好友
阅读权限40
听众
最后登录1970-1-1
|
本帖最后由 冥界3大法王 于 2014-6-8 11:50 编辑
本来论坛有一个XLUserS.dll的破解的,说带木马病毒什么的,反正 百度网盘也下载不到,所以还是自己动手尝试下吧。
OD LOAD C:\Program Files (x86)\Thunder Network\Xmp\Program\XMP.exe 结果报错
那就附加好了
STOP在 76F7000D C3 retn
76F7000E 90 nop
76F7000F 90 nop
76F70010 90 nop
76F70011 90 nop
76F70012 90 nop
76F70013 90 nop
76F70014 90 nop
76F70015 90 nop
76F70016 90 nop
76F70017 90 nop
76F70018 90 nop
76F70019 90 nop
alt+e XMP.exe 到后
字串搜索 没看到什么,但发现
0040E026 /75 5B jnz XXMP.0040E083 ; 下面是什么?
0040E028 |8D45 A0 lea eax,dword ptr ss:[ebp-0x60]
0040E02B |50 push eax
0040E02C |BE 00354200 mov esi,XMP.00423500 ; LastExitStatus
0040E031 |56 push esi
0040E032 |E8 73B9FFFF call XMP.004099AA
0040E037 |395D A0 cmp dword ptr ss:[ebp-0x60],ebx
0040E03A |74 35 je XXMP.0040E071 ; 同样这里 好像也得处理
0040E03C |33C0 xor eax,eax
0040E03E |6A 3E push 0x3E
0040E040 |66:8945 B0 mov word ptr ss:[ebp-0x50],ax
0040E044 |8D45 B2 lea eax,dword ptr ss:[ebp-0x4E]
0040E047 |53 push ebx
0040E048 |50 push eax
0040E049 |E8 BE480000 call <jmp.&MSVCR90.memset>
0040E04E |6A 0A push 0xA
0040E050 |8D45 B0 lea eax,dword ptr ss:[ebp-0x50]
0040E053 |50 push eax
0040E054 |FF75 A0 push dword ptr ss:[ebp-0x60]
0040E057 |FF15 14E44100 call dword ptr ds:[<&MSVCR90._itow>] ; MSVCR90._itow
0040E05D |FF75 AC push dword ptr ss:[ebp-0x54]
0040E060 |8D45 B0 lea eax,dword ptr ss:[ebp-0x50]
0040E063 |50 push eax
0040E064 |68 D8344200 push XMP.004234D8 ; XMP-LastExitStatus
某派生……。计时器 ……
0041A286 /74 6F je XXMP.0041A2F7
0041A288 |8D45 9C lea eax,dword ptr ss:[ebp-0x64]
0041A28B |50 push eax
0041A28C |E8 D0ABFFFF call XMP.00414E61
0041A291 |8BF8 mov edi,eax
0041A293 |6A 40 push 0x40
0041A295 |8D46 04 lea eax,dword ptr ds:[esi+0x4]
0041A298 |50 push eax
0041A299 |8D45 B8 lea eax,dword ptr ss:[ebp-0x48]
0041A29C |50 push eax
0041A29D |C645 FC 01 mov byte ptr ss:[ebp-0x4],0x1
0041A2A1 |FF15 74E34100 call dword ptr ds:[<&MSVCP90.std::operat>; MSVCP90.std::operator+<char,std::char_traits<char>,std::allocator<char> >
0041A2A7 |57 push edi
0041A2A8 |50 push eax
0041A2A9 |8D45 D4 lea eax,dword ptr ss:[ebp-0x2C]
0041A2AC |50 push eax
0041A2AD |C645 FC 02 mov byte ptr ss:[ebp-0x4],0x2
0041A2B1 |FF15 6CE24100 call dword ptr ds:[<&MSVCP90.std::operat>; MSVCP90.std::operator+<char,std::char_traits<char>,std::allocator<char> >
0041A2B7 |6A 49 push 0x49
0041A2B9 |68 3C8E4200 push XMP.00428E3C ; .\UnknownBase.cpp
0041A2BE |50 push eax
0041A2BF |68 F88D4200 push XMP.00428DF8 ; ("某 CUnknownSingleThread 派生类析构时引用计数不正确",m_dwRef == 1)
0041A2C4 |C645 FC 03 mov byte ptr ss:[ebp-0x4],0x3
0041A2C8 |E8 3FFEFFFF call XMP.0041A10C
0041A2CD |83C4 2C add esp,0x2C
0041A2D0 |8D4D D4 lea ecx,dword ptr ss:[ebp-0x2C]
0041A2D3 |C645 FC 02 mov byte ptr ss:[ebp-0x4],0x2
0041A2D7 |FF15 F8E24100 call dword ptr ds:[<&MSVCP90.std::basic_>; MSVCP90.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::~basic_string<char,std::char_traits<char>,std::allocator<char> >
0041A2DD |8D4D B8 lea ecx,dword ptr ss:[ebp-0x48]
0041A2E0 |C645 FC 01 mov byte ptr ss:[ebp-0x4],0x1
0041A2E4 |FF15 F8E24100 call dword ptr ds:[<&MSVCP90.std::basic_>; MSVCP90.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::~basic_string<char,std::char_traits<char>,std::allocator<char> >
0041A2EA |8D4D 9C lea ecx,dword ptr ss:[ebp-0x64]
0041A2ED |C645 FC 00 mov byte ptr ss:[ebp-0x4],0x0
0041A2F1 |FF15 F8E24100 call dword ptr ds:[<&MSVCP90.std::basic_>; MSVCP90.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::~basic_string<char,std::char_traits<char>,std::allocator<char> >
0041A2F7 \834D FC FF or dword ptr ss:[ebp-0x4],0xFFFFFFFF
0041A2FB 8D4E 04 lea ecx,dword ptr ds:[esi+0x4]
0041A2FE FF15 F8E24100 call dword ptr ds:[<&MSVCP90.std::basic_>; MSVCP90.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::~basic_string<char,std::char_traits<char>,std::allocator<char> >
0041A304 E8 7385FFFF call XMP.0041287C
0041A309 C3 retn
0041A30A 6A 04 push 0x4
0041A30C B8 14D64100 mov eax,XMP.0041D614
0041A311 E8 8E84FFFF call XMP.004127A4
0041A316 8BF1 mov esi,ecx
0041A318 8975 F0 mov dword ptr ss:[ebp-0x10],esi
0041A31B FF75 08 push dword ptr ss:[ebp+0x8]
0041A31E 8D4E 04 lea ecx,dword ptr ds:[esi+0x4]
0041A321 C706 548E4200 mov dword ptr ds:[esi],XMP.00428E54
0041A327 FF15 FCE24100 call dword ptr ds:[<&MSVCP90.std::basic_>; MSVCP90.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::basic_string<char,std::char_traits<char>,std::allocator<char> >
0041A32D 8365 FC 00 and dword ptr ss:[ebp-0x4],0x0
0041A331 C746 38 0100000>mov dword ptr ds:[esi+0x38],0x1
0041A338 8B0D D0174300 mov ecx,dword ptr ds:[0x4317D0] ; XMP.0043290C
0041A33E 8B01 mov eax,dword ptr ds:[ecx]
0041A340 FF50 04 call dword ptr ds:[eax+0x4]
0041A343 8D46 20 lea eax,dword ptr ds:[esi+0x20]
0041A346 50 push eax
0041A347 FF15 04E14100 call dword ptr ds:[<&KERNEL32.Initialize>; ntdll.RtlInitializeCriticalSection
0041A34D 8BC6 mov eax,esi
0041A34F E8 2885FFFF call XMP.0041287C
0041A354 C2 0400 retn 0x4
0041A357 6A 58 push 0x58
0041A359 B8 56D64100 mov eax,XMP.0041D656
0041A35E E8 4184FFFF call XMP.004127A4
0041A363 8BF1 mov esi,ecx
0041A365 8975 F0 mov dword ptr ss:[ebp-0x10],esi
0041A368 C706 548E4200 mov dword ptr ds:[esi],XMP.00428E54
0041A36E 8365 FC 00 and dword ptr ss:[ebp-0x4],0x0
0041A372 8D46 20 lea eax,dword ptr ds:[esi+0x20]
0041A375 50 push eax
0041A376 FF15 04E24100 call dword ptr ds:[<&KERNEL32.DeleteCrit>; ntdll.RtlDeleteCriticalSection
0041A37C 8B0D D0174300 mov ecx,dword ptr ds:[0x4317D0] ; XMP.0043290C
0041A382 8B01 mov eax,dword ptr ds:[ecx]
0041A384 FF50 04 call dword ptr ds:[eax+0x4]
0041A387 837E 38 01 cmp dword ptr ds:[esi+0x38],0x1
0041A38B 74 6F je XXMP.0041A3FC
0041A38D 8D45 9C lea eax,dword ptr ss:[ebp-0x64]
0041A390 50 push eax
0041A391 E8 CBAAFFFF call XMP.00414E61
0041A396 8BF8 mov edi,eax
0041A398 6A 40 push 0x40
0041A39A 8D46 04 lea eax,dword ptr ds:[esi+0x4]
0041A39D 50 push eax
0041A39E 8D45 B8 lea eax,dword ptr ss:[ebp-0x48]
0041A3A1 50 push eax
0041A3A2 C645 FC 01 mov byte ptr ss:[ebp-0x4],0x1
0041A3A6 FF15 74E34100 call dword ptr ds:[<&MSVCP90.std::operat>; MSVCP90.std::operator+<char,std::char_traits<char>,std::allocator<char> >
0041A3AC 57 push edi
0041A3AD 50 push eax
0041A3AE 8D45 D4 lea eax,dword ptr ss:[ebp-0x2C]
0041A3B1 50 push eax
0041A3B2 C645 FC 02 mov byte ptr ss:[ebp-0x4],0x2
0041A3B6 FF15 6CE24100 call dword ptr ds:[<&MSVCP90.std::operat>; MSVCP90.std::operator+<char,std::char_traits<char>,std::allocator<char> >
0041A3BC 6A 66 push 0x66
0041A3BE 68 3C8E4200 push XMP.00428E3C ; .\UnknownBase.cpp
0041A3C3 50 push eax
0041A3C4 68 588E4200 push XMP.00428E58 ; ("某 CUnknownMultiThread 派生类析构时引用计数不正确",m_dwRef == 1)
0041A3C9 C645 FC 03 mov byte ptr ss:[ebp-0x4],0x3
0041A3CD E8 3AFDFFFF call XMP.0041A10C
0041A3D2 83C4 2C add esp,0x2C
0041A3D5 8D4D D4 lea ecx,dword ptr ss:[ebp-0x2C]
0041A3D8 C645 FC 02 mov byte ptr ss:[ebp-0x4],0x2
0041A3DC FF15 F8E24100 call dword ptr ds:[<&MSVCP90.std::basic_>; MSVCP90.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::~basic_string<char,std::char_traits<char>,std::allocator<char> >
0041A3E2 8D4D B8 lea ecx,dword ptr ss:[ebp-0x48]
0041A3E5 C645 FC 01 mov byte ptr ss:[ebp-0x4],0x1
0041A3E9 FF15 F8E24100 call dword ptr ds:[<&MSVCP90.std::basic_>; MSVCP90.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::~basic_string<char,std::char_traits<char>,std::allocator<char> >
0041A3EF 8D4D 9C lea ecx,dword ptr ss:[ebp-0x64]
0041A3F2 C645 FC 00 mov byte ptr ss:[ebp-0x4],0x0
0041A3F6 FF15 F8E24100 call dword ptr ds:[<&MSVCP90.std::basic_>; MSVCP90.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::~basic_string<char,std::char_traits<char>,std::allocator<char> >
0041A3FC 834D FC FF or dword ptr ss:[ebp-0x4],0xFFFFFFFF
0041A400 8D4E 04 lea ecx,dword ptr ds:[esi+0x4]
0041A403 FF15 F8E24100 call dword ptr ds:[<&MSVCP90.std::basic_>; MSVCP90.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::~basic_string<char,std::char_traits<char>,std::allocator<char> >
没办法,哥看你不太顺眼,改改吧。
请看下面的
哈哈…………大多数
  
又过去 三分钟
只是这么搞,明显有bug,没解决,但是超时已经能看了。
不回复 不让看,治懒病。欢迎交流和补充共同研究这东西的搞法哟~~
|
免费评分
-
查看全部评分
|
[复制链接]
发表于 2014-6-8 11:39
