请教:希望高手帮我看看以下用于解密的代码属于什么算法

我工作所在的系统下发了一个考试系统,因为我们自己也需要练习,但是他们提供的考试系统无法进行练习,我需要自己做一个考试系统,后来发现题库中的题干和难度系数都被加密了,密文全部是大写的英文字母,比如密文:ABBXBUDOEGGH表示0.1,英文字母不定长
==============================================
dede出来的关于解密部分的代码如下:
* Possible String Reference to: 'QuestionContent'
|
004E97A9   BAB09C4E00             mov     edx, $004E9CB0
004E97AE   8B06                   mov     eax, [esi]* Reference to: DB.TDataSet.FieldByName(TDataSet;AnsiString):TField;
|
004E97B0   E8CBB3FBFF             call    004A4B80
004E97B5   8D55D0                 lea     edx, [ebp-$30]
004E97B8   8B08                   mov     ecx, [eax]
004E97BA   FF5160                 call    dword ptr [ecx+$60]
004E97BD   8B55D0                 mov     edx, [ebp-$30]
004E97C0   8D45D4                 lea     eax, [ebp-$2C]* Reference to: System.@WStrFromLStr(WideString;WideString;String);
|
004E97C3   E874B4F1FF             call    00404C3C
004E97C8   8B45D4                 mov     eax, [ebp-$2C]
004E97CB   8D55D8                 lea     edx, [ebp-$28]* Reference to : TfrmPassWord._PROC_004D6CD0()
|
004E97CE   E8FDD4FEFF             call    004D6CD0
004E97D3   8B55D8                 mov     edx, [ebp-$28]
004E97D6   8D45DC                 lea     eax, [ebp-$24]* Reference to: System.@LStrFromWStr(String;String;WideString);
|
004E97D9   E84EAEF1FF             call    0040462C
004E97DE   8B45DC                 mov     eax, [ebp-$24]
004E97E1   50                     push    eax
004E97E2   8B03                   mov     eax, [ebx]* Possible String Reference to: 'QuestionContent'
|
004E97E4   BAB09C4E00             mov     edx, $004E9CB0
============================================================
TfrmPassWord._PROC_004D6CD0(Sender : TObject);代码如下:
procedure TfrmPassWord._PROC_004D6CD0(Sender : TObject);
begin
(*
004D6CD0   55                     push    ebp
004D6CD1   8BEC                   mov     ebp, esp
004D6CD3   33C9                   xor     ecx, ecx
004D6CD5   51                     push    ecx
004D6CD6   51                     push    ecx
004D6CD7   51                     push    ecx
004D6CD8   51                     push    ecx
004D6CD9   51                     push    ecx
004D6CDA   51                     push    ecx
004D6CDB   51                     push    ecx
004D6CDC   53                     push    ebx
004D6CDD   56                     push    esi
004D6CDE   57                     push    edi
004D6CDF   8955FC                 mov     [ebp-$04], edx
004D6CE2   8BF8                   mov     edi, eax
004D6CE4   33C0                   xor     eax, eax
004D6CE6   55                     push    ebp
004D6CE7   68926E4D00             push    $004D6E92
===============================================================
反汇编出来的关于解密的代码如下:
CALL Server.004A4B80
POP EDX
MOV ECX,DWORD PTR DS:[EAX]
CALL NEAR DWORD PTR DS:[ECX+B0]
MOV EDX,Server.00508C1C                  ;  questioncontent
MOV EAX,EBX
CALL Server.004A4B80
LEA EDX,DWORD PTR SS:[EBP-58]
MOV ECX,DWORD PTR DS:[EAX]
CALL NEAR DWORD PTR DS:[ECX+60]
MOV EAX,DWORD PTR SS:[EBP-58]
LEA EDX,DWORD PTR SS:[EBP-54]
CALL Server.00408C84
MOV EDX,DWORD PTR SS:[EBP-54]
LEA EAX,DWORD PTR SS:[EBP-50]
CALL Server.00404C3C
MOV EAX,DWORD PTR SS:[EBP-50]
LEA EDX,DWORD PTR SS:[EBP-4C]
CALL Server.004D6CD0
MOV EDX,DWORD PTR SS:[EBP-4C]
LEA EAX,DWORD PTR SS:[EBP-48]
CALL Server.0040462C
MOV EAX,DWORD PTR SS:[EBP-48]
PUSH EAX
MOV EAX,DWORD PTR DS:[ESI]
MOV EDX,Server.00508C1C                  ;  questioncontent
===================================
00404c3c
xor ecx,ecx
test edx,edx
je 00404c45
mov ecx,dword ptr[edx-04]
===================================
00404c45
jmp 00404b10
ret
=====================================
00404b10
push ebx
push esi
push edi
push sbp
add esp,fffff004
push eax
add esp,fffffffc
mov esi,ecx
mov dword ptr [esp],edx
mov edi,eax
test esi,esi
jg 00404ab0
jmp 00404b8f
==============================
00404ab0
mov edx,dword ptr [eax]
test edx,edx
je 00404ac4
mov dword ptr [eax],00000000
push eax
push edx
================================
00404ac4
ret
lea eax,dword ptr [eax+00]
=============================
00404b8f
add esp,00001004
pop ebp
pop edi
pop esi
pop ebx
ret
=============================
004D6CD0
push ebp
mov ebp,esp
xor ecx,ecx
push ecx
push ecx
push ecx
push ecx
push ecx
push ecx
push ecx
push ebx
push esi
push edi
mov dword ptr [ebp-04],edx
mov edi,eax
xor eax,eax
push ebp
push 004d6e92
push dword ptr fs:[eax]
move dword ptr fs:[eax],esp
==============================
0040462C
xor ecx,ecx
test edx,edx
je 00404637
move ecx,dword ptr [edx-04]
shr ecx,1
=================================
00404637
jmp 00404500
ret
================================
00404500
push ebx
push esi
push edi
push ebp
add esp,fffff004
push eax
add esp,fffffffc
mov esi,ecx
mov dword ptr [esp],edx
mov edi,eax
test esi,esi
jp 00404522
mov eax,edi
call oo4o43a4
jmp 00404581
===============================
00404522
lea ebp,dword ptr [esi+01]
cmp ebp,000007ff
jpe 00404555
push esi
lea eax,dword ptr [esp+08]
mov ecx,dword ptr [esp+04]
mov edx,00000fff
call 004044c4
mov ebx,eax
test ebx,ebx
jl 00404555
lea edx,dword ptr [esp+04]
mov eax,edi
mov ecx,ebx
call 00404494
jmp 00404581
==============================
00404555
mov ebx,ebp
add ebx,ebp
mov eax,edi
mov edx,ebx
call 004049f0
push esi
mov eax,dword ptr [edi]
mov ecx,dword ptr [esp+04]
mov edx,ebx
call 004044c4
mov ebx,eax
test ebx,ebx
jge 00404578
xor ebx,ebx
=============================
00404578
mov eax,edi
mov edx,ebx
call 004049f0...........不知道哪位高手能告诉我这是什么算法,我对Delphi知之甚少,C#还凑合一点,希望大富翁高手们能够给小弟指教一二,谢谢

解决方案 »

免费领取超大流量手机卡，每月29元包185G流量+100分钟通话, 中国电信官方发货

你这种写法，很难看出来啥算法，建议用peid的算法库插件扫一扫（不准）
或者拿ida看看
谢谢以上各位的回复
刚开始在大富翁上面发的,后来我为了省事,直接复制了,不好意思
每个字符都是用四个大写的英文字母代替的,从dede出来的代码看加密应该是先取字符串中的每个字符,然后根据一个异或运算,异或出来的字符串在转换一下(应该是转大写).
不知道在Delphi中以下这几个是什么意思
<1>Reference to: System.@HandleFinally;
<2>System.@WStrCat(WideString;WideString;WideString);
是什么意思
@WStrCat 是宽字符的 StrCat 就是将两个字符串连接起来 <1>Reference to: System.@HandleFinally;  这是一个 Try finally end 中的 finally释放资源
从数据库中读取QuestionContent字段值,该字段是加密的,另外还有难度等级字段是加密的,还有一个字段是两个加密字段的签名字段,根据这两个加密字段值进行计算,得到签名字段值,用来判断难度等级和题干是否被篡改.
* Possible String Reference to: 'QuestionContent'
|
004E97A9   BAB09C4E00             mov     edx, $004E9CB0
004E97AE   8B06                   mov     eax, [esi]* Reference to: DB.TDataSet.FieldByName(TDataSet;AnsiString):TField;
|
004E97B0   E8CBB3FBFF             call    004A4B80
004E97B5   8D55D0                 lea     edx, [ebp-$30]
004E97B8   8B08                   mov     ecx, [eax]
004E97BA   FF5160                 call    dword ptr [ecx+$60]
004E97BD   8B55D0                 mov     edx, [ebp-$30]
004E97C0   8D45D4                 lea     eax, [ebp-$2C]* Reference to: System.@WStrFromLStr(WideString;WideString;String);
|
004E97C3   E874B4F1FF             call    00404C3C
004E97C8   8B45D4                 mov     eax, [ebp-$2C]
004E97CB   8D55D8                 lea     edx, [ebp-$28]* Reference to : TfrmPassWord._PROC_004D6CD0()//调用进行解密,
|
004E97CE   E8FDD4FEFF             call    004D6CD0
004E97D3   8B55D8                 mov     edx, [ebp-$28]
004E97D6   8D45DC                 lea     eax, [ebp-$24]* Reference to: System.@LStrFromWStr(String;String;WideString);
|
004E97D9   E84EAEF1FF             call    0040462C
004E97DE   8B45DC                 mov     eax, [ebp-$24]
004E97E1   50                     push    eax
004E97E2   8B03                   mov     eax, [ebx]* Possible String Reference to: 'QuestionContent'
|
004E97E4   BAB09C4E00             mov     edx, $004E9CB0
=======
下面继续
下面是解密的算法,中间好像签名验证算法
procedure TfrmPassWord._PROC_004D6CD0(Sender : TObject);
begin
(*
004D6CD0   55                     push    ebp
004D6CD1   8BEC                   mov     ebp, esp
004D6CD3   33C9                   xor     ecx, ecx
004D6CD5   51                     push    ecx
004D6CD6   51                     push    ecx
004D6CD7   51                     push    ecx
004D6CD8   51                     push    ecx
004D6CD9   51                     push    ecx
004D6CDA   51                     push    ecx
004D6CDB   51                     push    ecx
004D6CDC   53                     push    ebx
004D6CDD   56                     push    esi
004D6CDE   57                     push    edi
004D6CDF   8955FC                 mov     [ebp-$04], edx
004D6CE2   8BF8                   mov     edi, eax
004D6CE4   33C0                   xor     eax, eax
004D6CE6   55                     push    ebp
004D6CE7   68926E4D00             push    $004D6E92***** TRY
|
004D6CEC   64FF30                 push    dword ptr fs:[eax]
004D6CEF   648920                 mov     fs:[eax], esp* Possible String Reference to: '$0101'
|
004D6CF2   B8A86E4D00             mov     eax, $004D6EA8* Reference to: SysUtils.StrToInt(AnsiString):Integer;
|
004D6CF7   E82C24F3FF             call    00409128
004D6CFC   668945F0               mov     [ebp-$10], ax* Possible String Reference to: '$2E2E'
|
004D6D00   B8B86E4D00             mov     eax, $004D6EB8* Reference to: SysUtils.StrToInt(AnsiString):Integer;
|
004D6D05   E81E24F3FF             call    00409128
004D6D0A   668945F2               mov     [ebp-$0E], ax* Possible String Reference to: '$6E6E'
|
004D6D0E   B8C86E4D00             mov     eax, $004D6EC8* Reference to: SysUtils.StrToInt(AnsiString):Integer;
|
004D6D13   E81024F3FF             call    00409128
004D6D18   668945F4               mov     [ebp-$0C], ax* Possible String Reference to: '$6D6D'
|
004D6D1C   B8D86E4D00             mov     eax, $004D6ED8* Reference to: SysUtils.StrToInt(AnsiString):Integer;
|
004D6D21   E80224F3FF             call    00409128
004D6D26   668945F6               mov     [ebp-$0A], ax
004D6D2A   8BC7                   mov     eax, edi* Reference to: System.@WStrLen(WideString):Integer;
|
004D6D2C   E82BDFF2FF             call    00404C5C
004D6D31   2503000080             and     eax, $80000003
004D6D36   7905                   jns     004D6D3D
004D6D38   48                     dec     eax
004D6D39   83C8FC                 or      eax, -$04
004D6D3C   40                     inc     eax
004D6D3D   85C0                   test    eax, eax
004D6D3F   741A                   jz      004D6D5B
004D6D41   6A00                   push    $00
004D6D43   668B0DE06E4D00         mov     cx, word ptr [$004D6EE0]
004D6D4A   B202                   mov     dl, $02* Possible String Reference to: '密文错误！'
|
004D6D4C   B8EC6E4D00             mov     eax, $004D6EEC|
004D6D51   E896F7F5FF             call    004364EC
004D6D56   E914010000             jmp     004D6E6F
004D6D5B   8D45F8                 lea     eax, [ebp-$08]* Reference to: System.@WStrClr(void;void);
|
004D6D5E   E84DDDF2FF             call    00404AB0
004D6D63   8BC7                   mov     eax, edi* Reference to: System.@WStrLen(WideString):Integer;
|
004D6D65   E8F2DEF2FF             call    00404C5C
004D6D6A   8BF0                   mov     esi, eax
004D6D6C   85F6                   test    esi, esi
004D6D6E   7903                   jns     004D6D73
004D6D70   83C603                 add     esi, +$03
004D6D73   C1FE02                 sar     esi, $02
004D6D76   4E                     dec     esi
004D6D77   85F6                   test    esi, esi
004D6D79   7C67                   jl      004D6DE2
004D6D7B   46                     inc     esi
004D6D7C   33DB                   xor     ebx, ebx
004D6D7E   8BC3                   mov     eax, ebx
004D6D80   C1E002                 shl     eax, $02
004D6D83   668B0447               mov     ax, word ptr [edi+eax*2]
004D6D87   6683E841               sub     ax, +$41
004D6D8B   666BC01A               imul    ax, ax, $1A
004D6D8F   8BD3                   mov     edx, ebx
004D6D91   C1E202                 shl     edx, $02
004D6D94   668B545702             mov     dx, word ptr [edi+edx*2+$02]
004D6D99   6683EA41               sub     dx, +$41
004D6D9D   6603C2                 add     ax, dx
004D6DA0   8BD0                   mov     edx, eax
004D6DA2   C1E208                 shl     edx, $08
004D6DA5   8BC3                   mov     eax, ebx
004D6DA7   C1E002                 shl     eax, $02
004D6DAA   668B444704             mov     ax, word ptr [edi+eax*2+$04]
004D6DAF   6683E841               sub     ax, +$41
004D6DB3   666BC01A               imul    ax, ax, $1A
004D6DB7   6603D0                 add     dx, ax
004D6DBA   8BC3                   mov     eax, ebx
004D6DBC   C1E002                 shl     eax, $02
004D6DBF   668B444706             mov     ax, word ptr [edi+eax*2+$06]
004D6DC4   6683E841               sub     ax, +$41
004D6DC8   6603D0                 add     dx, ax
004D6DCB   8D45EC                 lea     eax, [ebp-$14]因为字符过多,下面继续004D6CD0函数
接上面004D6CD0函数
* Reference to: System.@LStrFromChar(String;String;Char);
|           or: System.@LStrFromWChar(String;String;WideChar);
|           or: System.@WStrFromChar(WideString;WideString;Char);
|           or: System.@WStrFromWChar(WideString;WideString;WideChar);
|
004D6DCE   E8EDDDF2FF             call    00404BC0
004D6DD3   8B55EC                 mov     edx, [ebp-$14]
004D6DD6   8D45F8                 lea     eax, [ebp-$08]* Reference to: System.@WStrCat(WideString;WideString;WideString);
|
004D6DD9   E88ADEF2FF             call    00404C68
004D6DDE   43                     inc     ebx
004D6DDF   4E                     dec     esi
004D6DE0   759C                   jnz     004D6D7E
004D6DE2   8B45FC                 mov     eax, [ebp-$04]* Reference to: System.@WStrClr(void;void);
|
004D6DE5   E8C6DCF2FF             call    00404AB0
004D6DEA   BF01000000             mov     edi, $00000001
004D6DEF   8B45F8                 mov     eax, [ebp-$08]* Reference to: System.@WStrLen(WideString):Integer;
|
004D6DF2   E865DEF2FF             call    00404C5C
004D6DF7   8BF0                   mov     esi, eax
004D6DF9   85F6                   test    esi, esi
004D6DFB   7E72                   jle     004D6E6F
004D6DFD   BB01000000             mov     ebx, $00000001
004D6E02   8B45F8                 mov     eax, [ebp-$08]
004D6E05   0FB74458FE             movzx   eax, word ptr [eax+ebx*2-$02]
004D6E0A   0FB7547DEE             movzx   edx, word ptr [ebp+edi*2-$12]
004D6E0F   2BC2                   sub     eax, edx
004D6E11   85C0                   test    eax, eax
004D6E13   7E28                   jle     004D6E3D
004D6E15   8D45E8                 lea     eax, [ebp-$18]
004D6E18   8B55F8                 mov     edx, [ebp-$08]
004D6E1B   668B545AFE             mov     dx, word ptr [edx+ebx*2-$02]
004D6E20   668B4C7DEE             mov     cx, word ptr [ebp+edi*2-$12]
004D6E25   662BD1                 sub     dx, cx* Reference to: System.@LStrFromChar(String;String;Char);
|           or: System.@LStrFromWChar(String;String;WideChar);
|           or: System.@WStrFromChar(WideString;WideString;Char);
|           or: System.@WStrFromWChar(WideString;WideString;WideChar);
|
004D6E28   E893DDF2FF             call    00404BC0
004D6E2D   8B55E8                 mov     edx, [ebp-$18]
004D6E30   8B45FC                 mov     eax, [ebp-$04]* Reference to: System.@WStrCat(WideString;WideString;WideString);
|
004D6E33   E830DEF2FF             call    00404C68
004D6E38   8B45FC                 mov     eax, [ebp-$04]
004D6E3B   EB26                   jmp     004D6E63
004D6E3D   8D45E4                 lea     eax, [ebp-$1C]
004D6E40   8B55F8                 mov     edx, [ebp-$08]
004D6E43   668B545AFE             mov     dx, word ptr [edx+ebx*2-$02]
004D6E48   668B4C7DEE             mov     cx, word ptr [ebp+edi*2-$12]
004D6E4D   662BD1                 sub     dx, cx* Reference to: System.@LStrFromChar(String;String;Char);
|           or: System.@LStrFromWChar(String;String;WideChar);
|           or: System.@WStrFromChar(WideString;WideString;Char);
|           or: System.@WStrFromWChar(WideString;WideString;WideChar);
|
004D6E50   E86BDDF2FF             call    00404BC0
004D6E55   8B55E4                 mov     edx, [ebp-$1C]
004D6E58   8B45FC                 mov     eax, [ebp-$04]* Reference to: System.@WStrCat(WideString;WideString;WideString);
|
004D6E5B   E808DEF2FF             call    00404C68
004D6E60   8B45FC                 mov     eax, [ebp-$04]
004D6E63   83FF04                 cmp     edi, +$04
004D6E66   7502                   jnz     004D6E6A
004D6E68   33FF                   xor     edi, edi
004D6E6A   47                     inc     edi
004D6E6B   43                     inc     ebx
004D6E6C   4E                     dec     esi
004D6E6D   7593                   jnz     004D6E02
004D6E6F   33C0                   xor     eax, eax
004D6E71   5A                     pop     edx
004D6E72   59                     pop     ecx
004D6E73   59                     pop     ecx
004D6E74   648910                 mov     fs:[eax], edx****** FINALLY
|
004D6E77   68996E4D00             push    $004D6E99
004D6E7C   8D45E4                 lea     eax, [ebp-$1C]
004D6E7F   BA03000000             mov     edx, $00000003* Reference to: System.@WStrArrayClr(void;void;Integer);
|
004D6E84   E83FDCF2FF             call    00404AC8
004D6E89   8D45F8                 lea     eax, [ebp-$08]* Reference to: System.@WStrClr(void;void);
|
004D6E8C   E81FDCF2FF             call    00404AB0
004D6E91   C3                     ret
* Reference to: System.@HandleFinally;
|
004D6E92   E9ADCDF2FF             jmp     00403C44
004D6E97   EBE3                   jmp     004D6E7C****** END
|
004D6E99   5F                     pop     edi
004D6E9A   5E                     pop     esi
004D6E9B   5B                     pop     ebx
004D6E9C   8BE5                   mov     esp, ebp
004D6E9E   5D                     pop     ebp
004D6E9F   C3                     ret*)
end;
================================================
以上就是完整的解密函数,不知道有没有人愿意给我指点一下,汇编基本不懂,Delphi更是没有碰过,
要是能帮我写出c#的算法就更好了,呵呵