0B8AC93F CMP DWORD PTR SS:[EBP-4],3FC98A0B
003C098D 0F85 EF000000 JNZ crackme0.003C0A82
003C0993 EB 0B JMP SHORT crackme0.003C09A0
003C0995 90 NOP
003C0996 90 NOP
003C0997 90 NOP
003C0998 90 NOP
003C0999 90 NOP
003C099A 90 NOP
003C099B 90 NOP
003C099C 90 NOP
003C099D 90 NOP
003C099E 90 NOP
003C099F 90 NOP
003C09A0 8B45 14 MOV EAX,DWORD PTR SS:[EBP+14]
003C09A3 C600 31 MOV BYTE PTR DS:[EAX],31
003C09A6 EB 0B JMP SHORT crackme0.003C09B3
003C09A8 90 NOP
003C09A9 90 NOP
003C09AA 90 NOP
003C09AB 90 NOP
003C09AC 90 NOP
003C09AD 90 NOP
003C09AE 90 NOP
003C09AF 90 NOP
003C09B0 90 NOP
003C09B1 90 NOP
003C09B2 90 NOP
003C09B3 E9 CA000000 JMP crackme0.003C0A82
003C09B8 EB 0B JMP SHORT crackme0.003C09C5
003C09BA 90 NOP
003C09BB 90 NOP
003C09BC 90 NOP
003C09BD 90 NOP
003C09BE 90 NOP
003C09BF 90 NOP
003C09C0 90 NOP
003C09C1 90 NOP
003C09C2 90 NOP
003C09C3 90 NOP
003C09C4 90 NOP
003C09C5 6A 08 PUSH 8
003C09C7 8D45 0C LEA EAX,DWORD PTR SS:[EBP+C]
003C09CA 50 PUSH EAX
003C09CB FF75 0C PUSH DWORD PTR SS:[EBP+C]
003C09CE E8 3BFBFFFF CALL crackme0.003C050E
003C09D3 84C0 TEST AL,AL
003C09D5 0F84 A7000000 JE crackme0.003C0A82
003C09DB EB 0B JMP SHORT crackme0.003C09E8
003C09DD 90 NOP
003C09DE 90 NOP
003C09DF 90 NOP
003C09E0 90 NOP
003C09E1 90 NOP
003C09E2 90 NOP
003C09E3 90 NOP
003C09E4 90 NOP
003C09E5 90 NOP
003C09E6 90 NOP
003C09E7 90 NOP
003C09E8 8B4D 0C MOV ECX,DWORD PTR SS:[EBP+C]
003C09EB C1E1 05 SHL ECX,5
003C09EE 8D89 000E3C00 LEA ECX,DWORD PTR DS:[ECX+3C0E00]
003C09F4 8BC1 MOV EAX,ECX
003C09F6 8D70 01 LEA ESI,DWORD PTR DS:[EAX+1]
003C09F9 8A10 MOV DL,BYTE PTR DS:[EAX]
003C09FB 40 INC EAX
003C09FC 84D2 TEST DL,DL
003C09FE ^ 75 F9 JNZ SHORT crackme0.003C09F9
003C0A00 2BC6 SUB EAX,ESI
003C0A02 50 PUSH EAX
003C0A03 FF75 14 PUSH DWORD PTR SS:[EBP+14]
003C0A06 51 PUSH ECX
003C0A07 E8 7AFAFFFF CALL crackme0.003C0486
003C0A0C EB 0B JMP SHORT crackme0.003C0A19
003C0A0E 90 NOP
003C0A0F 90 NOP
003C0A10 90 NOP
003C0A11 90 NOP
003C0A12 90 NOP
003C0A13 90 NOP
003C0A14 90 NOP
003C0A15 90 NOP
003C0A16 90 NOP
003C0A17 90 NOP
003C0A18 90 NOP
003C0A19 EB 67 JMP SHORT crackme0.003C0A82
003C0A1B EB 0B JMP SHORT crackme0.003C0A28
003C0A1D 90 NOP
003C0A1E 90 NOP
003C0A1F 90 NOP
003C0A20 90 NOP
003C0A21 90 NOP
003C0A22 90 NOP
003C0A23 90 NOP
003C0A24 90 NOP
003C0A25 90 NOP
003C0A26 90 NOP
003C0A27 90 NOP
003C0A28 FF35 C4113C00 PUSH DWORD PTR DS:[3C11C4]
003C0A2E E8 41FDFFFF CALL crackme0.003C0774
003C0A33 EB 0B JMP SHORT crackme0.003C0A40
003C0A35 90 NOP
003C0A36 90 NOP
003C0A37 90 NOP
003C0A38 90 NOP
003C0A39 90 NOP
003C0A3A 90 NOP
003C0A3B 90 NOP
003C0A3C 90 NOP
003C0A3D 90 NOP
003C0A3E 90 NOP
003C0A3F 90 NOP
003C0A40 EB 40 JMP SHORT crackme0.003C0A82
003C0A42 EB 0B JMP SHORT crackme0.003C0A4F
003C0A44 90 NOP
003C0A45 90 NOP
003C0A46 90 NOP
003C0A47 90 NOP
003C0A48 90 NOP
003C0A49 90 NOP
003C0A4A 90 NOP
003C0A4B 90 NOP
003C0A4C 90 NOP
003C0A4D 90 NOP
003C0A4E 90 NOP
003C0A4F 6A 08 PUSH 8
003C0A51 68 C4113C00 PUSH crackme0.003C11C4
003C0A56 FF75 0C PUSH DWORD PTR SS:[EBP+C]
003C0A59 E8 B0FAFFFF CALL crackme0.003C050E
003C0A5E 84C0 TEST AL,AL
003C0A60 75 20 JNZ SHORT crackme0.003C0A82
003C0A62 EB 0B JMP SHORT crackme0.003C0A6F
003C0A64 90 NOP
003C0A65 90 NOP
003C0A66 90 NOP
003C0A67 90 NOP
003C0A68 90 NOP
003C0A69 90 NOP
003C0A6A 90 NOP
003C0A6B 90 NOP
003C0A6C 90 NOP
003C0A6D 90 NOP
003C0A6E 90 NOP
003C0A6F 8935 C4113C00 MOV DWORD PTR DS:[3C11C4],ESI
003C0A75 EB 0B JMP SHORT crackme0.003C0A82
003C0A77 90 NOP
003C0A78 90 NOP
003C0A79 90 NOP
003C0A7A 90 NOP
003C0A7B 90 NOP
003C0A7C 90 NOP
003C0A7D 90 NOP
003C0A7E 90 NOP
003C0A7F 90 NOP
003C0A80 90 NOP
003C0A81 90 NOP
003C0A82 EB 0B JMP SHORT crackme0.003C0A8F
003C0A84 90 NOP
003C0A85 90 NOP
003C0A86 90 NOP
003C0A87 90 NOP
003C0A88 90 NOP
003C0A89 90 NOP
003C0A8A 90 NOP
003C0A8B 90 NOP
003C0A8C 90 NOP
003C0A8D 90 NOP
003C0A8E 90 NOP
003C0A8F 8B03 MOV EAX,DWORD PTR DS:[EBX]
003C0A91 5E POP ESI
003C0A92 5B POP EBX
003C0A93 C9 LEAVE
003C0A94 C2 2000 RETN 20
二进制:
8B FF 55 8B EC 51 51 53 56 EB 0B 90 90 90 90 90 90 90 90 90 90 90 8B 5D 20 33 F6 89 33 EB 0B 90
90 90 90 90 90 90 90 90 90 90 89 73 04 EB 0B 90 90 90 90 90 90 90 90 90 90 90 8B 45 1C 2D 04 80
1B 47 0F 84 C8 01 00 00 6A 04 59 2B C1 0F 84 96 01 00 00 2B C1 0F 84 2B 01 00 00 2B C1 0F 84 B4
00 00 00 2B C1 74 25 EB 0B 90 90 90 90 90 90 90 90 90 90 90 C7 03 10 00 00 C0 EB 0B 90 90 90 90
90 90 90 90 90 90 90 E9 C4 01 00 00 EB 0B 90 90 90 90 90 90 90 90 90 90 90 6A 08 8D 45 0C 50 FF
75 0C E8 35 FC FF FF 84 C0 0F 84 A1 01 00 00 EB 0B 90 90 90 90 90 90 90 90 90 90 90 81 7D 0C 8B
1D 00 00 75 40 57 EB 0B 90 90 90 90 90 90 90 90 90 90 90 8B 45 14 BE 1C 08 3C 00 8B F8 A5 A4 EB
0B 90 90 90 90 90 90 90 90 90 90 90 8D 78 05 BE 24 08 3C 00 A5 A5 A4 EB 0B 90 90 90 90 90 90 90
90 90 90 90 5F EB 0B 90 90 90 90 90 90 90 90 90 90 90 E9 39 01 00 00 EB 0B 90 90 90 90 90 90 90
90 90 90 90 6A 10 8D 45 F8 50 FF 75 0C E8 AA FB FF FF 84 C0 0F 84 16 01 00 00 EB 0B 90 90 90 90
90 90 90 90 90 90 90 81 7D F8 6C DE FE C0 0F 85 FC 00 00 00 81 7D FC 0B 8A C9 3F 0F 85 EF 00 00
00 EB 0B 90 90 90 90 90 90 90 90 90 90 90 8B 45 14 C6 00 31 EB 0B 90 90 90 90 90 90 90 90 90 90
90 E9 CA 00 00 00 EB 0B 90 90 90 90 90 90 90 90 90 90 90 6A 08 8D 45 0C 50 FF 75 0C E8 3B FB FF
FF 84 C0 0F 84 A7 00 00 00 EB 0B 90 90 90 90 90 90 90 90 90 90 90 8B 4D 0C C1 E1 05 8D 89 00 0E
3C 00 8B C1 8D 70 01 8A 10 40 84 D2 75 F9 2B C6 50 FF 75 14 51 E8 7A FA FF FF EB 0B 90 90 90 90
90 90 90 90 90 90 90 EB 67 EB 0B 90 90 90 90 90 90 90 90 90 90 90 FF 35 C4 11 3C 00 E8 41 FD FF
FF EB 0B 90 90 90 90 90 90 90 90 90 90 90 EB 40 EB 0B 90 90 90 90 90 90 90 90 90 90 90 6A 08 68
C4 11 3C 00 FF 75 0C E8 B0 FA FF FF 84 C0 75 20 EB 0B 90 90 90 90 90 90 90 90 90 90 90 89 35 C4
11 3C 00 EB 0B 90 90 90 90 90 90 90 90 90 90 90 EB 0B 90 90 90 90 90 90 90 90 90 90 90 8B 03 5E
5B C9 C2 20 00
|
能力值:
( LV9,RANK:250 )
|
-
-
28 楼
走了,人催了.哎,我这里没ring0调试器哇.
|
能力值:
( LV2,RANK:10 )
|
-
-
29 楼
不象是抽签的结果啊,一个比一个难,主持故意安排的?我等菜得只有看热闹的份罗。
|
能力值:
( LV2,RANK:10 )
|
-
-
30 楼
我也一样,会不会是与有些服务有冲突?
|
能力值:
![]()
(RANK:300 )
|
-
-
31 楼
我们怎会知道那个比较难 
|
能力值:
( LV15,RANK:3306 )
|
-
-
32 楼
计算累人啊。
|
能力值:
( LV6,RANK:90 )
|
-
-
33 楼
00402170 /$ 55 push ebp
00402171 |. 8BEC mov ebp, esp
00402173 |. 6A FF push -1
00402175 |. 68 704B4000 push 00404B70 ; SE 处理程序安装
0040217A |. 64:A1 0000000>mov eax, dword ptr fs:[0]
00402180 |. 50 push eax
00402181 |. 64:8925 00000>mov dword ptr fs:[0], esp
00402188 |. 81EC A8000000 sub esp, 0A8
0040218E |. 53 push ebx
0040218F |. 56 push esi
00402190 |. 57 push edi
00402191 |. 8BF1 mov esi, ecx
00402193 |. C745 FC 01000>mov dword ptr ss:[ebp-4], 1
0040219A |. 90 nop
0040219B |. 90 nop
0040219C |. 90 nop
0040219D |. 90 nop
0040219E |. 90 nop
0040219F |. 90 nop
004021A0 |. 90 nop
004021A1 |. 90 nop
004021A2 |. 90 nop
004021A3 |. 90 nop
004021A4 |. 90 nop
004021A5 |. 90 nop
004021A6 |. 90 nop
004021A7 |. 33DB xor ebx, ebx
004021A9 |. 8D4D 08 lea ecx, dword ptr ss:[ebp+8]
004021AC |. 53 push ebx
004021AD |. E8 D6250000 call <jmp.&mfc42.#2915_CString::GetBuffer>
004021B2 |. 8945 D0 mov dword ptr ss:[ebp-30], eax
004021B5 |. 90 nop
004021B6 |. 90 nop
004021B7 |. 90 nop
004021B8 |. 90 nop
004021B9 |. 90 nop
004021BA |. 90 nop
004021BB |. 90 nop
004021BC |. 90 nop
004021BD |. 90 nop
004021BE |. 90 nop
004021BF |. 90 nop
004021C0 |. 90 nop
004021C1 |. 90 nop
004021C2 |. 53 push ebx
004021C3 |. 8D4D 0C lea ecx, dword ptr ss:[ebp+C]
004021C6 |. E8 BD250000 call <jmp.&mfc42.#2915_CString::GetBuffer>
004021CB |. 8945 DC mov dword ptr ss:[ebp-24], eax
004021CE |. 90 nop
004021CF |. 90 nop
004021D0 |. 90 nop
004021D1 |. 90 nop
004021D2 |. 90 nop
004021D3 |. 90 nop
004021D4 |. 90 nop
004021D5 |. 90 nop
004021D6 |. 90 nop
004021D7 |. 90 nop
004021D8 |. 90 nop
004021D9 |. 90 nop
004021DA |. 90 nop
004021DB |. 895D D4 mov dword ptr ss:[ebp-2C], ebx
004021DE |. 90 nop
004021DF |. 90 nop
004021E0 |. 90 nop
004021E1 |. 90 nop
004021E2 |. 90 nop
004021E3 |. 90 nop
004021E4 |. 90 nop
004021E5 |. 90 nop
004021E6 |. 90 nop
004021E7 |. 90 nop
004021E8 |. 90 nop
004021E9 |. 90 nop
004021EA |. 90 nop
004021EB |. B9 1F000000 mov ecx, 1F
004021F0 |. 33C0 xor eax, eax
004021F2 |. 8DBD 50FFFFFF lea edi, dword ptr ss:[ebp-B0]
004021F8 |. 899D 4CFFFFFF mov dword ptr ss:[ebp-B4], ebx
004021FE |. F3:AB rep stos dword ptr es:[edi]
00402200 |. 90 nop
00402201 |. 90 nop
00402202 |. 90 nop
00402203 |. 90 nop
00402204 |. 90 nop
00402205 |. 90 nop
00402206 |. 90 nop
00402207 |. 90 nop
00402208 |. 90 nop
00402209 |. 90 nop
0040220A |. 90 nop
0040220B |. 90 nop
0040220C |. 90 nop
0040220D |. 8D85 4CFFFFFF lea eax, dword ptr ss:[ebp-B4]
00402213 |. 8BCE mov ecx, esi
00402215 |. 50 push eax ; /Arg1
00402216 |. E8 95020000 call 004024B0 ; \dumped_.004024B0
0040221B |. 90 nop
0040221C |. 90 nop
0040221D |. 90 nop
0040221E |. 90 nop
0040221F |. 90 nop
00402220 |. 90 nop
00402221 |. 90 nop
00402222 |. 90 nop
00402223 |. 90 nop
00402224 |. 90 nop
00402225 |. 90 nop
00402226 |. 90 nop
00402227 |. 90 nop
00402228 |. 8BCE mov ecx, esi
0040222A |. E8 41FBFFFF call 00401D70
0040222F |. 90 nop
00402230 |. 90 nop
00402231 |. 90 nop
00402232 |. 90 nop
00402233 |. 90 nop
00402234 |. 90 nop
00402235 |. 90 nop
00402236 |. 90 nop
00402237 |. 90 nop
00402238 |. 90 nop
00402239 |. 90 nop
0040223A |. 90 nop
0040223B |. 90 nop
0040223C |. 8BCE mov ecx, esi
0040223E |. E8 9DFDFFFF call 00401FE0
00402243 |. 84C0 test al, al
00402245 |. 0F84 1C020000 je 00402467
0040224B |. 8BCE mov ecx, esi
0040224D |. E8 3EFDFFFF call 00401F90
00402252 |. 84C0 test al, al
00402254 |. 0F84 0D020000 je 00402467
0040225A |. 90 nop
0040225B |. 90 nop
0040225C |. 90 nop
0040225D |. 90 nop
0040225E |. 90 nop
0040225F |. 90 nop
00402260 |. 90 nop
00402261 |. 90 nop
00402262 |. 90 nop
00402263 |. 90 nop
00402264 |. 90 nop
00402265 |. 90 nop
00402266 |. 90 nop
00402267 |. 8B4D DC mov ecx, dword ptr ss:[ebp-24]
0040226A |. 33D2 xor edx, edx
0040226C |. 83C1 0F add ecx, 0F
0040226F |. C745 D8 09000>mov dword ptr ss:[ebp-28], 9
00402276 |. 8D75 8C lea esi, dword ptr ss:[ebp-74]
00402279 |. 894D DC mov dword ptr ss:[ebp-24], ecx
0040227C |> 8B45 08 /mov eax, dword ptr ss:[ebp+8]
0040227F |. 8B40 F8 |mov eax, dword ptr ds:[eax-8]
00402282 |. 83F8 10 |cmp eax, 10
00402285 |. 7C 05 |jl short 0040228C
00402287 |. B8 10000000 |mov eax, 10
0040228C |> 3BD0 |cmp edx, eax
0040228E |. 0F8D C9000000 |jge 0040235D
00402294 |. 90 |nop
00402295 |. 90 |nop
00402296 |. 90 |nop
00402297 |. 90 |nop
00402298 |. 90 |nop
00402299 |. 90 |nop
0040229A |. 90 |nop
0040229B |. 90 |nop
0040229C |. 90 |nop
0040229D |. 90 |nop
0040229E |. 90 |nop
0040229F |. 90 |nop
004022A0 |. 90 |nop
004022A1 |. 8B4D D0 |mov ecx, dword ptr ss:[ebp-30]
004022A4 |. 0FBE040A |movsx eax, byte ptr ds:[edx+ecx]
004022A8 |. 0FAF46 C0 |imul eax, dword ptr ds:[esi-40]
004022AC |. 0FAFC2 |imul eax, edx
004022AF |. 90 |nop
004022B0 |. 90 |nop
004022B1 |. 90 |nop
004022B2 |. 90 |nop
004022B3 |. 90 |nop
004022B4 |. 90 |nop
004022B5 |. 90 |nop
004022B6 |. 90 |nop
004022B7 |. 90 |nop
004022B8 |. 90 |nop
004022B9 |. 90 |nop
004022BA |. 90 |nop
004022BB |. 90 |nop
004022BC |. 90 |nop
004022BD |. 90 |nop
004022BE |. 90 |nop
004022BF |. 90 |nop
004022C0 |. 90 |nop
004022C1 |. 90 |nop
004022C2 |. 90 |nop
004022C3 |. 90 |nop
004022C4 |. 90 |nop
004022C5 |. 90 |nop
004022C6 |. 90 |nop
004022C7 |. 90 |nop
004022C8 |. 90 |nop
004022C9 |. 90 |nop
004022CA |. 90 |nop
004022CB |. 90 |nop
004022CC |. 90 |nop
004022CD |. 90 |nop
004022CE |. 90 |nop
004022CF |. 90 |nop
004022D0 |. 90 |nop
004022D1 |. 90 |nop
004022D2 |. 90 |nop
004022D3 |. 90 |nop
004022D4 |. 90 |nop
004022D5 |. 90 |nop
004022D6 |. 90 |nop
004022D7 |. 90 |nop
004022D8 |. 90 |nop
004022D9 |. 90 |nop
004022DA |. 90 |nop
004022DB |. 90 |nop
004022DC |. 90 |nop
004022DD |. 90 |nop
004022DE |. 90 |nop
004022DF |. 90 |nop
004022E0 |. 90 |nop
004022E1 |. 90 |nop
004022E2 |. 90 |nop
004022E3 |. 8B4D DC |mov ecx, dword ptr ss:[ebp-24]
004022E6 |. 0FBE09 |movsx ecx, byte ptr ds:[ecx]
004022E9 |. 0FAF0E |imul ecx, dword ptr ds:[esi]
004022EC |. 0FAF4D D8 |imul ecx, dword ptr ss:[ebp-28]
004022F0 |. 90 |nop
004022F1 |. 90 |nop
004022F2 |. 90 |nop
004022F3 |. 90 |nop
004022F4 |. 90 |nop
004022F5 |. 90 |nop
004022F6 |. 90 |nop
004022F7 |. 90 |nop
004022F8 |. 90 |nop
004022F9 |. 90 |nop
004022FA |. 90 |nop
004022FB |. 90 |nop
004022FC |. 90 |nop
004022FD |. 90 |nop
004022FE |. 90 |nop
004022FF |. 90 |nop
00402300 |. 90 |nop
00402301 |. 90 |nop
00402302 |. 90 |nop
00402303 |. 90 |nop
00402304 |. 90 |nop
00402305 |. 90 |nop
00402306 |. 90 |nop
00402307 |. 90 |nop
00402308 |. 90 |nop
00402309 |. 90 |nop
0040230A |. 90 |nop
0040230B |. 90 |nop
0040230C |. 90 |nop
0040230D |. 90 |nop
0040230E |. 90 |nop
0040230F |. 90 |nop
00402310 |. 90 |nop
00402311 |. 90 |nop
00402312 |. 90 |nop
00402313 |. 90 |nop
00402314 |. 90 |nop
00402315 |. 90 |nop
00402316 |. 90 |nop
00402317 |. 8D1CC5 000000>|lea ebx, dword ptr ds:[eax*8]
0040231E |. 8D3C8D 000000>|lea edi, dword ptr ds:[ecx*4]
00402325 |. 2BD8 |sub ebx, eax
00402327 |. 03C0 |add eax, eax
00402329 |. 2BDF |sub ebx, edi
0040232B |. 2BD8 |sub ebx, eax
0040232D |. 03D9 |add ebx, ecx
0040232F |. 8BCB |mov ecx, ebx
00402331 |. 8B5D D4 |mov ebx, dword ptr ss:[ebp-2C]
00402334 |. 03D9 |add ebx, ecx
00402336 |. 895D D4 |mov dword ptr ss:[ebp-2C], ebx
00402339 |. 90 |nop
0040233A |. 90 |nop
0040233B |. 90 |nop
0040233C |. 90 |nop
0040233D |. 90 |nop
0040233E |. 90 |nop
0040233F |. 90 |nop
00402340 |. 90 |nop
00402341 |. 90 |nop
00402342 |. 90 |nop
00402343 |. 90 |nop
00402344 |. 90 |nop
00402345 |. 90 |nop
00402346 |. 8B4D DC |mov ecx, dword ptr ss:[ebp-24]
00402349 |. 8B45 D8 |mov eax, dword ptr ss:[ebp-28]
0040234C |. 42 |inc edx
0040234D |. 83C6 04 |add esi, 4
00402350 |. 49 |dec ecx
00402351 |. 48 |dec eax
00402352 |. 894D DC |mov dword ptr ss:[ebp-24], ecx
00402355 |. 8945 D8 |mov dword ptr ss:[ebp-28], eax
00402358 |.^ E9 1FFFFFFF \jmp 0040227C
0040235D |> 90 nop
0040235E |. 90 nop
0040235F |. 90 nop
00402360 |. 90 nop
00402361 |. 90 nop
00402362 |. 90 nop
00402363 |. 90 nop
00402364 |. 90 nop
00402365 |. 90 nop
00402366 |. 90 nop
00402367 |. 90 nop
00402368 |. 90 nop
00402369 |. 90 nop
0040236A |. 33D2 xor edx, edx
0040236C |. C645 E0 00 mov byte ptr ss:[ebp-20], 0
00402370 |. 8955 E1 mov dword ptr ss:[ebp-1F], edx
00402373 |. 8955 E5 mov dword ptr ss:[ebp-1B], edx
00402376 |. 8955 E9 mov dword ptr ss:[ebp-17], edx
00402379 |. 8955 ED mov dword ptr ss:[ebp-13], edx
0040237C |. 66:8955 F1 mov word ptr ss:[ebp-F], dx
00402380 |. 8855 F3 mov byte ptr ss:[ebp-D], dl
00402383 |. 90 nop
00402384 |. 90 nop
00402385 |. 90 nop
00402386 |. 90 nop
00402387 |. 90 nop
00402388 |. 90 nop
00402389 |. 90 nop
0040238A |. 90 nop
0040238B |. 90 nop
0040238C |. 90 nop
0040238D |. 90 nop
0040238E |. 90 nop
0040238F |. 90 nop
00402390 |. 8BC3 mov eax, ebx
00402392 |. 99 cdq
00402393 |. 33C2 xor eax, edx
00402395 |. 2BC2 sub eax, edx
00402397 |. 50 push eax ; /<%d>
00402398 |. 8D45 E0 lea eax, dword ptr ss:[ebp-20] ; |
0040239B |. 68 087B4000 push 00407B08 ; |%d
004023A0 |. 50 push eax ; |s
004023A1 |. FF15 60524000 call dword ptr ds:[<&msvcrt.sprintf>] ; \sprintf
004023A7 |. 83C4 0C add esp, 0C
004023AA |. 90 nop
004023AB |. 90 nop
004023AC |. 90 nop
004023AD |. 90 nop
004023AE |. 90 nop
004023AF |. 90 nop
004023B0 |. 90 nop
004023B1 |. 90 nop
004023B2 |. 90 nop
004023B3 |. 90 nop
004023B4 |. 90 nop
004023B5 |. 90 nop
004023B6 |. 90 nop
004023B7 |. 8D7D E0 lea edi, dword ptr ss:[ebp-20]
004023BA |. 83C9 FF or ecx, FFFFFFFF
004023BD |. 33C0 xor eax, eax
004023BF |. 33F6 xor esi, esi
004023C1 |. F2:AE repne scas byte ptr es:[edi]
004023C3 |. F7D1 not ecx
004023C5 |. 49 dec ecx
004023C6 |. 85C9 test ecx, ecx
004023C8 |. 7E 3F jle short 00402409
004023CA |> 90 /nop
004023CB |. 90 |nop
004023CC |. 90 |nop
004023CD |. 90 |nop
004023CE |. 90 |nop
004023CF |. 90 |nop
004023D0 |. 90 |nop
004023D1 |. 90 |nop
004023D2 |. 90 |nop
004023D3 |. 90 |nop
004023D4 |. 90 |nop
004023D5 |. 90 |nop
004023D6 |. 90 |nop
004023D7 |. 0FBE4C35 E0 |movsx ecx, byte ptr ss:[ebp+esi-20]
004023DC |. 03D9 |add ebx, ecx
004023DE |. 90 |nop
004023DF |. 90 |nop
004023E0 |. 90 |nop
004023E1 |. 90 |nop
004023E2 |. 90 |nop
004023E3 |. 90 |nop
004023E4 |. 90 |nop
004023E5 |. 90 |nop
004023E6 |. 90 |nop
004023E7 |. 90 |nop
004023E8 |. 90 |nop
004023E9 |. 90 |nop
004023EA |. 90 |nop
004023EB |. 8BC3 |mov eax, ebx
004023ED |. B9 12000000 |mov ecx, 12
004023F2 |. 99 |cdq
004023F3 |. F7F9 |idiv ecx
004023F5 |. 8D7D E0 |lea edi, dword ptr ss:[ebp-20]
004023F8 |. 83C9 FF |or ecx, FFFFFFFF
004023FB |. 33C0 |xor eax, eax
004023FD |. 46 |inc esi
004023FE |. F2:AE |repne scas byte ptr es:[edi]
00402400 |. F7D1 |not ecx
00402402 |. 49 |dec ecx
00402403 |. 3BF1 |cmp esi, ecx
00402405 |. 8BDA |mov ebx, edx
00402407 |.^ 7C C1 \jl short 004023CA
00402409 |> 90 nop
0040240A |. 90 nop
0040240B |. 90 nop
0040240C |. 90 nop
0040240D |. 90 nop
0040240E |. 90 nop
0040240F |. 90 nop
00402410 |. 90 nop
00402411 |. 90 nop
00402412 |. 90 nop
00402413 |. 90 nop
00402414 |. 90 nop
00402415 |. 90 nop
00402416 |. 83FB 11 cmp ebx, 11
00402419 |. 75 3D jnz short 00402458
0040241B |. 90 nop
0040241C |. 90 nop
0040241D |. 90 nop
0040241E |. 90 nop
0040241F |. 90 nop
00402420 |. 90 nop
00402421 |. 90 nop
00402422 |. 90 nop
00402423 |. 90 nop
00402424 |. 90 nop
00402425 |. 90 nop
00402426 |. 90 nop
00402427 |. 90 nop
00402428 |. 8D4D 08 lea ecx, dword ptr ss:[ebp+8]
0040242B |. C645 FC 00 mov byte ptr ss:[ebp-4], 0
0040242F |. E8 F8210000 call <jmp.&mfc42.#800_CString::~CString>
00402434 |. 8D4D 0C lea ecx, dword ptr ss:[ebp+C]
00402437 |. C745 FC FFFFF>mov dword ptr ss:[ebp-4], -1
0040243E |. E8 E9210000 call <jmp.&mfc42.#800_CString::~CString>
00402443 |. 5F pop edi
00402444 |. 5E pop esi
00402445 |. B0 01 mov al, 1
00402447 |. 5B pop ebx
00402448 |. 8B4D F4 mov ecx, dword ptr ss:[ebp-C]
0040244B |. 64:890D 00000>mov dword ptr fs:[0], ecx
00402452 |. 8BE5 mov esp, ebp
00402454 |. 5D pop ebp
00402455 |. C2 0800 retn 8
00402458 |> 90 nop
00402459 |. 90 nop
0040245A |. 90 nop
0040245B |. 90 nop
0040245C |. 90 nop
0040245D |. 90 nop
0040245E |. 90 nop
0040245F |. 90 nop
00402460 |. 90 nop
00402461 |. 90 nop
00402462 |. 90 nop
00402463 |. 90 nop
00402464 |. 90 nop
00402465 |. EB 0D jmp short 00402474
00402467 |> 90 nop
00402468 |. 90 nop
00402469 |. 90 nop
0040246A |. 90 nop
0040246B |. 90 nop
0040246C |. 90 nop
0040246D |. 90 nop
0040246E |. 90 nop
0040246F |. 90 nop
00402470 |. 90 nop
00402471 |. 90 nop
00402472 |. 90 nop
00402473 |. 90 nop
00402474 |> 8D4D 08 lea ecx, dword ptr ss:[ebp+8]
00402477 |. C645 FC 00 mov byte ptr ss:[ebp-4], 0
0040247B |. E8 AC210000 call <jmp.&mfc42.#800_CString::~CString>
00402480 |. 8D4D 0C lea ecx, dword ptr ss:[ebp+C]
00402483 |. C745 FC FFFFF>mov dword ptr ss:[ebp-4], -1
0040248A |. E8 9D210000 call <jmp.&mfc42.#800_CString::~CString>
0040248F |. 8B4D F4 mov ecx, dword ptr ss:[ebp-C]
00402492 |. 5F pop edi
00402493 |. 5E pop esi
00402494 |. 32C0 xor al, al
00402496 |. 5B pop ebx
00402497 |. 64:890D 00000>mov dword ptr fs:[0], ecx
0040249E |. 8BE5 mov esp, ebp
004024A0 |. 5D pop ebp
004024A1 \. C2 0800 retn 8
|
能力值:
![]()
(RANK:990 )
|
-
-
34 楼
不是啥大虾,只是检测一下这个crackme是否符合规定。可惜都看不到到底长什么样
|
能力值:
( LV9,RANK:1140 )
|
-
-
35 楼
还没破?
继续观战中,,,,,,,,,,,,,
|
能力值:
( LV9,RANK:970 )
|
-
-
36 楼
很可惜,在我的机器上跑不起来
提示是否加载驱动后,点,是
就一直长驻内存,连个面都见不上
双核CPU
|
能力值:
( LV2,RANK:10 )
|
-
-
37 楼
老大,把这个CM 的样子贴个上来看看 
|
能力值:
( LV2,RANK:10 )
|
-
-
38 楼
晕,一个比一个BT
压缩包解压时,AVG Anti-Spyware提示: Malware found。。。。。。
运行时也不断的提示。。。
|
能力值:
( LV9,RANK:970 )
|
-
-
39 楼
强烈要求看看它长得漂亮不?
PS:我想这个CM不太符合规格
|
能力值:
( LV2,RANK:10 )
|
-
-
40 楼
现在就是用winrar解压别的文件,也出现提示.
|
能力值:
![]()
(RANK:10 )
|
-
-
41 楼
把驱动卸载了吧!
|
能力值:
![]()
(RANK:500 )
|
-
-
42 楼
我本子双核 WIN2003运行没问题啊
然后我台式机winxp运行也没问题
不懂算法 win2000运行还没问题
|
能力值:
( LV9,RANK:850 )
|
-
-
43 楼
讨厌啦``
运行不了!!
|
能力值:
( LV15,RANK:3306 )
|
-
-
44 楼
好多花花。。。
|
能力值:
( LV9,RANK:210 )
|
-
-
45 楼
大家把实时监控查毒的东东暂时先禁止了,就可能正常运行了
我单位的机器安装的金山2007,运行提示驱动安装失败,我把监控关掉能进入了
可惜水平太菜,应该对付不了这个Cm
注意请使用管理员账户登陆XP!
|
能力值:
![]()
(RANK:300 )
|
-
-
46 楼
我们正在研究这个 crackme 不能运行的原因
有问题的朋友,请大家把 crackme 解压后,关掉防毒软件和所有调试器,使用 explorer 的直接方式,双按 crackme 打开,测试一下,确定是否真的不能加载
|
能力值:
![]()
(RANK:10 )
|
-
-
47 楼
如果哪个共享软件的作者用这种方式让用户注册,会不会被用户群殴呀?算法在系统目录windows/system32/driver32下的驱动文件crackme02.sys中,只得用ring0的来调试了!
|
能力值:
( LV4,RANK:50 )
|
-
-
48 楼
注册码估计应该是16位。
|
能力值:
( LV2,RANK:10 )
|
-
-
49 楼
这个也不一定,riijj Crackme 12 也是类似这样的驱动加密,有的大牛改了PE的一些东东,就可以用OD调试了
|
能力值:
![]()
(RANK:300 )
|
-
-
50 楼
(评审):
由于这个 crackme 的设计兼容性不足
根据比赛 crackme设计原则
「CrackMe 的设计可以应用于实际共享软件环境,并且有合理的运行时间,和容易注册的复杂度,并且有合理的系统兼容性和安全稳定」
判定这个crackme 不完善,扣去总分数的 1 / 3
维护其它参赛队伍的公平
|
|
|
|
