21,459
社区成员
发帖
与我相关
我的任务
分享300分翻译一段汇编代码,汇编高手快过来帮心。
这是一个字符串加密的汇编代码段(函数),用IDA提取出来的,我汇编太次,翻译不过来啊,高手请帮帮忙。把字符串加密的过程帮我分析出来,最好能把C语言写出来,不甚感激啊,为这我都搞好几天了。如果分数太少可以再加。
数据定义部分
aBadChecksum db 'Bad checksum',0
align 4
aBeyondValidity db 'Beyond validity period',0
align 4
aUnknownEncrypt db 'Unknown encrypt key',0
aBadFormat db 'Bad format',0
align 4
aSrcIsTooLong db 'src is too long',0
aDestSizeTooSma db 'dest size too small',0
aNoDestIsGiven db 'No dest is given',0
align 4
a90Abcde1fghijk db '90-ABCDE1FGHIJK2LMNOPQ3RSTUVW4XYZ_ab5cdefgh6ijklmn7opqrst8uvwxyz',0
align 4
a8uvwxyz90Abcde db '8uvwxyz90-ABCDE1FGHIJK2LMNOPQ3RSTUVW4XYZ_ab5cdefgh6ijklmn7opqrst',0
align 4
a7opqrst8uvwxyz db '7opqrst8uvwxyz90-ABCDE1FGHIJK2LMNOPQ3RSTUVW4XYZ_ab5cdefgh6ijklmn',0
align 4
a6ijklmn7opqrst db '6ijklmn7opqrst8uvwxyz90-ABCDE1FGHIJK2LMNOPQ3RSTUVW4XYZ_ab5cdefgh',0
align 4
a5cdefgh6ijklmn db '5cdefgh6ijklmn7opqrst8uvwxyz90-ABCDE1FGHIJK2LMNOPQ3RSTUVW4XYZ_ab',0
align 4
a4xyz_ab5cdefgh db '4XYZ_ab5cdefgh6ijklmn7opqrst8uvwxyz90-ABCDE1FGHIJK2LMNOPQ3RSTUVW',0
align 4
a3rstuvw4xyz_ab db '3RSTUVW4XYZ_ab5cdefgh6ijklmn7opqrst8uvwxyz90-ABCDE1FGHIJK2LMNOPQ',0
align 4
a2lmnopq3rstuvw db '2LMNOPQ3RSTUVW4XYZ_ab5cdefgh6ijklmn7opqrst8uvwxyz90-ABCDE1FGHIJK',0
align 4
a1fghijk2lmnopq db '1FGHIJK2LMNOPQ3RSTUVW4XYZ_ab5cdefgh6ijklmn7opqrst8uvwxyz90-ABCDE',0
align 4
a0Abcde1fghijk2 db '0-ABCDE1FGHIJK2LMNOPQ3RSTUVW4XYZ_ab5cdefgh6ijklmn7opqrst8uvwxyz9',0
align 4
dword_0_1001B5D0 dd 0
dd offset aNoDestIsGiven
dd offset aDestSizeTooSma
dd offset aSrcIsTooLong
dd offset aBadFormat
dd offset aUnknownEncrypt
dd offset aBeyondValidity
dd offset aBadChecksum
dword_0_1001B5F0 dd 1C20h
off_0_1001B5F4 dd offset a0Abcde1fghijk2
dd offset a1fghijk2lmnopq
dd offset a2lmnopq3rstuvw
dd offset a3rstuvw4xyz_ab
dd offset a4xyz_ab5cdefgh
dd offset a5cdefgh6ijklmn
dd offset a6ijklmn7opqrst
dd offset a7opqrst8uvwxyz
dd offset a8uvwxyz90Abcde
dd offset a90Abcde1fghijk
dword_0_1001B61C dd 0Ah
a0123456789_abc db '0123456789-_abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUV'
数据定义部分
aBadChecksum db 'Bad checksum',0
align 4
aBeyondValidity db 'Beyond validity period',0
align 4
aUnknownEncrypt db 'Unknown encrypt key',0
aBadFormat db 'Bad format',0
align 4
aSrcIsTooLong db 'src is too long',0
aDestSizeTooSma db 'dest size too small',0
aNoDestIsGiven db 'No dest is given',0
align 4
a90Abcde1fghijk db '90-ABCDE1FGHIJK2LMNOPQ3RSTUVW4XYZ_ab5cdefgh6ijklmn7opqrst8uvwxyz',0
align 4
a8uvwxyz90Abcde db '8uvwxyz90-ABCDE1FGHIJK2LMNOPQ3RSTUVW4XYZ_ab5cdefgh6ijklmn7opqrst',0
align 4
a7opqrst8uvwxyz db '7opqrst8uvwxyz90-ABCDE1FGHIJK2LMNOPQ3RSTUVW4XYZ_ab5cdefgh6ijklmn',0
align 4
a6ijklmn7opqrst db '6ijklmn7opqrst8uvwxyz90-ABCDE1FGHIJK2LMNOPQ3RSTUVW4XYZ_ab5cdefgh',0
align 4
a5cdefgh6ijklmn db '5cdefgh6ijklmn7opqrst8uvwxyz90-ABCDE1FGHIJK2LMNOPQ3RSTUVW4XYZ_ab',0
align 4
a4xyz_ab5cdefgh db '4XYZ_ab5cdefgh6ijklmn7opqrst8uvwxyz90-ABCDE1FGHIJK2LMNOPQ3RSTUVW',0
align 4
a3rstuvw4xyz_ab db '3RSTUVW4XYZ_ab5cdefgh6ijklmn7opqrst8uvwxyz90-ABCDE1FGHIJK2LMNOPQ',0
align 4
a2lmnopq3rstuvw db '2LMNOPQ3RSTUVW4XYZ_ab5cdefgh6ijklmn7opqrst8uvwxyz90-ABCDE1FGHIJK',0
align 4
a1fghijk2lmnopq db '1FGHIJK2LMNOPQ3RSTUVW4XYZ_ab5cdefgh6ijklmn7opqrst8uvwxyz90-ABCDE',0
align 4
a0Abcde1fghijk2 db '0-ABCDE1FGHIJK2LMNOPQ3RSTUVW4XYZ_ab5cdefgh6ijklmn7opqrst8uvwxyz9',0
align 4
dword_0_1001B5D0 dd 0
dd offset aNoDestIsGiven
dd offset aDestSizeTooSma
dd offset aSrcIsTooLong
dd offset aBadFormat
dd offset aUnknownEncrypt
dd offset aBeyondValidity
dd offset aBadChecksum
dword_0_1001B5F0 dd 1C20h
off_0_1001B5F4 dd offset a0Abcde1fghijk2
dd offset a1fghijk2lmnopq
dd offset a2lmnopq3rstuvw
dd offset a3rstuvw4xyz_ab
dd offset a4xyz_ab5cdefgh
dd offset a5cdefgh6ijklmn
dd offset a6ijklmn7opqrst
dd offset a7opqrst8uvwxyz
dd offset a8uvwxyz90Abcde
dd offset a90Abcde1fghijk
dword_0_1001B61C dd 0Ah
a0123456789_abc db '0123456789-_abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUV'
...全文
请发表友善的回复…
发表回复
烟波三千里人鬼五百年 2004-07-29
- 打赏
- 举报
呵呵,果然有400分。。好啊
Lo 2004-07-25
- 打赏
- 举报
续
cmp ebx, 24h
jge short loc_0_10005162
add bl, 37h
jmp short loc_0_1000516A
loc_0_10005162: ; CODE XREF: sub_0_1000503E+11Dj
cmp ebx, 3Eh
jge short loc_0_1000516F
add bl, 3Dh
loc_0_1000516A: ; CODE XREF: sub_0_1000503E+118j
mov [esi+1], bl
jmp short loc_0_10005173
loc_0_1000516F: ; CODE XREF: sub_0_1000503E+127j
mov byte ptr [esi+1], 30h
loc_0_10005173: ; CODE XREF: sub_0_1000503E+12Fj
xor ecx, ecx
push 2
cmp [ebp+arg_4], ecx
pop eax
jle loc_0_1000520C
loc_0_10005181: ; CODE XREF: sub_0_1000503E+1C0j
movsx edx, [ebp+ecx+var_400C]
mov ebx, edx
sar edx, 2
and edx, 3Fh
and ebx, 3
shl ebx, 4
mov dl, [edx+edi]
mov [ebp+arg_0], ebx
mov [eax+esi], dl
inc eax
inc ecx
cmp ecx, [ebp+arg_4]
jz short loc_0_10005202
movsx edx, [ebp+ecx+var_400C]
mov [ebp+arg_8], edx
sar edx, 4
and edx, 0Fh
or edx, ebx
mov ebx, [ebp+arg_8]
and ebx, 0Fh
mov dl, [edx+edi]
shl ebx, 2
mov [eax+esi], dl
inc eax
inc ecx
mov [ebp+arg_0], ebx
cmp ecx, [ebp+arg_4]
jz short loc_0_10005202
movsx edx, [ebp+ecx+var_400C]
mov [ebp+arg_8], edx
sar edx, 6
and edx, 3
or edx, ebx
mov dl, [edx+edi]
mov [eax+esi], dl
mov edx, [ebp+arg_8]
and edx, 3Fh
inc eax
mov dl, [edx+edi]
mov [eax+esi], dl
inc eax
inc ecx
cmp ecx, [ebp+arg_4]
jl short loc_0_10005181
jmp short loc_0_1000520C
loc_0_10005202: ; CODE XREF: sub_0_1000503E+167j
mov ecx, [ebp+arg_0]
mov cl, [ecx+edi]
mov [eax+esi], cl
inc eax
loc_0_1000520C: ; CODE XREF: sub_0_1000503E+13Dj
and byte ptr [eax+esi], 0
jmp short loc_0_1000521E
loc_0_10005212: ; CODE XREF: sub_0_1000503E+31j
and byte ptr [esi], 0
jmp short loc_0_1000521E
loc_0_10005217: ; CODE XREF: sub_0_1000503E+1Dj
mov [ebp+var_4], 1
loc_0_1000521E: ; CODE XREF: sub_0_1000503E+57j
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
mov eax, dword_0_1001B5D0[eax*4]
leave
retn
sub_0_1000503E endp
cmp ebx, 24h
jge short loc_0_10005162
add bl, 37h
jmp short loc_0_1000516A
loc_0_10005162: ; CODE XREF: sub_0_1000503E+11Dj
cmp ebx, 3Eh
jge short loc_0_1000516F
add bl, 3Dh
loc_0_1000516A: ; CODE XREF: sub_0_1000503E+118j
mov [esi+1], bl
jmp short loc_0_10005173
loc_0_1000516F: ; CODE XREF: sub_0_1000503E+127j
mov byte ptr [esi+1], 30h
loc_0_10005173: ; CODE XREF: sub_0_1000503E+12Fj
xor ecx, ecx
push 2
cmp [ebp+arg_4], ecx
pop eax
jle loc_0_1000520C
loc_0_10005181: ; CODE XREF: sub_0_1000503E+1C0j
movsx edx, [ebp+ecx+var_400C]
mov ebx, edx
sar edx, 2
and edx, 3Fh
and ebx, 3
shl ebx, 4
mov dl, [edx+edi]
mov [ebp+arg_0], ebx
mov [eax+esi], dl
inc eax
inc ecx
cmp ecx, [ebp+arg_4]
jz short loc_0_10005202
movsx edx, [ebp+ecx+var_400C]
mov [ebp+arg_8], edx
sar edx, 4
and edx, 0Fh
or edx, ebx
mov ebx, [ebp+arg_8]
and ebx, 0Fh
mov dl, [edx+edi]
shl ebx, 2
mov [eax+esi], dl
inc eax
inc ecx
mov [ebp+arg_0], ebx
cmp ecx, [ebp+arg_4]
jz short loc_0_10005202
movsx edx, [ebp+ecx+var_400C]
mov [ebp+arg_8], edx
sar edx, 6
and edx, 3
or edx, ebx
mov dl, [edx+edi]
mov [eax+esi], dl
mov edx, [ebp+arg_8]
and edx, 3Fh
inc eax
mov dl, [edx+edi]
mov [eax+esi], dl
inc eax
inc ecx
cmp ecx, [ebp+arg_4]
jl short loc_0_10005181
jmp short loc_0_1000520C
loc_0_10005202: ; CODE XREF: sub_0_1000503E+167j
mov ecx, [ebp+arg_0]
mov cl, [ecx+edi]
mov [eax+esi], cl
inc eax
loc_0_1000520C: ; CODE XREF: sub_0_1000503E+13Dj
and byte ptr [eax+esi], 0
jmp short loc_0_1000521E
loc_0_10005212: ; CODE XREF: sub_0_1000503E+31j
and byte ptr [esi], 0
jmp short loc_0_1000521E
loc_0_10005217: ; CODE XREF: sub_0_1000503E+1Dj
mov [ebp+var_4], 1
loc_0_1000521E: ; CODE XREF: sub_0_1000503E+57j
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
mov eax, dword_0_1001B5D0[eax*4]
leave
retn
sub_0_1000503E endp
Lo 2004-07-25
- 打赏
- 举报
编码程序部分
sub_0_1000503E proc near
var_400C= byte ptr -400Ch
var_400A= byte ptr -400Ah
var_4009= byte ptr -4009h
var_4008= byte ptr -4008h
var_4007= byte ptr -4007h
var_4006= byte ptr -4006h
var_C= dword ptr -0Ch
var_8= dword ptr -8
var_4= dword ptr -4
arg_0= dword ptr 8
arg_4= dword ptr 0Ch
arg_8= dword ptr 10h
push ebp
mov ebp, esp
mov eax, 400Ch
call __alloca_probe
push ebx
push esi
mov esi, [ebp+arg_4]
xor ebx, ebx
cmp esi, ebx
push edi
mov [ebp+var_4], ebx
mov [ebp+var_8], ebx
jz loc_0_10005217
cmp [ebp+arg_8], ebx
jle loc_0_10005217
mov edi, [ebp+arg_0]
cmp edi, ebx
jz loc_0_10005212
cmp [edi], bl
jz loc_0_10005212
push edi
call strlen
cmp eax, 3FF4h
pop ecx
mov [ebp+arg_4], eax
jle short loc_0_1000509A
mov [ebp+var_4], 3
jmp loc_0_1000521E
loc_0_1000509A: ; CODE XREF: sub_0_1000503E+4Ej
xor ecx, ecx
cmp eax, ebx
jle short loc_0_100050AC
loc_0_100050A0: ; CODE XREF: sub_0_1000503E+6Cj
movzx edx, byte ptr [ecx+edi]
add [ebp+var_8], edx
inc ecx
cmp ecx, eax
jl short loc_0_100050A0
loc_0_100050AC: ; CODE XREF: sub_0_1000503E+60j
lea eax, [ebp+var_C]
push eax
call ds:time
pop ecx
mov ecx, [ebp+var_C]
mov eax, ecx
cdq
idiv dword_0_1001B61C
mov ebx, edx
cmp ebx, 3Dh
jle short loc_0_100050CD
push 3Dh
pop ebx
loc_0_100050CD: ; CODE XREF: sub_0_1000503E+8Aj
mov eax, ecx
push [ebp+arg_4]
sar eax, 8
mov [ebp-400Bh], al
mov eax, ecx
sar eax, 10h
mov [ebp+var_400A], al
mov eax, ecx
sar eax, 18h
mov [ebp+var_4009], al
mov eax, ecx
cdq
idiv [ebp+var_8]
push [ebp+arg_0]
mov edi, off_0_1001B5F4[ebx*4]
lea eax, [ebp+var_4006]
mov [ebp+var_400C], cl
push eax
mov [ebp+var_C], edx
mov [ebp+var_4008], dl
sar edx, 8
mov [ebp+var_4007], dl
call memcpy
add [ebp+arg_4], 6
add esp, 0Ch
mov eax, [ebp+arg_4]
shl eax, 2
push 3
cdq
pop ecx
idiv ecx
add eax, ecx
cmp [ebp+arg_8], eax
jg short loc_0_1000514B
mov [ebp+var_4], 2
jmp loc_0_1000521E
loc_0_1000514B: ; CODE XREF: sub_0_1000503E+FFj
cmp ebx, 0Ah
mov byte ptr [esi], 43h
jge short loc_0_10005158
add bl, 30h
jmp short loc_0_1000516A
loc_0_10005158: ; CODE XREF: sub_0_1000503E+113j
sub_0_1000503E proc near
var_400C= byte ptr -400Ch
var_400A= byte ptr -400Ah
var_4009= byte ptr -4009h
var_4008= byte ptr -4008h
var_4007= byte ptr -4007h
var_4006= byte ptr -4006h
var_C= dword ptr -0Ch
var_8= dword ptr -8
var_4= dword ptr -4
arg_0= dword ptr 8
arg_4= dword ptr 0Ch
arg_8= dword ptr 10h
push ebp
mov ebp, esp
mov eax, 400Ch
call __alloca_probe
push ebx
push esi
mov esi, [ebp+arg_4]
xor ebx, ebx
cmp esi, ebx
push edi
mov [ebp+var_4], ebx
mov [ebp+var_8], ebx
jz loc_0_10005217
cmp [ebp+arg_8], ebx
jle loc_0_10005217
mov edi, [ebp+arg_0]
cmp edi, ebx
jz loc_0_10005212
cmp [edi], bl
jz loc_0_10005212
push edi
call strlen
cmp eax, 3FF4h
pop ecx
mov [ebp+arg_4], eax
jle short loc_0_1000509A
mov [ebp+var_4], 3
jmp loc_0_1000521E
loc_0_1000509A: ; CODE XREF: sub_0_1000503E+4Ej
xor ecx, ecx
cmp eax, ebx
jle short loc_0_100050AC
loc_0_100050A0: ; CODE XREF: sub_0_1000503E+6Cj
movzx edx, byte ptr [ecx+edi]
add [ebp+var_8], edx
inc ecx
cmp ecx, eax
jl short loc_0_100050A0
loc_0_100050AC: ; CODE XREF: sub_0_1000503E+60j
lea eax, [ebp+var_C]
push eax
call ds:time
pop ecx
mov ecx, [ebp+var_C]
mov eax, ecx
cdq
idiv dword_0_1001B61C
mov ebx, edx
cmp ebx, 3Dh
jle short loc_0_100050CD
push 3Dh
pop ebx
loc_0_100050CD: ; CODE XREF: sub_0_1000503E+8Aj
mov eax, ecx
push [ebp+arg_4]
sar eax, 8
mov [ebp-400Bh], al
mov eax, ecx
sar eax, 10h
mov [ebp+var_400A], al
mov eax, ecx
sar eax, 18h
mov [ebp+var_4009], al
mov eax, ecx
cdq
idiv [ebp+var_8]
push [ebp+arg_0]
mov edi, off_0_1001B5F4[ebx*4]
lea eax, [ebp+var_4006]
mov [ebp+var_400C], cl
push eax
mov [ebp+var_C], edx
mov [ebp+var_4008], dl
sar edx, 8
mov [ebp+var_4007], dl
call memcpy
add [ebp+arg_4], 6
add esp, 0Ch
mov eax, [ebp+arg_4]
shl eax, 2
push 3
cdq
pop ecx
idiv ecx
add eax, ecx
cmp [ebp+arg_8], eax
jg short loc_0_1000514B
mov [ebp+var_4], 2
jmp loc_0_1000521E
loc_0_1000514B: ; CODE XREF: sub_0_1000503E+FFj
cmp ebx, 0Ah
mov byte ptr [esi], 43h
jge short loc_0_10005158
add bl, 30h
jmp short loc_0_1000516A
loc_0_10005158: ; CODE XREF: sub_0_1000503E+113j
Lo 2004-07-25
- 打赏
- 举报
把名字都整理了一下,只能是大概整理了,本身就是反编译过来的,IDA已经算不错了,名字识别了不少出来。
整理过的请见新贴
http://community.csdn.net/Expert/topic/3207/3207309.xml?temp=.3320734
另外,解决问题,分数加到500.
整理过的请见新贴
http://community.csdn.net/Expert/topic/3207/3207309.xml?temp=.3320734
另外,解决问题,分数加到500.
vicallee 2004-07-25
- 打赏
- 举报
命名都命不好,多余的语句一点都没更改好,等你改好了再看看吧.麻烦.
