一个奇怪的算法!
这是算法部分,分析了一通也没弄明白是怎么回事!高手请指点下!
0040C730 > \55 PUSH EBP
0040C731 .8BEC MOV EBP,ESP
0040C733 .6A FF PUSH -1
0040C735 .68 70D34500 PUSH HAMS.0045D370 ;SE 处理程序安装
0040C73A .64:A1 0000000>MOV EAX,DWORD PTR FS:
0040C740 .50 PUSH EAX ;
0040C741 .64:8925 00000>MOV DWORD PTR FS:,ESP
0040C748 .81EC 84020000 SUB ESP,284 ;
0040C74E .53 PUSH EBX
0040C74F .56 PUSH ESI ;
0040C750 .57 PUSH EDI
0040C751 .894D F0 MOV DWORD PTR SS:,ECX
0040C754 .6A 10 PUSH 10
0040C756 .6A 00 PUSH 0
0040C758 .6A 03 PUSH 3
0040C75A .6A 00 PUSH 0
0040C75C .8D85 10FEFFFF LEA EAX,DWORD PTR SS:
0040C762 .50 PUSH EAX ;
0040C763 .8B4D F0 MOV ECX,DWORD PTR SS:
0040C766 .81C1 5C020000 ADD ECX,25C
0040C76C .E8 5BE70400 CALL <JMP.&MFC42D.#3555>
0040C771 .8985 ECFDFFFF MOV DWORD PTR SS:,EAX
0040C777 .8B8D ECFDFFFF MOV ECX,DWORD PTR SS:
0040C77D .898D E8FDFFFF MOV DWORD PTR SS:,ECX
0040C783 .C745 FC 00000>MOV DWORD PTR SS:,0
0040C78A .8B8D E8FDFFFF MOV ECX,DWORD PTR SS:
0040C790 .E8 EDE50400 CALL <JMP.&MFC42D.#880>
0040C795 .50 PUSH EAX ; |s 取试练码的前三位
0040C796 .FF15 C4084A00 CALL DWORD PTR DS:[<&MSVCRTD.strtol>] ; \strtol
0040C79C .83C4 0C ADD ESP,0C
0040C79F .8945 E8 MOV DWORD PTR SS:,EAX
0040C7A2 .C745 FC FFFFF>MOV DWORD PTR SS:,-1
0040C7A9 .8D8D 10FEFFFF LEA ECX,DWORD PTR SS:
0040C7AF .E8 B4E40400 CALL <JMP.&MFC42D.#684>
0040C7B4 .6A 10 PUSH 10
0040C7B6 .6A 00 PUSH 0
0040C7B8 .6A 03 PUSH 3
0040C7BA .6A 03 PUSH 3
0040C7BC .8D95 0CFEFFFF LEA EDX,DWORD PTR SS:
0040C7C2 .52 PUSH EDX
0040C7C3 .8B4D F0 MOV ECX,DWORD PTR SS:
0040C7C6 .81C1 5C020000 ADD ECX,25C
0040C7CC .E8 FBE60400 CALL <JMP.&MFC42D.#3555>
0040C7D1 .8985 E4FDFFFF MOV DWORD PTR SS:,EAX
0040C7D7 .8B85 E4FDFFFF MOV EAX,DWORD PTR SS:
0040C7DD .8985 E0FDFFFF MOV DWORD PTR SS:,EAX
0040C7E3 .C745 FC 01000>MOV DWORD PTR SS:,1
0040C7EA .8B8D E0FDFFFF MOV ECX,DWORD PTR SS:
0040C7F0 .E8 8DE50400 CALL <JMP.&MFC42D.#880>
0040C7F5 .50 PUSH EAX ; |s = "456" 接着取下三位
0040C7F6 .FF15 C4084A00 CALL DWORD PTR DS:[<&MSVCRTD.strtol>] ; \strtol
0040C7FC .83C4 0C ADD ESP,0C
0040C7FF .8945 E4 MOV DWORD PTR SS:,EAX
0040C802 .C745 FC FFFFF>MOV DWORD PTR SS:,-1
0040C809 .8D8D 0CFEFFFF LEA ECX,DWORD PTR SS:
0040C80F .E8 54E40400 CALL <JMP.&MFC42D.#684>
0040C814 .6A 10 PUSH 10
0040C816 .6A 00 PUSH 0
0040C818 .6A 03 PUSH 3
0040C81A .6A 06 PUSH 6
0040C81C .8D8D 08FEFFFF LEA ECX,DWORD PTR SS:
0040C822 .51 PUSH ECX
0040C823 .8B4D F0 MOV ECX,DWORD PTR SS:
0040C826 .81C1 5C020000 ADD ECX,25C
0040C82C .E8 9BE60400 CALL <JMP.&MFC42D.#3555>
0040C831 .8985 DCFDFFFF MOV DWORD PTR SS:,EAX
0040C837 .8B95 DCFDFFFF MOV EDX,DWORD PTR SS:
0040C83D .8995 D8FDFFFF MOV DWORD PTR SS:,EDX
0040C843 .C745 FC 02000>MOV DWORD PTR SS:,2
0040C84A .8B8D D8FDFFFF MOV ECX,DWORD PTR SS:
0040C850 .E8 2DE50400 CALL <JMP.&MFC42D.#880>
0040C855 .50 PUSH EAX ; |s 接着取三位
0040C856 .FF15 C4084A00 CALL DWORD PTR DS:[<&MSVCRTD.strtol>] ; \strtol
0040C85C .83C4 0C ADD ESP,0C
0040C85F .8945 EC MOV DWORD PTR SS:,EAX
0040C862 .C745 FC FFFFF>MOV DWORD PTR SS:,-1
0040C869 .8D8D 08FEFFFF LEA ECX,DWORD PTR SS:
0040C86F .E8 F4E30400 CALL <JMP.&MFC42D.#684>
0040C874 .6A 10 PUSH 10
0040C876 .6A 00 PUSH 0
0040C878 .6A 03 PUSH 3
0040C87A .6A 09 PUSH 9
0040C87C .8D85 04FEFFFF LEA EAX,DWORD PTR SS:
0040C882 .50 PUSH EAX
0040C883 .8B4D F0 MOV ECX,DWORD PTR SS:
0040C886 .81C1 5C020000 ADD ECX,25C
0040C88C .E8 3BE60400 CALL <JMP.&MFC42D.#3555>
0040C891 .8985 D4FDFFFF MOV DWORD PTR SS:,EAX
0040C897 .8B8D D4FDFFFF MOV ECX,DWORD PTR SS:
0040C89D .898D D0FDFFFF MOV DWORD PTR SS:,ECX
0040C8A3 .C745 FC 03000>MOV DWORD PTR SS:,3
0040C8AA .8B8D D0FDFFFF MOV ECX,DWORD PTR SS:
0040C8B0 .E8 CDE40400 CALL <JMP.&MFC42D.#880>
0040C8B5 .50 PUSH EAX ; |s 取最后三位
0040C8B6 .FF15 C4084A00 CALL DWORD PTR DS:[<&MSVCRTD.strtol>] ; \strtol
0040C8BC .83C4 0C ADD ESP,0C
0040C8BF .8945 DC MOV DWORD PTR SS:,EAX
0040C8C2 .C745 FC FFFFF>MOV DWORD PTR SS:,-1
0040C8C9 .8D8D 04FEFFFF LEA ECX,DWORD PTR SS:
0040C8CF .E8 94E30400 CALL <JMP.&MFC42D.#684>
0040C8D4 .6A 10 PUSH 10
0040C8D6 .6A 00 PUSH 0
0040C8D8 .6A 03 PUSH 3
0040C8DA .6A 0C PUSH 0C
0040C8DC .8D95 00FEFFFF LEA EDX,DWORD PTR SS:
0040C8E2 .52 PUSH EDX
0040C8E3 .8B4D F0 MOV ECX,DWORD PTR SS:
0040C8E6 .81C1 5C020000 ADD ECX,25C
0040C8EC .E8 DBE50400 CALL <JMP.&MFC42D.#3555>
0040C8F1 .8985 CCFDFFFF MOV DWORD PTR SS:,EAX
0040C8F7 .8B85 CCFDFFFF MOV EAX,DWORD PTR SS:
0040C8FD .8985 C8FDFFFF MOV DWORD PTR SS:,EAX
0040C903 .C745 FC 04000>MOV DWORD PTR SS:,4
0040C90A .8B8D C8FDFFFF MOV ECX,DWORD PTR SS:
0040C910 .E8 6DE40400 CALL <JMP.&MFC42D.#880>
0040C915 .50 PUSH EAX ; |s
0040C916 .FF15 C4084A00 CALL DWORD PTR DS:[<&MSVCRTD.strtol>] ; \strtol
0040C91C .83C4 0C ADD ESP,0C
0040C91F .8945 E0 MOV DWORD PTR SS:,EAX
0040C922 .C745 FC FFFFF>MOV DWORD PTR SS:,-1
0040C929 .8D8D 00FEFFFF LEA ECX,DWORD PTR SS:
0040C92F .E8 34E30400 CALL <JMP.&MFC42D.#684>
0040C934 .6A 10 PUSH 10
0040C936 .6A 00 PUSH 0
0040C938 .6A 03 PUSH 3
0040C93A .6A 0F PUSH 0F
0040C93C .8D8D FCFDFFFF LEA ECX,DWORD PTR SS:
0040C942 .51 PUSH ECX
0040C943 .8B4D F0 MOV ECX,DWORD PTR SS:
0040C946 .81C1 5C020000 ADD ECX,25C
0040C94C .E8 7BE50400 CALL <JMP.&MFC42D.#3555>
0040C951 .8985 C4FDFFFF MOV DWORD PTR SS:,EAX
0040C957 .8B95 C4FDFFFF MOV EDX,DWORD PTR SS:
0040C95D .8995 C0FDFFFF MOV DWORD PTR SS:,EDX
0040C963 .C745 FC 05000>MOV DWORD PTR SS:,5
0040C96A .8B8D C0FDFFFF MOV ECX,DWORD PTR SS:
0040C970 .E8 0DE40400 CALL <JMP.&MFC42D.#880>
0040C975 .50 PUSH EAX ; |s
0040C976 .FF15 C4084A00 CALL DWORD PTR DS:[<&MSVCRTD.strtol>] ; \strtol
0040C97C .83C4 0C ADD ESP,0C
0040C97F .8945 D8 MOV DWORD PTR SS:,EAX
0040C982 .C745 FC FFFFF>MOV DWORD PTR SS:,-1
0040C989 .8D8D FCFDFFFF LEA ECX,DWORD PTR SS:
0040C98F .E8 D4E20400 CALL <JMP.&MFC42D.#684>
0040C994 .C745 BC 00000>MOV DWORD PTR SS:,0
0040C99B .EB 09 JMP SHORT HAMS.0040C9A6
0040C99D >8B45 BC MOV EAX,DWORD PTR SS:
0040C9A0 .83C0 01 ADD EAX,1
0040C9A3 .8945 BC MOV DWORD PTR SS:,EAX
0040C9A6 >837D BC 06 CMP DWORD PTR SS:,6
0040C9AA .7D 26 JGE SHORT HAMS.0040C9D2
0040C9AC .8B4D BC MOV ECX,DWORD PTR SS:
0040C9AF .8B448D D8 MOV EAX,DWORD PTR SS:
0040C9B3 .83E8 59 SUB EAX,59
0040C9B6 .99 CDQ
0040C9B7 .2BC2 SUB EAX,EDX
0040C9B9 .D1F8 SAR EAX,1
0040C9BB .83C0 17 ADD EAX,17
0040C9BE .99 CDQ
0040C9BF .B9 03000000 MOV ECX,3
0040C9C4 .F7F9 IDIV ECX
0040C9C6 .83E8 0C SUB EAX,0C
0040C9C9 .8B55 BC MOV EDX,DWORD PTR SS:
0040C9CC .894495 C0 MOV DWORD PTR SS:,EAX
0040C9D0 .^ EB CB JMP SHORT HAMS.0040C99D
0040C9D2 >8B45 D4 MOV EAX,DWORD PTR SS:
0040C9D5 .50 PUSH EAX ; /<%02X>
0040C9D6 .8B4D D0 MOV ECX,DWORD PTR SS: ; |
0040C9D9 .51 PUSH ECX ; |<%02X>
0040C9DA .8B55 CC MOV EDX,DWORD PTR SS: ; |
0040C9DD .52 PUSH EDX ; |<%02X>
0040C9DE .8B45 C8 MOV EAX,DWORD PTR SS: ; |
0040C9E1 .50 PUSH EAX ; |<%02X>
0040C9E2 .8B4D C4 MOV ECX,DWORD PTR SS: ; |
0040C9E5 .51 PUSH ECX ; |<%02X>
0040C9E6 .8B55 C0 MOV EDX,DWORD PTR SS: ; |
0040C9E9 .52 PUSH EDX ; |<%02X>
0040C9EA .68 88284900 PUSH HAMS.00492888 ; |%02X%02X%02X%02X%02X%02X\n 生成注册所需的字符串
0040C9EF .8D85 F4FEFFFF LEA EAX,DWORD PTR SS: ; |
0040C9F5 .50 PUSH EAX ; |s
0040C9F6 .FF15 C0084A00 CALL DWORD PTR DS:[<&MSVCRTD.sprintf>] ; \sprintf
0040C9FC .83C4 20 ADD ESP,20
0040C9FF .8B4D F0 MOV ECX,DWORD PTR SS:
0040CA02 .E8 AE54FFFF CALL HAMS.00401EB5
0040CA07 .C745 BC 00000>MOV DWORD PTR SS:,0
0040CA0E .EB 09 JMP SHORT HAMS.0040CA19
0040CA10 >8B4D BC MOV ECX,DWORD PTR SS:
0040CA13 .83C1 01 ADD ECX,1
0040CA16 .894D BC MOV DWORD PTR SS:,ECX
0040CA19 >837D BC 06 CMP DWORD PTR SS:,6
0040CA1D .7D 17 JGE SHORT HAMS.0040CA36
0040CA1F .8B55 F0 MOV EDX,DWORD PTR SS:
0040CA22 .0355 BC ADD EDX,DWORD PTR SS:
0040CA25 .33C0 XOR EAX,EAX
0040CA27 .8A42 04 MOV AL,BYTE PTR DS:
0040CA2A .8B4D BC MOV ECX,DWORD PTR SS:
0040CA2D .89848D DCFEFF>MOV DWORD PTR SS:,EAX
0040CA34 .^ EB DA JMP SHORT HAMS.0040CA10
0040CA36 >8B95 F0FEFFFF MOV EDX,DWORD PTR SS:
0040CA3C .52 PUSH EDX ; /<%02X>
0040CA3D .8B85 ECFEFFFF MOV EAX,DWORD PTR SS: ; |
0040CA43 .50 PUSH EAX ; |<%02X>
0040CA44 .8B8D E8FEFFFF MOV ECX,DWORD PTR SS: ; |
0040CA4A .51 PUSH ECX ; |<%02X>
0040CA4B .8B95 E4FEFFFF MOV EDX,DWORD PTR SS: ; |
0040CA51 .52 PUSH EDX ; |<%02X>
0040CA52 .8B85 E0FEFFFF MOV EAX,DWORD PTR SS: ; |
0040CA58 .50 PUSH EAX ; |<%02X>
0040CA59 .8B8D DCFEFFFF MOV ECX,DWORD PTR SS: ; |
0040CA5F .51 PUSH ECX ; |<%02X>
0040CA60 .68 88284900 PUSH HAMS.00492888 ; |%02X%02X%02X%02X%02X%02X\n
0040CA65 .8D95 14FEFFFF LEA EDX,DWORD PTR SS: ; |
0040CA6B .52 PUSH EDX ; |s
0040CA6C .FF15 C0084A00 CALL DWORD PTR DS:[<&MSVCRTD.sprintf>] ; \sprintf
0040CA72 .83C4 20 ADD ESP,20
0040CA75 .8D85 14FEFFFF LEA EAX,DWORD PTR SS:
0040CA7B .50 PUSH EAX
0040CA7C .8D8D F4FDFFFF LEA ECX,DWORD PTR SS:
0040CA82 .E8 25E30400 CALL <JMP.&MFC42D.#487>
0040CA87 .8985 BCFDFFFF MOV DWORD PTR SS:,EAX
0040CA8D .8B8D BCFDFFFF MOV ECX,DWORD PTR SS:
0040CA93 .898D B8FDFFFF MOV DWORD PTR SS:,ECX
0040CA99 .C745 FC 06000>MOV DWORD PTR SS:,6
0040CAA0 .8B95 B8FDFFFF MOV EDX,DWORD PTR SS:
0040CAA6 .52 PUSH EDX
0040CAA7 .8D85 F4FEFFFF LEA EAX,DWORD PTR SS:
0040CAAD .50 PUSH EAX
0040CAAE .8D8D F0FDFFFF LEA ECX,DWORD PTR SS:
0040CAB4 .E8 F3E20400 CALL <JMP.&MFC42D.#487>
0040CAB9 .8985 B4FDFFFF MOV DWORD PTR SS:,EAX
0040CABF .8B8D B4FDFFFF MOV ECX,DWORD PTR SS:
0040CAC5 .898D B0FDFFFF MOV DWORD PTR SS:,ECX
0040CACB .C645 FC 07 MOV BYTE PTR SS:,7
0040CACF .8B95 B0FDFFFF MOV EDX,DWORD PTR SS:
0040CAD5 .52 PUSH EDX
0040CAD6 .E8 EBE30400 CALL <JMP.&MFC42D.#812>
0040CADB .8885 F8FDFFFF MOV BYTE PTR SS:,AL
0040CAE1 .C645 FC 06 MOV BYTE PTR SS:,6
0040CAE5 .8D8D F0FDFFFF LEA ECX,DWORD PTR SS:
0040CAEB .E8 78E10400 CALL <JMP.&MFC42D.#684>
0040CAF0 .C745 FC FFFFF>MOV DWORD PTR SS:,-1
0040CAF7 .8D8D F4FDFFFF LEA ECX,DWORD PTR SS:
0040CAFD .E8 66E10400 CALL <JMP.&MFC42D.#684>
0040CB02 .8B85 F8FDFFFF MOV EAX,DWORD PTR SS:
0040CB08 .25 FF000000 AND EAX,0FF
0040CB0D .85C0 TEST EAX,EAX
0040CB0F .74 07 JE SHORT HAMS.0040CB18
0040CB11 .B8 01000000 MOV EAX,1
0040CB16 .EB 02 JMP SHORT HAMS.0040CB1A
0040CB18 >33C0 XOR EAX,EAX
0040CB1A >8B4D F4 MOV ECX,DWORD PTR SS:
0040CB1D .64:890D 00000>MOV DWORD PTR FS:,ECX
0040CB24 .5F POP EDI
0040CB25 .5E POP ESI
0040CB26 .5B POP EBX
0040CB27 .8BE5 MOV ESP,EBP
0040CB29 .5D POP EBP
0040CB2A .C3 RETN 我觉得如果原程序不大的话最好上传上来,这么看好枯燥的..
页:
[1]