由于这个程序很短,OD里面的汇编代码也很短。 8 E$ ? |% Z3 i- {! N
请看红色的部分,这就是和0x80比较的部分。
* J0 O: d( F0 ] W1 f, y把这2句NOP掉,然后保存修改后的文件为exe。
* x O7 P5 \; B6 @$ n% t2 j我们发现input.txt里面的所有内容都能被输出了。
' Y4 t' s+ |9 f/ K$ z+ p附上修改后的exe.
' u! K( Q3 Y0 B1 ?' u( L深绿,你可以把这个操作过程试一下,练习一下.
! \, @5 Q; V) D2 `# n! o6 Y7 S2 Z1 w: r
00401000 /$ 55 push ebp I* ?% Y# t& J" K' }% n
00401001 |. 89E5 mov ebp, esp
* ?6 {. F) }0 D: B7 I9 R00401003 |. 83EC 18 sub esp, 18 # I0 z* d- }$ }5 _
00401006 |. C745 FC 00000>mov dword ptr [ebp-4], 0
" ]$ ~6 s' S' \' M% t Z# ]0040100D |. 83C4 F4 add esp, -0C
+ P: Z. z" P1 g& B5 p* f00401010 |. 8D45 FC lea eax, dword ptr [ebp-4]
6 C( n9 W" I! q00401013 |. 50 push eax . _$ l' w4 o S7 X. m; |: M
00401014 |. FF35 08204000 push dword ptr [402008]
2 e, f+ F0 F. \. {, A0040101A |. 8D45 F8 lea eax, dword ptr [ebp-8]
1 ]9 \5 |$ G' s+ \% Q0 c0040101D |. 50 push eax
# M7 t) N7 l8 Z0040101E |. 68 04204000 push 00402004 ( q- v# l0 l/ F" W, C6 C
00401023 |. 68 00204000 push 00402000
/ G' N, W( H Y; ~# }00401028 |. E8 EB030000 call <jmp.&msvcrt.__getmainargs>
4 F- v8 {4 T+ q' x" d* ?% Z5 Y9 \0040102D |. C9 leave
6 v* l, z( y" i; Q, X% t# h' Y0040102E \\. C3 retn
' N4 Y8 z+ |/ i' k2 I0040102F 90 nop : o5 O. _% _; k
00401030 /$ 55 push ebp
1 ?& o3 T* r, N7 G4 T00401031 |. 89E5 mov ebp, esp
& Y' T$ T+ Y1 w( w% { T00401033 |. 83EC 08 sub esp, 8
% x3 `3 F$ _5 M: O D00401036 |. 8B15 0C204000 mov edx, dword ptr [40200C]
" e8 p2 X5 G$ _0 {, Z9 S( W0040103C |. 85D2 test edx, edx 0 S5 i0 c( H* T8 c8 U- o
0040103E |. 74 7B je short 004010BB $ s3 }2 P* j. B7 w9 E
00401040 |. A1 AC304000 mov eax, dword ptr [<&msvcrt._fmode>>
( L5 d( O6 G: p8 c3 {5 K( @% V/ q00401045 |. 8910 mov dword ptr [eax], edx
" K7 m! B _5 \1 J. ~( } `00401047 |. A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>] # U; E( s7 t ]$ K: o
0040104C |. 85C0 test eax, eax
+ p- z' g/ e" ~0040104E |. 74 1E je short 0040106E
5 v3 e8 K# u% \5 C. |00401050 |. 83C4 F8 add esp, -8 + Y8 R/ q' @# v! P( Z% }
00401053 |. FF35 0C204000 push dword ptr [40200C]
" n$ b/ i4 S! k* K00401059 |. 83C4 F4 add esp, -0C
3 f1 i* h T3 {% g* l( x0040105C |. 50 push eax ; /pstream => offset msvcrt._iob
2 x3 L! r! r/ ~4 `" `- G0040105D |. E8 A6030000 call <jmp.&msvcrt._fileno> ; \\_fileno , i5 o1 d# S, M5 R4 @$ W
00401062 |. 83C4 10 add esp, 10 % W" Q5 o; m; e" F
00401065 |. 50 push eax ; |handle 0 h" `2 Y4 J9 } v2 @3 n/ l b
00401066 |. E8 A5030000 call <jmp.&msvcrt._setmode> ; \\_setmode
* _- {6 z/ T4 N4 V) |1 R0040106B |. 83C4 10 add esp, 10
0 i6 j, C3 C4 `+ u6 z0 y: q1 D% j$ w0040106E |> A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>]
" ?+ N3 x) |% O6 D- E! }, L1 o00401073 |. 83C0 20 add eax, 20 3 {# V4 H2 w2 @
00401076 |. 74 1E je short 00401096 , J6 L7 I: c$ v" l
00401078 |. 83C4 F8 add esp, -8
. S! C# K3 o ~/ P+ h3 G0040107B |. FF35 0C204000 push dword ptr [40200C]
! Y: }% Z# g) W* r: b2 e00401081 |. 83C4 F4 add esp, -0C , l$ B4 B4 O( R( V
00401084 |. 50 push eax ; /pstream
8 h/ c/ Q0 q' K5 z, s00401085 |. E8 7E030000 call <jmp.&msvcrt._fileno> ; \\_fileno ( D; ~6 B8 b; w Q. V8 o6 {
0040108A |. 83C4 10 add esp, 10 . d8 u& P' L' M! g$ _% s, ^. N% ?
0040108D |. 50 push eax ; |handle , i: P- S. h' ?7 W. c
0040108E |. E8 7D030000 call <jmp.&msvcrt._setmode> ; \\_setmode 4 G! u& P4 t* a, z
00401093 |. 83C4 10 add esp, 10 ; e* C k5 z( B6 @/ N
00401096 |> A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>] ! `% g7 ], m9 }" o
0040109B |. 83C0 40 add eax, 40 [$ i! L* \7 o& D4 z8 }
0040109E |. 74 1B je short 004010BB % A8 X! ~" [2 ]5 ^8 F
004010A0 |. 83C4 F8 add esp, -8 9 ]! E% l$ q! x& A; E
004010A3 |. FF35 0C204000 push dword ptr [40200C]
) W& [5 b: T/ d5 u004010A9 |. 83C4 F4 add esp, -0C
; [' z* n, J2 B. P1 f004010AC |. 50 push eax ; /pstream , ? P# q+ ?0 H2 E2 f8 v1 E: D
004010AD |. E8 56030000 call <jmp.&msvcrt._fileno> ; \\_fileno 9 K, s( P' B1 o$ {9 l
004010B2 |. 83C4 10 add esp, 10 , Y0 \) Z, b4 ], [( Z- s
004010B5 |. 50 push eax ; |handle
6 a4 F' v) _; i' X4 x. \004010B6 |. E8 55030000 call <jmp.&msvcrt._setmode> ; \\_setmode
4 ?+ s" @/ j: j004010BB |> C9 leave % _, ]& u3 }7 [. ^
004010BC \\. C3 retn
" @2 N( f' I! t( ~& ^2 n004010BD 8D76 00 lea esi, dword ptr [esi]
& |3 ]8 _- L! I& }1 f# Q( J004010C0 /. 55 push ebp 7 @" b$ S' o8 p, Q: C C: L
004010C1 |. 89E5 mov ebp, esp
6 ]: B/ A% y, U" r1 ~) v4 r004010C3 |. 83EC 10 sub esp, 10
d; G- @# K6 q% y' V004010C6 |. 56 push esi + o3 l, t! V2 R7 K. j* u* T
004010C7 |. 53 push ebx
% m; A% e: R, R }004010C8 |. 8B45 08 mov eax, dword ptr [ebp+8] ) r- L% W5 g, U' \
004010CB |. 31DB xor ebx, ebx * y( C9 J8 ~8 |7 U
004010CD |. 31F6 xor esi, esi
: T' z* v! R6 z& e8 w4 N7 K004010CF |. 8B00 mov eax, dword ptr [eax]
( P! J. y0 r" b+ Q6 M004010D1 |. 8B00 mov eax, dword ptr [eax]
$ t; [% R" m+ Y) O! ?/ V3 v004010D3 |. 3D 910000C0 cmp eax, C0000091
$ w3 C& K! E8 N" L9 Y1 s9 ]004010D8 |. 77 16 ja short 004010F0
1 m v5 _& e9 B1 v0 T# s4 r- Q) M" |! E004010DA |. 3D 8D0000C0 cmp eax, C000008D
& _& S& @6 t: W: D004010DF |. 73 4F jnb short 00401130
1 Z- Z1 b9 D% I004010E1 |. 3D 050000C0 cmp eax, C0000005
7 u {0 \4 _* P3 p% L* [004010E6 |. 74 18 je short 00401100
+ C7 e$ J N" |0 F( I0 f004010E8 |. E9 86000000 jmp 00401173
7 Q- t( f5 w# h004010ED | 8D76 00 lea esi, dword ptr [esi]
, B8 K1 P6 O! j0 S, {004010F0 |> 3D 930000C0 cmp eax, C0000093 6 x1 `9 r1 J' t0 D: J0 O$ v( b
004010F5 |. 74 39 je short 00401130 : D; g9 B4 n1 n. p6 {
004010F7 |. 3D 940000C0 cmp eax, C0000094
. E: h. I2 ^) n: r0 R004010FC |. 74 37 je short 00401135
" F6 q7 Z+ g. P7 j004010FE |. EB 73 jmp short 00401173 + @8 m: }# l3 s4 S/ C) O
00401100 |> 83C4 F8 add esp, -8
7 [0 W# w& W! k00401103 |. 6A 00 push 0 ; /func = NULL ) S% l" s ~$ D- R1 L1 R7 r1 V
00401105 |. 6A 0B push 0B ; |sig = SIGSEGV 9 J, `1 T! k' b
00401107 |. E8 F4020000 call <jmp.&msvcrt.signal> ; \\signal
& @9 O1 y: F/ F- B/ F) w3 k0040110C |. 83C4 10 add esp, 10 $ k% F5 J6 Q8 q1 @. ~
0040110F |. 83F8 01 cmp eax, 1
* ^2 r* v# L6 T# c00401112 |. 75 0E jnz short 00401122
5 R& t$ a9 T" @; Y. q- V. k00401114 |. 83C4 F8 add esp, -8
. K, V8 m7 ~ X3 z& U; }00401117 |. 6A 01 push 1 ; /func = 00000001
$ X: I' o, C; p% B4 F9 Y00401119 |. 6A 0B push 0B ; |sig = SIGSEGV 1 B N" M+ X( L- R, g
0040111B |. E8 E0020000 call <jmp.&msvcrt.signal> ; \\signal
% q8 \" b: S3 x00401120 |. EB 4C jmp short 0040116E : w# l1 s) G n! F4 S
00401122 |> 85C0 test eax, eax
1 o% U* c; Q k0 S00401124 |. 74 4D je short 00401173
! p% r% f* t X' r/ T00401126 |. 83C4 F4 add esp, -0C
9 k: m4 E& C1 H5 q# i$ y5 B% b/ o00401129 |. 6A 0B push 0B
' Z4 h0 b- G8 V0040112B |. EB 3F jmp short 0040116C * e* E, q. o3 W5 r% q- G9 i
0040112D | 8D76 00 lea esi, dword ptr [esi] 5 K, b$ S* x7 `# ^; Z0 J& A7 b
00401130 |> BE 01000000 mov esi, 1
+ J6 M+ f0 Q" V6 O9 }00401135 |> 83C4 F8 add esp, -8
9 a1 d" @8 O {2 P) ]% y' K% w00401138 |. 6A 00 push 0 ; /func = NULL
1 {2 K$ U8 b% |4 {3 a0040113A |. 6A 08 push 8 ; |sig = SIGFPE ; |+ Q5 W. N( h8 c6 F
0040113C |. E8 BF020000 call <jmp.&msvcrt.signal> ; \\signal
( `: G. Y: N6 s0 {5 {00401141 |. 83C4 10 add esp, 10 : B T7 _- {; v+ ]( q) j' S
00401144 |. 83F8 01 cmp eax, 1 * X9 A0 T2 l( r" w* ^+ A( q
00401147 |. 75 1A jnz short 00401163 - e( j. p d- }0 h2 C
00401149 |. 83C4 F8 add esp, -8
; U# d, D4 X; E T& Q0040114C |. 6A 01 push 1 ; /func = 00000001 & \8 @ E7 F5 G8 u7 \2 u+ F6 q
0040114E |. 6A 08 push 8 ; |sig = SIGFPE
! T1 A0 A) {/ f, {2 t$ r% m+ _00401150 |. E8 AB020000 call <jmp.&msvcrt.signal> ; \\signal ; J9 z! ]4 z8 _8 d
00401155 |. 83C4 10 add esp, 10
7 ^2 f1 p- i% L9 A+ B7 M8 t; b00401158 |. 85F6 test esi, esi . B5 M( v S& k1 {3 S9 s8 |
0040115A |. 74 12 je short 0040116E : f1 R; \0 d1 V; \) t
0040115C |. E8 97020000 call <jmp.&msvcrt._fpreset> ; [_fpreset
- [; h& q9 d: @00401161 |. EB 0B jmp short 0040116E
) F8 C' ~$ c" X/ W# Z00401163 |> 85C0 test eax, eax , I2 N% W! c* y; s a
00401165 |. 74 0C je short 00401173 - P' j1 E6 Q9 ?2 {
00401167 |. 83C4 F4 add esp, -0C 6 _- {: m; B- V: ]5 P, f9 T
0040116A |. 6A 08 push 8 # r: h0 A5 `7 d2 {' d
0040116C |> FFD0 call eax ( J4 b3 V G" d2 A* U
0040116E |> BB FFFFFFFF mov ebx, -1 4 r0 z3 J+ W6 V3 r6 C/ o3 C) W6 r
00401173 |> 89D8 mov eax, ebx ( j$ `. F, @7 |8 a: j, E% o
00401175 |. 8D65 E8 lea esp, dword ptr [ebp-18]
# F! T0 F" [' k00401178 |. 5B pop ebx
5 z7 l o! ^6 u8 n( P00401179 |. 5E pop esi
v8 d6 X f" f. a. l$ z5 M0 |- x! Y0040117A |. C9 leave
0 u6 O8 |/ A2 A( ^( ]' B0040117B \\. C2 0400 retn 4
6 N/ @+ W$ O: ^% l0 ~0040117E 89F6 mov esi, esi + ^2 B: C l" d% u
00401180 /$ 55 push ebp : m/ w8 C* l2 k r
00401181 |. 89E5 mov ebp, esp
* |4 y/ t3 f; ~( L/ _/ w" ~7 r( Y' d00401183 |. 83EC 14 sub esp, 14 1 D$ e2 W# y' [1 s6 H
00401186 |. 53 push ebx , Z* {1 n: ^( V
00401187 |. 83C4 F4 add esp, -0C
; |4 G' d" Z: }' J" K4 m6 I0040118A |. 68 C0104000 push 004010C0 ; /pTopLevelFilter = engoutpu.004010C0 0 M( |' n1 ~- h( r
0040118F |. E8 B4020000 call <jmp.&KERNEL32.SetUnhandledExcep>; \\SetUnhandledExceptionFilter 0 A4 _5 \8 Z: n9 i& o. i }
00401194 |. 83C4 FC add esp, -4
8 @$ B- I* V$ p( |00401197 |. E8 5C020000 call <jmp.&msvcrt._fpreset> ; [_fpreset 9 z4 V9 `! {$ A" R* u+ u* j
0040119C |. E8 5FFEFFFF call 00401000 : A! S7 q8 }9 t/ |) D; y
004011A1 |. E8 8AFEFFFF call 00401030
& v" r$ G+ @9 {# R4 c- E' I004011A6 |. 83C4 FC add esp, -4
& W8 W/ ~, l" w8 j: \6 _: N1 H. }3 ]004011A9 |. E8 42020000 call <jmp.&msvcrt.__p__environ> ' E0 o( y# L o! B z, z+ T
004011AE |. FF30 push dword ptr [eax]
( v3 T# ], j `3 D8 O, I004011B0 |. FF35 04204000 push dword ptr [402004] 3 t7 l8 O9 w7 N* K( L0 ~$ z
004011B6 |. FF35 00204000 push dword ptr [402000] ' j1 ?: o0 Z9 q1 L% X
004011BC |. E8 AB000000 call 0040126C ! n/ ]3 B. _& L' { Z
004011C1 |. 89C3 mov ebx, eax
' B$ t6 g1 _! w1 l0 B; C( d' n7 |004011C3 |. 83C4 20 add esp, 20
* z) B1 q" X8 ?) B/ J004011C6 |. E8 1D020000 call <jmp.&msvcrt._cexit> ; [msvcrt._cexit ( \! i) D) V* y
004011CB |. 83C4 F4 add esp, -0C " o; t/ C# Z5 a% o7 D
004011CE |. 53 push ebx ; /ExitCode 6 L0 `8 D9 V& S) e
004011CF \\. E8 7C020000 call <jmp.&KERNEL32.ExitProcess> ; \\ExitProcess
& ]% m/ }: T) v. w004011D4 >/$ 55 push ebp
9 E9 }- k, q. f$ ` b$ Z7 Q004011D5 |. 89E5 mov ebp, esp
! U' K. g' i, X! l6 m$ |$ _+ g004011D7 |. 83EC 08 sub esp, 8 4 n/ n4 D% g+ G
004011DA |. 83C4 F4 add esp, -0C - g' X; T+ M Z5 o. U6 ~' }. A
004011DD |. 6A 01 push 1 ! A& f# P& }8 Z) l' o. h
004011DF |. A1 DC304000 mov eax, dword ptr [<&msvcrt.__set_a>
/ `+ _& [4 a: F# h+ \: ?$ }- Z* }004011E4 |. FFD0 call eax ; <&msvcrt.__set_app_type> - J D) M0 ~1 N- ~
004011E6 |. E8 95FFFFFF call 00401180
" \# O' n8 D6 G% x; t. N# Z+ n004011EB |. 31C0 xor eax, eax ' w# X# t) p8 x" M
004011ED |. C9 leave
9 r5 b# p! b" ^/ c1 B004011EE \\. C3 retn
0 d7 T$ T- y2 c, F1 N/ S; X% P% e0 s004011EF 90 nop 8 s' ^$ v$ m5 S6 E- @& u, u0 T
004011F0 /. 55 push ebp
8 J2 c E, |) ^: B004011F1 |. 89E5 mov ebp, esp
5 ^2 e. V; T6 m4 t k004011F3 |. 83EC 08 sub esp, 8
% {8 o, ] T) ] h( L004011F6 |. 83C4 F4 add esp, -0C 5 m% y, {; K& V
004011F9 |. 6A 02 push 2 , [7 D* ~& E8 ?2 _, @2 L
004011FB |. A1 DC304000 mov eax, dword ptr [<&msvcrt.__set_a>
% D* j% P/ |* t, K* m6 N/ ~00401200 |. FFD0 call eax ; <&msvcrt.__set_app_type> 4 J+ S, x* B* z Q N
00401202 |. E8 79FFFFFF call 00401180 6 b+ Q# r; g2 {! d' f
00401207 |. C9 leave % `" b, G) ]8 h3 X
00401208 \\. C3 retn : w2 r* @8 S- i. s) y. s- z
00401209 00 db 00
" B9 e# D& |) e: k$ J* f* |0040120A 00 db 00
, m5 X, {* N% X6 J# p! Y) D- h0040120B 00 db 00 5 @& v1 _' d9 b- o+ t
0040120C 00 db 00
5 X% k3 ?5 n0 K* J0040120D 00 db 00
6 C& K$ Y7 ~4 ] e0 V0040120E 00 db 00
8 N8 ~/ ~5 K* D) [0040120F 00 db 00
6 f( a& X/ E, ^00401210 72 db 72 ; CHAR 'r'
8 u/ P; i. P) y: v: u00401211 00 db 00 # H( b) p' K# P7 ?3 J. ], D
00401212 . 69 6E 70 75 7>ascii "input.txt",0 3 _; A( [ x* C& @/ ^" o
0040121C . 43 61 6E 27 7>ascii "Can't Find input" : H& Q, ~/ W2 b" q4 v# r
0040122C . 2E 74 78 74 2>ascii ".txt!",0
- S" m. n1 V2 ~9 \& s {+ B00401232 77 db 77 ; CHAR 'w' $ {) s; Q. C( m3 {4 `: F
00401233 00 db 00
3 D" _4 l& W; V) j, g) n' U) O00401234 . 6F 75 74 70 7>ascii "output.txt",0 ; K2 Y' v9 c$ t. s9 x7 R7 _- `& |1 {
0040123F . 43 61 6E 27 7>ascii "Can't Create out"
: H) d* @; l1 f6 W2 T' ?# X* \0040124F . 70 75 74 2E 7>ascii "put.txt!",0 ! L3 Y: ^/ y# M" S! E2 @7 |4 ^; V
00401258 . 6F 6E 65 20 6>ascii "one char outpute" ( b( Y {. ?! ]! `" g2 \; I
00401268 . 64 0A 00 ascii "d
% O# `' O/ W) ~ \2 U" F",0
5 m; Q* a/ R7 l0040126B 90 nop - i, w% g; H4 w
0040126C /$ 55 push ebp ( G6 D' h( M0 l b
0040126D |. 89E5 mov ebp, esp 7 S* R% N% ^0 G' U+ G
0040126F |. 83EC 18 sub esp, 18 ; f% g% g( e l1 [6 B4 @
00401272 |. E8 39010000 call 004013B0
8 Y, b4 g; |; c. ^) o2 H( y00401277 |. 83C4 F8 add esp, -8 ( g. A% ~1 {- ?2 R% v
0040127A |. 68 10124000 push 00401210 ; /mode = "r" ) T7 P/ u; V V8 H
0040127F |. 68 12124000 push 00401212 ; |path = "input.txt"
5 S* z M& L, l! {* r00401284 |. E8 AF010000 call <jmp.&msvcrt.fopen> ; \\fopen " a3 ]) n" T0 e O* K
00401289 |. 83C4 10 add esp, 10 % }9 `( Y6 R9 |2 l0 \5 C7 ]
0040128C |. 89C0 mov eax, eax
$ k" N2 ~5 j' n8 r0040128E |. 8945 FC mov dword ptr [ebp-4], eax
\/ }+ b( j6 ]# j/ t7 s00401291 |. 837D FC 00 cmp dword ptr [ebp-4], 0
; N3 b' P S. E" Y [; R j00401295 |. 75 10 jnz short 004012A7 , S4 Y, w( b# u( O: [
00401297 |. 83C4 F4 add esp, -0C
) G0 P: h* }/ j2 J7 M I0040129A |. 68 1C124000 push 0040121C ; /format = "Can't Find input.txt!" / e4 f: r5 @9 l5 x5 r/ ?
0040129F |. E8 8C010000 call <jmp.&msvcrt.printf> ; \\printf / Y5 |6 P# n& R
004012A4 |. 83C4 10 add esp, 10
% J' ^, |4 h: M004012A7 |> 83C4 F8 add esp, -8
3 y& c4 @% D1 H+ @004012AA |. 68 32124000 push 00401232 ; /mode = "w" : L% C, }0 s& O
004012AF |. 68 34124000 push 00401234 ; |path = "output.txt"
# [# [% |% |) q' j' ~5 i; B004012B4 |. E8 7F010000 call <jmp.&msvcrt.fopen> ; \\fopen
5 ^: X& A3 E* {% F% J004012B9 |. 83C4 10 add esp, 10
; a& y, s3 T2 l4 u9 z/ {. ]2 b004012BC |. 89C0 mov eax, eax
9 V' U }+ Z" P/ L0 z; v. l004012BE |. 8945 F8 mov dword ptr [ebp-8], eax
7 t# x: R0 g3 {; R4 {( r* w8 h. n0 j9 q004012C1 |. 837D F8 00 cmp dword ptr [ebp-8], 0
; ?8 [; s( v7 P004012C5 |. 75 10 jnz short 004012D7
2 f$ a/ P5 |9 z3 g1 A) n: C; {004012C7 |. 83C4 F4 add esp, -0C 2 _2 A. D2 y, l0 m$ c6 i2 ]8 d
004012CA |. 68 3F124000 push 0040123F ; /format = "Can't Create output.txt!"
6 Z# S9 C/ a' ?) Q! @" c004012CF |. E8 5C010000 call <jmp.&msvcrt.printf> ; \\printf / X+ D' T' f& T/ k' q8 T9 ~" m
004012D4 |. 83C4 10 add esp, 10 7 ?. r3 ]# Y( k9 F) C5 R
004012D7 |> 83C4 F4 /add esp, -0C
- t+ F+ E K) X/ I7 t. q& R004012DA |. 8B45 FC |mov eax, dword ptr [ebp-4]
3 U) p$ c. |3 Y7 @/ ?3 J004012DD |. 50 |push eax ; /stream
9 k) R4 I) u* o' F: Q M# j004012DE |. E8 45010000 |call <jmp.&msvcrt.fgetc> ; \\fgetc
, l9 n: `& |- M+ Z# G* C004012E3 |. 83C4 10 |add esp, 10
( J, w/ b: T! q+ ]3 o; T004012E6 |. 89C0 |mov eax, eax
( w9 E5 G0 ^/ \- | D; c004012E8 |. 8945 F4 |mov dword ptr [ebp-C], eax
+ |. o5 j1 X$ S9 v% b004012EB |. 817D F4 80000>|cmp dword ptr [ebp-C], 80 . `3 \" ^0 T) {& _5 p% F
004012F2 |. 7F 23 |jg short 00401317 ! M0 k7 A; x/ \6 Y, d# K
004012F4 |. 83C4 F8 |add esp, -8
& ]3 R' {* s% X% D004012F7 |. 8B45 F8 |mov eax, dword ptr [ebp-8] / f5 J, ] i J8 K" |6 U# V
004012FA |. 50 |push eax ; /stream
8 q3 S3 P3 D, y2 W# O6 i6 V004012FB |. 8B45 F4 |mov eax, dword ptr [ebp-C] ; | & f, p6 S6 r9 t, o& }
004012FE |. 50 |push eax ; |c $ r, b3 R1 ^2 f5 C
004012FF |. E8 1C010000 |call <jmp.&msvcrt.fputc> ; \\fputc 6 i) |: {; G$ B
00401304 |. 83C4 10 |add esp, 10 & x8 M3 i6 g: J N3 Y# _
00401307 |. 83C4 F4 |add esp, -0C $ m# ~" N- E# v+ ^2 D" b
0040130A |. 68 58124000 |push 00401258 ; /format = "one char outputed",LF,"" J; `3 j0 M7 t. s; Q7 L; J: R
0040130F |. E8 1C010000 |call <jmp.&msvcrt.printf> ; \\printf
1 M% i4 Z0 K! u2 |& _; l9 h00401314 |. 83C4 10 |add esp, 10 # w( r, Z5 j/ c3 ^
00401317 |> 837D F4 FF |cmp dword ptr [ebp-C], -1
" r% C) l0 L* U; j5 g$ C* f0040131B |. 75 03 |jnz short 00401320
- n5 ~) X- t% K& c( O9 M* t9 s* A0040131D |. EB 03 |jmp short 00401322 + E( Y1 y. A3 z
0040131F | 90 |nop
, Q% g" i6 \- W00401320 |>^ EB B5 \\jmp short 004012D7 8 E+ i q/ W2 z
00401322 |> C9 leave
( l z( k- D8 Z0 Q( x00401323 \\. C3 retn 6 ]& ?7 j2 }0 p5 Y
00401324 00 db 00
) s0 B/ K4 m: n8 M; n00401325 00 db 00 / U7 N. u* [( x! ]4 q
00401326 00 db 00
( t) ^1 a1 q# n4 p0 `1 _$ y q00401327 00 db 00 8 f0 h8 ]6 }+ H
00401328 00 db 00
& R" }( H/ |$ k0 o, o2 Z8 ~: Z00401329 00 db 00
3 Y( x; H! n: Q; I0040132A 00 db 00 $ B% @( Z# C& N) Z( X
0040132B 00 db 00 " u- x% B$ u0 y& O* s& j0 s
0040132C 00 db 00
: U8 w$ k2 U1 W4 y0 K0040132D 00 db 00 1 i" c' n5 W" o! d/ A3 K
0040132E 00 db 00 6 v! V' |2 R9 K- @9 ^
0040132F 00 db 00 4 c0 ^% N) r' q/ Z
00401330 /. 55 push ebp
/ @" |2 u( \1 N @0 `9 P% q$ P00401331 |. 89E5 mov ebp, esp l) r. D: F5 r1 @: \3 I
00401333 |. 83EC 08 sub esp, 8
- w. Q7 U f- o00401336 |. A1 10204000 mov eax, dword ptr [402010] . }5 o. X' g) y" F* d, d
0040133B |. 8338 00 cmp dword ptr [eax], 0 E& T; g+ f0 @9 z- r' f; B
0040133E |. 74 1D je short 0040135D , b5 C8 F C8 V: G' \: k+ ?- t
00401340 |> A1 10204000 /mov eax, dword ptr [402010]
! I6 A5 C6 u9 Y$ J00401345 |. 8B00 |mov eax, dword ptr [eax]
8 x8 {6 f) q& p- \* }- G; @00401347 |. FFD0 |call eax , F, G: e; M7 x
00401349 |. A1 10204000 |mov eax, dword ptr [402010] ) S7 q9 r4 P/ n0 U
0040134E |. 8D50 04 |lea edx, dword ptr [eax+4]
/ x# l& Z2 N# Q p* b00401351 |. 8915 10204000 |mov dword ptr [402010], edx
. A2 S& ?1 [' ~/ T00401357 |. 8378 04 00 |cmp dword ptr [eax+4], 0
5 u; Q5 \' J, _% u7 O0040135B |.^ 75 E3 \\jnz short 00401340 , e+ u: A# g- n% \
0040135D |> C9 leave 8 o5 D4 R- O ]
0040135E \\. C3 retn
5 T) `: W; k' u& I0040135F 90 nop
9 m* e, e$ @* m! q; e4 h; S00401360 /$ 55 push ebp + f2 ] T3 ]- i9 L
00401361 |. 89E5 mov ebp, esp
$ B+ Q0 N- S1 a' H00401363 |. 83EC 14 sub esp, 14 @! ~9 y5 P' {9 W, \8 x% D
00401366 |. 53 push ebx
9 ~( g9 P, p* O1 x8 q00401367 |. A1 58144000 mov eax, dword ptr [401458]
7 I" u. p2 W3 ]5 ^* h" O0040136C |. 83F8 FF cmp eax, -1 6 @: q9 x, }0 z6 D3 s0 Y7 D
0040136F |. 75 19 jnz short 0040138A ; {5 s; F$ c- O* [- c) W" z" n8 r7 E
00401371 |. 31C0 xor eax, eax
' L' F) m# h" t9 d: }1 B( Y00401373 |. 833D 5C144000>cmp dword ptr [40145C], 0
+ G5 Q) S: T8 s. p) F7 E1 a7 x0040137A |. 74 0E je short 0040138A
. X0 }% P: ~* I0040137C |. BA 5C144000 mov edx, 0040145C ; j' R5 |' k+ s0 c
00401381 |> 83C2 04 /add edx, 4 # w" C3 c3 \0 Z2 c# |6 |! _
00401384 |. 40 |inc eax Q8 s2 Q q+ ]3 v9 Z
00401385 |. 833A 00 |cmp dword ptr [edx], 0 3 ^' v4 a" l2 n7 }% W
00401388 |.^ 75 F7 \\jnz short 00401381 ; ]; ?' ~- A1 p9 q7 c. ?0 z. h: b
0040138A |> 89C3 mov ebx, eax
/ H$ }% W0 p+ f0040138C |. 85DB test ebx, ebx
/ W! G; `$ N# \9 n0 Q$ G6 D! c0040138E |. 74 0C je short 0040139C 0 x' L% t- [6 q$ D
00401390 |> 8B049D 581440>/mov eax, dword ptr [ebx*4+401458]
2 T- w3 l6 [( P$ C& ?( F& s- j0 `* j! V00401397 |. FFD0 |call eax
7 Q6 D. `) C/ W3 e4 k00401399 |. 4B |dec ebx 2 L. x( }3 r" R1 P5 E6 t
0040139A |.^ 75 F4 \\jnz short 00401390
z( N+ C ?: O3 _* g! ]8 v t3 l0040139C |> 83C4 F4 add esp, -0C
0 D3 n0 T0 z$ b0040139F |. 68 30134000 push 00401330 ; /func = engoutpu.00401330
) N, G! h I. u+ |004013A4 |. E8 97000000 call <jmp.&msvcrt.atexit> ; \\atexit 3 H0 K/ X; y/ w# f2 w1 G9 Z8 A: i
004013A9 |. 8B5D E8 mov ebx, dword ptr [ebp-18]
+ ]1 s: K9 w: h6 O004013AC |. C9 leave B" d0 o& J: |6 R4 ~2 S- s' G$ S
004013AD \\. C3 retn
: K) {+ x. b F004013AE 89F6 mov esi, esi
( W' z7 R. S+ L& ^004013B0 /$ 55 push ebp
2 Z+ x2 Z+ r. G004013B1 |. 89E5 mov ebp, esp . r+ |8 n' i; O2 }/ Z
004013B3 |. 83EC 08 sub esp, 8
! U) }9 R4 L" Y/ g. ~004013B6 |. 833D 14204000>cmp dword ptr [402014], 0 3 S3 n; \+ O0 s& O- j% i6 O
004013BD |. 75 0F jnz short 004013CE 5 ?; ]9 {' O: n( S
004013BF |. C705 14204000>mov dword ptr [402014], 1
4 s$ y2 n% k" u1 o! C1 ?, A004013C9 |. E8 92FFFFFF call 00401360 # u7 r; [7 G' U; N
004013CE |> C9 leave
, @9 D" P9 Q' S+ L! p004013CF \\. C3 retn
. S( D7 e+ M, R( @004013D0 .- FF25 AC304000 jmp dword ptr [<&msvcrt._fmode>] ; msvcrt._fmode " F$ D: ^- D! Z# Z3 ]
004013D6 90 nop
+ Y9 P$ y% M( E! T& c5 [004013D7 90 nop
% @4 G# i1 J; t$ ?: z- P5 Y6 o! P004013D8 .- FF25 B4304000 jmp dword ptr [<&msvcrt._iob>] ; msvcrt._iob
/ S m7 W: ^1 l) E9 R4 }004013DE 90 nop - Q. y) E/ x; P; V ~+ l
004013DF 90 nop
$ \$ Y5 e* p% |( K004013E0 .- FF25 DC304000 jmp dword ptr [<&msvcrt.__set_app_ty>; msvcrt.__set_app_type
( B( ?2 g: N2 {* O- s& `! \- c004013E6 90 nop + Z, z& B @2 Z! G! u
004013E7 90 nop & c7 y) d( [* G0 [6 P& N
004013E8 $- FF25 A4304000 jmp dword ptr [<&msvcrt._cexit>] ; msvcrt._cexit
8 w6 Z4 V! I9 C7 \' G+ v. r2 E004013EE 90 nop
+ P* z: I& }3 b8 l# T5 g004013EF 90 nop " r9 I* U, r8 q0 x/ w
004013F0 $- FF25 D0304000 jmp dword ptr [<&msvcrt.__p__environ>; msvcrt.__p__environ $ j& G' n) R( M- l) Q* l
004013F6 90 nop ( s$ H: o+ p8 y$ L# t7 Q
004013F7 90 nop ' p2 C$ [) `0 `" }: s3 s
004013F8 $- FF25 B0304000 jmp dword ptr [<&msvcrt._fpreset>] ; msvcrt._fpreset * T9 o/ F1 N j1 D* a4 o1 D
004013FE 90 nop ( c9 q. W# E: U. D& k" A: L
004013FF 90 nop }: j! B5 u `) X( s! Z7 l
00401400 $- FF25 D8304000 jmp dword ptr [<&msvcrt.signal>] ; msvcrt.signal * u, n: H2 x$ H. a5 t3 d3 Z
00401406 90 nop - s/ D6 s3 Y: U
00401407 90 nop
3 x/ R' z2 o; G! u00401408 $- FF25 A8304000 jmp dword ptr [<&msvcrt._fileno>] ; msvcrt._fileno 6 k! O9 L, k1 p
0040140E 90 nop
& X- I: k9 f2 K$ Z' D: E0040140F 90 nop
% ?& Z0 a; R- C% ~6 D00401410 $- FF25 B8304000 jmp dword ptr [<&msvcrt._setmode>] ; msvcrt._setmode 0 C. T% a1 I$ y1 [8 ^( `1 e
00401416 90 nop
- o# [, B6 ]6 E9 n9 a* y00401417 90 nop ' z% `: }, Q6 p% s6 `
00401418 $- FF25 BC304000 jmp dword ptr [<&msvcrt.__getmainarg>; msvcrt.__getmainargs / o# r1 Z+ r" d6 }$ }
0040141E 90 nop 4 S1 h; Q+ n P0 R+ h6 v1 @
0040141F 90 nop
e) I J, a) v8 s00401420 $- FF25 CC304000 jmp dword ptr [<&msvcrt.fputc>] ; msvcrt.putc
3 s" ?& N- M# G1 H" J4 F00401426 90 nop
7 o6 P+ b1 l7 w7 ~00401427 90 nop
; H0 I/ B4 f, A! P5 G* ^00401428 $- FF25 C4304000 jmp dword ptr [<&msvcrt.fgetc>] ; msvcrt.getc
( O& `) U1 }6 X0040142E 90 nop & t" }' r+ L. N( H
0040142F 90 nop
' a: c% e$ K0 d/ L00401430 $- FF25 D4304000 jmp dword ptr [<&msvcrt.printf>] ; msvcrt.printf
5 t* ?* ~+ c2 I1 y00401436 90 nop
" I! u6 Z) ~9 D9 B& R3 \$ t' E00401437 90 nop : _. p1 h) P. `, i% {1 j' i
00401438 $- FF25 C8304000 jmp dword ptr [<&msvcrt.fopen>] ; msvcrt.fopen 6 e* H2 m- } I4 M% V4 X: x
0040143E 90 nop 6 @' }$ ]* s. p p2 V
0040143F 90 nop ) q3 Z- _0 A) ]: b8 i
00401440 $- FF25 C0304000 jmp dword ptr [<&msvcrt.atexit>] ; msvcrt.atexit
4 A' {/ ?% ?3 a" N3 R4 \0 E00401446 90 nop
( o6 ^6 K K1 B" \00401447 90 nop
. d' z9 @- m( _1 k! x00401448 $- FF25 98304000 jmp dword ptr [<&KERNEL32.SetUnhandl>; kernel32.SetUnhandledExceptionFilter
. e6 _; y, t) R" ? v) S0040144E 90 nop
% `* j2 l. c0 h# F0 W9 r0040144F 90 nop
% }& \) U' S' X& y- _. K6 p00401450 .- FF25 94304000 jmp dword ptr [<&KERNEL32.ExitProces>; kernel32.ExitProcess 9 n% U0 f- N) p( k" V1 |* i* F7 Y
00401456 90 nop 8 m* x# J- U4 }9 w& l
00401457 90 nop " ?, n1 \5 \& W3 L. `( g
00401458 . FFFFFFFF dd FFFFFFFF
6 W( P% L6 u. i* F- m0040145C . 00000000 dd 00000000
; z9 [2 S5 c |8 ]00401460 FF db FF
+ O7 s& l% [3 p) [00401461 FF db FF % e2 U+ B* B) G# {" J
00401462 FF db FF 7 M. ]) a: Q5 n( _( ~* M2 p
00401463 FF db FF
% l2 q- m: |! J+ Y7 u( p00401464 00 db 00
# Z7 T& w2 t3 C00401465 00 db 00 # E5 V+ u6 g6 P( q Z( j
00401466 00 db 00 4 E( b: j' q( E( d, F' \0 Z
00401467 00 db 00 |
发表于 2009-10-8 17:41
![【1126号】书籍旅行者3:哥特式故事ChinaAVG汉化版[858MB]](data/attachment/forum/202411/08/185805cvi1r0xgixdpzif6.jpg)
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
发表于 2009-10-10 19:10
楼主
