爆破点应该在那里？-软件逆向-看雪-安全社区|安全招聘|kanxue.com

爆破点应该在那里？

2004-11-16 19:59 3611

爆破点应该在那里？

星空天地

2004-11-16 19:59

3611

::004243FD::  C785 CCFEFFFF 3C2A4200 MOV DWORD PTR [EBP-134],422A3C             \->: 此处输入注册码
::00424407::  89B5 C4FEFFFF          MOV DWORD PTR [EBP-13C],ESI
::0042440D::  FFD3                   CALL EBX
::0042440F::  8D95 D4FEFFFF          LEA EDX,DWORD PTR [EBP-12C]
::00424415::  8D8D 54FFFFFF          LEA ECX,DWORD PTR [EBP-AC]
::0042441B::  C785 DCFEFFFF 302A4200 MOV DWORD PTR [EBP-124],422A30             \->: 注册
::00424425::  89B5 D4FEFFFF          MOV DWORD PTR [EBP-12C],ESI
::0042442B::  FFD3                   CALL EBX
::0042442D::  8D95 E4FEFFFF          LEA EDX,DWORD PTR [EBP-11C]
::00424433::  8D8D 64FFFFFF          LEA ECX,DWORD PTR [EBP-9C]
::00424439::  C785 ECFEFFFF 182A4200 MOV DWORD PTR [EBP-114],422A18             \->: 请输入正确的注册码
::00424439::  C785 ECFEFFFF 182A4200 MOV DWORD PTR [EBP-114],422A18             \->: 请输入正确的注册码
::00424443::  89B5 E4FEFFFF          MOV DWORD PTR [EBP-11C],ESI
::00424449::  FFD3                   CALL EBX
::0042444B::  8D85 04FFFFFF          LEA EAX,DWORD PTR [EBP-FC]
::00424451::  8D8D 14FFFFFF          LEA ECX,DWORD PTR [EBP-EC]
::00424457::  50                      PUSH EAX
::00424458::  8D95 24FFFFFF          LEA EDX,DWORD PTR [EBP-DC]
::0042445E::  51                      PUSH ECX
::0042445F::  8D85 34FFFFFF          LEA EAX,DWORD PTR [EBP-CC]
::00424465::  52                      PUSH EDX
::00424466::  8D8D 44FFFFFF          LEA ECX,DWORD PTR [EBP-BC]
::0042446C::  50                      PUSH EAX
::0042446D::  8D95 54FFFFFF          LEA EDX,DWORD PTR [EBP-AC]
::00424473::  51                      PUSH ECX
::00424474::  8D85 64FFFFFF          LEA EAX,DWORD PTR [EBP-9C]
::0042447A::  52                      PUSH EDX
::0042447B::  50                      PUSH EAX
::0042447C::  FF15 3C104000          CALL DWORD PTR [40103C]                   >>>: MSVBVM60.DLL:MSVBVM60:NoName0002
::00424482::  8985 FCFEFFFF          MOV DWORD PTR [EBP-104],EAX
::00424488::  89B5 F4FEFFFF          MOV DWORD PTR [EBP-10C],ESI
::0042448E::  8B35 08104000          MOV ESI,DWORD PTR [401008]
::00424494::  8D95 F4FEFFFF          LEA EDX,DWORD PTR [EBP-10C]
::0042449A::  8D4D 8C                LEA ECX,DWORD PTR [EBP-74]
::0042449D::  FFD6                   CALL ESI
::0042449F::  8D8D 04FFFFFF          LEA ECX,DWORD PTR [EBP-FC]
::004244A5::  8D95 14FFFFFF          LEA EDX,DWORD PTR [EBP-EC]
::004244AB::  51                      PUSH ECX
::004244AC::  8D85 24FFFFFF          LEA EAX,DWORD PTR [EBP-DC]
::004244B2::  52                      PUSH EDX
::004244B3::  8D8D 34FFFFFF          LEA ECX,DWORD PTR [EBP-CC]
::004244B9::  50                      PUSH EAX
::004244BA::  8D95 44FFFFFF          LEA EDX,DWORD PTR [EBP-BC]
::004244C0::  51                      PUSH ECX
::004244C1::  8D85 54FFFFFF          LEA EAX,DWORD PTR [EBP-AC]
::004244C7::  52                      PUSH EDX
::004244C8::  8D8D 64FFFFFF          LEA ECX,DWORD PTR [EBP-9C]
::004244CE::  50                      PUSH EAX
::004244CF::  51                      PUSH ECX
::004244D0::  6A 07                   PUSH 7
::004244D2::  FF15 10104000          CALL DWORD PTR [401010]                   >>>: MSVBVM60.DLL:__vbaFreeVarList
::004244D8::  83C4 20                ADD ESP,20
::004244DB::  8D55 8C                LEA EDX,DWORD PTR [EBP-74]
::004244DE::  8D85 64FFFFFF          LEA EAX,DWORD PTR [EBP-9C]
::004244E4::  52                   PUSH EDX
::004244E5::  50                      PUSH EAX
::004244E6::  FF15 28104000          CALL DWORD PTR [401028]                   >>>: MSVBVM60.DLL:__vbaLenVar
::004244EC::  8BD0                   MOV EDX,EAX
::004244EE::  8D4D CC                LEA ECX,DWORD PTR [EBP-34]
::004244F1::  FFD6                   CALL ESI
::004244F3::  8D4D CC                LEA ECX,DWORD PTR [EBP-34]
::004244F6::  8D95 E4FEFFFF          LEA EDX,DWORD PTR [EBP-11C]
::004244FC::  51                      PUSH ECX
::004244FD::  52                      PUSH EDX
::004244FE::  C785 ECFEFFFF 19000000 MOV DWORD PTR [EBP-114],19
::00424508::  C785 E4FEFFFF 02800000 MOV DWORD PTR [EBP-11C],8002
::00424512::  FF15 98104000          CALL DWORD PTR [401098]                   >>>: MSVBVM60.DLL:__vbaVarTstNe
::00424518::  66:85C0                TEST AX,AX 比较
::0042451B::  0F84 C6000000          JE 004245E7 不正确就跳                      \:JMPDOWN
::00424521::  B9 04000280             MOV ECX,80020004
::00424526::  B8 0A000000             MOV EAX,A
::0042452B::  898D 3CFFFFFF          MOV DWORD PTR [EBP-C4],ECX
::00424531::  898D 4CFFFFFF          MOV DWORD PTR [EBP-B4],ECX
::00424537::  8D95 D4FEFFFF          LEA EDX,DWORD PTR [EBP-12C]
::0042453D::  8D8D 54FFFFFF          LEA ECX,DWORD PTR [EBP-AC]
::00424543::  8985 34FFFFFF          MOV DWORD PTR [EBP-CC],EAX
::00424549::  8985 44FFFFFF          MOV DWORD PTR [EBP-BC],EAX
::0042454F::  C785 DCFEFFFF 642A4200 MOV DWORD PTR [EBP-124],422A64             \->: 注册不成功
::00424559::  C785 D4FEFFFF 08000000 MOV DWORD PTR [EBP-12C],8
::00424563::  FFD3                   CALL EBX
::00424565::  8D95 E4FEFFFF          LEA EDX,DWORD PTR [EBP-11C]
::0042456B::  8D8D 64FFFFFF          LEA ECX,DWORD PTR [EBP-9C]
::00424571::  C785 ECFEFFFF 502A4200 MOV DWORD PTR [EBP-114],422A50             \->: 注册码不正确
::0042457B::  C785 E4FEFFFF 08000000 MOV DWORD PTR [EBP-11C],8
::00424585::  FFD3                   CALL EBX
::00424587::  8D85 34FFFFFF          LEA EAX,DWORD PTR [EBP-CC]
::0042458D::  8D8D 44FFFFFF          LEA ECX,DWORD PTR [EBP-BC]
::00424593::  50                      PUSH EAX
::00424594::  8D95 54FFFFFF          LEA EDX,DWORD PTR [EBP-AC]
::0042459A::  51                      PUSH ECX
::0042459B::  52                      PUSH EDX
::0042459C::  8D85 64FFFFFF          LEA EAX,DWORD PTR [EBP-9C]
::004245A2::  6A 20                   PUSH 20
::004245A4::  50                      PUSH EAX
::004245A5::  FF15 34104000          CALL DWORD PTR [401034]                   >>>: MSVBVM60.DLL:MSVBVM60:NoName0001
::004245AB::  8D95 A4FEFFFF          LEA EDX,DWORD PTR [EBP-15C]
::004245B1::  8D4D 9C                LEA ECX,DWORD PTR [EBP-64]
::004245B4::  8985 ACFEFFFF          MOV DWORD PTR [EBP-154],EAX
::004245BA::  C785 A4FEFFFF 03000000 MOV DWORD PTR [EBP-15C],3
::004245C4::  FFD6                   CALL ESI
::004245C6::  8D8D 34FFFFFF          LEA ECX,DWORD PTR [EBP-CC]
::004245CC::  8D95 44FFFFFF          LEA EDX,DWORD PTR [EBP-BC]
::004245D2::  51                      PUSH ECX
::004245D3::  8D85 54FFFFFF          LEA EAX,DWORD PTR [EBP-AC]
::004245D9::  52                      PUSH EDX
::004245DA::  8D8D 64FFFFFF          LEA ECX,DWORD PTR [EBP-9C]
::004245E0::  50                      PUSH EAX
::004245E1::  51                      PUSH ECX
::004245E2::  E9 3D030000             JMP 00424924                         \:JMPDOWN
::004245E7::  B8 02000000             MOV EAX,2                            \:BYJMP JmpBy:0042451B,
::004245EC::  B9 01000000             MOV ECX,1
::004245F1::  8985 E4FEFFFF          MOV DWORD PTR [EBP-11C],EAX
::004245F7::  8985 D4FEFFFF          MOV DWORD PTR [EBP-12C],EAX
::004245FD::  8985 C4FEFFFF          MOV DWORD PTR [EBP-13C],EAX
::00424603::  8D95 E4FEFFFF          LEA EDX,DWORD PTR [EBP-11C]
::00424609::  898D ECFEFFFF          MOV DWORD PTR [EBP-114],ECX
::0042460F::  898D CCFEFFFF          MOV DWORD PTR [EBP-134],ECX
::00424615::  8D85 D4FEFFFF          LEA EAX,DWORD PTR [EBP-12C]
::0042461B::  52                      PUSH EDX
::0042461C::  8D8D C4FEFFFF          LEA ECX,DWORD PTR [EBP-13C]
::00424622::  50                      PUSH EAX
::00424623::  8D95 5CFEFFFF          LEA EDX,DWORD PTR [EBP-1A4]
::00424629::  51                      PUSH ECX
::0042462A::  8D85 6CFEFFFF          LEA EAX,DWORD PTR [EBP-194]
::00424630::  52                      PUSH EDX
::00424631::  8D4D DC                LEA ECX,DWORD PTR [EBP-24]
::00424634::  50                      PUSH EAX
::00424635::  51                      PUSH ECX
::00424636::  C785 DCFEFFFF 19000000 MOV DWORD PTR [EBP-124],19
::00424640::  FF15 30104000          CALL DWORD PTR [401030]                   >>>: MSVBVM60.DLL:__vbaVarForInit
::00424646::  3BC7                   CMP EAX,EDI                            \:BYJMP JmpBy:00424739,
::00424648::  0F84 F0000000          JE 0042473E                            \:JMPDOWN
::0042464E::  8D95 64FFFFFF          LEA EDX,DWORD PTR [EBP-9C]
::00424654::  8D45 DC                LEA EAX,DWORD PTR [EBP-24]
::00424657::  52                      PUSH EDX
::00424658::  50                      PUSH EAX
::00424659::  C785 6CFFFFFF 01000000 MOV DWORD PTR [EBP-94],1
::00424663::  C785 64FFFFFF 02000000 MOV DWORD PTR [EBP-9C],2
::0042466D::  FF15 9C104000          CALL DWORD PTR [40109C]                   >>>: MSVBVM60.DLL:__vbaI4Var
::00424673::  8D4D 8C                LEA ECX,DWORD PTR [EBP-74]
::00424676::  50                      PUSH EAX
::00424677::  8D95 78FFFFFF          LEA EDX,DWORD PTR [EBP-88]
::0042467D::  51                      PUSH ECX
::0042467E::  52                      PUSH EDX
::0042467F::  FF15 7C104000          CALL DWORD PTR [40107C]                   >>>: MSVBVM60.DLL:__vbaStrVarVal
::00424685::  50                      PUSH EAX
::00424686::  FF15 4C104000          CALL DWORD PTR [40104C]                   >>>: MSVBVM60.DLL:MSVBVM60:NoName0003
::0042468C::  8D95 54FFFFFF          LEA EDX,DWORD PTR [EBP-AC]
::00424692::  8D4D AC                LEA ECX,DWORD PTR [EBP-54]
::00424695::  8985 5CFFFFFF          MOV DWORD PTR [EBP-A4],EAX
::0042469B::  C785 54FFFFFF 08000000 MOV DWORD PTR [EBP-AC],8
::004246A5::  FFD6                   CALL ESI
::004246A7::  8D8D 78FFFFFF          LEA ECX,DWORD PTR [EBP-88]
::004246AD::  FF15 BC104000          CALL DWORD PTR [4010BC]                   >>>: MSVBVM60.DLL:__vbaFreeStr
::004246B3::  8D8D 64FFFFFF          LEA ECX,DWORD PTR [EBP-9C]
::004246B9::  FF15 0C104000          CALL DWORD PTR [40100C]                   >>>: MSVBVM60.DLL:__vbaFreeVar
::004246BF::  8D45 AC                LEA EAX,DWORD PTR [EBP-54]
::004246C2::  8D8D 78FFFFFF          LEA ECX,DWORD PTR [EBP-88]
::004246C8::  50                      PUSH EAX
::004246C9::  51                      PUSH ECX
::004246CA::  FF15 7C104000          CALL DWORD PTR [40107C]                   >>>: MSVBVM60.DLL:__vbaStrVarVal
::004246D0::  50                      PUSH EAX
::004246D1::  FF15 1C104000          CALL DWORD PTR [40101C]                   >>>: MSVBVM60.DLL:MSVBVM60:NoName0000
::004246D7::  8D95 E4FEFFFF          LEA EDX,DWORD PTR [EBP-11C]
::004246DD::  8D8D 7CFFFFFF          LEA ECX,DWORD PTR [EBP-84]
::004246E3::  66:8985 ECFEFFFF       MOV WORD PTR [EBP-114],AX
::004246EA::  C785 E4FEFFFF 02000000 MOV DWORD PTR [EBP-11C],2
::004246F4::  FFD6                   CALL ESI
::004246F6::  8D8D 78FFFFFF          LEA ECX,DWORD PTR [EBP-88]
::004246FC::  FF15 BC104000          CALL DWORD PTR [4010BC]                   >>>: MSVBVM60.DLL:__vbaFreeStr
::00424702::  8D55 BC                LEA EDX,DWORD PTR [EBP-44]
::00424705::  8D85 7CFFFFFF          LEA EAX,DWORD PTR [EBP-84]
::0042470B::  52                      PUSH EDX
::0042470C::  8D8D 64FFFFFF          LEA ECX,DWORD PTR [EBP-9C]
::00424712::  50                      PUSH EAX
::00424713::  51                      PUSH ECX
::00424714::  FF15 A0104000          CALL DWORD PTR [4010A0]                   >>>: MSVBVM60.DLL:__vbaVarAdd
::0042471A::  8BD0                   MOV EDX,EAX
::0042471C::  8D4D BC                LEA ECX,DWORD PTR [EBP-44]
::0042471F::  FFD6                   CALL ESI
::00424721::  8D95 5CFEFFFF          LEA EDX,DWORD PTR [EBP-1A4]
::00424727::  8D85 6CFEFFFF          LEA EAX,DWORD PTR [EBP-194]
:0042472D::  52                      PUSH EDX
::0042472E::  8D4D DC                LEA ECX,DWORD PTR [EBP-24]
::00424731::  50                      PUSH EAX
::00424732::  51                      PUSH ECX
::00424733::  FF15 B4104000          CALL DWORD PTR [4010B4]                   >>>: MSVBVM60.DLL:__vbaVarForNext
::00424739::  E9 08FFFFFF             JMP 00424646                         \:JMPUP
::0042473E::  8D55 BC                LEA EDX,DWORD PTR [EBP-44]             \:BYJMP JmpBy:00424648,
::00424741::  8D85 E4FEFFFF          LEA EAX,DWORD PTR [EBP-11C]
::00424747::  52                      PUSH EDX
::00424748::  50                      PUSH EAX
::00424749::  C785 ECFEFFFF D0070000 MOV DWORD PTR [EBP-114],7D0
::00424753::  C785 E4FEFFFF 02800000 MOV DWORD PTR [EBP-11C],8002
::0042475D::  FF15 58104000          CALL DWORD PTR [401058]                   >>>: MSVBVM60.DLL:__vbaVarTstEq
::00424763::  66:85C0                TEST AX,AX  比较
::00424766::  B9 04000280             MOV ECX,80020004
::0042476B::  B8 0A000000             MOV EAX,A
::00424770::  898D 3CFFFFFF          MOV DWORD PTR [EBP-C4],ECX
::00424776::  8985 34FFFFFF          MOV DWORD PTR [EBP-CC],EAX
::0042477C::  898D 4CFFFFFF          MOV DWORD PTR [EBP-B4],ECX
::00424782::  8985 44FFFFFF          MOV DWORD PTR [EBP-BC],EAX
::00424788::  0F84 F7000000          JE 00424885不正确就跳                            \:JMPDOWN
:0042478E::  8D95 D4FEFFFF          LEA EDX,DWORD PTR [EBP-12C]
::00424794::  8D8D 54FFFFFF          LEA ECX,DWORD PTR [EBP-AC]
::0042479A::  C785 DCFEFFFF 842A4200 MOV DWORD PTR [EBP-124],422A84             \->: 注册成功
::004247A4::  C785 D4FEFFFF 08000000 MOV DWORD PTR [EBP-12C],8
::004247AE::  FFD3                   CALL EBX
::004247B0::  8D95 E4FEFFFF          LEA EDX,DWORD PTR [EBP-11C]
::004247B6::  8D8D 64FFFFFF          LEA ECX,DWORD PTR [EBP-9C]
::004247BC::  C785 ECFEFFFF 742A4200 MOV DWORD PTR [EBP-114],422A74             \->: 注册码正确
::004247C6::  C785 E4FEFFFF 08000000 MOV DWORD PTR [EBP-11C],8
::004247D0::  FFD3                   CALL EBX
::004247D2::  8D8D 34FFFFFF          LEA ECX,DWORD PTR [EBP-CC]
::004247D8::  8D95 44FFFFFF          LEA EDX,DWORD PTR [EBP-BC]
::004247DE::  51                      PUSH ECX
::004247DF::  8D85 54FFFFFF          LEA EAX,DWORD PTR [EBP-AC]
::004247E5::  52                      PUSH EDX
::004247E6::  50                      PUSH EAX
::004247E7::  8D8D 64FFFFFF          LEA ECX,DWORD PTR [EBP-9C]
::004247ED::  6A 20                   PUSH 20
::004247EF::  51                      PUSH ECX
::004247F0::  FF15 34104000          CALL DWORD PTR [401034]                   >>>: MSVBVM60.DLL:MSVBVM60:NoName0001
::004247F6::  8D95 A4FEFFFF          LEA EDX,DWORD PTR [EBP-15C]
::004247FC::  8D4D 9C                LEA ECX,DWORD PTR [EBP-64]
::004247FF::  8985 ACFEFFFF          MOV DWORD PTR [EBP-154],EAX
::00424805::  C785 A4FEFFFF 03000000 MOV DWORD PTR [EBP-15C],3
::0042480F::  FFD6                   CALL ESI
::00424811::  8D95 34FFFFFF          LEA EDX,DWORD PTR [EBP-CC]
::00424817::  8D85 44FFFFFF          LEA EAX,DWORD PTR [EBP-BC]
::0042481D::  52                      PUSH EDX
::0042481E::  8D8D 54FFFFFF          LEA ECX,DWORD PTR [EBP-AC]
::00424824::  50                      PUSH EAX
::00424825::  8D95 64FFFFFF          LEA EDX,DWORD PTR [EBP-9C]
::0042482B::  51                      PUSH ECX
::0042482C::  52                      PUSH EDX
::0042482D::  6A 04                   PUSH 4
::0042482F::  FF15 10104000          CALL DWORD PTR [401010]                   >>>: MSVBVM60.DLL:__vbaFreeVarList
::00424835::  8B45 08                MOV EAX,DWORD PTR [EBP+8]
::00424838::  83C4 14                ADD ESP,14
::0042483B::  8B08                   MOV ECX,DWORD PTR [EAX]
::0042483D::  50                      PUSH EAX
::0042483E::  FF91 28030000          CALL DWORD PTR [ECX+328]
::00424844::  8D95 74FFFFFF          LEA EDX,DWORD PTR [EBP-8C]
::0042484A::  50                      PUSH EAX
::0042484B::  52                      PUSH EDX
::0042484C::  FF15 38104000          CALL DWORD PTR [401038]                   >>>: MSVBVM60.DLL:__vbaObjSet
::00424852::  8BF0                   MOV ESI,EAX
::00424854::  68 942A4200             PUSH 422A94                               \->: 注册信息：已注册版
::00424859::  56                      PUSH ESI
::0042485A::  8B06                   MOV EAX,DWORD PTR [ESI]
::0042485C::  FF50 54                CALL DWORD PTR [EAX+54]
::0042485F::  3BC7                   CMP EAX,EDI
::00424861::  DBE2                   FCLEX
::00424863::  7D 0F                   JGE SHORT 00424874                   \:JMPDOWN
::00424865::  6A 54                   PUSH 54
::00424867::  68 AC2A4200             PUSH 422AAC                               \->: 仙?????怀缗B
::0042486C::  56                      PUSH ESI
::0042486D::  50                      PUSH EAX
::0042486E::  FF15 24104000          CALL DWORD PTR [401024]                   >>>: MSVBVM60.DLL:__vbaHresultCheckObj
::00424874::  8D8D 74FFFFFF          LEA ECX,DWORD PTR [EBP-8C]             \:BYJMP JmpBy:00424863,
::0042487A::  FF15 C0104000          CALL DWORD PTR [4010C0]                   >>>: MSVBVM60.DLL:__vbaFreeObj
::00424880::  E9 AA000000             JMP 0042492F                         \:JMPDOWN
::00424885::  8D95 D4FEFFFF          LEA EDX,DWORD PTR [EBP-12C]          \:BYJMP JmpBy:00424788,
::0042488B::  8D8D 54FFFFFF          LEA ECX,DWORD PTR [EBP-AC]
::00424891::  C785 DCFEFFFF 642A4200 MOV DWORD PTR [EBP-124],422A64             \->: 注册不成功
::0042489B::  C785 D4FEFFFF 08000000 MOV DWORD PTR [EBP-12C],8
::004248A5::  FFD3                   CALL EBX
::004248A7::  8D95 E4FEFFFF          LEA EDX,DWORD PTR [EBP-11C]
::004248AD::  8D8D 64FFFFFF          LEA ECX,DWORD PTR [EBP-9C]
::004248B3::  C785 ECFEFFFF 502A4200 MOV DWORD PTR [EBP-114],422A50             \->: 注册码不正确
::004248BD::  C785 E4FEFFFF 08000000 MOV DWORD PTR [EBP-11C],8
::004248C7::  FFD3                   CALL EBX
::004248C9::  8D8D 34FFFFFF          LEA ECX,DWORD PTR [EBP-CC]
::004248CF::  8D95 44FFFFFF          LEA EDX,DWORD PTR [EBP-BC]
::004248D5::  51                      PUSH ECX
::004248D6::  8D85 54FFFFFF          LEA EAX,DWORD PTR [EBP-AC]
::004248DC::  52                      PUSH EDX
::004248DD::  50                      PUSH EAX
::004248DE::  8D8D 64FFFFFF          LEA ECX,DWORD PTR [EBP-9C]
::004248E4::  6A 20                   PUSH 20
::004248E6::  51                      PUSH ECX
::004248E7::  FF15 34104000          CALL DWORD PTR [401034]                   >>>: MSVBVM60.DLL:MSVBVM60:NoName0001
::004248ED::  8D95 A4FEFFFF          LEA EDX,DWORD PTR [EBP-15C]
::004248F3::  8D4D 9C                LEA ECX,DWORD PTR [EBP-64]
::004248F6::  8985 ACFEFFFF          MOV DWORD PTR [EBP-154],EAX
::004248FC::  C785 A4FEFFFF 03000000 MOV DWORD PTR [EBP-15C],3
::00424906::  FFD6                   CALL ESI
::00424908::  8D95 34FFFFFF          LEA EDX,DWORD PTR [EBP-CC]
::0042490E::  8D85 44FFFFFF          LEA EAX,DWORD PTR [EBP-BC]
::00424914::  52                      PUSH EDX
::00424915::  8D8D 54FFFFFF          LEA ECX,DWORD PTR [EBP-AC]
::0042491B::  50                      PUSH EAX
::0042491C::  8D95 64FFFFFF          LEA EDX,DWORD PTR [EBP-9C]
::00424922::  51                      PUSH ECX
::00424923::  52                      PUSH EDX
::00424924::  6A 04                   PUSH 4                               \:BYJMP JmpBy:004245E2,
::00424926::  FF15 10104000          CALL DWORD PTR [401010]                   >>>: MSVBVM60.DLL:__vbaFreeVarList
::0042492C::  83C4 14                ADD ESP,14
::0042492F::  897D FC                MOV DWORD PTR [EBP-4],EDI             \:BYJMP JmpBy:00424880,
::00424932::  68 DB494200             PUSH 4249DB                               \->: ???凿帚???摞?
::00424937::  EB 5C                   JMP SHORT 00424995                   \:JMPDOWN
::00424939::  8D8D 78FFFFFF          LEA ECX,DWORD PTR [EBP-88]
::0042493F::  FF15 BC104000          CALL DWORD PTR [4010BC]                   >>>: MSVBVM60.DLL:__vbaFreeStr
::00424945::  8D8D 74FFFFFF          LEA ECX,DWORD PTR [EBP-8C]
::0042494B::  FF15 C0104000          CALL DWORD PTR [4010C0]                   >>>: MSVBVM60.DLL:__vbaFreeObj
::00424951::  8D85 F4FEFFFF          LEA EAX,DWORD PTR [EBP-10C]
::00424957::  8D8D 04FFFFFF          LEA ECX,DWORD PTR [EBP-FC]
::004249FD::  90                      NOP
::004249FE::  90                      NOP
::004249FF::  90                      NOP
::00424A00::  55                      PUSH EBP                               \:BYJMP JmpBy:004239AF,
::00424A01::  8BEC                   MOV EBP,ESP
::00424A03::  83EC 0C                SUB ESP,C
::00424A06::  68 76114000             PUSH 401176                               \->: ??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@ >>>: MSVBVM60.DLL:__vbaExceptHandler
::00424A0B::  64:A1 00000000          MOV EAX,DWORD PTR FS:[0]
::00424A11::  50                      PUSH EAX
::00424A12::  64:8925 00000000       MOV DWORD PTR FS:[0],ESP
::00424A19::  83EC 08                SUB ESP,8
::00424A1C::  53                      PUSH EBX
::00424A1D::  56                      PUSH ESI
::00424A1E::  57                      PUSH EDI
::00424A1F::  8965 F4                MOV DWORD PTR [EBP-C],ESP
::00424A22::  C745 F8 F0104000       MOV DWORD PTR [EBP-8],4010F0             \->: \x01\x08?B\x07\x08?B?B?B\x07\x08?B?B?B\x07\x08丑B临B丘B\x07\x08?B侄B?B\x07\x08?B?B?B\x07\x08坂B?B?B\x07\x08?B弓B康B
::00424A29::  8B45 08                MOV EAX,DWORD PTR [EBP+8]
::00424A2C::  8BC8                   MOV ECX,EAX
::00424A2E::  83E1 01                AND ECX,1
::00424A31::  894D FC                MOV DWORD PTR [EBP-4],ECX
::00424A34::  24 FE                   AND AL,FE
::00424A36::  50                      PUSH EAX
::00424A37::  8945 08                MOV DWORD PTR [EBP+8],EAX
::00424A3A::  8B10                   MOV EDX,DWORD PTR [EAX]
::00424A3C::  FF52 04                CALL DWORD PTR [EDX+4]
::00424A3F::  FF15 14104000          CALL DWORD PTR [401014]                   >>>: MSVBVM60.DLL:__vbaEnd
::00424A45::  C745 FC 00000000       MOV DWORD PTR [EBP-4],0
::00424A4C::  8B45 08                MOV EAX,DWORD PTR [EBP+8]
::00424A4F::  50                      PUSH EAX
::00424A50::  8B08                   MOV ECX,DWORD PTR [EAX]
::00424A52::  FF51 08                CALL DWORD PTR [ECX+8]
::00424A55::  8B45 FC                MOV EAX,DWORD PTR [EBP-4]
::00424A58::  8B4D EC                MOV ECX,DWORD PTR [EBP-14]
::00424A5B::  5F                      POP EDI
::00424A5C::  5E                      POP ESI
::00424A5D::  64:890D 00000000       MOV DWORD PTR FS:[0],ECX
::00424A64::  5B                      POP EBX
::00424A65::  8BE5                   MOV ESP,EBP
::00424A67::  5D                      POP EBP
::00424A68::  C2 0800                RETN 8
::00424A6B::  90                      NOP
::00424A6C::  90                      NOP
::00424A6D::  90                      NOP
::00424A6E::  90                      NOP
::00424A6F::  90                      NOP
::00424A70::  55                      PUSH EBP                               \:BYJMP JmpBy:004239BC,
::00424A71::  8BEC                   MOV EBP,ESP
::00424A73::  83EC 0C                SUB ESP,C
::00424A76::  68 76114000             PUSH 401176                               \->: ??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@??@ >>>: MSVBVM60.DLL:__vbaExceptHandler
::00424A7B::  64:A1 00000000          MOV EAX,DWORD PTR FS:[0]
::00424A81::  50                      PUSH EAX
::00424A82::  64:8925 00000000       MOV DWORD PTR FS:[0],ESP
::00424A89::  81EC A8000000          SUB ESP,A8
::00424A8F::  53                      PUSH EBX
::00424A90::  56                      PUSH ESI
::00424A91::  57                      PUSH EDI
::00424A92::  8965 F4                MOV DWORD PTR [EBP-C],ESP
::00424A95::  C745 F8 F8104000       MOV DWORD PTR [EBP-8],4010F8             \->: \x07\x08?B?B?B\x07\x08?B?B?B\x07\x08丑B临B丘B\x07\x08?B侄B?B\x07\x08?B?B?B\x07\x08坂B?B?B\x07\x08?B弓B康B
::00424A9C::  8B45 08                MOV EAX,DWORD PTR [EBP+8]
::00424A9F::  8BC8                   MOV ECX,EAX
::00424AA1::  83E1 01                AND ECX,1
::00424AA4::  894D FC                MOV DWORD PTR [EBP-4],ECX
::00424AA7::  24 FE                   AND AL,FE
::00424AA9::  50                      PUSH EAX
::00424AAA::  8945 08                MOV DWORD PTR [EBP+8],EAX
::00424AAD::  8B10                   MOV EDX,DWORD PTR [EAX]
::00424AAF::  FF52 04                CALL DWORD PTR [EDX+4]
::00424AB2::  8B3D A4104000          MOV EDI,DWORD PTR [4010A4]
::00424AB8::  B9 04000280             MOV ECX,80020004
::00424ABD::  33F6                   XOR ESI,ESI
::00424ABF::  894D A4                MOV DWORD PTR [EBP-5C],ECX
::00424AC2::  B8 0A000000             MOV EAX,A
::00424AC7::  894D B4                MOV DWORD PTR [EBP-4C],ECX
::00424ACA::  BB 08000000             MOV EBX,8
::00424ACF::  8975 AC                MOV DWORD PTR [EBP-54],ESI
::00424AD2::  8975 9C                MOV DWORD PTR [EBP-64],ESI
::00424AD5::  89B5 7CFFFFFF          MOV DWORD PTR [EBP-84],ESI
::00424ADB::  8D95 7CFFFFFF          LEA EDX,DWORD PTR [EBP-84]
::00424AE1::  8D4D BC                LEA ECX,DWORD PTR [EBP-44]
::00424AE4::  8975 DC                MOV DWORD PTR [EBP-24],ESI
::00424AE7::  8975 CC                MOV DWORD PTR [EBP-34],ESI
::00424AEA::  8975 BC                MOV DWORD PTR [EBP-44],ESI
::00424AED::  8975 8C                MOV DWORD PTR [EBP-74],ESI
::00424AF0::  89B5 4CFFFFFF          MOV DWORD PTR [EBP-B4],ESI

[培训]《安卓高级研修班(网课)》月薪三万计划，掌握调试、分析还原ollvm、vmp的方法，定制art虚拟机自动化脱壳的方法

收藏・0

免费・1

打赏

最新回复 (4)
星空天地雪币： 202 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 2 回帖 6 粉丝 0 关注私信	星空天地 2004-11-16 20:05 2 楼 0 请高手指教，是不是把JE（正确的就跳）改JNE就可以拉？
星空天地雪币： 202 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 2 回帖 6 粉丝 0 关注私信	星空天地 2004-11-16 20:05 3 楼 0 改了软件就死在那里了
东方一兵雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 6 粉丝 0 关注私信	东方一兵 2004-11-27 16:28 4 楼 0 不行吧，你应该在此处::0042475D:: FF15 58104000 CALL DWORD PTR [401058]F7跟进追入啊，如果是明码比较的话，就能找到注册码
haojiu 雪币： 202 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 2 回帖 27 粉丝 0 关注私信	haojiu 2004-12-1 11:59 5 楼 0 为什么在那跟进呢?
	游客登录 \| 注册方可回帖　回帖　表情雪币赚取及消费高级回复

星空天地

发帖

回帖

RANK

关注

私信

他的文章

脱UPX1.92版的壳

爆破点应该在那里？

关于我们

联系我们

企业服务

看雪公众号