[求助]关于一个网络验证的破解!!-付费问答-看雪-安全社区|安全招聘|kanxue.com

[旧帖] [求助]关于一个网络验证的破解!! 0.00雪花

发表于: 2008-3-14 15:21 4867

[旧帖] [求助]关于一个网络验证的破解!! 0.00雪花

mingren

2008-3-14 15:21

4867

0052FA70  /.  55          push ebp                            ;  (initial cpu selection)
0052FA71  |.  8BEC       mov    ebp, esp
0052FA73  |.  B9 05000000 mov    ecx, 5
0052FA78  |>  6A 00       /push 0
0052FA7A  |.  6A 00       |push 0
0052FA7C  |.  49          |dec    ecx
0052FA7D  |.^ 75 F9       \jnz    short 0052FA78
0052FA7F  |.  53          push ebx
0052FA80  |.  56          push esi
0052FA81  |.  57          push edi
0052FA82  |.  8BD8       mov    ebx, eax
0052FA84  |.  33C0       xor    eax, eax
0052FA86  |.  55          push ebp
0052FA87  |.  68 77FC5200 push 0052FC77
0052FA8C  |.  64:FF30    push dword ptr fs:[eax]
0052FA8F  |.  64:8920    mov    dword ptr fs:[eax], esp
0052FA92  |.  803D F8175600>cmp    byte ptr [5617F8], 0
0052FA99  |.  74 36       je    short 0052FAD1
0052FA9B  |.  6A 05       push 5
0052FA9D  |.  6A 00       push 0
0052FA9F  |.  6A 00       push 0
0052FAA1  |.  8D55 F8    lea    edx, dword ptr [ebp-8]
0052FAA4  |.  A1 F4CE5500 mov    eax, dword ptr [55CEF4]
0052FAA9  |.  8B00       mov    eax, dword ptr [eax]
0052FAAB  |.  E8 FC70F6FF call 00496BAC
0052FAB0  |.  8B45 F8    mov    eax, dword ptr [ebp-8]
0052FAB3  |.  E8 5853EDFF call 00404E10
0052FAB8  |.  50          push eax                            ; |FileName
0052FAB9  |.  68 88FC5200 push 0052FC88                      ; |open
0052FABE  |.  6A 00       push 0                               ; |hWnd = NULL
0052FAC0  |.  E8 9385F0FF call <jmp.&shell32.ShellExecuteA>    ; \ShellExecuteA
0052FAC5  |.  A1 F0CC5500 mov    eax, dword ptr [55CCF0]
0052FACA  |.  8B00       mov    eax, dword ptr [eax]
0052FACC  |.  E8 8332F6FF call 00492D54
0052FAD1  |>  8D55 F0    lea    edx, dword ptr [ebp-10]
0052FAD4  |.  8BB3 F8020000 mov    esi, dword ptr [ebx+2F8]
0052FADA  |.  8BC6       mov    eax, esi
0052FADC  |.  E8 3B5FF4FF call 00475A1C
0052FAE1  |.  8B45 F0    mov    eax, dword ptr [ebp-10]
0052FAE4  |.  8D55 F4    lea    edx, dword ptr [ebp-C]
0052FAE7  |.  E8 9898EDFF call 00409384
0052FAEC  |.  8B55 F4    mov    edx, dword ptr [ebp-C]
0052FAEF  |.  8BC6       mov    eax, esi
0052FAF1  |.  E8 565FF4FF call 00475A4C
0052FAF6  |.  8D55 EC    lea    edx, dword ptr [ebp-14]
0052FAF9  |.  8B83 F8020000 mov    eax, dword ptr [ebx+2F8]
0052FAFF  |.  E8 185FF4FF call 00475A1C
0052FB04  |.  8B45 EC    mov    eax, dword ptr [ebp-14]
0052FB07  |.  E8 0451EDFF call 00404C10
0052FB0C  |.  83F8 08    cmp    eax, 8
0052FB0F    75 1B       jnz    short 0052FB2C
0052FB11  |.  8D55 E8    lea    edx, dword ptr [ebp-18]
0052FB14  |.  8B83 28030000 mov    eax, dword ptr [ebx+328]
0052FB1A  |.  E8 FD5EF4FF call 00475A1C
0052FB1F  |.  8B45 E8    mov    eax, dword ptr [ebp-18]
0052FB22  |.  E8 E950EDFF call 00404C10
0052FB27  |.  83F8 08    cmp    eax, 8                      //用户名长度不能小于8
0052FB2A    74 0F       je    short 0052FB3B                ;  (initial cpu selection)
0052FB2C  |>  B8 98FC5200 mov    eax, 0052FC98                   ;  长度错误！\n请重新输入
0052FB31  |.  E8 56BEF0FF call 0043B98C
0052FB36  |.  E9 FA000000 jmp    0052FC35
0052FB3B  |>  BA B8FC5200 mov    edx, 0052FCB8                   ;  正在连接服务器，请稍候...
0052FB40  |.  8B83 18030000 mov    eax, dword ptr [ebx+318]
0052FB46  |.  E8 015FF4FF call 00475A4C
0052FB4B  |.  8D55 E0    lea    edx, dword ptr [ebp-20]
0052FB4E  |.  A1 F0CC5500 mov    eax, dword ptr [55CCF0]
0052FB53  |.  8B00       mov    eax, dword ptr [eax]
0052FB55  |.  8B80 14050000 mov    eax, dword ptr [eax+514]       ;  (initial cpu selection)
0052FB5B  |.  E8 2498EDFF call 00409384
0052FB60  |.  FF75 E0    push dword ptr [ebp-20]
0052FB63  |.  8D55 DC    lea    edx, dword ptr [ebp-24]
0052FB66  |.  8B83 F8020000 mov    eax, dword ptr [ebx+2F8]
0052FB6C  |.  E8 AB5EF4FF call 00475A1C
0052FB71  |.  FF75 DC    push dword ptr [ebp-24]             ;  (initial cpu selection)
0052FB74  |.  8D55 D8    lea    edx, dword ptr [ebp-28]
0052FB77  |.  8B83 28030000 mov    eax, dword ptr [ebx+328]
0052FB7D  |.  E8 9A5EF4FF call 00475A1C
0052FB82  |.  FF75 D8    push dword ptr [ebp-28]
0052FB85  |.  8D45 E4    lea    eax, dword ptr [ebp-1C]
0052FB88  |.  BA 03000000 mov    edx, 3
0052FB8D  |.  E8 3E51EDFF call 00404CD0
0052FB92  |.  8B45 E4    mov    eax, dword ptr [ebp-1C]
0052FB95  |.  8D55 FC    lea    edx, dword ptr [ebp-4]
0052FB98  |.  E8 7795EDFF call 00409114
0052FB9D  |.  8B45 FC    mov    eax, dword ptr [ebp-4]
0052FBA0  |.  E8 6B50EDFF call 00404C10
0052FBA5  |.  8BF0       mov    esi, eax
0052FBA7  |.  85F6       test esi, esi
0052FBA9  |.  7E 1A       jle    short 0052FBC5    //下面的循环应该计算密码验证的!!
0052FBAB  |.  BF 01000000 mov    edi, 1
0052FBB0  |>  8D45 FC    /lea    eax, dword ptr [ebp-4]
0052FBB3  |.  E8 B052EDFF |call 00404E68
0052FBB8  |.  8D4438 FF    |lea    eax, dword ptr [eax+edi-1]
0052FBBC  |.  E8 27FBFFFF |call 0052F6E8
0052FBC1  |.  47          |inc    edi
0052FBC2  |.  4E          |dec    esi
0052FBC3  |.^ 75 EB       \jnz    short 0052FBB0  //往上跳!
0052FBC5  |>  8B55 FC    mov    edx, dword ptr [ebp-4]
0052FBC8  |.  8B83 0C030000 mov    eax, dword ptr [ebx+30C]
0052FBCE  |.  E8 795EF4FF call 00475A4C
0052FBD3  |.  B2 01       mov    dl, 1
0052FBD5  |.  8B83 1C030000 mov    eax, dword ptr [ebx+31C]
0052FBDB  |.  E8 5C5DF4FF call 0047593C
0052FBE0  |.  B2 01       mov    dl, 1
0052FBE2  |.  8B83 20030000 mov    eax, dword ptr [ebx+320]
0052FBE8  |.  E8 4F5DF4FF call 0047593C
0052FBED  |.  6B05 FC175600>imul eax, dword ptr [5617FC], 0D
0052FBF4  |.  A3 FC175600 mov    dword ptr [5617FC], eax
0052FBF9  |.  813D FC175600>cmp    dword ptr [5617FC], 0BB8
0052FC03    7D 0D       jge    short 0052FC12
0052FC05  |.  8B83 08030000 mov    eax, dword ptr [ebx+308]
0052FC0B  |.  E8 04E2FFFF call 0052DE14
0052FC10  |.  EB 0A       jmp    short 0052FC1C
0052FC12  |>  C705 FC175600>mov    dword ptr [5617FC], 0BB8
0052FC1C  |>  813D FC175600>cmp    dword ptr [5617FC], 7D0
0052FC26    7E 0D       jle    short 0052FC35
0052FC28  |.  33D2       xor    edx, edx
0052FC2A  |.  8B83 04030000 mov    eax, dword ptr [ebx+304]
0052FC30  |.  8B08       mov    ecx, dword ptr [eax]
0052FC32  |.  FF51 64    call dword ptr [ecx+64]
0052FC35  |>  33C0       xor    eax, eax
0052FC37  |.  5A          pop    edx
0052FC38  |.  59          pop    ecx
0052FC39  |.  59          pop    ecx
0052FC3A  |.  64:8910    mov    dword ptr fs:[eax], edx
0052FC3D  |.  68 7EFC5200 push 0052FC7E
0052FC42  |>  8D45 D8    lea    eax, dword ptr [ebp-28]
0052FC45  |.  BA 02000000 mov    edx, 2
0052FC4A  |.  E8 254DEDFF call 00404974
0052FC4F  |.  8D45 E0    lea    eax, dword ptr [ebp-20]
0052FC52  |.  BA 02000000 mov    edx, 2
0052FC57  |.  E8 184DEDFF call 00404974
0052FC5C  |.  8D45 E8    lea    eax, dword ptr [ebp-18]
0052FC5F  |.  BA 03000000 mov    edx, 3
0052FC64  |.  E8 0B4DEDFF call 00404974
0052FC69  |.  8D45 F4    lea    eax, dword ptr [ebp-C]
0052FC6C  |.  BA 03000000 mov    edx, 3
0052FC71  |.  E8 FE4CEDFF call 00404974
0052FC76  \.  C3          retn
0052FC77 .^ E9 7445EDFF jmp    004041F0
0052FC7C .^ EB C4       jmp    short 0052FC42
0052FC7E .  5F          pop    edi
0052FC7F .  5E          pop    esi
0052FC80 .  5B          pop    ebx
0052FC81 .  8BE5       mov    esp, ebp
0052FC83 .  5D          pop    ebp
0052FC84 .  C3          retn

[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入！

收藏・0

免费・0

支持