signed int __cdecl sub_100010C2(); signed int __cdecl sub_10001173(); char *__cdecl sub_1000124B(); int __cdecl sub_10001255(); int __cdecl sub_1000125F(int a1); int __cdecl sub_1000126C(); int __cdecl sub_10001276(int a1); int __cdecl sub_10001283(); bool __cdecl sub_10001320(unsigned int a1); signed int __cdecl sub_1000135F(int a1); signed int __cdecl sub_1000144D(int a1, int a2, int a3); int __cdecl sub_100015B0(); int __cdecl sub_100015BA(unsigned int a1); int __cdecl sub_1000163A(int a1, int a2, int a3); signed int __cdecl sub_1000165F(); signed int __cdecl sub_10001683(); int __cdecl sub_100016EF(HWND hWnd, LPPOINT lpPoint, int a3); // idb UINT __cdecl sub_1000174D(__int16 a1); signed int __cdecl sub_10001799(UINT uCode, int a2, int a3); // idb signed int __cdecl sub_10001940(int a1, int a2, int a3, signed int a4, int a5, int a6, int a7, int a8, int a9, signed int a10); void *__cdecl sub_10001BAC(int a1, UINT uCode, HWND hWnd); // idb signed int __stdcall ImeInquire(int a1, char *Dest, int a3); // idb signed int __stdcall ImeConfigure(int a1, HWND hWnd, int a3, int a4); // idb int __stdcall ImeConversionList(int a1, int a2, int a3, int a4, int a5); int __stdcall ImeDestroy(int a1); int __stdcall ImeEscape(int a1, int a2, int a3); //----- (1000165F) -------------------------------------------------------- signed int __cdecl sub_1000165F() { signed int result; // eax@2 if ( dword_10018E5C <= 0 ) { result = 0; } else { --dword_10018E5C; result = 1; } return result; }//----- (10001683) -------------------------------------------------------- signed int __cdecl sub_10001683() { signed int result; // eax@6 HWND v1; // eax@3 if ( dword_10017030 != 1 ) goto LABEL_10; if ( sub_10007AEC() ) { v1 = sub_10007AEC(); ShowWindow(v1, 0); } if ( dword_10018E60 < 1 && (unsigned int)dword_10018E34 <= 1 ) { LABEL_10: result = 0; } else { dword_10018DAC = 0; dword_10018DA8 = dword_10018DAC; dword_10018E34 = dword_10018DA8; dword_10018E60 = dword_10018E34; result = 1; } return result; }
这个工具不错啊,哪里有下,我是说那个HexRay ……
把前面的导出函数在h头文件里面声明下就行了,在cpp里面进行实现
fatal error C1083: Cannot open include file: 'defs.h': No such file or directory 是什么原因呢?
{
DWORD v4; // [sp+0h] [bp-4h]@1 v4 = fdwReason;
if ( fdwReason )
{
if ( v4 == 1 )
{
if ( !sub_10006D67() )
return 0;
hInstance = hinstDLL;
if ( !sub_10006AFF(hInstance) )
return 0;
sub_10003750();
}
}
else
{
sub_10006CE0();
sub_10003E87();
sub_100045A6();
}
return 1;
}
fatal error C1083: Cannot open include file: 'defs.h': No such file or directory
这个dll是在用VC++6.0写的
呵呵,刚刚没注意看,现在已经导出来了,可导出为的是.C文件,怎么才能做成.h 或.cpp这种呢?
IDA的HexRay组件还是很不错的,虽然代码还是很难读,但是比直接读汇编好多了
/* This file has been generated by the Hex-Rays decompiler.
Copyright (c) 2007 Hex-Rays sprl <[email protected]> Detected compiler: Visual C++
*/#include <windows.h>
#include <defs.h>
//-------------------------------------------------------------------------
// Data declarationsextern char byte_10007E1A[]; // idb
extern char aGfdsabvcxztrew[]; // idb
extern int dword_100142B8[]; // idb
extern char byte_10014307[]; // idb
extern char byte_10014340[]; // idb
extern char byte_10014364[]; // idb
extern char Str[]; // idb
extern char byte_10014394[]; // idb
extern char byte_100143A0[]; // idb
extern char byte_100143A1[]; // idb
extern char byte_100143B8[]; // idb
extern char byte_100143B9[]; // idb
extern char byte_100143D0[]; // idb
extern char byte_100143D1[]; // idb
extern char byte_100143E8[]; // idb
extern char byte_100143E9[]; // idb
extern char byte_1001440C[]; // idb
extern int dword_10017030; // weak
extern int dword_10017034; // weak
extern int dword_10017038; // weak
extern char Text[]; // idb
extern char asc_10017050[]; // idb
extern char aBbbb[]; // idb
extern char Source[]; // idb
extern char aWb86_mb[]; // idb
extern char aOpenMbErr[]; // idb
extern char Str2[]; // idb
extern char aWb86_mb_0[]; // idb
extern char aOld_mb[]; // idb
extern char aINwb86_mbZ[]; // idb
extern char asc_100170A8[]; // idb有5000多行,太多了.贴一最上面的
signed int __cdecl sub_10001173();
char *__cdecl sub_1000124B();
int __cdecl sub_10001255();
int __cdecl sub_1000125F(int a1);
int __cdecl sub_1000126C();
int __cdecl sub_10001276(int a1);
int __cdecl sub_10001283();
bool __cdecl sub_10001320(unsigned int a1);
signed int __cdecl sub_1000135F(int a1);
signed int __cdecl sub_1000144D(int a1, int a2, int a3);
int __cdecl sub_100015B0();
int __cdecl sub_100015BA(unsigned int a1);
int __cdecl sub_1000163A(int a1, int a2, int a3);
signed int __cdecl sub_1000165F();
signed int __cdecl sub_10001683();
int __cdecl sub_100016EF(HWND hWnd, LPPOINT lpPoint, int a3); // idb
UINT __cdecl sub_1000174D(__int16 a1);
signed int __cdecl sub_10001799(UINT uCode, int a2, int a3); // idb
signed int __cdecl sub_10001940(int a1, int a2, int a3, signed int a4, int a5, int a6, int a7, int a8, int a9, signed int a10);
void *__cdecl sub_10001BAC(int a1, UINT uCode, HWND hWnd); // idb
signed int __stdcall ImeInquire(int a1, char *Dest, int a3); // idb
signed int __stdcall ImeConfigure(int a1, HWND hWnd, int a3, int a4); // idb
int __stdcall ImeConversionList(int a1, int a2, int a3, int a4, int a5);
int __stdcall ImeDestroy(int a1);
int __stdcall ImeEscape(int a1, int a2, int a3);
//----- (1000165F) --------------------------------------------------------
signed int __cdecl sub_1000165F()
{
signed int result; // eax@2 if ( dword_10018E5C <= 0 )
{
result = 0;
}
else
{
--dword_10018E5C;
result = 1;
}
return result;
}//----- (10001683) --------------------------------------------------------
signed int __cdecl sub_10001683()
{
signed int result; // eax@6
HWND v1; // eax@3 if ( dword_10017030 != 1 )
goto LABEL_10;
if ( sub_10007AEC() )
{
v1 = sub_10007AEC();
ShowWindow(v1, 0);
}
if ( dword_10018E60 < 1 && (unsigned int)dword_10018E34 <= 1 )
{
LABEL_10:
result = 0;
}
else
{
dword_10018DAC = 0;
dword_10018DA8 = dword_10018DAC;
dword_10018E34 = dword_10018DA8;
dword_10018E60 = dword_10018E34;
result = 1;
}
return result;
}
是什么原因呢?