有人能做动态封包的加解密吗?
加密CALL的内容已经找到00ABD1D4 53 push ebx
00ABD1D5 56 push esi
00ABD1D6 57 push edi
00ABD1D7 55 push ebp
00ABD1D8 8BFA mov edi,edx
00ABD1DA 8BE8 mov ebp,eax
00ABD1DC 8B07 mov eax,dword ptr ds:
00ABD1DE E8 457F94FF call loginp.00405128
00ABD1E3 8BF0 mov esi,eax
00ABD1E5 85F6 test esi,esi
00ABD1E7 7E 3D jle Xloginp.00ABD226
00ABD1E9 BB 01000000 mov ebx,0x1
00ABD1EE 8BC7 mov eax,edi
00ABD1F0 E8 838194FF call loginp.00405378
00ABD1F5 4B dec ebx
00ABD1F6 85C0 test eax,eax
00ABD1F8 74 05 je Xloginp.00ABD1FF
00ABD1FA 3B58 FC cmp ebx,dword ptr ds:
00ABD1FD 72 05 jb Xloginp.00ABD204
00ABD1FF E8 A46D94FF call loginp.00403FA8
00ABD204 43 inc ebx
00ABD205 8B17 mov edx,dword ptr ds://存放封包明文,edi地址固定不变0018FE14
00ABD207 4B dec ebx
00ABD208 85D2 test edx,edx
00ABD20A 74 05 je Xloginp.00ABD211
00ABD20C 3B5A FC cmp ebx,dword ptr ds:
00ABD20F 72 05 jb Xloginp.00ABD216
00ABD211 E8 926D94FF call loginp.00403FA8
00ABD216 43 inc ebx
00ABD217 8A541A FF mov dl,byte ptr ds:
00ABD21B 3255 06 xor dl,byte ptr ss://此处与0018FE14的堆栈异或,但是堆栈的地址每次都会变
00ABD21E 885418 FF mov byte ptr ds:,dl
00ABD222 43 inc ebx
00ABD223 4E dec esi
00ABD224^ 75 C8 jnz Xloginp.00ABD1EE
页:
[1]