- UID
- 1425
注册时间2005-5-6
阅读权限20
最后登录1970-1-1
以武会友
 
该用户从未签到
|
发表于 2005-5-8 22:18:04
|
显示全部楼层
爆破行么??
:00401565 E820080000 Call 00401D8A
:0040156A 8D4DEC lea ecx, dword ptr [ebp-14]
:0040156D E8DE020000 call 00401850
:00401572 8945E4 mov dword ptr [ebp-1C], eax
:00401575 837DE405 cmp dword ptr [ebp-1C], 00000005
:00401579 EB43 jmp 004015BE <=========================改成强跳,逃过“5个字符以上”限制
:0040157B 6A40 push 00000040
* Possible StringData Ref from Data Obj ->"CrackMe"
|
:0040157D 6820404000 push 00404020
* Possible StringData Ref from Data Obj ->"User Name must have at least 5 "
->"characters."
|
:00401582 6828404000 push 00404028
:00401587 8B8D40FEFFFF mov ecx, dword ptr [ebp+FFFFFE40]
* Reference To: MFC42.Ordinal:1080, Ord:1080h
|
:0040158D E8F2070000 Call 00401D84
:00401592 C645FC01 mov [ebp-04], 01
:00401596 8D4DDC lea ecx, dword ptr [ebp-24]
* Reference To: MFC42.Ordinal:0320, Ord:0320h
|
:00401599 E8C2070000 Call 00401D60
:0040159E C645FC00 mov [ebp-04], 00
:004015A2 8D4DE8 lea ecx, dword ptr [ebp-18]
* Reference To: MFC42.Ordinal:0320, Ord:0320h
|
:004015A5 E8B6070000 Call 00401D60
:004015AA C745FCFFFFFFFF mov [ebp-04], FFFFFFFF
:004015B1 8D4DEC lea ecx, dword ptr [ebp-14]
* Reference To: MFC42.Ordinal:0320, Ord:0320h
|
:004015B4 E8A7070000 Call 00401D60
:004015B9 E9F9010000 jmp 004017B7
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00401579(U)
|
:004015BE C745E000000000 mov [ebp-20], 00000000
:004015C5 EB09 jmp 004015D0
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00401618(U)
|
:004015C7 8B55E0 mov edx, dword ptr [ebp-20]
:004015CA 83C201 add edx, 00000001
:004015CD 8955E0 mov dword ptr [ebp-20], edx
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004015C5(U)
|
:004015D0 8B45E0 mov eax, dword ptr [ebp-20]
:004015D3 3B45E4 cmp eax, dword ptr [ebp-1C]
:004015D6 7D42 jge 0040161A
:004015D8 8B4DE0 mov ecx, dword ptr [ebp-20]
:004015DB 51 push ecx
:004015DC 8D4DEC lea ecx, dword ptr [ebp-14]
:004015DF E81C030000 call 00401900
:004015E4 0FBED0 movsx edx, al
:004015E7 8B45F0 mov eax, dword ptr [ebp-10]
:004015EA 03C2 add eax, edx
:004015EC 8945F0 mov dword ptr [ebp-10], eax
:004015EF 8B4DE0 mov ecx, dword ptr [ebp-20]
:004015F2 C1E108 shl ecx, 08
:004015F5 8B55F0 mov edx, dword ptr [ebp-10]
:004015F8 33D1 xor edx, ecx
:004015FA 8955F0 mov dword ptr [ebp-10], edx
:004015FD 8B45E0 mov eax, dword ptr [ebp-20]
:00401600 83C001 add eax, 00000001
:00401603 8B4DE4 mov ecx, dword ptr [ebp-1C]
:00401606 0FAF4DE0 imul ecx, dword ptr [ebp-20]
:0040160A F7D1 not ecx
:0040160C 0FAFC1 imul eax, ecx
:0040160F 8B55F0 mov edx, dword ptr [ebp-10]
:00401612 0FAFD0 imul edx, eax
:00401615 8955F0 mov dword ptr [ebp-10], edx
:00401618 EBAD jmp 004015C7
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004015D6(C)
|
:0040161A 8B45F0 mov eax, dword ptr [ebp-10]
:0040161D 50 push eax
* Possible StringData Ref from Data Obj ->"%lu"
|
:0040161E 6854404000 push 00404054
:00401623 8D4DDC lea ecx, dword ptr [ebp-24]
:00401626 51 push ecx
* Reference To: MFC42.Ordinal:0B02, Ord:0B02h
|
:00401627 E852070000 Call 00401D7E
:0040162C 83C40C add esp, 0000000C
:0040162F 8D4DDC lea ecx, dword ptr [ebp-24]
:00401632 E879020000 call 004018B0
:00401637 50 push eax
:00401638 8D4DE8 lea ecx, dword ptr [ebp-18]
:0040163B E880020000 call 004018C0
:00401640 85C0 test eax, eax
:00401642 90 nop 《=============废掉jne,否则跳向死亡* Possible Reference to String Resource ID=00103: "Incorrect!!, Try Again."
:00401643 90 nop
:00401644 90 nop
:00401645 90 nop
:00401646 90 nop
:00401647 90 nop
:00401648 8D8DACFEFFFF lea ecx, dword ptr [ebp+FFFFFEAC]
* Reference To: MFC42.Ordinal:021C, Ord:021Ch
|
:0040164E E819070000 Call 00401D6C
:00401653 C645FC03 mov [ebp-04], 03
* Possible Reference to Dialog: DialogID_0066
|
* Possible Reference to String Resource ID=00102: "Good!!, Way To Go."
|
:00401657 6A66 push 00000066
:00401659 8D8DACFEFFFF lea ecx, dword ptr [ebp+FFFFFEAC] |
|
楼主: 飘云
IP卡
显身卡
发表于 2005-4-14 03:19:09
发表于 2005-4-22 09:39:34
