由于这个程序很短,OD里面的汇编代码也很短。 3 M& s& u: L: D5 u7 n
请看红色的部分,这就是和0x80比较的部分。
% I; e) o: \4 i2 t, w把这2句NOP掉,然后保存修改后的文件为exe。
# _/ [& Z8 W* D3 h, f: C" Y我们发现input.txt里面的所有内容都能被输出了。
2 O3 W$ }/ f6 |$ g附上修改后的exe. * k3 [( ` }+ K% ]- X
深绿,你可以把这个操作过程试一下,练习一下. ' i# y; |, g( U
8 S$ ^0 ?2 `* u9 P: t: f) M# h/ v9 D" j00401000 /$ 55 push ebp
7 D5 v; K1 @- b( l00401001 |. 89E5 mov ebp, esp
: ^4 S& }2 l [& u! e% {# V00401003 |. 83EC 18 sub esp, 18 ( H9 f) t# X: s' z: d+ J
00401006 |. C745 FC 00000>mov dword ptr [ebp-4], 0
W: o/ D3 I9 B& t0040100D |. 83C4 F4 add esp, -0C
& C* W6 ^$ z F m00401010 |. 8D45 FC lea eax, dword ptr [ebp-4]
+ \! N- H9 d3 R; _8 B, q; X2 x6 `( J3 N00401013 |. 50 push eax ; J& v2 @! _0 }2 Z- h1 z- t
00401014 |. FF35 08204000 push dword ptr [402008] 8 N. ?- V+ B; z
0040101A |. 8D45 F8 lea eax, dword ptr [ebp-8] & ~3 K5 s. f2 t
0040101D |. 50 push eax 0 [. j5 T: V6 ~
0040101E |. 68 04204000 push 00402004 , [ Z" s+ o: r8 @
00401023 |. 68 00204000 push 00402000 5 t3 ~# G! E4 N0 j3 M/ l. @
00401028 |. E8 EB030000 call <jmp.&msvcrt.__getmainargs> " \4 `7 q, Y$ j" P: l. d$ B# ]
0040102D |. C9 leave & K5 h. D' I$ `* o) q* {
0040102E \\. C3 retn ! f0 S+ }& M8 ?* x! D$ O
0040102F 90 nop
6 @3 T s G# d; V$ g" }4 F00401030 /$ 55 push ebp " J9 {( P! s0 \; D% b
00401031 |. 89E5 mov ebp, esp % B& f. \( [7 Q7 @' C0 v
00401033 |. 83EC 08 sub esp, 8
' e: G, |$ n6 A4 F00401036 |. 8B15 0C204000 mov edx, dword ptr [40200C] 4 H0 I, f( b1 s
0040103C |. 85D2 test edx, edx
! e! v8 n" D7 P+ Z' ` W! L# X0040103E |. 74 7B je short 004010BB
( C) h0 v* `" o) P' o' ~( @4 A+ Q00401040 |. A1 AC304000 mov eax, dword ptr [<&msvcrt._fmode>>
' q4 `( b2 q; H5 i00401045 |. 8910 mov dword ptr [eax], edx
3 e! i+ e9 t+ Y$ g00401047 |. A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>]
: A) l7 F3 J! X* I0040104C |. 85C0 test eax, eax , k6 f, \ I6 \1 G0 X: Z0 |
0040104E |. 74 1E je short 0040106E * R2 {' b) n& s W
00401050 |. 83C4 F8 add esp, -8 , ~; {1 a0 t" L7 H% G9 L
00401053 |. FF35 0C204000 push dword ptr [40200C] , [8 S% ?* J6 E+ d7 s
00401059 |. 83C4 F4 add esp, -0C
! M; ]( G0 d8 V0040105C |. 50 push eax ; /pstream => offset msvcrt._iob . Z' V+ e5 _4 N# ~: ^
0040105D |. E8 A6030000 call <jmp.&msvcrt._fileno> ; \\_fileno
3 u ~( c* e6 t) N- ?: O; n( o00401062 |. 83C4 10 add esp, 10 5 O% U; v- {3 D1 _- m1 t
00401065 |. 50 push eax ; |handle
: P @$ O/ k \6 W4 V* m2 ?00401066 |. E8 A5030000 call <jmp.&msvcrt._setmode> ; \\_setmode
; }7 y" c1 G8 \$ D' C$ b; Q0040106B |. 83C4 10 add esp, 10 9 k, \! {, i f! l
0040106E |> A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>]
Z/ U, e5 I+ a2 N7 a6 r' ^00401073 |. 83C0 20 add eax, 20
4 `- K3 c" X. D/ K! z4 m00401076 |. 74 1E je short 00401096 ) o, s& B) z/ e8 S' d
00401078 |. 83C4 F8 add esp, -8 2 U7 V& V, A' K. N2 I) m
0040107B |. FF35 0C204000 push dword ptr [40200C]
; l2 `; @' f7 b- m! c8 m1 R00401081 |. 83C4 F4 add esp, -0C ! q# m5 I! r' i$ O8 J& _. m8 ]5 u$ Z
00401084 |. 50 push eax ; /pstream
: G3 K; a$ k8 L$ P$ w! J+ O, ~00401085 |. E8 7E030000 call <jmp.&msvcrt._fileno> ; \\_fileno
! _+ k; N. ?* e) r' D: P0040108A |. 83C4 10 add esp, 10
% M" g. |" J4 P& ~) N9 ^: @0040108D |. 50 push eax ; |handle
, F% u' n: M' V- |0040108E |. E8 7D030000 call <jmp.&msvcrt._setmode> ; \\_setmode
1 D( F2 Q, U9 E( e6 x00401093 |. 83C4 10 add esp, 10 ) T/ ?) _1 }2 U
00401096 |> A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>]
. }7 f. @# O5 M8 g& R& K: i8 S0040109B |. 83C0 40 add eax, 40 : a5 q) L* @$ J, H/ D% j* `- x
0040109E |. 74 1B je short 004010BB $ S3 }/ M* G& M. E' T& \
004010A0 |. 83C4 F8 add esp, -8
+ X; h$ z: E6 R& k$ V004010A3 |. FF35 0C204000 push dword ptr [40200C]
% V4 {* Y6 z( t( v/ u0 ]004010A9 |. 83C4 F4 add esp, -0C
4 W {; C2 W6 r$ V( K0 j004010AC |. 50 push eax ; /pstream
" k! [ O4 V8 Z8 L% J' N004010AD |. E8 56030000 call <jmp.&msvcrt._fileno> ; \\_fileno 2 m. G1 D. V- {+ T/ }6 T6 T" d
004010B2 |. 83C4 10 add esp, 10
* y- W; K5 F: j8 M; g& {# k2 ]004010B5 |. 50 push eax ; |handle # Z- k% d% R3 f( Y$ h
004010B6 |. E8 55030000 call <jmp.&msvcrt._setmode> ; \\_setmode 4 n4 A* S& ^( K# O# j
004010BB |> C9 leave
2 m/ y- o) _& o6 Y004010BC \\. C3 retn
! ]4 `; b. W+ O- [- M004010BD 8D76 00 lea esi, dword ptr [esi] ! l# j9 p ?7 W- G( r9 A) f
004010C0 /. 55 push ebp
E/ [$ k9 ?, L+ D004010C1 |. 89E5 mov ebp, esp 8 n8 c: ^, h9 W+ x8 R
004010C3 |. 83EC 10 sub esp, 10
9 T1 X! f6 x1 q6 i/ `004010C6 |. 56 push esi % J0 B$ g% a+ h
004010C7 |. 53 push ebx
( l+ D7 m! K# x$ n' _004010C8 |. 8B45 08 mov eax, dword ptr [ebp+8]
; D+ d0 ~( C; _+ A( n7 V004010CB |. 31DB xor ebx, ebx ( s* G/ u7 O. u& e# T0 S3 y5 G
004010CD |. 31F6 xor esi, esi & }7 C4 K) w6 s/ A1 f- X' [
004010CF |. 8B00 mov eax, dword ptr [eax]
4 R0 m% r4 O' h7 @0 X; P; ^9 _004010D1 |. 8B00 mov eax, dword ptr [eax]
* S1 [. l+ @" v# a" S% @/ l g2 [004010D3 |. 3D 910000C0 cmp eax, C0000091 4 Z2 a9 `# ^0 F1 ~7 ^4 m, j! a0 h
004010D8 |. 77 16 ja short 004010F0
- K+ g- Q+ Z6 ?8 }# X* \% K004010DA |. 3D 8D0000C0 cmp eax, C000008D
J" {5 t8 Q/ F6 P' Y. G004010DF |. 73 4F jnb short 00401130 4 X2 Z& z4 r. e, U+ E
004010E1 |. 3D 050000C0 cmp eax, C0000005 " R9 |% _! ]. s$ B" L
004010E6 |. 74 18 je short 00401100
1 B. y" j5 I8 F' _" w" L' |+ `004010E8 |. E9 86000000 jmp 00401173
2 k! f" M; q$ h5 P# w004010ED | 8D76 00 lea esi, dword ptr [esi]
: W7 T" \$ B& a6 p3 n& R004010F0 |> 3D 930000C0 cmp eax, C0000093
- p) k7 i+ `& r0 C; p. D C004010F5 |. 74 39 je short 00401130 7 P" U% Q7 _2 g; g' Y
004010F7 |. 3D 940000C0 cmp eax, C0000094
& C5 R% c. o9 j7 m8 q2 V: _004010FC |. 74 37 je short 00401135
5 G8 \) y# Q. |) s3 W9 g/ Z: _004010FE |. EB 73 jmp short 00401173 , S# W! E9 K9 Q+ ?; K2 y
00401100 |> 83C4 F8 add esp, -8 & v2 |7 I/ A0 H: C; ]! y. w
00401103 |. 6A 00 push 0 ; /func = NULL . g4 Q, a b2 r g5 N$ k- D+ ^5 L
00401105 |. 6A 0B push 0B ; |sig = SIGSEGV
5 p. P* u1 Q% j3 L; E00401107 |. E8 F4020000 call <jmp.&msvcrt.signal> ; \\signal
8 E9 R8 g4 ]" k0 B8 p0040110C |. 83C4 10 add esp, 10 2 ^% M3 [' {2 G* f# \, e2 X
0040110F |. 83F8 01 cmp eax, 1
8 K+ J/ P2 a3 N$ B% w# Q' F00401112 |. 75 0E jnz short 00401122 4 `' ^: i1 j7 @# k, M
00401114 |. 83C4 F8 add esp, -8
% Q( t8 B5 u) U: N4 O R00401117 |. 6A 01 push 1 ; /func = 00000001 . Y0 X) ^, x4 L2 h+ R- h
00401119 |. 6A 0B push 0B ; |sig = SIGSEGV $ W9 o' ]6 s' q* u- m E
0040111B |. E8 E0020000 call <jmp.&msvcrt.signal> ; \\signal 8 K* X, L" A: M# p% K
00401120 |. EB 4C jmp short 0040116E
: p( e' Q8 a; |) [! f00401122 |> 85C0 test eax, eax
, x6 @* K- V! G# W% y& e+ D' @00401124 |. 74 4D je short 00401173
6 q2 L q. j5 Y! [- g* z00401126 |. 83C4 F4 add esp, -0C 0 X V3 j2 Y& ]) r: l. M
00401129 |. 6A 0B push 0B
( Y/ k9 ]8 t( G+ {3 t1 X0040112B |. EB 3F jmp short 0040116C
: B' w- m$ Q" j0040112D | 8D76 00 lea esi, dword ptr [esi] " O( k }1 h2 n# V- m4 h# `
00401130 |> BE 01000000 mov esi, 1
6 I4 A' f/ D! D" h" y7 f00401135 |> 83C4 F8 add esp, -8 ' v; d, t4 ?# i
00401138 |. 6A 00 push 0 ; /func = NULL ' l0 ]! p) p/ p) e0 C' m0 p# x3 ]
0040113A |. 6A 08 push 8 ; |sig = SIGFPE
0 n8 F( f& m' _: u; [8 `0040113C |. E8 BF020000 call <jmp.&msvcrt.signal> ; \\signal # |6 z0 w* f; `! V+ t1 L
00401141 |. 83C4 10 add esp, 10 0 ]) |0 w; @2 ?! i
00401144 |. 83F8 01 cmp eax, 1
; O0 i. q: L- o+ G; x$ ~/ \0 F00401147 |. 75 1A jnz short 00401163
. }& q4 R- T1 P) Z. Z00401149 |. 83C4 F8 add esp, -8
& `, j% z& J$ X; s+ z8 R0040114C |. 6A 01 push 1 ; /func = 00000001 & m7 K8 K/ d5 A7 O4 U+ H$ ?
0040114E |. 6A 08 push 8 ; |sig = SIGFPE
' g# m4 O& x, B3 ^: h' Z( s00401150 |. E8 AB020000 call <jmp.&msvcrt.signal> ; \\signal 6 t8 x- T# R1 w/ [1 x \
00401155 |. 83C4 10 add esp, 10 + X2 ~4 ]" `. n) m
00401158 |. 85F6 test esi, esi
! T$ i4 M8 {4 b3 m" s0040115A |. 74 12 je short 0040116E
% {% U/ [1 H0 n) I0040115C |. E8 97020000 call <jmp.&msvcrt._fpreset> ; [_fpreset 1 P% o8 U' `. e; s, |3 R0 {7 v
00401161 |. EB 0B jmp short 0040116E " g8 k, Q) u- b, H4 b
00401163 |> 85C0 test eax, eax
) s3 M3 I# W' D+ S00401165 |. 74 0C je short 00401173 * ] v) T; F* G1 W% e, G
00401167 |. 83C4 F4 add esp, -0C
o* R7 l0 {/ K# m2 R0040116A |. 6A 08 push 8
- P% ]" S* i% a0040116C |> FFD0 call eax - j1 K" w7 j% |7 g6 X
0040116E |> BB FFFFFFFF mov ebx, -1 7 d' A* E* y R1 Y# [# y
00401173 |> 89D8 mov eax, ebx
0 ^ [; J0 L* v00401175 |. 8D65 E8 lea esp, dword ptr [ebp-18]
- p8 K& V! x2 S7 U( k00401178 |. 5B pop ebx
5 N2 L2 K- |3 l' t7 Z' _. }00401179 |. 5E pop esi * d. ?% a9 v6 Y5 o) [8 g5 R
0040117A |. C9 leave
+ d" }4 p# ~* v9 B3 R7 t8 q/ _# R7 g0040117B \\. C2 0400 retn 4 8 [ h% B8 ]+ Y5 b# b1 Y
0040117E 89F6 mov esi, esi : S4 Q: F2 y' @4 r8 p
00401180 /$ 55 push ebp # P2 @2 U; Y' [. I* _. \- x: a# w
00401181 |. 89E5 mov ebp, esp . L. f# Y% H" [7 J- C) s
00401183 |. 83EC 14 sub esp, 14
; Y1 ^+ p1 z. Q, v2 P00401186 |. 53 push ebx
- N1 l' l! o+ M$ ^' L( Y00401187 |. 83C4 F4 add esp, -0C
$ i* _& |3 g0 I0040118A |. 68 C0104000 push 004010C0 ; /pTopLevelFilter = engoutpu.004010C0
$ b: |6 n c! u \7 X0040118F |. E8 B4020000 call <jmp.&KERNEL32.SetUnhandledExcep>; \\SetUnhandledExceptionFilter
, T7 v% q9 x0 f( K Q0 v+ T3 h00401194 |. 83C4 FC add esp, -4
2 }. x- }/ j7 P6 |5 G- y6 W% q& c00401197 |. E8 5C020000 call <jmp.&msvcrt._fpreset> ; [_fpreset
+ g# n7 O; u# ]5 A O) R0040119C |. E8 5FFEFFFF call 00401000
' s2 L! y4 p; }4 G+ f/ N004011A1 |. E8 8AFEFFFF call 00401030 $ f1 }: R# }0 j! q" ]; N/ j
004011A6 |. 83C4 FC add esp, -4
) A/ W5 L l: M) I8 K# q004011A9 |. E8 42020000 call <jmp.&msvcrt.__p__environ>
s* _& M. E; C5 d004011AE |. FF30 push dword ptr [eax] ) B( k9 w; Q3 \$ |
004011B0 |. FF35 04204000 push dword ptr [402004]
" f+ h _# t1 b, ~004011B6 |. FF35 00204000 push dword ptr [402000]
' N" j6 D) r9 ?004011BC |. E8 AB000000 call 0040126C 3 `2 h+ j2 h9 x
004011C1 |. 89C3 mov ebx, eax " J6 T y |" a4 W
004011C3 |. 83C4 20 add esp, 20 I9 `1 R9 f0 _- H
004011C6 |. E8 1D020000 call <jmp.&msvcrt._cexit> ; [msvcrt._cexit
7 k0 G3 H8 y, t0 u) ]: P9 z4 a/ H z004011CB |. 83C4 F4 add esp, -0C
+ Q/ T1 y. v+ k2 z3 j) y004011CE |. 53 push ebx ; /ExitCode
7 L- [* c0 u3 k004011CF \\. E8 7C020000 call <jmp.&KERNEL32.ExitProcess> ; \\ExitProcess & p( M2 l6 h) v- f+ e
004011D4 >/$ 55 push ebp
8 a' m* F. W# n' `# D004011D5 |. 89E5 mov ebp, esp 9 J) v5 _, \# Z2 d/ F
004011D7 |. 83EC 08 sub esp, 8
. }! x, B1 p) g004011DA |. 83C4 F4 add esp, -0C
3 I4 R4 T+ b2 z# f! U% t. X004011DD |. 6A 01 push 1
1 }/ X5 V7 P) z$ M0 x004011DF |. A1 DC304000 mov eax, dword ptr [<&msvcrt.__set_a> : a" m$ C& l1 F# W
004011E4 |. FFD0 call eax ; <&msvcrt.__set_app_type>
# z& Q5 Q- g% e004011E6 |. E8 95FFFFFF call 00401180
/ z0 R* u: f: h4 w- G4 L004011EB |. 31C0 xor eax, eax
$ u5 H" e! G- j; d2 m$ \ U004011ED |. C9 leave 1 _3 E( s* k+ e. L7 v8 ]+ Z. m! X T
004011EE \\. C3 retn
4 i' r5 G& Y q/ U004011EF 90 nop
: X, B8 N( }+ Y8 ^' j004011F0 /. 55 push ebp * s( t5 D- R( ^* z
004011F1 |. 89E5 mov ebp, esp - h \7 `9 K, W9 V
004011F3 |. 83EC 08 sub esp, 8 1 y" @/ b: b" C+ s& G; y- c8 e
004011F6 |. 83C4 F4 add esp, -0C
* d; E6 Q2 ]2 c' T004011F9 |. 6A 02 push 2 * S( W# J) V* ~3 ~7 H: h) T
004011FB |. A1 DC304000 mov eax, dword ptr [<&msvcrt.__set_a> D! L/ B; g" x6 S* x. J
00401200 |. FFD0 call eax ; <&msvcrt.__set_app_type>
( o5 k2 ~/ W o: J1 ~, f3 A4 l7 Y00401202 |. E8 79FFFFFF call 00401180
. m2 o1 E4 w. V00401207 |. C9 leave 7 R2 l3 I" f, m
00401208 \\. C3 retn
. m# n: U/ w, C00401209 00 db 00 # p% b$ Q9 X, C7 L
0040120A 00 db 00 - u$ x w7 ]$ [, g5 c
0040120B 00 db 00 : B% J2 k1 e( K' \& j
0040120C 00 db 00 5 g- ~ t2 d; @$ N( K+ s* j
0040120D 00 db 00
1 x- W, q/ p* o0040120E 00 db 00 % V9 H/ R0 m. O6 a# F
0040120F 00 db 00 " M. [* A/ @" G: ]7 I$ g3 q _
00401210 72 db 72 ; CHAR 'r'
- S5 W" D" Q; M% v1 e8 W00401211 00 db 00 . v& h# V, k( x, N
00401212 . 69 6E 70 75 7>ascii "input.txt",0 ; h6 m' K" T7 Y( H v
0040121C . 43 61 6E 27 7>ascii "Can't Find input" 5 o1 w; e5 c" @6 K5 {
0040122C . 2E 74 78 74 2>ascii ".txt!",0 3 x: h% ?! r) m
00401232 77 db 77 ; CHAR 'w'
' [3 c7 H/ n! @# u0 ^9 w00401233 00 db 00 7 M. Z& B. g: s( U' C
00401234 . 6F 75 74 70 7>ascii "output.txt",0 - R9 @ |8 u- a) d0 f, f
0040123F . 43 61 6E 27 7>ascii "Can't Create out"
0 I# T/ Q7 j4 }- O6 X% z. n0040124F . 70 75 74 2E 7>ascii "put.txt!",0 e3 n: Y& |9 x& m8 U* p
00401258 . 6F 6E 65 20 6>ascii "one char outpute"
! J$ z$ K! h, A3 k7 N; O00401268 . 64 0A 00 ascii "d
. L5 h+ @ c1 x2 a9 J" V( {' G) q",0
2 l! E/ @$ X% H$ A9 @# |* L$ w0040126B 90 nop
! D2 ^0 }0 k/ T4 g" J: _0040126C /$ 55 push ebp
2 |! [5 X2 s9 a3 g0040126D |. 89E5 mov ebp, esp
# w& p! c7 J8 P |& v" @) c0040126F |. 83EC 18 sub esp, 18
, a' U7 f+ h- S; \& N00401272 |. E8 39010000 call 004013B0
( D" l, C5 W+ O8 L* f a& f00401277 |. 83C4 F8 add esp, -8 4 g7 F1 W ?$ E! X6 R( [
0040127A |. 68 10124000 push 00401210 ; /mode = "r" 4 ?+ _) s5 {. Z6 l
0040127F |. 68 12124000 push 00401212 ; |path = "input.txt"
' B" d' E" g2 {" u, @& U6 ?1 ]00401284 |. E8 AF010000 call <jmp.&msvcrt.fopen> ; \\fopen 9 @ Q( B! M( n, j2 A4 v0 k( x
00401289 |. 83C4 10 add esp, 10
$ |# W* A) C' F! D2 c6 w. V3 w0040128C |. 89C0 mov eax, eax 2 J& T8 R; {8 O$ I3 K. o
0040128E |. 8945 FC mov dword ptr [ebp-4], eax
6 f8 M- {8 u' a! G5 h# Q00401291 |. 837D FC 00 cmp dword ptr [ebp-4], 0
- M; R4 i# q! O: e! [- m- i00401295 |. 75 10 jnz short 004012A7 + W' n" g: w# F8 @& W
00401297 |. 83C4 F4 add esp, -0C q/ k4 p* l/ v8 W1 e3 j" _) m# }
0040129A |. 68 1C124000 push 0040121C ; /format = "Can't Find input.txt!" . k- n- w1 {3 }/ y1 C/ B
0040129F |. E8 8C010000 call <jmp.&msvcrt.printf> ; \\printf
" J* J1 M; r1 T004012A4 |. 83C4 10 add esp, 10 # r3 i' y1 H. ^+ ?6 @6 s' N
004012A7 |> 83C4 F8 add esp, -8 1 l! S7 }+ _) \4 x( K
004012AA |. 68 32124000 push 00401232 ; /mode = "w" 5 q0 Y! J" Q' r9 w
004012AF |. 68 34124000 push 00401234 ; |path = "output.txt"
' T" a }4 q5 c& A0 l004012B4 |. E8 7F010000 call <jmp.&msvcrt.fopen> ; \\fopen
2 m6 l1 K: p7 G$ s7 \004012B9 |. 83C4 10 add esp, 10 5 L" U) L" d3 b8 s7 B' p5 o3 [! i3 t
004012BC |. 89C0 mov eax, eax 3 E/ ~7 h3 L9 t) | N
004012BE |. 8945 F8 mov dword ptr [ebp-8], eax
7 l" y8 P& v) v# s004012C1 |. 837D F8 00 cmp dword ptr [ebp-8], 0 9 t* C# G- d8 C7 Y0 ^
004012C5 |. 75 10 jnz short 004012D7
' E y3 _6 {! }! \& E& o004012C7 |. 83C4 F4 add esp, -0C + J) s. f! O+ a0 X" P+ ]. i
004012CA |. 68 3F124000 push 0040123F ; /format = "Can't Create output.txt!" + A& S* h& q4 o% J* D
004012CF |. E8 5C010000 call <jmp.&msvcrt.printf> ; \\printf + v: h% U6 U0 W, m$ z, X; v
004012D4 |. 83C4 10 add esp, 10
- G! ^. l# F% n `; U' g& ~004012D7 |> 83C4 F4 /add esp, -0C
, _- Q. c1 N& Q: d \ _/ J004012DA |. 8B45 FC |mov eax, dword ptr [ebp-4] 6 ~" @2 k4 \3 }8 t7 N8 K; T3 r; ^3 _
004012DD |. 50 |push eax ; /stream
! T6 h8 K+ K/ [7 f+ B& O7 V( b004012DE |. E8 45010000 |call <jmp.&msvcrt.fgetc> ; \\fgetc 2 g L K) |8 D G4 ~) W% J
004012E3 |. 83C4 10 |add esp, 10
- ~/ ~. d6 ?& L# }004012E6 |. 89C0 |mov eax, eax 5 Y# V8 k. d y/ W2 r( i# X, n3 M
004012E8 |. 8945 F4 |mov dword ptr [ebp-C], eax % @4 K' c2 p% o2 m- Q5 I" P& C
004012EB |. 817D F4 80000>|cmp dword ptr [ebp-C], 80 9 T5 ?2 u5 S7 Z3 v6 Y; N, [ a j
004012F2 |. 7F 23 |jg short 00401317 ! _$ X# l8 l3 {7 a/ V
004012F4 |. 83C4 F8 |add esp, -8
: O' H* n: Y5 d004012F7 |. 8B45 F8 |mov eax, dword ptr [ebp-8]
; q5 Z* Z9 V& r004012FA |. 50 |push eax ; /stream % |0 _9 ]$ t9 I
004012FB |. 8B45 F4 |mov eax, dword ptr [ebp-C] ; | ' d2 B2 m& z5 u/ f/ |; @
004012FE |. 50 |push eax ; |c 0 s$ d8 w8 f6 \$ q- S
004012FF |. E8 1C010000 |call <jmp.&msvcrt.fputc> ; \\fputc , L: z4 Q$ b) O4 X) M" Q- q% d
00401304 |. 83C4 10 |add esp, 10 ' c- F3 [& b1 f
00401307 |. 83C4 F4 |add esp, -0C
$ k' }, d3 |: T) _0040130A |. 68 58124000 |push 00401258 ; /format = "one char outputed",LF,"" 3 b( q; l+ i7 ~9 [7 r
0040130F |. E8 1C010000 |call <jmp.&msvcrt.printf> ; \\printf ) @ V* b: f0 y5 F8 c, X* U. x. e. u
00401314 |. 83C4 10 |add esp, 10 & x9 |- K- Q$ W, r. X0 n/ { t
00401317 |> 837D F4 FF |cmp dword ptr [ebp-C], -1
! u# B* ]+ t$ s: C `0040131B |. 75 03 |jnz short 00401320
6 K7 f+ ~" ]+ n% ^0040131D |. EB 03 |jmp short 00401322
) f8 G F+ p3 u4 O9 O0040131F | 90 |nop
5 `: E( T) B7 l! R' n+ f" f00401320 |>^ EB B5 \\jmp short 004012D7 5 X! g( i- Q4 }! A
00401322 |> C9 leave + T/ f6 s) |0 r: i! }; H H
00401323 \\. C3 retn $ N0 j+ \7 N0 g5 ^$ f( ^: r
00401324 00 db 00
" ]& X6 @' y2 u7 b% H00401325 00 db 00
7 t: K0 X/ O; U1 s$ p9 G9 h0 e+ }00401326 00 db 00 1 } F, |. F. t4 w$ [
00401327 00 db 00 5 M/ W* ~. O, A2 z0 D: L
00401328 00 db 00 9 @$ G# `! U4 J* d, W/ x
00401329 00 db 00
+ ?2 b; n" a" D0 r; J0040132A 00 db 00
. M- D' _; E% L2 v7 t0040132B 00 db 00 % L! } v, Y0 d+ D* n9 L
0040132C 00 db 00 $ N- v5 L; `2 [- Q5 [
0040132D 00 db 00 8 I3 Z2 A6 n+ J1 s- s5 W% M
0040132E 00 db 00 9 O% M+ \2 k$ ?2 k
0040132F 00 db 00 1 i3 J/ P; W |
00401330 /. 55 push ebp
e) R) w' V" U00401331 |. 89E5 mov ebp, esp 6 J4 a) G, K1 q# |6 ]! u- q% V8 l- x
00401333 |. 83EC 08 sub esp, 8 6 T" o; g/ |5 ?6 f8 i# d9 [8 f) g
00401336 |. A1 10204000 mov eax, dword ptr [402010]
3 ?9 F1 S* v/ `0040133B |. 8338 00 cmp dword ptr [eax], 0 ' v! n: {, z f
0040133E |. 74 1D je short 0040135D
" P* R, X( ^& C2 p4 W% {00401340 |> A1 10204000 /mov eax, dword ptr [402010] 9 m& @! @5 q7 R/ b3 N! `/ f" S% H
00401345 |. 8B00 |mov eax, dword ptr [eax] ' F1 S6 t& i/ _0 p, w
00401347 |. FFD0 |call eax
" V9 B" A5 J; U* e4 t$ ]00401349 |. A1 10204000 |mov eax, dword ptr [402010] 7 y4 |, k0 T4 ~* J# \( C9 U
0040134E |. 8D50 04 |lea edx, dword ptr [eax+4]
5 M' L- I, J6 K. M" L" R00401351 |. 8915 10204000 |mov dword ptr [402010], edx " i" \6 m8 ^. l0 ~ G7 Y9 ]
00401357 |. 8378 04 00 |cmp dword ptr [eax+4], 0
7 M( Y8 L8 W* N+ [0040135B |.^ 75 E3 \\jnz short 00401340
- u# `: d2 X& h: S0040135D |> C9 leave 9 d4 W* e2 C) m6 Y9 X( Z
0040135E \\. C3 retn
4 }' C9 X: W! W( y! @+ }, s, n0040135F 90 nop
' a! x9 `* `& ~" d* |/ V' j+ g2 M/ w00401360 /$ 55 push ebp . @0 F/ @7 j/ y- I1 R# W# X
00401361 |. 89E5 mov ebp, esp 9 n: m# W0 @! b% y: z
00401363 |. 83EC 14 sub esp, 14 1 L7 O0 o9 z* e; Y9 U+ v- M/ _
00401366 |. 53 push ebx
+ y1 y: I6 W; ^: I- H4 w00401367 |. A1 58144000 mov eax, dword ptr [401458]
( ?* [$ [4 G, I3 W3 S/ Z4 Y |0040136C |. 83F8 FF cmp eax, -1 4 q& S$ f4 M4 E
0040136F |. 75 19 jnz short 0040138A * Y8 F! M& u# W- i5 n& g# ]1 g
00401371 |. 31C0 xor eax, eax + B, I; F0 p+ D2 `
00401373 |. 833D 5C144000>cmp dword ptr [40145C], 0
2 j6 v0 n& a, Y# ^6 U0040137A |. 74 0E je short 0040138A 1 Y: d. u/ t! E9 B; m$ L$ C
0040137C |. BA 5C144000 mov edx, 0040145C
, B: \. f' P: ^2 w$ v00401381 |> 83C2 04 /add edx, 4 0 T5 \" l$ z+ B% p- \1 q3 M3 v, l
00401384 |. 40 |inc eax I; k& L9 k' C9 ]7 n0 t, v
00401385 |. 833A 00 |cmp dword ptr [edx], 0
" a) N% k: X6 Y4 e Q00401388 |.^ 75 F7 \\jnz short 00401381 , y3 M% W: \0 X! y
0040138A |> 89C3 mov ebx, eax , E6 @0 M$ {' Q' E
0040138C |. 85DB test ebx, ebx . m/ w+ z @$ x1 j9 |
0040138E |. 74 0C je short 0040139C
, \& O* P, |0 h0 F. f% y00401390 |> 8B049D 581440>/mov eax, dword ptr [ebx*4+401458] ( I3 g. V) U1 F8 i2 @2 S' s& f4 ?
00401397 |. FFD0 |call eax ! {0 P8 A" t6 P& L7 A: Q
00401399 |. 4B |dec ebx
( w. c7 e5 v! q1 |3 [3 y9 |: q0040139A |.^ 75 F4 \\jnz short 00401390
/ F2 m) j% G9 |- r4 G" X4 `0040139C |> 83C4 F4 add esp, -0C
) C- Z8 o& F; L( @0040139F |. 68 30134000 push 00401330 ; /func = engoutpu.00401330 6 i2 c4 {, M6 e4 u3 f/ A2 O
004013A4 |. E8 97000000 call <jmp.&msvcrt.atexit> ; \\atexit
. n" q( e. P! a v004013A9 |. 8B5D E8 mov ebx, dword ptr [ebp-18]
8 }+ d& L! g, X5 O, S0 E% V004013AC |. C9 leave 8 p$ ~' w7 m9 [2 C3 Q& e
004013AD \\. C3 retn % K* q( ]( R: _. o8 u$ v Q
004013AE 89F6 mov esi, esi
8 q" w+ s) W, Y5 g( P# E004013B0 /$ 55 push ebp
7 ]& E9 i k% I: p8 q1 [004013B1 |. 89E5 mov ebp, esp
: }! O# c7 ^$ m5 j0 l6 @5 M3 V004013B3 |. 83EC 08 sub esp, 8 ! N" v0 s; x) ?( N1 f
004013B6 |. 833D 14204000>cmp dword ptr [402014], 0
2 b# R |# \, h9 S004013BD |. 75 0F jnz short 004013CE
/ q0 V( p& B. M, U" x2 c004013BF |. C705 14204000>mov dword ptr [402014], 1 : e& m7 A L, a1 M! p. d Z0 `
004013C9 |. E8 92FFFFFF call 00401360
. z) H3 ]& B3 p/ C2 ]. T5 q004013CE |> C9 leave . e4 r6 x, c0 r8 @, S- C
004013CF \\. C3 retn i$ ^# d- @% t. d! m: f
004013D0 .- FF25 AC304000 jmp dword ptr [<&msvcrt._fmode>] ; msvcrt._fmode % @9 V+ v( f% s9 ?
004013D6 90 nop + Y3 |" p+ ]. ^8 ~1 R; Q* M
004013D7 90 nop
2 ]2 f% o$ I0 U8 W! D) X/ R004013D8 .- FF25 B4304000 jmp dword ptr [<&msvcrt._iob>] ; msvcrt._iob
0 h8 x; M7 v. e9 Z6 I004013DE 90 nop
2 C G/ K- \- R$ C( b; X004013DF 90 nop
; B( F! p5 `$ F004013E0 .- FF25 DC304000 jmp dword ptr [<&msvcrt.__set_app_ty>; msvcrt.__set_app_type
7 d* S5 p. @9 L8 _7 |- N- l004013E6 90 nop
$ c2 |4 u* @3 g& J$ v R b# ]: _004013E7 90 nop ) Q2 m6 K, ~- e% w4 x8 R, }( m! l
004013E8 $- FF25 A4304000 jmp dword ptr [<&msvcrt._cexit>] ; msvcrt._cexit
/ y6 I8 ] s+ Z8 j! W004013EE 90 nop
: F0 h2 s+ h2 P* J) h$ U004013EF 90 nop ~+ d% L5 M% q) l' j, y+ M5 H2 Q# K
004013F0 $- FF25 D0304000 jmp dword ptr [<&msvcrt.__p__environ>; msvcrt.__p__environ
6 }+ |' j7 z ]! ]004013F6 90 nop ; q6 B P) [: c5 L _7 F. D) T
004013F7 90 nop
3 l: n5 M% R8 k& \: a1 o! M004013F8 $- FF25 B0304000 jmp dword ptr [<&msvcrt._fpreset>] ; msvcrt._fpreset : K0 x/ D' V v. G
004013FE 90 nop
# q! S5 f4 P6 ]# v2 ^6 o; A) ?004013FF 90 nop
) U( B. F8 c) @* l1 S) v0 {00401400 $- FF25 D8304000 jmp dword ptr [<&msvcrt.signal>] ; msvcrt.signal 5 M3 Y# I# a ^7 i
00401406 90 nop 5 c/ g6 f/ _8 I' f$ [+ {$ u4 c
00401407 90 nop 5 o) o' r; l- h
00401408 $- FF25 A8304000 jmp dword ptr [<&msvcrt._fileno>] ; msvcrt._fileno
: f9 j8 ~/ T" o6 H, v* |' i, H0040140E 90 nop
6 a8 @. w6 T6 ~! P N# F0040140F 90 nop
2 O- c; H, \; _& X5 X8 `) t00401410 $- FF25 B8304000 jmp dword ptr [<&msvcrt._setmode>] ; msvcrt._setmode 0 w+ f8 t V; }+ F
00401416 90 nop 2 N# p$ d: l) G, g9 b' S, j+ E( j
00401417 90 nop
# \% ^1 ` b( z- K9 a00401418 $- FF25 BC304000 jmp dword ptr [<&msvcrt.__getmainarg>; msvcrt.__getmainargs
7 x& d) f! N* p' v" ?0040141E 90 nop 1 h$ j4 {9 ]" L5 c8 r `" G
0040141F 90 nop . X3 f4 f, F m' k' J0 z, ]
00401420 $- FF25 CC304000 jmp dword ptr [<&msvcrt.fputc>] ; msvcrt.putc 6 a4 k0 g. w3 L+ d7 Y2 v
00401426 90 nop
/ {; \2 `2 B& i+ R, g% P) Q( q0 i4 N2 x00401427 90 nop 6 n" v7 n3 J; a/ @8 [
00401428 $- FF25 C4304000 jmp dword ptr [<&msvcrt.fgetc>] ; msvcrt.getc - x3 Q- [; X7 ?, S! R; G- s
0040142E 90 nop
% F T$ f- O! }; y9 f5 D6 A$ W0040142F 90 nop
7 a V3 _7 X9 q( ]/ @& V8 p00401430 $- FF25 D4304000 jmp dword ptr [<&msvcrt.printf>] ; msvcrt.printf
8 f4 A% f! E/ q7 v7 G7 C) T00401436 90 nop
8 I: w2 O/ o" \6 Z7 `00401437 90 nop
* w1 t, X/ y8 D, S/ B2 w00401438 $- FF25 C8304000 jmp dword ptr [<&msvcrt.fopen>] ; msvcrt.fopen 0 c7 G# ]& @$ J V U) Y3 S' t
0040143E 90 nop
9 n+ G' @$ u5 l0040143F 90 nop
$ b% m+ n- Q& U* W; i00401440 $- FF25 C0304000 jmp dword ptr [<&msvcrt.atexit>] ; msvcrt.atexit
7 x8 y/ Y$ H% D N00401446 90 nop
& h; ~5 e/ n, @2 t00401447 90 nop ; B8 I0 E4 ^3 p$ E9 n c# _5 f
00401448 $- FF25 98304000 jmp dword ptr [<&KERNEL32.SetUnhandl>; kernel32.SetUnhandledExceptionFilter
/ G4 c6 u2 l. C" Y- Q6 m0040144E 90 nop ! k1 @0 B1 }! v6 m
0040144F 90 nop
% V! a! j3 A! |$ v$ v* s00401450 .- FF25 94304000 jmp dword ptr [<&KERNEL32.ExitProces>; kernel32.ExitProcess
7 J$ ]- _; @0 {% X$ L j9 D00401456 90 nop ) H J7 Y; E) w3 s8 G3 r
00401457 90 nop % N' Y( I4 t" W
00401458 . FFFFFFFF dd FFFFFFFF ! A1 b$ p2 ~5 Q2 q% m% [$ X3 p
0040145C . 00000000 dd 00000000
" A' A) t4 O; w. r2 w, A00401460 FF db FF
. l: d& b( ~& m4 g) T00401461 FF db FF
- k3 s0 c) R% j, t00401462 FF db FF ' z9 q& h& G: \4 h) Y
00401463 FF db FF 9 J6 P7 H- `3 }3 e! w
00401464 00 db 00
S" `! b$ Y! U7 `9 T00401465 00 db 00
# C' i. Q+ E5 Q G: `% i00401466 00 db 00
1 a' L8 C1 P8 D7 _% a, g00401467 00 db 00 |
发表于 2009-10-8 17:41
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
发表于 2009-10-10 19:10
楼主
