我工作所在的系统下发了一个考试系统,因为我们自己也需要练习,但是他们提供的考试系统无法进行练习,我需要自己做一个考试系统,后来发现题库中的题干和难度系数都被加密了,密文全部是大写的英文字母,比如密文:ABBXBUDOEGGH表示0.1,英文字母不定长
==============================================
dede出来的关于解密部分的代码如下:
* Possible String Reference to: 'QuestionContent'
|
004E97A9 BAB09C4E00 mov edx, $004E9CB0
004E97AE 8B06 mov eax, [esi]* Reference to: DB.TDataSet.FieldByName(TDataSet;AnsiString):TField;
|
004E97B0 E8CBB3FBFF call 004A4B80
004E97B5 8D55D0 lea edx, [ebp-$30]
004E97B8 8B08 mov ecx, [eax]
004E97BA FF5160 call dword ptr [ecx+$60]
004E97BD 8B55D0 mov edx, [ebp-$30]
004E97C0 8D45D4 lea eax, [ebp-$2C]* Reference to: System.@WStrFromLStr(WideString;WideString;String);
|
004E97C3 E874B4F1FF call 00404C3C
004E97C8 8B45D4 mov eax, [ebp-$2C]
004E97CB 8D55D8 lea edx, [ebp-$28]* Reference to : TfrmPassWord._PROC_004D6CD0()
|
004E97CE E8FDD4FEFF call 004D6CD0
004E97D3 8B55D8 mov edx, [ebp-$28]
004E97D6 8D45DC lea eax, [ebp-$24]* Reference to: System.@LStrFromWStr(String;String;WideString);
|
004E97D9 E84EAEF1FF call 0040462C
004E97DE 8B45DC mov eax, [ebp-$24]
004E97E1 50 push eax
004E97E2 8B03 mov eax, [ebx]* Possible String Reference to: 'QuestionContent'
|
004E97E4 BAB09C4E00 mov edx, $004E9CB0
============================================================
TfrmPassWord._PROC_004D6CD0(Sender : TObject);代码如下:
procedure TfrmPassWord._PROC_004D6CD0(Sender : TObject);
begin
(*
004D6CD0 55 push ebp
004D6CD1 8BEC mov ebp, esp
004D6CD3 33C9 xor ecx, ecx
004D6CD5 51 push ecx
004D6CD6 51 push ecx
004D6CD7 51 push ecx
004D6CD8 51 push ecx
004D6CD9 51 push ecx
004D6CDA 51 push ecx
004D6CDB 51 push ecx
004D6CDC 53 push ebx
004D6CDD 56 push esi
004D6CDE 57 push edi
004D6CDF 8955FC mov [ebp-$04], edx
004D6CE2 8BF8 mov edi, eax
004D6CE4 33C0 xor eax, eax
004D6CE6 55 push ebp
004D6CE7 68926E4D00 push $004D6E92
===============================================================
反汇编出来的关于解密的代码如下:
CALL Server.004A4B80
POP EDX
MOV ECX,DWORD PTR DS:[EAX]
CALL NEAR DWORD PTR DS:[ECX+B0]
MOV EDX,Server.00508C1C ; questioncontent
MOV EAX,EBX
CALL Server.004A4B80
LEA EDX,DWORD PTR SS:[EBP-58]
MOV ECX,DWORD PTR DS:[EAX]
CALL NEAR DWORD PTR DS:[ECX+60]
MOV EAX,DWORD PTR SS:[EBP-58]
LEA EDX,DWORD PTR SS:[EBP-54]
CALL Server.00408C84
MOV EDX,DWORD PTR SS:[EBP-54]
LEA EAX,DWORD PTR SS:[EBP-50]
CALL Server.00404C3C
MOV EAX,DWORD PTR SS:[EBP-50]
LEA EDX,DWORD PTR SS:[EBP-4C]
CALL Server.004D6CD0
MOV EDX,DWORD PTR SS:[EBP-4C]
LEA EAX,DWORD PTR SS:[EBP-48]
CALL Server.0040462C
MOV EAX,DWORD PTR SS:[EBP-48]
PUSH EAX
MOV EAX,DWORD PTR DS:[ESI]
MOV EDX,Server.00508C1C ; questioncontent
===================================
00404c3c
xor ecx,ecx
test edx,edx
je 00404c45
mov ecx,dword ptr[edx-04]
===================================
00404c45
jmp 00404b10
ret
=====================================
00404b10
push ebx
push esi
push edi
push sbp
add esp,fffff004
push eax
add esp,fffffffc
mov esi,ecx
mov dword ptr [esp],edx
mov edi,eax
test esi,esi
jg 00404ab0
jmp 00404b8f
==============================
00404ab0
mov edx,dword ptr [eax]
test edx,edx
je 00404ac4
mov dword ptr [eax],00000000
push eax
push edx
================================
00404ac4
ret
lea eax,dword ptr [eax+00]
=============================
00404b8f
add esp,00001004
pop ebp
pop edi
pop esi
pop ebx
ret
=============================
004D6CD0
push ebp
mov ebp,esp
xor ecx,ecx
push ecx
push ecx
push ecx
push ecx
push ecx
push ecx
push ecx
push ebx
push esi
push edi
mov dword ptr [ebp-04],edx
mov edi,eax
xor eax,eax
push ebp
push 004d6e92
push dword ptr fs:[eax]
move dword ptr fs:[eax],esp
==============================
0040462C
xor ecx,ecx
test edx,edx
je 00404637
move ecx,dword ptr [edx-04]
shr ecx,1
=================================
00404637
jmp 00404500
ret
================================
00404500
push ebx
push esi
push edi
push ebp
add esp,fffff004
push eax
add esp,fffffffc
mov esi,ecx
mov dword ptr [esp],edx
mov edi,eax
test esi,esi
jp 00404522
mov eax,edi
call oo4o43a4
jmp 00404581
===============================
00404522
lea ebp,dword ptr [esi+01]
cmp ebp,000007ff
jpe 00404555
push esi
lea eax,dword ptr [esp+08]
mov ecx,dword ptr [esp+04]
mov edx,00000fff
call 004044c4
mov ebx,eax
test ebx,ebx
jl 00404555
lea edx,dword ptr [esp+04]
mov eax,edi
mov ecx,ebx
call 00404494
jmp 00404581
==============================
00404555
mov ebx,ebp
add ebx,ebp
mov eax,edi
mov edx,ebx
call 004049f0
push esi
mov eax,dword ptr [edi]
mov ecx,dword ptr [esp+04]
mov edx,ebx
call 004044c4
mov ebx,eax
test ebx,ebx
jge 00404578
xor ebx,ebx
=============================
00404578
mov eax,edi
mov edx,ebx
call 004049f0...........不知道哪位高手能告诉我这是什么算法,我对Delphi知之甚少,C#还凑合一点,希望大富翁高手们能够给小弟指教一二,谢谢
==============================================
dede出来的关于解密部分的代码如下:
* Possible String Reference to: 'QuestionContent'
|
004E97A9 BAB09C4E00 mov edx, $004E9CB0
004E97AE 8B06 mov eax, [esi]* Reference to: DB.TDataSet.FieldByName(TDataSet;AnsiString):TField;
|
004E97B0 E8CBB3FBFF call 004A4B80
004E97B5 8D55D0 lea edx, [ebp-$30]
004E97B8 8B08 mov ecx, [eax]
004E97BA FF5160 call dword ptr [ecx+$60]
004E97BD 8B55D0 mov edx, [ebp-$30]
004E97C0 8D45D4 lea eax, [ebp-$2C]* Reference to: System.@WStrFromLStr(WideString;WideString;String);
|
004E97C3 E874B4F1FF call 00404C3C
004E97C8 8B45D4 mov eax, [ebp-$2C]
004E97CB 8D55D8 lea edx, [ebp-$28]* Reference to : TfrmPassWord._PROC_004D6CD0()
|
004E97CE E8FDD4FEFF call 004D6CD0
004E97D3 8B55D8 mov edx, [ebp-$28]
004E97D6 8D45DC lea eax, [ebp-$24]* Reference to: System.@LStrFromWStr(String;String;WideString);
|
004E97D9 E84EAEF1FF call 0040462C
004E97DE 8B45DC mov eax, [ebp-$24]
004E97E1 50 push eax
004E97E2 8B03 mov eax, [ebx]* Possible String Reference to: 'QuestionContent'
|
004E97E4 BAB09C4E00 mov edx, $004E9CB0
============================================================
TfrmPassWord._PROC_004D6CD0(Sender : TObject);代码如下:
procedure TfrmPassWord._PROC_004D6CD0(Sender : TObject);
begin
(*
004D6CD0 55 push ebp
004D6CD1 8BEC mov ebp, esp
004D6CD3 33C9 xor ecx, ecx
004D6CD5 51 push ecx
004D6CD6 51 push ecx
004D6CD7 51 push ecx
004D6CD8 51 push ecx
004D6CD9 51 push ecx
004D6CDA 51 push ecx
004D6CDB 51 push ecx
004D6CDC 53 push ebx
004D6CDD 56 push esi
004D6CDE 57 push edi
004D6CDF 8955FC mov [ebp-$04], edx
004D6CE2 8BF8 mov edi, eax
004D6CE4 33C0 xor eax, eax
004D6CE6 55 push ebp
004D6CE7 68926E4D00 push $004D6E92
===============================================================
反汇编出来的关于解密的代码如下:
CALL Server.004A4B80
POP EDX
MOV ECX,DWORD PTR DS:[EAX]
CALL NEAR DWORD PTR DS:[ECX+B0]
MOV EDX,Server.00508C1C ; questioncontent
MOV EAX,EBX
CALL Server.004A4B80
LEA EDX,DWORD PTR SS:[EBP-58]
MOV ECX,DWORD PTR DS:[EAX]
CALL NEAR DWORD PTR DS:[ECX+60]
MOV EAX,DWORD PTR SS:[EBP-58]
LEA EDX,DWORD PTR SS:[EBP-54]
CALL Server.00408C84
MOV EDX,DWORD PTR SS:[EBP-54]
LEA EAX,DWORD PTR SS:[EBP-50]
CALL Server.00404C3C
MOV EAX,DWORD PTR SS:[EBP-50]
LEA EDX,DWORD PTR SS:[EBP-4C]
CALL Server.004D6CD0
MOV EDX,DWORD PTR SS:[EBP-4C]
LEA EAX,DWORD PTR SS:[EBP-48]
CALL Server.0040462C
MOV EAX,DWORD PTR SS:[EBP-48]
PUSH EAX
MOV EAX,DWORD PTR DS:[ESI]
MOV EDX,Server.00508C1C ; questioncontent
===================================
00404c3c
xor ecx,ecx
test edx,edx
je 00404c45
mov ecx,dword ptr[edx-04]
===================================
00404c45
jmp 00404b10
ret
=====================================
00404b10
push ebx
push esi
push edi
push sbp
add esp,fffff004
push eax
add esp,fffffffc
mov esi,ecx
mov dword ptr [esp],edx
mov edi,eax
test esi,esi
jg 00404ab0
jmp 00404b8f
==============================
00404ab0
mov edx,dword ptr [eax]
test edx,edx
je 00404ac4
mov dword ptr [eax],00000000
push eax
push edx
================================
00404ac4
ret
lea eax,dword ptr [eax+00]
=============================
00404b8f
add esp,00001004
pop ebp
pop edi
pop esi
pop ebx
ret
=============================
004D6CD0
push ebp
mov ebp,esp
xor ecx,ecx
push ecx
push ecx
push ecx
push ecx
push ecx
push ecx
push ecx
push ebx
push esi
push edi
mov dword ptr [ebp-04],edx
mov edi,eax
xor eax,eax
push ebp
push 004d6e92
push dword ptr fs:[eax]
move dword ptr fs:[eax],esp
==============================
0040462C
xor ecx,ecx
test edx,edx
je 00404637
move ecx,dword ptr [edx-04]
shr ecx,1
=================================
00404637
jmp 00404500
ret
================================
00404500
push ebx
push esi
push edi
push ebp
add esp,fffff004
push eax
add esp,fffffffc
mov esi,ecx
mov dword ptr [esp],edx
mov edi,eax
test esi,esi
jp 00404522
mov eax,edi
call oo4o43a4
jmp 00404581
===============================
00404522
lea ebp,dword ptr [esi+01]
cmp ebp,000007ff
jpe 00404555
push esi
lea eax,dword ptr [esp+08]
mov ecx,dword ptr [esp+04]
mov edx,00000fff
call 004044c4
mov ebx,eax
test ebx,ebx
jl 00404555
lea edx,dword ptr [esp+04]
mov eax,edi
mov ecx,ebx
call 00404494
jmp 00404581
==============================
00404555
mov ebx,ebp
add ebx,ebp
mov eax,edi
mov edx,ebx
call 004049f0
push esi
mov eax,dword ptr [edi]
mov ecx,dword ptr [esp+04]
mov edx,ebx
call 004044c4
mov ebx,eax
test ebx,ebx
jge 00404578
xor ebx,ebx
=============================
00404578
mov eax,edi
mov edx,ebx
call 004049f0...........不知道哪位高手能告诉我这是什么算法,我对Delphi知之甚少,C#还凑合一点,希望大富翁高手们能够给小弟指教一二,谢谢
或者拿ida看看
刚开始在大富翁上面发的,后来我为了省事,直接复制了,不好意思
每个字符都是用四个大写的英文字母代替的,从dede出来的代码看加密应该是先取字符串中的每个字符,然后根据一个异或运算,异或出来的字符串在转换一下(应该是转大写).
不知道在Delphi中以下这几个是什么意思
<1>Reference to: System.@HandleFinally;
<2>System.@WStrCat(WideString;WideString;WideString);
是什么意思
* Possible String Reference to: 'QuestionContent'
|
004E97A9 BAB09C4E00 mov edx, $004E9CB0
004E97AE 8B06 mov eax, [esi]* Reference to: DB.TDataSet.FieldByName(TDataSet;AnsiString):TField;
|
004E97B0 E8CBB3FBFF call 004A4B80
004E97B5 8D55D0 lea edx, [ebp-$30]
004E97B8 8B08 mov ecx, [eax]
004E97BA FF5160 call dword ptr [ecx+$60]
004E97BD 8B55D0 mov edx, [ebp-$30]
004E97C0 8D45D4 lea eax, [ebp-$2C]* Reference to: System.@WStrFromLStr(WideString;WideString;String);
|
004E97C3 E874B4F1FF call 00404C3C
004E97C8 8B45D4 mov eax, [ebp-$2C]
004E97CB 8D55D8 lea edx, [ebp-$28]* Reference to : TfrmPassWord._PROC_004D6CD0()//调用进行解密,
|
004E97CE E8FDD4FEFF call 004D6CD0
004E97D3 8B55D8 mov edx, [ebp-$28]
004E97D6 8D45DC lea eax, [ebp-$24]* Reference to: System.@LStrFromWStr(String;String;WideString);
|
004E97D9 E84EAEF1FF call 0040462C
004E97DE 8B45DC mov eax, [ebp-$24]
004E97E1 50 push eax
004E97E2 8B03 mov eax, [ebx]* Possible String Reference to: 'QuestionContent'
|
004E97E4 BAB09C4E00 mov edx, $004E9CB0
=======
下面继续
procedure TfrmPassWord._PROC_004D6CD0(Sender : TObject);
begin
(*
004D6CD0 55 push ebp
004D6CD1 8BEC mov ebp, esp
004D6CD3 33C9 xor ecx, ecx
004D6CD5 51 push ecx
004D6CD6 51 push ecx
004D6CD7 51 push ecx
004D6CD8 51 push ecx
004D6CD9 51 push ecx
004D6CDA 51 push ecx
004D6CDB 51 push ecx
004D6CDC 53 push ebx
004D6CDD 56 push esi
004D6CDE 57 push edi
004D6CDF 8955FC mov [ebp-$04], edx
004D6CE2 8BF8 mov edi, eax
004D6CE4 33C0 xor eax, eax
004D6CE6 55 push ebp
004D6CE7 68926E4D00 push $004D6E92***** TRY
|
004D6CEC 64FF30 push dword ptr fs:[eax]
004D6CEF 648920 mov fs:[eax], esp* Possible String Reference to: '$0101'
|
004D6CF2 B8A86E4D00 mov eax, $004D6EA8* Reference to: SysUtils.StrToInt(AnsiString):Integer;
|
004D6CF7 E82C24F3FF call 00409128
004D6CFC 668945F0 mov [ebp-$10], ax* Possible String Reference to: '$2E2E'
|
004D6D00 B8B86E4D00 mov eax, $004D6EB8* Reference to: SysUtils.StrToInt(AnsiString):Integer;
|
004D6D05 E81E24F3FF call 00409128
004D6D0A 668945F2 mov [ebp-$0E], ax* Possible String Reference to: '$6E6E'
|
004D6D0E B8C86E4D00 mov eax, $004D6EC8* Reference to: SysUtils.StrToInt(AnsiString):Integer;
|
004D6D13 E81024F3FF call 00409128
004D6D18 668945F4 mov [ebp-$0C], ax* Possible String Reference to: '$6D6D'
|
004D6D1C B8D86E4D00 mov eax, $004D6ED8* Reference to: SysUtils.StrToInt(AnsiString):Integer;
|
004D6D21 E80224F3FF call 00409128
004D6D26 668945F6 mov [ebp-$0A], ax
004D6D2A 8BC7 mov eax, edi* Reference to: System.@WStrLen(WideString):Integer;
|
004D6D2C E82BDFF2FF call 00404C5C
004D6D31 2503000080 and eax, $80000003
004D6D36 7905 jns 004D6D3D
004D6D38 48 dec eax
004D6D39 83C8FC or eax, -$04
004D6D3C 40 inc eax
004D6D3D 85C0 test eax, eax
004D6D3F 741A jz 004D6D5B
004D6D41 6A00 push $00
004D6D43 668B0DE06E4D00 mov cx, word ptr [$004D6EE0]
004D6D4A B202 mov dl, $02* Possible String Reference to: '密文错误!'
|
004D6D4C B8EC6E4D00 mov eax, $004D6EEC|
004D6D51 E896F7F5FF call 004364EC
004D6D56 E914010000 jmp 004D6E6F
004D6D5B 8D45F8 lea eax, [ebp-$08]* Reference to: System.@WStrClr(void;void);
|
004D6D5E E84DDDF2FF call 00404AB0
004D6D63 8BC7 mov eax, edi* Reference to: System.@WStrLen(WideString):Integer;
|
004D6D65 E8F2DEF2FF call 00404C5C
004D6D6A 8BF0 mov esi, eax
004D6D6C 85F6 test esi, esi
004D6D6E 7903 jns 004D6D73
004D6D70 83C603 add esi, +$03
004D6D73 C1FE02 sar esi, $02
004D6D76 4E dec esi
004D6D77 85F6 test esi, esi
004D6D79 7C67 jl 004D6DE2
004D6D7B 46 inc esi
004D6D7C 33DB xor ebx, ebx
004D6D7E 8BC3 mov eax, ebx
004D6D80 C1E002 shl eax, $02
004D6D83 668B0447 mov ax, word ptr [edi+eax*2]
004D6D87 6683E841 sub ax, +$41
004D6D8B 666BC01A imul ax, ax, $1A
004D6D8F 8BD3 mov edx, ebx
004D6D91 C1E202 shl edx, $02
004D6D94 668B545702 mov dx, word ptr [edi+edx*2+$02]
004D6D99 6683EA41 sub dx, +$41
004D6D9D 6603C2 add ax, dx
004D6DA0 8BD0 mov edx, eax
004D6DA2 C1E208 shl edx, $08
004D6DA5 8BC3 mov eax, ebx
004D6DA7 C1E002 shl eax, $02
004D6DAA 668B444704 mov ax, word ptr [edi+eax*2+$04]
004D6DAF 6683E841 sub ax, +$41
004D6DB3 666BC01A imul ax, ax, $1A
004D6DB7 6603D0 add dx, ax
004D6DBA 8BC3 mov eax, ebx
004D6DBC C1E002 shl eax, $02
004D6DBF 668B444706 mov ax, word ptr [edi+eax*2+$06]
004D6DC4 6683E841 sub ax, +$41
004D6DC8 6603D0 add dx, ax
004D6DCB 8D45EC lea eax, [ebp-$14]因为字符过多,下面继续004D6CD0函数
* Reference to: System.@LStrFromChar(String;String;Char);
| or: System.@LStrFromWChar(String;String;WideChar);
| or: System.@WStrFromChar(WideString;WideString;Char);
| or: System.@WStrFromWChar(WideString;WideString;WideChar);
|
004D6DCE E8EDDDF2FF call 00404BC0
004D6DD3 8B55EC mov edx, [ebp-$14]
004D6DD6 8D45F8 lea eax, [ebp-$08]* Reference to: System.@WStrCat(WideString;WideString;WideString);
|
004D6DD9 E88ADEF2FF call 00404C68
004D6DDE 43 inc ebx
004D6DDF 4E dec esi
004D6DE0 759C jnz 004D6D7E
004D6DE2 8B45FC mov eax, [ebp-$04]* Reference to: System.@WStrClr(void;void);
|
004D6DE5 E8C6DCF2FF call 00404AB0
004D6DEA BF01000000 mov edi, $00000001
004D6DEF 8B45F8 mov eax, [ebp-$08]* Reference to: System.@WStrLen(WideString):Integer;
|
004D6DF2 E865DEF2FF call 00404C5C
004D6DF7 8BF0 mov esi, eax
004D6DF9 85F6 test esi, esi
004D6DFB 7E72 jle 004D6E6F
004D6DFD BB01000000 mov ebx, $00000001
004D6E02 8B45F8 mov eax, [ebp-$08]
004D6E05 0FB74458FE movzx eax, word ptr [eax+ebx*2-$02]
004D6E0A 0FB7547DEE movzx edx, word ptr [ebp+edi*2-$12]
004D6E0F 2BC2 sub eax, edx
004D6E11 85C0 test eax, eax
004D6E13 7E28 jle 004D6E3D
004D6E15 8D45E8 lea eax, [ebp-$18]
004D6E18 8B55F8 mov edx, [ebp-$08]
004D6E1B 668B545AFE mov dx, word ptr [edx+ebx*2-$02]
004D6E20 668B4C7DEE mov cx, word ptr [ebp+edi*2-$12]
004D6E25 662BD1 sub dx, cx* Reference to: System.@LStrFromChar(String;String;Char);
| or: System.@LStrFromWChar(String;String;WideChar);
| or: System.@WStrFromChar(WideString;WideString;Char);
| or: System.@WStrFromWChar(WideString;WideString;WideChar);
|
004D6E28 E893DDF2FF call 00404BC0
004D6E2D 8B55E8 mov edx, [ebp-$18]
004D6E30 8B45FC mov eax, [ebp-$04]* Reference to: System.@WStrCat(WideString;WideString;WideString);
|
004D6E33 E830DEF2FF call 00404C68
004D6E38 8B45FC mov eax, [ebp-$04]
004D6E3B EB26 jmp 004D6E63
004D6E3D 8D45E4 lea eax, [ebp-$1C]
004D6E40 8B55F8 mov edx, [ebp-$08]
004D6E43 668B545AFE mov dx, word ptr [edx+ebx*2-$02]
004D6E48 668B4C7DEE mov cx, word ptr [ebp+edi*2-$12]
004D6E4D 662BD1 sub dx, cx* Reference to: System.@LStrFromChar(String;String;Char);
| or: System.@LStrFromWChar(String;String;WideChar);
| or: System.@WStrFromChar(WideString;WideString;Char);
| or: System.@WStrFromWChar(WideString;WideString;WideChar);
|
004D6E50 E86BDDF2FF call 00404BC0
004D6E55 8B55E4 mov edx, [ebp-$1C]
004D6E58 8B45FC mov eax, [ebp-$04]* Reference to: System.@WStrCat(WideString;WideString;WideString);
|
004D6E5B E808DEF2FF call 00404C68
004D6E60 8B45FC mov eax, [ebp-$04]
004D6E63 83FF04 cmp edi, +$04
004D6E66 7502 jnz 004D6E6A
004D6E68 33FF xor edi, edi
004D6E6A 47 inc edi
004D6E6B 43 inc ebx
004D6E6C 4E dec esi
004D6E6D 7593 jnz 004D6E02
004D6E6F 33C0 xor eax, eax
004D6E71 5A pop edx
004D6E72 59 pop ecx
004D6E73 59 pop ecx
004D6E74 648910 mov fs:[eax], edx****** FINALLY
|
004D6E77 68996E4D00 push $004D6E99
004D6E7C 8D45E4 lea eax, [ebp-$1C]
004D6E7F BA03000000 mov edx, $00000003* Reference to: System.@WStrArrayClr(void;void;Integer);
|
004D6E84 E83FDCF2FF call 00404AC8
004D6E89 8D45F8 lea eax, [ebp-$08]* Reference to: System.@WStrClr(void;void);
|
004D6E8C E81FDCF2FF call 00404AB0
004D6E91 C3 ret
* Reference to: System.@HandleFinally;
|
004D6E92 E9ADCDF2FF jmp 00403C44
004D6E97 EBE3 jmp 004D6E7C****** END
|
004D6E99 5F pop edi
004D6E9A 5E pop esi
004D6E9B 5B pop ebx
004D6E9C 8BE5 mov esp, ebp
004D6E9E 5D pop ebp
004D6E9F C3 ret*)
end;
================================================
以上就是完整的解密函数,不知道有没有人愿意给我指点一下,汇编基本不懂,Delphi更是没有碰过,
要是能帮我写出c#的算法就更好了,呵呵