由于这个程序很短,OD里面的汇编代码也很短。 , s" g2 ^5 w( l* |7 {1 A: _. M% Q
请看红色的部分,这就是和0x80比较的部分。 , @- Q+ j9 n1 N: ?/ \; @
把这2句NOP掉,然后保存修改后的文件为exe。 7 V9 b& K8 W5 ~2 G8 A, S+ w9 b$ B
我们发现input.txt里面的所有内容都能被输出了。
* f2 R2 G6 C# u2 z附上修改后的exe.
/ j. F$ ^! @6 M深绿,你可以把这个操作过程试一下,练习一下.
8 Y$ q; p, {" a8 _2 m M
6 t8 z1 Y; l2 t: V- B* T3 j00401000 /$ 55 push ebp
8 Y5 x: X) K& ^( f B00401001 |. 89E5 mov ebp, esp
& P. L' t: b" N$ |* }0 D8 M00401003 |. 83EC 18 sub esp, 18 $ L: j4 [" i/ J4 U* |+ f: g
00401006 |. C745 FC 00000>mov dword ptr [ebp-4], 0 ; ~/ h" O0 Z# g. Q5 D7 J+ ]
0040100D |. 83C4 F4 add esp, -0C 7 J, E/ ]( f- R9 D7 w7 b+ H- q9 v
00401010 |. 8D45 FC lea eax, dword ptr [ebp-4]
" n; K$ r5 p1 V* f00401013 |. 50 push eax s* L9 g) A3 z) z" ~' P) G4 v# Y
00401014 |. FF35 08204000 push dword ptr [402008] " q( ? j @! z0 x1 j0 `1 O4 ? ?5 y- A
0040101A |. 8D45 F8 lea eax, dword ptr [ebp-8] 5 X$ h, j) P* f' {
0040101D |. 50 push eax
1 b: F, [: U* d+ c5 c0040101E |. 68 04204000 push 00402004 7 y8 k- T, ^# P$ T
00401023 |. 68 00204000 push 00402000 1 @" P$ ]0 Y9 J: m% f: `
00401028 |. E8 EB030000 call <jmp.&msvcrt.__getmainargs> : x1 e) Y0 N6 w. d( a% h; G
0040102D |. C9 leave ( |8 b" Z9 {3 v6 |# Q- D9 [
0040102E \\. C3 retn 7 U; B* I/ y& R# U8 h& k
0040102F 90 nop
- W+ L X" q `8 `. s! M00401030 /$ 55 push ebp , u/ }: e% o6 S5 }4 d* q
00401031 |. 89E5 mov ebp, esp % Q9 I# n/ R' j. }3 l' F! l
00401033 |. 83EC 08 sub esp, 8
' E6 ?2 K/ c8 H# h2 J00401036 |. 8B15 0C204000 mov edx, dword ptr [40200C]
# C' d6 [- \+ }2 l0040103C |. 85D2 test edx, edx + @0 v* P6 s8 N3 e% U: ~
0040103E |. 74 7B je short 004010BB
v R. i& P% c) I9 w00401040 |. A1 AC304000 mov eax, dword ptr [<&msvcrt._fmode>> / M: g9 Y0 J$ t3 n1 A( |
00401045 |. 8910 mov dword ptr [eax], edx
; _% m" _3 w, j8 M8 E) B, @00401047 |. A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>] 6 y$ ~* o0 J6 g) W1 h4 E& Y/ [
0040104C |. 85C0 test eax, eax % a2 m+ q: p8 `! b1 P9 u. B) d
0040104E |. 74 1E je short 0040106E
5 M2 M( w2 W9 E) P: W00401050 |. 83C4 F8 add esp, -8 1 p+ ^0 j5 k$ a! U
00401053 |. FF35 0C204000 push dword ptr [40200C] 8 ?5 }6 i8 I. j* {* S, M8 _
00401059 |. 83C4 F4 add esp, -0C
& j5 m% o6 D' M% K5 h8 b) V0040105C |. 50 push eax ; /pstream => offset msvcrt._iob - k8 b% ^( c; P, f9 K9 u. m
0040105D |. E8 A6030000 call <jmp.&msvcrt._fileno> ; \\_fileno - V; a4 ?' m" }, O' n9 ~% C; u
00401062 |. 83C4 10 add esp, 10
" o6 f8 Y+ { X3 r00401065 |. 50 push eax ; |handle 1 V- I6 w5 s0 C& S
00401066 |. E8 A5030000 call <jmp.&msvcrt._setmode> ; \\_setmode " b0 O' b8 p) \+ e& j
0040106B |. 83C4 10 add esp, 10 5 S3 `) `) b9 p1 I/ g$ s
0040106E |> A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>] $ o6 _2 N1 ?: ?0 z; U# v
00401073 |. 83C0 20 add eax, 20 W+ {( [- F6 M7 j) C1 ?# ^" c [
00401076 |. 74 1E je short 00401096
5 ^! T/ O! |/ f) V/ p00401078 |. 83C4 F8 add esp, -8
, d) V- D5 V$ c1 v1 }0040107B |. FF35 0C204000 push dword ptr [40200C]
0 I V2 a$ m$ {2 m& @: `00401081 |. 83C4 F4 add esp, -0C
1 y+ K f, N/ z* H0 O2 |, f9 L00401084 |. 50 push eax ; /pstream ' @+ p7 r, s* V6 q% V; ?! Q
00401085 |. E8 7E030000 call <jmp.&msvcrt._fileno> ; \\_fileno
1 E% m( h3 n/ s- l+ ^0040108A |. 83C4 10 add esp, 10 7 N; M& N& S' K& Q* ^: k( q
0040108D |. 50 push eax ; |handle
+ u* g, o' t" o% m$ t$ v; j0040108E |. E8 7D030000 call <jmp.&msvcrt._setmode> ; \\_setmode
5 W9 _2 |% T5 ^00401093 |. 83C4 10 add esp, 10 / v6 z! R' L% X% s! ?' a
00401096 |> A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>]
; }+ u& o- q1 l+ @* s6 W( l4 y0040109B |. 83C0 40 add eax, 40
+ y; l$ m& z1 f; b. B) v: l9 k0040109E |. 74 1B je short 004010BB ; \0 \$ }4 H+ K
004010A0 |. 83C4 F8 add esp, -8
' b1 i9 ]- r; G6 @8 f) M004010A3 |. FF35 0C204000 push dword ptr [40200C]
, r; }; B" X4 I% B; P" `004010A9 |. 83C4 F4 add esp, -0C
8 f! A! Z7 b2 I+ U0 l9 l+ D5 {004010AC |. 50 push eax ; /pstream
3 i% T- h: q4 }8 k* j5 O" o" T004010AD |. E8 56030000 call <jmp.&msvcrt._fileno> ; \\_fileno % e) j3 g3 O4 L1 O. q& j8 U
004010B2 |. 83C4 10 add esp, 10
! l# o( e- q9 ?) t w004010B5 |. 50 push eax ; |handle }1 l9 s3 \& n; l- P- M, R: E
004010B6 |. E8 55030000 call <jmp.&msvcrt._setmode> ; \\_setmode
& T4 t3 y/ [$ N004010BB |> C9 leave % f% \) p7 i/ b/ r
004010BC \\. C3 retn
; }* q( u, C2 M! }8 k004010BD 8D76 00 lea esi, dword ptr [esi]
7 V3 ^, u6 k7 S' p! N9 T& F004010C0 /. 55 push ebp * `+ L' [6 R! G* g! i
004010C1 |. 89E5 mov ebp, esp
& C4 A$ t4 a/ v004010C3 |. 83EC 10 sub esp, 10 9 Q% Q7 E8 |, M
004010C6 |. 56 push esi
# F- U0 q$ d# k; j. [+ _; F004010C7 |. 53 push ebx
1 G+ u$ n1 t' W% o# y' l004010C8 |. 8B45 08 mov eax, dword ptr [ebp+8] ' ]1 Y6 t/ c" a1 g
004010CB |. 31DB xor ebx, ebx
$ Z0 a$ X2 {" r0 ^004010CD |. 31F6 xor esi, esi $ l7 w% ~$ x3 f! I2 s( L/ D" t
004010CF |. 8B00 mov eax, dword ptr [eax]
9 J9 @( H& m& B5 s9 ?, U004010D1 |. 8B00 mov eax, dword ptr [eax]
1 ]6 V& }/ p/ _$ H8 D004010D3 |. 3D 910000C0 cmp eax, C0000091
( e5 s5 c# [0 }' t9 K; a! e% T004010D8 |. 77 16 ja short 004010F0
) I8 Y) ?* D, ^# `! J/ a7 Z004010DA |. 3D 8D0000C0 cmp eax, C000008D
5 W o: ]9 T) Z& P4 l4 `' d) ?004010DF |. 73 4F jnb short 00401130 1 t' }3 ]) |: V$ {1 N
004010E1 |. 3D 050000C0 cmp eax, C0000005
% S" o; [) v0 V9 e' p% }1 }004010E6 |. 74 18 je short 00401100 : C; u2 v) @$ a. @+ f _
004010E8 |. E9 86000000 jmp 00401173 ( g% V/ t# ]3 T$ g$ }
004010ED | 8D76 00 lea esi, dword ptr [esi]
3 C [6 D9 @, J+ U' x# p9 S0 p004010F0 |> 3D 930000C0 cmp eax, C0000093 # B, o; C7 j' R O! L
004010F5 |. 74 39 je short 00401130 $ C8 c' l% @& y: L7 n( t# F+ i
004010F7 |. 3D 940000C0 cmp eax, C0000094 ( A; S. _" l3 C; @1 x( R1 w
004010FC |. 74 37 je short 00401135
( E, L4 t, q' ^# p! a9 b004010FE |. EB 73 jmp short 00401173
0 D0 r4 u" `7 y- r9 y8 s0 o00401100 |> 83C4 F8 add esp, -8
8 ?' O4 r7 A& C7 R2 p00401103 |. 6A 00 push 0 ; /func = NULL
6 f; G3 M3 ~8 V% ^00401105 |. 6A 0B push 0B ; |sig = SIGSEGV
6 n4 m) r0 C [# n U" J00401107 |. E8 F4020000 call <jmp.&msvcrt.signal> ; \\signal
! _" U m3 B5 G: z3 J0040110C |. 83C4 10 add esp, 10
) _( o4 P1 z' `' b2 t/ ?: [0040110F |. 83F8 01 cmp eax, 1
9 a) T+ C: F" Q* O7 t/ Y; Z- S) M00401112 |. 75 0E jnz short 00401122 9 ^+ o( _9 U: F- @5 e. I# L# N
00401114 |. 83C4 F8 add esp, -8
( h! q# m# D* v( ~9 _00401117 |. 6A 01 push 1 ; /func = 00000001
- p* E6 W% [& m1 f- G' w% w& |00401119 |. 6A 0B push 0B ; |sig = SIGSEGV
+ E, y2 Y1 [5 g# l1 |5 ~& h: }& l0040111B |. E8 E0020000 call <jmp.&msvcrt.signal> ; \\signal
2 V } F) M6 P2 R6 W00401120 |. EB 4C jmp short 0040116E * W2 M/ E4 r, M3 w) P$ q* p
00401122 |> 85C0 test eax, eax 6 ?+ }# g/ q$ s& H8 X }" U+ z& Q& f
00401124 |. 74 4D je short 00401173
# @4 B- Z' f5 n00401126 |. 83C4 F4 add esp, -0C
# M. v: O" u H' M5 Y4 V) h00401129 |. 6A 0B push 0B 1 r: i1 ?6 m$ I# K! H/ p
0040112B |. EB 3F jmp short 0040116C
, U( O5 t' O9 i- @; s0040112D | 8D76 00 lea esi, dword ptr [esi] - A, f, ~* ]# y9 I; \) B
00401130 |> BE 01000000 mov esi, 1
+ I) \2 O$ L9 d00401135 |> 83C4 F8 add esp, -8 % Q: c5 \3 }) z7 {; K
00401138 |. 6A 00 push 0 ; /func = NULL
5 L- M6 {* @5 I1 m0040113A |. 6A 08 push 8 ; |sig = SIGFPE 9 n& R3 n3 u9 z: ?; ]
0040113C |. E8 BF020000 call <jmp.&msvcrt.signal> ; \\signal , S. A; L4 n! E6 k- m, |' Q+ Q
00401141 |. 83C4 10 add esp, 10
6 R6 m! r8 N7 ]2 s00401144 |. 83F8 01 cmp eax, 1
7 y( W, s2 V6 |6 P) ]00401147 |. 75 1A jnz short 00401163
* Y, |/ b0 q. r3 V( F9 y00401149 |. 83C4 F8 add esp, -8
3 ]2 M. ?% m; u4 F% F0040114C |. 6A 01 push 1 ; /func = 00000001 5 i9 }% `/ n8 G" |: N( G
0040114E |. 6A 08 push 8 ; |sig = SIGFPE , G: n. {( g* [" ?% ~2 h2 p1 B
00401150 |. E8 AB020000 call <jmp.&msvcrt.signal> ; \\signal & L! q! S# S- s& N- u, g
00401155 |. 83C4 10 add esp, 10
" a' w8 s& p+ B! [! T$ l, a00401158 |. 85F6 test esi, esi " h, X& A' J7 ^* c% W
0040115A |. 74 12 je short 0040116E
( d) N/ b& h+ T; Q& g m$ m0040115C |. E8 97020000 call <jmp.&msvcrt._fpreset> ; [_fpreset
% R+ L! V4 D4 p, ]: @% A00401161 |. EB 0B jmp short 0040116E 2 R# b2 m6 R7 B7 t+ D5 l# I+ X/ s, h# o
00401163 |> 85C0 test eax, eax
+ y: C" B ^$ ^& y* r00401165 |. 74 0C je short 00401173
6 T) _4 i% f- w00401167 |. 83C4 F4 add esp, -0C
2 I3 v V! M$ B& R& ]0040116A |. 6A 08 push 8
$ ]' X' v5 J- L Q; [( V- a6 H0040116C |> FFD0 call eax
& Q2 J' V5 t% G0040116E |> BB FFFFFFFF mov ebx, -1 - P, X3 Y8 }% T" f# j
00401173 |> 89D8 mov eax, ebx " J" `- s+ H! x# c7 T
00401175 |. 8D65 E8 lea esp, dword ptr [ebp-18] 7 s; `; v2 o7 W0 _8 M1 \
00401178 |. 5B pop ebx " ]: C$ r5 S' F# {
00401179 |. 5E pop esi . n0 g F! H7 b# k. w/ b7 x
0040117A |. C9 leave 4 w0 g% R0 R/ u. w3 w
0040117B \\. C2 0400 retn 4 - y# t. E. L! w- \9 F2 ~
0040117E 89F6 mov esi, esi - D( d# U: C; d" Z1 C2 f
00401180 /$ 55 push ebp 2 X: G- L! P5 \9 E7 a
00401181 |. 89E5 mov ebp, esp 5 T! Z Z' k3 ^7 n( u/ k0 t2 Y
00401183 |. 83EC 14 sub esp, 14 5 y! A5 e: Q9 O0 f6 G( u* z
00401186 |. 53 push ebx
$ w' J/ u7 O8 e2 g3 {3 e; \" q& u00401187 |. 83C4 F4 add esp, -0C , c {. d; |: X' a; W+ h2 b
0040118A |. 68 C0104000 push 004010C0 ; /pTopLevelFilter = engoutpu.004010C0
5 u! U7 B" a1 G: ~; P0 [& u% z0040118F |. E8 B4020000 call <jmp.&KERNEL32.SetUnhandledExcep>; \\SetUnhandledExceptionFilter
' g4 }5 o4 |# D) r& v9 }00401194 |. 83C4 FC add esp, -4
. \( O( v2 b+ p# W5 \! O* F00401197 |. E8 5C020000 call <jmp.&msvcrt._fpreset> ; [_fpreset 3 Y3 [+ D: W2 ~1 X5 Q' J
0040119C |. E8 5FFEFFFF call 00401000 : q5 }( }5 r- m3 P2 t& l
004011A1 |. E8 8AFEFFFF call 00401030
. M7 s) Y# ~9 T5 h004011A6 |. 83C4 FC add esp, -4
" K3 u- h D# q6 V U- Q9 }$ Y004011A9 |. E8 42020000 call <jmp.&msvcrt.__p__environ>
5 ~9 j1 y; u# k4 Y) l0 f1 U3 J004011AE |. FF30 push dword ptr [eax]
) q3 g& X, U+ J0 D1 q6 \& B% q% R: g004011B0 |. FF35 04204000 push dword ptr [402004] 0 f4 d/ _( m4 W. r9 b
004011B6 |. FF35 00204000 push dword ptr [402000]
$ a0 Q1 ^- G7 |% r$ s' G004011BC |. E8 AB000000 call 0040126C ! g$ ] Y% e+ a2 P0 ]7 P4 n( Y) C
004011C1 |. 89C3 mov ebx, eax
3 x( t5 e$ y# s( ]004011C3 |. 83C4 20 add esp, 20 + R* @0 o. g' y% }& K1 x
004011C6 |. E8 1D020000 call <jmp.&msvcrt._cexit> ; [msvcrt._cexit , w( t1 u+ _8 Y- \( e- k. R
004011CB |. 83C4 F4 add esp, -0C
3 r2 u2 K/ i+ c- a/ @3 k, C4 d004011CE |. 53 push ebx ; /ExitCode
" {, e( V/ m" i6 n' p004011CF \\. E8 7C020000 call <jmp.&KERNEL32.ExitProcess> ; \\ExitProcess
1 h+ @( c$ r7 H* z004011D4 >/$ 55 push ebp
% a" P+ I+ d1 V3 X+ d0 K; }# c004011D5 |. 89E5 mov ebp, esp L& A2 G! p0 n
004011D7 |. 83EC 08 sub esp, 8 ; r4 @+ O0 u) D2 v6 b5 Y$ q
004011DA |. 83C4 F4 add esp, -0C 2 C7 Y; r* J. I$ K Q" n
004011DD |. 6A 01 push 1 4 q2 S+ p3 _1 a# S
004011DF |. A1 DC304000 mov eax, dword ptr [<&msvcrt.__set_a> ' p+ d g1 d& _8 _! O8 G, x
004011E4 |. FFD0 call eax ; <&msvcrt.__set_app_type> 2 ~& I! b3 J3 C" }; Z
004011E6 |. E8 95FFFFFF call 00401180
" x6 a. W& v! u3 k1 Y4 B4 g6 c! B, Z004011EB |. 31C0 xor eax, eax
7 M+ `4 z& i. f0 m6 I2 Z004011ED |. C9 leave ! \: z% a$ |' Y1 @$ ^3 g8 c
004011EE \\. C3 retn
, Q$ o- b. }; a004011EF 90 nop % Q9 w2 Q# K& q
004011F0 /. 55 push ebp
5 j% s* Q7 t; ]+ {004011F1 |. 89E5 mov ebp, esp ' i: [6 T# f6 [% r
004011F3 |. 83EC 08 sub esp, 8 ( b7 e# [" i) @; V; ?! y" {
004011F6 |. 83C4 F4 add esp, -0C 2 J8 K7 Y( a B* h
004011F9 |. 6A 02 push 2
- Q! a& G, K9 e d# O- W2 B004011FB |. A1 DC304000 mov eax, dword ptr [<&msvcrt.__set_a>
+ ^" d3 O* B1 ]9 g( H, W00401200 |. FFD0 call eax ; <&msvcrt.__set_app_type> + H1 v6 q4 h" c9 \7 m" j/ Q6 W+ C
00401202 |. E8 79FFFFFF call 00401180
3 ~6 U( Q1 A- u( E( G00401207 |. C9 leave
& ^1 J5 d! ]5 ?' i) x$ ?) C- x00401208 \\. C3 retn
. m; Z" n' W: _2 R- x0 o& _. b# h00401209 00 db 00
- ^. \. l( F; i+ N4 x* {# M! a3 j0040120A 00 db 00 ' F u6 ]9 p6 C6 W0 T7 \3 H0 k0 @
0040120B 00 db 00 ; t4 o0 Q" o8 @- O4 y- }
0040120C 00 db 00 3 k7 o. K" x( S: Z
0040120D 00 db 00
9 J( l/ p) a+ S6 U5 j) w, J0040120E 00 db 00
8 E( n; ]4 q" h5 ?# v0040120F 00 db 00 ; T+ q7 u$ `7 ~# Z" \; E: E
00401210 72 db 72 ; CHAR 'r' * {6 m/ w8 e0 e8 e( z1 b
00401211 00 db 00 , A5 }; {* x- y" J3 o2 v- A
00401212 . 69 6E 70 75 7>ascii "input.txt",0 8 Z, N0 P6 C8 B6 Z# d9 z6 c
0040121C . 43 61 6E 27 7>ascii "Can't Find input"
8 y1 |7 K% A8 `8 p0040122C . 2E 74 78 74 2>ascii ".txt!",0
4 u4 F6 J" A/ m R- w/ Y# W* N00401232 77 db 77 ; CHAR 'w'
! }1 k) g, Q2 _0 ]8 v' Y) g( C# C. W00401233 00 db 00
# E* z& v% L5 W00401234 . 6F 75 74 70 7>ascii "output.txt",0 " ?5 u+ I* v2 K6 b: \8 E0 y6 M5 p. t
0040123F . 43 61 6E 27 7>ascii "Can't Create out"
# q$ B6 C* Q4 k2 v E0040124F . 70 75 74 2E 7>ascii "put.txt!",0
( y; c2 j4 b! E/ n( `& r8 w00401258 . 6F 6E 65 20 6>ascii "one char outpute"
; s: n5 \- W8 F C) B* n q8 {00401268 . 64 0A 00 ascii "d 9 H4 A* C6 O# \& L
",0 ( |: I( p% s! v6 @! ?% z" d& W
0040126B 90 nop $ E p5 o/ f7 q$ {
0040126C /$ 55 push ebp
" o/ G1 V& o8 e( [1 W0040126D |. 89E5 mov ebp, esp
) [9 S) X5 I% Z8 b0 l) H& U0040126F |. 83EC 18 sub esp, 18 - u) B" \5 g/ e) a# Y6 {6 C
00401272 |. E8 39010000 call 004013B0 ' J$ X! C6 e! j: E& V
00401277 |. 83C4 F8 add esp, -8
' w1 \+ i& G, Y1 t7 K' p# Q! `5 c0040127A |. 68 10124000 push 00401210 ; /mode = "r" - w! F2 X0 o/ o; I7 z3 r
0040127F |. 68 12124000 push 00401212 ; |path = "input.txt"
9 r9 k7 d, d2 O00401284 |. E8 AF010000 call <jmp.&msvcrt.fopen> ; \\fopen
6 t$ _* _! q: r* l8 I2 M00401289 |. 83C4 10 add esp, 10
' C% S- S# Z C1 T2 e5 y3 |0040128C |. 89C0 mov eax, eax / z' X. D7 ?3 X; d! {* w) w
0040128E |. 8945 FC mov dword ptr [ebp-4], eax & W$ F! S0 y# W2 s1 N
00401291 |. 837D FC 00 cmp dword ptr [ebp-4], 0 3 d; Q* Y9 B& j5 K
00401295 |. 75 10 jnz short 004012A7
' F4 l* n% Z. K4 b4 V5 ]00401297 |. 83C4 F4 add esp, -0C
4 v- `8 C0 ^# s8 r. [/ L, r0040129A |. 68 1C124000 push 0040121C ; /format = "Can't Find input.txt!" ( _& T$ g* i' N
0040129F |. E8 8C010000 call <jmp.&msvcrt.printf> ; \\printf : Q& g7 s; v& Z+ K
004012A4 |. 83C4 10 add esp, 10 + E- Y/ J4 Z6 t9 _" |
004012A7 |> 83C4 F8 add esp, -8
- a. y* S5 I) p004012AA |. 68 32124000 push 00401232 ; /mode = "w" 2 ?3 v4 K5 q- T( y n
004012AF |. 68 34124000 push 00401234 ; |path = "output.txt" ) p S- {7 m8 h
004012B4 |. E8 7F010000 call <jmp.&msvcrt.fopen> ; \\fopen
0 V/ O& J V* ?1 w8 E2 }% L/ V004012B9 |. 83C4 10 add esp, 10
5 r. l2 t, T. g7 v9 T9 A4 S004012BC |. 89C0 mov eax, eax
+ `/ A1 r: v$ q. p$ W' \004012BE |. 8945 F8 mov dword ptr [ebp-8], eax
- c" n+ |, T w8 q7 `! g004012C1 |. 837D F8 00 cmp dword ptr [ebp-8], 0
& o8 b8 i( L% f7 G" [! ?$ n- J; m004012C5 |. 75 10 jnz short 004012D7 ' x/ }, O2 U! w1 z' b9 v( m) L
004012C7 |. 83C4 F4 add esp, -0C / f1 {; u, X% z; u6 R! p
004012CA |. 68 3F124000 push 0040123F ; /format = "Can't Create output.txt!" 2 q: s( _- P" E8 {
004012CF |. E8 5C010000 call <jmp.&msvcrt.printf> ; \\printf ) I2 p$ e; c+ n" _7 Z# Z
004012D4 |. 83C4 10 add esp, 10 + K0 {' A w1 r( a* }( w! R
004012D7 |> 83C4 F4 /add esp, -0C
' h9 |/ |4 r0 c, w, F# U( h; F004012DA |. 8B45 FC |mov eax, dword ptr [ebp-4]
1 a* g: R, L1 E& w, ]# m1 X6 O004012DD |. 50 |push eax ; /stream & R* ~7 Y4 l: F a5 Y
004012DE |. E8 45010000 |call <jmp.&msvcrt.fgetc> ; \\fgetc
$ X w1 g& {7 ^2 S9 o/ X) `- b( k004012E3 |. 83C4 10 |add esp, 10
/ P, z6 J& \8 h& l# x/ [* _004012E6 |. 89C0 |mov eax, eax
) s3 n/ V% u: e/ M" d004012E8 |. 8945 F4 |mov dword ptr [ebp-C], eax
8 U! O5 @5 U' w2 v; c/ v004012EB |. 817D F4 80000>|cmp dword ptr [ebp-C], 80 $ `7 v& a4 u' N* h# L0 f3 j& {
004012F2 |. 7F 23 |jg short 00401317 Q: q* J9 I* A4 R
004012F4 |. 83C4 F8 |add esp, -8 3 _- [3 q3 }* n& C
004012F7 |. 8B45 F8 |mov eax, dword ptr [ebp-8]
3 p3 g I* S, G004012FA |. 50 |push eax ; /stream : j, z$ Z6 S8 D0 d) d, Q
004012FB |. 8B45 F4 |mov eax, dword ptr [ebp-C] ; | ' z% E2 d1 ^& a# ?; f
004012FE |. 50 |push eax ; |c
/ _7 ?5 R# k% L t004012FF |. E8 1C010000 |call <jmp.&msvcrt.fputc> ; \\fputc
! E( N. }/ @4 o4 f5 S4 h! p" M ~00401304 |. 83C4 10 |add esp, 10 # n9 _: Y, S, k6 T# P
00401307 |. 83C4 F4 |add esp, -0C
+ N9 L1 n( x8 H0040130A |. 68 58124000 |push 00401258 ; /format = "one char outputed",LF,"" 8 v/ N: U/ V* e. Z# ~! h. ^ R
0040130F |. E8 1C010000 |call <jmp.&msvcrt.printf> ; \\printf
g4 o( ^) f* V3 k" V7 D! Q00401314 |. 83C4 10 |add esp, 10 ! p0 G! y8 p H3 E# A7 e+ o
00401317 |> 837D F4 FF |cmp dword ptr [ebp-C], -1
$ E. t) r- r: c d0040131B |. 75 03 |jnz short 00401320
. w/ z- Q) ]$ ]* d9 l* }1 K, E0040131D |. EB 03 |jmp short 00401322 ( p5 s3 k0 G' x7 s, q7 C ^
0040131F | 90 |nop ! d% n* G/ z0 ]8 I
00401320 |>^ EB B5 \\jmp short 004012D7
( Y4 ?$ F8 A2 J00401322 |> C9 leave
0 G) h) F. {) ^* D. o0 k: l00401323 \\. C3 retn / N2 M8 e- ]+ a. r6 f, f& V
00401324 00 db 00
5 o+ ?- _7 v6 ~( H. Y00401325 00 db 00 1 k( f! l: `- a4 J
00401326 00 db 00 $ G i) g4 z, O x$ L9 L- Q. A/ w
00401327 00 db 00 0 ~1 A: @% \; a5 n( u
00401328 00 db 00 ; X0 h) _* @, ]2 r- _6 K% m: O! z
00401329 00 db 00 ! m: `8 B. Q& Y& W- u
0040132A 00 db 00 ( l/ {/ o0 \ Z, N5 c! T
0040132B 00 db 00 3 [* H# B3 g0 A: m
0040132C 00 db 00 6 f6 \) u$ r: g
0040132D 00 db 00 5 o+ l- N8 v7 M6 P4 U
0040132E 00 db 00 + ~3 X5 L" V0 X6 r
0040132F 00 db 00
6 \ `) I; k* C00401330 /. 55 push ebp
# ^0 M6 |( D* U8 u00401331 |. 89E5 mov ebp, esp 6 C1 q" z$ |; H! v' `0 E' a$ n w j
00401333 |. 83EC 08 sub esp, 8 ' K" X- i$ e! r( R" Z( Y
00401336 |. A1 10204000 mov eax, dword ptr [402010] 2 a' ^% d: h; z) K
0040133B |. 8338 00 cmp dword ptr [eax], 0 * [# b. Z, d( T$ k* @5 {$ E1 @$ o
0040133E |. 74 1D je short 0040135D 4 q/ u. z a n8 O0 u
00401340 |> A1 10204000 /mov eax, dword ptr [402010] ' D6 g( U C9 u6 d8 E' A
00401345 |. 8B00 |mov eax, dword ptr [eax] 1 e& C- g& f9 d, C' ]+ N! v) _5 T. h
00401347 |. FFD0 |call eax 4 s2 r* V2 ^9 P. @) ]% J& R
00401349 |. A1 10204000 |mov eax, dword ptr [402010] 4 j- x0 A- `' |: J( \) p( r g% ^. C
0040134E |. 8D50 04 |lea edx, dword ptr [eax+4] U5 V6 n3 ~1 W8 a" I. y1 w
00401351 |. 8915 10204000 |mov dword ptr [402010], edx h% @/ B+ t) ]- @; P5 n
00401357 |. 8378 04 00 |cmp dword ptr [eax+4], 0
) O! @, o5 G3 T' x0040135B |.^ 75 E3 \\jnz short 00401340 & y/ a2 G1 T4 _+ }3 ?
0040135D |> C9 leave Q/ T v1 K+ N- e8 Z* h7 E8 Y
0040135E \\. C3 retn ) ^7 W9 r+ c3 X0 z9 B; q2 k
0040135F 90 nop . k$ c4 q. e1 F; J& A
00401360 /$ 55 push ebp
3 O0 x2 K8 L9 z- e5 l6 C00401361 |. 89E5 mov ebp, esp
) i8 n0 s* t$ e00401363 |. 83EC 14 sub esp, 14 z! {+ z5 V: r- m: Y- a
00401366 |. 53 push ebx : y2 e4 c! J: P5 [1 f; @2 D$ g
00401367 |. A1 58144000 mov eax, dword ptr [401458]
: N. `% [9 `( A1 R" Y0040136C |. 83F8 FF cmp eax, -1 7 V! A) O! H( R: S/ l
0040136F |. 75 19 jnz short 0040138A
% Z( `8 h( H: h0 r: K00401371 |. 31C0 xor eax, eax & k* p# H7 p( B% O
00401373 |. 833D 5C144000>cmp dword ptr [40145C], 0 1 h) W) z8 ]- F0 q& k
0040137A |. 74 0E je short 0040138A . z6 z. p8 e% M/ a% }5 U- o' c. f1 m
0040137C |. BA 5C144000 mov edx, 0040145C
4 o j' b) U0 K$ i7 o, Y00401381 |> 83C2 04 /add edx, 4
# H( {( Z, z/ T! L. a5 H5 C00401384 |. 40 |inc eax
0 k' l& j" l Q5 k7 y$ Q! K00401385 |. 833A 00 |cmp dword ptr [edx], 0
/ D. V+ _# ]9 c& g% f7 E00401388 |.^ 75 F7 \\jnz short 00401381 ~6 y1 R: V* ]6 B7 x* [ C
0040138A |> 89C3 mov ebx, eax . _9 m3 l* ]+ j% R
0040138C |. 85DB test ebx, ebx ( o6 X9 Y! K0 m4 N; `0 p- n
0040138E |. 74 0C je short 0040139C 0 O7 T1 A# ^) V- D4 ~( }
00401390 |> 8B049D 581440>/mov eax, dword ptr [ebx*4+401458] ( T4 Z& C+ l6 R0 D9 ]2 Y$ W
00401397 |. FFD0 |call eax 9 e4 A& v3 \' {$ y( e1 N3 o6 \
00401399 |. 4B |dec ebx
0 [- T1 A$ t1 {) Y2 K0040139A |.^ 75 F4 \\jnz short 00401390 * a1 D4 j# r. B2 \' @8 Y
0040139C |> 83C4 F4 add esp, -0C : @+ i4 @# K+ s! C) g: i$ k+ V# s1 |
0040139F |. 68 30134000 push 00401330 ; /func = engoutpu.00401330
1 y1 a# k$ ^1 R5 Q a, \& O- ^# S004013A4 |. E8 97000000 call <jmp.&msvcrt.atexit> ; \\atexit
: Z! O# p1 ~; G3 A; c" H, q4 d004013A9 |. 8B5D E8 mov ebx, dword ptr [ebp-18]
9 B, T7 n/ F; p0 R. ^& m004013AC |. C9 leave ' p) j' u% s, s1 g' ^( g
004013AD \\. C3 retn
4 O' e; y/ h% v9 q3 }( e G004013AE 89F6 mov esi, esi $ V8 H* y$ T* o8 y+ Q" \
004013B0 /$ 55 push ebp 6 y0 t( I3 h7 Y: X1 U( P. c o
004013B1 |. 89E5 mov ebp, esp
, F- @6 A; j; Z t. J$ I004013B3 |. 83EC 08 sub esp, 8 0 e. L8 b/ A# B+ ^6 b% ?
004013B6 |. 833D 14204000>cmp dword ptr [402014], 0
/ l" r' R. ~2 K( p, Z004013BD |. 75 0F jnz short 004013CE
9 \, m- z/ L- T& p; ?004013BF |. C705 14204000>mov dword ptr [402014], 1 8 L/ l, C* f, l6 \% b7 }
004013C9 |. E8 92FFFFFF call 00401360
1 [: _- p" B6 U) N004013CE |> C9 leave
0 C: n9 C7 j( s9 b6 I; t/ a) `004013CF \\. C3 retn + ?4 ] @. X5 N0 d1 h
004013D0 .- FF25 AC304000 jmp dword ptr [<&msvcrt._fmode>] ; msvcrt._fmode ) l4 I. P5 J" F) h8 O/ c1 A4 w
004013D6 90 nop 7 A6 H" m0 l8 [5 j8 g$ Q
004013D7 90 nop / C/ z; S$ Q6 a- {7 G
004013D8 .- FF25 B4304000 jmp dword ptr [<&msvcrt._iob>] ; msvcrt._iob & D/ n3 H, b0 U& r+ _
004013DE 90 nop 8 U' u$ E: W) w8 [3 x
004013DF 90 nop 0 f: g- Q3 ^! s3 y6 X. l% b
004013E0 .- FF25 DC304000 jmp dword ptr [<&msvcrt.__set_app_ty>; msvcrt.__set_app_type , b. J6 h4 i& ~% g2 i
004013E6 90 nop 7 [$ q" E6 d _: T/ j1 N: ]
004013E7 90 nop
/ e+ z( B$ E* P* k2 Q& ~004013E8 $- FF25 A4304000 jmp dword ptr [<&msvcrt._cexit>] ; msvcrt._cexit , w. O* K9 Y. w- E z3 o, l
004013EE 90 nop
( p* V& e5 x! j" c2 h004013EF 90 nop & W1 @, s" U8 R5 r8 V$ w/ \
004013F0 $- FF25 D0304000 jmp dword ptr [<&msvcrt.__p__environ>; msvcrt.__p__environ * @1 c/ F) i3 O" w+ F) G5 p( X
004013F6 90 nop
. E/ s( p8 O1 j8 P5 \# U1 {- b0 i004013F7 90 nop 6 S6 o S0 p8 J1 \4 l
004013F8 $- FF25 B0304000 jmp dword ptr [<&msvcrt._fpreset>] ; msvcrt._fpreset 7 u1 C( I, W$ a# x( v- l4 L: d* L6 m
004013FE 90 nop
5 O8 y8 X2 \) |4 W. |5 j004013FF 90 nop
% h4 k& A3 Z: d" Y00401400 $- FF25 D8304000 jmp dword ptr [<&msvcrt.signal>] ; msvcrt.signal 7 X5 ?: l/ h9 Q9 `! z
00401406 90 nop 0 V3 D5 t5 S" T3 W- Q* n
00401407 90 nop
) d6 Q7 K _9 Y. ~00401408 $- FF25 A8304000 jmp dword ptr [<&msvcrt._fileno>] ; msvcrt._fileno / u- T3 \9 t; W, G b6 s3 h
0040140E 90 nop
2 z2 e5 }% I7 i% |% C; U- O0040140F 90 nop % e( @; Q, u ~: a0 }8 F2 ]
00401410 $- FF25 B8304000 jmp dword ptr [<&msvcrt._setmode>] ; msvcrt._setmode
+ H% ?0 A1 r% x+ X8 q& y00401416 90 nop
+ A: a8 u4 r+ ~* @$ n00401417 90 nop
1 ^& W9 O& J% O00401418 $- FF25 BC304000 jmp dword ptr [<&msvcrt.__getmainarg>; msvcrt.__getmainargs 1 W8 q* M4 X2 ?7 |! B4 L
0040141E 90 nop . b/ E+ O; B& r* Y* u2 S x
0040141F 90 nop
% b& J3 r |& s5 v1 F00401420 $- FF25 CC304000 jmp dword ptr [<&msvcrt.fputc>] ; msvcrt.putc 0 J# X2 a9 F, y. m% d+ A7 k2 w
00401426 90 nop 9 i- } B) O5 V! \
00401427 90 nop
" t! `; E$ {, J5 z- T6 s00401428 $- FF25 C4304000 jmp dword ptr [<&msvcrt.fgetc>] ; msvcrt.getc , T: s, C: e% u
0040142E 90 nop 7 f( a" x9 [/ L3 u
0040142F 90 nop : |1 W# h: j& s9 s/ R5 {
00401430 $- FF25 D4304000 jmp dword ptr [<&msvcrt.printf>] ; msvcrt.printf
. W2 z k5 h% l; ^00401436 90 nop 3 D3 f+ m( x7 u; R: c
00401437 90 nop
& l( e+ P5 h, \2 h9 v' ~00401438 $- FF25 C8304000 jmp dword ptr [<&msvcrt.fopen>] ; msvcrt.fopen + ^- Z. a" u$ l6 w7 C' t( c
0040143E 90 nop
7 R1 y; p' J7 s6 l0040143F 90 nop
x5 L3 W5 Y4 l1 I' [3 }00401440 $- FF25 C0304000 jmp dword ptr [<&msvcrt.atexit>] ; msvcrt.atexit $ w/ }( s' B' J: ?. j0 ^1 X( R
00401446 90 nop 4 l4 }. @! _% z2 y' n9 E
00401447 90 nop
. Z2 F% j- Q! i1 z( a3 s00401448 $- FF25 98304000 jmp dword ptr [<&KERNEL32.SetUnhandl>; kernel32.SetUnhandledExceptionFilter
" M3 ]! r6 L8 E; c7 r0040144E 90 nop
2 ~4 j" X1 G) [' ]: h9 H! G% ?0040144F 90 nop
" g% D B! `+ ]# h5 n00401450 .- FF25 94304000 jmp dword ptr [<&KERNEL32.ExitProces>; kernel32.ExitProcess
% ~6 f# {4 [' g- i A- U00401456 90 nop - J4 H V7 N* F. d( @
00401457 90 nop
1 L0 d8 f! C& A" `# q9 m! ^00401458 . FFFFFFFF dd FFFFFFFF
, e& \7 @4 G/ g1 c6 H r0 Y( h0040145C . 00000000 dd 00000000
5 x$ \% z) Y0 k) M00401460 FF db FF ' w% d# o$ q3 e2 q) w! n7 ~/ ^
00401461 FF db FF 6 `" u- l/ d* u) }
00401462 FF db FF 8 i& R# r( Y( l. L
00401463 FF db FF
, Q2 @8 ?4 p @1 [' Q/ h00401464 00 db 00
( z% W# z" e1 _1 @# L) |( i! {00401465 00 db 00 - n$ P" P/ N" }) t( M8 @8 M3 b
00401466 00 db 00
+ `. h6 p$ P+ c+ m1 M! R00401467 00 db 00 |
发表于 2009-10-8 17:41
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
发表于 2009-10-10 19:10
楼主
