由于这个程序很短,OD里面的汇编代码也很短。 $ P( z* h) |1 W
请看红色的部分,这就是和0x80比较的部分。
; X# u8 G3 S w, A6 r把这2句NOP掉,然后保存修改后的文件为exe。 4 ?' R! M3 ^$ ?" ~2 x6 s
我们发现input.txt里面的所有内容都能被输出了。
$ ~0 r$ R' J$ c2 ?附上修改后的exe. - v; `. _0 s0 D- M
深绿,你可以把这个操作过程试一下,练习一下.
( }: r* T- l9 o0 A9 ?3 N" _' r+ w a5 v
00401000 /$ 55 push ebp $ [9 y g+ l1 {4 b; A! W
00401001 |. 89E5 mov ebp, esp
- e& B) f* h5 W; R G" H00401003 |. 83EC 18 sub esp, 18 8 l2 p \2 l2 ?+ v% B
00401006 |. C745 FC 00000>mov dword ptr [ebp-4], 0
/ E; H' j# l6 v3 v, b0040100D |. 83C4 F4 add esp, -0C
, L. _( t- o& T, B& J- y00401010 |. 8D45 FC lea eax, dword ptr [ebp-4] : f4 m* a: q; d5 [% q* V& S
00401013 |. 50 push eax + ]* }. I6 y( |4 O7 ^ ?* @
00401014 |. FF35 08204000 push dword ptr [402008]
, \! o& B# C& R0 K9 y3 P- A# U( f6 b0040101A |. 8D45 F8 lea eax, dword ptr [ebp-8]
" w- @! G# L7 Q* B9 T c0040101D |. 50 push eax
5 r! j3 M; ]) {6 ~0040101E |. 68 04204000 push 00402004 7 v1 U' p4 Q; q9 z
00401023 |. 68 00204000 push 00402000
) v9 i6 h( a+ Q3 V! H00401028 |. E8 EB030000 call <jmp.&msvcrt.__getmainargs> 0 t" N4 S0 l/ L* J) v T8 F% H6 l- N
0040102D |. C9 leave 9 D7 Z0 b. I) G) l7 u5 m
0040102E \\. C3 retn 0 J7 @- W! @& a
0040102F 90 nop
3 E9 C! P. d- B& Q" H z& c00401030 /$ 55 push ebp
- ]9 l* r( {) i' |$ J9 l00401031 |. 89E5 mov ebp, esp / [ C k) J2 ]( z5 S/ ]8 k8 A
00401033 |. 83EC 08 sub esp, 8
6 W- L4 n z/ F00401036 |. 8B15 0C204000 mov edx, dword ptr [40200C]
- z+ ^7 i( M- \ @7 t# S' r- C0040103C |. 85D2 test edx, edx $ u( q( w) j, m$ Q& ]; i0 }% f
0040103E |. 74 7B je short 004010BB ! t5 Y7 ` U a6 }, O0 i$ |
00401040 |. A1 AC304000 mov eax, dword ptr [<&msvcrt._fmode>> 8 K1 H! P% i) `/ S9 s; T7 S
00401045 |. 8910 mov dword ptr [eax], edx ! S5 `) P" x- z$ R% Y3 ]: A
00401047 |. A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>]
) |! @6 K$ y# d0 ]0040104C |. 85C0 test eax, eax
' s, C+ h' f& s0040104E |. 74 1E je short 0040106E ~; W, l# Y$ N
00401050 |. 83C4 F8 add esp, -8
) ]+ F+ J4 h, n# V00401053 |. FF35 0C204000 push dword ptr [40200C] X% M7 \/ U# S" u+ N4 L" h
00401059 |. 83C4 F4 add esp, -0C ' R9 d6 c6 n5 H1 |- E' ~0 b
0040105C |. 50 push eax ; /pstream => offset msvcrt._iob
0 s8 [8 t4 H( G( ]: B5 X0040105D |. E8 A6030000 call <jmp.&msvcrt._fileno> ; \\_fileno X8 {0 `7 }/ I
00401062 |. 83C4 10 add esp, 10
# L U3 D) I* b) k00401065 |. 50 push eax ; |handle + v9 b$ `+ N" \: F& S' Q c
00401066 |. E8 A5030000 call <jmp.&msvcrt._setmode> ; \\_setmode
0 G! x+ G. z% A3 w* h2 i% D0040106B |. 83C4 10 add esp, 10
& \8 N; ]+ ^) ?, v. I- c0040106E |> A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>] ) k; B: {8 d. |4 F$ a" a0 D* h' c
00401073 |. 83C0 20 add eax, 20
+ {- q- x* [$ L: D& S @00401076 |. 74 1E je short 00401096 " n! z: o; J. s: t- J- I
00401078 |. 83C4 F8 add esp, -8 g L, R( T7 K8 Z( w. K
0040107B |. FF35 0C204000 push dword ptr [40200C]
+ R* N) W& Z' r2 _' a00401081 |. 83C4 F4 add esp, -0C " w6 t# g, M& o7 h
00401084 |. 50 push eax ; /pstream
! \, s8 t4 v& y' {0 n9 E- A" K$ l00401085 |. E8 7E030000 call <jmp.&msvcrt._fileno> ; \\_fileno
: S; v, r0 S( D0040108A |. 83C4 10 add esp, 10 1 B5 O& m6 S3 m: E1 \0 @9 v2 P0 ]
0040108D |. 50 push eax ; |handle 1 z: m; g2 V/ u9 }4 h* P& a6 X9 s, ^
0040108E |. E8 7D030000 call <jmp.&msvcrt._setmode> ; \\_setmode
2 o2 G4 y, |$ H8 A- Y00401093 |. 83C4 10 add esp, 10 / \ B/ V9 u0 e: ^9 L7 O& u
00401096 |> A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>] 2 I7 v; T$ A) m& v3 W; y" e* o
0040109B |. 83C0 40 add eax, 40 + w1 Q, k( e. ], Z
0040109E |. 74 1B je short 004010BB 8 _4 q; M) n* [" m) T2 g6 ^
004010A0 |. 83C4 F8 add esp, -8 $ d/ X3 V: @/ {; T- h' j* C
004010A3 |. FF35 0C204000 push dword ptr [40200C]
5 |; k7 w& c: k' R8 K& {! p2 z1 z004010A9 |. 83C4 F4 add esp, -0C 4 g5 I$ X4 Q P% a
004010AC |. 50 push eax ; /pstream R0 y; z7 F c5 w2 f6 ^: A
004010AD |. E8 56030000 call <jmp.&msvcrt._fileno> ; \\_fileno
& a" C6 r# C6 \/ p, A- C1 [& |2 }004010B2 |. 83C4 10 add esp, 10
/ H/ [; D' ~4 w2 |004010B5 |. 50 push eax ; |handle
; Z0 O% b; s$ V% H004010B6 |. E8 55030000 call <jmp.&msvcrt._setmode> ; \\_setmode ; u6 H6 C& X I& ], o
004010BB |> C9 leave
- R& a1 A/ F5 j5 j# _1 d+ W3 q004010BC \\. C3 retn
/ N& \, s. T+ U004010BD 8D76 00 lea esi, dword ptr [esi]
+ Y+ a: o0 l$ l, A4 U004010C0 /. 55 push ebp
6 F* o1 i! Z# k. T& z" F- n004010C1 |. 89E5 mov ebp, esp
d( r: ]) G: N4 ^. p004010C3 |. 83EC 10 sub esp, 10
; E: F, C5 D1 A- A5 O: \! p004010C6 |. 56 push esi
2 Q o8 x/ r+ [/ K* M; l004010C7 |. 53 push ebx " o }& Q4 H I
004010C8 |. 8B45 08 mov eax, dword ptr [ebp+8] ; k6 K5 G$ L- S& L3 P
004010CB |. 31DB xor ebx, ebx ; G# f! d. Q. h5 w K$ C# Q
004010CD |. 31F6 xor esi, esi 8 W4 v8 r% i3 q5 C, Q9 Q9 } U! b
004010CF |. 8B00 mov eax, dword ptr [eax]
% n* f% n' ^! v* ] g004010D1 |. 8B00 mov eax, dword ptr [eax] 9 \, l' Y0 _) f9 Q& W! O2 e
004010D3 |. 3D 910000C0 cmp eax, C0000091
% {" Z+ Q7 H) S% D* Z004010D8 |. 77 16 ja short 004010F0
, @- R, k$ |& f& q% B N# |* K% [004010DA |. 3D 8D0000C0 cmp eax, C000008D
% D8 l* {8 {( m" f004010DF |. 73 4F jnb short 00401130
- g% R, t4 j& F. t004010E1 |. 3D 050000C0 cmp eax, C0000005
( }# M t" Z( H+ ^, a$ {6 m004010E6 |. 74 18 je short 00401100 + b: }$ @/ A# y: i: h3 s$ X: q
004010E8 |. E9 86000000 jmp 00401173 ; o) ], N/ H. o T' a4 c
004010ED | 8D76 00 lea esi, dword ptr [esi] 1 q4 C. b6 o1 _7 \5 k4 D4 d; M& m
004010F0 |> 3D 930000C0 cmp eax, C0000093
6 V1 C+ I9 W# R( l" f9 N2 `* |% ]" w004010F5 |. 74 39 je short 00401130 + u2 z& |- h8 r5 b2 V/ F. m
004010F7 |. 3D 940000C0 cmp eax, C0000094 6 n/ ]* R! F2 \9 f
004010FC |. 74 37 je short 00401135
# V; U0 i0 v S- J8 @004010FE |. EB 73 jmp short 00401173 7 ?8 p" c8 U2 B
00401100 |> 83C4 F8 add esp, -8 ! E P s# R5 {2 p1 B. @
00401103 |. 6A 00 push 0 ; /func = NULL 7 `$ Q, Z: f6 b( f8 j
00401105 |. 6A 0B push 0B ; |sig = SIGSEGV b+ P, z. V, S4 u
00401107 |. E8 F4020000 call <jmp.&msvcrt.signal> ; \\signal
( j3 v' N, a. g0040110C |. 83C4 10 add esp, 10
3 c" x8 }% ]$ g$ U6 ]6 r0040110F |. 83F8 01 cmp eax, 1 ) L0 \6 g7 y; C
00401112 |. 75 0E jnz short 00401122
, m# _6 x+ @& Z) d00401114 |. 83C4 F8 add esp, -8 % _& `8 c0 N8 ` Y6 x
00401117 |. 6A 01 push 1 ; /func = 00000001 . N: y8 \; ~' F6 d$ Y# I' p) V
00401119 |. 6A 0B push 0B ; |sig = SIGSEGV
2 @: U" Q7 w1 R- m1 n7 l0040111B |. E8 E0020000 call <jmp.&msvcrt.signal> ; \\signal
# x i9 }0 d6 K00401120 |. EB 4C jmp short 0040116E ; m/ _' M; L* @. i4 [/ |
00401122 |> 85C0 test eax, eax
: F: b% i+ Z# M7 B00401124 |. 74 4D je short 00401173 * t0 N9 r7 Q: P3 A7 `# y- G E
00401126 |. 83C4 F4 add esp, -0C + a- K+ N, X2 v9 B' K# R; g" t
00401129 |. 6A 0B push 0B
2 h8 t0 m# @- O9 f& g2 C, Z0040112B |. EB 3F jmp short 0040116C
0 w; [0 `$ |7 a9 q2 E$ d8 T7 \( W0040112D | 8D76 00 lea esi, dword ptr [esi]
1 f6 d- w7 U. K00401130 |> BE 01000000 mov esi, 1
! L, s) F9 f! L0 R& E00401135 |> 83C4 F8 add esp, -8 5 l) I+ y g0 `; T/ w% G/ q! F
00401138 |. 6A 00 push 0 ; /func = NULL
3 }1 p" S) F5 J w- k0040113A |. 6A 08 push 8 ; |sig = SIGFPE
$ ^: Z m4 k. N% h* K0040113C |. E8 BF020000 call <jmp.&msvcrt.signal> ; \\signal
+ g5 @2 o+ C! ^$ m00401141 |. 83C4 10 add esp, 10 8 Y3 e" Z1 Z4 U: V2 W: K0 k1 Y, d$ N
00401144 |. 83F8 01 cmp eax, 1 / z0 L* K$ G9 g" h1 I0 j
00401147 |. 75 1A jnz short 00401163
6 Y/ q. _# H. }8 i G00401149 |. 83C4 F8 add esp, -8
! Y/ i( j: [& ]6 f7 {5 o0040114C |. 6A 01 push 1 ; /func = 00000001 / H5 Z7 I8 K2 j7 K
0040114E |. 6A 08 push 8 ; |sig = SIGFPE
' I: ]7 D' c: I+ T s' ]00401150 |. E8 AB020000 call <jmp.&msvcrt.signal> ; \\signal 5 v. ?7 n# Y; F! H- ]
00401155 |. 83C4 10 add esp, 10 ! z, }( |$ q8 [5 b+ q
00401158 |. 85F6 test esi, esi ( @: P; z, x! }9 m! l6 S2 p
0040115A |. 74 12 je short 0040116E
( L. t& t- X: C- ~* U! s0040115C |. E8 97020000 call <jmp.&msvcrt._fpreset> ; [_fpreset
9 r. m: o; B8 F' S2 U00401161 |. EB 0B jmp short 0040116E
( @2 e% V3 W7 E00401163 |> 85C0 test eax, eax
8 i) @/ Y1 O, t2 O( n' g& |1 B00401165 |. 74 0C je short 00401173 . s- T# ~) R. I2 l' H
00401167 |. 83C4 F4 add esp, -0C
; @# G) e! D M0040116A |. 6A 08 push 8
2 Y. X' ]$ O5 ?$ @2 w0040116C |> FFD0 call eax 6 Y9 F8 ` z) E
0040116E |> BB FFFFFFFF mov ebx, -1
0 u B0 j# h0 _( y00401173 |> 89D8 mov eax, ebx
1 s( X2 b0 `2 d. [7 ?9 }5 g# G0 ~00401175 |. 8D65 E8 lea esp, dword ptr [ebp-18] * z4 K- d4 B% d8 K2 _' y
00401178 |. 5B pop ebx 9 g' Q& A1 h! U7 G& D0 @
00401179 |. 5E pop esi
9 ]* f+ q7 E9 l0 T% I% {: J0040117A |. C9 leave
0 b0 o6 }6 \( t# x# z0040117B \\. C2 0400 retn 4 - D/ }- @6 G0 R" B
0040117E 89F6 mov esi, esi * n9 w4 K, _6 T' h& ]
00401180 /$ 55 push ebp
$ [+ f. M: T7 Q. D' l* j2 `0 f00401181 |. 89E5 mov ebp, esp $ b1 @% n7 R% B' w9 r, A' g
00401183 |. 83EC 14 sub esp, 14 # s" w/ Z5 ?! z n' l) D
00401186 |. 53 push ebx
4 r% B1 M0 U. k: z. _" |00401187 |. 83C4 F4 add esp, -0C
% w5 ^0 A. _" K2 ^4 v0040118A |. 68 C0104000 push 004010C0 ; /pTopLevelFilter = engoutpu.004010C0
' }# K7 o4 I* s5 I7 s0040118F |. E8 B4020000 call <jmp.&KERNEL32.SetUnhandledExcep>; \\SetUnhandledExceptionFilter 1 x8 d- S7 l) X$ }) \4 p- V' h
00401194 |. 83C4 FC add esp, -4
" o0 I6 F* A9 V0 ~/ x% M) D& x00401197 |. E8 5C020000 call <jmp.&msvcrt._fpreset> ; [_fpreset + | E' @0 P; S& g, c9 U
0040119C |. E8 5FFEFFFF call 00401000
/ C. w$ U4 A$ o; T& v% A8 W004011A1 |. E8 8AFEFFFF call 00401030
6 \6 k# k8 E1 a7 k- S3 M004011A6 |. 83C4 FC add esp, -4
* Y$ ?0 l$ X* Y. T3 ]! v. @) o004011A9 |. E8 42020000 call <jmp.&msvcrt.__p__environ>
8 K/ X" V# q- o j004011AE |. FF30 push dword ptr [eax] 6 B. a3 Y* h/ U P7 `+ i4 ]& X3 }
004011B0 |. FF35 04204000 push dword ptr [402004]
& H! q( R/ B% P1 {004011B6 |. FF35 00204000 push dword ptr [402000]
9 p5 x. \& [0 T7 i' c/ p' q" |2 i004011BC |. E8 AB000000 call 0040126C
0 |: G0 i7 O, x, c5 `004011C1 |. 89C3 mov ebx, eax
& p& b9 j/ ?5 |( m004011C3 |. 83C4 20 add esp, 20
; h: O0 o# C2 X. r/ t004011C6 |. E8 1D020000 call <jmp.&msvcrt._cexit> ; [msvcrt._cexit 1 A; C) ?& j7 x) P
004011CB |. 83C4 F4 add esp, -0C
% R) Z* G# q! e, |5 v( }004011CE |. 53 push ebx ; /ExitCode
8 U( v' w+ Y0 }( `9 M004011CF \\. E8 7C020000 call <jmp.&KERNEL32.ExitProcess> ; \\ExitProcess
1 X, {5 N* L% p/ Z004011D4 >/$ 55 push ebp
: F; I6 J2 a5 K) r8 g: F7 M004011D5 |. 89E5 mov ebp, esp : S/ e+ V4 ?$ \" O! L7 d
004011D7 |. 83EC 08 sub esp, 8
: i& ^) E% b+ T0 X004011DA |. 83C4 F4 add esp, -0C + W9 O. {8 @3 Q! b0 v
004011DD |. 6A 01 push 1 # ~; g" l+ ]5 C% k) }1 u& |
004011DF |. A1 DC304000 mov eax, dword ptr [<&msvcrt.__set_a>
# K: R3 M9 Y* C m: _+ J! B4 @004011E4 |. FFD0 call eax ; <&msvcrt.__set_app_type> ' N, w, ~: t" Q
004011E6 |. E8 95FFFFFF call 00401180 ; V9 }9 |7 F D- K& i
004011EB |. 31C0 xor eax, eax
U1 U5 a( d$ G004011ED |. C9 leave
& [9 H) d9 |' ?6 C4 {" S004011EE \\. C3 retn 3 D4 c5 G/ [# g& V; | c1 M# p
004011EF 90 nop
+ F* N! c. z; i) U3 ^004011F0 /. 55 push ebp
" G1 k" ^ W- o004011F1 |. 89E5 mov ebp, esp
- j& V5 d8 _( ~' o004011F3 |. 83EC 08 sub esp, 8
3 e( v! J( v3 T% t004011F6 |. 83C4 F4 add esp, -0C
& _+ x0 ~7 P' X) m, ], i004011F9 |. 6A 02 push 2 p* L) v! Z8 X; F
004011FB |. A1 DC304000 mov eax, dword ptr [<&msvcrt.__set_a> % |( V' B& r) b A. `# K: v
00401200 |. FFD0 call eax ; <&msvcrt.__set_app_type>
\! ^3 ?+ Z& w00401202 |. E8 79FFFFFF call 00401180 . R6 y% ^, F5 N
00401207 |. C9 leave
2 h4 D$ L6 ?) @8 P/ [7 G00401208 \\. C3 retn & x! @7 U6 B- U6 k- |# A
00401209 00 db 00 5 t/ }( `0 ^- z$ n
0040120A 00 db 00 1 _8 m7 z4 h. `+ N
0040120B 00 db 00
# x! M6 i# s; \5 c6 [6 J0040120C 00 db 00
+ x+ a" ~! O( C* J( k0040120D 00 db 00
* |: W3 N/ P& q9 Y# G$ ?- \0040120E 00 db 00
5 C! m4 [! A/ {! w- v7 \+ ?/ i0040120F 00 db 00 ( Q1 H+ ]2 p5 z
00401210 72 db 72 ; CHAR 'r'
" v9 E4 H" w7 ~3 ^0 e4 P" z' N; e00401211 00 db 00 6 @- N2 A; \7 v
00401212 . 69 6E 70 75 7>ascii "input.txt",0
* R1 n1 K$ z5 Q0040121C . 43 61 6E 27 7>ascii "Can't Find input"
, j! t* S5 V1 y5 m" ]0040122C . 2E 74 78 74 2>ascii ".txt!",0
: D6 U3 j- W, p* K0 _# x( Y00401232 77 db 77 ; CHAR 'w'
6 Z, {6 u# L8 S% s# o# m00401233 00 db 00 9 K' j2 c/ ?$ G8 ~. [
00401234 . 6F 75 74 70 7>ascii "output.txt",0
, C8 W& B3 U* M' V0040123F . 43 61 6E 27 7>ascii "Can't Create out"
1 p$ b' H8 e0 p7 j0040124F . 70 75 74 2E 7>ascii "put.txt!",0
, O( X$ W& G2 [! k# h: r3 W9 e0 M00401258 . 6F 6E 65 20 6>ascii "one char outpute" 1 b$ Q5 o2 q$ Q/ t( n- e9 A' _1 n
00401268 . 64 0A 00 ascii "d O3 {7 _0 ^' Z3 U- I7 U N H1 q
",0
. S6 m5 V! p3 t0 Q$ I2 r* ?" n: Z7 H0040126B 90 nop 1 N; Q( y5 r9 i0 S S, r
0040126C /$ 55 push ebp
# T9 A, F& d) d0040126D |. 89E5 mov ebp, esp ?6 Z, E/ v, u4 g
0040126F |. 83EC 18 sub esp, 18
5 w7 I) P m1 C# J4 N' A- }00401272 |. E8 39010000 call 004013B0 9 Z$ C) R; z: v+ r4 H' \
00401277 |. 83C4 F8 add esp, -8
' T. d3 z7 u* j! H0040127A |. 68 10124000 push 00401210 ; /mode = "r" * c% H3 R+ r v6 D n2 W2 \' g- m
0040127F |. 68 12124000 push 00401212 ; |path = "input.txt" 4 |3 W- U1 L& e4 E# R! E N
00401284 |. E8 AF010000 call <jmp.&msvcrt.fopen> ; \\fopen
. s9 t6 Y2 Q3 i4 Q! L% d00401289 |. 83C4 10 add esp, 10 5 y! `) r- e" }' L; V
0040128C |. 89C0 mov eax, eax 9 ~2 {$ P, M$ r% D. g5 O* q2 S
0040128E |. 8945 FC mov dword ptr [ebp-4], eax ^$ D% T* F* X3 g) K
00401291 |. 837D FC 00 cmp dword ptr [ebp-4], 0 / R4 k. C* [8 j# B- a1 Q X
00401295 |. 75 10 jnz short 004012A7 ) A; I& P4 J" F; B1 b
00401297 |. 83C4 F4 add esp, -0C 0 H% R# d" y9 M# Y' o& _
0040129A |. 68 1C124000 push 0040121C ; /format = "Can't Find input.txt!"
- g& ^. V' K6 ^: h5 [0040129F |. E8 8C010000 call <jmp.&msvcrt.printf> ; \\printf
& o# h' I" H2 K+ a- `2 f0 [004012A4 |. 83C4 10 add esp, 10 - C7 {3 B' d2 p" k
004012A7 |> 83C4 F8 add esp, -8 " Z0 {: J+ D! i) @3 N c8 C f
004012AA |. 68 32124000 push 00401232 ; /mode = "w" 0 Q7 _* z X* r0 D: P! x
004012AF |. 68 34124000 push 00401234 ; |path = "output.txt" ' G. @4 }/ R0 V& x0 m, [
004012B4 |. E8 7F010000 call <jmp.&msvcrt.fopen> ; \\fopen 9 K4 I8 X" ?: }) }0 V% h" C" z# P
004012B9 |. 83C4 10 add esp, 10 : w; |" J: x# M+ n! l
004012BC |. 89C0 mov eax, eax
" M+ e. H2 R5 y3 N7 b004012BE |. 8945 F8 mov dword ptr [ebp-8], eax
; x. | S7 M0 F" ]6 a% c- A4 h004012C1 |. 837D F8 00 cmp dword ptr [ebp-8], 0 " Z4 F4 O: {1 X. j( `4 s4 B
004012C5 |. 75 10 jnz short 004012D7
Z0 q3 o* N8 e# P, D8 ~004012C7 |. 83C4 F4 add esp, -0C
' G* J4 x M/ J! y* G% S% \004012CA |. 68 3F124000 push 0040123F ; /format = "Can't Create output.txt!" 5 }+ a% Y# O+ D! k
004012CF |. E8 5C010000 call <jmp.&msvcrt.printf> ; \\printf 7 L) q$ K" P- s1 M V
004012D4 |. 83C4 10 add esp, 10
0 k' R5 @& w0 P% Y1 y! b3 C004012D7 |> 83C4 F4 /add esp, -0C % U7 f+ C0 C3 e4 @
004012DA |. 8B45 FC |mov eax, dword ptr [ebp-4]
5 h" w: n5 a$ C& P3 i, T( Y6 A004012DD |. 50 |push eax ; /stream & v; i, f, E+ ~4 D# _' { w
004012DE |. E8 45010000 |call <jmp.&msvcrt.fgetc> ; \\fgetc
9 `4 n) U; [9 w& d004012E3 |. 83C4 10 |add esp, 10
7 E. {* {+ x; k% i' o# Z f; t8 @; s004012E6 |. 89C0 |mov eax, eax 4 H$ f' c( D' D2 x5 N
004012E8 |. 8945 F4 |mov dword ptr [ebp-C], eax
: i7 e* _7 y9 J7 B. o% A3 ~7 t004012EB |. 817D F4 80000>|cmp dword ptr [ebp-C], 80
" Y" n- E) M! \$ D004012F2 |. 7F 23 |jg short 00401317
' V' o& A. q4 b- l% V% P004012F4 |. 83C4 F8 |add esp, -8
`2 c, n" V) d. [3 |% a0 \( G! D004012F7 |. 8B45 F8 |mov eax, dword ptr [ebp-8] 1 k- C+ U2 t5 `5 [* o
004012FA |. 50 |push eax ; /stream
. ?, D1 b" k! E5 x. j& U( @( h# D004012FB |. 8B45 F4 |mov eax, dword ptr [ebp-C] ; |
1 `+ b- F1 u1 o% u004012FE |. 50 |push eax ; |c # G: z/ C" d9 J q& C
004012FF |. E8 1C010000 |call <jmp.&msvcrt.fputc> ; \\fputc $ u; Y- f+ r+ [5 U- O
00401304 |. 83C4 10 |add esp, 10 ' L( L+ s, S* m, H- `
00401307 |. 83C4 F4 |add esp, -0C 8 o/ u) P' m5 ~! B/ Q
0040130A |. 68 58124000 |push 00401258 ; /format = "one char outputed",LF,"" # @8 e n8 x6 j; }
0040130F |. E8 1C010000 |call <jmp.&msvcrt.printf> ; \\printf 0 h* q0 t" p6 z$ a% @, ~' a
00401314 |. 83C4 10 |add esp, 10
$ w% j2 c& d4 D i( P7 G00401317 |> 837D F4 FF |cmp dword ptr [ebp-C], -1
( m5 q% a" w* B$ C0040131B |. 75 03 |jnz short 00401320 - y" Q; G5 x' u' x
0040131D |. EB 03 |jmp short 00401322
; B/ l! f6 z5 F% I) H$ {) F7 U0040131F | 90 |nop
4 v- y/ m" f7 s/ h00401320 |>^ EB B5 \\jmp short 004012D7 * G. q$ b9 t8 F( ?4 E! {6 ~5 B+ P
00401322 |> C9 leave 7 l+ q6 \ F' W* y7 N
00401323 \\. C3 retn
8 ?* Q$ N1 @6 f+ l/ N3 J00401324 00 db 00 , a: n# {6 a k3 C; W( t2 c' p
00401325 00 db 00
" t5 `% ?# J& Q: X6 P00401326 00 db 00 / Z. `1 V' ?, ^* ?) N
00401327 00 db 00 + ]7 S ^( e3 X+ e+ ?! u8 [. ~
00401328 00 db 00 5 H; V$ M1 q' Y* P4 Z: ]8 w
00401329 00 db 00 / p+ M, x9 {& X9 ^; D# Y5 M
0040132A 00 db 00
$ t: l) _( b* A2 F; V. X/ [0040132B 00 db 00
% G7 S) P+ ?1 l% K, ~0 i$ Y0040132C 00 db 00 4 H& @1 x' A, {; V. G' D4 C/ c1 `
0040132D 00 db 00
3 t: n5 _. Q J! Q3 L0040132E 00 db 00 . b- @; n4 h8 y1 U6 |* S
0040132F 00 db 00
3 r3 E$ e/ c/ r' I! u: C; }- D00401330 /. 55 push ebp 0 S) r* M, @0 M" q
00401331 |. 89E5 mov ebp, esp
0 s" R9 w% Z/ b0 E2 b* v00401333 |. 83EC 08 sub esp, 8 7 I' l0 ^, ^; P: Y
00401336 |. A1 10204000 mov eax, dword ptr [402010] * W$ E) W% R8 R
0040133B |. 8338 00 cmp dword ptr [eax], 0 % @3 r6 H5 d' Z4 f* t/ x
0040133E |. 74 1D je short 0040135D 9 j& Y4 Z. W. p+ z9 `3 i
00401340 |> A1 10204000 /mov eax, dword ptr [402010] 2 N( ]8 Q/ v5 ]& Y# A" X7 w$ G2 t
00401345 |. 8B00 |mov eax, dword ptr [eax]
5 ]& c# r# c% j8 U0 R# |00401347 |. FFD0 |call eax
9 G% @: N9 T. o7 I1 _00401349 |. A1 10204000 |mov eax, dword ptr [402010]
9 q8 |, f; a3 y0 q- @0040134E |. 8D50 04 |lea edx, dword ptr [eax+4] 9 s! f- E. m+ G; \) s
00401351 |. 8915 10204000 |mov dword ptr [402010], edx
" ^3 `! P7 m5 f' w00401357 |. 8378 04 00 |cmp dword ptr [eax+4], 0 ' j5 A9 s+ M7 J' z+ C
0040135B |.^ 75 E3 \\jnz short 00401340
8 l. E1 f0 t$ ]* Q0 x2 R1 U7 z0040135D |> C9 leave % s9 k( Z/ i, l, \7 J# s3 ~
0040135E \\. C3 retn 9 O+ @- m7 L$ [4 d$ }3 p N4 z
0040135F 90 nop # m+ ~; \/ x6 ?7 Q# S" h
00401360 /$ 55 push ebp
, z. J6 {6 c: R$ M' f00401361 |. 89E5 mov ebp, esp $ g7 d7 r6 t: Y# h% L6 Y2 h
00401363 |. 83EC 14 sub esp, 14
9 n( \; V R2 g1 D9 l, V00401366 |. 53 push ebx ) @: M$ _% U; E8 L7 L5 Y
00401367 |. A1 58144000 mov eax, dword ptr [401458]
?# }9 Q! @4 I( s: t0040136C |. 83F8 FF cmp eax, -1
9 s$ S9 V# U3 v8 |+ J& ]0040136F |. 75 19 jnz short 0040138A ' o1 C8 K/ h. w% n V3 c
00401371 |. 31C0 xor eax, eax . {5 H6 ^5 L x6 i+ L6 k
00401373 |. 833D 5C144000>cmp dword ptr [40145C], 0
* M \7 k5 p8 n( ?$ r% \2 S+ p0040137A |. 74 0E je short 0040138A
2 B8 V2 R6 ~- t! L; G$ k% R' F0040137C |. BA 5C144000 mov edx, 0040145C # i' {$ w- |! `7 K- N) d. ~9 r* Y; z
00401381 |> 83C2 04 /add edx, 4
! P' o# l T+ m1 s6 D( C00401384 |. 40 |inc eax : Y8 Z. @8 s* ?
00401385 |. 833A 00 |cmp dword ptr [edx], 0 ; U) \; `% A a$ v, M
00401388 |.^ 75 F7 \\jnz short 00401381 6 |9 D* p1 S% E
0040138A |> 89C3 mov ebx, eax 9 d1 [7 s$ @: I
0040138C |. 85DB test ebx, ebx
2 u S& c+ B5 c) I" j9 M4 O0040138E |. 74 0C je short 0040139C 9 o5 p/ C# H- [
00401390 |> 8B049D 581440>/mov eax, dword ptr [ebx*4+401458] * @) j K7 z- X
00401397 |. FFD0 |call eax ) e; ?6 K. }' z0 x
00401399 |. 4B |dec ebx
) k {2 K0 D) V+ H$ c- n0040139A |.^ 75 F4 \\jnz short 00401390 $ n" e) d: n) Y; x% h/ r# Y$ e
0040139C |> 83C4 F4 add esp, -0C
! @* p$ l* E- U0 n0040139F |. 68 30134000 push 00401330 ; /func = engoutpu.00401330
, u4 w% R" ^# C0 b: \004013A4 |. E8 97000000 call <jmp.&msvcrt.atexit> ; \\atexit 9 Y5 I4 ]- T7 e$ \2 R& j
004013A9 |. 8B5D E8 mov ebx, dword ptr [ebp-18] + R" C. f! A+ }! i7 c
004013AC |. C9 leave D w4 S1 @$ j
004013AD \\. C3 retn ; q! i6 O7 O9 d1 z9 Q* K
004013AE 89F6 mov esi, esi 0 f6 F9 D( A8 v) D. l6 }* D- N; ^
004013B0 /$ 55 push ebp & _1 Y q7 V" B( d$ b
004013B1 |. 89E5 mov ebp, esp ! Y- F- a A; H, o
004013B3 |. 83EC 08 sub esp, 8
3 K4 h! t& Q$ P% A/ [: [004013B6 |. 833D 14204000>cmp dword ptr [402014], 0
`& S" Z3 ^& i3 A6 m004013BD |. 75 0F jnz short 004013CE
' O) s j2 L4 p004013BF |. C705 14204000>mov dword ptr [402014], 1
- M- o1 ^$ f. Y+ f$ \004013C9 |. E8 92FFFFFF call 00401360
: _) Y5 Q w; A! \' l; i$ k6 w004013CE |> C9 leave $ R1 K% F$ _: k6 |
004013CF \\. C3 retn / o, M7 _# v2 i% A5 n
004013D0 .- FF25 AC304000 jmp dword ptr [<&msvcrt._fmode>] ; msvcrt._fmode $ E+ U, V; c% h) F
004013D6 90 nop h9 \' {1 l0 K4 O) U
004013D7 90 nop ' K( [/ K r& r6 _* d/ d: q
004013D8 .- FF25 B4304000 jmp dword ptr [<&msvcrt._iob>] ; msvcrt._iob . G& F6 |6 m- J9 T& b: e
004013DE 90 nop T9 } y3 d1 M! j0 g8 T
004013DF 90 nop
# u- h+ @& z' K* p* y1 h4 u6 b004013E0 .- FF25 DC304000 jmp dword ptr [<&msvcrt.__set_app_ty>; msvcrt.__set_app_type 6 _. n7 ~# D5 Q- a R. h3 I: I
004013E6 90 nop
N2 W0 G8 H2 X, c2 m004013E7 90 nop
2 z9 `& [& D: b6 }4 B9 P' U' v. T004013E8 $- FF25 A4304000 jmp dword ptr [<&msvcrt._cexit>] ; msvcrt._cexit 2 z, E' W% ?* w
004013EE 90 nop
) E8 @) A5 n4 p4 N1 f004013EF 90 nop 0 X. P" G$ q% Z, D% C/ T
004013F0 $- FF25 D0304000 jmp dword ptr [<&msvcrt.__p__environ>; msvcrt.__p__environ
' j" W9 J0 |- I004013F6 90 nop
& N& m/ H' I1 q1 |& r+ O004013F7 90 nop 3 ?& ]8 h4 @: h, K
004013F8 $- FF25 B0304000 jmp dword ptr [<&msvcrt._fpreset>] ; msvcrt._fpreset
/ G8 Z2 d: A% H3 P( ~% Y! {004013FE 90 nop
0 U/ j# z7 M( E% B5 w4 t1 Q004013FF 90 nop : T3 T3 n, N5 e: T3 y1 @
00401400 $- FF25 D8304000 jmp dword ptr [<&msvcrt.signal>] ; msvcrt.signal 2 t9 w+ \/ D& y" _
00401406 90 nop
1 g6 a& N% q0 c% o00401407 90 nop ) w3 m2 n4 \$ C
00401408 $- FF25 A8304000 jmp dword ptr [<&msvcrt._fileno>] ; msvcrt._fileno
6 T+ l* q! J/ e9 _$ _- o' w. {+ j W# y0040140E 90 nop 9 j% _: k2 Q3 C8 A" K2 k
0040140F 90 nop $ Z5 h# B# b) {# l' w
00401410 $- FF25 B8304000 jmp dword ptr [<&msvcrt._setmode>] ; msvcrt._setmode 1 E0 z. O; g3 j: y6 u R" O: j
00401416 90 nop 0 c6 n. ]! R! x0 a
00401417 90 nop
0 r3 X P2 F6 o8 K7 D) n" V00401418 $- FF25 BC304000 jmp dword ptr [<&msvcrt.__getmainarg>; msvcrt.__getmainargs 0 V5 J. S: w6 u0 @" D
0040141E 90 nop : b% j3 N2 c# ]0 c
0040141F 90 nop
7 f }2 }. y# F5 E( Q2 R' H00401420 $- FF25 CC304000 jmp dword ptr [<&msvcrt.fputc>] ; msvcrt.putc
' y2 f1 a* \7 ^/ N$ b00401426 90 nop 0 T/ ?; ~; R0 G" C6 z6 g7 `! y
00401427 90 nop
, y5 R0 w9 Q' ]3 ?00401428 $- FF25 C4304000 jmp dword ptr [<&msvcrt.fgetc>] ; msvcrt.getc
3 Z6 G% h7 b# f# a0040142E 90 nop 1 C% Q! R+ v# S$ A1 O- X t& C
0040142F 90 nop
$ C: s) A- X8 q7 U00401430 $- FF25 D4304000 jmp dword ptr [<&msvcrt.printf>] ; msvcrt.printf 8 J; O& w Q% k) `
00401436 90 nop ; L" P l+ \- e" n
00401437 90 nop
- \7 S( T s! W, t: p' G9 M. m: D* f00401438 $- FF25 C8304000 jmp dword ptr [<&msvcrt.fopen>] ; msvcrt.fopen
0 N9 H- I4 m y- I3 }( C9 q, ?0040143E 90 nop
( A& g+ r: l! R- A7 u0 E4 [4 m. i* I0040143F 90 nop
3 P' O' Q5 |2 c/ M, N00401440 $- FF25 C0304000 jmp dword ptr [<&msvcrt.atexit>] ; msvcrt.atexit
" G3 d c4 E# H% Z00401446 90 nop
2 ^6 c. P7 o. E00401447 90 nop
6 ?8 Q F, A1 o: z- j7 k/ r! M; x00401448 $- FF25 98304000 jmp dword ptr [<&KERNEL32.SetUnhandl>; kernel32.SetUnhandledExceptionFilter
! I6 i T6 e/ V" o, B" T/ o8 H1 U0040144E 90 nop + Y# o U; ^ r
0040144F 90 nop
: U& ^- ]7 M6 ^: ?' `00401450 .- FF25 94304000 jmp dword ptr [<&KERNEL32.ExitProces>; kernel32.ExitProcess $ R+ i- X5 u- d8 Q+ x- Q3 I
00401456 90 nop
+ o k. W6 y) p( T00401457 90 nop - S; P+ {! q D: l0 ^
00401458 . FFFFFFFF dd FFFFFFFF
! [, y N7 m; Y# [0040145C . 00000000 dd 00000000
& T" v1 t/ [0 M% U1 F00401460 FF db FF
; b( ?* s/ V" \( v/ Y00401461 FF db FF
7 B" z* d0 S% F# L4 K00401462 FF db FF
* [1 g4 u4 \' |! @9 m k00401463 FF db FF @$ |9 h) x8 l: N$ j* {
00401464 00 db 00 6 w' \. g6 o o5 H
00401465 00 db 00 & U9 G, D* P% V1 e
00401466 00 db 00
& g+ Y* A1 X" m* S4 m00401467 00 db 00 |
发表于 2009-10-8 17:41
![【1115号】双子思维5:致命戏法ChinaAVG汉化版[1.35G]](data/attachment/forum/202409/13/185355ool5hoogw798k9z5.jpg)
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
发表于 2009-10-10 19:10
楼主
