由于这个程序很短,OD里面的汇编代码也很短。
9 P2 S2 p6 ?$ J, [1 Y2 F请看红色的部分,这就是和0x80比较的部分。 + [0 Q( j7 P0 w7 [7 \5 j z
把这2句NOP掉,然后保存修改后的文件为exe。
( e& d/ z& p4 r4 J; r我们发现input.txt里面的所有内容都能被输出了。 ) B, S9 V$ i- n& s: G: }
附上修改后的exe. 7 I$ f1 W9 `8 J1 g8 T. |
深绿,你可以把这个操作过程试一下,练习一下.
* W. {. _% P. n* ]; C
9 A% H" Q& Y/ f9 m& g$ y00401000 /$ 55 push ebp ! X0 a4 z& f6 O8 N/ a( H4 }! O
00401001 |. 89E5 mov ebp, esp 0 V4 v$ G: r. M4 V
00401003 |. 83EC 18 sub esp, 18 G% R; X5 ?4 r, b7 B
00401006 |. C745 FC 00000>mov dword ptr [ebp-4], 0 % V q, y8 A7 K) r
0040100D |. 83C4 F4 add esp, -0C
& P& O! M: ~8 Z6 }3 d; u00401010 |. 8D45 FC lea eax, dword ptr [ebp-4] 8 k9 G7 W: H* ~& N& i/ x. [1 f# n
00401013 |. 50 push eax ) P" o- |$ F$ K d$ V" `# S" c4 R5 `
00401014 |. FF35 08204000 push dword ptr [402008]
6 T/ A: p8 Y3 d7 S$ K5 B0040101A |. 8D45 F8 lea eax, dword ptr [ebp-8] 0 W+ ]# x9 ?- v- L
0040101D |. 50 push eax 7 T1 Q9 l4 O, l: u* h4 s! g
0040101E |. 68 04204000 push 00402004 ' Q; h& i/ j& Z9 R+ ~1 _7 ^' k* ?
00401023 |. 68 00204000 push 00402000
# l8 o: [6 o$ c/ e T/ t) Y9 h00401028 |. E8 EB030000 call <jmp.&msvcrt.__getmainargs>
, |/ V9 a9 W) g, N, H" V6 E0040102D |. C9 leave
7 ^7 C) e, N) Q* u0040102E \\. C3 retn
' @/ V/ l$ P0 M; \0040102F 90 nop
& O6 ^ ~( n; m" d# n# ^3 E) ] H% b00401030 /$ 55 push ebp % K8 |! \2 a! e- _4 @
00401031 |. 89E5 mov ebp, esp
1 e" S% g5 o% x00401033 |. 83EC 08 sub esp, 8
+ ]+ v6 n" C( j1 l$ D- x2 E4 n2 ^00401036 |. 8B15 0C204000 mov edx, dword ptr [40200C]
* |" g4 ?+ n0 L- v' z0040103C |. 85D2 test edx, edx
- @* T7 D9 F0 c/ Z7 X+ u% M0040103E |. 74 7B je short 004010BB
1 W1 }. Q+ K3 n, F B/ X/ n' N# M00401040 |. A1 AC304000 mov eax, dword ptr [<&msvcrt._fmode>>
* g# U9 o* u3 Y* q00401045 |. 8910 mov dword ptr [eax], edx
$ Y: M/ i% ~$ C. ^& {- x( i% z00401047 |. A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>] 9 w: P, o& O2 f9 ]: D; q, d
0040104C |. 85C0 test eax, eax
M f$ e, W4 U1 \0040104E |. 74 1E je short 0040106E
; _" F5 W9 b/ w0 c v' s: D b00401050 |. 83C4 F8 add esp, -8
# u6 y/ ]( i; e00401053 |. FF35 0C204000 push dword ptr [40200C] 8 R! y; I- c- k( k: h3 j
00401059 |. 83C4 F4 add esp, -0C 5 Q6 q7 j1 \$ W& o8 o8 H
0040105C |. 50 push eax ; /pstream => offset msvcrt._iob
" R$ X/ J" g- x+ i0040105D |. E8 A6030000 call <jmp.&msvcrt._fileno> ; \\_fileno
1 Q' n9 z" a7 O8 w00401062 |. 83C4 10 add esp, 10
) z" S+ P0 W d e. E% |00401065 |. 50 push eax ; |handle ' r0 X* _8 T3 Q* G* i
00401066 |. E8 A5030000 call <jmp.&msvcrt._setmode> ; \\_setmode
% F) Y S* U& `. I0 f; @0040106B |. 83C4 10 add esp, 10
: a( Z4 N U( Z6 a L: E0040106E |> A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>]
! d& ? \5 w5 G' U00401073 |. 83C0 20 add eax, 20
- @; d8 d& p1 z* w9 Y. a- d00401076 |. 74 1E je short 00401096
+ ?* D/ {* i9 B9 H, z7 v00401078 |. 83C4 F8 add esp, -8 1 u1 F3 D) r1 J% ~0 [' y" j
0040107B |. FF35 0C204000 push dword ptr [40200C] & j2 v3 ~/ ^0 Y( \5 Q
00401081 |. 83C4 F4 add esp, -0C
+ e' r) w1 f- s4 F00401084 |. 50 push eax ; /pstream
7 s8 _# C4 K" f. B r" C. |00401085 |. E8 7E030000 call <jmp.&msvcrt._fileno> ; \\_fileno q5 @0 B$ |7 @8 f" l5 X0 t0 S( f
0040108A |. 83C4 10 add esp, 10
' r8 w$ r4 Y& q* y7 k- Z0040108D |. 50 push eax ; |handle
+ Z: a+ d& b( h$ \0040108E |. E8 7D030000 call <jmp.&msvcrt._setmode> ; \\_setmode
* P& a% u: A' c$ x$ j& W00401093 |. 83C4 10 add esp, 10 ( H% ?- x8 i: [9 l7 _: n n
00401096 |> A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>]
% g/ k3 I0 Q5 K* I( ]0040109B |. 83C0 40 add eax, 40
: ]. n% c, ~- t0 q4 B0040109E |. 74 1B je short 004010BB 3 H' P/ { M) ?1 ]* ?
004010A0 |. 83C4 F8 add esp, -8
/ ^4 p+ a# L9 d' k0 v8 {1 q: J/ N9 g004010A3 |. FF35 0C204000 push dword ptr [40200C]
+ C ]% Q) v; ^$ i; A' h% {& l004010A9 |. 83C4 F4 add esp, -0C
6 q7 ~5 M( y+ A7 B# X004010AC |. 50 push eax ; /pstream * y; P5 Y& r8 y- d5 V
004010AD |. E8 56030000 call <jmp.&msvcrt._fileno> ; \\_fileno ( N7 V7 A p' w7 i4 m3 L
004010B2 |. 83C4 10 add esp, 10
/ n( U! W3 K, H/ X$ F- C. K. x004010B5 |. 50 push eax ; |handle
$ P5 n' s" }+ P004010B6 |. E8 55030000 call <jmp.&msvcrt._setmode> ; \\_setmode
& y+ {* n/ B& Q) M7 E004010BB |> C9 leave
. A: l: f- A4 }5 Z004010BC \\. C3 retn
+ D2 x. S- A- L+ u7 B# S004010BD 8D76 00 lea esi, dword ptr [esi] ' q( _5 \& ?! G2 ?
004010C0 /. 55 push ebp
- T- y2 B7 {1 n. w4 W a; r004010C1 |. 89E5 mov ebp, esp
/ i* e) w6 V1 u6 f6 o004010C3 |. 83EC 10 sub esp, 10 7 |0 r8 j' Z) d
004010C6 |. 56 push esi : x6 D# F( E# g8 K5 b* c( O; b: q
004010C7 |. 53 push ebx . p) |4 h3 j) \- E/ k5 z' A
004010C8 |. 8B45 08 mov eax, dword ptr [ebp+8]
' Q/ M3 d' c9 S" G( U0 ^004010CB |. 31DB xor ebx, ebx 4 W e; C* t' l6 L$ r; f, p+ N
004010CD |. 31F6 xor esi, esi ' c1 h% V5 d6 Q& F8 P3 X8 i H2 R% A G
004010CF |. 8B00 mov eax, dword ptr [eax] 3 _$ N6 k% L1 \* a! }
004010D1 |. 8B00 mov eax, dword ptr [eax]
, R; l& ^6 [7 h) U1 |004010D3 |. 3D 910000C0 cmp eax, C0000091
5 `" N! f- O; y- B004010D8 |. 77 16 ja short 004010F0
: P2 ?$ z# N( \004010DA |. 3D 8D0000C0 cmp eax, C000008D
: I# V$ J; q7 w. j+ u004010DF |. 73 4F jnb short 00401130
. X, d: @% Q$ c8 ~& {# f3 c004010E1 |. 3D 050000C0 cmp eax, C0000005
2 L5 B- H8 M: i8 i& O+ y004010E6 |. 74 18 je short 00401100 ( x- C& A/ R9 e( G5 |
004010E8 |. E9 86000000 jmp 00401173
! {1 O: {! s+ C7 k; H# y/ ~* U2 G004010ED | 8D76 00 lea esi, dword ptr [esi]
n* {, x* I! ]004010F0 |> 3D 930000C0 cmp eax, C0000093
- ~: W1 {8 g4 \004010F5 |. 74 39 je short 00401130 6 ]$ n) E' a4 a [$ b0 P
004010F7 |. 3D 940000C0 cmp eax, C0000094 6 j: q, p$ P; u3 n8 ]1 U. S6 `
004010FC |. 74 37 je short 00401135
$ D( \. M( r# l! Q! y) }# J004010FE |. EB 73 jmp short 00401173
; {/ k3 @ Y, s" M3 u* Q00401100 |> 83C4 F8 add esp, -8
- P. M3 T9 |, q1 q! h! X# v6 N5 o00401103 |. 6A 00 push 0 ; /func = NULL
' ~, _% W- q) \" x! _0 f$ T6 y00401105 |. 6A 0B push 0B ; |sig = SIGSEGV 1 [, t' B# f3 @% Z
00401107 |. E8 F4020000 call <jmp.&msvcrt.signal> ; \\signal ! Y. O1 n; `6 t; d) h9 J7 {
0040110C |. 83C4 10 add esp, 10
' I8 N. `9 F. j) H9 [! g0040110F |. 83F8 01 cmp eax, 1 # L" V) ^9 o5 T: S" x8 s# T6 h
00401112 |. 75 0E jnz short 00401122 : o# i E" D: \$ x, M: M$ F
00401114 |. 83C4 F8 add esp, -8 ) V; E" f* C$ d5 c8 O" X! z
00401117 |. 6A 01 push 1 ; /func = 00000001 , e8 ?! |& B: h. h/ c% J
00401119 |. 6A 0B push 0B ; |sig = SIGSEGV
. ^, b: u2 m$ N" O4 }8 ~4 }0040111B |. E8 E0020000 call <jmp.&msvcrt.signal> ; \\signal 0 d7 R" Z5 \) Y0 N. J7 ~
00401120 |. EB 4C jmp short 0040116E
3 ]& w# l- g9 k+ R# m00401122 |> 85C0 test eax, eax F. K( ~0 B. t( D* L& o: O
00401124 |. 74 4D je short 00401173
) g9 a8 X, _( }0 s/ l1 @00401126 |. 83C4 F4 add esp, -0C . x2 h6 }' x$ q! q6 M) I1 B! f- q7 w
00401129 |. 6A 0B push 0B
2 e( [' a* @$ M; n- ]& b! x0040112B |. EB 3F jmp short 0040116C
. s0 p! c+ u8 k! b2 s0040112D | 8D76 00 lea esi, dword ptr [esi] $ o8 T" S4 u: t# `5 h! H1 \
00401130 |> BE 01000000 mov esi, 1 . b% _& Z0 K4 [$ Z+ r
00401135 |> 83C4 F8 add esp, -8
( `& `3 P9 ]) [00401138 |. 6A 00 push 0 ; /func = NULL
; w! q1 W/ k7 i0040113A |. 6A 08 push 8 ; |sig = SIGFPE 0 {( ^6 t' t. C
0040113C |. E8 BF020000 call <jmp.&msvcrt.signal> ; \\signal
) y8 b, d6 B5 J& _9 H0 V00401141 |. 83C4 10 add esp, 10
0 Z6 ?9 S5 e' ^7 e) E00401144 |. 83F8 01 cmp eax, 1 ' [! n- o* A/ a* i1 l8 Q- w
00401147 |. 75 1A jnz short 00401163 ) j4 z1 k% i! s9 a! Q N5 ~
00401149 |. 83C4 F8 add esp, -8 ' N+ ?( u4 o' z( P: e2 d! W6 }
0040114C |. 6A 01 push 1 ; /func = 00000001 & B9 J# W6 J) I5 S
0040114E |. 6A 08 push 8 ; |sig = SIGFPE % a* R p, k( k
00401150 |. E8 AB020000 call <jmp.&msvcrt.signal> ; \\signal 3 c/ V; f* x$ c T3 y" T) m+ e
00401155 |. 83C4 10 add esp, 10 + P0 p; j0 m) F- h6 j" m9 F" T
00401158 |. 85F6 test esi, esi
+ g3 |' @5 _' c/ B; E0040115A |. 74 12 je short 0040116E
. b2 L2 C) u3 ]! I" E0040115C |. E8 97020000 call <jmp.&msvcrt._fpreset> ; [_fpreset
& {7 O, X5 i8 [3 F2 z00401161 |. EB 0B jmp short 0040116E
" i N# o* j" T7 _) X$ Y4 j7 B00401163 |> 85C0 test eax, eax
" l0 S/ ^. W- F4 e2 M# i* l* O0 ]% s7 ^00401165 |. 74 0C je short 00401173 2 k' |/ W$ |" ?! f) i# q
00401167 |. 83C4 F4 add esp, -0C 2 g! Q6 F2 s1 s$ u: Q+ \0 |! }
0040116A |. 6A 08 push 8
: N) g# r, m3 O7 Z0040116C |> FFD0 call eax
5 ?) n+ c9 j: T# b, R/ j9 c! U0040116E |> BB FFFFFFFF mov ebx, -1
' |) Y5 o4 q& c v u' {! f. o) l7 [3 m00401173 |> 89D8 mov eax, ebx
3 }# ^4 u$ t# m2 i, c1 N* d00401175 |. 8D65 E8 lea esp, dword ptr [ebp-18] 4 i$ d( v, C7 a+ b" n
00401178 |. 5B pop ebx
1 I! G. v& r6 F7 d5 a00401179 |. 5E pop esi : C D/ `! m/ W7 G6 H f' l4 @
0040117A |. C9 leave 6 W3 L9 W( C; L A2 O( p
0040117B \\. C2 0400 retn 4
5 C; V7 Y, q4 c9 Y* V0040117E 89F6 mov esi, esi * u3 ]' F2 `( h3 J& t
00401180 /$ 55 push ebp b; B7 y8 V U5 m0 b w
00401181 |. 89E5 mov ebp, esp 3 V! N0 @- F% d8 O! J/ K
00401183 |. 83EC 14 sub esp, 14
% w) t3 v. j F' e00401186 |. 53 push ebx + t$ U* a9 w$ k7 ~2 n
00401187 |. 83C4 F4 add esp, -0C
" E! ~7 G r& {1 W/ l; j- W7 ]0040118A |. 68 C0104000 push 004010C0 ; /pTopLevelFilter = engoutpu.004010C0
7 D+ W% r: w3 q: [ _5 n7 n0040118F |. E8 B4020000 call <jmp.&KERNEL32.SetUnhandledExcep>; \\SetUnhandledExceptionFilter
' q" U( N6 E1 t8 u$ `) {& b00401194 |. 83C4 FC add esp, -4
8 ]. }. L) K5 u7 f# o3 _1 f00401197 |. E8 5C020000 call <jmp.&msvcrt._fpreset> ; [_fpreset : P8 l }: x- j, F& L! I/ d4 H
0040119C |. E8 5FFEFFFF call 00401000 0 ~' q4 T) Z, Y: u5 W
004011A1 |. E8 8AFEFFFF call 00401030
& s5 P# b/ P9 w004011A6 |. 83C4 FC add esp, -4 9 N- ^1 F& a' A, a% l O
004011A9 |. E8 42020000 call <jmp.&msvcrt.__p__environ>
( q* N: ]7 I' H8 ^004011AE |. FF30 push dword ptr [eax]
6 ?$ t( n: ?( n4 D4 h$ ]004011B0 |. FF35 04204000 push dword ptr [402004]
# w! N1 b& u6 S# J5 n004011B6 |. FF35 00204000 push dword ptr [402000] $ y8 T, y7 e9 W- W. d; ^: E) d
004011BC |. E8 AB000000 call 0040126C 0 z$ r. M' b9 e9 [7 Y8 ~& V- M
004011C1 |. 89C3 mov ebx, eax $ Y, T+ C' G7 _1 j+ p h
004011C3 |. 83C4 20 add esp, 20 ( G# v) Q2 W+ @) W6 i
004011C6 |. E8 1D020000 call <jmp.&msvcrt._cexit> ; [msvcrt._cexit
, u0 ^ p9 i( {9 x6 p004011CB |. 83C4 F4 add esp, -0C
* x, }) U# e$ V( p) @/ d% p% ] d8 z004011CE |. 53 push ebx ; /ExitCode 7 {; \: ^# Q. ~. q' L3 Q) P/ s
004011CF \\. E8 7C020000 call <jmp.&KERNEL32.ExitProcess> ; \\ExitProcess
; ~+ {+ `% x/ O4 u- T004011D4 >/$ 55 push ebp $ J* h: `" }9 d" V1 z5 i ?# l7 ~" Y
004011D5 |. 89E5 mov ebp, esp # Z) I9 n6 Z6 M+ j
004011D7 |. 83EC 08 sub esp, 8
' J. Z4 A4 g0 _; Z: ]7 K$ C& a004011DA |. 83C4 F4 add esp, -0C / x/ [' L: x' k9 `, h
004011DD |. 6A 01 push 1 ( H) n' Z$ B' C9 Z
004011DF |. A1 DC304000 mov eax, dword ptr [<&msvcrt.__set_a> % R' D$ O4 Q* Y) S- b) [
004011E4 |. FFD0 call eax ; <&msvcrt.__set_app_type> & S7 p0 S+ j" O8 B; |3 r6 i1 r' z
004011E6 |. E8 95FFFFFF call 00401180 3 E3 o- `3 p7 l; z
004011EB |. 31C0 xor eax, eax 2 s) v! ~) N! q) R: Q% Z- M' `
004011ED |. C9 leave 1 x% h7 w6 E* w
004011EE \\. C3 retn - C9 l6 [ t* W
004011EF 90 nop ; H% F2 O0 U& k/ n# T
004011F0 /. 55 push ebp 5 ~' z: G+ U8 R" \
004011F1 |. 89E5 mov ebp, esp ( p; G! ]+ ?+ ~% S! t
004011F3 |. 83EC 08 sub esp, 8
* \5 H4 ?# O6 I004011F6 |. 83C4 F4 add esp, -0C 7 C7 j- b1 ?" o' g' S, A' G
004011F9 |. 6A 02 push 2 3 } g! H/ u/ O, d
004011FB |. A1 DC304000 mov eax, dword ptr [<&msvcrt.__set_a>
3 B% f, }8 n: C. P2 b! `$ H# R* k00401200 |. FFD0 call eax ; <&msvcrt.__set_app_type>
`" G8 `! d6 O# h- _5 |, ^00401202 |. E8 79FFFFFF call 00401180 ' p% W. X* j# t5 e7 ~
00401207 |. C9 leave
/ m1 w( a y& o% T/ k- h6 q00401208 \\. C3 retn
! I3 z1 X {; N7 ~$ E00401209 00 db 00 5 Q1 e( }, J" V$ r4 y" N
0040120A 00 db 00
) F* g3 Q' ]- k3 P) t. L5 v# f0040120B 00 db 00 $ K5 Z! r; H% G# G W$ W8 y( m1 Q
0040120C 00 db 00
# |9 Z; O! q$ u. f/ y0040120D 00 db 00 / R; W* G5 n" {( v [! `
0040120E 00 db 00 ) O3 V! O2 t6 `# J, ~5 M
0040120F 00 db 00 * x R, m! _% C: ~6 S
00401210 72 db 72 ; CHAR 'r'
7 ~8 N8 \8 Z! H+ X. S5 I00401211 00 db 00
! n$ d6 L2 n3 ?% ]( U00401212 . 69 6E 70 75 7>ascii "input.txt",0
1 U, L; }+ \5 {( N- N5 `( E0040121C . 43 61 6E 27 7>ascii "Can't Find input" 2 ^2 U/ b& H4 _" k% d+ x" G
0040122C . 2E 74 78 74 2>ascii ".txt!",0
9 d% y- X3 n* r$ y& u6 a. F00401232 77 db 77 ; CHAR 'w' % I$ D' Z! g- V' v( C7 [ y
00401233 00 db 00 % N$ L+ I. a) T3 [, g9 c* ]: C
00401234 . 6F 75 74 70 7>ascii "output.txt",0
. R! F O/ t' R. S, i0040123F . 43 61 6E 27 7>ascii "Can't Create out" $ A2 m; Q; ]2 w+ L, p+ W- _$ j% E
0040124F . 70 75 74 2E 7>ascii "put.txt!",0
4 y% l- v' A+ Y I4 b% \. c00401258 . 6F 6E 65 20 6>ascii "one char outpute"
6 T( ~9 n( P) |7 [00401268 . 64 0A 00 ascii "d 5 b+ I, D$ a; Z8 @# @
",0 3 a2 H# r: R5 n. A# f" O' A
0040126B 90 nop
5 ~7 l$ }% g: m- t( l0040126C /$ 55 push ebp
1 D* c/ R4 w4 C. c- D0040126D |. 89E5 mov ebp, esp , k- U* V& m! ?" C i
0040126F |. 83EC 18 sub esp, 18
( a" C* f3 r, h: V00401272 |. E8 39010000 call 004013B0
5 ]' \3 u& P+ E1 G+ ?! V00401277 |. 83C4 F8 add esp, -8
) D. ~0 F1 Q2 v7 \8 Y& K* K0040127A |. 68 10124000 push 00401210 ; /mode = "r"
3 ~' U9 }, O4 n. [5 J0 R' s4 [0040127F |. 68 12124000 push 00401212 ; |path = "input.txt"
6 ]& f2 Q2 E% n/ g ^9 {00401284 |. E8 AF010000 call <jmp.&msvcrt.fopen> ; \\fopen c& W, R3 N* ~' @
00401289 |. 83C4 10 add esp, 10 $ @: q$ c; w9 i2 n8 s/ E1 E5 k
0040128C |. 89C0 mov eax, eax
7 _- p8 t0 G' D& K! Y! c" |0040128E |. 8945 FC mov dword ptr [ebp-4], eax ' ?! ~; V& _1 ?2 I
00401291 |. 837D FC 00 cmp dword ptr [ebp-4], 0
& V/ w* N* e7 d8 O; V' M* a/ u00401295 |. 75 10 jnz short 004012A7
M( ~/ @. o- R+ ~$ Y* i00401297 |. 83C4 F4 add esp, -0C $ v' k8 \$ F' U1 r
0040129A |. 68 1C124000 push 0040121C ; /format = "Can't Find input.txt!"
3 a& N' `6 D% C* ?$ \7 j0040129F |. E8 8C010000 call <jmp.&msvcrt.printf> ; \\printf , r* ]8 I% s1 K5 J. P3 y9 ?4 y
004012A4 |. 83C4 10 add esp, 10
1 Z4 B9 C* q3 R: f" Y004012A7 |> 83C4 F8 add esp, -8
J5 g2 j6 N! T9 }' C8 w5 _004012AA |. 68 32124000 push 00401232 ; /mode = "w" 9 @, e* o+ a# L4 J H- q
004012AF |. 68 34124000 push 00401234 ; |path = "output.txt"
( n5 Y3 e2 A$ C6 K004012B4 |. E8 7F010000 call <jmp.&msvcrt.fopen> ; \\fopen
. E- I2 f- g: D004012B9 |. 83C4 10 add esp, 10 6 g P3 H7 J8 }# E: g- c) V
004012BC |. 89C0 mov eax, eax 4 A6 n' w, h- K/ s O
004012BE |. 8945 F8 mov dword ptr [ebp-8], eax
+ f5 N. I# D) X) c! ~004012C1 |. 837D F8 00 cmp dword ptr [ebp-8], 0
+ X3 W/ T: N( n004012C5 |. 75 10 jnz short 004012D7
2 h2 B( C/ v: I; z! ^7 F9 t# P004012C7 |. 83C4 F4 add esp, -0C , d: X$ g& K8 d" C4 T6 F
004012CA |. 68 3F124000 push 0040123F ; /format = "Can't Create output.txt!"
& J5 r d4 x) J' [6 |7 s004012CF |. E8 5C010000 call <jmp.&msvcrt.printf> ; \\printf / o4 B4 j4 A2 y5 x1 F
004012D4 |. 83C4 10 add esp, 10 ( _9 S. {/ S0 K; R
004012D7 |> 83C4 F4 /add esp, -0C 7 V( s. h; P/ Q" \$ K- g) T2 Z
004012DA |. 8B45 FC |mov eax, dword ptr [ebp-4] & K; A- }* g; h J8 z- U
004012DD |. 50 |push eax ; /stream
' V7 Y# t |. d# C' z+ |* }- D004012DE |. E8 45010000 |call <jmp.&msvcrt.fgetc> ; \\fgetc - _5 Y& s" {$ Y: ]
004012E3 |. 83C4 10 |add esp, 10
; S4 p9 _% N+ ?' w004012E6 |. 89C0 |mov eax, eax
1 p% T# r5 P& ^8 o004012E8 |. 8945 F4 |mov dword ptr [ebp-C], eax
/ d/ O8 c0 T+ ^, k004012EB |. 817D F4 80000>|cmp dword ptr [ebp-C], 80
r% Y( H/ K& L) J004012F2 |. 7F 23 |jg short 00401317
3 s. U6 _, c7 s4 y1 U, e7 @# P0 B8 I004012F4 |. 83C4 F8 |add esp, -8 / M" [0 }9 g: b7 r1 R: w& I
004012F7 |. 8B45 F8 |mov eax, dword ptr [ebp-8] ! m& F. i3 [, V: S) m
004012FA |. 50 |push eax ; /stream
. C) \ [- {9 h8 y X7 w004012FB |. 8B45 F4 |mov eax, dword ptr [ebp-C] ; | ; A6 J8 w' L& S$ P4 g
004012FE |. 50 |push eax ; |c
6 |6 [$ J3 V' [/ b y; d004012FF |. E8 1C010000 |call <jmp.&msvcrt.fputc> ; \\fputc ; o* b6 _+ F: K( l3 p4 V2 t! T, Y
00401304 |. 83C4 10 |add esp, 10
3 ?: G' s$ i2 }3 Q: ^) f0 P) A00401307 |. 83C4 F4 |add esp, -0C
) K) ^- p9 E1 c; n* g0040130A |. 68 58124000 |push 00401258 ; /format = "one char outputed",LF,""
& E: k2 J3 s. z; j7 N% e2 S: R0040130F |. E8 1C010000 |call <jmp.&msvcrt.printf> ; \\printf ; _ Z- j, z B# ^4 h& T9 ?! N
00401314 |. 83C4 10 |add esp, 10 . A) c/ m+ W$ r$ `. C- U f3 W
00401317 |> 837D F4 FF |cmp dword ptr [ebp-C], -1 / \" V; V b* I* P
0040131B |. 75 03 |jnz short 00401320
% ?; y5 e! J( g1 ?* g k0040131D |. EB 03 |jmp short 00401322
$ U1 M+ n4 F% r+ q- q% B0040131F | 90 |nop & x" l7 C. N% g! C2 a
00401320 |>^ EB B5 \\jmp short 004012D7
$ n! A4 _2 F, U, [. |4 I, N) n00401322 |> C9 leave
! @; t+ v, I! P5 s4 |00401323 \\. C3 retn
, N4 `/ m& ^+ Q2 w00401324 00 db 00
& X5 |5 q4 ?+ H3 Y x0 F! p00401325 00 db 00 ' N& `1 F* [3 J* D
00401326 00 db 00
; G6 `' ]7 C N% x6 {9 O" o00401327 00 db 00 " F& H7 d" Y2 A
00401328 00 db 00 ) C) e" F+ ]2 N# F+ o: A
00401329 00 db 00 ) z8 d0 i9 d, ?$ S' }# K$ z H+ }/ ?
0040132A 00 db 00 , Y# @1 X( y5 w' g* E) q
0040132B 00 db 00 & E& N4 n6 b# F/ [: R1 a
0040132C 00 db 00
W) u+ S+ u9 g! N1 |' w% b u$ C2 h0040132D 00 db 00
/ ]5 I5 \% p1 q+ A0040132E 00 db 00
: S- i+ E1 `; {' D8 N- Z0040132F 00 db 00
) \8 g% }4 F- K) F$ U& H00401330 /. 55 push ebp 0 i: ?3 y+ u4 `! ^$ j' b, o
00401331 |. 89E5 mov ebp, esp
1 {# F/ i: |6 p1 {& u0 D00401333 |. 83EC 08 sub esp, 8
' N% ]% f/ H! ]- Z' F8 n3 l00401336 |. A1 10204000 mov eax, dword ptr [402010] 2 `5 S( y* E1 l5 ~' J2 U
0040133B |. 8338 00 cmp dword ptr [eax], 0
0 e. B0 \) x# D- P* G" w" Z0040133E |. 74 1D je short 0040135D * I7 o0 P# d+ z# N
00401340 |> A1 10204000 /mov eax, dword ptr [402010]
! W) _9 {! E$ ]! Z00401345 |. 8B00 |mov eax, dword ptr [eax]
Y# Z7 e$ T" {2 S2 |00401347 |. FFD0 |call eax
8 ]* A B8 Y0 g+ t3 j00401349 |. A1 10204000 |mov eax, dword ptr [402010]
3 k8 m5 y8 r* U' p$ k- m0 O0040134E |. 8D50 04 |lea edx, dword ptr [eax+4]
5 ]: n) p+ i9 X. T" L00401351 |. 8915 10204000 |mov dword ptr [402010], edx
4 }# s2 |% [& ? a/ I* d$ y1 {00401357 |. 8378 04 00 |cmp dword ptr [eax+4], 0
. I: j: d6 p* }2 {* x8 R. V& F5 {. R0040135B |.^ 75 E3 \\jnz short 00401340
. B; {. Q% ^' s, B" [0040135D |> C9 leave
: S- v$ @3 M& c* \0 ^7 s. s0040135E \\. C3 retn + m7 f# F+ p. L6 e; p7 q6 W
0040135F 90 nop
" |) `9 }5 p. K! p& A" v, b00401360 /$ 55 push ebp ( H* o5 u0 q8 t7 O& \
00401361 |. 89E5 mov ebp, esp
& `+ \, m0 k5 c0 w6 O& f: ]5 H( i00401363 |. 83EC 14 sub esp, 14
' f$ P1 T+ j7 A# n5 k6 q ~' j00401366 |. 53 push ebx ( N- I: {# F6 J z7 ^' E7 R0 d# R7 c
00401367 |. A1 58144000 mov eax, dword ptr [401458]
: [( S' n' x2 i& G0040136C |. 83F8 FF cmp eax, -1
; Y% ^7 J2 b4 b0040136F |. 75 19 jnz short 0040138A
2 Y8 D6 t5 A0 i( X00401371 |. 31C0 xor eax, eax
* {5 x' _& a: t1 c1 C00401373 |. 833D 5C144000>cmp dword ptr [40145C], 0
! H4 O: C6 @6 G6 e# T; { ~, i0040137A |. 74 0E je short 0040138A ( r1 q/ Q; D; S3 ~4 A* b
0040137C |. BA 5C144000 mov edx, 0040145C 9 Z1 r" C: {# E& J+ M9 P
00401381 |> 83C2 04 /add edx, 4 * D# s k3 r' i) K
00401384 |. 40 |inc eax
w9 _' K) h$ \- K$ O00401385 |. 833A 00 |cmp dword ptr [edx], 0 ) d. ~# K( R- q" M; w
00401388 |.^ 75 F7 \\jnz short 00401381 & L" r4 g. q- s- n0 ?
0040138A |> 89C3 mov ebx, eax 4 Y& g. {# H3 w/ @: i" K
0040138C |. 85DB test ebx, ebx
1 j: v U2 V* D8 @ \" X. K0040138E |. 74 0C je short 0040139C
# C; x4 _% z+ ~8 d* a00401390 |> 8B049D 581440>/mov eax, dword ptr [ebx*4+401458]
2 V' V. {5 Z6 _00401397 |. FFD0 |call eax
. M5 O W w6 |/ h9 S; X+ `$ X00401399 |. 4B |dec ebx
0 F6 \( v8 G3 I% w0040139A |.^ 75 F4 \\jnz short 00401390 2 n3 D5 m* H5 P4 T& g# @! V4 P$ d
0040139C |> 83C4 F4 add esp, -0C
% z& c8 k8 i; G8 @6 z0040139F |. 68 30134000 push 00401330 ; /func = engoutpu.00401330
" L1 I/ D# C# ~3 y8 ^! I9 G004013A4 |. E8 97000000 call <jmp.&msvcrt.atexit> ; \\atexit
- [, t5 t" u' j0 D6 L004013A9 |. 8B5D E8 mov ebx, dword ptr [ebp-18]
/ [, t- f# k$ f7 ]' K9 `$ U9 {9 p4 n004013AC |. C9 leave 2 I* P& y2 h- E' }% B: L
004013AD \\. C3 retn " y4 K# b7 v5 c' X
004013AE 89F6 mov esi, esi
+ o* f$ a- T$ t6 h004013B0 /$ 55 push ebp + B; R* x2 R+ w! l
004013B1 |. 89E5 mov ebp, esp
! `' u% R1 l" t004013B3 |. 83EC 08 sub esp, 8
+ q }. [2 r0 L$ i! E+ `004013B6 |. 833D 14204000>cmp dword ptr [402014], 0
$ e' j6 T" K+ O; c004013BD |. 75 0F jnz short 004013CE
2 V8 w' o0 F, T/ P. h8 z3 g, c3 P004013BF |. C705 14204000>mov dword ptr [402014], 1
A3 P5 }2 B; `! X! \004013C9 |. E8 92FFFFFF call 00401360
# q5 d, J+ j. [: ~. C; W! H004013CE |> C9 leave
& c+ @) c4 Y7 [8 z" x004013CF \\. C3 retn 4 J/ A/ r, [* S6 t; c
004013D0 .- FF25 AC304000 jmp dword ptr [<&msvcrt._fmode>] ; msvcrt._fmode
+ v4 ^# d+ w8 c% J) V( ~004013D6 90 nop ) _' o6 F2 D0 G( O8 l# J
004013D7 90 nop
% ]- h8 ?0 Y( Z: m( p1 W- x: v! k004013D8 .- FF25 B4304000 jmp dword ptr [<&msvcrt._iob>] ; msvcrt._iob 4 v) l) s' Q! l( X7 o% R
004013DE 90 nop
' g6 _$ L- X) _" U! J1 Y4 f004013DF 90 nop 1 z; K6 ?5 N+ B# e, J' ~% g
004013E0 .- FF25 DC304000 jmp dword ptr [<&msvcrt.__set_app_ty>; msvcrt.__set_app_type
& G; X: n( z/ L; G' H004013E6 90 nop
" \1 A# a1 S& E7 v; P004013E7 90 nop 9 s, Y6 q6 I* L
004013E8 $- FF25 A4304000 jmp dword ptr [<&msvcrt._cexit>] ; msvcrt._cexit
5 W$ O2 ?$ M e3 s2 [. E2 T004013EE 90 nop $ V, _9 n6 W, f, D4 K
004013EF 90 nop 5 K2 k) Y( ^" Y' a3 H% [# _/ m
004013F0 $- FF25 D0304000 jmp dword ptr [<&msvcrt.__p__environ>; msvcrt.__p__environ
1 _- c. B* c5 O) l5 r/ r4 f4 F004013F6 90 nop 1 Z+ `1 }; b# G3 y$ L. L
004013F7 90 nop + a) @0 E; A7 h
004013F8 $- FF25 B0304000 jmp dword ptr [<&msvcrt._fpreset>] ; msvcrt._fpreset # V) g" Q6 a$ Q1 R
004013FE 90 nop
) t! L& B. J8 J) T' L! L" E: }004013FF 90 nop 8 `, {# M9 C; Z& B
00401400 $- FF25 D8304000 jmp dword ptr [<&msvcrt.signal>] ; msvcrt.signal
( A8 T# L2 r. W0 }( h" l3 z00401406 90 nop
. T3 l5 D! v! h: ]6 G+ y: S9 H00401407 90 nop 6 l( c# j& U: P
00401408 $- FF25 A8304000 jmp dword ptr [<&msvcrt._fileno>] ; msvcrt._fileno
- N7 Y# y; t* c$ X. D9 B0040140E 90 nop
3 K! z, R! R7 }7 A3 F8 Y7 M0040140F 90 nop
' h1 f0 \* `% V0 z# D00401410 $- FF25 B8304000 jmp dword ptr [<&msvcrt._setmode>] ; msvcrt._setmode
3 f1 P3 L; X2 F/ w1 n00401416 90 nop ) v/ g$ `) m: j U1 a
00401417 90 nop ; W2 F5 x4 w1 |3 z/ }
00401418 $- FF25 BC304000 jmp dword ptr [<&msvcrt.__getmainarg>; msvcrt.__getmainargs , I% b% o0 \( @ C& s1 ^- S
0040141E 90 nop + s. B3 @2 B7 Y
0040141F 90 nop 3 K$ P* Z/ e7 X
00401420 $- FF25 CC304000 jmp dword ptr [<&msvcrt.fputc>] ; msvcrt.putc 6 r% G3 b' G" d9 u3 t/ S( J6 u
00401426 90 nop
) @- v8 v. h# k# ~; R& [% M00401427 90 nop
0 B7 h. X6 V3 i- j5 f7 a2 X! ]( D00401428 $- FF25 C4304000 jmp dword ptr [<&msvcrt.fgetc>] ; msvcrt.getc
% P3 D" n6 s* p0 u7 V& n, H0040142E 90 nop 9 Q {* F# B; S: ]3 V5 v; U
0040142F 90 nop
! d1 |) J$ n" v/ d3 O" H00401430 $- FF25 D4304000 jmp dword ptr [<&msvcrt.printf>] ; msvcrt.printf
4 o/ [; E% q' G9 O, U7 _00401436 90 nop
4 |; i2 q9 C' z00401437 90 nop 8 O1 e A4 m! N3 t" t& \0 ]% a
00401438 $- FF25 C8304000 jmp dword ptr [<&msvcrt.fopen>] ; msvcrt.fopen % o( c0 }3 `6 N6 {+ |
0040143E 90 nop ( c; v) i: b7 W! l5 }9 ?8 k
0040143F 90 nop
9 P+ J+ e U V7 D6 A4 K00401440 $- FF25 C0304000 jmp dword ptr [<&msvcrt.atexit>] ; msvcrt.atexit
8 d' x* w! E7 L; v00401446 90 nop / m; C; o- J2 f% ?, j
00401447 90 nop
: M" w+ t. I' Q2 T! }2 ^ U00401448 $- FF25 98304000 jmp dword ptr [<&KERNEL32.SetUnhandl>; kernel32.SetUnhandledExceptionFilter 8 K; |7 H" p6 q( H
0040144E 90 nop
$ C9 b' g: {& Y& P: Y. W0040144F 90 nop
9 V( B8 i8 \0 Q) D0 N7 [00401450 .- FF25 94304000 jmp dword ptr [<&KERNEL32.ExitProces>; kernel32.ExitProcess
& _0 c+ y- x" V! w4 c1 [/ _00401456 90 nop ) h4 O! P- |& L6 C4 u
00401457 90 nop 1 P0 P" @4 w( D( Q! V. _) x# s
00401458 . FFFFFFFF dd FFFFFFFF
& f" c+ C0 {! `2 ^6 B0040145C . 00000000 dd 00000000 ) X5 j: [! B- m
00401460 FF db FF
# `5 B5 e' R/ u Y, f" [00401461 FF db FF
4 R# _. M0 V+ r! }00401462 FF db FF
4 i/ b( ~' y q: q* C6 E00401463 FF db FF
7 F9 U, X1 T" u00401464 00 db 00
6 k; v. a5 h3 ~, L1 G' v00401465 00 db 00 . W7 G/ X% N# G: B
00401466 00 db 00 ' T- E7 [# w3 C: T: ~5 X. S
00401467 00 db 00 |
发表于 2009-10-8 17:41
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
发表于 2009-10-10 19:10
楼主
