[收藏本方案]

AcProtect 1.41 外壳分析[27]

[入库:2005年8月19日] [更新:2007年3月24日]

本文简介:选择自 bmd2chen 的 blog
首页 上页 下页 尾页 [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19] [20] [21] [22] [23] [24] [25] [26] [27] [28] [29] [30] [31] [32] [33] [34] [35] [36] [37] [38] [39] [40] [41] [42] [43] [44] [45] [46] [47] [48] [49] [50] [51] [52] [53] [54] [55] [56] [57] [58] [59] [60] [61] [62] [63] [64] [65] [66] [67] [68] [69]

"1">nop 0058b13d 90 nop 0058b13e 90 nop 0058b13f 90 nop 0058b140 ffe0 jmp eax 0058b142 c2 1000 retn 10 sub_crc: 004246f9 > 60 pushad ; sub_crc 004246fa e8 73faffff call <getebp> 004246ff c685 1a1c4000 c>mov byte ptr ss:[ebp+401c1a],0c3 00424706 e8 1b0e0000 call 00425526 ;这个call 进去  0042470b 61 popad 0042470c c3 retn 进来后: 004256d1 e8 9ceaffff call <getebp> ;这里和上篇里的是一样的,所以我也不多注释了:-) 004256d6 68 20030000 push 320 004256db 8dbd 00104000 lea edi,dword ptr ss:[ebp+401000] 004256e1 57 push edi 004256e2 6a 00 push 0 004256e4 ff95 20164000 call dword ptr ss:[ebp+401620] ;getmodulefilenamea 004256ea 6a 00 push 0 004256ec 68 80000000 push 80 004256f1 6a 03 push 3 004256f3 6a 00 push 0 004256f5 6a 01 push 1 004256f7 68 00000080 push 80000000 004256fc 57 push edi 004256fd ff95 d8154000 call dword ptr ss:[ebp+4015d8] 00425703 40 inc eax 00425704 0f84 8a000000 je 00425794 0042570a 48 dec eax 0042570b 8bf8 mov edi,eax 0042570d 6a 00 push 0 0042570f 57 push edi 00425710 ff95 24164000 call dword ptr ss:[ebp+401624] 00425716 2b85 2c164000 sub eax,dword ptr ss:[ebp+40162c] 0042571c 96 xchg eax,esi 0042571d 56 push esi 0042571e 6a 40 push 40 00425720 ff95 ac154000 call dword ptr ss:[ebp+4015ac] 00425726 85c0 test eax,eax 00425728 74 61 je short 0042578b 0042572a 90 nop 0042572b 90 nop 0042572c 90 nop 0042572d 90 nop 0042572e 93 xchg eax,ebx 0042572f 6a 00 push 0 00425731 8d85 00104000 lea eax,dword ptr ss:[ebp+401000] 00425737 50 push eax 00425738 56 push esi 00425739 53 push ebx 0042573a 57 push edi 0042573b ff95 fc154000 call dword ptr ss:[ebp+4015fc] 00425741 8bc3 mov eax,ebx 00425743 8bce mov ecx,esi 00425745 60 pushad 00425746 e8 3e060000 call 00425d89 0042574b 3985 30164000 cmp dword ptr ss:[ebp+401630],eax 00425751 74 27 je short 0042577a 00425753 90 nop 00425754 90 nop 00425755 90 nop 00425756 90 nop 00425757 60 pushad 00425758 e8 15eaffff call <getebp> 0042575d b8 00010000 mov eax,100 00425762 e8 18eaffff call 0042417f 00425767 8bc8 mov ecx,eax 00425769 8dbd 9a404000 l

首页 上页 下页 尾页 [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19] [20] [21] [22] [23] [24] [25] [26] [27] [28] [29] [30] [31] [32] [33] [34] [35] [36] [37] [38] [39] [40] [41] [42] [43] [44] [45] [46] [47] [48] [49] [50] [51] [52] [53] [54] [55] [56] [57] [58] [59] [60] [61] [62] [63] [64] [65] [66] [67] [68] [69]
本文关键:AcProtect 1.41 外壳分析
  相关方案
Google
 

本站最佳浏览方式为 分辨率 1024x768 IE 6.0(或更高版本的 IE浏览器)

go top