diff --git a/2000/01/01/hello-world/index.html b/2000/01/01/hello-world/index.html
index 3ea8e290..4b41adcf 100644
--- a/2000/01/01/hello-world/index.html
+++ b/2000/01/01/hello-world/index.html
@@ -657,7 +657,7 @@
- 15.6k
+ 15.5k
diff --git a/2018/11/16/BIBA访问控制模型实现(python)/index.html b/2018/11/16/BIBA访问控制模型实现(python)/index.html
index 374c8ff2..0e178466 100644
--- a/2018/11/16/BIBA访问控制模型实现(python)/index.html
+++ b/2018/11/16/BIBA访问控制模型实现(python)/index.html
@@ -845,7 +845,7 @@
- 15.6k
+ 15.5k
diff --git a/2018/12/15/miio-control/index.html b/2018/12/15/miio-control/index.html
index 4a80960f..1986fcad 100644
--- a/2018/12/15/miio-control/index.html
+++ b/2018/12/15/miio-control/index.html
@@ -747,7 +747,7 @@
- 15.6k
+ 15.5k
diff --git a/2018/12/23/基于规则引擎发现IOT设备/index.html b/2018/12/23/基于规则引擎发现IOT设备/index.html
index 504c0494..64de1153 100644
--- a/2018/12/23/基于规则引擎发现IOT设备/index.html
+++ b/2018/12/23/基于规则引擎发现IOT设备/index.html
@@ -747,7 +747,7 @@
- 15.6k
+ 15.5k
diff --git a/2018/12/25/TCPDUMP拒绝服务攻击漏洞/index.html b/2018/12/25/TCPDUMP拒绝服务攻击漏洞/index.html
index f056d8bf..cc29d52a 100644
--- a/2018/12/25/TCPDUMP拒绝服务攻击漏洞/index.html
+++ b/2018/12/25/TCPDUMP拒绝服务攻击漏洞/index.html
@@ -752,7 +752,7 @@
- 15.6k
+ 15.5k
diff --git a/2019/01/16/wifi半双工侧信道攻击学习笔记/index.html b/2019/01/16/wifi半双工侧信道攻击学习笔记/index.html
index 693bbd33..31344173 100644
--- a/2019/01/16/wifi半双工侧信道攻击学习笔记/index.html
+++ b/2019/01/16/wifi半双工侧信道攻击学习笔记/index.html
@@ -875,7 +875,7 @@ Server -------wire----------|
- 15.6k
+ 15.5k
diff --git a/2019/02/22/qq数据库的加密解密/index.html b/2019/02/22/qq数据库的加密解密/index.html
index 9f18fb91..d7d972f4 100644
--- a/2019/02/22/qq数据库的加密解密/index.html
+++ b/2019/02/22/qq数据库的加密解密/index.html
@@ -724,7 +724,7 @@
- 15.6k
+ 15.5k
diff --git a/2019/03/16/小米固件工具mkxqimage/index.html b/2019/03/16/小米固件工具mkxqimage/index.html
index a4127fd8..2f7c674f 100644
--- a/2019/03/16/小米固件工具mkxqimage/index.html
+++ b/2019/03/16/小米固件工具mkxqimage/index.html
@@ -731,7 +731,7 @@
- 15.6k
+ 15.5k
diff --git a/2019/03/23/auto-send-WX/index.html b/2019/03/23/auto-send-WX/index.html
index 2975aaca..7e42186c 100644
--- a/2019/03/23/auto-send-WX/index.html
+++ b/2019/03/23/auto-send-WX/index.html
@@ -741,7 +741,7 @@
- 15.6k
+ 15.5k
diff --git a/2019/03/25/Samba-CVE/index.html b/2019/03/25/Samba-CVE/index.html
index 5eda1323..a67b28b7 100644
--- a/2019/03/25/Samba-CVE/index.html
+++ b/2019/03/25/Samba-CVE/index.html
@@ -766,7 +766,7 @@
- 15.6k
+ 15.5k
diff --git a/2019/03/28/逆向工程实验/index.html b/2019/03/28/逆向工程实验/index.html
index c52c5d31..481c6459 100644
--- a/2019/03/28/逆向工程实验/index.html
+++ b/2019/03/28/逆向工程实验/index.html
@@ -90,7 +90,10 @@
-
+
+
+
+
@@ -411,7 +414,7 @@
- 927 字
+ 845 字
@@ -513,10 +516,20 @@
查找注册码验证相关代码
用鼠标选中程序分支点,按空格切换回汇编指令界面
可以看到,这条指令位于PE文件的.text节,并且IDA已经自动将地址转换为运行时的内存地址VA:004010F9
修改程序跳转
-- 现在关闭IDA,换用OllyDbg进行动态调试来看看程序时如何分支跳转的
直接跳到由IDA得到的VA:```004010F9```处查看那条引起程序分支的关键指令1
2
3
| - 选中这条指令,按F2设置断点,再按F9运行程序,这时候控制权会回到程序,OllyDbg暂时挂起。到程序提示输入名字和序列号,随意输入(名字大于五个字节),点击ok后,OllyDbg会重新中断程序,收回控制权,如图:
- 验证函数的返回值存于EAX寄存器中,if语句通过以下两条指令执行
|
+- 现在关闭IDA,换用OllyDbg进行动态调试来看看程序时如何分支跳转的Ctrl+G直接跳到由IDA得到的VA:004010F9处查看那条引起程序分支的关键指令
+- 选中这条指令,按F2设置断点,再按F9运行程序,这时候控制权会回到程序,OllyDbg暂时挂起。到程序提示输入名字和序列号,随意输入(名字大于五个字节),点击ok后,OllyDbg会重新中断程序,收回控制权,如图:
+- 验证函数的返回值存于EAX寄存器中,if语句通过以下两条指令执行
-cmp eax,ecx
jnz xxxxxxx
1
2
3
4
5
6
7
8
9
10
11
12
|
- 也就是说,当序列号输入错误时,EAX中的值为0,跳转将被执行。
如果我们把jnz这条指令修改为jz,那么整个程序的逻辑就会反过来。
双击jnz这条指令,将其改为jz,单击"汇编"将其写入内存
可以看到此时程序执行了相反的路径
- 上面只是在内存中修改程序,我们还需要在二进制文件中也修改相应的字节,这里考察VA与文件地址之间的关系
- 用LordPE打开.exe文件,查看PE文件的节信息
根据VA与文件地址的换算公式:
|
-文件偏移地址 = VA - Image Base - 节偏移
= 0x004010F9 - 0x00400000 - 0
= 0x10F9
`
也就是说,这条指令在PE文件中位于10F9字节处,使用010Editer打开crack.exe,将这一字节的75(JNZ)改为74(JZ),保存后重新执行,破解成功!
+
+
+根据VA与文件地址的换算公式:
1
2
3
| 文件偏移地址 = VA - Image Base - 节偏移
= 0x004010F9 - 0x00400000 - 0
= 0x10F9
|
+也就是说,这条指令在PE文件中位于10F9字节处,使用010Editer打开crack.exe,将这一字节的75(JNZ)改为74(JZ),保存后重新执行,破解成功!
编写注册机
1. 查找显示注册结果相关代码
2. 查找注册码验证相关代码
3. 根据注册码验证代码编写注册机
@@ -785,7 +798,7 @@
- 15.6k
+ 15.5k
diff --git a/about/index.html b/about/index.html
index 0f15fa17..7fcb7e73 100644
--- a/about/index.html
+++ b/about/index.html
@@ -466,7 +466,7 @@
- 15.6k
+ 15.5k
diff --git a/archives/2000/01/index.html b/archives/2000/01/index.html
index d553151b..4aee90f5 100644
--- a/archives/2000/01/index.html
+++ b/archives/2000/01/index.html
@@ -496,7 +496,7 @@
- 15.6k
+ 15.5k
diff --git a/archives/2000/index.html b/archives/2000/index.html
index d0152911..a283eacc 100644
--- a/archives/2000/index.html
+++ b/archives/2000/index.html
@@ -496,7 +496,7 @@
- 15.6k
+ 15.5k
diff --git a/archives/2018/11/index.html b/archives/2018/11/index.html
index 9178a779..6d393b08 100644
--- a/archives/2018/11/index.html
+++ b/archives/2018/11/index.html
@@ -496,7 +496,7 @@
- 15.6k
+ 15.5k
diff --git a/archives/2018/12/index.html b/archives/2018/12/index.html
index e8b02a7c..258a21d0 100644
--- a/archives/2018/12/index.html
+++ b/archives/2018/12/index.html
@@ -566,7 +566,7 @@
- 15.6k
+ 15.5k
diff --git a/archives/2018/index.html b/archives/2018/index.html
index 03dea0bf..cb9bb2dc 100644
--- a/archives/2018/index.html
+++ b/archives/2018/index.html
@@ -601,7 +601,7 @@
- 15.6k
+ 15.5k
diff --git a/archives/2019/01/index.html b/archives/2019/01/index.html
index 85306ce8..ed2aaa8d 100644
--- a/archives/2019/01/index.html
+++ b/archives/2019/01/index.html
@@ -496,7 +496,7 @@
- 15.6k
+ 15.5k
diff --git a/archives/2019/02/index.html b/archives/2019/02/index.html
index 6f3b2a07..b45e6caf 100644
--- a/archives/2019/02/index.html
+++ b/archives/2019/02/index.html
@@ -496,7 +496,7 @@
- 15.6k
+ 15.5k
diff --git a/archives/2019/03/index.html b/archives/2019/03/index.html
index d2ee2d41..e185a421 100644
--- a/archives/2019/03/index.html
+++ b/archives/2019/03/index.html
@@ -601,7 +601,7 @@
- 15.6k
+ 15.5k
diff --git a/archives/2019/index.html b/archives/2019/index.html
index 60e5904c..0d6f53fb 100644
--- a/archives/2019/index.html
+++ b/archives/2019/index.html
@@ -671,7 +671,7 @@
- 15.6k
+ 15.5k
diff --git a/archives/index.html b/archives/index.html
index c9acef47..7140022d 100644
--- a/archives/index.html
+++ b/archives/index.html
@@ -820,7 +820,7 @@
- 15.6k
+ 15.5k
diff --git a/archives/page/2/index.html b/archives/page/2/index.html
index aad87b4d..88b479f7 100644
--- a/archives/page/2/index.html
+++ b/archives/page/2/index.html
@@ -500,7 +500,7 @@
- 15.6k
+ 15.5k
diff --git a/bookmarks/index.html b/bookmarks/index.html
index 2e5ebcf8..ab334b65 100644
--- a/bookmarks/index.html
+++ b/bookmarks/index.html
@@ -518,7 +518,7 @@
- 15.6k
+ 15.5k
diff --git a/categories/IOT/index.html b/categories/IOT/index.html
index dc9aa902..ae660c89 100644
--- a/categories/IOT/index.html
+++ b/categories/IOT/index.html
@@ -529,7 +529,7 @@
- 15.6k
+ 15.5k
diff --git a/categories/index.html b/categories/index.html
index d21b1d8b..67b43a66 100644
--- a/categories/index.html
+++ b/categories/index.html
@@ -468,7 +468,7 @@
- 15.6k
+ 15.5k
diff --git a/categories/二进制/index.html b/categories/二进制/index.html
index 55d47ac7..233394a5 100644
--- a/categories/二进制/index.html
+++ b/categories/二进制/index.html
@@ -477,7 +477,7 @@
- 15.6k
+ 15.5k
diff --git a/categories/加密解密/index.html b/categories/加密解密/index.html
index 3c221681..25e392bb 100644
--- a/categories/加密解密/index.html
+++ b/categories/加密解密/index.html
@@ -477,7 +477,7 @@
- 15.6k
+ 15.5k
diff --git a/categories/杂七杂八/index.html b/categories/杂七杂八/index.html
index 53bdff51..089a18aa 100644
--- a/categories/杂七杂八/index.html
+++ b/categories/杂七杂八/index.html
@@ -477,7 +477,7 @@
- 15.6k
+ 15.5k
diff --git a/categories/理论学习/index.html b/categories/理论学习/index.html
index 32ccc3a4..b2730da1 100644
--- a/categories/理论学习/index.html
+++ b/categories/理论学习/index.html
@@ -477,7 +477,7 @@
- 15.6k
+ 15.5k
diff --git a/categories/顶会论文/index.html b/categories/顶会论文/index.html
index 32af792b..eb07402a 100644
--- a/categories/顶会论文/index.html
+++ b/categories/顶会论文/index.html
@@ -503,7 +503,7 @@
- 15.6k
+ 15.5k
diff --git a/index.html b/index.html
index 50aeac06..95d2cb16 100644
--- a/index.html
+++ b/index.html
@@ -395,7 +395,7 @@
- 927 字
+ 845 字
@@ -2354,7 +2354,7 @@ ettercap嗅探智能设备和网关之间的流量sudo ettercap -i ens33 -T -q
- 15.6k
+ 15.5k
diff --git a/page/2/index.html b/page/2/index.html
index 1572d0c3..249cf8c6 100644
--- a/page/2/index.html
+++ b/page/2/index.html
@@ -604,7 +604,7 @@
- 15.6k
+ 15.5k
diff --git a/search.xml b/search.xml
index 1d6f69f6..d98e37a3 100644
--- a/search.xml
+++ b/search.xml
@@ -3,7 +3,7 @@
<![CDATA[逆向工程实验]]>
%2F2019%2F03%2F28%2F%E9%80%86%E5%90%91%E5%B7%A5%E7%A8%8B%E5%AE%9E%E9%AA%8C%2F
-
+
-二进制
diff --git a/sitemap.xml b/sitemap.xml
index 175fca45..bb556c59 100644
--- a/sitemap.xml
+++ b/sitemap.xml
@@ -4,7 +4,7 @@
https://cool-y.github.io/2019/03/28/%E9%80%86%E5%90%91%E5%B7%A5%E7%A8%8B%E5%AE%9E%E9%AA%8C/
- 2019-03-28T13:04:12.572Z
+ 2019-03-28T13:05:56.799Z
diff --git a/tags/CVE/index.html b/tags/CVE/index.html
index a121dd3a..e8f8ef25 100644
--- a/tags/CVE/index.html
+++ b/tags/CVE/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/QQ/index.html b/tags/QQ/index.html
index 1817a891..d7e60480 100644
--- a/tags/QQ/index.html
+++ b/tags/QQ/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/SSH/index.html b/tags/SSH/index.html
index 8256025f..14374b9d 100644
--- a/tags/SSH/index.html
+++ b/tags/SSH/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/Samba/index.html b/tags/Samba/index.html
index 927d4048..d35f980c 100644
--- a/tags/Samba/index.html
+++ b/tags/Samba/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/TCPDUMP/index.html b/tags/TCPDUMP/index.html
index 1add1028..14a3af7a 100644
--- a/tags/TCPDUMP/index.html
+++ b/tags/TCPDUMP/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/USENIX/index.html b/tags/USENIX/index.html
index 0b12985a..a8394aca 100644
--- a/tags/USENIX/index.html
+++ b/tags/USENIX/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/index.html b/tags/index.html
index b2e0cfab..3140c5be 100644
--- a/tags/index.html
+++ b/tags/index.html
@@ -468,7 +468,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/itchat/index.html b/tags/itchat/index.html
index e312ed61..876361f4 100644
--- a/tags/itchat/index.html
+++ b/tags/itchat/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/miio/index.html b/tags/miio/index.html
index a9a672b6..a6e9f062 100644
--- a/tags/miio/index.html
+++ b/tags/miio/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/python/index.html b/tags/python/index.html
index 057b5da4..b4f7661e 100644
--- a/tags/python/index.html
+++ b/tags/python/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/wifi/index.html b/tags/wifi/index.html
index 8a305540..ea33f5a2 100644
--- a/tags/wifi/index.html
+++ b/tags/wifi/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/中间人/index.html b/tags/中间人/index.html
index 3a5d0d8c..a572e028 100644
--- a/tags/中间人/index.html
+++ b/tags/中间人/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/侧信道攻击/index.html b/tags/侧信道攻击/index.html
index f42f79d8..24466dd4 100644
--- a/tags/侧信道攻击/index.html
+++ b/tags/侧信道攻击/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/密码/index.html b/tags/密码/index.html
index d0ae5a66..07a3ece0 100644
--- a/tags/密码/index.html
+++ b/tags/密码/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/小米/index.html b/tags/小米/index.html
index d2ab8a57..911956f4 100644
--- a/tags/小米/index.html
+++ b/tags/小米/index.html
@@ -502,7 +502,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/微信/index.html b/tags/微信/index.html
index 8643f315..57227079 100644
--- a/tags/微信/index.html
+++ b/tags/微信/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/拒绝服务攻击/index.html b/tags/拒绝服务攻击/index.html
index 34dbe64f..5d9ebee5 100644
--- a/tags/拒绝服务攻击/index.html
+++ b/tags/拒绝服务攻击/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/数据库/index.html b/tags/数据库/index.html
index 0bc8029f..2c499113 100644
--- a/tags/数据库/index.html
+++ b/tags/数据库/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/数据挖掘/index.html b/tags/数据挖掘/index.html
index 8f3a5673..61bd917a 100644
--- a/tags/数据挖掘/index.html
+++ b/tags/数据挖掘/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/文件格式/index.html b/tags/文件格式/index.html
index 6febb6a4..5d6b34dd 100644
--- a/tags/文件格式/index.html
+++ b/tags/文件格式/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/模型实现/index.html b/tags/模型实现/index.html
index 7a7a6517..5cffe968 100644
--- a/tags/模型实现/index.html
+++ b/tags/模型实现/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/自然语言处理/index.html b/tags/自然语言处理/index.html
index bce817d5..ca54a8e6 100644
--- a/tags/自然语言处理/index.html
+++ b/tags/自然语言处理/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/访问控制/index.html b/tags/访问控制/index.html
index 66d82a38..1e2a10e3 100644
--- a/tags/访问控制/index.html
+++ b/tags/访问控制/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/远程执行/index.html b/tags/远程执行/index.html
index 49330312..7607b65f 100644
--- a/tags/远程执行/index.html
+++ b/tags/远程执行/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/逆向/index.html b/tags/逆向/index.html
index dd35cd64..1ee50386 100644
--- a/tags/逆向/index.html
+++ b/tags/逆向/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
diff --git a/tags/重放攻击/index.html b/tags/重放攻击/index.html
index ef74366d..fc1294ef 100644
--- a/tags/重放攻击/index.html
+++ b/tags/重放攻击/index.html
@@ -476,7 +476,7 @@
- 15.6k
+ 15.5k
