[原创]VB P-code粗略分析(4) by moodsky
转自:http://www.pediy.com/bbshtml/bbs7/pediy7-86.htm标 题: [原创]VB P-code粗略分析(4)
发帖人:moodsky
时 间: 2005-02-18 18:14
原文链接:http://bbs.pediy.com/showthread.php?threadid=11253
详细信息:
VB P-code粗略分析-CrackMe2005 #2 by KuNgBiM
用这个Crackme来做了一下分析,作者提供了两个加壳的版本,也没客气直接用PEID把UPX的托了继续分析。
下载:附件下载
用OD下bp VarBstrCmp可直接到注册码,看来程序里变量比较比较多。
:0040298004E4FC FLdRfVar ;Push LOCAL_031C // 开辟内存空间[文本内容]
:0040298321 FLdPrThis ;= \
:004029840F1403 VCallAd ;Return the control index 07 / 获得窗体句柄
:0040298719E8FC FStAdFunc ;// 取propget过程地址
:0040298A08E8FC FLdPr ;= //加载过程
***********Reference To:TextBox.Text
|
:0040298D0DA0000000 VCallHresult ;Call ptr_004020FC // 获得文本框中的内容
:004029923EE4FC FLdZeroAd ;Push DWORD ; =0 // 将字符释放
:0040299546D4FC CVarStr ;// 字符串-〉变量
:00402998FCF66CFF FStVar ;
:0040299C1AE8FC FFree1Ad ;Push ; Call [[]+8]; []=0
******Possible String Ref To->""
|
:0040299F3AC4FC0100 LitVarStr ;PushVarString ptr_00402110 // 装入字符串变量
:004029A4FD005CFF FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"你"
|
:004029A83AC4FC0200 LitVarStr ;PushVarString ptr_00402118 // 装入字符串变量
:004029ADFD004CFF FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"成"
|
:004029B13AC4FC0300 LitVarStr ;PushVarString ptr_00402120 // 装入字符串变量
:004029B6FD003CFF FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"失"
|
:004029BA3AC4FC0400 LitVarStr ;PushVarString ptr_00402128 // 装入字符串变量
:004029BFFD002CFF FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"功"
|
:004029C33AC4FC0500 LitVarStr ;PushVarString ptr_00402130 // 装入字符串变量
:004029C8FD001CFF FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"败"
|
:004029CC3AC4FC0600 LitVarStr ;PushVarString ptr_00402138 // 装入字符串变量
:004029D1FD000CFF FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"么"
|
:004029D53AC4FC0700 LitVarStr ;PushVarString ptr_00402140 // 装入字符串变量
:004029DAFD007CFD FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"了"
|
:004029DE3AC4FC0800 LitVarStr ;PushVarString ptr_00402148 // 装入字符串变量
:004029E3FD00FCFE FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"!!"
|
:004029E73AC4FC0900 LitVarStr ;PushVarString ptr_00402150 // 装入字符串变量
:004029ECFD00ECFE FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"已"
|
:004029F03AC4FC0A00 LitVarStr ;PushVarString ptr_0040215C // 装入字符串变量
:004029F5FD001CFE FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"不"
|
:004029F93AC4FC0B00 LitVarStr ;PushVarString ptr_00402164 // 装入字符串变量
:004029FEFD00DCFE FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"加"
|
:00402A023AC4FC0C00 LitVarStr ;PushVarString ptr_0040216C // 装入字符串变量
:00402A07FD00CCFE FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"手"
|
:00402A0B3AC4FC0D00 LitVarStr ;PushVarString ptr_00402174 // 装入字符串变量
:00402A10FD00BCFE FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"懒"
|
:00402A143AC4FC0E00 LitVarStr ;PushVarString ptr_0040217C // 装入字符串变量
:00402A19FD00FCFC FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"输"
|
:00402A1D3AC4FC0F00 LitVarStr ;PushVarString ptr_00402184 // 装入字符串变量
:00402A22FD00ECFD FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"油"
|
:00402A263AC4FC1000 LitVarStr ;PushVarString ptr_0040218C // 装入字符串变量
:00402A2BFD00ACFE FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->","
|
:00402A2F3AC4FC1100 LitVarStr ;PushVarString ptr_00402194 // 装入字符串变量
:00402A34FD009CFE FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"吸"
|
:00402A383AC4FC1200 LitVarStr ;PushVarString ptr_0040219C // 装入字符串变量
:00402A3DFD008CFE FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"册"
|
:00402A413AC4FC1300 LitVarStr ;PushVarString ptr_004021A4 // 装入字符串变量
:00402A46FD000CFE FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"要"
|
:00402A4A3AC4FC1400 LitVarStr ;PushVarString ptr_004021AC // 装入字符串变量
:00402A4FFD007CFE FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"哈"
|
:00402A533AC4FC1500 LitVarStr ;PushVarString ptr_004021B4 // 装入字符串变量
:00402A58FD002CFD FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"都"
|
:00402A5C3AC4FC1600 LitVarStr ;PushVarString ptr_004021BC // 装入字符串变量
:00402A61FD00DCFD FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"次"
|
:00402A653AC4FC1700 LitVarStr ;PushVarString ptr_004021C4 // 装入字符串变量
:00402A6AFD006CFE FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"続"
|
:00402A6E3AC4FC1800 LitVarStr ;PushVarString ptr_004021CC // 装入字符串变量
:00402A73FD00CCFD FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"那"
|
:00402A773AC4FC1900 LitVarStr ;PushVarString ptr_004021D4 // 装入字符串变量
:00402A7CFD00BCFD FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"?"
|
:00402A803AC4FC1A00 LitVarStr ;PushVarString ptr_004021DC // 装入字符串变量
:00402A85FD002CFE FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"告"
|
:00402A893AC4FC1B00 LitVarStr ;PushVarString ptr_004021E4 // 装入字符串变量
:00402A8EFD00ACFD FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"?"
|
:00402A923AC4FC1C00 LitVarStr ;PushVarString ptr_004021EC // 装入字符串变量
:00402A97FD009CFD FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"这"
|
:00402A9B3AC4FC1D00 LitVarStr ;PushVarString ptr_004021F4 // 装入字符串变量
:00402AA0FD005CFE FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"譯"
|
:00402AA43AC4FC1E00 LitVarStr ;PushVarString ptr_004021FC // 装入字符串变量
:00402AA9FD00FCFD FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"蕋"
|
:00402AAD3AC4FC1F00 LitVarStr ;PushVarString ptr_00402204 // 装入字符串变量
:00402AB2FD008CFD FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"肰"
|
:00402AB63AC4FC2000 LitVarStr ;PushVarString ptr_0040220C // 装入字符串变量
:00402ABBFD006CFD FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"蚉"
|
:00402ABF3AC4FC2100 LitVarStr ;PushVarString ptr_00402214 // 装入字符串变量
:00402AC4FD005CFD FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"?"
|
:00402AC83AC4FC2200 LitVarStr ;PushVarString ptr_0040221C // 装入字符串变量
:00402ACDFD004CFD FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"?"
|
:00402AD13AC4FC2300 LitVarStr ;PushVarString ptr_00402224 // 装入字符串变量
:00402AD6FD003CFD FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"?"
|
:00402ADA3AC4FC2400 LitVarStr ;PushVarString ptr_0040222C // 装入字符串变量
:00402ADFFD001CFD FStVarCopy ;=vbaVarCopy(Pop) // 复制到内存
******Possible String Ref To->"吧"
|
:00402AE33AC4FC2500 LitVarStr ;PushVarString ptr_00402234 // 装入字符串变量
:00402AE8FD000CFD FStVarCopy ;=vbaVarCopy(Pop)
:00402AEC04E4FC FLdRfVar ;Push LOCAL_031C // 开辟内存空间
:00402AEF21 FLdPrThis ;= \
:00402AF00F1403 VCallAd ;Return the control index 07 / 获得窗体句柄
:00402AF319E8FC FStAdFunc ;// 取propget过程地址
:00402AF608E8FC FLdPr ;= // 加载过程
***********Reference To:TextBox.Text
|
:00402AF90DA0000000 VCallHresult ;Call ptr_004020FC // 获得文本框中的内容
:00402AFE6CE4FC ILdRf ;Push DWORD // 字符串入栈
:00402B014A FnLenStr ;vbaLenBstr //计算长度
:00402B02FD69C4FC CVarI4 ;
:00402B06FCF63CFE FStVar ;
:00402B0A2FE4FC FFree1Str ;SysFreeString ; =0
:00402B0D1AE8FC FFree1Ad ;Push ; Call [[]+8]; []=0
:00402B1028B4FC0100 LitVarI2 ;PushVarInteger 0001 // 0001入栈
:00402B1504ECFC FLdRfVar ;Push LOCAL_0314 // 开辟内存空间i
:00402B18043CFE FLdRfVar ;Push LOCAL_01C4 // 开辟内存空间
:00402B1BFE6894FC0602 ForVar ;// FOR 运算
:00402B2104E4FC FLdRfVar ;Push LOCAL_031C // 开辟内存空间[文本内容]
:00402B2421 FLdPrThis ;= \
:00402B250F1403 VCallAd ;Return the control index 07 / 获得窗体句柄
:00402B2819E8FC FStAdFunc ;// 取propget过程地址
:00402B2B08E8FC FLdPr ;= // 加载过程
***********Reference To:TextBox.Text
|
:00402B2E0DA0000000 VCallHresult ;Call ptr_004020FC // 获得文本框中的内容
:00402B3328D4FC0100 LitVarI2 ;PushVarInteger 0001 \ 取长度
:00402B3804ECFC FLdRfVar ;Push LOCAL_0314 | 变量i的值
:00402B3BFC22 CI4Var ;vbaI4Var | // MID函数参数入栈
:00402B3D6CE4FC ILdRf ;Push DWORD / 文本内容
**********Reference To->msvbvm60.rtcMidCharBstr
|
:00402B400B26000C00 ImpAdCallI2 ;Call ptr_00401030; check stack 000C; Push EAX // MID操作
:00402B452390FC FStStrNoPop ;SysFreeString ; =
**********Reference To->msvbvm60.rtcAnsiValueBstr
|
:00402B480B27000400 ImpAdCallI2 ;Call ptr_00401036; check stack 0004; Push EAX // ASC操作
:00402B4D44B4FC CVarI2 ;// 将整形转换为变量
:00402B5004ECFC FLdRfVar ;Push LOCAL_0314 // 变量i的值
:00402B53FBB480FC MulVar ;// 相乘:asc(mid(name,i,1))*i
:00402B572870FC1A00 LitVarI2 ;PushVarInteger 001A //装立即数&H1A
:00402B5CFBA460FC ModVar ;// 取模 asc(mid(name,i,1)) * i mod &H1A
:00402B60FEC150FC3766EC04 LitVarI4 ;// &H4EC6637
:00402B68FBB440FC MulVar ;// 相乘:asc(mid(name,i,1)) * i mod &H1A * &H4EC6637
:00402B6CFCF65CFF FStVar ;// 感谢MengLong兄的帮助才找到这个I4
:00402B70320400E4FC90FC FFreeStr ;Do SysFreeString ; =0 0004/2 times ~ arg
:00402B771AE8FC FFree1Ad ;Push ; Call [[]+8]; []=0
:00402B7A35D4FC FFree1Var ;Free LOCAL_032C
:00402B7D04ECFC FLdRfVar ;Push LOCAL_0314
:00402B80FE7E94FCA101 NextStepVar ;// NEXT
:00402B86045CFF FLdRfVar ;Push LOCAL_00A4 // ""字符入栈
:00402B89FD004CFE FStVarCopy ;=vbaVarCopy(Pop)
:00402B8D043CFE FLdRfVar ;Push LOCAL_01C4 // 用户名入栈
:00402B9028C4FC0000 LitVarI2 ;PushVarInteger 0000
:00402B955D HardType ;
:00402B96FB33 EqVarBool ;// 用户名是否等于""
:00402B981C0903 BranchF ;If Pop=0 then ESI=00402C89 //不等于则跳
:00402B9B27F0FA LitVar ;PushVar LOCAL_0510 \
:00402B9E2700FB LitVar ;PushVar LOCAL_0500 | Msgbox函数参数
:00402BA104CCFD FLdRfVar ;Push LOCAL_0234 // 加载字符 |
:00402BA404ACFD FLdRfVar ;Push LOCAL_0254 // 加载字符 |
:00402BA7FB9410FB AddVar ;// 字符叠加
:00402BABF530000000 LitI4 ;Push 00000030
:00402BB0044CFF FLdRfVar ;Push LOCAL_00B4 // 加载字符 |
:00402BB3041CFD FLdRfVar ;Push LOCAL_02E4 // 加载字符 |
:00402BB6FB94D4FC AddVar ;// 字符叠加
:00402BBA04FCFC FLdRfVar ;Push LOCAL_0304 // 加载字符 |
:00402BBDFB9480FC AddVar ;// 字符叠加
:00402BC104FCFE FLdRfVar ;Push LOCAL_0104 // 加载字符 |
:00402BC4FB9460FC AddVar ;// 字符叠加
:00402BC8040CFD FLdRfVar ;Push LOCAL_02F4 // 加载字符 |
:00402BCBFB9440FC AddVar ;// 字符叠加
:00402BCF04ECFE FLdRfVar ;Push LOCAL_0114 // 加载字符 |
:00402BD2FB9430FC AddVar ;// 字符叠加
:00402BD6048CFD FLdRfVar ;Push LOCAL_0274 // 加载字符 |
:00402BD9FB9420FC AddVar ;// 字符叠加
:00402BDD047CFD FLdRfVar ;Push LOCAL_0284 // 加载字符 |
:00402BE0FB9410FC AddVar ;// 字符叠加
:00402BE404DCFD FLdRfVar ;Push LOCAL_0224 // 加载字符 |
:00402BE7FB9400FC AddVar ;// 字符叠加
:00402BEB04DCFE FLdRfVar ;Push LOCAL_0124 // 加载字符 |
:00402BEEFB94F0FB AddVar ;// 字符叠加
:00402BF204ECFD FLdRfVar ;Push LOCAL_0214 // 加载字符 |
:00402BF5FB94E0FB AddVar ;// 字符叠加
:00402BF9049CFE FLdRfVar ;Push LOCAL_0164 // 加载字符 |
:00402BFCFB94D0FB AddVar ;// 字符叠加
:00402C0004BCFD FLdRfVar ;Push LOCAL_0244 // 加载字符 |
:00402C03FB94C0FB AddVar ;// 字符叠加
:00402C07049CFD FLdRfVar ;Push LOCAL_0264 // 加载字符 |
:00402C0AFB94B0FB AddVar ;// 字符叠加
:00402C0E046CFD FLdRfVar ;Push LOCAL_0294 // 加载字符 |
:00402C11FB94A0FB AddVar ;// 字符叠加
:00402C15044CFD FLdRfVar ;Push LOCAL_02B4 // 加载字符 |
:00402C18FB9490FB AddVar ;// 字符叠加
:00402C1C045CFD FLdRfVar ;Push LOCAL_02A4 // 加载字符 |
:00402C1FFB9480FB AddVar ;// 字符叠加
:00402C23043CFD FLdRfVar ;Push LOCAL_02C4 // 加载字符 |
:00402C26FB9470FB AddVar ;// 字符叠加
:00402C2A04ECFE FLdRfVar ;Push LOCAL_0114 // 加载字符 |
:00402C2DFB9460FB AddVar ;// 字符叠加
:00402C31042CFD FLdRfVar ;Push LOCAL_02D4 // 加载字符 |
:00402C34FB9450FB AddVar ;// 字符叠加
:00402C38042CFD FLdRfVar ;Push LOCAL_02D4 // 加载字符 |
:00402C3BFB9440FB AddVar ;// 字符叠加
:00402C3F042CFD FLdRfVar ;Push LOCAL_02D4 // 加载字符 |
:00402C42FB9430FB AddVar ;// 字符叠加
:00402C4604ECFE FLdRfVar ;Push LOCAL_0114 // 加载字符 |
:00402C49FB9420FB AddVar ;// 字符叠加 /
**********Reference To->msvbvm60.rtcMsgBox
|
:00402C4D0A28001400 ImpAdCallFPR4 ;Call ptr_0040103C; check stack 0014; Push EAX
:00402C52363200D4FC80FC60 FFreeVar ;Free 0032/2 variants
:00402C87FCC804 End ;// 结束程序
:00402C8A4C FnLBound ;vbaLBound
:00402C8BFE04E4FC ThisVCallR8 ;
:00402C8F21 FLdPrThis ;= \
:00402C900F0403 VCallAd ;Return the control index 03 / 获得窗体句柄
:00402C9319E8FC FStAdFunc ;// 取propget过程地址
:00402C9608E8FC FLdPr ;= // 加载过程
***********Reference To:TextBox.Text
|
:00402C990DA0000000 VCallHresult ;Call ptr_004020FC // 获得文本框中的内容[假码]
:00402C9E3EE4FC FLdZeroAd ;Push DWORD ; =0
:00402CA146D4FC CVarStr ;// 将字符串类型改为变量
:00402CA45D HardType ;
:00402CA5FB33 EqVarBool ;// 比较真码假码
:00402CA71AE8FC FFree1Ad ;Push ; Call [[]+8]; []=0
:00402CAA35D4FC FFree1Var ;Free LOCAL_032C
:00402CAD1CDD03 BranchF ;If Pop=0 then ESI=00402D5D //不等则跳 00402D5D -〉1CDD03改为10DD03
:00402CB027E0FB LitVar ;PushVar LOCAL_0420 \ 即可以爆破!
:00402CB327F0FB LitVar ;PushVar LOCAL_0410 | Msgbox函数参数
:00402CB6043CFF FLdRfVar ;Push LOCAL_00C4 // 加载字符 |
:00402CB9041CFF FLdRfVar ;Push LOCAL_00E4 // 加载字符 |
:00402CBCFB9400FC AddVar ;// 字符叠加
:00402CC0F540000000 LitI4 ;Push 00000040
:00402CC5042CFE FLdRfVar ;Push LOCAL_01D4 // 加载字符 |
:00402CC804BCFE FLdRfVar ;Push LOCAL_0144 // 加载字符 |
:00402CCBFB94D4FC AddVar ;// 字符叠加
:00402CCF04ECFE FLdRfVar ;Push LOCAL_0114 // 加载字符 |
:00402CD2FB9480FC AddVar ;// 字符叠加
:00402CD6044CFF FLdRfVar ;Push LOCAL_00B4 // 加载字符 |
:00402CD9FB9460FC AddVar ;// 字符叠加
:00402CDD043CFF FLdRfVar ;Push LOCAL_00C4 // 加载字符 |
:00402CE0FB9440FC AddVar ;// 字符叠加
:00402CE4041CFF FLdRfVar ;Push LOCAL_00E4 // 加载字符 |
:00402CE7FB9430FC AddVar ;// 字符叠加
:00402CEB04FCFE FLdRfVar ;Push LOCAL_0104 // 加载字符 |
:00402CEEFB9420FC AddVar ;// 字符叠加
:00402CF204ECFE FLdRfVar ;Push LOCAL_0114 // 加载字符 |
:00402CF5FB9410FC AddVar ;// 字符叠加 /
**********Reference To->msvbvm60.rtcMsgBox
|
:00402CF90A28001400 ImpAdCallFPR4 ;Call ptr_0040103C; check stack 0014; Push EAX
:00402CFE361400D4FC80FC60 FFreeVar ;Free 0014/2 variants
:00402D15041CFE FLdRfVar ;Push LOCAL_01E4 // 加载字符
:00402D1804FCFD FLdRfVar ;Push LOCAL_0204 // 加载字符
:00402D1BFB94D4FC AddVar ;// 字符叠加
:00402D1F040CFE FLdRfVar ;Push LOCAL_01F4 // 加载字符
:00402D22FB9480FC AddVar ;// 字符叠加
:00402D26FDFEE4FC CStrVarVal ;
:00402D2A21 FLdPrThis ;= \
:00402D2B0F0003 VCallAd ;Return the control index 02 / 获得窗体句柄
:00402D2E19E8FC FStAdFunc ;// 取propget过程地址
:00402D3108E8FC FLdPr ;= // 加载过程
***********Reference To:CommandButton.Caption
|
:00402D340D54002900 VCallHresult ;Call ptr_00402238 // 改变Button.Caption
:00402D392FE4FC FFree1Str ;SysFreeString ; =0
:00402D3C1AE8FC FFree1Ad ;Push ; Call [[]+8]; []=0
:00402D3F360400D4FC80FC FFreeVar ;Free 0004/2 variants
:00402D46F400 LitI2_Byte ;Push 00 \
:00402D4821 FLdPrThis ;= | Enabled参数入栈
:00402D490F0003 VCallAd ;Return the control index 02 |
:00402D4C19E8FC FStAdFunc ; |
:00402D4F08E8FC FLdPr ;= /
***********Reference To:CommandButton.Enabled
|
:00402D520D8C002900 VCallHresult ;Call ptr_00402238 // 改变Button.Enabled
:00402D571AE8FC FFree1Ad ;Push ; Call [[]+8]; []=0
:00402D5A1E9904 Branch ;ESI=00402E19 //程序跳转
:00402D5D2790FB LitVar ;PushVar LOCAL_0470 \
:00402D6027A0FB LitVar ;PushVar LOCAL_0460 | Msgbox函数参数
:00402D63042CFF FLdRfVar ;Push LOCAL_00D4 // 加载字符 |
:00402D66040CFF FLdRfVar ;Push LOCAL_00F4 // 加载字符 |
:00402D69FB94B0FB AddVar ;// 字符叠加
:00402D6DF530000000 LitI4 ;Push 00000030
:00402D72044CFF FLdRfVar ;Push LOCAL_00B4 // 加载字符 |
:00402D75047CFE FLdRfVar ;Push LOCAL_0184 // 加载字符 |
:00402D78FB94D4FC AddVar ;// 字符叠加
:00402D7C04CCFE FLdRfVar ;Push LOCAL_0134 // 加载字符 |
:00402D7FFB9480FC AddVar ;// 字符叠加
:00402D8304ACFE FLdRfVar ;Push LOCAL_0154 // 加载字符 |
:00402D86FB9460FC AddVar ;// 字符叠加
:00402D8A048CFE FLdRfVar ;Push LOCAL_0174 // 加载字符 |
:00402D8DFB9440FC AddVar ;// 字符叠加
:00402D91049CFE FLdRfVar ;Push LOCAL_0164 // 加载字符 |
:00402D94FB9430FC AddVar ;// 字符叠加
:00402D98045CFE FLdRfVar ;Push LOCAL_01A4 // 加载字符 |
:00402D9BFB9420FC AddVar ;// 字符叠加
:00402D9F046CFE FLdRfVar ;Push LOCAL_0194 // 加载字符 |
:00402DA2FB9410FC AddVar ;// 字符叠加
:00402DA6044CFF FLdRfVar ;Push LOCAL_00B4 // 加载字符 |
:00402DA9FB9400FC AddVar ;// 字符叠加
:00402DAD042CFF FLdRfVar ;Push LOCAL_00D4 // 加载字符 |
:00402DB0FB94F0FB AddVar ;// 字符叠加
:00402DB4040CFF FLdRfVar ;Push LOCAL_00F4 // 加载字符 |
:00402DB7FB94E0FB AddVar ;// 字符叠加
:00402DBB04FCFE FLdRfVar ;Push LOCAL_0104 // 加载字符 |
:00402DBEFB94D0FB AddVar ;// 字符叠加
:00402DC204ECFE FLdRfVar ;Push LOCAL_0114 // 加载字符 |
:00402DC5FB94C0FB AddVar ;// 字符叠加 /
**********Reference To->msvbvm60.rtcMsgBox
|
:00402DC90A28001400 ImpAdCallFPR4 ;Call ptr_0040103C; check stack 0014; Push EAX
:00402DCE361E00D4FC80FC60 FFreeVar ;Free 001E/2 variants
******Possible String Ref To->""
|
:00402DEF1B0100 LitStr ;Push ptr_00402110// 装入字符串变量
:00402DF221 FLdPrThis ;= \
:00402DF30F1403 VCallAd ;Return the control index 07 / 获得窗体句柄
:00402DF619E8FC FStAdFunc ;// 取propput过程地址
:00402DF908E8FC FLdPr ;= //加载过程
***********Reference To:TextBox.Text
|
:00402DFC0DA4000000 VCallHresult ;Call ptr_004020FC // 写入
:00402E011AE8FC FFree1Ad ;Push ; Call [[]+8]; []=0
******Possible String Ref To->""
|
:00402E041B0100 LitStr ;Push ptr_00402110// 装入字符串变量
:00402E0721 FLdPrThis ;= \
:00402E080F0403 VCallAd ;Return the control index 03 / 获得窗体句柄
:00402E0B19E8FC FStAdFunc ;// 取propput过程地址
:00402E0E08E8FC FLdPr ;= //加载过程
***********Reference To:TextBox.Text
|
:00402E110DA4000000 VCallHresult ;Call ptr_004020FC // 写入
:00402E161AE8FC FFree1Ad ;Push ; Call [[]+8]; []=0
:00402E1913 ExitProcHresult ;// 退出过程
:00402E1A0000 LargeBos ;IDE beginning of line with 00 byte codes
:004028A8FCC813 End ;// 结束程序
算法:asc(mid(name,i,1)) * i mod &H1A * &H4EC6637
再次感谢MengLong兄弟的帮助!
Moodsky
2005.02.18
--------------------------------------------------------------------------------
©2000-2004 www.PEdiy.comAll rights reserved.
By KanXue Studio
页:
[1]