破解飓风视频播放密码的方法
-----------------------------------------------------
文件名称:破解飓风视频播放密码的方法
目标程序:“05第五讲单例模式.exe”
操作环境:Windows XP-SP2
使用工具:Ollydbg 1.10版
编写作者:Coderui
编写时间:2009年11月27日
联系方式:[email protected]
作者博客:http://hi.baidu.com/coderui
-----------------------------------------------------
“视频文件”使用“飓风视频加密工具”加密以后,播放时需要播放密码。
“视频文件”使用“飓风视频加密工具”加密以后,文件会变成EXE可执行程序,采用delphi编写。
“视频文件”使用“飓风视频加密工具”加密以后,使用PEID查壳显示为“MoleBox v2.0 [Overlay] *”。
-----------------------------------------------------
声明:
本文没有任何技术含量可言,只是为了做笔记备份而用。
如有朋友喜欢可以拿去转载,但误用于非法用途,谢谢。
-----------------------------------------------------
[确定]按扭的入口点,判断用户输入的密码是否为8位:
00480A6B B9 4E000000 MOV ECX,4E
00480A70 6A 00 PUSH 0
00480A72 6A 00 PUSH 0
00480A74 49 DEC ECX
00480A75 ^ 75 F9 JNZ SHORT 05第五讲.00480A70
00480A77 51 PUSH ECX
00480A78 53 PUSH EBX
00480A79 56 PUSH ESI
00480A7A 57 PUSH EDI
00480A7B 8BD8 MOV EBX,EAX
00480A7D 33C0 XOR EAX,EAX
00480A7F 55 PUSH EBP
00480A80 68 50104800 PUSH 05第五讲.00481050
00480A85 64:FF30 PUSH DWORD PTR FS:[EAX]
00480A88 64:8920 MOV DWORD PTR FS:[EAX],ESP
00480A8B 8D95 0CFEFFFF LEA EDX,DWORD PTR SS:[EBP-1F4]
00480A91 8B83 00030000 MOV EAX,DWORD PTR DS:[EBX+300]
00480A97 E8 2CCCFBFF CALL 05第五讲.0043D6C8 ; 读取用户输入的密码字符串*
00480A9C 8B85 0CFEFFFF MOV EAX,DWORD PTR SS:[EBP-1F4]
00480AA2 8D55 FC LEA EDX,DWORD PTR SS:[EBP-4]
00480AA5 E8 927EF8FF CALL 05第五讲.0040893C
00480AAA 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
00480AAD E8 9E3FF8FF CALL 05第五讲.00404A50
00480AB2 83F8 08 CMP EAX,8
00480AB5 75 12 JNZ SHORT 05第五讲.00480AC9 ; 判断用户输入的密码是否为8位*
判断播放密码的前2位是否正确:
00480C0D /E9 DD030000 JMP 05第五讲.00480FEF
00480C12 |8BC6 MOV EAX,ESI
00480C14 |E8 272EF8FF CALL 05第五讲.00403A40
00480C19 |8D95 DCFDFFFF LEA EDX,DWORD PTR SS:[EBP-224]
00480C1F |A1 5C814800 MOV EAX,DWORD PTR DS:[48815C]
00480C24 |8B00 MOV EAX,DWORD PTR DS:[EAX]
00480C26 |E8 952E0000 CALL 05第五讲.00483AC0
00480C2B |8D85 DCFDFFFF LEA EAX,DWORD PTR SS:[EBP-224]
00480C31 |50 PUSH EAX
00480C32 |8D95 D8FDFFFF LEA EDX,DWORD PTR SS:[EBP-228]
00480C38 |8B83 FC020000 MOV EAX,DWORD PTR DS:[EBX+2FC]
00480C3E |E8 85CAFBFF CALL 05第五讲.0043D6C8 ; 读取程序界面文本框中显示出来的“电脑标识”*
00480C43 |8B95 D8FDFFFF MOV EDX,DWORD PTR SS:[EBP-228]
00480C49 |58 POP EAX
00480C4A |E8 093EF8FF CALL 05第五讲.00404A58
00480C4F |8B85 DCFDFFFF MOV EAX,DWORD PTR SS:[EBP-224]
00480C55 |8D95 E0FDFFFF LEA EDX,DWORD PTR SS:[EBP-220]
00480C5B |E8 C87AF8FF CALL 05第五讲.00408728
00480C60 |8B85 E0FDFFFF MOV EAX,DWORD PTR SS:[EBP-220]
00480C66 |8D55 F8 LEA EDX,DWORD PTR SS:[EBP-8]
00480C69 |E8 3E2F0000 CALL 05第五讲.00483BAC
00480C6E |8D95 C0FDFFFF LEA EDX,DWORD PTR SS:[EBP-240]
00480C74 |8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
00480C77 |E8 442E0000 CALL 05第五讲.00483AC0
00480C7C |FFB5 C0FDFFFF PUSH DWORD PTR SS:[EBP-240]
00480C82 |68 AC104800 PUSH 05第五讲.004810AC ; yaomediakj1jf*
00480C87 |68 C4104800 PUSH 05第五讲.004810C4 ; m
00480C8C |68 D0104800 PUSH 05第五讲.004810D0 ; ly
00480C91 |68 DC104800 PUSH 05第五讲.004810DC ; 1
00480C96 |8D85 C4FDFFFF LEA EAX,DWORD PTR SS:[EBP-23C]
00480C9C |BA 05000000 MOV EDX,5
00480CA1 |E8 6A3EF8FF CALL 05第五讲.00404B10
00480CA6 |8B85 C4FDFFFF MOV EAX,DWORD PTR SS:[EBP-23C]
00480CAC |8D95 C8FDFFFF LEA EDX,DWORD PTR SS:[EBP-238]
00480CB2 |E8 F52E0000 CALL 05第五讲.00483BAC
00480CB7 |8B85 C8FDFFFF MOV EAX,DWORD PTR SS:[EBP-238]
00480CBD |8D95 CCFDFFFF LEA EDX,DWORD PTR SS:[EBP-234]
00480CC3 |E8 607AF8FF CALL 05第五讲.00408728
00480CC8 |8B85 CCFDFFFF MOV EAX,DWORD PTR SS:[EBP-234]
00480CCE |8D95 E8FDFFFF LEA EDX,DWORD PTR SS:[EBP-218]
00480CD4 |E8 2F6AFEFF CALL 05第五讲.00467708
00480CD9 |8D85 E8FDFFFF LEA EAX,DWORD PTR SS:[EBP-218]
00480CDF |8D95 D0FDFFFF LEA EDX,DWORD PTR SS:[EBP-230]
00480CE5 |E8 926AFEFF CALL 05第五讲.0046777C
00480CEA |8B85 D0FDFFFF MOV EAX,DWORD PTR SS:[EBP-230]
00480CF0 |8D8D D4FDFFFF LEA ECX,DWORD PTR SS:[EBP-22C]
00480CF6 |BA 02000000 MOV EDX,2 ; 计算播放密码的前2位*
00480CFB |E8 28E9FAFF CALL 05第五讲.0042F628 ; 真实密码前2位的明文*
00480D00 |8B85 D4FDFFFF MOV EAX,DWORD PTR SS:[EBP-22C]
00480D06 |8D95 E8FDFFFF LEA EDX,DWORD PTR SS:[EBP-218]
00480D0C |E8 F769FEFF CALL 05第五讲.00467708
00480D11 |8D85 E8FDFFFF LEA EAX,DWORD PTR SS:[EBP-218]
00480D17 |8D55 F0 LEA EDX,DWORD PTR SS:[EBP-10]
00480D1A |E8 5D6AFEFF CALL 05第五讲.0046777C
00480D1F |8D8D BCFDFFFF LEA ECX,DWORD PTR SS:[EBP-244]
00480D25 |BA 02000000 MOV EDX,2 ; 取用户输入的密码字符串的前2位*
00480D2A |A1 D8AD4800 MOV EAX,DWORD PTR DS:[48ADD8]
00480D2F |E8 F4E8FAFF CALL 05第五讲.0042F628 ; 所提取用户输入密码前2位的明文*
00480D34 |8B85 BCFDFFFF MOV EAX,DWORD PTR SS:[EBP-244]
00480D3A |8D95 E8FDFFFF LEA EDX,DWORD PTR SS:[EBP-218]
00480D40 |E8 C369FEFF CALL 05第五讲.00467708
00480D45 |8D85 E8FDFFFF LEA EAX,DWORD PTR SS:[EBP-218]
00480D4B |8D55 EC LEA EDX,DWORD PTR SS:[EBP-14]
00480D4E |E8 296AFEFF CALL 05第五讲.0046777C
00480D53 |8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10]
00480D56 |8B55 EC MOV EDX,DWORD PTR SS:[EBP-14]
00480D59 |E8 3E3EF8FF CALL 05第五讲.00404B9C
00480D5E |0F95C0 SETNE AL
00480D61 |84C0 TEST AL,AL
00480D63 |74 0F JE SHORT 05第五讲.00480D74 ; 判断前2位密码是否正确
00480D65 |B8 E8104800 MOV EAX,05第五讲.004810E8 ; 播放密码不正确
00480D6A |E8 55B9FAFF CALL 05第五讲.0042C6C4
00480D6F |E9 7B020000 JMP 05第五讲.00480FEF
判断播放密码的中间4位是否正确:
00480E5B /74 0F JE SHORT 05第五讲.00480E6C
00480E5D |B8 E8104800 MOV EAX,05第五讲.004810E8 ; 播放密码不正确
00480E62 |E8 5DB8FAFF CALL 05第五讲.0042C6C4
00480E67 |E9 83010000 JMP 05第五讲.00480FEF
00480E6C /8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10]
00480E6F 8B55 EC MOV EDX,DWORD PTR SS:[EBP-14]
00480E72 E8 253DF8FF CALL 05第五讲.00404B9C
00480E77 0F95C0 SETNE AL
00480E7A 84C0 TEST AL,AL
00480E7C 0F85 6D010000 JNZ 05第五讲.00480FEF
00480E82 8D95 94FDFFFF LEA EDX,DWORD PTR SS:[EBP-26C]
00480E88 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
00480E8B E8 302C0000 CALL 05第五讲.00483AC0
00480E90 FFB5 94FDFFFF PUSH DWORD PTR SS:[EBP-26C]
00480E96 68 28114800 PUSH 05第五讲.00481128 ; yaomediakj2jf*
00480E9B 68 40114800 PUSH 05第五讲.00481140 ; mm
00480EA0 68 D0104800 PUSH 05第五讲.004810D0 ; ly
00480EA5 68 DC104800 PUSH 05第五讲.004810DC ; 1
00480EAA 8D85 98FDFFFF LEA EAX,DWORD PTR SS:[EBP-268]
00480EB0 BA 05000000 MOV EDX,5
00480EB5 E8 563CF8FF CALL 05第五讲.00404B10
00480EBA 8B85 98FDFFFF MOV EAX,DWORD PTR SS:[EBP-268]
00480EC0 8D95 9CFDFFFF LEA EDX,DWORD PTR SS:[EBP-264]
00480EC6 E8 E12C0000 CALL 05第五讲.00483BAC
00480ECB 8B85 9CFDFFFF MOV EAX,DWORD PTR SS:[EBP-264]
00480ED1 8D95 A0FDFFFF LEA EDX,DWORD PTR SS:[EBP-260]
00480ED7 E8 4C78F8FF CALL 05第五讲.00408728
00480EDC 8B85 A0FDFFFF MOV EAX,DWORD PTR SS:[EBP-260]
00480EE2 8D95 E8FDFFFF LEA EDX,DWORD PTR SS:[EBP-218]
00480EE8 E8 1B68FEFF CALL 05第五讲.00467708
00480EED 8D85 E8FDFFFF LEA EAX,DWORD PTR SS:[EBP-218]
00480EF3 8D95 A4FDFFFF LEA EDX,DWORD PTR SS:[EBP-25C]
00480EF9 E8 7E68FEFF CALL 05第五讲.0046777C
00480EFE 8B85 A4FDFFFF MOV EAX,DWORD PTR SS:[EBP-25C]
00480F04 8D8D A8FDFFFF LEA ECX,DWORD PTR SS:[EBP-258]
00480F0A BA 0E000000 MOV EDX,0E
00480F0F E8 14E7FAFF CALL 05第五讲.0042F628
00480F14 8B85 A8FDFFFF MOV EAX,DWORD PTR SS:[EBP-258]
00480F1A 8D8D ACFDFFFF LEA ECX,DWORD PTR SS:[EBP-254]
00480F20 BA 04000000 MOV EDX,4 ; 计算播放密码的中间4位*
00480F25 E8 6EE7FAFF CALL 05第五讲.0042F698
00480F2A 8B85 ACFDFFFF MOV EAX,DWORD PTR SS:[EBP-254] ; 真实密码中间4位的明文*
00480F30 8D95 E8FDFFFF LEA EDX,DWORD PTR SS:[EBP-218]
00480F36 E8 CD67FEFF CALL 05第五讲.00467708
00480F3B 8D85 E8FDFFFF LEA EAX,DWORD PTR SS:[EBP-218]
00480F41 8D55 F0 LEA EDX,DWORD PTR SS:[EBP-10]
00480F44 E8 3368FEFF CALL 05第五讲.0046777C
00480F49 8D8D 8CFDFFFF LEA ECX,DWORD PTR SS:[EBP-274]
00480F4F BA 06000000 MOV EDX,6
00480F54 A1 D8AD4800 MOV EAX,DWORD PTR DS:[48ADD8]
00480F59 E8 CAE6FAFF CALL 05第五讲.0042F628
00480F5E 8B85 8CFDFFFF MOV EAX,DWORD PTR SS:[EBP-274]
00480F64 8D8D 90FDFFFF LEA ECX,DWORD PTR SS:[EBP-270]
00480F6A BA 04000000 MOV EDX,4 ; 取用户输入的密码字符串的中间4位*
00480F6F E8 24E7FAFF CALL 05第五讲.0042F698 ; 所提取用户输入密码中间4位的明文*
00480F74 8B85 90FDFFFF MOV EAX,DWORD PTR SS:[EBP-270]
00480F7A 8D95 E8FDFFFF LEA EDX,DWORD PTR SS:[EBP-218]
00480F80 E8 8367FEFF CALL 05第五讲.00467708
00480F85 8D85 E8FDFFFF LEA EAX,DWORD PTR SS:[EBP-218]
00480F8B 8D55 EC LEA EDX,DWORD PTR SS:[EBP-14]
00480F8E E8 E967FEFF CALL 05第五讲.0046777C
00480F93 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10]
00480F96 8B55 EC MOV EDX,DWORD PTR SS:[EBP-14]
00480F99 E8 FE3BF8FF CALL 05第五讲.00404B9C
00480F9E 74 0C JE SHORT 05第五讲.00480FAC ; 判断中间4位密码是否正确
00480FA0 B8 E8104800 MOV EAX,05第五讲.004810E8 ; 播放密码不正确
00480FA5 E8 1AB7FAFF CALL 05第五讲.0042C6C4
00480FAA EB 43 JMP SHORT 05第五讲.00480FEF
00480FAC 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
00480FAF E8 9C3AF8FF CALL 05第五讲.00404A50
00480FB4 83F8 08 CMP EAX,8
00480FB7 7E 0E JLE SHORT 05第五讲.00480FC7
00480FB9 8B4D E0 MOV ECX,DWORD PTR SS:[EBP-20]
00480FBC 8B55 E4 MOV EDX,DWORD PTR SS:[EBP-1C]
00480FBF 8B45 E8 MOV EAX,DWORD PTR SS:[EBP-18]
00480FC2 E8 C5050000 CALL 05第五讲.0048158C
00480FC7 A1 047F4800 MOV EAX,DWORD PTR DS:[487F04]
00480FCC BA 4C114800 MOV EDX,05第五讲.0048114C ; ok
00480FD1 E8 0E38F8FF CALL 05第五讲.004047E4
00480FD6 8B55 EC MOV EDX,DWORD PTR SS:[EBP-14]
00480FD9 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10]
00480FDC E8 8377F8FF CALL 05第五讲.00408764
00480FE1 85C0 TEST EAX,EAX
00480FE3 75 0A JNZ SHORT 05第五讲.00480FEF
00480FE5 A1 C8AD4800 MOV EAX,DWORD PTR DS:[48ADC8]
00480FEA E8 F587FDFF CALL 05第五讲.004597E4
00480FEF 33C0 XOR EAX,EAX
00480FF1 5A POP EDX
00480FF2 59 POP ECX
00480FF3 59 POP ECX
00480FF4 64:8910 MOV DWORD PTR FS:[EAX],EDX
00480FF7 68 57104800 PUSH 05第五讲.00481057
00480FFC 8D85 8CFDFFFF LEA EAX,DWORD PTR SS:[EBP-274]
00481002 BA 13000000 MOV EDX,13
00481007 E8 A837F8FF CALL 05第五讲.004047B4
0048100C 8D85 D8FDFFFF LEA EAX,DWORD PTR SS:[EBP-228]
00481012 E8 7937F8FF CALL 05第五讲.00404790
00481017 8D85 DCFDFFFF LEA EAX,DWORD PTR SS:[EBP-224]
0048101D BA 03000000 MOV EDX,3
00481022 E8 8D37F8FF CALL 05第五讲.004047B4
00481027 8D85 F8FDFFFF LEA EAX,DWORD PTR SS:[EBP-208]
0048102D BA 05000000 MOV EDX,5
00481032 E8 7D37F8FF CALL 05第五讲.004047B4
00481037 8D85 0CFEFFFF LEA EAX,DWORD PTR SS:[EBP-1F4]
0048103D E8 4E37F8FF CALL 05第五讲.00404790
00481042 8D45 DC LEA EAX,DWORD PTR SS:[EBP-24]
00481045 BA 09000000 MOV EDX,9
0048104A E8 6537F8FF CALL 05第五讲.004047B4
0048104F C3 RETN
00481050 ^ E9 3F31F8FF JMP 05第五讲.00404194
00481055 ^ EB A5 JMP SHORT 05第五讲.00480FFC
00481057 5F POP EDI
00481058 5E POP ESI
00481059 5B POP EBX
0048105A 8BE5 MOV ESP,EBP
0048105C 5D POP EBP
0048105D C3 RETN
判断播放密码的后2位是否正确:
0048115E ^/75 F9 JNZ SHORT 05第五讲.00481159
00481160 51 PUSH ECX
00481161 874D FC XCHG DWORD PTR SS:[EBP-4],ECX
00481164 53 PUSH EBX
00481165 56 PUSH ESI
00481166 57 PUSH EDI
00481167 8BD8 MOV EBX,EAX
00481169 33C0 XOR EAX,EAX
0048116B 55 PUSH EBP
0048116C 68 82144800 PUSH 05第五讲.00481482
00481171 64:FF30 PUSH DWORD PTR FS:[EAX]
00481174 64:8920 MOV DWORD PTR FS:[EAX],ESP
00481177 8D55 E8 LEA EDX,DWORD PTR SS:[EBP-18]
0048117A A1 5C814800 MOV EAX,DWORD PTR DS:[48815C]
0048117F 8B00 MOV EAX,DWORD PTR DS:[EAX]
00481181 E8 3A290000 CALL 05第五讲.00483AC0
00481186 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
00481189 50 PUSH EAX
0048118A 8D55 E4 LEA EDX,DWORD PTR SS:[EBP-1C]
0048118D 8B83 FC020000 MOV EAX,DWORD PTR DS:[EBX+2FC]
00481193 E8 30C5FBFF CALL 05第五讲.0043D6C8 ; 读取用户输入的密码字符串*
00481198 8B55 E4 MOV EDX,DWORD PTR SS:[EBP-1C]
0048119B 58 POP EAX
0048119C E8 B738F8FF CALL 05第五讲.00404A58
004811A1 8B45 E8 MOV EAX,DWORD PTR SS:[EBP-18]
004811A4 8D55 EC LEA EDX,DWORD PTR SS:[EBP-14]
004811A7 E8 7C75F8FF CALL 05第五讲.00408728
004811AC 8B45 EC MOV EAX,DWORD PTR SS:[EBP-14]
004811AF 8D55 F4 LEA EDX,DWORD PTR SS:[EBP-C]
004811B2 E8 F5290000 CALL 05第五讲.00483BAC
004811B7 8D55 B8 LEA EDX,DWORD PTR SS:[EBP-48]
004811BA 8B45 F4 MOV EAX,DWORD PTR SS:[EBP-C]
004811BD E8 FE280000 CALL 05第五讲.00483AC0
004811C2 FF75 B8 PUSH DWORD PTR SS:[EBP-48]
004811C5 68 98144800 PUSH 05第五讲.00481498 ; yaomediakj3jf*
004811CA 68 B0144800 PUSH 05第五讲.004814B0 ; mmm
004811CF 68 BC144800 PUSH 05第五讲.004814BC ; ly
004811D4 68 C8144800 PUSH 05第五讲.004814C8 ; 1
004811D9 8D45 BC LEA EAX,DWORD PTR SS:[EBP-44]
004811DC BA 05000000 MOV EDX,5
004811E1 E8 2A39F8FF CALL 05第五讲.00404B10
004811E6 8B45 BC MOV EAX,DWORD PTR SS:[EBP-44]
004811E9 8D55 C0 LEA EDX,DWORD PTR SS:[EBP-40]
004811EC E8 BB290000 CALL 05第五讲.00483BAC
004811F1 8B45 C0 MOV EAX,DWORD PTR SS:[EBP-40]
004811F4 8D55 C4 LEA EDX,DWORD PTR SS:[EBP-3C]
004811F7 E8 2C75F8FF CALL 05第五讲.00408728
004811FC 8B45 C4 MOV EAX,DWORD PTR SS:[EBP-3C]
004811FF 8D55 D4 LEA EDX,DWORD PTR SS:[EBP-2C]
00481202 E8 0165FEFF CALL 05第五讲.00467708
00481207 8D45 D4 LEA EAX,DWORD PTR SS:[EBP-2C]
0048120A 8D55 C8 LEA EDX,DWORD PTR SS:[EBP-38]
0048120D E8 6A65FEFF CALL 05第五讲.0046777C
00481212 8B45 C8 MOV EAX,DWORD PTR SS:[EBP-38]
00481215 8D4D CC LEA ECX,DWORD PTR SS:[EBP-34]
00481218 BA 18000000 MOV EDX,18
0048121D E8 06E4FAFF CALL 05第五讲.0042F628
00481222 8B45 CC MOV EAX,DWORD PTR SS:[EBP-34]
00481225 8D4D D0 LEA ECX,DWORD PTR SS:[EBP-30]
00481228 BA 02000000 MOV EDX,2 ; 计算播放密码的后2位*
0048122D E8 66E4FAFF CALL 05第五讲.0042F698 ; 真实密码后2位的明文*
00481232 8B45 D0 MOV EAX,DWORD PTR SS:[EBP-30]
00481235 8D55 D4 LEA EDX,DWORD PTR SS:[EBP-2C]
00481238 E8 CB64FEFF CALL 05第五讲.00467708
0048123D 8D45 D4 LEA EAX,DWORD PTR SS:[EBP-2C]
00481240 8D55 FC LEA EDX,DWORD PTR SS:[EBP-4]
00481243 E8 3465FEFF CALL 05第五讲.0046777C
00481248 8D4D B4 LEA ECX,DWORD PTR SS:[EBP-4C]
0048124B BA 02000000 MOV EDX,2 ; 取用户输入的密码字符串的后2位*
00481250 A1 D8AD4800 MOV EAX,DWORD PTR DS:[48ADD8]
00481255 E8 3EE4FAFF CALL 05第五讲.0042F698 ; 所提取用户输入密码后2位的明文*
0048125A 8B45 B4 MOV EAX,DWORD PTR SS:[EBP-4C]
0048125D 8D55 D4 LEA EDX,DWORD PTR SS:[EBP-2C]
00481260 E8 A364FEFF CALL 05第五讲.00467708
00481265 8D45 D4 LEA EAX,DWORD PTR SS:[EBP-2C]
00481268 8D55 F8 LEA EDX,DWORD PTR SS:[EBP-8]
0048126B E8 0C65FEFF CALL 05第五讲.0046777C
00481270 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
00481273 8B55 F8 MOV EDX,DWORD PTR SS:[EBP-8]
00481276 E8 2139F8FF CALL 05第五讲.00404B9C
0048127B 0F95C3 SETNE BL
0048127E 84DB TEST BL,BL
00481280 74 11 JE SHORT 05第五讲.00481293 ; 判断后2位密码是否正确
00481282 A1 C4824800 MOV EAX,DWORD PTR DS:[4882C4]
00481287 8B00 MOV EAX,DWORD PTR DS:[EAX]
00481289 E8 5685FDFF CALL 05第五讲.004597E4
0048128E E9 B7010000 JMP 05第五讲.0048144A
-----------------------------------------------------
注明:注解中,加“*”号处为重点部分。
-----------------------------------------------------