由于这个程序很短,OD里面的汇编代码也很短。
' e- Q6 K1 Z) r! \" E请看红色的部分,这就是和0x80比较的部分。 $ N6 Y0 E" F8 D/ n; l1 { S
把这2句NOP掉,然后保存修改后的文件为exe。 ' k6 ` z# L9 J# E- I2 t
我们发现input.txt里面的所有内容都能被输出了。
! }& J. A' V; ?附上修改后的exe.
7 J) [8 J- G; \' L, V* H深绿,你可以把这个操作过程试一下,练习一下. ) I& G+ r. u3 B! p* ]/ w' d7 w4 s
( [- L/ o+ g! _' s( T; F: ]
00401000 /$ 55 push ebp
% T4 o7 D( P, }; L# r3 S/ k00401001 |. 89E5 mov ebp, esp . v1 p$ |2 r# h/ `, U$ J. f# v
00401003 |. 83EC 18 sub esp, 18
; @0 t4 x; J3 M9 f) E/ e! q00401006 |. C745 FC 00000>mov dword ptr [ebp-4], 0
$ L% B3 X2 ^+ v0040100D |. 83C4 F4 add esp, -0C - Z# t: B k& ~4 d% R; e
00401010 |. 8D45 FC lea eax, dword ptr [ebp-4]
) a+ Q: H9 a8 J/ X3 S00401013 |. 50 push eax 6 f: Y( \0 `% F& m- l
00401014 |. FF35 08204000 push dword ptr [402008]
# b3 ^/ d. H3 u3 G5 B0040101A |. 8D45 F8 lea eax, dword ptr [ebp-8] 7 ^( N9 E) @) q9 g* }& F
0040101D |. 50 push eax
) b1 A* f$ q ~0 ?- ]0040101E |. 68 04204000 push 00402004
0 H% Q2 n4 B6 V00401023 |. 68 00204000 push 00402000 " n; Q3 u0 m$ i1 M. c/ H5 @
00401028 |. E8 EB030000 call <jmp.&msvcrt.__getmainargs> 9 E9 L F8 {6 D+ }5 Z' b
0040102D |. C9 leave : ^6 C* c8 j0 b3 i" B/ D& s( w
0040102E \\. C3 retn # @/ H6 {4 s8 e7 N9 F" \
0040102F 90 nop 1 G6 g' ] f |1 x, d
00401030 /$ 55 push ebp ) W2 D7 y8 `* u* I+ N* F" @% r
00401031 |. 89E5 mov ebp, esp ( R# V: Q& O6 u# i/ z/ I
00401033 |. 83EC 08 sub esp, 8 1 g5 X4 l0 Z3 [' O
00401036 |. 8B15 0C204000 mov edx, dword ptr [40200C]
( m, U& t) s' B/ m5 D$ |; S- X0040103C |. 85D2 test edx, edx 3 z7 x$ C4 b7 m
0040103E |. 74 7B je short 004010BB ( S, u3 Z3 v5 B; ]& B
00401040 |. A1 AC304000 mov eax, dword ptr [<&msvcrt._fmode>>
) r2 I4 C; q. u/ ?+ ]/ A00401045 |. 8910 mov dword ptr [eax], edx
+ Y A: f' I* V2 f/ [1 @+ n3 [9 |00401047 |. A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>]
. Y2 c( y+ B; o0040104C |. 85C0 test eax, eax & D* ]5 K M6 I
0040104E |. 74 1E je short 0040106E
* p' P/ x( N1 E) D8 y. d00401050 |. 83C4 F8 add esp, -8
/ u F$ ^. c$ `, ^2 D% |* R00401053 |. FF35 0C204000 push dword ptr [40200C] 5 S# u$ O: W" n% c, V
00401059 |. 83C4 F4 add esp, -0C & D% M) c! N# d5 b3 {
0040105C |. 50 push eax ; /pstream => offset msvcrt._iob 3 X0 ?2 E1 }% P' `% G
0040105D |. E8 A6030000 call <jmp.&msvcrt._fileno> ; \\_fileno
% v+ o1 W2 Q2 Z1 d% J/ r" u+ R9 Q00401062 |. 83C4 10 add esp, 10 + x! W, G* S9 \
00401065 |. 50 push eax ; |handle
6 j) o4 J/ y! d+ N1 D00401066 |. E8 A5030000 call <jmp.&msvcrt._setmode> ; \\_setmode
1 i2 B4 P) I5 u! w2 e( o0040106B |. 83C4 10 add esp, 10
% _1 y4 @6 c& e# g" W( U0040106E |> A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>]
6 h$ l$ i# \; P3 ]5 e! M! W00401073 |. 83C0 20 add eax, 20 9 h0 J1 R( _5 D" R8 u
00401076 |. 74 1E je short 00401096
" {. B/ f# |) L8 j00401078 |. 83C4 F8 add esp, -8 v2 m$ I9 @ I1 I8 e9 w5 d# J* o" d; g
0040107B |. FF35 0C204000 push dword ptr [40200C] 8 U$ g! B' O3 A9 d2 C: P
00401081 |. 83C4 F4 add esp, -0C
; Z4 D# s: d+ }: v( G00401084 |. 50 push eax ; /pstream & c( y0 G" w% i' p# y
00401085 |. E8 7E030000 call <jmp.&msvcrt._fileno> ; \\_fileno $ [/ Q/ x6 M* b4 ]/ t C
0040108A |. 83C4 10 add esp, 10
3 J& I. A6 N" T A9 E7 X0040108D |. 50 push eax ; |handle ' u- A7 `6 V2 z
0040108E |. E8 7D030000 call <jmp.&msvcrt._setmode> ; \\_setmode
. c& ?7 p3 P' j! c# k' K# P+ G/ N6 q00401093 |. 83C4 10 add esp, 10 * A# ^; x2 S6 |+ `7 {! B
00401096 |> A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>]
; A1 U. ]# L ?6 v) h/ w- m0040109B |. 83C0 40 add eax, 40
8 z2 z' M4 ~0 U9 ~0040109E |. 74 1B je short 004010BB
3 f8 ^- r) [+ y$ W004010A0 |. 83C4 F8 add esp, -8
' \* b) Y+ c, W9 O# M004010A3 |. FF35 0C204000 push dword ptr [40200C]
% \7 C, R/ _- q8 P# r" J0 h t( C: |004010A9 |. 83C4 F4 add esp, -0C
/ w- h2 F6 K( f004010AC |. 50 push eax ; /pstream - u9 ?3 k5 b; u, a9 A; A) E" E5 v7 p8 K
004010AD |. E8 56030000 call <jmp.&msvcrt._fileno> ; \\_fileno # R( i2 {( Z' ?" O4 E' q
004010B2 |. 83C4 10 add esp, 10 " a4 L; T/ g/ L- @0 P! i1 J
004010B5 |. 50 push eax ; |handle
" q- d+ `: `, ? l) I004010B6 |. E8 55030000 call <jmp.&msvcrt._setmode> ; \\_setmode
2 X. ]0 F% q' y0 M3 A; n0 u, H004010BB |> C9 leave
; C( \" A6 f/ K, { h+ ?; i& ?7 h004010BC \\. C3 retn
: N) O+ _7 B* R8 f, e' A7 o004010BD 8D76 00 lea esi, dword ptr [esi]
: \1 G1 ?+ K: q0 V0 t* V3 z' d6 F004010C0 /. 55 push ebp
7 e( ?. i/ k* `8 x# `* p; T) T004010C1 |. 89E5 mov ebp, esp * @2 ?" `% I2 H6 l& e
004010C3 |. 83EC 10 sub esp, 10
( E# Z& m8 e3 n7 I3 Q* z004010C6 |. 56 push esi
8 @% c! T& d8 ^004010C7 |. 53 push ebx 4 m+ z4 x2 }) W% J7 K, [$ a' ^
004010C8 |. 8B45 08 mov eax, dword ptr [ebp+8] 3 j0 }1 o1 E, z6 g
004010CB |. 31DB xor ebx, ebx . t9 T* O" b7 s
004010CD |. 31F6 xor esi, esi $ j$ }3 n" _" @6 C) g2 w: x
004010CF |. 8B00 mov eax, dword ptr [eax] * g% V2 z& f K: i; i4 u
004010D1 |. 8B00 mov eax, dword ptr [eax]
/ [1 t: Z( J, c004010D3 |. 3D 910000C0 cmp eax, C0000091
6 w* K G( y V# f& `004010D8 |. 77 16 ja short 004010F0
" N7 {# K4 J7 u; t1 ~004010DA |. 3D 8D0000C0 cmp eax, C000008D ; t4 |* R& k1 h5 k8 y0 d
004010DF |. 73 4F jnb short 00401130
! }+ F4 {! i* V" u! k004010E1 |. 3D 050000C0 cmp eax, C0000005
* I; [: M* L( V. _; o# S004010E6 |. 74 18 je short 00401100
8 _' t I7 ^" v/ m8 I, ^3 Q6 O# n004010E8 |. E9 86000000 jmp 00401173
- A( X2 e$ r! F* ]- u: k: Y004010ED | 8D76 00 lea esi, dword ptr [esi] : C! j% }4 h0 o) E. w
004010F0 |> 3D 930000C0 cmp eax, C0000093
" D- C8 ^) A' c2 k/ r6 q% B004010F5 |. 74 39 je short 00401130
r/ S% d8 i R5 q7 [' \3 R& ~, |004010F7 |. 3D 940000C0 cmp eax, C0000094 % M2 a" X- P) s4 @' u1 _
004010FC |. 74 37 je short 00401135 6 ]5 S% h7 [5 |* r
004010FE |. EB 73 jmp short 00401173
" l4 Z( h: |- t00401100 |> 83C4 F8 add esp, -8
0 g! _+ Z7 ?# m8 m& @% E8 \00401103 |. 6A 00 push 0 ; /func = NULL / f4 S, q: W+ S" s
00401105 |. 6A 0B push 0B ; |sig = SIGSEGV
@4 {) w5 ]7 l00401107 |. E8 F4020000 call <jmp.&msvcrt.signal> ; \\signal
( J( X+ g. _0 Q3 `1 s% _7 w# k' L8 b0040110C |. 83C4 10 add esp, 10
" t4 L" S2 y( Q4 @: n5 N0040110F |. 83F8 01 cmp eax, 1 - ~+ S3 S; [2 G0 _
00401112 |. 75 0E jnz short 00401122
) J% w5 A) z+ l3 b00401114 |. 83C4 F8 add esp, -8
' L2 R5 T' j" e0 F0 y00401117 |. 6A 01 push 1 ; /func = 00000001
; q& V* g& r* j$ {1 L* Y00401119 |. 6A 0B push 0B ; |sig = SIGSEGV ' `; g# x/ C0 _4 L; l' ^
0040111B |. E8 E0020000 call <jmp.&msvcrt.signal> ; \\signal
/ p$ F0 V# ]. B# q00401120 |. EB 4C jmp short 0040116E
% Y9 Q2 X3 A- g* Q3 I5 I00401122 |> 85C0 test eax, eax , y1 K* l9 D+ N
00401124 |. 74 4D je short 00401173
6 H. d- ~7 {. ]00401126 |. 83C4 F4 add esp, -0C 4 {% ^7 K1 u" r7 b6 e
00401129 |. 6A 0B push 0B 4 H) q/ }0 J4 Q" Q" T5 _- o& H
0040112B |. EB 3F jmp short 0040116C
9 L& n+ n7 v+ q8 q0040112D | 8D76 00 lea esi, dword ptr [esi]
5 g: i; ?/ H5 c# V% r00401130 |> BE 01000000 mov esi, 1
5 ^/ o& ]$ S6 C5 F& {+ v# ?00401135 |> 83C4 F8 add esp, -8
! G1 Z7 N t" i00401138 |. 6A 00 push 0 ; /func = NULL * r% c2 B7 e0 P9 }) v! {
0040113A |. 6A 08 push 8 ; |sig = SIGFPE . b* v v& i8 U$ I2 m+ C4 f c
0040113C |. E8 BF020000 call <jmp.&msvcrt.signal> ; \\signal
% m" ~3 x5 P8 U7 x: U+ P# \' v2 H4 i00401141 |. 83C4 10 add esp, 10 : t, Z$ @! G& d: d% R. B; F
00401144 |. 83F8 01 cmp eax, 1 - P8 P; A- e2 W7 E9 E# f
00401147 |. 75 1A jnz short 00401163
9 [# G- ]* e% u5 B# v) [00401149 |. 83C4 F8 add esp, -8 $ @. }6 _8 M( x2 {+ w
0040114C |. 6A 01 push 1 ; /func = 00000001
+ K$ w0 x3 o; l' n0040114E |. 6A 08 push 8 ; |sig = SIGFPE
+ i; l% v* n0 z. f Z: {00401150 |. E8 AB020000 call <jmp.&msvcrt.signal> ; \\signal 9 q& I# Y3 b+ d( h
00401155 |. 83C4 10 add esp, 10 / p8 `. j/ e' \' b' l' I
00401158 |. 85F6 test esi, esi
* }* @ I" \6 W* {0040115A |. 74 12 je short 0040116E
8 ^ g1 d+ ]1 j \0040115C |. E8 97020000 call <jmp.&msvcrt._fpreset> ; [_fpreset - l: R' O- _6 i6 C8 I2 y
00401161 |. EB 0B jmp short 0040116E
7 W4 J* _/ |) ^# c/ P1 x8 l00401163 |> 85C0 test eax, eax
8 z5 i- \9 j- R3 z00401165 |. 74 0C je short 00401173 ' T$ h8 r$ a% n% ]& l+ Z$ g
00401167 |. 83C4 F4 add esp, -0C + S( A8 p$ p# R) n2 S& w- d
0040116A |. 6A 08 push 8
/ e s: t8 M& \8 ]+ `0040116C |> FFD0 call eax ) u; z7 f8 [# u4 e5 L- R1 X3 z# \3 x
0040116E |> BB FFFFFFFF mov ebx, -1
. C: o* V/ P# H7 q# m% Y00401173 |> 89D8 mov eax, ebx . _) m5 C S1 P) g( E
00401175 |. 8D65 E8 lea esp, dword ptr [ebp-18] # Z! q% U! j- o
00401178 |. 5B pop ebx 3 L8 H8 B" E0 G1 y
00401179 |. 5E pop esi
6 h# h) X( y1 x! p8 b: n0040117A |. C9 leave 4 G7 r7 M$ I* p( n$ q, \( i) l' x
0040117B \\. C2 0400 retn 4
$ Q" A+ I& P. S0 _# K0040117E 89F6 mov esi, esi , b Y/ C; o' a- B7 _( c5 ^
00401180 /$ 55 push ebp
6 |& t6 h8 r8 l* b9 X& l, F7 s00401181 |. 89E5 mov ebp, esp
. r1 |( \- z* E, w- q0 g; @00401183 |. 83EC 14 sub esp, 14 $ w6 J* O$ {5 D
00401186 |. 53 push ebx ! B* H. _6 a1 ], P- A, c) u
00401187 |. 83C4 F4 add esp, -0C ' S5 @5 F; Z# Z
0040118A |. 68 C0104000 push 004010C0 ; /pTopLevelFilter = engoutpu.004010C0 1 }( \+ r, H4 W
0040118F |. E8 B4020000 call <jmp.&KERNEL32.SetUnhandledExcep>; \\SetUnhandledExceptionFilter
1 }5 Q* X2 p! f& U' @; n00401194 |. 83C4 FC add esp, -4
% @; L+ x0 T; s r00401197 |. E8 5C020000 call <jmp.&msvcrt._fpreset> ; [_fpreset " W% t5 U6 {% C
0040119C |. E8 5FFEFFFF call 00401000 ; H& w1 ^4 N6 K1 `, [$ j, R! d: ^
004011A1 |. E8 8AFEFFFF call 00401030
# H: r6 X$ L- `( Y1 e# D8 {004011A6 |. 83C4 FC add esp, -4
1 _ B- v1 R5 c; Y004011A9 |. E8 42020000 call <jmp.&msvcrt.__p__environ>
9 ~: A ?6 Z- ?2 _& @004011AE |. FF30 push dword ptr [eax]
* v% K; E4 \9 S! s' s5 I7 p2 O1 M9 a004011B0 |. FF35 04204000 push dword ptr [402004]
& l* a! A3 A9 n: Y f# z004011B6 |. FF35 00204000 push dword ptr [402000] X @# E% Z) X. Y9 A2 i
004011BC |. E8 AB000000 call 0040126C 0 t; p7 f6 b1 q4 N4 V1 }
004011C1 |. 89C3 mov ebx, eax
6 } J% ^/ p( U" `004011C3 |. 83C4 20 add esp, 20 # U) `) ~ c/ j' p% \; K5 W; X
004011C6 |. E8 1D020000 call <jmp.&msvcrt._cexit> ; [msvcrt._cexit
1 V' o) M5 d. ]) \& u2 Z3 ~( G004011CB |. 83C4 F4 add esp, -0C
7 l. `$ x" L( D% ~5 @ `* O004011CE |. 53 push ebx ; /ExitCode
. `% a( Y& X, H8 `, _6 h004011CF \\. E8 7C020000 call <jmp.&KERNEL32.ExitProcess> ; \\ExitProcess
7 I) d, M+ t- v, D$ T+ u/ b* K004011D4 >/$ 55 push ebp
0 Z4 o9 C# U, O3 }& x004011D5 |. 89E5 mov ebp, esp + D$ I4 T8 I5 v3 g
004011D7 |. 83EC 08 sub esp, 8
7 J8 x' L9 w/ N, h( S004011DA |. 83C4 F4 add esp, -0C
}2 ]% H5 Y. b, f' `004011DD |. 6A 01 push 1 * z. ~( Q- O" A/ T+ g" | c& J9 v6 L
004011DF |. A1 DC304000 mov eax, dword ptr [<&msvcrt.__set_a> 9 O( _* M: h# A8 {9 G7 ^
004011E4 |. FFD0 call eax ; <&msvcrt.__set_app_type>
1 ?7 l6 F$ B' G8 ^! h: y' L+ p004011E6 |. E8 95FFFFFF call 00401180
$ C4 L- A% t+ k+ Y2 t004011EB |. 31C0 xor eax, eax % s$ ~9 l8 G6 e
004011ED |. C9 leave
) I& h8 j3 w. V( }004011EE \\. C3 retn
1 F( V+ N) a# j O7 z* ]004011EF 90 nop
- P! W7 J2 l4 `004011F0 /. 55 push ebp 5 J+ g; _0 i8 E" I, H) m
004011F1 |. 89E5 mov ebp, esp j" \2 r9 D3 B' o$ C5 ^2 i
004011F3 |. 83EC 08 sub esp, 8 , L b) M1 {0 G9 Q) @4 V
004011F6 |. 83C4 F4 add esp, -0C 7 a1 K# n9 |8 J& X
004011F9 |. 6A 02 push 2
' d+ L, B6 _& D# d8 Y2 `, x7 \004011FB |. A1 DC304000 mov eax, dword ptr [<&msvcrt.__set_a>
& i' H- N h( s: }& X4 z00401200 |. FFD0 call eax ; <&msvcrt.__set_app_type>
$ n4 c- q# g1 ?" P- K% V00401202 |. E8 79FFFFFF call 00401180 2 k, _/ m H: h
00401207 |. C9 leave
# B0 Q9 N7 @' a3 P. P6 {3 w4 |00401208 \\. C3 retn
. d9 M, ~' W6 r4 Y8 ~) R00401209 00 db 00
: o: r4 T0 u' @- W3 P0 y i0040120A 00 db 00
( v7 Q* K4 x4 q+ y5 Q' [0040120B 00 db 00
$ k' s; `6 t# u9 d, T0040120C 00 db 00 + I, M" j, l3 l9 j
0040120D 00 db 00 ! A; C& C& T: k- T
0040120E 00 db 00 2 Z: J, ]2 F; C9 Y8 D2 J
0040120F 00 db 00 5 w. N( E3 V, `. }$ {
00401210 72 db 72 ; CHAR 'r'
& w" c- U% y0 a$ V \* I% R00401211 00 db 00 ' s# I# ?" b7 \
00401212 . 69 6E 70 75 7>ascii "input.txt",0
- J0 L5 s- A- S7 H4 F. }8 I0040121C . 43 61 6E 27 7>ascii "Can't Find input" ' F; p9 p5 A2 O+ R) ?
0040122C . 2E 74 78 74 2>ascii ".txt!",0
* n* u9 K. M7 }- f h' i" ?00401232 77 db 77 ; CHAR 'w'
; {* J% O7 l' K+ e: f' M* x3 R# g00401233 00 db 00 8 I7 k* s9 ?! W! H
00401234 . 6F 75 74 70 7>ascii "output.txt",0
' _1 K! H0 h! x8 H0040123F . 43 61 6E 27 7>ascii "Can't Create out" 8 ~5 m3 l9 O) s# H
0040124F . 70 75 74 2E 7>ascii "put.txt!",0 $ A) A. i% u' y- M
00401258 . 6F 6E 65 20 6>ascii "one char outpute"
. h/ G! U$ G, w' B3 i- O- ]! {$ F00401268 . 64 0A 00 ascii "d . ^8 |% j3 N1 B3 H
",0
2 i3 D% P; Y" N$ k; \0040126B 90 nop " T6 \3 {; H/ c% [ d& ]
0040126C /$ 55 push ebp " q5 \0 o2 ~. g2 c0 `# g' P
0040126D |. 89E5 mov ebp, esp : ?5 `4 x& R" P" @: A/ I
0040126F |. 83EC 18 sub esp, 18
% j" P( \# h. i9 ]00401272 |. E8 39010000 call 004013B0 ' W0 s. H, E# r
00401277 |. 83C4 F8 add esp, -8 : y' t" b5 X/ {- o& u2 v
0040127A |. 68 10124000 push 00401210 ; /mode = "r"
+ P2 s9 b- B M4 [0040127F |. 68 12124000 push 00401212 ; |path = "input.txt" / `3 K+ L1 Y/ W
00401284 |. E8 AF010000 call <jmp.&msvcrt.fopen> ; \\fopen
9 J3 y8 i0 ]1 a% Y% K$ P/ G00401289 |. 83C4 10 add esp, 10 % _4 V: }% c( P a5 o: h/ f- d
0040128C |. 89C0 mov eax, eax / q( D5 h3 h( Z
0040128E |. 8945 FC mov dword ptr [ebp-4], eax
% p1 _2 [( A6 P00401291 |. 837D FC 00 cmp dword ptr [ebp-4], 0 1 Y# O8 R/ V* |" G1 S, t6 o
00401295 |. 75 10 jnz short 004012A7 ' f% M0 D, M* }8 y5 Y6 m
00401297 |. 83C4 F4 add esp, -0C 6 p4 G9 _- s7 c" L
0040129A |. 68 1C124000 push 0040121C ; /format = "Can't Find input.txt!"
1 M/ p, d; {# j; E( c8 j$ ^4 T0040129F |. E8 8C010000 call <jmp.&msvcrt.printf> ; \\printf
' x& |7 }1 U( }5 ?; z004012A4 |. 83C4 10 add esp, 10 % ~ x& C, c) ~+ G9 t
004012A7 |> 83C4 F8 add esp, -8
( _+ i$ b* S' o. e* ]" ~- A# C! F5 ^6 \004012AA |. 68 32124000 push 00401232 ; /mode = "w" 2 R$ W% O7 b6 o3 H: i, u2 a- s
004012AF |. 68 34124000 push 00401234 ; |path = "output.txt" 8 E1 y4 D0 |* H. x0 r, _: i$ R
004012B4 |. E8 7F010000 call <jmp.&msvcrt.fopen> ; \\fopen b8 }9 K) y" [
004012B9 |. 83C4 10 add esp, 10
' V p8 c, h; T4 j& j8 r- U6 f004012BC |. 89C0 mov eax, eax
. t4 g! t+ I. Q& y5 x' N9 p8 x004012BE |. 8945 F8 mov dword ptr [ebp-8], eax
" e9 I3 b" @/ ?* m' n( }+ f4 n k004012C1 |. 837D F8 00 cmp dword ptr [ebp-8], 0 1 @# |: t# A' a
004012C5 |. 75 10 jnz short 004012D7 3 e* J6 [' L% L' U/ X+ I1 I& ~$ [
004012C7 |. 83C4 F4 add esp, -0C
) ^$ V- n' N. a004012CA |. 68 3F124000 push 0040123F ; /format = "Can't Create output.txt!" 9 h" B+ \: V! i& n
004012CF |. E8 5C010000 call <jmp.&msvcrt.printf> ; \\printf
+ B! e: }- X+ A- M004012D4 |. 83C4 10 add esp, 10 " |8 D7 H4 I: q/ u5 R
004012D7 |> 83C4 F4 /add esp, -0C
1 X- h! i# f: F2 f004012DA |. 8B45 FC |mov eax, dword ptr [ebp-4]
" d& N: Q- D$ T0 B004012DD |. 50 |push eax ; /stream 3 z2 h# k! n j2 Q
004012DE |. E8 45010000 |call <jmp.&msvcrt.fgetc> ; \\fgetc , Q& _1 B! |# {: ~( d M: A
004012E3 |. 83C4 10 |add esp, 10 6 o/ y( R* T) N: d7 O: h
004012E6 |. 89C0 |mov eax, eax 8 m8 u. o+ {, f$ f/ X1 Z
004012E8 |. 8945 F4 |mov dword ptr [ebp-C], eax 4 v; _/ M& `( L' d6 \: M1 U
004012EB |. 817D F4 80000>|cmp dword ptr [ebp-C], 80
. M! f$ f! ]2 p" j004012F2 |. 7F 23 |jg short 00401317
9 Z3 f9 ?8 p- @, q% t r0 B& J! r5 ]004012F4 |. 83C4 F8 |add esp, -8 " d$ O. P& k* E5 c2 @3 G
004012F7 |. 8B45 F8 |mov eax, dword ptr [ebp-8]
1 M' D( p! \; U( v/ U004012FA |. 50 |push eax ; /stream 5 n' c" m; r2 K/ O! m4 o
004012FB |. 8B45 F4 |mov eax, dword ptr [ebp-C] ; | 4 h7 |! V$ o& f6 \. T0 v& h+ [3 I
004012FE |. 50 |push eax ; |c : }7 c) K3 ]) E+ K2 v: G& n' J
004012FF |. E8 1C010000 |call <jmp.&msvcrt.fputc> ; \\fputc
; i N% X9 b1 I( j+ \2 t00401304 |. 83C4 10 |add esp, 10
4 e; ]$ B% U4 V4 u00401307 |. 83C4 F4 |add esp, -0C : P: W5 Q4 C; o/ P" R- K6 T/ }
0040130A |. 68 58124000 |push 00401258 ; /format = "one char outputed",LF,"" 3 H( ?) s1 i& Y5 ?% s4 W* w6 {
0040130F |. E8 1C010000 |call <jmp.&msvcrt.printf> ; \\printf ! @( L4 V+ H- |8 `% q% H
00401314 |. 83C4 10 |add esp, 10 4 E( ?; b; b2 Q) U+ i
00401317 |> 837D F4 FF |cmp dword ptr [ebp-C], -1 , a* j0 g4 ]0 C, U2 ~; K" P4 h
0040131B |. 75 03 |jnz short 00401320
( _0 u9 c4 Z9 D0040131D |. EB 03 |jmp short 00401322
) q% }+ c! t: l0 p/ y5 u0040131F | 90 |nop
* a, k. @+ t' F00401320 |>^ EB B5 \\jmp short 004012D7
0 l9 r6 ^+ d1 J00401322 |> C9 leave
* U; f8 h/ |5 q% k! T+ p00401323 \\. C3 retn
% l2 j( g# ^" ^) L- Y$ u00401324 00 db 00 ) S" N( d( c! X
00401325 00 db 00 6 S% j3 g" x$ E* r/ }# _9 a5 x* v( c
00401326 00 db 00 . N; g7 O) u4 Q# \+ H1 @0 ^
00401327 00 db 00 6 Q4 [7 q6 U2 ~, c) S* m5 b
00401328 00 db 00 9 d! K2 _7 V2 G1 J( X( W( B+ ~
00401329 00 db 00
5 {% E: B. U1 Q. J0040132A 00 db 00 2 Z3 E" g/ y" s7 ~" u
0040132B 00 db 00
f5 A5 o/ n1 K+ C1 S J0040132C 00 db 00 5 X. [/ N) a, P7 _/ M$ y& {
0040132D 00 db 00 ' _7 X- @0 l+ }- s
0040132E 00 db 00
8 @' l& [! Q, \0040132F 00 db 00
5 W; ]2 Q" z/ n Z( d i+ Q7 s00401330 /. 55 push ebp ) H0 y' h; U( V3 Z
00401331 |. 89E5 mov ebp, esp % L5 b. e; H- U4 i; b( G% h% H
00401333 |. 83EC 08 sub esp, 8
7 h& X% }2 e. u' _/ w00401336 |. A1 10204000 mov eax, dword ptr [402010] + Q8 x+ o! t' L- w) r" }. m5 p
0040133B |. 8338 00 cmp dword ptr [eax], 0 ) @2 u# n, M: B9 ^2 y
0040133E |. 74 1D je short 0040135D
: p5 J: X; h; q# E. X( C00401340 |> A1 10204000 /mov eax, dword ptr [402010]
% C( f; B( t& z( ?00401345 |. 8B00 |mov eax, dword ptr [eax] 0 b( u2 t. w; k- v3 d% L. q# B/ a0 `* k
00401347 |. FFD0 |call eax
& Y" `- D2 `9 g, d8 C# i00401349 |. A1 10204000 |mov eax, dword ptr [402010]
: R1 M' A& T: S# h5 G0040134E |. 8D50 04 |lea edx, dword ptr [eax+4]
+ @; n7 d. Q1 a0 f2 `* C00401351 |. 8915 10204000 |mov dword ptr [402010], edx 8 ^2 M: C! k4 I. @! }
00401357 |. 8378 04 00 |cmp dword ptr [eax+4], 0 $ F7 l/ H7 o; g( A& j
0040135B |.^ 75 E3 \\jnz short 00401340
c% \+ R0 o- X. v) d1 {/ e0040135D |> C9 leave
# Q' X1 v4 \/ w9 {* {0040135E \\. C3 retn % M0 g7 B% u7 g" g
0040135F 90 nop " y+ ]2 G: M2 T' X+ l* y/ j* U R
00401360 /$ 55 push ebp / m, l# I# D% `
00401361 |. 89E5 mov ebp, esp : J Q' e1 ? ^6 [+ X
00401363 |. 83EC 14 sub esp, 14
- ^" ^/ I) j+ I% d9 m* n00401366 |. 53 push ebx
, e% f8 u' g3 k: q2 w+ R5 Q00401367 |. A1 58144000 mov eax, dword ptr [401458] # x- v/ z4 W1 l* i4 D- v
0040136C |. 83F8 FF cmp eax, -1 $ F$ K2 A* \( {/ k
0040136F |. 75 19 jnz short 0040138A
6 _/ o2 r1 Y% g00401371 |. 31C0 xor eax, eax # n \: c- v! e
00401373 |. 833D 5C144000>cmp dword ptr [40145C], 0 $ t& Y2 B6 H- e) E [- u
0040137A |. 74 0E je short 0040138A
- P; P1 s& j% g1 Z2 _! n0040137C |. BA 5C144000 mov edx, 0040145C / J% u, z: }; R* E
00401381 |> 83C2 04 /add edx, 4 * N/ W% y3 N* g7 o, Y0 ^7 o
00401384 |. 40 |inc eax
. m( {6 k- w" [9 S00401385 |. 833A 00 |cmp dword ptr [edx], 0 ! E% {0 v n2 t: e
00401388 |.^ 75 F7 \\jnz short 00401381
! c# J |4 W' B$ Z4 ~5 q0040138A |> 89C3 mov ebx, eax , k2 C( h, T0 j: S. k
0040138C |. 85DB test ebx, ebx
! e- n5 T/ U0 n. S0040138E |. 74 0C je short 0040139C
9 C$ M$ k8 ?* p6 T( G4 G8 k3 D00401390 |> 8B049D 581440>/mov eax, dword ptr [ebx*4+401458] 5 H3 ~4 } k, t. Y n, V) Z$ }. @
00401397 |. FFD0 |call eax
5 ~6 J6 r8 c. ?7 X& h4 o1 u! B0 `00401399 |. 4B |dec ebx
" }2 c- L5 B K% B# ]/ \+ d0040139A |.^ 75 F4 \\jnz short 00401390 - P p' O2 }4 {1 i
0040139C |> 83C4 F4 add esp, -0C ( ?" w/ N5 J+ F7 Z, }) \
0040139F |. 68 30134000 push 00401330 ; /func = engoutpu.00401330
- k j8 f8 q9 n8 F- V2 q004013A4 |. E8 97000000 call <jmp.&msvcrt.atexit> ; \\atexit
) [4 y5 e" U6 K4 r, c/ a1 o& y( h1 ]004013A9 |. 8B5D E8 mov ebx, dword ptr [ebp-18]
) v; B. b0 _. K) I" O+ G" l004013AC |. C9 leave
8 n1 t( \* ^7 p$ W004013AD \\. C3 retn : x, M/ N8 I2 s) t5 h. l
004013AE 89F6 mov esi, esi
8 T2 w5 y8 }0 x4 J- E0 j004013B0 /$ 55 push ebp
. c' j( K% |( g/ x7 c004013B1 |. 89E5 mov ebp, esp 4 c0 {; d& L# Z- Q# y
004013B3 |. 83EC 08 sub esp, 8
0 I1 [3 F1 s! X5 j# H004013B6 |. 833D 14204000>cmp dword ptr [402014], 0 " i. n; C0 W* U, m
004013BD |. 75 0F jnz short 004013CE - [* T+ W! H Q! K9 X
004013BF |. C705 14204000>mov dword ptr [402014], 1
% J( t* u4 b$ R [. o. A% o4 Y# r y004013C9 |. E8 92FFFFFF call 00401360 9 l) v# E: p" e4 i
004013CE |> C9 leave
# _1 z% t6 J% ^2 |004013CF \\. C3 retn
4 T4 h3 T# j+ V004013D0 .- FF25 AC304000 jmp dword ptr [<&msvcrt._fmode>] ; msvcrt._fmode / z- U: e$ x: [* F4 r
004013D6 90 nop
: C: j* d: A/ ~, E$ p7 @004013D7 90 nop 8 d7 M4 N3 ~, K9 x1 c! c- T
004013D8 .- FF25 B4304000 jmp dword ptr [<&msvcrt._iob>] ; msvcrt._iob
# ?+ v% U y8 f: O+ A- l, m004013DE 90 nop 7 a9 V+ t, a& W& Q1 d
004013DF 90 nop
7 m( F4 O% U( C004013E0 .- FF25 DC304000 jmp dword ptr [<&msvcrt.__set_app_ty>; msvcrt.__set_app_type
2 Z" Q) O/ O- j f$ G004013E6 90 nop
6 h; }# W" n- [4 k2 h004013E7 90 nop 5 w& }# J1 E; Y% l2 S( t1 u0 {
004013E8 $- FF25 A4304000 jmp dword ptr [<&msvcrt._cexit>] ; msvcrt._cexit 5 n4 L. k$ u: @7 O8 b6 u' j
004013EE 90 nop
+ N: _* ^" Q4 h004013EF 90 nop # |/ t Z9 Z: I! Z/ E1 H# _
004013F0 $- FF25 D0304000 jmp dword ptr [<&msvcrt.__p__environ>; msvcrt.__p__environ . j7 H e6 h& G$ A& |! n: G
004013F6 90 nop
% V6 L0 _* D# U/ C6 R" O$ a004013F7 90 nop 8 l4 u. \, d! J) S0 r2 m; b
004013F8 $- FF25 B0304000 jmp dword ptr [<&msvcrt._fpreset>] ; msvcrt._fpreset % ?$ L A0 }% K9 u9 q
004013FE 90 nop
/ E2 x! I7 e5 |2 \/ u: r004013FF 90 nop " I X. O3 s% @- G
00401400 $- FF25 D8304000 jmp dword ptr [<&msvcrt.signal>] ; msvcrt.signal " b& y# U U7 r/ ~
00401406 90 nop 4 z# `( ]( m" p: C. {3 ]) t9 m8 p
00401407 90 nop ' R/ h# S& J$ O+ h2 N% k; m# F2 {
00401408 $- FF25 A8304000 jmp dword ptr [<&msvcrt._fileno>] ; msvcrt._fileno " m N4 p5 _% g5 q" Q- t- T
0040140E 90 nop
( u5 G- s6 u6 j# Y0040140F 90 nop
* q' D1 D) ?: k/ Q! U- o' v00401410 $- FF25 B8304000 jmp dword ptr [<&msvcrt._setmode>] ; msvcrt._setmode $ K4 W& [" H3 M1 J
00401416 90 nop
$ j! _9 Z% B4 B; n( X+ P- z1 h00401417 90 nop : _: w6 I) j( S; L
00401418 $- FF25 BC304000 jmp dword ptr [<&msvcrt.__getmainarg>; msvcrt.__getmainargs
: m! j3 c* [3 w6 D1 w0040141E 90 nop % |0 g% J6 L. K- f' i
0040141F 90 nop
9 j8 u7 S+ D7 a0 p$ T" i9 g5 S00401420 $- FF25 CC304000 jmp dword ptr [<&msvcrt.fputc>] ; msvcrt.putc / y! r4 m6 A7 h9 C/ d' {, ^
00401426 90 nop
! N5 i5 G( ~: U4 v4 q& p+ H, A8 n3 A00401427 90 nop
0 Y$ U0 \; r7 Y4 z( k+ J0 T7 Q00401428 $- FF25 C4304000 jmp dword ptr [<&msvcrt.fgetc>] ; msvcrt.getc I- y& N5 R* O9 H# C
0040142E 90 nop
8 T" k3 {" z2 V' L0 c0040142F 90 nop " e# |) n r0 A, v* I' B* c3 q
00401430 $- FF25 D4304000 jmp dword ptr [<&msvcrt.printf>] ; msvcrt.printf
9 C# S6 v, p2 @$ u' V00401436 90 nop
. V7 w! Z r4 C. _+ e9 G8 }+ U00401437 90 nop 3 W) Z9 G9 Q' b, Z: D. z( E0 Z
00401438 $- FF25 C8304000 jmp dword ptr [<&msvcrt.fopen>] ; msvcrt.fopen * q8 E. n6 m. m+ n2 d
0040143E 90 nop 6 T4 w: P0 K- V
0040143F 90 nop
& ^( O5 h( v# ?& d! q6 Y" I' p00401440 $- FF25 C0304000 jmp dword ptr [<&msvcrt.atexit>] ; msvcrt.atexit
6 _; N5 z# o$ Q7 X4 W, }00401446 90 nop
5 s* F$ X% V6 Z% O( u# d8 C00401447 90 nop 5 {6 ?% e% l8 Y
00401448 $- FF25 98304000 jmp dword ptr [<&KERNEL32.SetUnhandl>; kernel32.SetUnhandledExceptionFilter * l" @3 v1 a- g3 z1 z2 s
0040144E 90 nop - }2 v1 w( }+ l9 V2 Q
0040144F 90 nop . W! p+ B7 [8 D; B9 H) W3 Q/ |
00401450 .- FF25 94304000 jmp dword ptr [<&KERNEL32.ExitProces>; kernel32.ExitProcess ( r) w, C$ H' Q5 V, y, ~
00401456 90 nop + m& ^; R! u) h* ]7 \6 o6 p
00401457 90 nop
* e$ y6 h! n0 `$ @00401458 . FFFFFFFF dd FFFFFFFF ; c) D$ R$ t+ m. k$ K4 n9 F) G
0040145C . 00000000 dd 00000000 6 l, l: G) }& e2 a
00401460 FF db FF 6 U- F1 [" m* y9 I: Z
00401461 FF db FF 6 \$ o4 r5 u4 G0 m# O
00401462 FF db FF 0 J: B9 c; G' L( r
00401463 FF db FF
; i* h5 s( w* c# |00401464 00 db 00
8 S F( E! O. i) k7 x2 J a& X$ y00401465 00 db 00 6 L& {, O& j6 M0 B( }
00401466 00 db 00 9 f' g7 K" i; m! ?
00401467 00 db 00 |
发表于 2009-10-8 17:41
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
发表于 2009-10-10 19:10
楼主
