a id="2">esi,dword ptr ss:[ebp+40192c] 004243cc > 6a 00 push 0 004243ce . 68 80000000 push 80 004243d3 . 6a 03 push 3 004243d5 . 6a 00 push 0 004243d7 . 6a 03 push 3 004243d9 . 68 000000c0 push c0000000 004243de . 56 push esi 004243df . ff95 d8154000 call dword ptr ss:[ebp+4015d8] ; createfilea 004243e5 . 40 inc eax 004243e6 . 75 1e jnz short 00424406 004243e8 . 90 nop 004243e9 . 90 nop 004243ea . 90 nop 004243eb . 90 nop 004243ec . 48 dec eax 004243ed . 50 push eax 004243ee . ff95 d4154000 call dword ptr ss:[ebp+4015d4] 004243f4 > 46 inc esi 004243f5 . 803e 00 cmp byte ptr ds:[esi],0 004243f8 .^ 75 fa jnz short 004243f4 004243fa . 46 inc esi 004243fb . 803e 00 cmp byte ptr ds:[esi],0 004243fe . 0f84 c2000000 je 004244c6 00424404 .^ eb c6 jmp short 004243cc 00424406 > e8 bb000000 call 004244c6 0042440b . 5c 5c 2e 5c 5>ascii "\\.\sice",0 00424414 . 5c 5c 2e 5c 4>ascii "\\.\ntice",0 0042441e . 5c 5c 2e 5c 4>ascii "\\.\ntice7871",0 0042442c . 5c 5c 2e 5c 4>ascii "\\.\nticed052",0 0042443a . 5c 5c 2e 5c 5>ascii "\\.\trwdebug",0 00424447 . 5c 5c 2e 5c 5>ascii "\\.\trw",0 0042444f . 5c 5c 2e 5c 5>ascii "\\.\trw2000",0 0042445b . 5c 5c 2e 5c 5>ascii "\\.\superbpm",0 00424468 . 5c 5c 2e 5c 4>ascii "\\.\icedump",0 00424474 . 5c 5c 2e 5c 5>ascii "\\.\regmon",0 0042447f . 5c 5c 2e 5c 4>ascii "\\.\filemon",0 0042448b . 5c 5c 2e 5c 5>ascii "\\.\regvxd",0 00424496 . 5c 5c 2e 5c 4>ascii "\\.\filevxd",0 004244a2 . 5c 5c 2e 5c 5>ascii "\\.\vkeyprod",0 004244af . 5c 5c 2e 5c 4>ascii "\\.\bw2k",0 004244b8 . 5c 5c 2e 5c 5>ascii "\\.\siwdebug",0 004244c5 00 db 00 004244c6 /$ 61 popad 004244c7 \. c3 retn sub_fuck_int3: 0042196b > 60 pushad ; sub_fuck_int3 0042196c e8 01000000 call 00421972 00421971 ^ 7d 83 jge short 004218f6 00421973 04 24 add al,24 ...... 00421b16 e8 12f4ffff call <getebp> 00421b1b c685 d1204000 c>mov byte ptr ss:[ebp+4020d1],0c3 00421b22 e8 2a000000 call 00421b51 00421b27 8b4424 04 mov eax,dword ptr ss:[esp+4] 00421b2b 8b4c24 0c mov ecx,dword ptr ss:[esp+c] 00421b2f ff81 b8000000 inc dword ptr ds:[ecx+b8] 00421b35 8b00 mov eax,dword ptr ds:[eax] 00421b37 2d 03000080 sub eax,80000003 00421b3c 75 12 jnz short 00421b50 00421b3e 90 nop 00421b3f 90 nop 00421b40 90 nop 00421b41 90 nop 00421b42 33c0 xor eax,eax 00421b44 8941 04 mov dword ptr ds:[ecx+4],eax
AcProtect 1.41 外壳分析[33]
[入库:2005年8月19日] [更新:2007年3月24日]
本文简介:选择自 bmd2chen 的 blog
首页
上页
下页
尾页
[1]
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9]
[10]
[11]
[12]
[13]
[14]
[15]
[16]
[17]
[18]
[19]
[20]
[21]
[22]
[23]
[24]
[25]
[26]
[27]
[28]
[29]
[30]
[31]
[32]
[33]
[34]
[35]
[36]
[37]
[38]
[39]
[40]
[41]
[42]
[43]
[44]
[45]
[46]
[47]
[48]
[49]
[50]
[51]
[52]
[53]
[54]
[55]
[56]
[57]
[58]
[59]
[60]
[61]
[62]
[63]
[64]
[65]
[66]
[67]
[68]
[69]
首页
上页
下页
尾页
[1]
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9]
[10]
[11]
[12]
[13]
[14]
[15]
[16]
[17]
[18]
[19]
[20]
[21]
[22]
[23]
[24]
[25]
[26]
[27]
[28]
[29]
[30]
[31]
[32]
[33]
[34]
[35]
[36]
[37]
[38]
[39]
[40]
[41]
[42]
[43]
[44]
[45]
[46]
[47]
[48]
[49]
[50]
[51]
[52]
[53]
[54]
[55]
[56]
[57]
[58]
[59]
[60]
[61]
[62]
[63]
[64]
[65]
[66]
[67]
[68]
[69]
本文关键:AcProtect 1.41 外壳分析
相关方案
- The Programming…
- diablo2002’s cr…
- Diablo 2oo2’s C…
- iczelion tut23…
- Window 中窗口的层次关系…
- Man 帮助文件转化成为win…
- iczelion tut24…
- C++ Builder 初学问…
- 《Undocumented W…
- 一个反汇编的例子…
- Enhanced Assert…
- Borland 免费编译器使用…
- 面试C++试题…
- 少走弯路:学习编译原理的…
- PHP 开发环境的选择、建立及…
- DIY一个简单共享儒虫…
- 三种排序算法及三种变量交换的宏…
- 各种专用iterator的用法…
- 对Gary Nebbet的经典…
- SYN_FLOOD 简单分析及…
本站最佳浏览方式为 分辨率 1024x768 IE 6.0(或更高版本的 IE浏览器)
