[求助]加密函数，那位大哥，可以给我一下理解的思虑呀。-软件逆向-看雪-安全社区|安全招聘|kanxue.com

[求助]加密函数，那位大哥，可以给我一下理解的思虑呀。

发表于: 2009-1-24 22:40 5575

[求助]加密函数，那位大哥，可以给我一下理解的思虑呀。

lovenuo

2009-1-24 22:40

5575

加密函数，那位大哥，可以给我一下理解的思虑呀。。

请详细一些，不详细的就不用回了，我也只能看个大概。。

废话就不说了，看下面的CODE。。知道的请回帖。。

00402D50  |> /53          /push ebx
00402D51  |. |8D4C24 50    |lea    ecx, dword ptr [esp+50]
00402D55  |. |FF15 0C534000 |call dword ptr [<&MSVCP80.std::basic>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::operator[]
00402D5B  |. |0FBE00       |movsx eax, byte ptr [eax]
00402D5E  |. |83C0 D0    |add    eax, -30                      ;  Switch (cases 30..66)
00402D61  |. |83F8 36    |cmp    eax, 36
00402D64  |. |77 79       |ja    short 00402DDF
00402D66  |. |0FB688 743140>|movzx ecx, byte ptr [eax+403174]
00402D6D  |. |FF248D 303140>|jmp    dword ptr [ecx*4+403130]
00402D74  |> |33FF       |xor    edi, edi                      ;  Case 30 ('0') of switch 00402D5E
00402D76  |. |EB 67       |jmp    short 00402DDF
00402D78  |> |BF 01000000 |mov    edi, 1                         ;  Case 31 ('1') of switch 00402D5E
00402D7D  |. |EB 60       |jmp    short 00402DDF
00402D7F  |> |BF 02000000 |mov    edi, 2                         ;  Case 32 ('2') of switch 00402D5E
00402D84  |. |EB 59       |jmp    short 00402DDF
00402D86  |> |BF 03000000 |mov    edi, 3                         ;  Case 33 ('3') of switch 00402D5E
00402D8B  |. |EB 52       |jmp    short 00402DDF
00402D8D  |> |BF 04000000 |mov    edi, 4                         ;  Case 34 ('4') of switch 00402D5E
00402D92  |. |EB 4B       |jmp    short 00402DDF
00402D94  |> |BF 05000000 |mov    edi, 5                         ;  Case 35 ('5') of switch 00402D5E
00402D99  |. |EB 44       |jmp    short 00402DDF
00402D9B  |> |BF 06000000 |mov    edi, 6                         ;  Case 36 ('6') of switch 00402D5E
00402DA0  |. |EB 3D       |jmp    short 00402DDF
00402DA2  |> |BF 07000000 |mov    edi, 7                         ;  Case 37 ('7') of switch 00402D5E
00402DA7  |. |EB 36       |jmp    short 00402DDF
00402DA9  |> |BF 08000000 |mov    edi, 8                         ;  Case 38 ('8') of switch 00402D5E
00402DAE  |. |EB 2F       |jmp    short 00402DDF
00402DB0  |> |BF 09000000 |mov    edi, 9                         ;  Case 39 ('9') of switch 00402D5E
00402DB5  |. |EB 28       |jmp    short 00402DDF
00402DB7  |> |BF 0A000000 |mov    edi, 0A                      ;  Cases 41 ('A'),61 ('a') of switch 00402D5E
00402DBC  |. |EB 21       |jmp    short 00402DDF
00402DBE  |> |BF 0B000000 |mov    edi, 0B                      ;  Cases 42 ('B'),62 ('b') of switch 00402D5E
00402DC3  |. |EB 1A       |jmp    short 00402DDF
00402DC5  |> |BF 0C000000 |mov    edi, 0C                      ;  Cases 43 ('C'),63 ('c') of switch 00402D5E
00402DCA  |. |EB 13       |jmp    short 00402DDF
00402DCC  |> |BF 0D000000 |mov    edi, 0D                      ;  Cases 44 ('D'),64 ('d') of switch 00402D5E
00402DD1  |. |EB 0C       |jmp    short 00402DDF
00402DD3  |> |BF 0E000000 |mov    edi, 0E                      ;  Cases 45 ('E'),65 ('e') of switch 00402D5E
00402DD8  |. |EB 05       |jmp    short 00402DDF
00402DDA  |> |BF 0F000000 |mov    edi, 0F                      ;  Cases 46 ('F'),66 ('f') of switch 00402D5E
00402DDF  |> |BE 03000000 |mov    esi, 3                         ;  Default case of switch 00402D5E
00402DE4  |> |85F6       |/test esi, esi
00402DE6  |. |DD05 00674000 ||fld    qword ptr [406700]
00402DEC  |. |8BC6       ||mov    eax, esi
00402DEE  |. |7D 02       ||jge    short 00402DF2
00402DF0  |. |F7D8       ||neg    eax
00402DF2  |> |D9E8       ||fld1
00402DF4  |. |D9C0       ||fld    st
00402DF6  |> |A8 01       ||/test al, 1
00402DF8  |. |74 02       |||je    short 00402DFC
00402DFA  |. |D8CA       |||fmul st, st(2)
00402DFC  |> |D1E8       |||shr    eax, 1
00402DFE  |. |74 06       |||je    short 00402E06
00402E00  |. |D9C2       |||fld    st(2)
00402E02  |. |DECB       |||fmulp st(3), st
00402E04  |.^|EB F0       ||\jmp    short 00402DF6
00402E06  |> |85F6       ||test esi, esi
00402E08  |. |DDDA       ||fstp st(2)
00402E0A  |. |7D 04       ||jge    short 00402E10
00402E0C  |. |DEF1       ||fdivrp  st(1), st
00402E0E  |. |EB 02       ||jmp    short 00402E12
00402E10  |> |DDD8       ||fstp st
00402E12  |> |E8 F9180000 ||call 00404710
00402E17  |. |85C7       ||test edi, eax
00402E19  |. |74 21       ||je    short 00402E3C
00402E1B  |. |68 BC634000 ||push 004063BC                      ;  1
00402E20  |. |8D9424 9C0000>||lea    edx, dword ptr [esp+9C]
00402E27  |. |52          ||push edx
00402E28  |. |8D4424 70    ||lea    eax, dword ptr [esp+70]
00402E2C  |. |50          ||push eax
00402E2D  |. |FFD5       ||call ebp
00402E2F  |. |83C4 0C    ||add    esp, 0C
00402E32  |. |C68424 900000>||mov    byte ptr [esp+90], 4
00402E3A  |. |EB 1F       ||jmp    short 00402E5B
00402E3C  |> |68 C0634000 ||push 004063C0                      ;  0
00402E41  |. |8D8C24 9C0000>||lea    ecx, dword ptr [esp+9C]
00402E48  |. |51          ||push ecx
00402E49  |. |8D5424 70    ||lea    edx, dword ptr [esp+70]
00402E4D  |. |52          ||push edx
00402E4E  |. |FFD5       ||call ebp
00402E50  |. |83C4 0C    ||add    esp, 0C
00402E53  |. |C68424 900000>||mov    byte ptr [esp+90], 5
00402E5B  |> |50          ||push eax
00402E5C  |. |8D8C24 9C0000>||lea    ecx, dword ptr [esp+9C]
00402E63  |. |FF15 F0524000 ||call dword ptr [<&MSVCP80.std::basi>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::assign
00402E69  |. |8D4C24 68    ||lea    ecx, dword ptr [esp+68]
00402E6D  |. |C68424 900000>||mov    byte ptr [esp+90], 2
00402E75  |. |FF15 EC524000 ||call dword ptr [<&MSVCP80.std::basi>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::~basic_string<char,std::char_traits<char>,std::allocator<char> >
00402E7B  |. |83EE 01    ||sub    esi, 1
00402E7E  |.^|0F89 60FFFFFF |\jns    00402DE4
00402E84  |. |83C3 01    |add    ebx, 1
00402E87  |. |83FB 08    |cmp    ebx, 8
00402E8A  |.^\0F8C C0FEFFFF \jl    00402D50

上面的这些是关键CODE,下面是全部CODE.....

00402C00  /$  6A FF       push -1
00402C02  |.  68 10494000 push 00404910
00402C07  |.  64:A1 0000000>mov    eax, dword ptr fs:[0]
00402C0D  |.  50          push eax
00402C0E  |.  83EC 74    sub    esp, 74
00402C11  |.  A1 28804000 mov    eax, dword ptr [408028]
00402C16  |.  33C4       xor    eax, esp
00402C18  |.  894424 70    mov    dword ptr [esp+70], eax
00402C1C  |.  53          push ebx
00402C1D  |.  55          push ebp
00402C1E  |.  56          push esi
00402C1F  |.  57          push edi
00402C20  |.  A1 28804000 mov    eax, dword ptr [408028]
00402C25  |.  33C4       xor    eax, esp
00402C27  |.  50          push eax
00402C28  |.  8D8424 880000>lea    eax, dword ptr [esp+88]
00402C2F  |.  64:A3 0000000>mov    dword ptr fs:[0], eax
00402C35  |.  8BF1       mov    esi, ecx
00402C37  |.  33FF       xor    edi, edi
00402C39  |.  897424 1C    mov    dword ptr [esp+1C], esi
00402C3D  |.  897C24 18    mov    dword ptr [esp+18], edi
00402C41  |.  BB 01000000 mov    ebx, 1
00402C46  |.  8D4C24 4C    lea    ecx, dword ptr [esp+4C]
00402C4A  |.  899C24 900000>mov    dword ptr [esp+90], ebx
00402C51  |.  FF15 20534000 call dword ptr [<&MSVCP80.std::basic_>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::basic_string<char,std::char_traits<char>,std::allocator<char> >
00402C57  |.  8B8424 B40000>mov    eax, dword ptr [esp+B4]
00402C5E  |.  25 1F000080 and    eax, 8000001F
00402C63  |.  C68424 900000>mov    byte ptr [esp+90], 2
00402C6B  |.  79 05       jns    short 00402C72
00402C6D  |.  48          dec    eax
00402C6E  |.  83C8 E0    or    eax, FFFFFFE0
00402C71  |.  40          inc    eax
00402C72  |>  898424 B40000>mov    dword ptr [esp+B4], eax
00402C79  |.  75 19       jnz    short 00402C94
00402C7B  |.  8D8424 980000>lea    eax, dword ptr [esp+98]
00402C82  |.  50          push eax
00402C83  |.  8BCE       mov    ecx, esi
00402C85  |.  FF15 1C534000 call dword ptr [<&MSVCP80.std::basic_>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::basic_string<char,std::char_traits<char>,std::allocator<char> >
00402C8B  |.  895C24 18    mov    dword ptr [esp+18], ebx
00402C8F  |.  E9 4A040000 jmp    004030DE
00402C94  |>  8B8424 AC0000>mov    eax, dword ptr [esp+AC]
00402C9B  |.  BE 08000000 mov    esi, 8
00402CA0  |.  3BC6       cmp    eax, esi
00402CA2  |.  76 47       jbe    short 00402CEB
00402CA4  |.  8B0D F4524000 mov    ecx, dword ptr [<&MSVCP80.std::b>;  MSVCP80.std::basic_string<wchar_t,std::char_traits<wchar_t>,std::allocator<wchar_t> >::npos
00402CAA  |.  8B11       mov    edx, dword ptr [ecx]
00402CAC  |.  52          push edx
00402CAD  |.  83C0 F8    add    eax, -8
00402CB0  |.  50          push eax
00402CB1  |.  8D4424 70    lea    eax, dword ptr [esp+70]
00402CB5  |.  50          push eax
00402CB6  |.  8D8C24 A40000>lea    ecx, dword ptr [esp+A4]
00402CBD  |.  FF15 04534000 call dword ptr [<&MSVCP80.std::basic_>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::substr
00402CC3  |.  50          push eax
00402CC4  |.  8D8C24 9C0000>lea    ecx, dword ptr [esp+9C]
00402CCB  |.  C68424 940000>mov    byte ptr [esp+94], 3
00402CD3  |.  FF15 F0524000 call dword ptr [<&MSVCP80.std::basic_>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::assign
00402CD9  |.  8D4C24 68    lea    ecx, dword ptr [esp+68]
00402CDD  |.  C68424 900000>mov    byte ptr [esp+90], 2
00402CE5  |.  FF15 EC524000 call dword ptr [<&MSVCP80.std::basic_>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::~basic_string<char,std::char_traits<char>,std::allocator<char> >
00402CEB  |>  8D8C24 980000>lea    ecx, dword ptr [esp+98]
00402CF2  |.  51          push ecx
00402CF3  |.  8D4C24 50    lea    ecx, dword ptr [esp+50]
00402CF7  |.  FF15 F0524000 call dword ptr [<&MSVCP80.std::basic_>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::assign
00402CFD  |.  397424 60    cmp    dword ptr [esp+60], esi
00402D01  |.  73 2D       jnb    short 00402D30
00402D03  |>  8D5424 20    /lea    edx, dword ptr [esp+20]
00402D07  |.  52          |push edx
00402D08  |.  8D4C24 50    |lea    ecx, dword ptr [esp+50]
00402D0C  |.  FF15 10534000 |call dword ptr [<&MSVCP80.std::basic>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::begin
00402D12  |.  8B48 04    |mov    ecx, dword ptr [eax+4]
00402D15  |.  8B10       |mov    edx, dword ptr [eax]
00402D17  |.  6A 30       |push 30
00402D19  |.  51          |push ecx
00402D1A  |.  52          |push edx
00402D1B  |.  8D4424 34    |lea    eax, dword ptr [esp+34]
00402D1F  |.  50          |push eax
00402D20  |.  8D4C24 5C    |lea    ecx, dword ptr [esp+5C]
00402D24  |.  FF15 14534000 |call dword ptr [<&MSVCP80.std::basic>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::insert
00402D2A  |.  397424 60    |cmp    dword ptr [esp+60], esi
00402D2E  |.^ 72 D3       \jb    short 00402D03
00402D30  |>  68 B8634000 push 004063B8
00402D35  |.  8D8C24 9C0000>lea    ecx, dword ptr [esp+9C]       ;  密码转换。。
00402D3C  |.  FF15 E8524000 call dword ptr [<&MSVCP80.std::basic_>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::operator=
00402D42  |.  8B2D F8524000 mov    ebp, dword ptr [<&MSVCP80.??$?HD>;  MSVCP80.??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
00402D48  |.  33DB       xor    ebx, ebx
00402D4A  |.  8D9B 00000000 lea    ebx, dword ptr [ebx]
00402D50  |>  53          /push ebx
00402D51  |.  8D4C24 50    |lea    ecx, dword ptr [esp+50]
00402D55  |.  FF15 0C534000 |call dword ptr [<&MSVCP80.std::basic>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::operator[]
00402D5B  |.  0FBE00       |movsx eax, byte ptr [eax]
00402D5E  |.  83C0 D0    |add    eax, -30                      ;  Switch (cases 30..66)
00402D61  |.  83F8 36    |cmp    eax, 36
00402D64  |.  77 79       |ja    short 00402DDF
00402D66  |.  0FB688 743140>|movzx ecx, byte ptr [eax+403174]
00402D6D  |.  FF248D 303140>|jmp    dword ptr [ecx*4+403130]
00402D74  |>  33FF       |xor    edi, edi                      ;  Case 30 ('0') of switch 00402D5E
00402D76  |.  EB 67       |jmp    short 00402DDF
00402D78  |>  BF 01000000 |mov    edi, 1                         ;  Case 31 ('1') of switch 00402D5E
00402D7D  |.  EB 60       |jmp    short 00402DDF
00402D7F  |>  BF 02000000 |mov    edi, 2                         ;  Case 32 ('2') of switch 00402D5E
00402D84  |.  EB 59       |jmp    short 00402DDF
00402D86  |>  BF 03000000 |mov    edi, 3                         ;  Case 33 ('3') of switch 00402D5E
00402D8B  |.  EB 52       |jmp    short 00402DDF
00402D8D  |>  BF 04000000 |mov    edi, 4                         ;  Case 34 ('4') of switch 00402D5E
00402D92  |.  EB 4B       |jmp    short 00402DDF
00402D94  |>  BF 05000000 |mov    edi, 5                         ;  Case 35 ('5') of switch 00402D5E
00402D99  |.  EB 44       |jmp    short 00402DDF
00402D9B  |>  BF 06000000 |mov    edi, 6                         ;  Case 36 ('6') of switch 00402D5E
00402DA0  |.  EB 3D       |jmp    short 00402DDF
00402DA2  |>  BF 07000000 |mov    edi, 7                         ;  Case 37 ('7') of switch 00402D5E
00402DA7  |.  EB 36       |jmp    short 00402DDF
00402DA9  |>  BF 08000000 |mov    edi, 8                         ;  Case 38 ('8') of switch 00402D5E
00402DAE  |.  EB 2F       |jmp    short 00402DDF
00402DB0  |>  BF 09000000 |mov    edi, 9                         ;  Case 39 ('9') of switch 00402D5E
00402DB5  |.  EB 28       |jmp    short 00402DDF
00402DB7  |>  BF 0A000000 |mov    edi, 0A                      ;  Cases 41 ('A'),61 ('a') of switch 00402D5E
00402DBC  |.  EB 21       |jmp    short 00402DDF
00402DBE  |>  BF 0B000000 |mov    edi, 0B                      ;  Cases 42 ('B'),62 ('b') of switch 00402D5E
00402DC3  |.  EB 1A       |jmp    short 00402DDF
00402DC5  |>  BF 0C000000 |mov    edi, 0C                      ;  Cases 43 ('C'),63 ('c') of switch 00402D5E
00402DCA  |.  EB 13       |jmp    short 00402DDF
00402DCC  |>  BF 0D000000 |mov    edi, 0D                      ;  Cases 44 ('D'),64 ('d') of switch 00402D5E
00402DD1  |.  EB 0C       |jmp    short 00402DDF
00402DD3  |>  BF 0E000000 |mov    edi, 0E                      ;  Cases 45 ('E'),65 ('e') of switch 00402D5E
00402DD8  |.  EB 05       |jmp    short 00402DDF
00402DDA  |>  BF 0F000000 |mov    edi, 0F                      ;  Cases 46 ('F'),66 ('f') of switch 00402D5E
00402DDF  |>  BE 03000000 |mov    esi, 3                         ;  Default case of switch 00402D5E
00402DE4  |>  85F6       |/test esi, esi
00402DE6  |.  DD05 00674000 ||fld    qword ptr [406700]
00402DEC  |.  8BC6       ||mov    eax, esi
00402DEE  |.  7D 02       ||jge    short 00402DF2
00402DF0  |.  F7D8       ||neg    eax
00402DF2  |>  D9E8       ||fld1
00402DF4  |.  D9C0       ||fld    st
00402DF6  |>  A8 01       ||/test al, 1
00402DF8  |.  74 02       |||je    short 00402DFC
00402DFA  |.  D8CA       |||fmul st, st(2)
00402DFC  |>  D1E8       |||shr    eax, 1
00402DFE  |.  74 06       |||je    short 00402E06
00402E00  |.  D9C2       |||fld    st(2)
00402E02  |.  DECB       |||fmulp st(3), st
00402E04  |.^ EB F0       ||\jmp    short 00402DF6
00402E06  |>  85F6       ||test esi, esi
00402E08  |.  DDDA       ||fstp st(2)
00402E0A  |.  7D 04       ||jge    short 00402E10
00402E0C  |.  DEF1       ||fdivrp  st(1), st
00402E0E  |.  EB 02       ||jmp    short 00402E12
00402E10  |>  DDD8       ||fstp st
00402E12  |>  E8 F9180000 ||call 00404710
00402E17  |.  85C7       ||test edi, eax
00402E19  |.  74 21       ||je    short 00402E3C
00402E1B  |.  68 BC634000 ||push 004063BC                      ;  1
00402E20  |.  8D9424 9C0000>||lea    edx, dword ptr [esp+9C]
00402E27  |.  52          ||push edx
00402E28  |.  8D4424 70    ||lea    eax, dword ptr [esp+70]
00402E2C  |.  50          ||push eax
00402E2D  |.  FFD5       ||call ebp
00402E2F  |.  83C4 0C    ||add    esp, 0C
00402E32  |.  C68424 900000>||mov    byte ptr [esp+90], 4
00402E3A  |.  EB 1F       ||jmp    short 00402E5B
00402E3C  |>  68 C0634000 ||push 004063C0                      ;  0
00402E41  |.  8D8C24 9C0000>||lea    ecx, dword ptr [esp+9C]
00402E48  |.  51          ||push ecx
00402E49  |.  8D5424 70    ||lea    edx, dword ptr [esp+70]
00402E4D  |.  52          ||push edx
00402E4E  |.  FFD5       ||call ebp
00402E50  |.  83C4 0C    ||add    esp, 0C
00402E53  |.  C68424 900000>||mov    byte ptr [esp+90], 5
00402E5B  |>  50          ||push eax
00402E5C  |.  8D8C24 9C0000>||lea    ecx, dword ptr [esp+9C]
00402E63  |.  FF15 F0524000 ||call dword ptr [<&MSVCP80.std::basi>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::assign
00402E69  |.  8D4C24 68    ||lea    ecx, dword ptr [esp+68]
00402E6D  |.  C68424 900000>||mov    byte ptr [esp+90], 2
00402E75  |.  FF15 EC524000 ||call dword ptr [<&MSVCP80.std::basi>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::~basic_string<char,std::char_traits<char>,std::allocator<char> >
00402E7B  |.  83EE 01    ||sub    esi, 1
00402E7E  |.^ 0F89 60FFFFFF |\jns    00402DE4
00402E84  |.  83C3 01    |add    ebx, 1
00402E87  |.  83FB 08    |cmp    ebx, 8
00402E8A  |.^ 0F8C C0FEFFFF \jl    00402D50
00402E90  |.  8B8424 B40000>mov    eax, dword ptr [esp+B4]
00402E97  |.  85C0       test eax, eax
00402E99  |.  0F8E 95000000 jle    00402F34
00402E9F  |.  894424 20    mov    dword ptr [esp+20], eax
00402EA3  |>  33F6       /xor    esi, esi
00402EA5  |>  8D7E 01    |/lea    edi, dword ptr [esi+1]
00402EA8  |.  57          ||push edi
00402EA9  |.  8D8C24 9C0000>||lea    ecx, dword ptr [esp+9C]
00402EB0  |.  FF15 0C534000 ||call dword ptr [<&MSVCP80.std::basi>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::operator[]
00402EB6  |.  56          ||push esi
00402EB7  |.  8D8C24 9C0000>||lea    ecx, dword ptr [esp+9C]
00402EBE  |.  8BE8       ||mov    ebp, eax
00402EC0  |.  FF15 0C534000 ||call dword ptr [<&MSVCP80.std::basi>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::operator[]
00402EC6  |.  8A4D 00    ||mov    cl, byte ptr [ebp]
00402EC9  |.  8BF7       ||mov    esi, edi
00402ECB  |.  83FE 20    ||cmp    esi, 20
00402ECE  |.  8808       ||mov    byte ptr [eax], cl
00402ED0  |.^ 7C D3       |\jl    short 00402EA5
00402ED2  |.  6A 01       |push 1
00402ED4  |.  6A 1F       |push 1F
00402ED6  |.  8D5424 70    |lea    edx, dword ptr [esp+70]
00402EDA  |.  52          |push edx
00402EDB  |.  8D8C24 A40000>|lea    ecx, dword ptr [esp+A4]
00402EE2  |.  FF15 04534000 |call dword ptr [<&MSVCP80.std::basic>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::substr
00402EE8  |.  68 C0634000 |push 004063C0                      ;  0
00402EED  |.  50          |push eax
00402EEE  |.  C68424 980000>|mov    byte ptr [esp+98], 6
00402EF6  |.  FF15 FC524000 |call dword ptr [<&MSVCP80.??$?9DU?$c>;  MSVCP80.??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
00402EFC  |.  83C4 08    |add    esp, 8
00402EFF  |.  8D4C24 68    |lea    ecx, dword ptr [esp+68]
00402F03  |.  8AD8       |mov    bl, al
00402F05  |.  C68424 900000>|mov    byte ptr [esp+90], 2
00402F0D  |.  FF15 EC524000 |call dword ptr [<&MSVCP80.std::basic>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::~basic_string<char,std::char_traits<char>,std::allocator<char> >
00402F13  |.  84DB       |test bl, bl
00402F15  |.  74 12       |je    short 00402F29
00402F17  |.  6A 1F       |push 1F
00402F19  |.  8D8C24 9C0000>|lea    ecx, dword ptr [esp+9C]
00402F20  |.  FF15 0C534000 |call dword ptr [<&MSVCP80.std::basic>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::operator[]
00402F26  |.  C600 30    |mov    byte ptr [eax], 30
00402F29  |>  836C24 20 01  |sub    dword ptr [esp+20], 1
00402F2E  |.^ 0F85 6FFFFFFF \jnz    00402EA3
00402F34  |>  8D8424 980000>lea    eax, dword ptr [esp+98]
00402F3B  |.  50          push eax
00402F3C  |.  8D4C24 50    lea    ecx, dword ptr [esp+50]
00402F40  |.  FF15 F0524000 call dword ptr [<&MSVCP80.std::basic_>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::assign
00402F46  |.  68 B8634000 push 004063B8
00402F4B  |.  8D8C24 9C0000>lea    ecx, dword ptr [esp+9C]
00402F52  |.  FF15 E8524000 call dword ptr [<&MSVCP80.std::basic_>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::operator=
00402F58  |.  33C0       xor    eax, eax
00402F5A  |.  8D9B 00000000 lea    ebx, dword ptr [ebx]
00402F60  |>  33DB       /xor    ebx, ebx
00402F62  |.  8BE8       |mov    ebp, eax
00402F64  |.  BE 03000000 |mov    esi, 3
00402F69  |.  8DA424 000000>|lea    esp, dword ptr [esp]
00402F70  |>  6A 01       |/push 1
00402F72  |.  55          ||push ebp
00402F73  |.  8D4C24 38    ||lea    ecx, dword ptr [esp+38]
00402F77  |.  51          ||push ecx
00402F78  |.  8D4C24 58    ||lea    ecx, dword ptr [esp+58]
00402F7C  |.  FF15 04534000 ||call dword ptr [<&MSVCP80.std::basi>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::substr
00402F82  |.  8378 18 10 ||cmp    dword ptr [eax+18], 10
00402F86  |.  72 05       ||jb    short 00402F8D
00402F88  |.  8B40 04    ||mov    eax, dword ptr [eax+4]
00402F8B  |.  EB 03       ||jmp    short 00402F90
00402F8D  |>  83C0 04    ||add    eax, 4
00402F90  |>  50          ||push eax                         ; /s
00402F91  |.  FF15 88534000 ||call dword ptr [<&MSVCR80.atoi>] ; \atoi
00402F97  |.  83C4 04    ||add    esp, 4
00402F9A  |.  8D4C24 30    ||lea    ecx, dword ptr [esp+30]
00402F9E  |.  8BF8       ||mov    edi, eax
00402FA0  |.  FF15 EC524000 ||call dword ptr [<&MSVCP80.std::basi>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::~basic_string<char,std::char_traits<char>,std::allocator<char> >
00402FA6  |.  85FF       ||test edi, edi
00402FA8  |.  74 35       ||je    short 00402FDF
00402FAA  |.  85F6       ||test esi, esi
00402FAC  |.  DD05 00674000 ||fld    qword ptr [406700]
00402FB2  |.  8BC6       ||mov    eax, esi
00402FB4  |.  7D 02       ||jge    short 00402FB8
00402FB6  |.  F7D8       ||neg    eax
00402FB8  |>  D9E8       ||fld1
00402FBA  |.  D9C0       ||fld    st
00402FBC  |>  A8 01       ||/test al, 1
00402FBE  |.  74 02       |||je    short 00402FC2
00402FC0  |.  D8CA       |||fmul st, st(2)
00402FC2  |>  D1E8       |||shr    eax, 1
00402FC4  |.  74 06       |||je    short 00402FCC
00402FC6  |.  D9C2       |||fld    st(2)
00402FC8  |.  DECB       |||fmulp st(3), st
00402FCA  |.^ EB F0       ||\jmp    short 00402FBC
00402FCC  |>  85F6       ||test esi, esi
00402FCE  |.  DDDA       ||fstp st(2)
00402FD0  |.  7D 04       ||jge    short 00402FD6
00402FD2  |.  DEF1       ||fdivrp  st(1), st
00402FD4  |.  EB 02       ||jmp    short 00402FD8
00402FD6  |>  DDD8       ||fstp st
00402FD8  |>  E8 33170000 ||call 00404710
00402FDD  |.  03D8       ||add    ebx, eax
00402FDF  |>  83EE 01    ||sub    esi, 1
00402FE2  |.  83C5 01    ||add    ebp, 1
00402FE5  |.  83FE FF    ||cmp    esi, -1
00402FE8  |.^ 7F 86       |\jg    short 00402F70
00402FEA  |.  33C0       |xor    eax, eax
00402FEC  |.  6A 10       |push 10                            ; /radix = 10 (16.)
00402FEE  |.  8D5424 6C    |lea    edx, dword ptr [esp+6C]       ; |
00402FF2  |.  52          |push edx                            ; |string
00402FF3  |.  53          |push ebx                            ; |value
00402FF4  |.  C64424 74 00  |mov    byte ptr [esp+74], 0          ; |
00402FF9  |.  894424 75    |mov    dword ptr [esp+75], eax       ; |
00402FFD  |.  894424 79    |mov    dword ptr [esp+79], eax       ; |
00403001  |.  894424 7D    |mov    dword ptr [esp+7D], eax       ; |
00403005  |.  898424 810000>|mov    dword ptr [esp+81], eax       ; |
0040300C  |.  66:898424 850>|mov    word ptr [esp+85], ax          ; |
00403014  |.  888424 870000>|mov    byte ptr [esp+87], al          ; |
0040301B  |.  FF15 84534000 |call dword ptr [<&MSVCR80._itoa>] ; \_itoa
00403021  |.  8D4424 74    |lea    eax, dword ptr [esp+74]
00403025  |.  83C4 0C    |add    esp, 0C
00403028  |.  33F6       |xor    esi, esi
0040302A  |.  8D50 01    |lea    edx, dword ptr [eax+1]
0040302D  |.  8D49 00    |lea    ecx, dword ptr [ecx]
00403030  |>  8A08       |/mov    cl, byte ptr [eax]
00403032  |.  83C0 01    ||add    eax, 1
00403035  |.  84C9       ||test cl, cl
00403037  |.^ 75 F7       |\jnz    short 00403030
00403039  |.  2BC2       |sub    eax, edx
0040303B  |.  74 32       |je    short 0040306F
0040303D  |.  8D49 00    |lea    ecx, dword ptr [ecx]
00403040  |>  0FB64434 68 |/movzx eax, byte ptr [esp+esi+68]
00403045  |.  50          ||push eax
00403046  |.  8D8C24 9C0000>||lea    ecx, dword ptr [esp+9C]
0040304D  |.  FF15 08534000 ||call dword ptr [<&MSVCP80.std::basi>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::push_back
00403053  |.  8D4424 68    ||lea    eax, dword ptr [esp+68]
00403057  |.  83C6 01    ||add    esi, 1
0040305A  |.  8D50 01    ||lea    edx, dword ptr [eax+1]
0040305D  |.  8D49 00    ||lea    ecx, dword ptr [ecx]
00403060  |>  8A08       ||/mov    cl, byte ptr [eax]
00403062  |.  83C0 01    |||add    eax, 1
00403065  |.  84C9       |||test cl, cl
00403067  |.^ 75 F7       ||\jnz    short 00403060
00403069  |.  2BC2       ||sub    eax, edx
0040306B  |.  3BF0       ||cmp    esi, eax
0040306D  |.^ 72 D1       |\jb    short 00403040
0040306F  |>  83FD 20    |cmp    ebp, 20
00403072  |.  8BC5       |mov    eax, ebp
00403074  |.^ 0F8C E6FEFFFF \jl    00402F60
0040307A  |.  83BC24 B00000>cmp    dword ptr [esp+B0], 10
00403082  |.  8B8424 9C0000>mov    eax, dword ptr [esp+9C]
00403089  |.  73 07       jnb    short 00403092
0040308B  |.  8D8424 9C0000>lea    eax, dword ptr [esp+9C]
00403092  |>  50          push eax                            ; /StringOrChar
00403093  |.  FF15 CC534000 call dword ptr [<&USER32.CharUpperA>] ; \CharUpperA
00403099  |.  8B8424 AC0000>mov    eax, dword ptr [esp+AC]
004030A0  |.  83F8 08    cmp    eax, 8
004030A3  |.  8B7424 1C    mov    esi, dword ptr [esp+1C]
004030A7  |.  76 1D       jbe    short 004030C6
004030A9  |.  8B0D F4524000 mov    ecx, dword ptr [<&MSVCP80.std::b>;  MSVCP80.std::basic_string<wchar_t,std::char_traits<wchar_t>,std::allocator<wchar_t> >::npos
004030AF  |.  8B11       mov    edx, dword ptr [ecx]
004030B1  |.  52          push edx
004030B2  |.  83C0 F8    add    eax, -8
004030B5  |.  50          push eax
004030B6  |.  56          push esi
004030B7  |.  8D8C24 A40000>lea    ecx, dword ptr [esp+A4]
004030BE  |.  FF15 04534000 call dword ptr [<&MSVCP80.std::basic_>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::substr
004030C4  |.  EB 10       jmp    short 004030D6
004030C6  |>  8D8424 980000>lea    eax, dword ptr [esp+98]
004030CD  |.  50          push eax
004030CE  |.  8BCE       mov    ecx, esi
004030D0  |.  FF15 1C534000 call dword ptr [<&MSVCP80.std::basic_>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::basic_string<char,std::char_traits<char>,std::allocator<char> >
004030D6  |>  C74424 18 010>mov    dword ptr [esp+18], 1
004030DE  |>  8D4C24 4C    lea    ecx, dword ptr [esp+4C]
004030E2  |.  C68424 900000>mov    byte ptr [esp+90], 1
004030EA  |.  FF15 EC524000 call dword ptr [<&MSVCP80.std::basic_>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::~basic_string<char,std::char_traits<char>,std::allocator<char> >
004030F0  |.  8D8C24 980000>lea    ecx, dword ptr [esp+98]
004030F7  |.  C68424 900000>mov    byte ptr [esp+90], 0
004030FF  |.  FF15 EC524000 call dword ptr [<&MSVCP80.std::basic_>;  MSVCP80.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::~basic_string<char,std::char_traits<char>,std::allocator<char> >
00403105  |.  8BC6       mov    eax, esi
00403107  |.  8B8C24 880000>mov    ecx, dword ptr [esp+88]
0040310E  |.  64:890D 00000>mov    dword ptr fs:[0], ecx
00403115  |.  59          pop    ecx
00403116  |.  5F          pop    edi
00403117  |.  5E          pop    esi
00403118  |.  5D          pop    ebp
00403119  |.  5B          pop    ebx
0040311A  |.  8B4C24 70    mov    ecx, dword ptr [esp+70]
0040311E  |.  33CC       xor    ecx, esp
00403120  |.  E8 24100000 call 00404149
00403125  |.  81C4 80000000 add    esp, 80
0040312B  \.  C2 2000    retn 20

[课程]Linux pwn 探索篇！

#加密算法

收藏・1

免费・0

支持

最新回复 (3)
francymiky 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 1 回帖 12 粉丝 0 关注私信	francymiky 2 楼一点也看不懂！ 2009-1-27 17:57 0
Aker 雪币： 2134 活跃值： (14) 能力值： (RANK：170 ) 在线值：发帖 50 回帖 773 粉丝 3 关注私信	Aker 4 3 楼这么长，估计没几个愿意这样看 2009-1-29 14:41 0
qdk 雪币： 231 活跃值： (45) 能力值： ( LV2，RANK：10 ) 在线值：发帖 22 回帖 423 粉丝 0 关注私信	qdk 4 楼何不用ida的f5一下呢 2009-1-29 17:03 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

lovenuo

发帖

回帖

RANK

关注

私信

他的文章

关于我们

联系我们

企业服务

看雪公众号

最新回复 (3)
francymiky 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 1 回帖 12 粉丝 0 关注私信	francymiky 2 楼一点也看不懂！ 2009-1-27 17:57 0
Aker 雪币： 2134 活跃值： (14) 能力值： (RANK：170 ) 在线值：发帖 50 回帖 773 粉丝 3 关注私信	Aker 4 3 楼这么长，估计没几个愿意这样看 2009-1-29 14:41 0
qdk 雪币： 231 活跃值： (45) 能力值： ( LV2，RANK：10 ) 在线值：发帖 22 回帖 423 粉丝 0 关注私信	qdk 4 楼何不用ida的f5一下呢 2009-1-29 17:03 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复