这段程序使用Borland C++ 1999 写的一个注册信息的一个“确定”按钮的过程(图片在下面)。
我想给爆破了,可惜功力有限。那位高手帮助一下呢?谢谢!
00403FBC 55 push ebp
00403FBD 8BEC mov ebp, esp
00403FBF 83C4B8 add esp, -$48
00403FC2 53 push ebx
00403FC3 56 push esi
00403FC4 57 push edi
00403FC5 8BD8 mov ebx, eax
00403FC7 BE97864D00 mov esi, $004D8697
00403FCC 8D7DCC lea edi, [ebp-$34]
00403FCF B8C8894D00 mov eax, $004D89C8
* Reference to : TAggregatedObject._PROC_004C89BC()
|
00403FD4 E8E3490C00 call 004C89BC
00403FD9 66C747101400 mov word ptr [edi+$10], $0014
00403FDF 33D2 xor edx, edx
00403FE1 8955FC mov [ebp-$04], edx
00403FE4 8D55FC lea edx, [ebp-$04]
00403FE7 FF471C inc dword ptr [edi+$1C]
* Reference to control Edit_Mail : TEdit
|
00403FEA 8B8324050000 mov eax, [ebx+$0524]
|
00403FF0 E8E7BC0600 call 0046FCDC
00403FF5 66C747100800 mov word ptr [edi+$10], $0008
00403FFB 66C747102000 mov word ptr [edi+$10], $0020
00404001 33C9 xor ecx, ecx
00404003 894DF8 mov [ebp-$08], ecx
00404006 8D55F8 lea edx, [ebp-$08]
00404009 FF471C inc dword ptr [edi+$1C]
* Reference to control Edit2 : TEdit
|
0040400C 8B831C050000 mov eax, [ebx+$051C]
|
00404012 E8C5BC0600 call 0046FCDC
00404017 66C747100800 mov word ptr [edi+$10], $0008
0040401D 837DFC00 cmp dword ptr [ebp-$04], +$00
00404021 8D4DB8 lea ecx, [ebp-$48]
00404024 7405 jz 0040402B
00404026 8B55FC mov edx, [ebp-$04]
00404029 EB03 jmp 0040402E
0040402B 8D561C lea edx, [esi+$1C]
0040402E 8BC3 mov eax, ebx
|
00404030 E8D7050000 call 0040460C
00404035 837DF800 cmp dword ptr [ebp-$08], +$00
00404039 7405 jz 00404040
0040403B 8B55F8 mov edx, [ebp-$08]
0040403E EB03 jmp 00404043
00404040 8D561D lea edx, [esi+$1D]
00404043 8BC3 mov eax, ebx
|
00404045 E842080000 call 0040488C
0040404A 84C0 test al, al
0040404C 7576 jnz 004040C4
0040404E 66C747102C00 mov word ptr [edi+$10], $002C
00404054 8D561E lea edx, [esi+$1E]
00404057 8D45F4 lea eax, [ebp-$0C]
|
0040405A E8210B0D00 call 004D4B80
0040405F FF471C inc dword ptr [edi+$1C]
00404062 8B10 mov edx, [eax]
* Reference to control Edit3 : TEdit
|
00404064 8B832C050000 mov eax, [ebx+$052C]
|
0040406A E89DBC0600 call 0046FD0C
0040406F FF4F1C dec dword ptr [edi+$1C]
00404072 8D45F4 lea eax, [ebp-$0C]
00404075 BA02000000 mov edx, $00000002
|
0040407A E8610C0D00 call 004D4CE0
0040407F 6A10 push $10
00404081 8D4E69 lea ecx, [esi+$69]
00404084 51 push ecx
00404085 8D462C lea eax, [esi+$2C]
00404088 50 push eax
00404089 8BC3 mov eax, ebx
|
0040408B E860230700 call 004763F0
00404090 50 push eax
|
00404091 E8621E0D00 call 004D5EF8
00404096 FF4F1C dec dword ptr [edi+$1C]
00404099 8D45F8 lea eax, [ebp-$08]
0040409C BA02000000 mov edx, $00000002
|
004040A1 E83A0C0D00 call 004D4CE0
004040A6 FF4F1C dec dword ptr [edi+$1C]
004040A9 8D45FC lea eax, [ebp-$04]
004040AC BA02000000 mov edx, $00000002
|
004040B1 E82A0C0D00 call 004D4CE0
004040B6 8B0F mov ecx, [edi]
004040B8 64890D00000000 mov fs:[$00000000], ecx
004040BF E9BD000000 jmp 00404181
004040C4 837DF800 cmp dword ptr [ebp-$08], +$00
004040C8 7405 jz 004040CF
004040CA 8B4DF8 mov ecx, [ebp-$08]
004040CD EB03 jmp 004040D2
004040CF 8D4E70 lea ecx, [esi+$70]
004040D2 837DFC00 cmp dword ptr [ebp-$04], +$00
004040D6 7405 jz 004040DD
004040D8 8B55FC mov edx, [ebp-$04]
004040DB EB03 jmp 004040E0
004040DD 8D566F lea edx, [esi+$6F]
004040E0 8BC3 mov eax, ebx
|
004040E2 E8E9050000 call 004046D0
004040E7 66C747103800 mov word ptr [edi+$10], $0038
004040ED 8D5671 lea edx, [esi+$71]
004040F0 8D45F0 lea eax, [ebp-$10]
|
004040F3 E8880A0D00 call 004D4B80
004040F8 FF471C inc dword ptr [edi+$1C]
004040FB 8B10 mov edx, [eax]
* Reference to control Edit3 : TEdit
|
004040FD 8B832C050000 mov eax, [ebx+$052C]
|
00404103 E804BC0600 call 0046FD0C
00404108 FF4F1C dec dword ptr [edi+$1C]
0040410B 8D45F0 lea eax, [ebp-$10]
0040410E BA02000000 mov edx, $00000002
|
00404113 E8C80B0D00 call 004D4CE0
00404118 8D8EEB000000 lea ecx, [esi+$00EB]
0040411E 6A40 push $40
00404120 51 push ecx
00404121 8D8684000000 lea eax, [esi+$0084]
00404127 50 push eax
00404128 8BC3 mov eax, ebx
0040412A C70558974D0010270000 mov dword ptr [$004D9758], $00002710
|
00404134 E8B7220700 call 004763F0
00404139 50 push eax
|
0040413A E8B91D0D00 call 004D5EF8
0040413F 6A00 push $00
00404141 6860F00000 push $0000F060
00404146 6812010000 push $00000112
0040414B 8BC3 mov eax, ebx
|
0040414D E89E220700 call 004763F0
00404152 50 push eax
|
00404153 E8181E0D00 call 004D5F70
00404158 FF4F1C dec dword ptr [edi+$1C]
0040415B 8D45F8 lea eax, [ebp-$08]
0040415E BA02000000 mov edx, $00000002
|
00404163 E8780B0D00 call 004D4CE0
00404168 FF4F1C dec dword ptr [edi+$1C]
0040416B 8D45FC lea eax, [ebp-$04]
0040416E BA02000000 mov edx, $00000002
|
00404173 E8680B0D00 call 004D4CE0
00404178 8B0F mov ecx, [edi]
0040417A 64890D00000000 mov fs:[$00000000], ecx
00404181 5F pop edi
00404182 5E pop esi
00404183 5B pop ebx
00404184 8BE5 mov esp, ebp
00404186 5D pop ebp
00404187 C3 ret
[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法
上传的附件: