21,458
社区成员
发帖
与我相关
我的任务
分享反编译的问题
以下是我用IDA反编译出来的一段FUCKTION代码。
我想请问各位大牛,var_78,var_70。。。。那些是些什么东西?
.text:00401000 sub_401000 proc near ; CODE XREF: WinMain(x,x,x,x)+5BBp
.text:00401000
.text:00401000 var_78 = dword ptr -78h
.text:00401000 var_70 = dword ptr -70h
.text:00401000 var_6C = dword ptr -6Ch
.text:00401000 var_68 = dword ptr -68h
.text:00401000 var_64 = dword ptr -64h
.text:00401000 var_60 = dword ptr -60h
.text:00401000 var_5C = word ptr -5Ch
.text:00401000 var_54 = byte ptr -54h
.text:00401000 var_3C = dword ptr -3Ch
.text:00401000 var_38 = dword ptr -38h
.text:00401000 var_8 = dword ptr -8
.text:00401000
.text:00401000 mov al, byte_5C0F75
.text:00401005 sub esp, 3Ch
.text:00401008 test al, al
.text:0040100A jnz loc_4010F3
.text:00401010 push 0 ; pvReserved
.text:00401012 call ds:CoInitialize
.text:00401018 push 0
.text:0040101A push offset dword_5C0F7C
.text:0040101F push 0
.text:00401021 call DirectSoundCreate
.text:00401026 test eax, eax
.text:00401028 jl loc_40110A
.text:0040102E mov eax, dword_5C0F7C
.text:00401033 mov edx, [esp+48h+var_8]
.text:00401037 push 2
.text:00401039 push edx
.text:0040103A mov ecx, [eax]
.text:0040103C push eax
.text:0040103D call dword ptr [ecx+18h]
.text:00401040 test eax, eax
.text:00401042 jl loc_40110A
.text:00401048 push edi
.text:00401049 mov ecx, 9
.text:0040104E xor eax, eax
.text:00401050 lea edi, [esp+1Ch]
.text:00401054 lea edx, [esp+40h+var_3C]
.text:00401058 push 0
.text:0040105A rep stosd
.text:0040105C mov eax, dword_5C0F7C
.text:00401061 push edx
.text:00401062 lea edx, [esp+24h]
.text:00401066 mov dword ptr [esp+24h], 24h
.text:0040106E mov dword ptr [esp+28h], 11h
.text:00401076 mov ecx, [eax]
.text:00401078 push edx
.text:00401079 push eax
.text:0040107A call dword ptr [ecx+0Ch]
.text:0040107D test eax, eax
.text:0040107F pop edi
.text:00401080 jl loc_40110A
.text:00401086 mov eax, [esp+38h+var_38]
.text:0040108A push offset unk_5BCF5C
.text:0040108F push offset unk_594790
.text:00401094 push eax
.text:00401095 mov ecx, [eax]
.text:00401097 call dword ptr [ecx]
.text:00401099 test eax, eax
.text:0040109B jl short loc_40110A
.text:0040109D xor edx, edx
.text:0040109F mov eax, [esp+3Ch+var_3C]
.text:004010A3 mov [esp+3Ch+var_38], edx
.text:004010A7 mov word ptr [esp+3Ch+var_38], 1
.text:004010AE mov [esp+8], edx
.text:004010B2 mov word ptr [esp+3Ch+var_38+2], 2
.text:004010B9 mov [esp+0Ch], edx
.text:004010BD mov dword ptr [esp+8], 5622h
.text:004010C5 mov [esp+10h], edx
.text:004010C9 mov word ptr [esp+12h], 10h
.text:004010D0 mov [esp+14h], dx
.text:004010D5 lea edx, [esp+3Ch+var_38]
.text:004010D9 mov word ptr [esp+10h], 4
.text:004010E0 mov dword ptr [esp+0Ch], 15888h
.text:004010E8 mov ecx, [eax]
.text:004010EA push edx
.text:004010EB push eax
.text:004010EC call dword ptr [ecx+38h]
.text:004010EF test eax, eax
.text:004010F1 jl short loc_40110A
.text:004010F3
.text:004010F3 loc_4010F3: ; CODE XREF: sub_401000+Aj
.text:004010F3 mov eax, [esp+3Ch+var_3C]
.text:004010F7 test eax, eax
.text:004010F9 jz short loc_401101
.text:004010FB mov ecx, [eax]
.text:004010FD push eax
.text:004010FE call dword ptr [ecx+8]
.text:00401101
.text:00401101 loc_401101: ; CODE XREF: sub_401000+F9j
.text:00401101 mov byte_5C0F74, 1
.text:00401108 xor eax, eax
.text:0040110A
.text:0040110A loc_40110A: ; CODE XREF: sub_401000+28j
.text:0040110A ; sub_401000+42j ...
.text:0040110A add esp, 3Ch
.text:0040110D retn
.text:0040110D sub_401000 endp
.text:0040110D
.text:0040110D ; 哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪?
.text:0040110E align 4
我想请问各位大牛,var_78,var_70。。。。那些是些什么东西?
.text:00401000 sub_401000 proc near ; CODE XREF: WinMain(x,x,x,x)+5BBp
.text:00401000
.text:00401000 var_78 = dword ptr -78h
.text:00401000 var_70 = dword ptr -70h
.text:00401000 var_6C = dword ptr -6Ch
.text:00401000 var_68 = dword ptr -68h
.text:00401000 var_64 = dword ptr -64h
.text:00401000 var_60 = dword ptr -60h
.text:00401000 var_5C = word ptr -5Ch
.text:00401000 var_54 = byte ptr -54h
.text:00401000 var_3C = dword ptr -3Ch
.text:00401000 var_38 = dword ptr -38h
.text:00401000 var_8 = dword ptr -8
.text:00401000
.text:00401000 mov al, byte_5C0F75
.text:00401005 sub esp, 3Ch
.text:00401008 test al, al
.text:0040100A jnz loc_4010F3
.text:00401010 push 0 ; pvReserved
.text:00401012 call ds:CoInitialize
.text:00401018 push 0
.text:0040101A push offset dword_5C0F7C
.text:0040101F push 0
.text:00401021 call DirectSoundCreate
.text:00401026 test eax, eax
.text:00401028 jl loc_40110A
.text:0040102E mov eax, dword_5C0F7C
.text:00401033 mov edx, [esp+48h+var_8]
.text:00401037 push 2
.text:00401039 push edx
.text:0040103A mov ecx, [eax]
.text:0040103C push eax
.text:0040103D call dword ptr [ecx+18h]
.text:00401040 test eax, eax
.text:00401042 jl loc_40110A
.text:00401048 push edi
.text:00401049 mov ecx, 9
.text:0040104E xor eax, eax
.text:00401050 lea edi, [esp+1Ch]
.text:00401054 lea edx, [esp+40h+var_3C]
.text:00401058 push 0
.text:0040105A rep stosd
.text:0040105C mov eax, dword_5C0F7C
.text:00401061 push edx
.text:00401062 lea edx, [esp+24h]
.text:00401066 mov dword ptr [esp+24h], 24h
.text:0040106E mov dword ptr [esp+28h], 11h
.text:00401076 mov ecx, [eax]
.text:00401078 push edx
.text:00401079 push eax
.text:0040107A call dword ptr [ecx+0Ch]
.text:0040107D test eax, eax
.text:0040107F pop edi
.text:00401080 jl loc_40110A
.text:00401086 mov eax, [esp+38h+var_38]
.text:0040108A push offset unk_5BCF5C
.text:0040108F push offset unk_594790
.text:00401094 push eax
.text:00401095 mov ecx, [eax]
.text:00401097 call dword ptr [ecx]
.text:00401099 test eax, eax
.text:0040109B jl short loc_40110A
.text:0040109D xor edx, edx
.text:0040109F mov eax, [esp+3Ch+var_3C]
.text:004010A3 mov [esp+3Ch+var_38], edx
.text:004010A7 mov word ptr [esp+3Ch+var_38], 1
.text:004010AE mov [esp+8], edx
.text:004010B2 mov word ptr [esp+3Ch+var_38+2], 2
.text:004010B9 mov [esp+0Ch], edx
.text:004010BD mov dword ptr [esp+8], 5622h
.text:004010C5 mov [esp+10h], edx
.text:004010C9 mov word ptr [esp+12h], 10h
.text:004010D0 mov [esp+14h], dx
.text:004010D5 lea edx, [esp+3Ch+var_38]
.text:004010D9 mov word ptr [esp+10h], 4
.text:004010E0 mov dword ptr [esp+0Ch], 15888h
.text:004010E8 mov ecx, [eax]
.text:004010EA push edx
.text:004010EB push eax
.text:004010EC call dword ptr [ecx+38h]
.text:004010EF test eax, eax
.text:004010F1 jl short loc_40110A
.text:004010F3
.text:004010F3 loc_4010F3: ; CODE XREF: sub_401000+Aj
.text:004010F3 mov eax, [esp+3Ch+var_3C]
.text:004010F7 test eax, eax
.text:004010F9 jz short loc_401101
.text:004010FB mov ecx, [eax]
.text:004010FD push eax
.text:004010FE call dword ptr [ecx+8]
.text:00401101
.text:00401101 loc_401101: ; CODE XREF: sub_401000+F9j
.text:00401101 mov byte_5C0F74, 1
.text:00401108 xor eax, eax
.text:0040110A
.text:0040110A loc_40110A: ; CODE XREF: sub_401000+28j
.text:0040110A ; sub_401000+42j ...
.text:0040110A add esp, 3Ch
.text:0040110D retn
.text:0040110D sub_401000 endp
.text:0040110D
.text:0040110D ; 哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪?
.text:0040110E align 4
...全文
请发表友善的回复…
发表回复
liuhaochuan 2003-05-22
- 打赏
- 举报
嘿嘿 谢谢各牛,揭贴。
rainbowinfog 2003-05-17
- 打赏
- 举报
哈哈!!
threads 2003-05-13
- 打赏
- 举报
fucktion?
晕死了
晕死了
lezi1022 2003-05-13
- 打赏
- 举报
text:00401000
这些是什么意思啊?
难道是地址?
地址也可以用字浮表示?
这些是什么意思啊?
难道是地址?
地址也可以用字浮表示?
紫郢剑侠 2003-05-13
- 打赏
- 举报
gz
firstrose 2003-05-13
- 打赏
- 举报
text:00401000
401000处是代码
401000处是代码
LeLeGhost 2003-05-13
- 打赏
- 举报
.text 是一个 Section 的名字,.text 应该是代码段。
.text:00401000 是反汇编工具为了说明之后所列出内容,在你反编译文件中的位置。
.text:00401000 是反汇编工具为了说明之后所列出内容,在你反编译文件中的位置。
nicememory 2003-05-13
- 打赏
- 举报
以下是我用IDA反编译出来的一段FUCKTION代码
fucktion是什么意思啊????
fucktion是什么意思啊????
nicememory 2003-05-13
- 打赏
- 举报
只是反汇编的表示方法而已
一般反汇编的代码不能直接汇编
一般反汇编的代码不能直接汇编
Areslee 2003-05-12
- 打赏
- 举报
在栈中
ADD ESP,3CH就是释放这些变量的指令
ADD ESP,3CH就是释放这些变量的指令
liuhaochuan 2003-05-12
- 打赏
- 举报
如果是的话那么这些变量又是存放在哪里的呢?函数结束以后是谁来释放这些变量的呢?
小弟不才,请牛哥哥们指点一二。
小弟不才,请牛哥哥们指点一二。
liuhaochuan 2003-05-12
- 打赏
- 举报
是不是局部变量呀?
