OD破解游戏解读加密文件方法
请问我有一个旧网游已经脱壳了,想用OD逆向解密网游客户端资料,程序是delphi写的,主程序运行后,会调用文件(可是已经加密,不懂如何打开)如MRG和DAT档案
以下是朋友弄的,但到最后看不明白:
00405338 $85D2 test edx,edx ;ntdll.KiFastSystemCallRet
0040533A .74 61 je short 1.0040539D
0040533C .85C9 test ecx,ecx
0040533E .^ 0F84 34FDFFFF je 1.00405078
00405344 .3B10 cmp edx,dword ptr ds:
00405346 .74 5C je short 1.004053A4
00405348 .3B08 cmp ecx,dword ptr ds:
0040534A .74 0E je short 1.0040535A
0040534C .50 push eax
0040534D .51 push ecx
0040534E .E8 25FDFFFF call 1.00405078
00405353 .5A pop edx ;kernel32.7C817067
00405354 .58 pop eax ;kernel32.7C817067
00405355 .^ E9 9AFFFFFF jmp 1.004052F4
0040535A >53 push ebx
0040535B .56 push esi
0040535C .57 push edi ;ntdll.7C930208
0040535D .89D3 mov ebx,edx ;ntdll.KiFastSystemCallRet
0040535F .89CE mov esi,ecx
00405361 .50 push eax
00405362 .8B43 FC mov eax,dword ptr ds:
00405365 .0346 FC add eax,dword ptr ds:
00405368 .E8 7BFDFFFF call 1.004050E8
0040536D .89C7 mov edi,eax
0040536F .89C2 mov edx,eax
00405371 .89D8 mov eax,ebx
00405373 .8B4B FC mov ecx,dword ptr ds:
00405376 .E8 E1D6FFFF call 1.00402A5C
0040537B .89FA mov edx,edi ;ntdll.7C930208
0040537D .89F0 mov eax,esi
0040537F .8B4E FC mov ecx,dword ptr ds:
00405382 .0353 FC add edx,dword ptr ds:
00405385 .E8 D2D6FFFF call 1.00402A5C
0040538A .58 pop eax ;kernel32.7C817067
0040538B .89FA mov edx,edi ;ntdll.7C930208
0040538D .85FF test edi,edi ;ntdll.7C930208
0040538F .74 03 je short 1.00405394
00405391 .FF4F F8 dec dword ptr ds:
00405394 >E8 DFFCFFFF call 1.00405078
00405399 .5F pop edi ;kernel32.7C817067
0040539A .5E pop esi ;kernel32.7C817067
0040539B .5B pop ebx ;kernel32.7C817067
0040539C .C3 retn
我想要加密的方法跟解密的方法,求高手帮忙 求高手指点教学,私聊 有高手可指点一下吗.拜托.....
页:
[1]