如何反汇编里面的玩意?
新手,不太明白怎么反汇编里面的玩意成
0040B8FF 00 db 00
0040B900 FC db FC
0040B901 BF db BF
0040B902 17 db 17
0040B903 00 db 00
0040B904 E4C74000 dd 单机登录.0040C7E4 ;UNICODE "GET"
0040B908 0CC94000 dd 单机登录.0040C90C
0040B90C ECC74000 dd 单机登录.0040C7EC
0040B910 18C84000 dd 单机登录.0040C818 ;UNICODE "更新完成"
0040B914 00C84000 dd 单机登录.0040C800 ;UNICODE "现在启动游戏吗?"
0040B918 A6104000 dd 单机登录.004010A6 ;jmp 到 msvbvm60.rtcMsgBox
0040B91C 28C84000 dd 单机登录.0040C828 ;UNICODE " "
0040B920 AC104000 dd 单机登录.004010AC ;jmp 到 msvbvm60.rtcMidCharVar
0040B924 38C84000 dd 单机登录.0040C838 ;UNICODE "/"
0040B928 30C84000 dd 单机登录.0040C830 ;UNICODE "\"
0040B92C B2104000 dd 单机登录.004010B2 ;jmp 到 msvbvm60.rtcReplace
0040B930 40C84000 dd 单机登录.0040C840 ;UNICODE ".zip"
0040B934 80F34000 dd 单机登录.0040F380
0040B938 6CC84000 dd 单机登录.0040C86C
0040B93C 5CC84000 dd 单机登录.0040C85C
0040B940 7CC84000 dd 单机登录.0040C87C
0040B944 8CC84000 dd 单机登录.0040C88C
0040B948 58C74000 dd 单机登录.0040C758 ;UNICODE "http://127.0.0.1/list.txt"
0040B94C A8C84000 dd 单机登录.0040C8A8
0040B950 D8C24000 dd 单机登录.0040C2D8
0040B954 BCC84000 dd 单机登录.0040C8BC ;UNICODE "open"
0040B958 CCC84000 dd 单机登录.0040C8CC ;UNICODE "Client.exe"
0040B95C E8C84000 dd 单机登录.0040C8E8 ;UNICODE "\client\"
0040B960 70C94000 dd 单机登录.0040C970 ;UNICODE "client\client.exe"
0040B964 B8104000 dd 单机登录.004010B8 ;jmp 到 msvbvm60.rtcDir
0040B968 98C94000 dd 单机登录.0040C998
0040B96C A0C94000 dd 单机登录.0040C9A0 ;UNICODE "登陆器所在目录不正确!"
0040B970 BCC94000 dd 单机登录.0040C9BC ;UNICODE "client\yb_mem.bak"
0040B974 E4C94000 dd 单机登录.0040C9E4 ;UNICODE "client\yb_mem.dll"
0040B978 BE104000 dd 单机登录.004010BE ;jmp 到 msvbvm60.rtcKillFiles
0040B97C 0CCA4000 dd 单机登录.0040CA0C ;UNICODE "请先退出游戏!"
0040B980 2CCA4000 dd 单机登录.0040CA2C
0040B984 3CCA4000 dd 单机登录.0040CA3C
0040B988 50CA4000 dd 单机登录.0040CA50 ;UNICODE "完成"
0040B98C 5CCA4000 dd 单机登录.0040CA5C ;UNICODE "0%"
0040B990 C4104000 dd 单机登录.004010C4 ;jmp 到 msvbvm60.rtcVarFromFormatVar
0040B994 CA104000 dd 单机登录.004010CA ;jmp 到 msvbvm60.rtcFreeFile
0040B998 68CA4000 dd 单机登录.0040CA68
0040B99C 84CA4000 dd 单机登录.0040CA84 ;UNICODE "保存完成"
0040B9A0 D0104000 dd 单机登录.004010D0 ;jmp 到 msvbvm60.rtcRightCharVar
0040B9A4 94CA4000 dd 单机登录.0040CA94 ;UNICODE "zip"
0040B9A8 A0CA4000 dd 单机登录.0040CAA0 ;UNICODE "expand -r ""
0040B9AC BCCA4000 dd 单机登录.0040CABC ;UNICODE """
0040B9B0 D6104000 dd 单机登录.004010D6 ;jmp 到 msvbvm60.rtcShell
0040B9B4 C4CA4000 dd 单机登录.0040CAC4 ;UNICODE "Content-Length"
0040B9B8 1CCA4000 dd 单机登录.0040CA1C
0040B9BC 4CC54000 dd 单机登录.0040C54C ;UNICODE " <"
0040B9C0 9CC64000 dd 单机登录.0040C69C
0040B9C4 30C74000 dd 单机登录.0040C730
0040B9C8 ECC64000 dd 单机登录.0040C6EC
0040B9CC E4CA4000 dd 单机登录.0040CAE4
0040B9D0 F4CA4000 dd 单机登录.0040CAF4
0040B9D4 08CB4000 dd 单机登录.0040CB08 ;ASCII "\r"
0040B9D8 DC104000 dd 单机登录.004010DC ;jmp 到 msvbvm60.rtcSplit
0040B9DC 14CB4000 dd 单机登录.0040CB14 ;UNICODE ","
0040B9E0 E2104000 dd 单机登录.004010E2 ;jmp 到 msvbvm60.rtcLeftCharVar
0040B9E4 7CB44000 dd 单机登录.0040B47C
0040B9E8 E8104000 dd 单机登录.004010E8 ;jmp 到 msvbvm60.rtcTrimVar
0040B9EC 04CD4000 dd 单机登录.0040CD04 ;UNICODE "WScript.Shell"
0040B9F0 EE104000 dd 单机登录.004010EE ;jmp 到 msvbvm60.rtcCreateObject2
0040B9F4 24CD4000 dd 单机登录.0040CD24 ;UNICODE "Desktop"
0040B9F8 34CD4000 dd 单机登录.0040CD34 ;UNICODE "SpecialFolders"
0040B9FC 58CD4000 dd 单机登录.0040CD58 ;UNICODE ".lnk"
0040BA00 64CD4000 dd 单机登录.0040CD64 ;UNICODE "CreateShortcut"
0040BA04 88CD4000 dd 单机登录.0040CD88 ;UNICODE ".exe"
0040BA08 94CD4000 dd 单机登录.0040CD94 ;UNICODE "TargetPath"
0040BA0C ACCD4000 dd 单机登录.0040CDAC ;UNICODE "WorkingDirectory"
0040BA10 D4CD4000 dd 单机登录.0040CDD4 ;UNICODE "Save"
0040BA14 F4104000 dd 单机登录.004010F4 ;jmp 到 msvbvm60.VarPtr
0040BA18 44C64000 dd 单机登录.0040C644
0040BA1C F8C54000 dd 单机登录.0040C5F8
0040BA20 A8C54000 dd 单机登录.0040C5A8
0040BA24 FA104000 dd 单机登录.004010FA ;jmp 到 msvbvm60.rtcDoEvents
0040BA28 E4CD4000 dd 单机登录.0040CDE4 ;UNICODE "MSXML2.XMLHTTP"
0040BA2C 04CE4000 dd 单机登录.0040CE04 ;UNICODE "Open"
0040BA30 10CE4000 dd 单机登录.0040CE10 ;UNICODE "Send"
0040BA34 1CCE4000 dd 单机登录.0040CE1C ;UNICODE "Status"
0040BA38 30CE4000 dd 单机登录.0040CE30 ;UNICODE "远程列表不存在"
0040BA3C 40CE4000 dd 单机登录.0040CE40 ;UNICODE "ResponseBody"
0040BA40 00114000 dd 单机登录.00401100 ;jmp 到 msvbvm60.rtcStrConvVar2
0040BA44 60CE4000 dd 单机登录.0040CE60 ;UNICODE "http"
0040BA48 88B44000 dd 单机登录.0040B488
0040BA4C 70CE4000 dd 单机登录.0040CE70 ;UNICODE "远程列表格式错误."
0040BA50 06114000 dd 单机登录.00401106 ;jmp 到 msvbvm60.rtcInStrRev
0040BA54 0C114000 dd 单机登录.0040110C ;jmp 到 msvbvm60.rtcSpaceVar
0040BA58 88CE4000 dd 单机登录.0040CE88 ;UNICODE "filelist.txt"
0040BA5C A4CE4000 dd 单机登录.0040CEA4 ;UNICODE "ResponseText"
0040BA60 C4CE4000 dd 单机登录.0040CEC4 ;UNICODE "远程列表读取失败"
0040BA64 98 db 98
0040BA65 F7 db F7
0040BA66 17 db 17
0040BA67 00 db 00
0040BA68 A0 db A0
0040BA69 23 db 23 ;CHAR '#'
0040BA6A 1B db 1B
0040BA6B 00 db 00
0040BA6C 08 db 08
0040BA6D 0B db 0B
0040BA6E 00 db 00
0040BA6F 00 db 00
0040BA70 03 db 03
这是一个单机的登录器,然后我比较新手不懂得怎么脱壳什么的,然后就带壳调试,然后找到这些字符串,然后怎么修改0040B948 58C74000 dd 单机登录.0040C758 ;UNICODE "http://127.0.0.1/list.txt" 这一段中的127.0.0.1如果需要制作补丁怎么制作呢
附件在此:
可以打补丁的 用论坛的dll劫持也可以 试试看 可以打补丁试试看 不懂呀,,,,,,,,, 先踩踩点,有时间再来```
页:
[1]