od指令下面这几行谁能在后面给我注明一下什么意思吗?00576F80 .55 push ebp00576F81 .8BEC mov ebp,esp00576F83 .B9 06000000 mov ecx,600576F88 > 6A 00 push 000576F8A .6A 00 push 000576F8C .49 dec ecx00576F8D .^ 75 F9 jnz short 00576F8
来源:学生作业帮助网 编辑:作业帮 时间:2024/11/07 16:46:05
od指令下面这几行谁能在后面给我注明一下什么意思吗?00576F80 .55 push ebp00576F81 .8BEC mov ebp,esp00576F83 .B9 06000000 mov ecx,600576F88 > 6A 00 push 000576F8A .6A 00 push 000576F8C .49 dec ecx00576F8D .^ 75 F9 jnz short 00576F8
od指令下面这几行谁能在后面给我注明一下什么意思吗?
00576F80 .55 push ebp
00576F81 .8BEC mov ebp,esp
00576F83 .B9 06000000 mov ecx,6
00576F88 > 6A 00 push 0
00576F8A .6A 00 push 0
00576F8C .49 dec ecx
00576F8D .^ 75 F9 jnz short 00576F88
00576F8F .53 push ebx
00576F90 .56 push esi
00576F91 .8BD8 mov ebx,eax
00576F93 .33C0 xor eax,eax
00576F95 .55 push ebp
00576F96 .68 71725700 push 00577271
00576F9B .64:FF30 push dword ptr fs:[eax]
00576F9E .64:8920 mov dword ptr fs:[eax],esp
00576FA1 .8D55 F0 lea edx,dword ptr [ebp-10]
00576FA4 .8B83 F4020000 mov eax,dword ptr [ebx+2F4]
00576FAA .E8 4950EDFF call 0044BFF8
00576FAF .8B45 F0 mov eax,dword ptr [ebp-10]
00576FB2 .8D55 F4 lea edx,dword ptr [ebp-C]
00576FB5 .E8 5A23E9FF call 00409314
00576FBA .837D F4 00 cmp dword ptr [ebp-C],0
00576FBE 0F84 60020000 je 00577224
00576FC4 .8D55 E8 lea edx,dword ptr [ebp-18]
00576FC7 .8B83 00030000 mov eax,dword ptr [ebx+300]
00576FCD .E8 2650EDFF call 0044BFF8
00576FD2 .8B45 E8 mov eax,dword ptr [ebp-18]
00576FD5 .8D55 EC lea edx,dword ptr [ebp-14]
00576FD8 .E8 3723E9FF call 00409314
00576FDD .837D EC 00 cmp dword ptr [ebp-14],0
00576FE1 .0F84 3D020000 je 00577224
00576FE7 .E8 C0BBE8FF call 00402BAC
00576FEC .B8 03000000 mov eax,3
00576FF1 .E8 4EC1E8FF call 00403144
上面这几行谁能在后面给我注明一下什么意思吗?我学算法,可是意思都没看不懂,谁帮我一下,谢谢了···
od指令下面这几行谁能在后面给我注明一下什么意思吗?00576F80 .55 push ebp00576F81 .8BEC mov ebp,esp00576F83 .B9 06000000 mov ecx,600576F88 > 6A 00 push 000576F8A .6A 00 push 000576F8C .49 dec ecx00576F8D .^ 75 F9 jnz short 00576F8
靠10分啊.
00576F80 .55 push ebp //堆栈约定ebp肯定要压
00576F81 .8BEC mov ebp,esp //ebp=esp
00576F83 .B9 06000000 mov ecx,6 //ecx =6
00576F88 > 6A 00 push 0 //0压入堆栈
00576F8A .6A 00 push 0 //0压入堆栈
00576F8C .49 dec ecx //ecx--
00576F8D .^ 75 F9 jnz short 00576F88//循环6次
00576F8F .53 push ebx //保存ebx
00576F90 .56 push esi //保存esi
00576F91 .8BD8 mov ebx,eax //ebx=eax
00576F93 .33C0 xor eax,eax //eax=0
00576F95 .55 push ebp // 保存ebp
00576F96 .68 71725700 push 00577271
00576F9B .64:FF30 push dword ptr fs:[eax] //数据引用fs段[eax]压
00576F9E .64:8920 mov dword ptr fs:[eax],esp //fs:[eax]-->esp
00576FA1 .8D55 F0 lea edx,dword ptr [ebp-10] //edx=ebp-10
00576FA4 .8B83 F4020000 mov eax,dword ptr [ebx+2F4] //eax=[ebx+2F4]
00576FAA .E8 4950EDFF call 0044BFF8
00576FAF .8B45 F0 mov eax,dword ptr [ebp-10] //eax=[ebp-10]
00576FB2 .8D55 F4 lea edx,dword ptr [ebp-C] //edx=ebp-C
00576FB5 .E8 5A23E9FF call 00409314
00576FBA .837D F4 00 cmp dword ptr [ebp-C],0 //[ebp-C]?0
00576FBE 0F84 60020000 je 00577224 //估计跑飞
00576FC4 .8D55 E8 lea edx,dword ptr [ebp-18] //edx=ebp-18
00576FC7 .8B83 00030000 mov eax,dword ptr [ebx+300] //eax=[ebx+300]
00576FCD .E8 2650EDFF call 0044BFF8
00576FD2 .8B45 E8 mov eax,dword ptr [ebp-18] //eax=[ebp-18]
00576FD5 .8D55 EC lea edx,dword ptr [ebp-14] //edx=ebp-14
00576FD8 .E8 3723E9FF call 00409314
00576FDD .837D EC 00 cmp dword ptr [ebp-14],0 //ptr [ebp-14]=0?
00576FE1 .0F84 3D020000 je 00577224 //跳
00576FE7 .E8 C0BBE8FF call 00402BAC
00576FEC .B8 03000000 mov eax,3 //eax=3
00576FF1 .E8 4EC1E8FF call 00403144进去
通过刚才的分析我大概可以知道这里应该不是算法
由于没数据,我也不好说
如果你跟踪没错的话 那真实的算法应该还在这里的call中
call 00409314 大的嫌疑
你还需要追进去,这里大概只是得到注册码和长度的什么
00576FD2 .8B45 E8 mov eax,dword ptr [ebp-18] //eax=[ebp-18]
00576FD5 .8D55 EC lea edx,dword ptr [ebp-14] //edx=ebp-14
根据我的经验