好友
阅读权限10
听众
最后登录1970-1-1
|
QQ远程聊天记录查看器 算法分析
为了说明第一次循环做了一个表
CSHOW@163.COM
43 53 48 4F 57 40 31 36 33 2E 43 4F 4D
45 55 4A 51 59 42 33 38 35 30 45 51 4F
EUJQYB3852EQO
----------------------------------------------------------------------------------------------------------
第一次循环:
0042C9CC> /8B85 48FDFFFF mov eax,dword ptr ss:[ebp-2B8] ;//第一次循环开始
0042C9D2. |3945 DC cmp dword ptr ss:[ebp-24],eax
0042C9D5. |0F8F A4010000 jg 123.0042CB7F
0042C9DB. |8B0Fmov ecx,dword ptr ds:[edi]
0042C9DD. |57push edi
0042C9DE. |FF91 A8030000 call dword ptr ds:[ecx+3A8]
0042C9E4. |50push eax
0042C9E5. |8D55 A4 lea edx,dword ptr ss:[ebp-5C]
0042C9E8. |52push edx
0042C9E9. |FF15 80104000 call dword ptr ds:[<&msvbvm60.__vbaO>;msvbvm60.__vbaObjSet
0042C9EF. |8985 70FDFFFF mov dword ptr ss:[ebp-290],eax
0042C9F5. |8B08mov ecx,dword ptr ds:[eax]
0042C9F7. |8D55 BC lea edx,dword ptr ss:[ebp-44]
0042C9FA. |52push edx
0042C9FB. |50push eax
0042C9FC. |FF91 A0000000 call dword ptr ds:[ecx+A0]
0042CA02. |DBE2fclex
0042CA04. |85C0test eax,eax
0042CA06. |7D 18 jge short 123.0042CA20
0042CA08. |68 A0000000 push 0A0
0042CA0D. |68 0C4A4000 push 123.00404A0C
0042CA12. |8B8D 70FDFFFF mov ecx,dword ptr ss:[ebp-290]
0042CA18. |51push ecx
0042CA19. |50push eax
0042CA1A. |FF15 5C104000 call dword ptr ds:[<&msvbvm60.__vbaH>;msvbvm60.__vbaHresultCheckObj
0042CA20> |8B55 BC mov edx,dword ptr ss:[ebp-44]
0042CA23. |52push edx ; /Arg1
0042CA24. |FF15 D8104000 call dword ptr ds:[<&msvbvm60.rtcUpp>; \//邮箱变大写
0042CA2A. |8BD0mov edx,eax
0042CA2C. |8D4D B0 lea ecx,dword ptr ss:[ebp-50]
0042CA2F. |FFD6call esi
0042CA31. |C745 90 01000>mov dword ptr ss:[ebp-70],1
0042CA38. |C745 88 02000>mov dword ptr ss:[ebp-78],2
0042CA3F. |8B55 B0 mov edx,dword ptr ss:[ebp-50]
0042CA42. |C745 B0 00000>mov dword ptr ss:[ebp-50],0
0042CA49. |8D45 88 lea eax,dword ptr ss:[ebp-78]
0042CA4C. |50push eax
0042CA4D. |8B4D DC mov ecx,dword ptr ss:[ebp-24]
0042CA50. |51push ecx
0042CA51. |8D4D B8 lea ecx,dword ptr ss:[ebp-48]
0042CA54. |FFD6call esi
0042CA56. |50push eax
0042CA57. |FFD3call ebx
0042CA59. |8BD0mov edx,eax
0042CA5B. |8D4D B4 lea ecx,dword ptr ss:[ebp-4C]
0042CA5E. |FFD6call esi
0042CA60. |50push eax ; /Arg1
0042CA61. |FF15 3C104000 call dword ptr ds:[<&msvbvm60.rtcAns>; \//提取ASCII
0042CA67. |66:05 0200add ax,2 ;//ASCII+2
0042CA6B. |0F80 261B0000 jo 123.0042E597
0042CA71. |50push eax
0042CA72. |FF15 04104000 call dword ptr ds:[<&msvbvm60.__vbaS>;F7跟进去
0042CA78. |8BD0mov edx,eax
0042CA7A. |8D4D C4 lea ecx,dword ptr ss:[ebp-3C]
0042CA7D. |FFD6call esi
0042CA7F. |8D55 B0 lea edx,dword ptr ss:[ebp-50]
0042CA82. |52push edx
0042CA83. |8D45 B4 lea eax,dword ptr ss:[ebp-4C]
0042CA86. |50push eax
0042CA87. |8D4D B8 lea ecx,dword ptr ss:[ebp-48]
0042CA8A. |51push ecx
0042CA8B. |8D55 BC lea edx,dword ptr ss:[ebp-44]
0042CA8E. |52push edx
0042CA8F. |6A 04 push 4
0042CA91. |FF15 A4114000 call dword ptr ds:[<&msvbvm60.__vbaF>;msvbvm60.__vbaFreeStrList
0042CA97. |83C4 14 add esp,14
0042CA9A. |8D4D A4 lea ecx,dword ptr ss:[ebp-5C]
0042CA9D. |FF15 28124000 call dword ptr ds:[<&msvbvm60.__vbaF>;msvbvm60.__vbaFreeObj
0042CAA3. |8D4D 88 lea ecx,dword ptr ss:[ebp-78]
0042CAA6. |FF15 20104000 call dword ptr ds:[<&msvbvm60.__vbaF>;msvbvm60.__vbaFreeVar
0042CAAC. |8D45 C4 lea eax,dword ptr ss:[ebp-3C]
0042CAAF. |8985 00FEFFFF mov dword ptr ss:[ebp-200],eax
0042CAB5. |C785 F8FDFFFF>mov dword ptr ss:[ebp-208],4008
0042CABF. |8D8D F8FDFFFF lea ecx,dword ptr ss:[ebp-208]
0042CAC5. |51push ecx ; /Arg2
0042CAC6. |8D55 88 lea edx,dword ptr ss:[ebp-78]; |
0042CAC9. |52push edx ; |Arg1
0042CACA. |FF15 A0114000 call dword ptr ds:[<&msvbvm60.rtcHex>; \F7
0042CAD0. |8B45 C0 mov eax,dword ptr ss:[ebp-40];上次的运算结果放到eax
0042CAD3. |8985 F0FDFFFF mov dword ptr ss:[ebp-210],eax
0042CAD9. |C785 E8FDFFFF>mov dword ptr ss:[ebp-218],8
0042CAE3. |8D4D C4 lea ecx,dword ptr ss:[ebp-3C]
0042CAE6. |898D E0FDFFFF mov dword ptr ss:[ebp-220],ecx
0042CAEC. |C785 D8FDFFFF>mov dword ptr ss:[ebp-228],4008
0042CAF6. |8D95 D8FDFFFF lea edx,dword ptr ss:[ebp-228]
0042CAFC. |52push edx ; /Arg2
0042CAFD. |8D85 68FFFFFF lea eax,dword ptr ss:[ebp-98]; |
0042CB03. |50push eax ; |Arg1
0042CB04. |FF15 A8114000 call dword ptr ds:[<&msvbvm60.rtcOct>; \F7
0042CB0A. |8D4D 88 lea ecx,dword ptr ss:[ebp-78]
0042CB0D. |51push ecx ; /Arg3
0042CB0E. |8D95 E8FDFFFF lea edx,dword ptr ss:[ebp-218] ; |
0042CB14. |52push edx ; |Arg2
0042CB15. |8D85 78FFFFFF lea eax,dword ptr ss:[ebp-88]; |
0042CB1B. |50push eax ; |Arg1
0042CB1C. |FF15 6C114000 call dword ptr ds:[<&msvbvm60.__vbaV>; \__vbaVarCat
0042CB22. |50push eax ; /Arg3
0042CB23. |8D8D 68FFFFFF lea ecx,dword ptr ss:[ebp-98]; |
0042CB29. |51push ecx ; |Arg2
0042CB2A. |8D95 58FFFFFF lea edx,dword ptr ss:[ebp-A8]; |
0042CB30. |52push edx ; |Arg1
0042CB31. |FF15 6C114000 call dword ptr ds:[<&msvbvm60.__vbaV>; \这次的计算结果前面放前两位后面放后三位
0042CB37. |50push eax
0042CB38. |FF15 28104000 call dword ptr ds:[<&msvbvm60.__vbaS>;msvbvm60.__vbaStrVarMove
0042CB3E. |8BD0mov edx,eax
0042CB40. |8D4D C0 lea ecx,dword ptr ss:[ebp-40]
0042CB43. |FFD6call esi
0042CB45. |8D85 58FFFFFF lea eax,dword ptr ss:[ebp-A8]
0042CB4B. |50push eax
0042CB4C. |8D8D 68FFFFFF lea ecx,dword ptr ss:[ebp-98]
0042CB52. |51push ecx
0042CB53. |8D95 78FFFFFF lea edx,dword ptr ss:[ebp-88]
0042CB59. |52push edx
0042CB5A. |8D45 88 lea eax,dword ptr ss:[ebp-78]
0042CB5D. |50push eax
0042CB5E. |6A 04 push 4
0042CB60. |FF15 2C104000 call dword ptr ds:[<&msvbvm60.__vbaF>;msvbvm60.__vbaFreeVarList
0042CB66. |83C4 14 add esp,14
0042CB69. |B8 01000000 mov eax,1
0042CB6E. |0345 DC add eax,dword ptr ss:[ebp-24]
0042CB71. |0F80 201A0000 jo 123.0042E597
0042CB77. |8945 DC mov dword ptr ss:[ebp-24],eax
0042CB7A.^\E9 4DFEFFFF jmp 123.0042C9CC
0042CB7F>8B4D C0 mov ecx,dword ptr ss:[ebp-40];//循环完毕后跳转到这里
郁闷字数太多
又不好拆开发布~~~
在附件里面
暗组看到的,和大家一起分享学习下 |
|
发表于 2008-9-30 14:00
