原程序加过花指令的是
0043770B 55 push ebp
0043770C 8BEC mov ebp, esp
0043770E F9 stc
0043770F 72 01 jb short 复件.00437712
00437711 7A 6A jpe short 复件.0043777D
00437713 006A 00 add [byte ds:edx], ch
00437716 6A 00 push 0
00437718 68 01030080 push 80000301
0043771D 6A 00 push 0
0043771F 68 00100000 push 1000
00437724 68 04000080 push 80000004
00437729 6A 00 push 0
0043772B 68 35BB4000 push 复件.0040BB35 ; 注册码错误
00437730 68 03000000 push 3
00437735 BB 00030000 mov ebx, 300
0043773A EB 01 jmp short 复件.0043773D
0043773C 0FE843 03 psubsb mm0, [qword ds:ebx+3]
00437740 0000 add [byte ds:eax], al
00437742 83C4 28 add esp, 28
00437745 EB 01 jmp short 复件.00437748
00437747 75 68 jnz short 复件.004377B1
00437749 0100 add [dword ds:eax], eax
0043774B 0100 add [dword ds:eax], eax
0043774D 68 00000106 push 6010000
00437752 68 01000152 push 52010001
00437757 68 01000000 push 1
0043775C BB 60030000 mov ebx, 360
00437761 EB 01 jmp short 复件.00437764
00437763 BC E81C0300 mov esp, 31CE8
00437768 0083 C410EB01 add [byte ds:ebx+1EB10C4], al
0043776E 0F6801 punpckhbw mm0, [qword ds:ecx]
00437771 0001 add [byte ds:ecx], al
00437773 0068 E0 add [byte ds:eax-20], ch
00437776 0001 add [byte ds:ecx], al
00437778 06 push es
00437779 68 DF000152 push 520100DF
0043777E 68 01000000 push 1
00437783 BB 60030000 mov ebx, 360
00437788 EB 01 jmp short 复件.0043778B
0043778A 0FE8F5 psubsb mm6, mm5
0043778D 0200 add al, [byte ds:eax]
0043778F 0083 C4108BE5 add [byte ds:ebx+E58B10C4], al
00437795 5D pop ebp
00437796 C3 retn
用OD上的去花指令共10个后,是这样了。
0043770B 55 push ebp
0043770C 8BEC mov ebp, esp
0043770E F9 stc
0043770F 72 01 jb short 复件.00437712
00437711 7A 6A jpe short 复件.0043777D
00437713 006A 00 add [byte ds:edx], ch
00437716 6A 00 push 0
00437718 68 01030080 push 80000301
0043771D 6A 00 push 0
0043771F 68 00100000 push 1000
00437724 68 04000080 push 80000004
00437729 6A 00 push 0
0043772B 68 35BB4000 push 复件.0040BB35 ; 注册码错误
00437730 68 03000000 push 3
00437735 BB 00030000 mov ebx, 300
0043773A 90 nop
0043773B 90 nop
0043773C 90 nop
0043773D E8 43030000 call 复件.00437A85
00437742 83C4 28 add esp, 28
00437745 90 nop
00437746 90 nop
00437747 90 nop
00437748 68 01000100 push 10001
0043774D 68 00000106 push 6010000
00437752 68 01000152 push 52010001
00437757 68 01000000 push 1
0043775C BB 60030000 mov ebx, 360
00437761 90 nop
00437762 90 nop
00437763 90 nop
00437764 E8 1C030000 call 复件.00437A85
00437769 83C4 10 add esp, 10
0043776C 90 nop
0043776D 90 nop
0043776E 90 nop
0043776F 68 01000100 push 10001
00437774 68 E0000106 push 60100E0
00437779 68 DF000152 push 520100DF
0043777E 68 01000000 push 1
00437783 BB 60030000 mov ebx, 360
00437788 90 nop
00437789 90 nop
0043778A 90 nop
0043778B E8 F5020000 call 复件.00437A85
00437790 83C4 10 add esp, 10
00437793 8BE5 mov esp, ebp
00437795 5D pop ebp
00437796 C3 retn
这个去除花指令去成功了没有。
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课