由于这个程序很短,OD里面的汇编代码也很短。
& `+ Y. v3 [4 H请看红色的部分,这就是和0x80比较的部分。 + B* z. s; k% A+ _, a
把这2句NOP掉,然后保存修改后的文件为exe。
: j t) O' H5 g2 d' g我们发现input.txt里面的所有内容都能被输出了。
6 S9 }2 b3 H2 T! `# q附上修改后的exe. 2 P0 Z# V9 {8 h# Z6 _. J
深绿,你可以把这个操作过程试一下,练习一下. ; n6 P6 m. j- g4 F1 P: F4 [7 g
: o, @6 k5 U2 g; \7 f00401000 /$ 55 push ebp
5 P& Z/ N# ~* H: }/ H) {00401001 |. 89E5 mov ebp, esp
5 K: h# K( [ T: R% Y; l( O00401003 |. 83EC 18 sub esp, 18 & L' F% y( ~ U5 x; I, B" Q
00401006 |. C745 FC 00000>mov dword ptr [ebp-4], 0
6 P) Y6 ]7 S' [0 N& ^0040100D |. 83C4 F4 add esp, -0C " _$ c* f! {0 Q: J
00401010 |. 8D45 FC lea eax, dword ptr [ebp-4]
3 r+ a* W' [1 g7 t5 R+ H00401013 |. 50 push eax
8 X/ e# Y" l' V$ g9 d* B00401014 |. FF35 08204000 push dword ptr [402008] 7 ]2 l) [: t7 t! ]+ J
0040101A |. 8D45 F8 lea eax, dword ptr [ebp-8] ) T* a; E( a0 ^# N
0040101D |. 50 push eax ; o; ] B' \4 e0 ?
0040101E |. 68 04204000 push 00402004 9 V, j% ^% I8 ~
00401023 |. 68 00204000 push 00402000 ; i# r- R Y" p5 j Y2 W
00401028 |. E8 EB030000 call <jmp.&msvcrt.__getmainargs> ; W C& @$ ]" D9 @1 N- A% |0 H, M0 b
0040102D |. C9 leave
3 ]8 e% |: `' _; G0 O0040102E \\. C3 retn
2 }5 d# f ]7 P i" d% e0040102F 90 nop
: f4 r' e w8 v+ O4 u, A00401030 /$ 55 push ebp $ |# S; L% ~; I# t; d: @/ A
00401031 |. 89E5 mov ebp, esp 3 V! r& {. L$ |, w
00401033 |. 83EC 08 sub esp, 8
7 X+ w( W& }, |8 s00401036 |. 8B15 0C204000 mov edx, dword ptr [40200C] $ h `! r3 e& V. o) F0 J; U# C
0040103C |. 85D2 test edx, edx
* y7 h) q4 S$ N Q6 D$ y) `0040103E |. 74 7B je short 004010BB : c8 ]; S) R/ ?6 ~5 V- C( j
00401040 |. A1 AC304000 mov eax, dword ptr [<&msvcrt._fmode>> 0 G% b: g* U v# e( ]3 B- c
00401045 |. 8910 mov dword ptr [eax], edx
% m6 f: j8 B' {00401047 |. A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>] 4 }$ P+ \. N+ H3 ?( n! u, q
0040104C |. 85C0 test eax, eax : J% Z8 ` U$ R. ^+ Q0 o) {' V4 z
0040104E |. 74 1E je short 0040106E 8 [3 T; @) |2 Q' \. Z2 z# F
00401050 |. 83C4 F8 add esp, -8 ; C# F; [8 X: u5 [1 O$ |
00401053 |. FF35 0C204000 push dword ptr [40200C] $ V6 b" k; f. |5 ~1 n; G# P4 g& [
00401059 |. 83C4 F4 add esp, -0C & [5 w% c3 \& a7 J* T8 ^1 ]
0040105C |. 50 push eax ; /pstream => offset msvcrt._iob
0 y7 _+ J+ V/ J3 j' \2 U5 B4 s0040105D |. E8 A6030000 call <jmp.&msvcrt._fileno> ; \\_fileno ( ^5 ^4 j3 ^) _: e5 A
00401062 |. 83C4 10 add esp, 10 7 j1 p& p5 G7 |, H' E
00401065 |. 50 push eax ; |handle % L3 I# C, `, K. ~% J
00401066 |. E8 A5030000 call <jmp.&msvcrt._setmode> ; \\_setmode
- |/ d9 [9 q' J- D1 b0040106B |. 83C4 10 add esp, 10
* L/ j1 a. R+ i; I/ `( z2 {0040106E |> A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>]
6 A* _+ S5 i% q; K6 H% `00401073 |. 83C0 20 add eax, 20
, W0 m# t, Y: [" f3 ?00401076 |. 74 1E je short 00401096
* K7 n, v n) D9 q6 E( c* _5 a% L00401078 |. 83C4 F8 add esp, -8 4 ?) Q3 W* U) o+ q. [
0040107B |. FF35 0C204000 push dword ptr [40200C] 6 k: P! H) J! X& J) B! K. J+ y: k+ ~% H) b
00401081 |. 83C4 F4 add esp, -0C , Z5 g; z+ O/ Q, p# Y" F
00401084 |. 50 push eax ; /pstream 4 C @ L4 f+ M% M: i/ R) X7 M0 |
00401085 |. E8 7E030000 call <jmp.&msvcrt._fileno> ; \\_fileno 5 o' q" n* Z7 h7 Y# p
0040108A |. 83C4 10 add esp, 10
! C# D) ?9 x% o0040108D |. 50 push eax ; |handle
. y0 D- e7 S$ C }* o* l q) m9 b0040108E |. E8 7D030000 call <jmp.&msvcrt._setmode> ; \\_setmode
6 J b, j$ L# c p) H00401093 |. 83C4 10 add esp, 10
$ _8 S4 K1 C+ J; J6 z2 E00401096 |> A1 B4304000 mov eax, dword ptr [<&msvcrt._iob>]
, J6 e d% s- b9 z' `+ U0040109B |. 83C0 40 add eax, 40 9 B4 _, o/ T+ ?6 z9 w
0040109E |. 74 1B je short 004010BB
( m2 H9 B! B* e3 ~3 \1 Z004010A0 |. 83C4 F8 add esp, -8
5 L9 O5 z! J2 ]4 ~004010A3 |. FF35 0C204000 push dword ptr [40200C]
d2 ?8 Z. Z* ^+ A004010A9 |. 83C4 F4 add esp, -0C - b/ d W2 {5 c% D' r6 v- ^ _
004010AC |. 50 push eax ; /pstream + y4 H7 F* L: l# b
004010AD |. E8 56030000 call <jmp.&msvcrt._fileno> ; \\_fileno
+ w) v" o8 g2 e* n004010B2 |. 83C4 10 add esp, 10 $ B. k) T# Z' Z1 J0 k
004010B5 |. 50 push eax ; |handle
/ k8 d& y) s$ X' K$ ^4 f004010B6 |. E8 55030000 call <jmp.&msvcrt._setmode> ; \\_setmode 9 q5 c$ _7 a. ?$ \% u ]7 |
004010BB |> C9 leave
& j1 f) G0 w( a# V004010BC \\. C3 retn
( m/ K% q7 F' Y% `+ s0 m004010BD 8D76 00 lea esi, dword ptr [esi] * k: k+ Z! I6 ^
004010C0 /. 55 push ebp ) d, _+ }0 r N8 u
004010C1 |. 89E5 mov ebp, esp - X6 F0 U' d @ b( w
004010C3 |. 83EC 10 sub esp, 10
8 }( }. f- y" e1 }2 ?004010C6 |. 56 push esi
|& a/ @5 m& i) @9 t004010C7 |. 53 push ebx
/ {+ m( x5 {* Y% @5 O5 j* p004010C8 |. 8B45 08 mov eax, dword ptr [ebp+8] 5 q L3 c3 K; |( G/ {
004010CB |. 31DB xor ebx, ebx
3 S/ v4 \1 C1 ~3 `- V004010CD |. 31F6 xor esi, esi
3 C$ A T# b) k3 G3 ]& ?# H5 f$ C004010CF |. 8B00 mov eax, dword ptr [eax]
9 S7 M4 |' [1 I/ ?5 N0 p004010D1 |. 8B00 mov eax, dword ptr [eax] + q% [# V( }1 z3 V- I
004010D3 |. 3D 910000C0 cmp eax, C0000091
2 B4 p2 D g( B; L7 x* O( E004010D8 |. 77 16 ja short 004010F0
6 j) C) ^9 x& L! p004010DA |. 3D 8D0000C0 cmp eax, C000008D 6 L3 N+ F1 P8 e! A0 {
004010DF |. 73 4F jnb short 00401130
+ z. B7 r# H7 C004010E1 |. 3D 050000C0 cmp eax, C0000005 u, ~& T p! y7 p4 g# ]7 H" W. b
004010E6 |. 74 18 je short 00401100
. z. Q$ s$ Q$ E6 `3 ?- `004010E8 |. E9 86000000 jmp 00401173
- G8 m3 ]3 a3 t/ h: D; n8 B+ ^004010ED | 8D76 00 lea esi, dword ptr [esi] 2 b( Z! M4 m) J
004010F0 |> 3D 930000C0 cmp eax, C0000093
: {! `; u2 @! D% t3 R! _004010F5 |. 74 39 je short 00401130 # x J- f8 z8 }
004010F7 |. 3D 940000C0 cmp eax, C0000094 ) P+ |5 `' R6 X. n8 x
004010FC |. 74 37 je short 00401135 & E( i4 D) h1 t3 r) k# C" F
004010FE |. EB 73 jmp short 00401173
& k o1 _3 U# e/ |2 f00401100 |> 83C4 F8 add esp, -8
. v }3 L& Q% f- C2 D00401103 |. 6A 00 push 0 ; /func = NULL 7 D8 J- X2 i% Z; A! I( `# @9 a
00401105 |. 6A 0B push 0B ; |sig = SIGSEGV
- ~% H& p, } q3 `, ~" T2 ?. K3 a00401107 |. E8 F4020000 call <jmp.&msvcrt.signal> ; \\signal
7 Q; c) f% f6 h3 D8 c0040110C |. 83C4 10 add esp, 10 , p X$ Y# O: m/ ?& {' _
0040110F |. 83F8 01 cmp eax, 1 9 P B+ d3 X$ ?
00401112 |. 75 0E jnz short 00401122 6 y) u9 m4 j1 E4 {% B1 R9 a* S4 y
00401114 |. 83C4 F8 add esp, -8
1 ~( G2 P0 @9 F% G, O t* ~00401117 |. 6A 01 push 1 ; /func = 00000001 7 o4 O+ v; D" D; J T- b3 m5 R
00401119 |. 6A 0B push 0B ; |sig = SIGSEGV / @% \ i1 x* s. G- \
0040111B |. E8 E0020000 call <jmp.&msvcrt.signal> ; \\signal
5 F8 c2 D/ `' q7 Q! B% V% [, |" a/ ^00401120 |. EB 4C jmp short 0040116E
' A* Y; n: L0 R00401122 |> 85C0 test eax, eax
, w+ i$ m8 Q3 j K00401124 |. 74 4D je short 00401173 7 l8 H. J' B) f0 V
00401126 |. 83C4 F4 add esp, -0C
. D& I( P8 {# C6 _. _( p00401129 |. 6A 0B push 0B : O0 Q5 }( q4 G" c! Q J! |
0040112B |. EB 3F jmp short 0040116C
; t2 e% f8 ]6 B5 x" \% F0040112D | 8D76 00 lea esi, dword ptr [esi] . P; ~: ?$ J; m* }
00401130 |> BE 01000000 mov esi, 1 5 \( ^: }! Y7 [, J) N: h
00401135 |> 83C4 F8 add esp, -8
/ n; ~, N. l/ q" Q, A; N2 J00401138 |. 6A 00 push 0 ; /func = NULL
2 z9 S( M6 p: }) z# W$ ^8 l* n0040113A |. 6A 08 push 8 ; |sig = SIGFPE % C; V9 e1 v7 a0 H+ p }
0040113C |. E8 BF020000 call <jmp.&msvcrt.signal> ; \\signal
* ~% w9 t( X7 p7 f; s: j00401141 |. 83C4 10 add esp, 10 u6 w5 Z" g' ?2 _+ U
00401144 |. 83F8 01 cmp eax, 1 : M# v. R! ~$ s& I
00401147 |. 75 1A jnz short 00401163 - P8 ?; t, |! Q
00401149 |. 83C4 F8 add esp, -8
W5 o- Z; f2 q* }. T! r0040114C |. 6A 01 push 1 ; /func = 00000001
* s% C; P2 n- N& w, t/ a0040114E |. 6A 08 push 8 ; |sig = SIGFPE ' t9 O Z2 G% O, ] @" p) C4 F6 I
00401150 |. E8 AB020000 call <jmp.&msvcrt.signal> ; \\signal
9 |/ K$ O5 y9 `) e' j00401155 |. 83C4 10 add esp, 10
$ Q R+ h' X* m7 Q9 B00401158 |. 85F6 test esi, esi
( Q( L7 Z2 t) D, w2 A0040115A |. 74 12 je short 0040116E 7 L" p$ ~ }- T! `& O
0040115C |. E8 97020000 call <jmp.&msvcrt._fpreset> ; [_fpreset - Z9 Q1 r. Q8 r* Q# M) Z! X
00401161 |. EB 0B jmp short 0040116E d( X, ^' y7 Q/ _' s
00401163 |> 85C0 test eax, eax
! W' x) h" u9 M _# W7 z; Y; T00401165 |. 74 0C je short 00401173
' x; o' }$ X5 e" h0 `% S00401167 |. 83C4 F4 add esp, -0C : ?6 S1 v1 D- w& N, }8 l
0040116A |. 6A 08 push 8 % m7 m- q( w% f+ L) j
0040116C |> FFD0 call eax
; ?$ ~- x% T; o/ u& a+ g0040116E |> BB FFFFFFFF mov ebx, -1
9 ^+ b8 s, c3 U" _+ K t; z00401173 |> 89D8 mov eax, ebx
# ~. Z% i, A4 d6 }( z" Z( h00401175 |. 8D65 E8 lea esp, dword ptr [ebp-18] - h# L: ?& Y' F" H( |
00401178 |. 5B pop ebx
5 {/ H/ R, k4 @; \, c! F00401179 |. 5E pop esi 7 Q( z/ l! M$ F' O
0040117A |. C9 leave
9 s6 `* }% N. I. E# E0040117B \\. C2 0400 retn 4
! [) u0 G. b% |! ~) F; p' K: h0040117E 89F6 mov esi, esi ! b T8 E$ W! x. d8 m
00401180 /$ 55 push ebp
9 o1 h9 `- p" B1 I00401181 |. 89E5 mov ebp, esp * _3 p d5 `1 x& V0 x9 H5 D
00401183 |. 83EC 14 sub esp, 14 4 T* T6 |$ V' I1 W# v- E0 `* Q6 ^4 q
00401186 |. 53 push ebx
6 z0 t3 E/ J7 G& o& r: P/ E00401187 |. 83C4 F4 add esp, -0C $ m# K3 x; l- @1 G" p# \" L z
0040118A |. 68 C0104000 push 004010C0 ; /pTopLevelFilter = engoutpu.004010C0 # {0 H& `' D" h& b7 K1 [ f! c
0040118F |. E8 B4020000 call <jmp.&KERNEL32.SetUnhandledExcep>; \\SetUnhandledExceptionFilter 3 c+ I0 Y- }. i- i
00401194 |. 83C4 FC add esp, -4
1 S) Z" H$ j2 n& S" E9 g00401197 |. E8 5C020000 call <jmp.&msvcrt._fpreset> ; [_fpreset 9 N' g- C! o% @0 \
0040119C |. E8 5FFEFFFF call 00401000 8 T S+ G& m+ S" G5 @5 p- x
004011A1 |. E8 8AFEFFFF call 00401030
' c3 P, z8 Z+ |004011A6 |. 83C4 FC add esp, -4 ' T+ I4 U$ C+ H. E
004011A9 |. E8 42020000 call <jmp.&msvcrt.__p__environ>
2 h' O- U; x! U* A% c; m7 @004011AE |. FF30 push dword ptr [eax]
" S" `# R7 R2 O# v8 ?% l0 g004011B0 |. FF35 04204000 push dword ptr [402004]
% S! i0 Q+ Z3 r# p) D004011B6 |. FF35 00204000 push dword ptr [402000]
" Y4 o7 h2 ^) u# `004011BC |. E8 AB000000 call 0040126C
, f7 }' x8 {1 ?2 m% N004011C1 |. 89C3 mov ebx, eax
& A$ C: M, a4 y+ r, c v2 U/ ~004011C3 |. 83C4 20 add esp, 20 2 X5 ]" k. E% X) J8 z" ?. u- r
004011C6 |. E8 1D020000 call <jmp.&msvcrt._cexit> ; [msvcrt._cexit ( H$ z* N6 e3 O
004011CB |. 83C4 F4 add esp, -0C ; t+ z% A9 b6 M: O) g* d
004011CE |. 53 push ebx ; /ExitCode
/ {; c' N# _9 ?" X/ C! I! l004011CF \\. E8 7C020000 call <jmp.&KERNEL32.ExitProcess> ; \\ExitProcess * I" R! g# {/ A5 y8 s- }
004011D4 >/$ 55 push ebp 7 K) q b( N9 y5 O7 ^( ~
004011D5 |. 89E5 mov ebp, esp
: {" H' k5 c4 e) n6 R$ f004011D7 |. 83EC 08 sub esp, 8
, G' P' e/ m3 r2 j( B004011DA |. 83C4 F4 add esp, -0C 6 ^! S9 d3 R" ]+ o) [
004011DD |. 6A 01 push 1
k1 q9 v/ F E9 A3 L004011DF |. A1 DC304000 mov eax, dword ptr [<&msvcrt.__set_a>
4 t- I- @- o3 x4 G' F: W! |004011E4 |. FFD0 call eax ; <&msvcrt.__set_app_type>
6 {. e1 I1 h& L: J. o( P# u# V+ z004011E6 |. E8 95FFFFFF call 00401180 : _3 u1 z* M+ Q0 T, C# ~
004011EB |. 31C0 xor eax, eax + f+ p7 A$ r- u
004011ED |. C9 leave + @; Z0 l0 A0 r7 H% o' ~+ y ]
004011EE \\. C3 retn , v- k# s+ `; f6 C. ?0 V4 n5 M. W
004011EF 90 nop 8 _5 [- r2 `' ?7 O: k4 D
004011F0 /. 55 push ebp 0 S+ D; O' ]. T: N9 x( I
004011F1 |. 89E5 mov ebp, esp
1 n) `* r+ B3 q7 U% }+ u9 q004011F3 |. 83EC 08 sub esp, 8
; y2 H- X, n' U9 u) C2 P' W6 `: [004011F6 |. 83C4 F4 add esp, -0C
C6 x3 y' y$ ~$ R004011F9 |. 6A 02 push 2 0 U8 @/ y6 @3 j# y! `2 B
004011FB |. A1 DC304000 mov eax, dword ptr [<&msvcrt.__set_a> & t" z+ J6 t) n! G/ S1 h Q2 q
00401200 |. FFD0 call eax ; <&msvcrt.__set_app_type>
7 _3 B- B$ J8 h: p% W2 w00401202 |. E8 79FFFFFF call 00401180
% g4 i+ O- @ L# T00401207 |. C9 leave 4 h4 s. h0 @) k9 Y i
00401208 \\. C3 retn
% ] ~3 x! h) J, d$ O7 t00401209 00 db 00 7 A" e6 m, n' Y" e+ e
0040120A 00 db 00 4 z9 K8 @5 G7 l5 c
0040120B 00 db 00 7 I! ?$ S @) v; X6 E
0040120C 00 db 00
) ]* D+ q2 u2 H5 a. D7 g0040120D 00 db 00 & a; \: b+ w. I# H% e2 _" v
0040120E 00 db 00
, W8 U9 Z5 L5 w% b& N( a/ s0040120F 00 db 00
% i/ W* Z' V0 r+ B% q0 f00401210 72 db 72 ; CHAR 'r' 3 g6 t4 I8 a- A1 Y& r4 e: N% t
00401211 00 db 00 + O, [' p' j7 X$ c G1 D9 X, ?) n" r
00401212 . 69 6E 70 75 7>ascii "input.txt",0 * X$ V. w1 C; I$ y: H) ?
0040121C . 43 61 6E 27 7>ascii "Can't Find input"
, B& b/ a2 _' Y/ F9 y0040122C . 2E 74 78 74 2>ascii ".txt!",0
4 Q0 N8 T; ~2 v B0 W7 F- W1 T00401232 77 db 77 ; CHAR 'w' 4 s2 \/ H- P | q4 y5 u6 H, x
00401233 00 db 00
" \, ]4 l* w0 E) n+ R00401234 . 6F 75 74 70 7>ascii "output.txt",0
1 \. y) c6 B) d0040123F . 43 61 6E 27 7>ascii "Can't Create out" ) @ \- T- ]9 h ?7 s! L2 H
0040124F . 70 75 74 2E 7>ascii "put.txt!",0
2 C( |- \8 h8 I5 O( l/ }7 f00401258 . 6F 6E 65 20 6>ascii "one char outpute"
5 g# V1 A( x' m/ j) e00401268 . 64 0A 00 ascii "d ( j' ?4 l i& E0 ^( m' O4 U
",0
: p' G6 j$ _3 j8 v5 h0040126B 90 nop
u5 d& f$ M7 R) k0040126C /$ 55 push ebp 1 n( l( m W m1 T
0040126D |. 89E5 mov ebp, esp & r$ J% k1 ^1 {4 `- u( P; t+ c
0040126F |. 83EC 18 sub esp, 18
2 [. L7 E% _9 j" ]% J00401272 |. E8 39010000 call 004013B0
, k1 s, g, b0 w$ q00401277 |. 83C4 F8 add esp, -8 6 L1 J/ v9 J8 M
0040127A |. 68 10124000 push 00401210 ; /mode = "r" 8 b4 O( x- J' n; b
0040127F |. 68 12124000 push 00401212 ; |path = "input.txt"
y/ [: c3 t0 E5 k00401284 |. E8 AF010000 call <jmp.&msvcrt.fopen> ; \\fopen " h- e' G0 Z) \. S$ J9 b% h/ R. b
00401289 |. 83C4 10 add esp, 10 / H, v! a: g- l% m+ v* `
0040128C |. 89C0 mov eax, eax 0 _& g- A$ f3 R0 f# H! E8 N+ t& @
0040128E |. 8945 FC mov dword ptr [ebp-4], eax
) t- P. |" d# U1 t00401291 |. 837D FC 00 cmp dword ptr [ebp-4], 0
4 r& s. F$ q8 P% w' P) U$ ]00401295 |. 75 10 jnz short 004012A7
. a2 f, f6 H4 T! P8 D1 G9 X00401297 |. 83C4 F4 add esp, -0C 1 s! O; \5 h' C
0040129A |. 68 1C124000 push 0040121C ; /format = "Can't Find input.txt!" 6 w) b( M9 y4 ]1 x
0040129F |. E8 8C010000 call <jmp.&msvcrt.printf> ; \\printf
7 J) O4 ~1 l+ |9 F. s% h" K004012A4 |. 83C4 10 add esp, 10 t5 P0 N* z4 U
004012A7 |> 83C4 F8 add esp, -8 1 X e9 V' L/ Z% l
004012AA |. 68 32124000 push 00401232 ; /mode = "w"
7 s; X) ^ P+ E6 Y& _! R004012AF |. 68 34124000 push 00401234 ; |path = "output.txt" & [$ U. i: O/ C
004012B4 |. E8 7F010000 call <jmp.&msvcrt.fopen> ; \\fopen C# ~' P8 T# e7 l
004012B9 |. 83C4 10 add esp, 10
8 [" f. F5 ~5 H% F3 T! d3 D004012BC |. 89C0 mov eax, eax ! [9 G/ V' b6 Z/ l* `! r
004012BE |. 8945 F8 mov dword ptr [ebp-8], eax
- k; a# s3 j0 b. J5 a: r W. [6 W004012C1 |. 837D F8 00 cmp dword ptr [ebp-8], 0 w. t& B0 A! G* m
004012C5 |. 75 10 jnz short 004012D7 7 w \7 o9 x5 `- ^
004012C7 |. 83C4 F4 add esp, -0C - K2 B' }" c4 C- s' `5 @9 }
004012CA |. 68 3F124000 push 0040123F ; /format = "Can't Create output.txt!"
1 K, u3 v0 O1 k004012CF |. E8 5C010000 call <jmp.&msvcrt.printf> ; \\printf
7 ~, E" y' S, D e/ e2 S004012D4 |. 83C4 10 add esp, 10 ' ?$ D: s. s5 }# D8 c( ?
004012D7 |> 83C4 F4 /add esp, -0C & f# n( \& _6 F2 R8 @; d* U: c8 y7 J9 \
004012DA |. 8B45 FC |mov eax, dword ptr [ebp-4] $ t. [2 C' F0 N! H Y* s
004012DD |. 50 |push eax ; /stream
! C- Y, { u9 _& Y7 v( P004012DE |. E8 45010000 |call <jmp.&msvcrt.fgetc> ; \\fgetc 6 \$ m E5 p, Z
004012E3 |. 83C4 10 |add esp, 10 # v1 Z0 V- k& U, l/ y U2 f( V
004012E6 |. 89C0 |mov eax, eax
% k# X: t/ r* v. b* p6 I/ R$ w004012E8 |. 8945 F4 |mov dword ptr [ebp-C], eax & s& i/ m) x( P- s
004012EB |. 817D F4 80000>|cmp dword ptr [ebp-C], 80
$ { w# W8 M+ j) q6 @3 U! T+ `004012F2 |. 7F 23 |jg short 00401317
; p8 n# G, w% x" E6 H/ v004012F4 |. 83C4 F8 |add esp, -8
; a! `9 }6 B) f* r004012F7 |. 8B45 F8 |mov eax, dword ptr [ebp-8]
. s( ~0 @" I. Y! v004012FA |. 50 |push eax ; /stream ! Y2 r$ { v* S+ L5 R7 ?
004012FB |. 8B45 F4 |mov eax, dword ptr [ebp-C] ; | / k/ c+ Q8 D% G7 H* y
004012FE |. 50 |push eax ; |c
1 L8 Q4 V4 q1 q004012FF |. E8 1C010000 |call <jmp.&msvcrt.fputc> ; \\fputc
# v, \1 \& C4 g! w- t. i00401304 |. 83C4 10 |add esp, 10 # N+ Z4 k* ~* h/ A5 \2 n3 V
00401307 |. 83C4 F4 |add esp, -0C
/ C: t& a- [1 Y9 C( H. @- n+ }0040130A |. 68 58124000 |push 00401258 ; /format = "one char outputed",LF,""
1 `4 ^& ?! D3 V b0040130F |. E8 1C010000 |call <jmp.&msvcrt.printf> ; \\printf
5 m4 Y8 ~) J5 k00401314 |. 83C4 10 |add esp, 10
; W0 T- Q' _3 |2 I0 M5 t7 b00401317 |> 837D F4 FF |cmp dword ptr [ebp-C], -1
( ^# D2 d0 J$ F1 S5 l0040131B |. 75 03 |jnz short 00401320
5 P, x6 I m7 t3 k+ q* b, i* ]1 G0040131D |. EB 03 |jmp short 00401322
m. O9 [& R8 U# c7 ?0040131F | 90 |nop
" J- \: a& B( O* ?00401320 |>^ EB B5 \\jmp short 004012D7 9 c6 b8 z* ?5 i/ |5 a6 y
00401322 |> C9 leave * R. F5 x- d" o1 m' `" N( u
00401323 \\. C3 retn ) w! V9 U9 g7 N1 Y v! V9 `
00401324 00 db 00
1 E7 ^( T' C6 I5 Y- j. X0 D00401325 00 db 00
9 m4 \2 y* Y# P7 x* J# a1 s00401326 00 db 00
: b8 b o( C# Q, |- c% n00401327 00 db 00
: M5 z+ H6 F. f& J& B00401328 00 db 00 # C7 U4 T7 W" z
00401329 00 db 00
% n/ {, z/ Q! M, U1 i; K0040132A 00 db 00
4 m+ G& R, C' y" g/ e! L0040132B 00 db 00
1 X% k2 k. c' z# |: r0040132C 00 db 00 1 V* h$ p. S: z
0040132D 00 db 00 / \) t/ z1 U0 S4 F+ g- H0 A
0040132E 00 db 00
' W# J/ m7 d! n/ q$ U; k0040132F 00 db 00 ) L" q' o2 c: i$ d
00401330 /. 55 push ebp
% E, g$ J! j* A; w$ r* a. k' s00401331 |. 89E5 mov ebp, esp
! _" d: e8 k9 t6 a8 _# y00401333 |. 83EC 08 sub esp, 8
' I; j% \- L6 N) F: ]00401336 |. A1 10204000 mov eax, dword ptr [402010] ; K) N7 x4 Z9 U$ K
0040133B |. 8338 00 cmp dword ptr [eax], 0 2 K! c1 ]; b( S/ J( ~( v) Y8 c
0040133E |. 74 1D je short 0040135D * j+ ^2 H8 N" R; @$ o1 k
00401340 |> A1 10204000 /mov eax, dword ptr [402010] 6 i ?; D1 G2 d% O# ]- U* Z
00401345 |. 8B00 |mov eax, dword ptr [eax] 5 m5 D# |0 l2 C( Z0 ~/ R
00401347 |. FFD0 |call eax
; ?7 ] L. A8 X. p H2 e' h# a6 g00401349 |. A1 10204000 |mov eax, dword ptr [402010]
, W6 S1 g- [( ^0 F, h& Q0040134E |. 8D50 04 |lea edx, dword ptr [eax+4]
& ?1 U, P" T4 m2 N& X00401351 |. 8915 10204000 |mov dword ptr [402010], edx ' }7 p0 S$ w: Q: `+ h; j) H+ M" a
00401357 |. 8378 04 00 |cmp dword ptr [eax+4], 0 3 ^* {6 v, E# x% i- r5 a5 d) s
0040135B |.^ 75 E3 \\jnz short 00401340 + U2 o7 z2 {1 ^& l) E e/ {, O+ |
0040135D |> C9 leave , p: E+ C. p. T% L( v
0040135E \\. C3 retn ; b6 Y, ]* i' G* J3 X
0040135F 90 nop
8 F2 V1 p/ h( ^$ @00401360 /$ 55 push ebp
" E3 V& m9 H3 d! Z$ @( p# R00401361 |. 89E5 mov ebp, esp 6 j& l A! c; h, }
00401363 |. 83EC 14 sub esp, 14
, j; B: w+ ~# ~00401366 |. 53 push ebx
3 \& p% m1 G6 U9 n L00401367 |. A1 58144000 mov eax, dword ptr [401458] + K1 R& O9 n' o* r8 T
0040136C |. 83F8 FF cmp eax, -1
3 s8 x4 T, I' x0 V0 f1 n! m0040136F |. 75 19 jnz short 0040138A 9 g1 n4 @$ w# t+ h
00401371 |. 31C0 xor eax, eax : ?1 a) r; M: P+ D8 q
00401373 |. 833D 5C144000>cmp dword ptr [40145C], 0
^+ A' j, F" E& h6 D0040137A |. 74 0E je short 0040138A $ I4 g/ [# i& h7 i0 y& D5 \; [
0040137C |. BA 5C144000 mov edx, 0040145C ! J) O% L) ~: s
00401381 |> 83C2 04 /add edx, 4 + F, r9 E# N3 X! q! h; o
00401384 |. 40 |inc eax ' l1 O- _4 ?1 E1 i# c( h
00401385 |. 833A 00 |cmp dword ptr [edx], 0 ' z; B8 O# E8 }
00401388 |.^ 75 F7 \\jnz short 00401381 4 F# L, V* q$ i$ }
0040138A |> 89C3 mov ebx, eax
/ C1 F+ \ x4 L d/ q0040138C |. 85DB test ebx, ebx
2 @0 F4 U: q% o4 o! l3 f- Q% ~0040138E |. 74 0C je short 0040139C
$ ~; ?2 p5 P* @$ E* Q) x00401390 |> 8B049D 581440>/mov eax, dword ptr [ebx*4+401458]
6 L, R) [, @$ v- m5 i6 E8 m00401397 |. FFD0 |call eax 3 ?0 {* }% j1 f, z7 S1 E# q. B
00401399 |. 4B |dec ebx
0 H4 R9 V8 C" q; [& s% G0040139A |.^ 75 F4 \\jnz short 00401390
) o, O* i. G+ [% s/ A& }- {( V2 @0040139C |> 83C4 F4 add esp, -0C 3 t1 M4 A h [& ^/ f6 \2 ?
0040139F |. 68 30134000 push 00401330 ; /func = engoutpu.00401330 ' h1 f; I3 E. h; S
004013A4 |. E8 97000000 call <jmp.&msvcrt.atexit> ; \\atexit
0 V* l# A: M- _3 d004013A9 |. 8B5D E8 mov ebx, dword ptr [ebp-18]
8 _/ p) h2 d/ S! f004013AC |. C9 leave . Q9 G! V* i$ C; V$ s0 _1 U( S
004013AD \\. C3 retn
% c3 D, |5 G+ Q2 G3 g1 t8 g0 I004013AE 89F6 mov esi, esi
% }) u, J, O7 v, B* G/ x. h0 g004013B0 /$ 55 push ebp ( O% u# I( D4 I& J! a
004013B1 |. 89E5 mov ebp, esp
) U/ D X% C% z004013B3 |. 83EC 08 sub esp, 8
2 Y+ j8 b: L+ T6 A004013B6 |. 833D 14204000>cmp dword ptr [402014], 0 / z- I# t( f0 {- ^* H' g3 g2 \
004013BD |. 75 0F jnz short 004013CE
0 q) K& z* u' ^6 O5 p% {7 n004013BF |. C705 14204000>mov dword ptr [402014], 1 2 y) m: t6 A* |7 s/ n# E
004013C9 |. E8 92FFFFFF call 00401360
6 j5 a5 U2 S6 t& T4 F4 t* I, X/ q' j004013CE |> C9 leave " M% Q% E R- O9 ?# b) L
004013CF \\. C3 retn y4 ~1 A7 G$ P' N; a
004013D0 .- FF25 AC304000 jmp dword ptr [<&msvcrt._fmode>] ; msvcrt._fmode 1 P, U. f8 c) b: ~( P
004013D6 90 nop . X5 x( E: F- u* W I
004013D7 90 nop + N$ U* T# ? f3 e
004013D8 .- FF25 B4304000 jmp dword ptr [<&msvcrt._iob>] ; msvcrt._iob
9 d3 ]9 O/ w* ]2 H8 s$ L& a; f; u004013DE 90 nop
" Q3 ]! i/ J2 e3 t7 g/ w004013DF 90 nop 6 n& s, z* [. V: [& ~
004013E0 .- FF25 DC304000 jmp dword ptr [<&msvcrt.__set_app_ty>; msvcrt.__set_app_type : e! e) `9 c( t
004013E6 90 nop
+ r3 T5 N) v z7 s* I004013E7 90 nop 8 E. x4 M! w8 @7 E! Y, T [: x! U
004013E8 $- FF25 A4304000 jmp dword ptr [<&msvcrt._cexit>] ; msvcrt._cexit
! j4 o4 b h+ P0 r/ N4 O3 [' |004013EE 90 nop
+ ?/ V, e! R0 E' M004013EF 90 nop
8 j+ R0 A; X) T) T& `004013F0 $- FF25 D0304000 jmp dword ptr [<&msvcrt.__p__environ>; msvcrt.__p__environ 3 K; }) F4 e1 |0 ?
004013F6 90 nop ! k: H; N% e, b1 I
004013F7 90 nop
" c+ k7 \* m2 J5 q* p004013F8 $- FF25 B0304000 jmp dword ptr [<&msvcrt._fpreset>] ; msvcrt._fpreset
$ a9 S ^) }1 d9 `004013FE 90 nop 2 }( ~( V& ~1 S8 Q0 V5 s
004013FF 90 nop
3 z1 F" v3 s1 b. h6 t6 p: i! Q00401400 $- FF25 D8304000 jmp dword ptr [<&msvcrt.signal>] ; msvcrt.signal ' N% [7 E. i5 E3 _* Y+ `* }
00401406 90 nop
Y* E" `# g! K6 M00401407 90 nop 5 `& m& O& |7 [1 o
00401408 $- FF25 A8304000 jmp dword ptr [<&msvcrt._fileno>] ; msvcrt._fileno
8 f' }0 x. r8 m# p+ F; c0040140E 90 nop 8 A g# m$ p7 ^
0040140F 90 nop $ M" W7 N1 @4 A" T# h2 O R; H
00401410 $- FF25 B8304000 jmp dword ptr [<&msvcrt._setmode>] ; msvcrt._setmode
, H: ?* W# Q6 D* G/ N D& D+ b' p00401416 90 nop " [; G4 s# r; P, P7 w: \
00401417 90 nop ! L9 U) ?5 s% \" n# q& u
00401418 $- FF25 BC304000 jmp dword ptr [<&msvcrt.__getmainarg>; msvcrt.__getmainargs
/ u; s; H; E) X0040141E 90 nop / T0 q0 \& c, I& E; \7 u$ n4 R
0040141F 90 nop
4 a5 h' y' F+ t/ L+ W00401420 $- FF25 CC304000 jmp dword ptr [<&msvcrt.fputc>] ; msvcrt.putc 5 Y" Q7 P' `+ ]0 n; l
00401426 90 nop ; } y/ G( Y( W
00401427 90 nop & A" k8 ~6 j+ y# R2 x& X9 U
00401428 $- FF25 C4304000 jmp dword ptr [<&msvcrt.fgetc>] ; msvcrt.getc
! w! A6 ?. o, z( c, ~0040142E 90 nop S6 i3 H2 d% v% r+ n
0040142F 90 nop
! e% l' k0 B$ B0 @& w% V00401430 $- FF25 D4304000 jmp dword ptr [<&msvcrt.printf>] ; msvcrt.printf
. o+ g. W% F& M! U5 L00401436 90 nop
* b6 U+ b/ I8 H/ _: o' {4 C00401437 90 nop : o1 K$ T) k \( b
00401438 $- FF25 C8304000 jmp dword ptr [<&msvcrt.fopen>] ; msvcrt.fopen
# y; y5 y" u8 @( j" A0040143E 90 nop
( d. _/ `$ r9 ^5 w* e0040143F 90 nop 1 P' m) D; `8 S+ S) M
00401440 $- FF25 C0304000 jmp dword ptr [<&msvcrt.atexit>] ; msvcrt.atexit
y% Q j1 v' c% }* X00401446 90 nop ' u; g# v. H4 P/ M
00401447 90 nop [9 p; C/ N; a' r, s1 X' N! L
00401448 $- FF25 98304000 jmp dword ptr [<&KERNEL32.SetUnhandl>; kernel32.SetUnhandledExceptionFilter 9 {/ T& K h6 M O, V5 E
0040144E 90 nop 0 U3 {( L# w) o% G6 J0 G; P" j8 E
0040144F 90 nop
' n( M: K" N1 ^00401450 .- FF25 94304000 jmp dword ptr [<&KERNEL32.ExitProces>; kernel32.ExitProcess * I. P6 ~: s- _. |4 C# l, w( z
00401456 90 nop
3 L7 t; F4 c/ @/ _00401457 90 nop ! X( t X) K, \$ X4 s. [4 q4 d; q8 `% I
00401458 . FFFFFFFF dd FFFFFFFF ' ?1 {$ d# f( D
0040145C . 00000000 dd 00000000
( T$ z) {8 b8 B0 A; n00401460 FF db FF
K( X: R8 p. c; [- Y9 m00401461 FF db FF
$ v/ E; ]" z5 p: O0 K2 `00401462 FF db FF
' i, G, f6 `3 Q; y+ I* d; ~00401463 FF db FF
- Q" q! [$ k8 j5 J( \0 [9 V00401464 00 db 00 , e6 G; k, }0 X# I/ ~
00401465 00 db 00 & G& y9 h1 t0 G E& ^4 q$ b
00401466 00 db 00
- G/ c9 ^/ t1 j1 K4 U' V5 v00401467 00 db 00 |
发表于 2009-10-8 17:41
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
发表于 2009-10-10 19:10
楼主
