-
-
[旧帖] [求助]一个软件的DLL文件加密打开不知道怎么作了, 0.00雪花
-
发表于: 2007-10-10 20:40
-
各位高手帮帮忙,我这按一些教程上说的作到这里了,下面这是加密文件DLL中打开的东西,也就是加密所在,但看不懂了,请帮帮忙
00410149 |> /833D 50004200>/cmp dword ptr [420050], 0
00410150 |. |0F84 EC000000 |je 00410242
00410156 |. |8925 24014200 |mov dword ptr [420124], esp
0041015C |. |8925 28014200 |mov dword ptr [420128], esp
00410162 |. |6A 00 |push 0
00410164 |. |6A 00 |push 0
00410166 |. |6A 00 |push 0
00410168 |. |6A 00 |push 0
0041016A |. |6A 00 |push 0
0041016C |. |6A 00 |push 0
0041016E |. |6A 00 |push 0
00410170 |. |6A 00 |push 0
00410172 |. |6A 00 |push 0
00410174 |. |6A 00 |push 0
00410176 |. |6A 00 |push 0
00410178 |. |6A 00 |push 0
0041017A |. |6A 00 |push 0
0041017C |. |6A 00 |push 0
0041017E |. |6A 00 |push 0
00410180 |. |6A 00 |push 0
00410182 |. |8B0D 6C004200 |mov ecx, dword ptr [42006C]
00410188 |. |E3 20 |jecxz short 004101AA
0041018A |. |83F9 0A |cmp ecx, 0A
0041018D |. |76 0F |jbe short 0041019E
0041018F |. |C705 20004200>|mov dword ptr [420020], 0042017D ; ASCII "Too many parameters"
00410199 |. |E9 EE000000 |jmp 0041028C
0041019E |> |B8 70004200 |mov eax, 00420070
004101A3 |> |FF30 |/push dword ptr [eax]
004101A5 |. |83C0 04 ||add eax, 4
004101A8 |.^|E2 F9 |\loopd short 004101A3
004101AA |> |8925 2C014200 |mov dword ptr [42012C], esp
004101B0 |. |A1 54004200 |mov eax, dword ptr [420054]
004101B5 |. |8B0D 58004200 |mov ecx, dword ptr [420058]
004101BB |. |8B15 5C004200 |mov edx, dword ptr [42005C]
004101C1 |. |8B1D 60004200 |mov ebx, dword ptr [420060]
004101C7 |. |8B35 64004200 |mov esi, dword ptr [420064]
004101CD |. |8B3D 68004200 |mov edi, dword ptr [420068]
004101D3 >|$ |90 |nop
004101D4 |. |90 |nop
004101D5 |. |90 |nop
004101D6 |. |90 |nop
004101D7 |. |90 |nop
004101D8 |. |90 |nop
004101D9 |. |90 |nop
004101DA |. |90 |nop
004101DB |. |90 |nop
004101DC |. |90 |nop
004101DD |. |90 |nop
004101DE |. |90 |nop
004101DF |. |90 |nop
004101E0 |. |90 |nop
004101E1 |. |90 |nop
004101E2 |. |90 |nop
004101E3 >|$ |FF15 50004200 |call dword ptr [420050]
004101E9 |. |90 |nop
004101EA |. |90 |nop
004101EB |. |90 |nop
004101EC |. |90 |nop
004101ED |. |90 |nop
004101EE |. |90 |nop
004101EF |. |90 |nop
004101F0 |. |90 |nop
004101F1 |. |90 |nop
004101F2 |. |90 |nop
004101F3 |. |90 |nop
004101F4 |. |90 |nop
004101F5 |. |90 |nop
004101F6 |. |90 |nop
004101F7 |. |90 |nop
004101F8 |. |90 |nop
004101F9 |. |A3 54004200 |mov dword ptr [420054], eax
004101FE |. |890D 58004200 |mov dword ptr [420058], ecx
00410204 |. |8915 5C004200 |mov dword ptr [42005C], edx
0041020A |. |891D 60004200 |mov dword ptr [420060], ebx
00410210 |. |8935 64004200 |mov dword ptr [420064], esi
00410216 |. |893D 68004200 |mov dword ptr [420068], edi
0041021C |. |8BC4 |mov eax, esp
0041021E |. |2B05 2C014200 |sub eax, dword ptr [42012C]
00410224 |. |A3 98004200 |mov dword ptr [420098], eax
00410229 |. |8B2D 28014200 |mov ebp, dword ptr [420128]
0041022F |. |8B25 24014200 |mov esp, dword ptr [420124]
00410235 |. |C705 50004200>|mov dword ptr [420050], 0
0041023F |. |90 |nop
00410240 >|$ |CC |int3
00410241 |. |90 |nop
00410242 |> |6A 00 |push 0 ; /Timeout = 0. ms
00410244 |. |E8 4F080000 |call <jmp.&KERNEL32.Sleep> ; \Sleep
00410249 |. |6A 01 |push 1 ; /RemoveMsg = PM_REMOVE
0041024B |. |6A 00 |push 0 ; |MsgFilterMax = WM_NULL
0041024D |. |6A 00 |push 0 ; |MsgFilterMin = WM_NULL
0041024F |. |6A 00 |push 0 ; |hWnd = NULL
00410251 |. |68 C8004200 |push 004200C8 ; |pMsg = LOADDLL.004200C8
00410256 |. |E8 8B080000 |call <jmp.&USER32.PeekMessageA> ; \PeekMessageA
0041025B |. |0BC0 |or eax, eax
0041025D |.^ 0F84 E6FEFFFF |je 00410149
00410263 |. |68 C8004200 |push 004200C8 ; /pMsg = WM_TIMER hw = 1C0340 ("M") ID = 1 Callback = 0
00410268 |. |E8 91080000 |call <jmp.&USER32.TranslateMessage> ; \TranslateMessage
0041026D |. |68 C8004200 |push 004200C8 ; /pMsg = WM_TIMER hw = 1C0340 ("M") ID = 1 Callback = 0
00410272 |. |E8 51080000 |call <jmp.&USER32.DispatchMessageA> ; \DispatchMessageA
00410277 |. |A1 CC004200 |mov eax, dword ptr [4200CC]
0041027C |. |83F8 12 |cmp eax, 12
0041027F |.^\0F85 C4FEFFFF \jnz 00410149
00410149 |> /833D 50004200>/cmp dword ptr [420050], 0
00410150 |. |0F84 EC000000 |je 00410242
00410156 |. |8925 24014200 |mov dword ptr [420124], esp
0041015C |. |8925 28014200 |mov dword ptr [420128], esp
00410162 |. |6A 00 |push 0
00410164 |. |6A 00 |push 0
00410166 |. |6A 00 |push 0
00410168 |. |6A 00 |push 0
0041016A |. |6A 00 |push 0
0041016C |. |6A 00 |push 0
0041016E |. |6A 00 |push 0
00410170 |. |6A 00 |push 0
00410172 |. |6A 00 |push 0
00410174 |. |6A 00 |push 0
00410176 |. |6A 00 |push 0
00410178 |. |6A 00 |push 0
0041017A |. |6A 00 |push 0
0041017C |. |6A 00 |push 0
0041017E |. |6A 00 |push 0
00410180 |. |6A 00 |push 0
00410182 |. |8B0D 6C004200 |mov ecx, dword ptr [42006C]
00410188 |. |E3 20 |jecxz short 004101AA
0041018A |. |83F9 0A |cmp ecx, 0A
0041018D |. |76 0F |jbe short 0041019E
0041018F |. |C705 20004200>|mov dword ptr [420020], 0042017D ; ASCII "Too many parameters"
00410199 |. |E9 EE000000 |jmp 0041028C
0041019E |> |B8 70004200 |mov eax, 00420070
004101A3 |> |FF30 |/push dword ptr [eax]
004101A5 |. |83C0 04 ||add eax, 4
004101A8 |.^|E2 F9 |\loopd short 004101A3
004101AA |> |8925 2C014200 |mov dword ptr [42012C], esp
004101B0 |. |A1 54004200 |mov eax, dword ptr [420054]
004101B5 |. |8B0D 58004200 |mov ecx, dword ptr [420058]
004101BB |. |8B15 5C004200 |mov edx, dword ptr [42005C]
004101C1 |. |8B1D 60004200 |mov ebx, dword ptr [420060]
004101C7 |. |8B35 64004200 |mov esi, dword ptr [420064]
004101CD |. |8B3D 68004200 |mov edi, dword ptr [420068]
004101D3 >|$ |90 |nop
004101D4 |. |90 |nop
004101D5 |. |90 |nop
004101D6 |. |90 |nop
004101D7 |. |90 |nop
004101D8 |. |90 |nop
004101D9 |. |90 |nop
004101DA |. |90 |nop
004101DB |. |90 |nop
004101DC |. |90 |nop
004101DD |. |90 |nop
004101DE |. |90 |nop
004101DF |. |90 |nop
004101E0 |. |90 |nop
004101E1 |. |90 |nop
004101E2 |. |90 |nop
004101E3 >|$ |FF15 50004200 |call dword ptr [420050]
004101E9 |. |90 |nop
004101EA |. |90 |nop
004101EB |. |90 |nop
004101EC |. |90 |nop
004101ED |. |90 |nop
004101EE |. |90 |nop
004101EF |. |90 |nop
004101F0 |. |90 |nop
004101F1 |. |90 |nop
004101F2 |. |90 |nop
004101F3 |. |90 |nop
004101F4 |. |90 |nop
004101F5 |. |90 |nop
004101F6 |. |90 |nop
004101F7 |. |90 |nop
004101F8 |. |90 |nop
004101F9 |. |A3 54004200 |mov dword ptr [420054], eax
004101FE |. |890D 58004200 |mov dword ptr [420058], ecx
00410204 |. |8915 5C004200 |mov dword ptr [42005C], edx
0041020A |. |891D 60004200 |mov dword ptr [420060], ebx
00410210 |. |8935 64004200 |mov dword ptr [420064], esi
00410216 |. |893D 68004200 |mov dword ptr [420068], edi
0041021C |. |8BC4 |mov eax, esp
0041021E |. |2B05 2C014200 |sub eax, dword ptr [42012C]
00410224 |. |A3 98004200 |mov dword ptr [420098], eax
00410229 |. |8B2D 28014200 |mov ebp, dword ptr [420128]
0041022F |. |8B25 24014200 |mov esp, dword ptr [420124]
00410235 |. |C705 50004200>|mov dword ptr [420050], 0
0041023F |. |90 |nop
00410240 >|$ |CC |int3
00410241 |. |90 |nop
00410242 |> |6A 00 |push 0 ; /Timeout = 0. ms
00410244 |. |E8 4F080000 |call <jmp.&KERNEL32.Sleep> ; \Sleep
00410249 |. |6A 01 |push 1 ; /RemoveMsg = PM_REMOVE
0041024B |. |6A 00 |push 0 ; |MsgFilterMax = WM_NULL
0041024D |. |6A 00 |push 0 ; |MsgFilterMin = WM_NULL
0041024F |. |6A 00 |push 0 ; |hWnd = NULL
00410251 |. |68 C8004200 |push 004200C8 ; |pMsg = LOADDLL.004200C8
00410256 |. |E8 8B080000 |call <jmp.&USER32.PeekMessageA> ; \PeekMessageA
0041025B |. |0BC0 |or eax, eax
0041025D |.^ 0F84 E6FEFFFF |je 00410149
00410263 |. |68 C8004200 |push 004200C8 ; /pMsg = WM_TIMER hw = 1C0340 ("M") ID = 1 Callback = 0
00410268 |. |E8 91080000 |call <jmp.&USER32.TranslateMessage> ; \TranslateMessage
0041026D |. |68 C8004200 |push 004200C8 ; /pMsg = WM_TIMER hw = 1C0340 ("M") ID = 1 Callback = 0
00410272 |. |E8 51080000 |call <jmp.&USER32.DispatchMessageA> ; \DispatchMessageA
00410277 |. |A1 CC004200 |mov eax, dword ptr [4200CC]
0041027C |. |83F8 12 |cmp eax, 12
0041027F |.^\0F85 C4FEFFFF \jnz 00410149
