-
-
[旧帖] [求助]请高手帮偶分析这段代码 0.00雪花
-
发表于: 2008-3-23 09:11
-
还是关于查找怪物数组内存的问题。偶已经按照天龙八部的笔记查出一些怪物内存,对有可能是怪物内存的地址下了断点。进入OD,ctrl+g转到0043e871这条指令的地址。向上翻了翻,查出这个框架函数,里边包含关键call等等信息,请汇编高手帮偶分析下。在线等待,3Q。程序部分清单,请有意帮偶的大虾指教下:
0043E2C0 /$ 55 PUSH EBP ; 保存当前ebp
0043E2C1 |. 8BEC MOV EBP,ESP ; ebp设为当前堆栈指针
0043E2C3 |. 6A FF PUSH -1
0043E2C5 |. 68 09897500 PUSH Client.00758909 ; SE 处理程序安装
0043E2CA |. 64:A1 0000000>MOV EAX,DWORD PTR FS:[0] ; 把附加段中0地址中的内容压入堆栈,再把esp放入fs段中的0地址处
0043E2D0 |. 50 PUSH EAX
0043E2D1 |. 64:8925 00000>MOV DWORD PTR FS:[0],ESP
0043E2D8 |. 83EC 08 SUB ESP,8 ; 预留8个字节给函数的临时变量
0043E2DB |. 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
0043E2DE |. 53 PUSH EBX
0043E2DF |. 56 PUSH ESI
0043E2E0 |. 8BF1 MOV ESI,ECX
0043E2E2 |. 57 PUSH EDI
0043E2E3 |. 50 PUSH EAX ; /Arg1
0043E2E4 |. 8975 EC MOV DWORD PTR SS:[EBP-14],ESI ; |?
0043E2E7 |. C706 C85C7600 MOV DWORD PTR DS:[ESI],Client.00765CC8 ; |调用了什么样的关键call
0043E2ED |. E8 6E371900 CALL Client.005D1A60 ; \Client.005D1A60
0043E2F2 |. 33DB XOR EBX,EBX
0043E2F4 |. 8D4E 08 LEA ECX,DWORD PTR DS:[ESI+8]
0043E2F7 |. 895D FC MOV DWORD PTR SS:[EBP-4],EBX ; 这个关键call又啥意思
0043E2FA |. E8 E15B0000 CALL Client.00443EE0
0043E2FF |. 8A4D 0B MOV CL,BYTE PTR SS:[EBP+B]
0043E302 |. 899E E4000000 MOV DWORD PTR DS:[ESI+E4],EBX
0043E308 |. 888E E0000000 MOV BYTE PTR DS:[ESI+E0],CL
0043E30E |. 899E E8000000 MOV DWORD PTR DS:[ESI+E8],EBX
0043E314 |. 899E EC000000 MOV DWORD PTR DS:[ESI+EC],EBX
0043E31A |. 8DBE F0050000 LEA EDI,DWORD PTR DS:[ESI+5F0]
0043E320 |. 899E 28040000 MOV DWORD PTR DS:[ESI+428],EBX
0043E326 |. C645 FC 02 MOV BYTE PTR SS:[EBP-4],2
0043E32A |. 897D F0 MOV DWORD PTR SS:[EBP-10],EDI
0043E32D |. 8D57 0C LEA EDX,DWORD PTR DS:[EDI+C]
0043E330 |. C607 01 MOV BYTE PTR DS:[EDI],1
0043E333 |. 52 PUSH EDX
0043E334 |. C647 01 01 MOV BYTE PTR DS:[EDI+1],1
0043E338 |. 895F 04 MOV DWORD PTR DS:[EDI+4],EBX
0043E33B |. 885F 08 MOV BYTE PTR DS:[EDI+8],BL
0043E33E |. E8 4DEFFDFF CALL Client.0041D290
0043E343 |. 68 E8380000 PUSH 38E8
0043E348 |. C645 FC 03 MOV BYTE PTR SS:[EBP-4],3
0043E34C |. 885F 5C MOV BYTE PTR DS:[EDI+5C],BL
0043E34F |. 885F 5D MOV BYTE PTR DS:[EDI+5D],BL
0043E352 |. E8 91FD2C00 CALL Client.0070E0E8
0043E357 |. 83C4 08 ADD ESP,8
0043E35A |. 8945 08 MOV DWORD PTR SS:[EBP+8],EAX
0043E35D |. 3BC3 CMP EAX,EBX
0043E35F |. C645 FC 04 MOV BYTE PTR SS:[EBP-4],4
0043E363 |. 74 4B JE SHORT Client.0043E3B0
0043E365 |. 68 40234400 PUSH Client.00442340 ; /Arg4 = 00442340
0043E36A |. 6A 46 PUSH 46 ; |Arg3 = 00000046
0043E36C |. 83C0 08 ADD EAX,8 ; |
0043E36F |. 68 CC000000 PUSH 0CC ; |Arg2 = 000000CC
0043E374 |. 50 PUSH EAX ; |Arg1
0043E375 |. E8 B637FCFF CALL Client.00401B30 ; \Client.00401B30
0043E37A |. 8B7D 08 MOV EDI,DWORD PTR SS:[EBP+8]
0043E37D |. 8D8F 1C380000 LEA ECX,DWORD PTR DS:[EDI+381C]
0043E383 |. E8 B83F0000 CALL Client.00442340
0043E388 |. C707 C05C7600 MOV DWORD PTR DS:[EDI],Client.00765CC0
0043E38E |. 81C7 D0370000 ADD EDI,37D0
0043E394 |. B9 11000000 MOV ECX,11
0043E399 |. 33C0 XOR EAX,EAX
0043E39B |. F3:AB REP STOS DWORD PTR ES:[EDI]
0043E39D |. 66:AB STOS WORD PTR ES:[EDI]
0043E39F |. 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
0043E3A2 |. 8B7D F0 MOV EDI,DWORD PTR SS:[EBP-10]
0043E3A5 |. 8958 04 MOV DWORD PTR DS:[EAX+4],EBX
0043E3A8 |. 8998 18380000 MOV DWORD PTR DS:[EAX+3818],EBX
0043E3AE |. EB 02 JMP SHORT Client.0043E3B2
0043E3B0 |> 33C0 XOR EAX,EAX
0043E3B2 |> 8947 58 MOV DWORD PTR DS:[EDI+58],EAX
0043E3B5 |. 8DBE 50060000 LEA EDI,DWORD PTR DS:[ESI+650]
0043E3BB |. C645 FC 05 MOV BYTE PTR SS:[EBP-4],5
0043E3BF |. 897D F0 MOV DWORD PTR SS:[EBP-10],EDI
0043E3C2 |. 8D47 0C LEA EAX,DWORD PTR DS:[EDI+C]
0043E3C5 |. C607 01 MOV BYTE PTR DS:[EDI],1
0043E3C8 |. 50 PUSH EAX
0043E3C9 |. C647 01 01 MOV BYTE PTR DS:[EDI+1],1
0043E3CD |. 895F 04 MOV DWORD PTR DS:[EDI+4],EBX
0043E3D0 |. 885F 08 MOV BYTE PTR DS:[EDI+8],BL
0043E3D3 |. E8 B8EEFDFF CALL Client.0041D290
0043E3D8 |. 68 E8380000 PUSH 38E8
0043E3DD |. C645 FC 06 MOV BYTE PTR SS:[EBP-4],6
0043E3E1 |. 885F 5C MOV BYTE PTR DS:[EDI+5C],BL
0043E3E4 |. 885F 5D MOV BYTE PTR DS:[EDI+5D],BL
0043E3E7 |. E8 FCFC2C00 CALL Client.0070E0E8
0043E3EC |. 83C4 08 ADD ESP,8
0043E3EF |. 8945 08 MOV DWORD PTR SS:[EBP+8],EAX
0043E3F2 |. 3BC3 CMP EAX,EBX
0043E3F4 |. C645 FC 07 MOV BYTE PTR SS:[EBP-4],7
0043E3F8 |. 74 4B JE SHORT Client.0043E445
0043E3FA |. 68 40234400 PUSH Client.00442340 ; /Arg4 = 00442340
0043E3FF |. 6A 46 PUSH 46 ; |Arg3 = 00000046
0043E401 |. 83C0 08 ADD EAX,8 ; |
0043E404 |. 68 CC000000 PUSH 0CC ; |Arg2 = 000000CC
0043E409 |. 50 PUSH EAX ; |Arg1
0043E40A |. E8 2137FCFF CALL Client.00401B30 ; \Client.00401B30
0043E40F |. 8B7D 08 MOV EDI,DWORD PTR SS:[EBP+8]
0043E412 |. 8D8F 1C380000 LEA ECX,DWORD PTR DS:[EDI+381C]
0043E418 |. E8 233F0000 CALL Client.00442340
0043E41D |. C707 C05C7600 MOV DWORD PTR DS:[EDI],Client.00765CC0
0043E423 |. 81C7 D0370000 ADD EDI,37D0
0043E429 |. B9 11000000 MOV ECX,11
0043E42E |. 33C0 XOR EAX,EAX
0043E430 |. F3:AB REP STOS DWORD PTR ES:[EDI]
0043E432 |. 66:AB STOS WORD PTR ES:[EDI]
0043E434 |. 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
0043E437 |. 8B7D F0 MOV EDI,DWORD PTR SS:[EBP-10]
0043E43A |. 8958 04 MOV DWORD PTR DS:[EAX+4],EBX
0043E43D |. 8998 18380000 MOV DWORD PTR DS:[EAX+3818],EBX
0043E443 |. EB 02 JMP SHORT Client.0043E447
0043E445 |> 33C0 XOR EAX,EAX
0043E447 |> 8947 58 MOV DWORD PTR DS:[EDI+58],EAX
0043E44A |. 8DBE B0060000 LEA EDI,DWORD PTR DS:[ESI+6B0]
0043E450 |. C645 FC 08 MOV BYTE PTR SS:[EBP-4],8
0043E454 |. 897D 08 MOV DWORD PTR SS:[EBP+8],EDI
0043E457 |. 8D4F 0C LEA ECX,DWORD PTR DS:[EDI+C]
0043E45A |. C607 01 MOV BYTE PTR DS:[EDI],1
0043E45D |. 51 PUSH ECX
0043E45E |. C647 01 01 MOV BYTE PTR DS:[EDI+1],1
0043E462 |. 895F 04 MOV DWORD PTR DS:[EDI+4],EBX
0043E465 |. 885F 08 MOV BYTE PTR DS:[EDI+8],BL
0043E468 |. E8 23EEFDFF CALL Client.0041D290
0043E46D |. 68 E8380000 PUSH 38E8
0043E472 |. C645 FC 09 MOV BYTE PTR SS:[EBP-4],9
0043E476 |. 885F 5C MOV BYTE PTR DS:[EDI+5C],BL
0043E479 |. 885F 5D MOV BYTE PTR DS:[EDI+5D],BL
0043E47C |. E8 67FC2C00 CALL Client.0070E0E8
0043E481 |. 83C4 08 ADD ESP,8
0043E484 |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
0043E487 |. 3BC3 CMP EAX,EBX
0043E489 |. C645 FC 0A MOV BYTE PTR SS:[EBP-4],0A
0043E48D |. 74 09 JE SHORT Client.0043E498
0043E48F |. 8BC8 MOV ECX,EAX
0043E491 |. E8 7A380000 CALL Client.00441D10
0043E496 |. EB 02 JMP SHORT Client.0043E49A
0043E498 |> 33C0 XOR EAX,EAX
0043E49A |> 8947 58 MOV DWORD PTR DS:[EDI+58],EAX
0043E49D |. 8DBE 10070000 LEA EDI,DWORD PTR DS:[ESI+710]
0043E4A3 |. C645 FC 0B MOV BYTE PTR SS:[EBP-4],0B
0043E4A7 |. 897D 08 MOV DWORD PTR SS:[EBP+8],EDI
0043E4AA |. 8D57 0C LEA EDX,DWORD PTR DS:[EDI+C]
0043E4AD |. C607 01 MOV BYTE PTR DS:[EDI],1
0043E4B0 |. 52 PUSH EDX
0043E4B1 |. C647 01 01 MOV BYTE PTR DS:[EDI+1],1
0043E4B5 |. 895F 04 MOV DWORD PTR DS:[EDI+4],EBX
0043E4B8 |. 885F 08 MOV BYTE PTR DS:[EDI+8],BL
0043E4BB |. E8 D0EDFDFF CALL Client.0041D290
0043E4C0 |. 68 E8380000 PUSH 38E8
0043E4C5 |. C645 FC 0C MOV BYTE PTR SS:[EBP-4],0C
0043E4C9 |. 885F 5C MOV BYTE PTR DS:[EDI+5C],BL
0043E4CC |. 885F 5D MOV BYTE PTR DS:[EDI+5D],BL
0043E4CF |. E8 14FC2C00 CALL Client.0070E0E8
0043E4D4 |. 83C4 08 ADD ESP,8
0043E4D7 |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
0043E4DA |. 3BC3 CMP EAX,EBX
0043E4DC |. C645 FC 0D MOV BYTE PTR SS:[EBP-4],0D
0043E4E0 |. 74 09 JE SHORT Client.0043E4EB
0043E4E2 |. 8BC8 MOV ECX,EAX
0043E4E4 |. E8 27380000 CALL Client.00441D10
0043E4E9 |. EB 02 JMP SHORT Client.0043E4ED
0043E4EB |> 33C0 XOR EAX,EAX
0043E4ED |> 8947 58 MOV DWORD PTR DS:[EDI+58],EAX
0043E4F0 |. 8DBE 70070000 LEA EDI,DWORD PTR DS:[ESI+770]
0043E4F6 |. C645 FC 0E MOV BYTE PTR SS:[EBP-4],0E
0043E4FA |. 897D 08 MOV DWORD PTR SS:[EBP+8],EDI
0043E4FD |. 8D47 0C LEA EAX,DWORD PTR DS:[EDI+C]
0043E500 |. C607 01 MOV BYTE PTR DS:[EDI],1
0043E503 |. 50 PUSH EAX
0043E504 |. C647 01 01 MOV BYTE PTR DS:[EDI+1],1
0043E508 |. 895F 04 MOV DWORD PTR DS:[EDI+4],EBX
0043E50B |. 885F 08 MOV BYTE PTR DS:[EDI+8],BL
0043E50E |. E8 7DEDFDFF CALL Client.0041D290
0043E513 |. 68 E8380000 PUSH 38E8
0043E518 |. C645 FC 0F MOV BYTE PTR SS:[EBP-4],0F
0043E51C |. 885F 5C MOV BYTE PTR DS:[EDI+5C],BL
0043E51F |. 885F 5D MOV BYTE PTR DS:[EDI+5D],BL
0043E522 |. E8 C1FB2C00 CALL Client.0070E0E8
0043E527 |. 83C4 08 ADD ESP,8
0043E52A |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
0043E52D |. 3BC3 CMP EAX,EBX
0043E52F |. C645 FC 10 MOV BYTE PTR SS:[EBP-4],10
0043E533 |. 74 09 JE SHORT Client.0043E53E
0043E535 |. 8BC8 MOV ECX,EAX
0043E537 |. E8 D4370000 CALL Client.00441D10
0043E53C |. EB 02 JMP SHORT Client.0043E540
0043E53E |> 33C0 XOR EAX,EAX
0043E540 |> 8947 58 MOV DWORD PTR DS:[EDI+58],EAX
0043E543 |. 8DBE D0070000 LEA EDI,DWORD PTR DS:[ESI+7D0]
0043E549 |. C645 FC 11 MOV BYTE PTR SS:[EBP-4],11
0043E54D |. 897D 08 MOV DWORD PTR SS:[EBP+8],EDI
0043E550 |. 8D4F 0C LEA ECX,DWORD PTR DS:[EDI+C]
0043E553 |. C607 01 MOV BYTE PTR DS:[EDI],1
0043E556 |. 51 PUSH ECX
0043E557 |. C647 01 01 MOV BYTE PTR DS:[EDI+1],1
0043E55B |. 895F 04 MOV DWORD PTR DS:[EDI+4],EBX
0043E55E |. 885F 08 MOV BYTE PTR DS:[EDI+8],BL
0043E561 |. E8 2AEDFDFF CALL Client.0041D290
0043E566 |. 68 E8380000 PUSH 38E8
0043E56B |. C645 FC 12 MOV BYTE PTR SS:[EBP-4],12
0043E56F |. 885F 5C MOV BYTE PTR DS:[EDI+5C],BL
0043E572 |. 885F 5D MOV BYTE PTR DS:[EDI+5D],BL
0043E575 |. E8 6EFB2C00 CALL Client.0070E0E8
0043E57A |. 83C4 08 ADD ESP,8
0043E57D |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
0043E580 |. 3BC3 CMP EAX,EBX
0043E582 |. C645 FC 13 MOV BYTE PTR SS:[EBP-4],13
0043E586 |. 74 09 JE SHORT Client.0043E591
0043E588 |. 8BC8 MOV ECX,EAX
0043E58A |. E8 81370000 CALL Client.00441D10
0043E58F |. EB 02 JMP SHORT Client.0043E593
0043E591 |> 33C0 XOR EAX,EAX
0043E593 |> 8947 58 MOV DWORD PTR DS:[EDI+58],EAX
0043E596 |. 8DBE 30080000 LEA EDI,DWORD PTR DS:[ESI+830]
0043E59C |. C645 FC 14 MOV BYTE PTR SS:[EBP-4],14
0043E5A0 |. 897D 08 MOV DWORD PTR SS:[EBP+8],EDI
0043E5A3 |. 8D57 0C LEA EDX,DWORD PTR DS:[EDI+C]
0043E5A6 |. C607 01 MOV BYTE PTR DS:[EDI],1
0043E5A9 |. 52 PUSH EDX
0043E5AA |. C647 01 01 MOV BYTE PTR DS:[EDI+1],1
0043E5AE |. 895F 04 MOV DWORD PTR DS:[EDI+4],EBX
0043E5B1 |. 885F 08 MOV BYTE PTR DS:[EDI+8],BL
0043E5B4 |. E8 D7ECFDFF CALL Client.0041D290
0043E5B9 |. 68 E8380000 PUSH 38E8
0043E5BE |. C645 FC 15 MOV BYTE PTR SS:[EBP-4],15
0043E5C2 |. 885F 5C MOV BYTE PTR DS:[EDI+5C],BL
0043E5C5 |. 885F 5D MOV BYTE PTR DS:[EDI+5D],BL
0043E5C8 |. E8 1BFB2C00 CALL Client.0070E0E8
0043E5CD |. 83C4 08 ADD ESP,8
0043E5D0 |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
0043E5D3 |. 3BC3 CMP EAX,EBX
0043E5D5 |. C645 FC 16 MOV BYTE PTR SS:[EBP-4],16
0043E5D9 |. 74 09 JE SHORT Client.0043E5E4
0043E5DB |. 8BC8 MOV ECX,EAX
0043E5DD |. E8 2E370000 CALL Client.00441D10
0043E5E2 |. EB 02 JMP SHORT Client.0043E5E6
0043E5E4 |> 33C0 XOR EAX,EAX
0043E5E6 |> 8947 58 MOV DWORD PTR DS:[EDI+58],EAX
0043E5E9 |. 8DBE 94080000 LEA EDI,DWORD PTR DS:[ESI+894]
0043E5EF |. C645 FC 17 MOV BYTE PTR SS:[EBP-4],17
0043E5F3 |. 897D 08 MOV DWORD PTR SS:[EBP+8],EDI
0043E5F6 |. 8D47 0C LEA EAX,DWORD PTR DS:[EDI+C]
0043E5F9 |. C607 01 MOV BYTE PTR DS:[EDI],1
0043E5FC |. 50 PUSH EAX
0043E5FD |. C647 01 01 MOV BYTE PTR DS:[EDI+1],1
0043E601 |. 895F 04 MOV DWORD PTR DS:[EDI+4],EBX
0043E604 |. 885F 08 MOV BYTE PTR DS:[EDI+8],BL
0043E607 |. E8 84ECFDFF CALL Client.0041D290
0043E60C |. 68 E8380000 PUSH 38E8
0043E611 |. C645 FC 18 MOV BYTE PTR SS:[EBP-4],18
0043E615 |. 885F 5C MOV BYTE PTR DS:[EDI+5C],BL
0043E618 |. 885F 5D MOV BYTE PTR DS:[EDI+5D],BL
0043E61B |. E8 C8FA2C00 CALL Client.0070E0E8
0043E620 |. 83C4 08 ADD ESP,8
0043E623 |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
0043E626 |. 3BC3 CMP EAX,EBX
0043E628 |. C645 FC 19 MOV BYTE PTR SS:[EBP-4],19
0043E62C |. 74 09 JE SHORT Client.0043E637
0043E62E |. 8BC8 MOV ECX,EAX
0043E630 |. E8 DB360000 CALL Client.00441D10
0043E635 |. EB 02 JMP SHORT Client.0043E639
0043E637 |> 33C0 XOR EAX,EAX
0043E639 |> 8947 58 MOV DWORD PTR DS:[EDI+58],EAX
0043E63C |. C706 B05C7600 MOV DWORD PTR DS:[ESI],Client.00765CB0
0043E642 |. C746 08 9C5C7>MOV DWORD PTR DS:[ESI+8],Client.00765C9C
0043E649 |. 899E 2C030000 MOV DWORD PTR DS:[ESI+32C],EBX
0043E64F |. 899E 34030000 MOV DWORD PTR DS:[ESI+334],EBX
0043E655 |. 899E 30030000 MOV DWORD PTR DS:[ESI+330],EBX
0043E65B |. 895E 30 MOV DWORD PTR DS:[ESI+30],EBX
0043E65E |. 899E D0050000 MOV DWORD PTR DS:[ESI+5D0],EBX
0043E664 |. B9 29000000 MOV ECX,29
0043E669 |. 33C0 XOR EAX,EAX
0043E66B |. 8D7E 34 LEA EDI,DWORD PTR DS:[ESI+34]
0043E66E |. 899E C4050000 MOV DWORD PTR DS:[ESI+5C4],EBX
0043E674 |. C645 FC 1A MOV BYTE PTR SS:[EBP-4],1A
0043E678 |. F3:AB REP STOS DWORD PTR ES:[EDI]
0043E67A |. 8DBE E0000000 LEA EDI,DWORD PTR DS:[ESI+E0]
0043E680 |. 899E D8000000 MOV DWORD PTR DS:[ESI+D8],EBX
0043E686 |. C786 DC000000>MOV DWORD PTR DS:[ESI+DC],0F
0043E690 |. 8B47 04 MOV EAX,DWORD PTR DS:[EDI+4]
0043E693 |. 3BC3 CMP EAX,EBX
0043E695 |. 74 0D JE SHORT Client.0043E6A4
0043E697 |. 8B4F 0C MOV ECX,DWORD PTR DS:[EDI+C]
0043E69A |. 2BC8 SUB ECX,EAX
0043E69C |. C1F9 04 SAR ECX,4
0043E69F |. 83F9 40 CMP ECX,40
0043E6A2 |. 73 5E JNB SHORT Client.0043E702
0043E6A4 |> 68 00040000 PUSH 400
0043E6A9 |. E8 3AFA2C00 CALL Client.0070E0E8
0043E6AE |. 8B57 08 MOV EDX,DWORD PTR DS:[EDI+8]
0043E6B1 |. 83C4 04 ADD ESP,4
0043E6B4 |. 8945 08 MOV DWORD PTR SS:[EBP+8],EAX
0043E6B7 |. 8BCF MOV ECX,EDI
0043E6B9 |. 50 PUSH EAX ; /Arg3
0043E6BA |. 8B47 04 MOV EAX,DWORD PTR DS:[EDI+4] ; |
0043E6BD |. 52 PUSH EDX ; |Arg2
0043E6BE |. 50 PUSH EAX ; |Arg1
0043E6BF |. E8 AC380000 CALL Client.00441F70 ; \Client.00441F70
0043E6C4 |. 8B4F 08 MOV ECX,DWORD PTR DS:[EDI+8]
0043E6C7 |. 8B57 04 MOV EDX,DWORD PTR DS:[EDI+4]
0043E6CA |. 51 PUSH ECX
0043E6CB |. 52 PUSH EDX
0043E6CC |. 8BCF MOV ECX,EDI
0043E6CE |. E8 8D380000 CALL Client.00441F60
0043E6D3 |. 8B47 04 MOV EAX,DWORD PTR DS:[EDI+4]
0043E6D6 |. 50 PUSH EAX
0043E6D7 |. E8 A4092C00 CALL Client.006FF080
0043E6DC |. 8B4D 08 MOV ECX,DWORD PTR SS:[EBP+8]
0043E6DF |. 83C4 04 ADD ESP,4
0043E6E2 |. 81C1 00040000 ADD ECX,400
0043E6E8 |. 894F 0C MOV DWORD PTR DS:[EDI+C],ECX
0043E6EB |. 8BCF MOV ECX,EDI
0043E6ED |. E8 EE370000 CALL Client.00441EE0
0043E6F2 |. 8BD0 MOV EDX,EAX
0043E6F4 |. 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
0043E6F7 |. C1E2 04 SHL EDX,4
0043E6FA |. 03D0 ADD EDX,EAX
0043E6FC |. 8947 04 MOV DWORD PTR DS:[EDI+4],EAX
0043E6FF |. 8957 08 MOV DWORD PTR DS:[EDI+8],EDX
0043E702 |> C786 F4000000>MOV DWORD PTR DS:[ESI+F4],BF800000
0043E70C |. 899E F0000000 MOV DWORD PTR DS:[ESI+F0],EBX
0043E712 |. 899E 6C050000 MOV DWORD PTR DS:[ESI+56C],EBX
0043E718 |. 899E 70050000 MOV DWORD PTR DS:[ESI+570],EBX
0043E71E |. 899E F8000000 MOV DWORD PTR DS:[ESI+F8],EBX
0043E724 |. 889E FC000000 MOV BYTE PTR DS:[ESI+FC],BL
0043E72A |. BF 0000803F MOV EDI,3F800000
0043E72F |. 899E 00010000 MOV DWORD PTR DS:[ESI+100],EBX
0043E735 |. 89BE 04010000 MOV DWORD PTR DS:[ESI+104],EDI
0043E73B |. 8D8E AC020000 LEA ECX,DWORD PTR DS:[ESI+2AC]
0043E741 |. 889E 08010000 MOV BYTE PTR DS:[ESI+108],BL
0043E747 |. 33C0 XOR EAX,EAX
0043E749 |. 899E 10010000 MOV DWORD PTR DS:[ESI+110],EBX
0043E74F |. 8901 MOV DWORD PTR DS:[ECX],EAX
0043E751 |. 6A 05 PUSH 5
0043E753 |. 8941 04 MOV DWORD PTR DS:[ECX+4],EAX
0043E756 |. 8941 08 MOV DWORD PTR DS:[ECX+8],EAX
0043E759 |. 8941 0C MOV DWORD PTR DS:[ECX+C],EAX
0043E75C |. 8941 10 MOV DWORD PTR DS:[ECX+10],EAX
0043E75F |. 899E C0020000 MOV DWORD PTR DS:[ESI+2C0],EBX
0043E765 |. 899E 74030000 MOV DWORD PTR DS:[ESI+374],EBX
0043E76B |. B8 FFFF0000 MOV EAX,0FFFF
0043E770 |. 899E C8020000 MOV DWORD PTR DS:[ESI+2C8],EBX
0043E776 |. 8986 28030000 MOV DWORD PTR DS:[ESI+328],EAX
0043E77C |. 899E D4030000 MOV DWORD PTR DS:[ESI+3D4],EBX
0043E782 |. 899E D0020000 MOV DWORD PTR DS:[ESI+2D0],EBX
0043E788 |. 899E 08050000 MOV DWORD PTR DS:[ESI+508],EBX
0043E78E |. 8986 38030000 MOV DWORD PTR DS:[ESI+338],EAX
0043E794 |. 899E 44040000 MOV DWORD PTR DS:[ESI+444],EBX
0043E79A |. 8986 48040000 MOV DWORD PTR DS:[ESI+448],EAX
0043E7A0 |. 899E 0C050000 MOV DWORD PTR DS:[ESI+50C],EBX
0043E7A6 |. 899E 74050000 MOV DWORD PTR DS:[ESI+574],EBX
0043E7AC |. 899E B0050000 MOV DWORD PTR DS:[ESI+5B0],EBX
0043E7B2 |. 899E AC050000 MOV DWORD PTR DS:[ESI+5AC],EBX
0043E7B8 |. 899E B4050000 MOV DWORD PTR DS:[ESI+5B4],EBX
0043E7BE |. 899E B8050000 MOV DWORD PTR DS:[ESI+5B8],EBX
0043E7C4 |. 899E BC050000 MOV DWORD PTR DS:[ESI+5BC],EBX
0043E7CA |. E8 415A0000 CALL Client.00444210
0043E7CF |. A3 C4262E01 MOV DWORD PTR DS:[12E26C4],EAX
0043E7D4 |. 8D86 10050000 LEA EAX,DWORD PTR DS:[ESI+510]
0043E7DA |. 33D2 XOR EDX,EDX
0043E7DC |. 899E A8050000 MOV DWORD PTR DS:[ESI+5A8],EBX
0043E7E2 |. 899E 7C050000 MOV DWORD PTR DS:[ESI+57C],EBX
0043E7E8 |. 899E 78050000 MOV DWORD PTR DS:[ESI+578],EBX
0043E7EE |. C746 10 2D000>MOV DWORD PTR DS:[ESI+10],2D
0043E7F5 |. C746 18 02000>MOV DWORD PTR DS:[ESI+18],2
0043E7FC |. 89BE 30050000 MOV DWORD PTR DS:[ESI+530],EDI
0043E802 |. 89BE 34050000 MOV DWORD PTR DS:[ESI+534],EDI
0043E808 |. 89BE 38050000 MOV DWORD PTR DS:[ESI+538],EDI
0043E80E |. 89BE 3C050000 MOV DWORD PTR DS:[ESI+53C],EDI
0043E814 |. 89BE 20050000 MOV DWORD PTR DS:[ESI+520],EDI
0043E81A |. 89BE 24050000 MOV DWORD PTR DS:[ESI+524],EDI
0043E820 |. 89BE 28050000 MOV DWORD PTR DS:[ESI+528],EDI
0043E826 |. 89BE 2C050000 MOV DWORD PTR DS:[ESI+52C],EDI
0043E82C |. 89BE 40050000 MOV DWORD PTR DS:[ESI+540],EDI
0043E832 |. 89BE 44050000 MOV DWORD PTR DS:[ESI+544],EDI
0043E838 |. 89BE 48050000 MOV DWORD PTR DS:[ESI+548],EDI
0043E83E |. 89BE 4C050000 MOV DWORD PTR DS:[ESI+54C],EDI
0043E844 |. 899E 5C050000 MOV DWORD PTR DS:[ESI+55C],EBX
0043E84A |. 899E 58050000 MOV DWORD PTR DS:[ESI+558],EBX
0043E850 |. 899E 54050000 MOV DWORD PTR DS:[ESI+554],EBX
0043E856 |. 899E 50050000 MOV DWORD PTR DS:[ESI+550],EBX
0043E85C |. 899E 60050000 MOV DWORD PTR DS:[ESI+560],EBX
0043E862 |. 8910 MOV DWORD PTR DS:[EAX],EDX
0043E864 |. 83C4 04 ADD ESP,4
0043E867 |. B9 14000000 MOV ECX,14
0043E86C |. 8950 04 MOV DWORD PTR DS:[EAX+4],EDX
0043E86F |. 33C0 XOR EAX,EAX
0043E871 |. 8DBE D4020000 LEA EDI,DWORD PTR DS:[ESI+2D4] ; 取出esi+2d4的偏移地址给edi
0043E877 |. F3:AB REP STOS DWORD PTR ES:[EDI] ; 重复执行stos这条指令。stos把edi中的怪物串送到eax中
0043E879 |. B8 01000000 MOV EAX,1
0043E87E |. 899E C8050000 MOV DWORD PTR DS:[ESI+5C8],EBX
0043E884 |. 8946 2C MOV DWORD PTR DS:[ESI+2C],EAX
0043E887 |. 8986 3C040000 MOV DWORD PTR DS:[ESI+43C],EAX
0043E88D |. 899E CC050000 MOV DWORD PTR DS:[ESI+5CC],EBX
0043E893 |. 895E 28 MOV DWORD PTR DS:[ESI+28],EBX
0043E896 |. 895E 20 MOV DWORD PTR DS:[ESI+20],EBX
0043E899 |. 895E 24 MOV DWORD PTR DS:[ESI+24],EBX
0043E89C |. 8BC6 MOV EAX,ESI
0043E89E |. 5F POP EDI
0043E89F |. 5E POP ESI
0043E8A0 |. 8B4D F4 MOV ECX,DWORD PTR SS:[EBP-C]
0043E8A3 |. 5B POP EBX
0043E8A4 |. 64:890D 00000>MOV DWORD PTR FS:[0],ECX
0043E8AB |. 8BE5 MOV ESP,EBP
0043E8AD |. 5D POP EBP
0043E8AE \. C2 0400 RET 4
偶晕啊,
0043E2C0 /$ 55 PUSH EBP ; 保存当前ebp
0043E2C1 |. 8BEC MOV EBP,ESP ; ebp设为当前堆栈指针
0043E2C3 |. 6A FF PUSH -1
0043E2C5 |. 68 09897500 PUSH Client.00758909 ; SE 处理程序安装
0043E2CA |. 64:A1 0000000>MOV EAX,DWORD PTR FS:[0] ; 把附加段中0地址中的内容压入堆栈,再把esp放入fs段中的0地址处
0043E2D0 |. 50 PUSH EAX
0043E2D1 |. 64:8925 00000>MOV DWORD PTR FS:[0],ESP
0043E2D8 |. 83EC 08 SUB ESP,8 ; 预留8个字节给函数的临时变量
0043E2DB |. 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
0043E2DE |. 53 PUSH EBX
0043E2DF |. 56 PUSH ESI
0043E2E0 |. 8BF1 MOV ESI,ECX
0043E2E2 |. 57 PUSH EDI
0043E2E3 |. 50 PUSH EAX ; /Arg1
0043E2E4 |. 8975 EC MOV DWORD PTR SS:[EBP-14],ESI ; |?
0043E2E7 |. C706 C85C7600 MOV DWORD PTR DS:[ESI],Client.00765CC8 ; |调用了什么样的关键call
0043E2ED |. E8 6E371900 CALL Client.005D1A60 ; \Client.005D1A60
0043E2F2 |. 33DB XOR EBX,EBX
0043E2F4 |. 8D4E 08 LEA ECX,DWORD PTR DS:[ESI+8]
0043E2F7 |. 895D FC MOV DWORD PTR SS:[EBP-4],EBX ; 这个关键call又啥意思
0043E2FA |. E8 E15B0000 CALL Client.00443EE0
0043E2FF |. 8A4D 0B MOV CL,BYTE PTR SS:[EBP+B]
0043E302 |. 899E E4000000 MOV DWORD PTR DS:[ESI+E4],EBX
0043E308 |. 888E E0000000 MOV BYTE PTR DS:[ESI+E0],CL
0043E30E |. 899E E8000000 MOV DWORD PTR DS:[ESI+E8],EBX
0043E314 |. 899E EC000000 MOV DWORD PTR DS:[ESI+EC],EBX
0043E31A |. 8DBE F0050000 LEA EDI,DWORD PTR DS:[ESI+5F0]
0043E320 |. 899E 28040000 MOV DWORD PTR DS:[ESI+428],EBX
0043E326 |. C645 FC 02 MOV BYTE PTR SS:[EBP-4],2
0043E32A |. 897D F0 MOV DWORD PTR SS:[EBP-10],EDI
0043E32D |. 8D57 0C LEA EDX,DWORD PTR DS:[EDI+C]
0043E330 |. C607 01 MOV BYTE PTR DS:[EDI],1
0043E333 |. 52 PUSH EDX
0043E334 |. C647 01 01 MOV BYTE PTR DS:[EDI+1],1
0043E338 |. 895F 04 MOV DWORD PTR DS:[EDI+4],EBX
0043E33B |. 885F 08 MOV BYTE PTR DS:[EDI+8],BL
0043E33E |. E8 4DEFFDFF CALL Client.0041D290
0043E343 |. 68 E8380000 PUSH 38E8
0043E348 |. C645 FC 03 MOV BYTE PTR SS:[EBP-4],3
0043E34C |. 885F 5C MOV BYTE PTR DS:[EDI+5C],BL
0043E34F |. 885F 5D MOV BYTE PTR DS:[EDI+5D],BL
0043E352 |. E8 91FD2C00 CALL Client.0070E0E8
0043E357 |. 83C4 08 ADD ESP,8
0043E35A |. 8945 08 MOV DWORD PTR SS:[EBP+8],EAX
0043E35D |. 3BC3 CMP EAX,EBX
0043E35F |. C645 FC 04 MOV BYTE PTR SS:[EBP-4],4
0043E363 |. 74 4B JE SHORT Client.0043E3B0
0043E365 |. 68 40234400 PUSH Client.00442340 ; /Arg4 = 00442340
0043E36A |. 6A 46 PUSH 46 ; |Arg3 = 00000046
0043E36C |. 83C0 08 ADD EAX,8 ; |
0043E36F |. 68 CC000000 PUSH 0CC ; |Arg2 = 000000CC
0043E374 |. 50 PUSH EAX ; |Arg1
0043E375 |. E8 B637FCFF CALL Client.00401B30 ; \Client.00401B30
0043E37A |. 8B7D 08 MOV EDI,DWORD PTR SS:[EBP+8]
0043E37D |. 8D8F 1C380000 LEA ECX,DWORD PTR DS:[EDI+381C]
0043E383 |. E8 B83F0000 CALL Client.00442340
0043E388 |. C707 C05C7600 MOV DWORD PTR DS:[EDI],Client.00765CC0
0043E38E |. 81C7 D0370000 ADD EDI,37D0
0043E394 |. B9 11000000 MOV ECX,11
0043E399 |. 33C0 XOR EAX,EAX
0043E39B |. F3:AB REP STOS DWORD PTR ES:[EDI]
0043E39D |. 66:AB STOS WORD PTR ES:[EDI]
0043E39F |. 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
0043E3A2 |. 8B7D F0 MOV EDI,DWORD PTR SS:[EBP-10]
0043E3A5 |. 8958 04 MOV DWORD PTR DS:[EAX+4],EBX
0043E3A8 |. 8998 18380000 MOV DWORD PTR DS:[EAX+3818],EBX
0043E3AE |. EB 02 JMP SHORT Client.0043E3B2
0043E3B0 |> 33C0 XOR EAX,EAX
0043E3B2 |> 8947 58 MOV DWORD PTR DS:[EDI+58],EAX
0043E3B5 |. 8DBE 50060000 LEA EDI,DWORD PTR DS:[ESI+650]
0043E3BB |. C645 FC 05 MOV BYTE PTR SS:[EBP-4],5
0043E3BF |. 897D F0 MOV DWORD PTR SS:[EBP-10],EDI
0043E3C2 |. 8D47 0C LEA EAX,DWORD PTR DS:[EDI+C]
0043E3C5 |. C607 01 MOV BYTE PTR DS:[EDI],1
0043E3C8 |. 50 PUSH EAX
0043E3C9 |. C647 01 01 MOV BYTE PTR DS:[EDI+1],1
0043E3CD |. 895F 04 MOV DWORD PTR DS:[EDI+4],EBX
0043E3D0 |. 885F 08 MOV BYTE PTR DS:[EDI+8],BL
0043E3D3 |. E8 B8EEFDFF CALL Client.0041D290
0043E3D8 |. 68 E8380000 PUSH 38E8
0043E3DD |. C645 FC 06 MOV BYTE PTR SS:[EBP-4],6
0043E3E1 |. 885F 5C MOV BYTE PTR DS:[EDI+5C],BL
0043E3E4 |. 885F 5D MOV BYTE PTR DS:[EDI+5D],BL
0043E3E7 |. E8 FCFC2C00 CALL Client.0070E0E8
0043E3EC |. 83C4 08 ADD ESP,8
0043E3EF |. 8945 08 MOV DWORD PTR SS:[EBP+8],EAX
0043E3F2 |. 3BC3 CMP EAX,EBX
0043E3F4 |. C645 FC 07 MOV BYTE PTR SS:[EBP-4],7
0043E3F8 |. 74 4B JE SHORT Client.0043E445
0043E3FA |. 68 40234400 PUSH Client.00442340 ; /Arg4 = 00442340
0043E3FF |. 6A 46 PUSH 46 ; |Arg3 = 00000046
0043E401 |. 83C0 08 ADD EAX,8 ; |
0043E404 |. 68 CC000000 PUSH 0CC ; |Arg2 = 000000CC
0043E409 |. 50 PUSH EAX ; |Arg1
0043E40A |. E8 2137FCFF CALL Client.00401B30 ; \Client.00401B30
0043E40F |. 8B7D 08 MOV EDI,DWORD PTR SS:[EBP+8]
0043E412 |. 8D8F 1C380000 LEA ECX,DWORD PTR DS:[EDI+381C]
0043E418 |. E8 233F0000 CALL Client.00442340
0043E41D |. C707 C05C7600 MOV DWORD PTR DS:[EDI],Client.00765CC0
0043E423 |. 81C7 D0370000 ADD EDI,37D0
0043E429 |. B9 11000000 MOV ECX,11
0043E42E |. 33C0 XOR EAX,EAX
0043E430 |. F3:AB REP STOS DWORD PTR ES:[EDI]
0043E432 |. 66:AB STOS WORD PTR ES:[EDI]
0043E434 |. 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
0043E437 |. 8B7D F0 MOV EDI,DWORD PTR SS:[EBP-10]
0043E43A |. 8958 04 MOV DWORD PTR DS:[EAX+4],EBX
0043E43D |. 8998 18380000 MOV DWORD PTR DS:[EAX+3818],EBX
0043E443 |. EB 02 JMP SHORT Client.0043E447
0043E445 |> 33C0 XOR EAX,EAX
0043E447 |> 8947 58 MOV DWORD PTR DS:[EDI+58],EAX
0043E44A |. 8DBE B0060000 LEA EDI,DWORD PTR DS:[ESI+6B0]
0043E450 |. C645 FC 08 MOV BYTE PTR SS:[EBP-4],8
0043E454 |. 897D 08 MOV DWORD PTR SS:[EBP+8],EDI
0043E457 |. 8D4F 0C LEA ECX,DWORD PTR DS:[EDI+C]
0043E45A |. C607 01 MOV BYTE PTR DS:[EDI],1
0043E45D |. 51 PUSH ECX
0043E45E |. C647 01 01 MOV BYTE PTR DS:[EDI+1],1
0043E462 |. 895F 04 MOV DWORD PTR DS:[EDI+4],EBX
0043E465 |. 885F 08 MOV BYTE PTR DS:[EDI+8],BL
0043E468 |. E8 23EEFDFF CALL Client.0041D290
0043E46D |. 68 E8380000 PUSH 38E8
0043E472 |. C645 FC 09 MOV BYTE PTR SS:[EBP-4],9
0043E476 |. 885F 5C MOV BYTE PTR DS:[EDI+5C],BL
0043E479 |. 885F 5D MOV BYTE PTR DS:[EDI+5D],BL
0043E47C |. E8 67FC2C00 CALL Client.0070E0E8
0043E481 |. 83C4 08 ADD ESP,8
0043E484 |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
0043E487 |. 3BC3 CMP EAX,EBX
0043E489 |. C645 FC 0A MOV BYTE PTR SS:[EBP-4],0A
0043E48D |. 74 09 JE SHORT Client.0043E498
0043E48F |. 8BC8 MOV ECX,EAX
0043E491 |. E8 7A380000 CALL Client.00441D10
0043E496 |. EB 02 JMP SHORT Client.0043E49A
0043E498 |> 33C0 XOR EAX,EAX
0043E49A |> 8947 58 MOV DWORD PTR DS:[EDI+58],EAX
0043E49D |. 8DBE 10070000 LEA EDI,DWORD PTR DS:[ESI+710]
0043E4A3 |. C645 FC 0B MOV BYTE PTR SS:[EBP-4],0B
0043E4A7 |. 897D 08 MOV DWORD PTR SS:[EBP+8],EDI
0043E4AA |. 8D57 0C LEA EDX,DWORD PTR DS:[EDI+C]
0043E4AD |. C607 01 MOV BYTE PTR DS:[EDI],1
0043E4B0 |. 52 PUSH EDX
0043E4B1 |. C647 01 01 MOV BYTE PTR DS:[EDI+1],1
0043E4B5 |. 895F 04 MOV DWORD PTR DS:[EDI+4],EBX
0043E4B8 |. 885F 08 MOV BYTE PTR DS:[EDI+8],BL
0043E4BB |. E8 D0EDFDFF CALL Client.0041D290
0043E4C0 |. 68 E8380000 PUSH 38E8
0043E4C5 |. C645 FC 0C MOV BYTE PTR SS:[EBP-4],0C
0043E4C9 |. 885F 5C MOV BYTE PTR DS:[EDI+5C],BL
0043E4CC |. 885F 5D MOV BYTE PTR DS:[EDI+5D],BL
0043E4CF |. E8 14FC2C00 CALL Client.0070E0E8
0043E4D4 |. 83C4 08 ADD ESP,8
0043E4D7 |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
0043E4DA |. 3BC3 CMP EAX,EBX
0043E4DC |. C645 FC 0D MOV BYTE PTR SS:[EBP-4],0D
0043E4E0 |. 74 09 JE SHORT Client.0043E4EB
0043E4E2 |. 8BC8 MOV ECX,EAX
0043E4E4 |. E8 27380000 CALL Client.00441D10
0043E4E9 |. EB 02 JMP SHORT Client.0043E4ED
0043E4EB |> 33C0 XOR EAX,EAX
0043E4ED |> 8947 58 MOV DWORD PTR DS:[EDI+58],EAX
0043E4F0 |. 8DBE 70070000 LEA EDI,DWORD PTR DS:[ESI+770]
0043E4F6 |. C645 FC 0E MOV BYTE PTR SS:[EBP-4],0E
0043E4FA |. 897D 08 MOV DWORD PTR SS:[EBP+8],EDI
0043E4FD |. 8D47 0C LEA EAX,DWORD PTR DS:[EDI+C]
0043E500 |. C607 01 MOV BYTE PTR DS:[EDI],1
0043E503 |. 50 PUSH EAX
0043E504 |. C647 01 01 MOV BYTE PTR DS:[EDI+1],1
0043E508 |. 895F 04 MOV DWORD PTR DS:[EDI+4],EBX
0043E50B |. 885F 08 MOV BYTE PTR DS:[EDI+8],BL
0043E50E |. E8 7DEDFDFF CALL Client.0041D290
0043E513 |. 68 E8380000 PUSH 38E8
0043E518 |. C645 FC 0F MOV BYTE PTR SS:[EBP-4],0F
0043E51C |. 885F 5C MOV BYTE PTR DS:[EDI+5C],BL
0043E51F |. 885F 5D MOV BYTE PTR DS:[EDI+5D],BL
0043E522 |. E8 C1FB2C00 CALL Client.0070E0E8
0043E527 |. 83C4 08 ADD ESP,8
0043E52A |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
0043E52D |. 3BC3 CMP EAX,EBX
0043E52F |. C645 FC 10 MOV BYTE PTR SS:[EBP-4],10
0043E533 |. 74 09 JE SHORT Client.0043E53E
0043E535 |. 8BC8 MOV ECX,EAX
0043E537 |. E8 D4370000 CALL Client.00441D10
0043E53C |. EB 02 JMP SHORT Client.0043E540
0043E53E |> 33C0 XOR EAX,EAX
0043E540 |> 8947 58 MOV DWORD PTR DS:[EDI+58],EAX
0043E543 |. 8DBE D0070000 LEA EDI,DWORD PTR DS:[ESI+7D0]
0043E549 |. C645 FC 11 MOV BYTE PTR SS:[EBP-4],11
0043E54D |. 897D 08 MOV DWORD PTR SS:[EBP+8],EDI
0043E550 |. 8D4F 0C LEA ECX,DWORD PTR DS:[EDI+C]
0043E553 |. C607 01 MOV BYTE PTR DS:[EDI],1
0043E556 |. 51 PUSH ECX
0043E557 |. C647 01 01 MOV BYTE PTR DS:[EDI+1],1
0043E55B |. 895F 04 MOV DWORD PTR DS:[EDI+4],EBX
0043E55E |. 885F 08 MOV BYTE PTR DS:[EDI+8],BL
0043E561 |. E8 2AEDFDFF CALL Client.0041D290
0043E566 |. 68 E8380000 PUSH 38E8
0043E56B |. C645 FC 12 MOV BYTE PTR SS:[EBP-4],12
0043E56F |. 885F 5C MOV BYTE PTR DS:[EDI+5C],BL
0043E572 |. 885F 5D MOV BYTE PTR DS:[EDI+5D],BL
0043E575 |. E8 6EFB2C00 CALL Client.0070E0E8
0043E57A |. 83C4 08 ADD ESP,8
0043E57D |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
0043E580 |. 3BC3 CMP EAX,EBX
0043E582 |. C645 FC 13 MOV BYTE PTR SS:[EBP-4],13
0043E586 |. 74 09 JE SHORT Client.0043E591
0043E588 |. 8BC8 MOV ECX,EAX
0043E58A |. E8 81370000 CALL Client.00441D10
0043E58F |. EB 02 JMP SHORT Client.0043E593
0043E591 |> 33C0 XOR EAX,EAX
0043E593 |> 8947 58 MOV DWORD PTR DS:[EDI+58],EAX
0043E596 |. 8DBE 30080000 LEA EDI,DWORD PTR DS:[ESI+830]
0043E59C |. C645 FC 14 MOV BYTE PTR SS:[EBP-4],14
0043E5A0 |. 897D 08 MOV DWORD PTR SS:[EBP+8],EDI
0043E5A3 |. 8D57 0C LEA EDX,DWORD PTR DS:[EDI+C]
0043E5A6 |. C607 01 MOV BYTE PTR DS:[EDI],1
0043E5A9 |. 52 PUSH EDX
0043E5AA |. C647 01 01 MOV BYTE PTR DS:[EDI+1],1
0043E5AE |. 895F 04 MOV DWORD PTR DS:[EDI+4],EBX
0043E5B1 |. 885F 08 MOV BYTE PTR DS:[EDI+8],BL
0043E5B4 |. E8 D7ECFDFF CALL Client.0041D290
0043E5B9 |. 68 E8380000 PUSH 38E8
0043E5BE |. C645 FC 15 MOV BYTE PTR SS:[EBP-4],15
0043E5C2 |. 885F 5C MOV BYTE PTR DS:[EDI+5C],BL
0043E5C5 |. 885F 5D MOV BYTE PTR DS:[EDI+5D],BL
0043E5C8 |. E8 1BFB2C00 CALL Client.0070E0E8
0043E5CD |. 83C4 08 ADD ESP,8
0043E5D0 |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
0043E5D3 |. 3BC3 CMP EAX,EBX
0043E5D5 |. C645 FC 16 MOV BYTE PTR SS:[EBP-4],16
0043E5D9 |. 74 09 JE SHORT Client.0043E5E4
0043E5DB |. 8BC8 MOV ECX,EAX
0043E5DD |. E8 2E370000 CALL Client.00441D10
0043E5E2 |. EB 02 JMP SHORT Client.0043E5E6
0043E5E4 |> 33C0 XOR EAX,EAX
0043E5E6 |> 8947 58 MOV DWORD PTR DS:[EDI+58],EAX
0043E5E9 |. 8DBE 94080000 LEA EDI,DWORD PTR DS:[ESI+894]
0043E5EF |. C645 FC 17 MOV BYTE PTR SS:[EBP-4],17
0043E5F3 |. 897D 08 MOV DWORD PTR SS:[EBP+8],EDI
0043E5F6 |. 8D47 0C LEA EAX,DWORD PTR DS:[EDI+C]
0043E5F9 |. C607 01 MOV BYTE PTR DS:[EDI],1
0043E5FC |. 50 PUSH EAX
0043E5FD |. C647 01 01 MOV BYTE PTR DS:[EDI+1],1
0043E601 |. 895F 04 MOV DWORD PTR DS:[EDI+4],EBX
0043E604 |. 885F 08 MOV BYTE PTR DS:[EDI+8],BL
0043E607 |. E8 84ECFDFF CALL Client.0041D290
0043E60C |. 68 E8380000 PUSH 38E8
0043E611 |. C645 FC 18 MOV BYTE PTR SS:[EBP-4],18
0043E615 |. 885F 5C MOV BYTE PTR DS:[EDI+5C],BL
0043E618 |. 885F 5D MOV BYTE PTR DS:[EDI+5D],BL
0043E61B |. E8 C8FA2C00 CALL Client.0070E0E8
0043E620 |. 83C4 08 ADD ESP,8
0043E623 |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
0043E626 |. 3BC3 CMP EAX,EBX
0043E628 |. C645 FC 19 MOV BYTE PTR SS:[EBP-4],19
0043E62C |. 74 09 JE SHORT Client.0043E637
0043E62E |. 8BC8 MOV ECX,EAX
0043E630 |. E8 DB360000 CALL Client.00441D10
0043E635 |. EB 02 JMP SHORT Client.0043E639
0043E637 |> 33C0 XOR EAX,EAX
0043E639 |> 8947 58 MOV DWORD PTR DS:[EDI+58],EAX
0043E63C |. C706 B05C7600 MOV DWORD PTR DS:[ESI],Client.00765CB0
0043E642 |. C746 08 9C5C7>MOV DWORD PTR DS:[ESI+8],Client.00765C9C
0043E649 |. 899E 2C030000 MOV DWORD PTR DS:[ESI+32C],EBX
0043E64F |. 899E 34030000 MOV DWORD PTR DS:[ESI+334],EBX
0043E655 |. 899E 30030000 MOV DWORD PTR DS:[ESI+330],EBX
0043E65B |. 895E 30 MOV DWORD PTR DS:[ESI+30],EBX
0043E65E |. 899E D0050000 MOV DWORD PTR DS:[ESI+5D0],EBX
0043E664 |. B9 29000000 MOV ECX,29
0043E669 |. 33C0 XOR EAX,EAX
0043E66B |. 8D7E 34 LEA EDI,DWORD PTR DS:[ESI+34]
0043E66E |. 899E C4050000 MOV DWORD PTR DS:[ESI+5C4],EBX
0043E674 |. C645 FC 1A MOV BYTE PTR SS:[EBP-4],1A
0043E678 |. F3:AB REP STOS DWORD PTR ES:[EDI]
0043E67A |. 8DBE E0000000 LEA EDI,DWORD PTR DS:[ESI+E0]
0043E680 |. 899E D8000000 MOV DWORD PTR DS:[ESI+D8],EBX
0043E686 |. C786 DC000000>MOV DWORD PTR DS:[ESI+DC],0F
0043E690 |. 8B47 04 MOV EAX,DWORD PTR DS:[EDI+4]
0043E693 |. 3BC3 CMP EAX,EBX
0043E695 |. 74 0D JE SHORT Client.0043E6A4
0043E697 |. 8B4F 0C MOV ECX,DWORD PTR DS:[EDI+C]
0043E69A |. 2BC8 SUB ECX,EAX
0043E69C |. C1F9 04 SAR ECX,4
0043E69F |. 83F9 40 CMP ECX,40
0043E6A2 |. 73 5E JNB SHORT Client.0043E702
0043E6A4 |> 68 00040000 PUSH 400
0043E6A9 |. E8 3AFA2C00 CALL Client.0070E0E8
0043E6AE |. 8B57 08 MOV EDX,DWORD PTR DS:[EDI+8]
0043E6B1 |. 83C4 04 ADD ESP,4
0043E6B4 |. 8945 08 MOV DWORD PTR SS:[EBP+8],EAX
0043E6B7 |. 8BCF MOV ECX,EDI
0043E6B9 |. 50 PUSH EAX ; /Arg3
0043E6BA |. 8B47 04 MOV EAX,DWORD PTR DS:[EDI+4] ; |
0043E6BD |. 52 PUSH EDX ; |Arg2
0043E6BE |. 50 PUSH EAX ; |Arg1
0043E6BF |. E8 AC380000 CALL Client.00441F70 ; \Client.00441F70
0043E6C4 |. 8B4F 08 MOV ECX,DWORD PTR DS:[EDI+8]
0043E6C7 |. 8B57 04 MOV EDX,DWORD PTR DS:[EDI+4]
0043E6CA |. 51 PUSH ECX
0043E6CB |. 52 PUSH EDX
0043E6CC |. 8BCF MOV ECX,EDI
0043E6CE |. E8 8D380000 CALL Client.00441F60
0043E6D3 |. 8B47 04 MOV EAX,DWORD PTR DS:[EDI+4]
0043E6D6 |. 50 PUSH EAX
0043E6D7 |. E8 A4092C00 CALL Client.006FF080
0043E6DC |. 8B4D 08 MOV ECX,DWORD PTR SS:[EBP+8]
0043E6DF |. 83C4 04 ADD ESP,4
0043E6E2 |. 81C1 00040000 ADD ECX,400
0043E6E8 |. 894F 0C MOV DWORD PTR DS:[EDI+C],ECX
0043E6EB |. 8BCF MOV ECX,EDI
0043E6ED |. E8 EE370000 CALL Client.00441EE0
0043E6F2 |. 8BD0 MOV EDX,EAX
0043E6F4 |. 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
0043E6F7 |. C1E2 04 SHL EDX,4
0043E6FA |. 03D0 ADD EDX,EAX
0043E6FC |. 8947 04 MOV DWORD PTR DS:[EDI+4],EAX
0043E6FF |. 8957 08 MOV DWORD PTR DS:[EDI+8],EDX
0043E702 |> C786 F4000000>MOV DWORD PTR DS:[ESI+F4],BF800000
0043E70C |. 899E F0000000 MOV DWORD PTR DS:[ESI+F0],EBX
0043E712 |. 899E 6C050000 MOV DWORD PTR DS:[ESI+56C],EBX
0043E718 |. 899E 70050000 MOV DWORD PTR DS:[ESI+570],EBX
0043E71E |. 899E F8000000 MOV DWORD PTR DS:[ESI+F8],EBX
0043E724 |. 889E FC000000 MOV BYTE PTR DS:[ESI+FC],BL
0043E72A |. BF 0000803F MOV EDI,3F800000
0043E72F |. 899E 00010000 MOV DWORD PTR DS:[ESI+100],EBX
0043E735 |. 89BE 04010000 MOV DWORD PTR DS:[ESI+104],EDI
0043E73B |. 8D8E AC020000 LEA ECX,DWORD PTR DS:[ESI+2AC]
0043E741 |. 889E 08010000 MOV BYTE PTR DS:[ESI+108],BL
0043E747 |. 33C0 XOR EAX,EAX
0043E749 |. 899E 10010000 MOV DWORD PTR DS:[ESI+110],EBX
0043E74F |. 8901 MOV DWORD PTR DS:[ECX],EAX
0043E751 |. 6A 05 PUSH 5
0043E753 |. 8941 04 MOV DWORD PTR DS:[ECX+4],EAX
0043E756 |. 8941 08 MOV DWORD PTR DS:[ECX+8],EAX
0043E759 |. 8941 0C MOV DWORD PTR DS:[ECX+C],EAX
0043E75C |. 8941 10 MOV DWORD PTR DS:[ECX+10],EAX
0043E75F |. 899E C0020000 MOV DWORD PTR DS:[ESI+2C0],EBX
0043E765 |. 899E 74030000 MOV DWORD PTR DS:[ESI+374],EBX
0043E76B |. B8 FFFF0000 MOV EAX,0FFFF
0043E770 |. 899E C8020000 MOV DWORD PTR DS:[ESI+2C8],EBX
0043E776 |. 8986 28030000 MOV DWORD PTR DS:[ESI+328],EAX
0043E77C |. 899E D4030000 MOV DWORD PTR DS:[ESI+3D4],EBX
0043E782 |. 899E D0020000 MOV DWORD PTR DS:[ESI+2D0],EBX
0043E788 |. 899E 08050000 MOV DWORD PTR DS:[ESI+508],EBX
0043E78E |. 8986 38030000 MOV DWORD PTR DS:[ESI+338],EAX
0043E794 |. 899E 44040000 MOV DWORD PTR DS:[ESI+444],EBX
0043E79A |. 8986 48040000 MOV DWORD PTR DS:[ESI+448],EAX
0043E7A0 |. 899E 0C050000 MOV DWORD PTR DS:[ESI+50C],EBX
0043E7A6 |. 899E 74050000 MOV DWORD PTR DS:[ESI+574],EBX
0043E7AC |. 899E B0050000 MOV DWORD PTR DS:[ESI+5B0],EBX
0043E7B2 |. 899E AC050000 MOV DWORD PTR DS:[ESI+5AC],EBX
0043E7B8 |. 899E B4050000 MOV DWORD PTR DS:[ESI+5B4],EBX
0043E7BE |. 899E B8050000 MOV DWORD PTR DS:[ESI+5B8],EBX
0043E7C4 |. 899E BC050000 MOV DWORD PTR DS:[ESI+5BC],EBX
0043E7CA |. E8 415A0000 CALL Client.00444210
0043E7CF |. A3 C4262E01 MOV DWORD PTR DS:[12E26C4],EAX
0043E7D4 |. 8D86 10050000 LEA EAX,DWORD PTR DS:[ESI+510]
0043E7DA |. 33D2 XOR EDX,EDX
0043E7DC |. 899E A8050000 MOV DWORD PTR DS:[ESI+5A8],EBX
0043E7E2 |. 899E 7C050000 MOV DWORD PTR DS:[ESI+57C],EBX
0043E7E8 |. 899E 78050000 MOV DWORD PTR DS:[ESI+578],EBX
0043E7EE |. C746 10 2D000>MOV DWORD PTR DS:[ESI+10],2D
0043E7F5 |. C746 18 02000>MOV DWORD PTR DS:[ESI+18],2
0043E7FC |. 89BE 30050000 MOV DWORD PTR DS:[ESI+530],EDI
0043E802 |. 89BE 34050000 MOV DWORD PTR DS:[ESI+534],EDI
0043E808 |. 89BE 38050000 MOV DWORD PTR DS:[ESI+538],EDI
0043E80E |. 89BE 3C050000 MOV DWORD PTR DS:[ESI+53C],EDI
0043E814 |. 89BE 20050000 MOV DWORD PTR DS:[ESI+520],EDI
0043E81A |. 89BE 24050000 MOV DWORD PTR DS:[ESI+524],EDI
0043E820 |. 89BE 28050000 MOV DWORD PTR DS:[ESI+528],EDI
0043E826 |. 89BE 2C050000 MOV DWORD PTR DS:[ESI+52C],EDI
0043E82C |. 89BE 40050000 MOV DWORD PTR DS:[ESI+540],EDI
0043E832 |. 89BE 44050000 MOV DWORD PTR DS:[ESI+544],EDI
0043E838 |. 89BE 48050000 MOV DWORD PTR DS:[ESI+548],EDI
0043E83E |. 89BE 4C050000 MOV DWORD PTR DS:[ESI+54C],EDI
0043E844 |. 899E 5C050000 MOV DWORD PTR DS:[ESI+55C],EBX
0043E84A |. 899E 58050000 MOV DWORD PTR DS:[ESI+558],EBX
0043E850 |. 899E 54050000 MOV DWORD PTR DS:[ESI+554],EBX
0043E856 |. 899E 50050000 MOV DWORD PTR DS:[ESI+550],EBX
0043E85C |. 899E 60050000 MOV DWORD PTR DS:[ESI+560],EBX
0043E862 |. 8910 MOV DWORD PTR DS:[EAX],EDX
0043E864 |. 83C4 04 ADD ESP,4
0043E867 |. B9 14000000 MOV ECX,14
0043E86C |. 8950 04 MOV DWORD PTR DS:[EAX+4],EDX
0043E86F |. 33C0 XOR EAX,EAX
0043E871 |. 8DBE D4020000 LEA EDI,DWORD PTR DS:[ESI+2D4] ; 取出esi+2d4的偏移地址给edi
0043E877 |. F3:AB REP STOS DWORD PTR ES:[EDI] ; 重复执行stos这条指令。stos把edi中的怪物串送到eax中
0043E879 |. B8 01000000 MOV EAX,1
0043E87E |. 899E C8050000 MOV DWORD PTR DS:[ESI+5C8],EBX
0043E884 |. 8946 2C MOV DWORD PTR DS:[ESI+2C],EAX
0043E887 |. 8986 3C040000 MOV DWORD PTR DS:[ESI+43C],EAX
0043E88D |. 899E CC050000 MOV DWORD PTR DS:[ESI+5CC],EBX
0043E893 |. 895E 28 MOV DWORD PTR DS:[ESI+28],EBX
0043E896 |. 895E 20 MOV DWORD PTR DS:[ESI+20],EBX
0043E899 |. 895E 24 MOV DWORD PTR DS:[ESI+24],EBX
0043E89C |. 8BC6 MOV EAX,ESI
0043E89E |. 5F POP EDI
0043E89F |. 5E POP ESI
0043E8A0 |. 8B4D F4 MOV ECX,DWORD PTR SS:[EBP-C]
0043E8A3 |. 5B POP EBX
0043E8A4 |. 64:890D 00000>MOV DWORD PTR FS:[0],ECX
0043E8AB |. 8BE5 MOV ESP,EBP
0043E8AD |. 5D POP EBP
0043E8AE \. C2 0400 RET 4
偶晕啊,
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
