申请会员ID:iccon
1、申 请 I D :iccon2、个人邮箱:1285674538@qq.com3、原创技术文章:代码反编译的程序
前一段时间,有个朋友让我帮他逆向一个东西,抠出其中的代码,存储为汇编的文件,VC下编译运行。
汇编文件的代码:
.686p
.model flat,c
option casemap : none
extern sprintf:proc
extern strcat:proc
.data
___security_cookie dd 0BB40E64Eh
a02x_0 db "%02X"
.code
public sub_40B444
sub_40B444 proc near ; CODE XREF: sub_40CCEA+A4p
;Source = byte ptr -14h
;var_4 = dword ptr -4
;arg_0 = dword ptr8
;arg_4 = dword ptr0Ch
;arg_8 = dword ptr10h
push ebp
mov ebp, esp
sub esp, 14h
mov eax, dword ptr ___security_cookie ; "N鍬?
xor eax, ebp
mov , eax
push ebx
mov ebx,
push esi
mov esi,
push edi
xor edi, edi
cmp , edi
mov byte ptr , 0
jbe short loc_40B48E
loc_40B467: ; CODE XREF: sub_40B444+48j
movzx eax, byte ptr
push eax
lea eax,
push offset a02x_0 ; "%02X"
push eax ; Dest
call sprintf
lea eax,
push eax ; Source
push esi ; Dest
call strcat
add esp, 14h
inc edi
cmp edi,
jb short loc_40B467
loc_40B48E: ; CODE XREF: sub_40B444+21j
mov ecx,
pop edi
pop esi
xor ecx, ebp
leave
retn
sub_40B444 endp
end
示例代码如下:
#include "stdafx.h"
#include <Windows.h>
extern "C" {
char* sub_40B444(char*,int,char*);
}
int _tmain(int argc, _TCHAR* argv[])
{
char* pszBuf = new char;
memset( pszBuf , 0 , 1024 );
strcpy_s( pszBuf , 1024 , "des:" );
sub_40B444( "你总是说我在,这样孤单时候,才能想起与你联络" , strlen("你总是说我在,这样孤单时候,才能想起与你联络") , pszBuf );
printf_s( "format string : %s\n" , "你总是说我在,这样孤单时候,才能想起与你联络" );
printf_s( "format string : %s\n" , pszBuf );
if( pszBuf != NULL )
{
delete[]pszBuf;
pszBuf = NULL;
}
return 0;
从哪复制的? 哈哈哈哈 这哥们是故意的
页:
[1]