• 逆向笔记013


    00401010   push        ebp
    00401011   mov         ebp,esp
    00401013   sub         esp,50h
    00401016   push        ebx
    00401017   push        esi
    00401018   push        edi
    00401019   lea         edi,[ebp-50h]
    0040101C   mov         ecx,14h
    00401021   mov         eax,0CCCCCCCCh
    00401026   rep stos    dword ptr [edi]
    
    
    00401028   mov         dword ptr [ebp-10h],1;[ebp-10h]=1
    ;调用    printf 
    0040102F   push        offset string "xc7xebxcaxe4xc8xebxc1xbdxb8xf6xcaxfdxa3xacxxbaxcdyxa3xa
    00401034   call        printf (00401160)
    00401039   add         esp,4
    
    ;调用scanf("%d%d",5,3)
    0040103C   lea         eax,[ebp-0Ch]
    0040103F   push        eax
    00401040   lea         ecx,[ebp-8]
    00401043   push        ecx
    00401044   push        offset string "%d%d" (00425054)
    00401049   call        scanf (00401100)
    0040104E   add         esp,0Ch
    
    00401051   mov         dword ptr [ebp-4],1
    
    00401051   mov         dword ptr [ebp-4],1
    00401058   jmp         main+53h (00401063)
    0040105A   mov         edx,dword ptr [ebp-4]
    0040105D   add         edx,1;[ebp-4]+1
    00401063   mov         eax,dword ptr [ebp-4]
    00401066   cmp         eax,dword ptr [ebp-0Ch]
    00401069   jg          main+6Fh (0040107f);如果[ebp-4]<[ebp-0Ch]则跳转
    0040106B   mov         eax,dword ptr [ebp-10h]
    0040106E   imul        eax,dword ptr [ebp-8];[ebp-10h]=[ebp-08h]*[ebp-10h]
    00401072   cdq;将eax中的符号拓展到ecx中
    00401073   mov         ecx,3E8h
    00401078   idiv        eax,ecx;[ebp-10h]/3E8h  将余数送入edx
    0040107A   mov         dword ptr [ebp-10h],edx;[ebp-10h]=edx
    0040107D   jmp         main+4Ah (0040105a);跳到0040105a
    
    
    0040107F   cmp         dword ptr [ebp-10h],64h
    00401083   jl          main+90h (004010a0);[ebp-10h]<64h转移
    00401085   mov         edx,dword ptr [ebp-10h]
    00401088   push        edx
    00401089   mov         eax,dword ptr [ebp-0Ch]
    0040108C   push        eax
    0040108D   mov         ecx,dword ptr [ebp-8]
    00401090   push        ecx
    00401091   push        offset string "%d^%dxb5xc4xd7xeexbaxf3xc8xfdxcexbbxcaxc7xa3xba%d
    " (00425
    00401096   call        printf (00401160)
    0040109B   add         esp,10h
    0040109E   jmp         main+0A9h (004010b9)
    
    004010A0   mov         edx,dword ptr [ebp-10h]
    004010A3   push        edx
    004010A4   mov         eax,dword ptr [ebp-0Ch]
    004010A7   push        eax
    004010A8   mov         ecx,dword ptr [ebp-8]
    004010AB   push        ecx
    004010AC   push        offset string "%d^%dxb5xc4xd7xeexbaxf3xc8xfdxcexbbxcaxc7xa3xba0%d
    " (0042
    004010B1   call        printf (00401160)
    004010B6   add         esp,10h
    
    004010B9   xor         eax,eax
    004010BB   pop         edi
    004010BC   pop         esi
    004010BD   pop         ebx
    004010BE   add         esp,50h
    004010C1   cmp         ebp,esp
    004010C3   call        __chkesp (004011e0)
    004010C8   mov         esp,ebp
    004010CA   pop         ebp
    004010CB   ret
  • 相关阅读:
    adb shell dumpsys的使用
    appium框架之bootstrap
    adb forward交互流程
    adb shell中的am pm命令
    appium日志示例解读
    移动自动化相关名词解释
    appium架构分析
    solr单机环境配置并包含外部单机zookeeper
    Linux下常用的硬件信息查看命令
    Zookeeper服务常用的操作命令
  • 原文地址:https://www.cnblogs.com/zheh/p/4571969.html
Copyright © 2020-2023  润新知