这个是AES还是
本帖最后由 y8160000 于 2025-4-23 13:31 编辑70bbc7de如何转变成105f314afb3dc4d665592de15cda369a
ade99f52如何转变成0b23dab349ac928d955737f329b86c61
高手指点一下这个是如何加密码变成这串数据的。
attach://107073.rar
attach://107074.rar
经过分析代码
0045CFD0 .8B85 BCFEFFFF mov eax,dword ptr ss:
0045CFD6 .8D95 C0FEFFFF lea edx,dword ptr ss:
0045CFDC .E8 43B1FAFF call InitCame.00408124
0045CFE1 .8B85 C0FEFFFF mov eax,dword ptr ss:
0045CFE7 .8D95 C4FEFFFF lea edx,dword ptr ss:
0045CFED .E8 26EFFFFF call InitCame.0045BF18
0045CFF2 .8D85 C4FEFFFF lea eax,dword ptr ss:
0045CFF8 .8D95 D4FEFFFF lea edx,dword ptr ss:
0045CFFE .E8 89EFFFFF call InitCame.0045BF8C
0045D003 .8B95 D4FEFFFF mov edx,dword ptr ss:
0045D009 .8B45 E8 mov eax,dword ptr ss:
0045D00C .E8 1776FAFF call InitCame.00404628
0045D011 .75 06 jnz short InitCame.0045D019
0045D013 .C645 E7 01 mov byte ptr ss:,0x1
0045D017 .EB 08 jmp short InitCame.0045D021
0045D019 >46 inc esi ;InitCame.<ModuleEntryPoint>
0045D01A .4B dec ebx
0045D01B .^ 0F85 6EFFFFFF jnz InitCame.0045CF8F
0045D021 >807D E7 00 cmp byte ptr ss:,0x0
0045D025 .75 14 jnz short InitCame.0045D03B
0045D027 .B8 20D24500 mov eax,InitCame.0045D220 ;相机序列号不符.
0045D02C .E8 0FF6FFFF call InitCame.0045C640
0045D031 .E8 A66CFAFF call InitCame.00403CDC
0045D036 .E9 69010000 jmp InitCame.0045D1A4
0045D03B >FF75 F4 push dword ptr ss: ;kernel32.75D75D49
0045D03E .68 38D24500 push InitCame.0045D238 ;pk
0045D043 .68 44D24500 push InitCame.0045D244 ;G2HT0Z1N8
0045D048 .8D85 B8FEFFFF lea eax,dword ptr ss:
0045D04E .BA 03000000 mov edx,0x3
0045D053 .E8 4475FAFF call InitCame.0040459C
0045D058 .8B85 B8FEFFFF mov eax,dword ptr ss:
0045D05E .8D95 C4FEFFFF lea edx,dword ptr ss:
0045D064 .E8 AFEEFFFF call InitCame.0045BF18
0045D069 .8D85 C4FEFFFF lea eax,dword ptr ss:
然后将JNZ改为JZ直接跳转可初始化成功。
实际要看的是计算的过程,而不是拿一串数据来硬刚它的结果,如果硬要实现这个结果,那计算方法有万万种 感觉像是MD5,后面的字符串长度符合md5的长度 wangjf1985 发表于 2025-4-23 08:58
感觉像是MD5,后面的字符串长度符合md5的长度
不一样,只是说像
页:
[1]