乘风破浪wp
# 分析00FC128D .call CFPL.00FC1870 ;检测用户名和密码是否一致
00FC1292 .add esp,0x8
00FC1295 .test al,al ;用户名和密码需要不一致
00FC1297 .jnz short CFPL.00FC12F2
00FC1299 .mov ecx,dword ptr ss: ;用 户 名
00FC129C .mov ebx,dword ptr ds: ;长度
00FC129F .cmp ebx,0x8
00FC12A2 .jl short CFPL.00FC12F2 ;不小于8
00FC12A4 .xor eax,eax
00FC12A6 .test ebx,ebx
00FC12A8 .jle short CFPL.00FC12E2
00FC12AA .lea edx,dword ptr ds: ;长度减一
00FC12AD .lea edi,dword ptr ds: ;长度+长度-2
00FC12B1 >test eax,eax
00FC12B3 .jl short CFPL.00FC1304
00FC12B5 .mov esi,dword ptr ss: ;用户名
00FC12B8 .cmp eax,dword ptr ds: ;长度
00FC12BB .jg short CFPL.00FC1304
00FC12BD .test edx,edx ;减一的
00FC12BF .jl short CFPL.00FC1304
00FC12C1 .mov ecx,dword ptr ss:
00FC12C5 .add ecx,0x7C
00FC12C8 .mov ecx,dword ptr ds: ;密码
00FC12CA .cmp edx,dword ptr ds: ;长度
00FC12CD .jg short CFPL.00FC1304
00FC12CF .mov si,word ptr ds:
00FC12D3 .cmp si,word ptr ds:
00FC12D7 .jnz short CFPL.00FC12F2
00FC12D9 .inc eax
00FC12DA .sub edi,0x2
00FC12DD .dec edx
00FC12DE .cmp eax,ebx
00FC12E0 .^ jl short CFPL.00FC12B1
00FC12E2 >mov eax,dword ptr ds:
00FC12E7 .test eax,eax
00FC12E9 .je short CFPL.00FC12F2
00FC12EB .push eax ; /hEvent = 00000104 (window)
00FC12EC .call dword ptr ds:[<&KERNEL32.SetEvent>] ; \SetEvent
00FC12F2 > >cmp dword ptr ds:,0x0
00FC12F9 .^ jnz CFPL.00FC1240
00FC12FF .pop esi
00FC1300 .pop ebp
00FC1301 .pop ebx
00FC1302 >pop edi
00FC1303 .retn
分析得出用户名和密码是相反顺序
R大,想请教一下这个关键代码是怎么定位的?
页:
[1]