EAX 00000001
ECX 0040911A ASCII "99999"
EDX 05FBD0E0 ASCII "Administrators"
EBX 00000000
ESP 0019F23C
EBP 0019F28C
ESI 05FB9C06
EDI 05FB9C14
EIP 0040981A crackme1.0040981A
C 0 ES 002B 32位 0(FFFFFFFF)
P 1 CS 0023 32位 0(FFFFFFFF)
A 0 SS 002B 32位 0(FFFFFFFF)
Z 1 DS 002B 32位 0(FFFFFFFF)
S 0 FS 0053 32位 2E3000(FFF)
T 0 GS 002B 32位 0(FFFFFFFF)
D 0
O 0 LastErr ERROR_INSUFFICIENT_BUFFER (0000007A)
EFL 00000246 (NO,NB,E,BE,NS,PE,GE,LE)
ST0 empty 0.0
ST1 empty 0.0
ST2 empty 0.0
ST3 empty 0.0
ST4 empty 1.0000000000000000000
ST5 empty 1.0000000000000000000
ST6 empty 1.0000000000000000000
ST7 empty 1.0000000000000000000
3 2 1 0 E S P U O Z D I
FST 4020 Cond 1 0 0 0 Err 0 0 1 0 0 0 0 0 (EQ)
FCW 037F Prec NEAR,64 掩码 1 1 1 1 1 1
004097A9 /0F84 22000000 je crackme1.004097D1 ; 关键跳
004097AF |6A 00 push 0x0
004097B1 |68 03914000 push crackme1.00409103
004097B6 |6A FF push -0x1
004097B8 |6A 08 push 0x8
004097BA |68 A4000116 push 0x160100A4
004097BF |68 01000152 push 0x52010001
004097C4 |E8 A9080000 call crackme1.0040A072
004097C9 |83C4 18 add esp,0x18
004097CC |E9 1D000000 jmp crackme1.004097EE
004097D1 \6A 00 push 0x0
004097D3 68 0C914000 push crackme1.0040910C
004097D8 6A FF push -0x1
004097DA 6A 08 push 0x8
004097DC 68 A4000116 push 0x160100A4
004097E1 68 01000152 push 0x52010001
004097E6 E8 87080000 call crackme1.0040A072
004097EB 83C4 18 add esp,0x18
004097EE 8BE5 mov esp,ebp
004097F0 5D pop ebp ; crackme1.00409EF7
004097F1 C3 retn
004097F2 85DB test ebx,ebx
004097F4 75 03 jnz short crackme1.004097F9
004097F6 33C9 xor ecx,ecx ; crackme1.0040911A
004097F8 C3 retn
004097F9 8B0B mov ecx,dword ptr ds:[ebx]
004097FB 83C3 04 add ebx,0x4
004097FE 85C9 test ecx,ecx ; crackme1.0040911A
00409800 74 0F je short crackme1.00409811
00409802 8B03 mov eax,dword ptr ds:[ebx]
00409804 83C3 04 add ebx,0x4
00409807 49 dec ecx ; crackme1.0040911A
00409808 74 05 je short crackme1.0040980F
0040980A 0FAF03 imul eax,dword ptr ds:[ebx]
0040980D ^ EB F5 jmp short crackme1.00409804
0040980F 8BC8 mov ecx,eax
00409811 C3 retn
00409812 8B5424 04 mov edx,dword ptr ss:[esp+0x4]
00409816 8B4C24 08 mov ecx,dword ptr ss:[esp+0x8] ; crackme1.0040911A
0040981A 85D2 test edx,edx ; 文本比较
0040981C 75 0D jnz short crackme1.0040982B
NOP掉关键跳即可
|