FlashFXP v1.4.1 build 823 的脱壳与破解
2007-01-12 20:13:16 来源:WEB开发网核心提示: :0050C815 A188C25300 mov eax, dword ptr [0053C288]:0050C81A 33D2 xor edx, edx:0050C81C 52 push edx:0050C81D 50 push eax:0050C81E 8D45F0 lea eax,
:0050C815 A188C25300 mov eax, dword ptr [0053C288]
:0050C81A 33D2 xor edx, edx
:0050C81C 52 push edx
:0050C81D 50 push eax
:0050C81E 8D45F0 lea eax, dword ptr [ebp-10]
:0050C821 E8AAC6EFFF call 00408ED0
:0050C826 8B4DF0 mov ecx, dword ptr [ebp-10]
* Possible StringData Ref from Code Obj ->"Main"
|
:0050C829 BA40CE5000 mov edx, 0050CE40
:0050C82E A17CC05300 mov eax, dword ptr [0053C07C]
:0050C833 E87CFDFAFF call 004BC5B4----------->进入
:0050C838 84C0 test al, al<--------------------标志测试
:0050C83A 7443 je 0050C87F
:0050C83C C605A0A0530000 mov byte ptr [0053A0A0], 00<----注意这里
。。。
call 004BC5B4--------->进入后来到
* Possible StringData Ref from Code Obj ->""
|
:004BC5EE BA2CC64B00 mov edx, 004BC62C
:004BC5F3 E89C79F4FF call 00403F94
:004BC5F8 0F95C0 setne al<------置标志 #####
:004BC5FB 8BD8 mov ebx, eax
:004BC5FD 33C0 xor eax, eax
:004BC5FF 5A pop edx
:004BC600 59 pop ecx
:004BC601 59 pop ecx
:004BC602 648910 mov dword ptr fs:[eax], edx
:004BC605 681AC64B00 push 004BC61A
* Possible StringData Ref from Code Obj ->""
|
:004BC5EE BA2CC64B00 mov edx, 004BC62C
:004BC5F3 E89C79F4FF call 00403F94
:004BC5F8 0F95C0 setne al<------置标志 #####
:004BC5FB 8BD8 mov ebx, eax
:004BC5FD 33C0 xor eax, eax
:004BC5FF 5A pop edx
:004BC600 59 pop ecx
:004BC601 59 pop ecx
:004BC602 648910 mov dword ptr fs:[eax], edx
:004BC605 681AC64B00 push 004BC61A
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004BC618(U)
|
:004BC60A 8D45FC lea eax, dword ptr [ebp-04]
:004BC60D E8F675F4FF call 00403C08
:004BC612 C3 ret置标志的地方,打补丁mov al,0 后继续走来到:
中查找“FlashFXP v1.4.1 build 823 的脱壳与破解”更多相关内容
中查找“FlashFXP v1.4.1 build 823 的脱壳与破解”更多相关内容更多精彩
赞助商链接
