From 860a91d5c59d07093dfc3788bb0daec1517f2850 Mon Sep 17 00:00:00 2001
From: Cool-Y <1072916769@qq.com>
Date: Thu, 28 Mar 2019 21:29:04 +0800
Subject: [PATCH] Site updated: 2019-03-28 21:28:51

---
 2000/01/01/hello-world/index.html             |  2 +-
 .../BIBA访问控制模型实现(python)/index.html   |  2 +-
 2018/12/15/miio-control/index.html            |  2 +-
 2018/12/23/基于规则引擎发现IOT设备/index.html |  2 +-
 2018/12/25/TCPDUMP拒绝服务攻击漏洞/index.html |  2 +-
 .../wifi半双工侧信道攻击学习笔记/index.html   |  2 +-
 2019/02/22/qq数据库的加密解密/index.html      |  2 +-
 2019/03/16/小米固件工具mkxqimage/index.html   |  2 +-
 2019/03/23/auto-send-WX/index.html            |  2 +-
 2019/03/25/Samba-CVE/index.html               |  2 +-
 2019/03/28/逆向工程实验/index.html            | 35 +++++++++++++------
 about/index.html                              |  2 +-
 archives/2000/01/index.html                   |  2 +-
 archives/2000/index.html                      |  2 +-
 archives/2018/11/index.html                   |  2 +-
 archives/2018/12/index.html                   |  2 +-
 archives/2018/index.html                      |  2 +-
 archives/2019/01/index.html                   |  2 +-
 archives/2019/02/index.html                   |  2 +-
 archives/2019/03/index.html                   |  2 +-
 archives/2019/index.html                      |  2 +-
 archives/index.html                           |  2 +-
 archives/page/2/index.html                    |  2 +-
 bookmarks/index.html                          |  2 +-
 categories/IOT/index.html                     |  2 +-
 categories/index.html                         |  2 +-
 categories/二进制/index.html                  |  2 +-
 categories/加密解密/index.html                |  2 +-
 categories/杂七杂八/index.html                |  2 +-
 categories/理论学习/index.html                |  2 +-
 categories/顶会论文/index.html                |  2 +-
 index.html                                    |  4 +--
 page/2/index.html                             |  2 +-
 search.xml                                    |  2 +-
 sitemap.xml                                   |  2 +-
 tags/CVE/index.html                           |  2 +-
 tags/QQ/index.html                            |  2 +-
 tags/SSH/index.html                           |  2 +-
 tags/Samba/index.html                         |  2 +-
 tags/TCPDUMP/index.html                       |  2 +-
 tags/USENIX/index.html                        |  2 +-
 tags/index.html                               |  2 +-
 tags/itchat/index.html                        |  2 +-
 tags/miio/index.html                          |  2 +-
 tags/python/index.html                        |  2 +-
 tags/wifi/index.html                          |  2 +-
 tags/中间人/index.html                        |  2 +-
 tags/侧信道攻击/index.html                    |  2 +-
 tags/密码/index.html                          |  2 +-
 tags/小米/index.html                          |  2 +-
 tags/微信/index.html                          |  2 +-
 tags/拒绝服务攻击/index.html                  |  2 +-
 tags/数据库/index.html                        |  2 +-
 tags/数据挖掘/index.html                      |  2 +-
 tags/文件格式/index.html                      |  2 +-
 tags/模型实现/index.html                      |  2 +-
 tags/自然语言处理/index.html                  |  2 +-
 tags/访问控制/index.html                      |  2 +-
 tags/远程执行/index.html                      |  2 +-
 tags/逆向/index.html                          |  2 +-
 tags/重放攻击/index.html                      |  2 +-
 61 files changed, 85 insertions(+), 72 deletions(-)

diff --git a/2000/01/01/hello-world/index.html b/2000/01/01/hello-world/index.html
index 4b41adcf..3c0236dc 100644
--- a/2000/01/01/hello-world/index.html
+++ b/2000/01/01/hello-world/index.html
@@ -657,7 +657,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/2018/11/16/BIBA访问控制模型实现(python)/index.html b/2018/11/16/BIBA访问控制模型实现(python)/index.html
index 0e178466..95054296 100644
--- a/2018/11/16/BIBA访问控制模型实现(python)/index.html
+++ b/2018/11/16/BIBA访问控制模型实现(python)/index.html
@@ -845,7 +845,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/2018/12/15/miio-control/index.html b/2018/12/15/miio-control/index.html
index 1986fcad..8914bccf 100644
--- a/2018/12/15/miio-control/index.html
+++ b/2018/12/15/miio-control/index.html
@@ -747,7 +747,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/2018/12/23/基于规则引擎发现IOT设备/index.html b/2018/12/23/基于规则引擎发现IOT设备/index.html
index 64de1153..d53a3d98 100644
--- a/2018/12/23/基于规则引擎发现IOT设备/index.html
+++ b/2018/12/23/基于规则引擎发现IOT设备/index.html
@@ -747,7 +747,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/2018/12/25/TCPDUMP拒绝服务攻击漏洞/index.html b/2018/12/25/TCPDUMP拒绝服务攻击漏洞/index.html
index cc29d52a..e54fd486 100644
--- a/2018/12/25/TCPDUMP拒绝服务攻击漏洞/index.html
+++ b/2018/12/25/TCPDUMP拒绝服务攻击漏洞/index.html
@@ -752,7 +752,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/2019/01/16/wifi半双工侧信道攻击学习笔记/index.html b/2019/01/16/wifi半双工侧信道攻击学习笔记/index.html
index 31344173..6fb1d1c3 100644
--- a/2019/01/16/wifi半双工侧信道攻击学习笔记/index.html
+++ b/2019/01/16/wifi半双工侧信道攻击学习笔记/index.html
@@ -875,7 +875,7 @@ Server   -------wire----------|
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/2019/02/22/qq数据库的加密解密/index.html b/2019/02/22/qq数据库的加密解密/index.html
index d7d972f4..49ba8177 100644
--- a/2019/02/22/qq数据库的加密解密/index.html
+++ b/2019/02/22/qq数据库的加密解密/index.html
@@ -724,7 +724,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/2019/03/16/小米固件工具mkxqimage/index.html b/2019/03/16/小米固件工具mkxqimage/index.html
index 2f7c674f..65063ca6 100644
--- a/2019/03/16/小米固件工具mkxqimage/index.html
+++ b/2019/03/16/小米固件工具mkxqimage/index.html
@@ -731,7 +731,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/2019/03/23/auto-send-WX/index.html b/2019/03/23/auto-send-WX/index.html
index 7e42186c..3c1d5b9c 100644
--- a/2019/03/23/auto-send-WX/index.html
+++ b/2019/03/23/auto-send-WX/index.html
@@ -741,7 +741,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/2019/03/25/Samba-CVE/index.html b/2019/03/25/Samba-CVE/index.html
index a67b28b7..4c68cec2 100644
--- a/2019/03/25/Samba-CVE/index.html
+++ b/2019/03/25/Samba-CVE/index.html
@@ -766,7 +766,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/2019/03/28/逆向工程实验/index.html b/2019/03/28/逆向工程实验/index.html
index 481c6459..c344826a 100644
--- a/2019/03/28/逆向工程实验/index.html
+++ b/2019/03/28/逆向工程实验/index.html
@@ -93,7 +93,7 @@
 <meta property="og:image" content="https://res.cloudinary.com/dozyfkbg3/image/upload/v1553775053/%E8%BD%AF%E4%BB%B6%E7%A0%B4%E8%A7%A3/%E6%8D%95%E8%8E%B74.png">
 <meta property="og:image" content="https://res.cloudinary.com/dozyfkbg3/image/upload/v1553775817/%E8%BD%AF%E4%BB%B6%E7%A0%B4%E8%A7%A3/%E6%8D%95%E8%8E%B75.png">
 <meta property="og:image" content="https://res.cloudinary.com/dozyfkbg3/image/upload/v1553776239/%E8%BD%AF%E4%BB%B6%E7%A0%B4%E8%A7%A3/%E6%8D%95%E8%8E%B76.png">
-<meta property="og:updated_time" content="2019-03-28T13:05:56.799Z">
+<meta property="og:updated_time" content="2019-03-28T13:28:37.246Z">
 <meta name="twitter:card" content="summary">
 <meta name="twitter:title" content="逆向工程实验">
 <meta name="twitter:description" content="软件保护方式 功能限制 时间限制   运行时长限制 使用日期限制 使用次数限制   警告窗口   分析工具 静态分析工具   IDA W32Dasm lordPE Resource Hacker   动态分析工具   OllyDbg WinDbg  对抗分析技术 反静态分析技术   花指令 自修改代码技术 多态技术 变形技术 虚拟机保护技术   反动态分析技术   检测调试状态 检测用户态调试器">
@@ -414,7 +414,7 @@
                 </span>
                 
                 <span title="字数统计">
-                  845 字
+                  1.1k 字
                 </span>
               
 
@@ -506,7 +506,7 @@
 <li>使调试器窗口不可用</li>
 <li>终止调试器进程</li>
 </ul>
-<h1 id="PE文件格式基础"><a href="#PE文件格式基础" class="headerlink" title="PE文件格式基础"></a>PE文件格式基础</h1><h1 id="实验1：软件破解"><a href="#实验1：软件破解" class="headerlink" title="实验1：软件破解"></a>实验1：软件破解</h1><h2 id="对象"><a href="#对象" class="headerlink" title="对象"></a>对象</h2><p><a href="https://res.cloudinary.com/dozyfkbg3/raw/upload/v1553761280/%E8%BD%AF%E4%BB%B6%E7%A0%B4%E8%A7%A3/crack.exe1" target="_blank" rel="noopener">crack.exe</a>，28.0 KB</p>
+<h1 id="PE文件格式基础"><a href="#PE文件格式基础" class="headerlink" title="PE文件格式基础"></a>PE文件格式基础</h1><h1 id="加壳脱壳"><a href="#加壳脱壳" class="headerlink" title="加壳脱壳"></a>加壳脱壳</h1><h1 id="实验1：软件破解"><a href="#实验1：软件破解" class="headerlink" title="实验1：软件破解"></a>实验1：软件破解</h1><h2 id="对象"><a href="#对象" class="headerlink" title="对象"></a>对象</h2><p><a href="https://res.cloudinary.com/dozyfkbg3/raw/upload/v1553761280/%E8%BD%AF%E4%BB%B6%E7%A0%B4%E8%A7%A3/crack.exe1" target="_blank" rel="noopener">crack.exe</a>，28.0 KB</p>
 <ul>
 <li>无保护措施：无壳、未加密、无反调试措施</li>
 <li>用户名至少要5个字节</li>
@@ -518,19 +518,32 @@
 <h3 id="修改程序跳转"><a href="#修改程序跳转" class="headerlink" title="修改程序跳转"></a>修改程序跳转</h3><ul>
 <li>现在关闭IDA，换用OllyDbg进行动态调试来看看程序时如何分支跳转的Ctrl+G直接跳到由IDA得到的VA:004010F9处查看那条引起程序分支的关键指令</li>
 <li>选中这条指令，按F2设置断点，再按F9运行程序，这时候控制权会回到程序，OllyDbg暂时挂起。到程序提示输入名字和序列号，随意输入（名字大于五个字节），点击ok后，OllyDbg会重新中断程序，收回控制权，如图：<br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1553775053/%E8%BD%AF%E4%BB%B6%E7%A0%B4%E8%A7%A3/%E6%8D%95%E8%8E%B74.png" alt></li>
-<li>验证函数的返回值存于EAX寄存器中，if语句通过以下两条指令执行</li>
-</ul>
+<li><p>验证函数的返回值存于EAX寄存器中，if语句通过以下两条指令执行</p>
 <figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line">cmp eax,ecx</span><br><span class="line">jnz xxxxxxx</span><br></pre></td></tr></table></figure>
-<ul>
+</li>
 <li><p>也就是说，当序列号输入错误时，EAX中的值为0，跳转将被执行。<br>如果我们把jnz这条指令修改为jz，那么整个程序的逻辑就会反过来。<br>双击jnz这条指令，将其改为jz，单击”汇编”将其写入内存<br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1553775817/%E8%BD%AF%E4%BB%B6%E7%A0%B4%E8%A7%A3/%E6%8D%95%E8%8E%B75.png" alt><br>可以看到此时程序执行了相反的路径</p>
 </li>
 <li><p>上面只是在内存中修改程序，我们还需要在二进制文件中也修改相应的字节，这里考察VA与文件地址之间的关系</p>
 </li>
-<li>用LordPE打开.exe文件，查看PE文件的节信息<br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1553776239/%E8%BD%AF%E4%BB%B6%E7%A0%B4%E8%A7%A3/%E6%8D%95%E8%8E%B76.png" alt></li>
+<li>用LordPE打开.exe文件，查看PE文件的节信息<br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1553776239/%E8%BD%AF%E4%BB%B6%E7%A0%B4%E8%A7%A3/%E6%8D%95%E8%8E%B76.png" alt><br>根据VA与文件地址的换算公式：<figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">文件偏移地址 = VA - Image Base - 节偏移</span><br><span class="line">            = 0x004010F9 - 0x00400000 - 0</span><br><span class="line">            = 0x10F9</span><br></pre></td></tr></table></figure>
+</li>
 </ul>
-<p>根据VA与文件地址的换算公式：<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">文件偏移地址 = VA - Image Base - 节偏移</span><br><span class="line">            = 0x004010F9 - 0x00400000 - 0</span><br><span class="line">            = 0x10F9</span><br></pre></td></tr></table></figure></p>
 <p>也就是说，这条指令在PE文件中位于10F9字节处，使用010Editer打开crack.exe，将这一字节的75(JNZ)改为74(JZ)，保存后重新执行，破解成功！</p>
-<h2 id="编写注册机"><a href="#编写注册机" class="headerlink" title="编写注册机"></a>编写注册机</h2><h3 id="1-查找显示注册结果相关代码"><a href="#1-查找显示注册结果相关代码" class="headerlink" title="1. 查找显示注册结果相关代码"></a>1. 查找显示注册结果相关代码</h3><h3 id="2-查找注册码验证相关代码"><a href="#2-查找注册码验证相关代码" class="headerlink" title="2. 查找注册码验证相关代码"></a>2. 查找注册码验证相关代码</h3><h3 id="3-根据注册码验证代码编写注册机"><a href="#3-根据注册码验证代码编写注册机" class="headerlink" title="3. 根据注册码验证代码编写注册机"></a>3. 根据注册码验证代码编写注册机</h3>
+<h2 id="编写注册机"><a href="#编写注册机" class="headerlink" title="编写注册机"></a>编写注册机</h2><h3 id="查找显示注册结果相关代码-1"><a href="#查找显示注册结果相关代码-1" class="headerlink" title="查找显示注册结果相关代码"></a>查找显示注册结果相关代码</h3><h3 id="查找注册码验证相关代码-1"><a href="#查找注册码验证相关代码-1" class="headerlink" title="查找注册码验证相关代码"></a>查找注册码验证相关代码</h3><h3 id="根据注册码验证代码编写注册机"><a href="#根据注册码验证代码编写注册机" class="headerlink" title="根据注册码验证代码编写注册机"></a>根据注册码验证代码编写注册机</h3><h1 id="实验二：软件反动态调试技术分析"><a href="#实验二：软件反动态调试技术分析" class="headerlink" title="实验二：软件反动态调试技术分析"></a>实验二：软件反动态调试技术分析</h1><h2 id="对象-1"><a href="#对象-1" class="headerlink" title="对象"></a>对象</h2><p><a href="https://res.cloudinary.com/dozyfkbg3/raw/upload/v1553779243/%E8%BD%AF%E4%BB%B6%E7%A0%B4%E8%A7%A3/CrackMe1.exe1" target="_blank" rel="noopener">CrackMe1.exe</a> 1641.0 KB<br>无保护措施：无壳、未加密、无反调试措施<br>使用OllyDbg对该程序进行调试时，程序会自动退出</p>
+<h2 id="要求"><a href="#要求" class="headerlink" title="要求"></a>要求</h2><ol>
+<li>分析CrackMe1.exe是如何通过父进程检测实现反OllyDbg调试的</li>
+<li>分析除父进程检测外，该程序用到的反动态调试技术</li>
+</ol>
+<h1 id="实验三：加花加密反调试技术分析"><a href="#实验三：加花加密反调试技术分析" class="headerlink" title="实验三：加花加密反调试技术分析"></a>实验三：加花加密反调试技术分析</h1><h2 id="对象-2"><a href="#对象-2" class="headerlink" title="对象"></a>对象</h2><p><a href="https://res.cloudinary.com/dozyfkbg3/raw/upload/v1553779413/%E8%BD%AF%E4%BB%B6%E7%A0%B4%E8%A7%A3/CrackMe2.exe1" target="_blank" rel="noopener">CrackMe2.exe</a> 9.00 KB<br>保护措施：部分加花、部分加密、简单反调试<br>根据(提示)[<a href="https://res.cloudinary.com/dozyfkbg3/raw/upload/v1553779403/%E8%BD%AF%E4%BB%B6%E7%A0%B4%E8%A7%A3/Crackme2%E6%8F%90%E7%A4%BA.docx]分析该程序" target="_blank" rel="noopener">https://res.cloudinary.com/dozyfkbg3/raw/upload/v1553779403/%E8%BD%AF%E4%BB%B6%E7%A0%B4%E8%A7%A3/Crackme2%E6%8F%90%E7%A4%BA.docx]分析该程序</a></p>
+<h2 id="内容"><a href="#内容" class="headerlink" title="内容"></a>内容</h2><ol>
+<li>加壳脱壳深入理解</li>
+<li>尝试手动脱壳</li>
+<li>分析CrackMe2.exe中花指令</li>
+<li>分析CrackMe2.exe中的被加密的函数的功能</li>
+<li>分析CrackMe2.exe中的反调试手段</li>
+<li>分析CrackMe2.exe中混合的64位代码的功能</li>
+</ol>
+
       
     </div>
     
@@ -766,7 +779,7 @@
             
 
             
-              <div class="post-toc-content"><ol class="nav"><li class="nav-item nav-level-1"><a class="nav-link" href="#软件保护方式"><span class="nav-number">1.</span> <span class="nav-text">软件保护方式</span></a></li><li class="nav-item nav-level-1"><a class="nav-link" href="#分析工具"><span class="nav-number">2.</span> <span class="nav-text">分析工具</span></a></li><li class="nav-item nav-level-1"><a class="nav-link" href="#对抗分析技术"><span class="nav-number">3.</span> <span class="nav-text">对抗分析技术</span></a></li><li class="nav-item nav-level-1"><a class="nav-link" href="#PE文件格式基础"><span class="nav-number">4.</span> <span class="nav-text">PE文件格式基础</span></a></li><li class="nav-item nav-level-1"><a class="nav-link" href="#实验1：软件破解"><span class="nav-number">5.</span> <span class="nav-text">实验1：软件破解</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#对象"><span class="nav-number">5.1.</span> <span class="nav-text">对象</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#爆破"><span class="nav-number">5.2.</span> <span class="nav-text">爆破</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#查找显示注册结果相关代码"><span class="nav-number">5.2.1.</span> <span class="nav-text">查找显示注册结果相关代码</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#查找注册码验证相关代码"><span class="nav-number">5.2.2.</span> <span class="nav-text">查找注册码验证相关代码</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#修改程序跳转"><span class="nav-number">5.2.3.</span> <span class="nav-text">修改程序跳转</span></a></li></ol></li><li class="nav-item nav-level-2"><a class="nav-link" href="#编写注册机"><span class="nav-number">5.3.</span> <span class="nav-text">编写注册机</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#1-查找显示注册结果相关代码"><span class="nav-number">5.3.1.</span> <span class="nav-text">1. 查找显示注册结果相关代码</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#2-查找注册码验证相关代码"><span class="nav-number">5.3.2.</span> <span class="nav-text">2. 查找注册码验证相关代码</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#3-根据注册码验证代码编写注册机"><span class="nav-number">5.3.3.</span> <span class="nav-text">3. 根据注册码验证代码编写注册机</span></a></li></ol></li></ol></li></ol></div>
+              <div class="post-toc-content"><ol class="nav"><li class="nav-item nav-level-1"><a class="nav-link" href="#软件保护方式"><span class="nav-number">1.</span> <span class="nav-text">软件保护方式</span></a></li><li class="nav-item nav-level-1"><a class="nav-link" href="#分析工具"><span class="nav-number">2.</span> <span class="nav-text">分析工具</span></a></li><li class="nav-item nav-level-1"><a class="nav-link" href="#对抗分析技术"><span class="nav-number">3.</span> <span class="nav-text">对抗分析技术</span></a></li><li class="nav-item nav-level-1"><a class="nav-link" href="#PE文件格式基础"><span class="nav-number">4.</span> <span class="nav-text">PE文件格式基础</span></a></li><li class="nav-item nav-level-1"><a class="nav-link" href="#加壳脱壳"><span class="nav-number">5.</span> <span class="nav-text">加壳脱壳</span></a></li><li class="nav-item nav-level-1"><a class="nav-link" href="#实验1：软件破解"><span class="nav-number">6.</span> <span class="nav-text">实验1：软件破解</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#对象"><span class="nav-number">6.1.</span> <span class="nav-text">对象</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#爆破"><span class="nav-number">6.2.</span> <span class="nav-text">爆破</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#查找显示注册结果相关代码"><span class="nav-number">6.2.1.</span> <span class="nav-text">查找显示注册结果相关代码</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#查找注册码验证相关代码"><span class="nav-number">6.2.2.</span> <span class="nav-text">查找注册码验证相关代码</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#修改程序跳转"><span class="nav-number">6.2.3.</span> <span class="nav-text">修改程序跳转</span></a></li></ol></li><li class="nav-item nav-level-2"><a class="nav-link" href="#编写注册机"><span class="nav-number">6.3.</span> <span class="nav-text">编写注册机</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#查找显示注册结果相关代码-1"><span class="nav-number">6.3.1.</span> <span class="nav-text">查找显示注册结果相关代码</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#查找注册码验证相关代码-1"><span class="nav-number">6.3.2.</span> <span class="nav-text">查找注册码验证相关代码</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#根据注册码验证代码编写注册机"><span class="nav-number">6.3.3.</span> <span class="nav-text">根据注册码验证代码编写注册机</span></a></li></ol></li></ol></li><li class="nav-item nav-level-1"><a class="nav-link" href="#实验二：软件反动态调试技术分析"><span class="nav-number">7.</span> <span class="nav-text">实验二：软件反动态调试技术分析</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#对象-1"><span class="nav-number">7.1.</span> <span class="nav-text">对象</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#要求"><span class="nav-number">7.2.</span> <span class="nav-text">要求</span></a></li></ol></li><li class="nav-item nav-level-1"><a class="nav-link" href="#实验三：加花加密反调试技术分析"><span class="nav-number">8.</span> <span class="nav-text">实验三：加花加密反调试技术分析</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#对象-2"><span class="nav-number">8.1.</span> <span class="nav-text">对象</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#内容"><span class="nav-number">8.2.</span> <span class="nav-text">内容</span></a></li></ol></li></ol></div>
             
 
           </div>
@@ -798,7 +811,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/about/index.html b/about/index.html
index 7fcb7e73..b983ec10 100644
--- a/about/index.html
+++ b/about/index.html
@@ -466,7 +466,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/archives/2000/01/index.html b/archives/2000/01/index.html
index 4aee90f5..222d26a3 100644
--- a/archives/2000/01/index.html
+++ b/archives/2000/01/index.html
@@ -496,7 +496,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/archives/2000/index.html b/archives/2000/index.html
index a283eacc..1247c23d 100644
--- a/archives/2000/index.html
+++ b/archives/2000/index.html
@@ -496,7 +496,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/archives/2018/11/index.html b/archives/2018/11/index.html
index 6d393b08..a132a81c 100644
--- a/archives/2018/11/index.html
+++ b/archives/2018/11/index.html
@@ -496,7 +496,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/archives/2018/12/index.html b/archives/2018/12/index.html
index 258a21d0..a6b0345d 100644
--- a/archives/2018/12/index.html
+++ b/archives/2018/12/index.html
@@ -566,7 +566,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/archives/2018/index.html b/archives/2018/index.html
index cb9bb2dc..895317fb 100644
--- a/archives/2018/index.html
+++ b/archives/2018/index.html
@@ -601,7 +601,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/archives/2019/01/index.html b/archives/2019/01/index.html
index ed2aaa8d..c92cf8de 100644
--- a/archives/2019/01/index.html
+++ b/archives/2019/01/index.html
@@ -496,7 +496,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/archives/2019/02/index.html b/archives/2019/02/index.html
index b45e6caf..107a6bb0 100644
--- a/archives/2019/02/index.html
+++ b/archives/2019/02/index.html
@@ -496,7 +496,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/archives/2019/03/index.html b/archives/2019/03/index.html
index e185a421..1c532d28 100644
--- a/archives/2019/03/index.html
+++ b/archives/2019/03/index.html
@@ -601,7 +601,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/archives/2019/index.html b/archives/2019/index.html
index 0d6f53fb..3aa33b9a 100644
--- a/archives/2019/index.html
+++ b/archives/2019/index.html
@@ -671,7 +671,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/archives/index.html b/archives/index.html
index 7140022d..405964e9 100644
--- a/archives/index.html
+++ b/archives/index.html
@@ -820,7 +820,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/archives/page/2/index.html b/archives/page/2/index.html
index 88b479f7..4eb939c9 100644
--- a/archives/page/2/index.html
+++ b/archives/page/2/index.html
@@ -500,7 +500,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/bookmarks/index.html b/bookmarks/index.html
index ab334b65..53aba9a3 100644
--- a/bookmarks/index.html
+++ b/bookmarks/index.html
@@ -518,7 +518,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/categories/IOT/index.html b/categories/IOT/index.html
index ae660c89..da315f6c 100644
--- a/categories/IOT/index.html
+++ b/categories/IOT/index.html
@@ -529,7 +529,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/categories/index.html b/categories/index.html
index 67b43a66..896e708a 100644
--- a/categories/index.html
+++ b/categories/index.html
@@ -468,7 +468,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/categories/二进制/index.html b/categories/二进制/index.html
index 233394a5..70d47811 100644
--- a/categories/二进制/index.html
+++ b/categories/二进制/index.html
@@ -477,7 +477,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/categories/加密解密/index.html b/categories/加密解密/index.html
index 25e392bb..40ac42b0 100644
--- a/categories/加密解密/index.html
+++ b/categories/加密解密/index.html
@@ -477,7 +477,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/categories/杂七杂八/index.html b/categories/杂七杂八/index.html
index 089a18aa..7de45547 100644
--- a/categories/杂七杂八/index.html
+++ b/categories/杂七杂八/index.html
@@ -477,7 +477,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/categories/理论学习/index.html b/categories/理论学习/index.html
index b2730da1..84619bcf 100644
--- a/categories/理论学习/index.html
+++ b/categories/理论学习/index.html
@@ -477,7 +477,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/categories/顶会论文/index.html b/categories/顶会论文/index.html
index eb07402a..d26ba015 100644
--- a/categories/顶会论文/index.html
+++ b/categories/顶会论文/index.html
@@ -503,7 +503,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/index.html b/index.html
index 95d2cb16..93c4135e 100644
--- a/index.html
+++ b/index.html
@@ -395,7 +395,7 @@
                 </span>
                 
                 <span title="字数统计">
-                  845 字
+                  1.1k 字
                 </span>
               
 
@@ -2354,7 +2354,7 @@ ettercap嗅探智能设备和网关之间的流量sudo ettercap -i ens33 -T -q
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/page/2/index.html b/page/2/index.html
index 249cf8c6..d46936f9 100644
--- a/page/2/index.html
+++ b/page/2/index.html
@@ -604,7 +604,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/search.xml b/search.xml
index d98e37a3..8cfe0d96 100644
--- a/search.xml
+++ b/search.xml
@@ -3,7 +3,7 @@
   <entry>
     <title><![CDATA[逆向工程实验]]></title>
     <url>%2F2019%2F03%2F28%2F%E9%80%86%E5%90%91%E5%B7%A5%E7%A8%8B%E5%AE%9E%E9%AA%8C%2F</url>
-    <content type="text"><![CDATA[软件保护方式 功能限制 时间限制 运行时长限制 使用日期限制 使用次数限制 警告窗口 分析工具 静态分析工具 IDA W32Dasm lordPE Resource Hacker 动态分析工具 OllyDbg WinDbg 对抗分析技术 反静态分析技术 花指令 自修改代码技术 多态技术 变形技术 虚拟机保护技术 反动态分析技术 检测调试状态 检测用户态调试器 检测内核态调试器 其他方法：父进程检测；StartupInfo 结构；时间差；通过Trap Flag检测 发现调试器后的处理 程序自身退出 向调试器窗口发送消息使调试器退出 使调试器窗口不可用 终止调试器进程 PE文件格式基础实验1：软件破解对象crack.exe，28.0 KB 无保护措施：无壳、未加密、无反调试措施 用户名至少要5个字节 输入错误验证码时输出：“Bad Boy!” 爆破查找显示注册结果相关代码当输入错误验证码时，程序会输出“Bad Boy”，因此我们将程序拖入IDA，以流程图显示函数内部的跳转。查找“Bad Boy”字符串，我们可以定位到显示注册结果的相关代码： 查找注册码验证相关代码用鼠标选中程序分支点，按空格切换回汇编指令界面 可以看到，这条指令位于PE文件的.text节，并且IDA已经自动将地址转换为运行时的内存地址VA:004010F9 修改程序跳转 现在关闭IDA，换用OllyDbg进行动态调试来看看程序时如何分支跳转的Ctrl+G直接跳到由IDA得到的VA:004010F9处查看那条引起程序分支的关键指令 选中这条指令，按F2设置断点，再按F9运行程序，这时候控制权会回到程序，OllyDbg暂时挂起。到程序提示输入名字和序列号，随意输入（名字大于五个字节），点击ok后，OllyDbg会重新中断程序，收回控制权，如图： 验证函数的返回值存于EAX寄存器中，if语句通过以下两条指令执行 12cmp eax,ecxjnz xxxxxxx 也就是说，当序列号输入错误时，EAX中的值为0，跳转将被执行。如果我们把jnz这条指令修改为jz，那么整个程序的逻辑就会反过来。双击jnz这条指令，将其改为jz，单击”汇编”将其写入内存可以看到此时程序执行了相反的路径 上面只是在内存中修改程序，我们还需要在二进制文件中也修改相应的字节，这里考察VA与文件地址之间的关系 用LordPE打开.exe文件，查看PE文件的节信息 根据VA与文件地址的换算公式：123文件偏移地址 = VA - Image Base - 节偏移 = 0x004010F9 - 0x00400000 - 0 = 0x10F9 也就是说，这条指令在PE文件中位于10F9字节处，使用010Editer打开crack.exe，将这一字节的75(JNZ)改为74(JZ)，保存后重新执行，破解成功！ 编写注册机1. 查找显示注册结果相关代码2. 查找注册码验证相关代码3. 根据注册码验证代码编写注册机]]></content>
+    <content type="text"><![CDATA[软件保护方式 功能限制 时间限制 运行时长限制 使用日期限制 使用次数限制 警告窗口 分析工具 静态分析工具 IDA W32Dasm lordPE Resource Hacker 动态分析工具 OllyDbg WinDbg 对抗分析技术 反静态分析技术 花指令 自修改代码技术 多态技术 变形技术 虚拟机保护技术 反动态分析技术 检测调试状态 检测用户态调试器 检测内核态调试器 其他方法：父进程检测；StartupInfo 结构；时间差；通过Trap Flag检测 发现调试器后的处理 程序自身退出 向调试器窗口发送消息使调试器退出 使调试器窗口不可用 终止调试器进程 PE文件格式基础加壳脱壳实验1：软件破解对象crack.exe，28.0 KB 无保护措施：无壳、未加密、无反调试措施 用户名至少要5个字节 输入错误验证码时输出：“Bad Boy!” 爆破查找显示注册结果相关代码当输入错误验证码时，程序会输出“Bad Boy”，因此我们将程序拖入IDA，以流程图显示函数内部的跳转。查找“Bad Boy”字符串，我们可以定位到显示注册结果的相关代码： 查找注册码验证相关代码用鼠标选中程序分支点，按空格切换回汇编指令界面 可以看到，这条指令位于PE文件的.text节，并且IDA已经自动将地址转换为运行时的内存地址VA:004010F9 修改程序跳转 现在关闭IDA，换用OllyDbg进行动态调试来看看程序时如何分支跳转的Ctrl+G直接跳到由IDA得到的VA:004010F9处查看那条引起程序分支的关键指令 选中这条指令，按F2设置断点，再按F9运行程序，这时候控制权会回到程序，OllyDbg暂时挂起。到程序提示输入名字和序列号，随意输入（名字大于五个字节），点击ok后，OllyDbg会重新中断程序，收回控制权，如图： 验证函数的返回值存于EAX寄存器中，if语句通过以下两条指令执行 12cmp eax,ecxjnz xxxxxxx 也就是说，当序列号输入错误时，EAX中的值为0，跳转将被执行。如果我们把jnz这条指令修改为jz，那么整个程序的逻辑就会反过来。双击jnz这条指令，将其改为jz，单击”汇编”将其写入内存可以看到此时程序执行了相反的路径 上面只是在内存中修改程序，我们还需要在二进制文件中也修改相应的字节，这里考察VA与文件地址之间的关系 用LordPE打开.exe文件，查看PE文件的节信息根据VA与文件地址的换算公式：123文件偏移地址 = VA - Image Base - 节偏移 = 0x004010F9 - 0x00400000 - 0 = 0x10F9 也就是说，这条指令在PE文件中位于10F9字节处，使用010Editer打开crack.exe，将这一字节的75(JNZ)改为74(JZ)，保存后重新执行，破解成功！ 编写注册机查找显示注册结果相关代码查找注册码验证相关代码根据注册码验证代码编写注册机实验二：软件反动态调试技术分析对象CrackMe1.exe 1641.0 KB无保护措施：无壳、未加密、无反调试措施使用OllyDbg对该程序进行调试时，程序会自动退出 要求 分析CrackMe1.exe是如何通过父进程检测实现反OllyDbg调试的 分析除父进程检测外，该程序用到的反动态调试技术 实验三：加花加密反调试技术分析对象CrackMe2.exe 9.00 KB保护措施：部分加花、部分加密、简单反调试根据(提示)[https://res.cloudinary.com/dozyfkbg3/raw/upload/v1553779403/%E8%BD%AF%E4%BB%B6%E7%A0%B4%E8%A7%A3/Crackme2%E6%8F%90%E7%A4%BA.docx]分析该程序 内容 加壳脱壳深入理解 尝试手动脱壳 分析CrackMe2.exe中花指令 分析CrackMe2.exe中的被加密的函数的功能 分析CrackMe2.exe中的反调试手段 分析CrackMe2.exe中混合的64位代码的功能]]></content>
       <categories>
         <category>-二进制</category>
       </categories>
diff --git a/sitemap.xml b/sitemap.xml
index bb556c59..647be0a4 100644
--- a/sitemap.xml
+++ b/sitemap.xml
@@ -4,7 +4,7 @@
   <url>
     <loc>https://cool-y.github.io/2019/03/28/%E9%80%86%E5%90%91%E5%B7%A5%E7%A8%8B%E5%AE%9E%E9%AA%8C/</loc>
     
-    <lastmod>2019-03-28T13:05:56.799Z</lastmod>
+    <lastmod>2019-03-28T13:28:37.246Z</lastmod>
     
   </url>
   
diff --git a/tags/CVE/index.html b/tags/CVE/index.html
index e8f8ef25..1747135c 100644
--- a/tags/CVE/index.html
+++ b/tags/CVE/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/QQ/index.html b/tags/QQ/index.html
index d7e60480..c1995553 100644
--- a/tags/QQ/index.html
+++ b/tags/QQ/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/SSH/index.html b/tags/SSH/index.html
index 14374b9d..ee694514 100644
--- a/tags/SSH/index.html
+++ b/tags/SSH/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/Samba/index.html b/tags/Samba/index.html
index d35f980c..2e12ae3f 100644
--- a/tags/Samba/index.html
+++ b/tags/Samba/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/TCPDUMP/index.html b/tags/TCPDUMP/index.html
index 14a3af7a..a1d52ea1 100644
--- a/tags/TCPDUMP/index.html
+++ b/tags/TCPDUMP/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/USENIX/index.html b/tags/USENIX/index.html
index a8394aca..d83d36bd 100644
--- a/tags/USENIX/index.html
+++ b/tags/USENIX/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/index.html b/tags/index.html
index 3140c5be..88661235 100644
--- a/tags/index.html
+++ b/tags/index.html
@@ -468,7 +468,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/itchat/index.html b/tags/itchat/index.html
index 876361f4..925f2231 100644
--- a/tags/itchat/index.html
+++ b/tags/itchat/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/miio/index.html b/tags/miio/index.html
index a6e9f062..95e19e4c 100644
--- a/tags/miio/index.html
+++ b/tags/miio/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/python/index.html b/tags/python/index.html
index b4f7661e..8c95b624 100644
--- a/tags/python/index.html
+++ b/tags/python/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/wifi/index.html b/tags/wifi/index.html
index ea33f5a2..f1b94abd 100644
--- a/tags/wifi/index.html
+++ b/tags/wifi/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/中间人/index.html b/tags/中间人/index.html
index a572e028..4d509a1b 100644
--- a/tags/中间人/index.html
+++ b/tags/中间人/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/侧信道攻击/index.html b/tags/侧信道攻击/index.html
index 24466dd4..1984e584 100644
--- a/tags/侧信道攻击/index.html
+++ b/tags/侧信道攻击/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/密码/index.html b/tags/密码/index.html
index 07a3ece0..0af0f086 100644
--- a/tags/密码/index.html
+++ b/tags/密码/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/小米/index.html b/tags/小米/index.html
index 911956f4..9d950a55 100644
--- a/tags/小米/index.html
+++ b/tags/小米/index.html
@@ -502,7 +502,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/微信/index.html b/tags/微信/index.html
index 57227079..ea7ee812 100644
--- a/tags/微信/index.html
+++ b/tags/微信/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/拒绝服务攻击/index.html b/tags/拒绝服务攻击/index.html
index 5d9ebee5..a0f461d5 100644
--- a/tags/拒绝服务攻击/index.html
+++ b/tags/拒绝服务攻击/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/数据库/index.html b/tags/数据库/index.html
index 2c499113..ed86e37c 100644
--- a/tags/数据库/index.html
+++ b/tags/数据库/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/数据挖掘/index.html b/tags/数据挖掘/index.html
index 61bd917a..d056d52d 100644
--- a/tags/数据挖掘/index.html
+++ b/tags/数据挖掘/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/文件格式/index.html b/tags/文件格式/index.html
index 5d6b34dd..30170074 100644
--- a/tags/文件格式/index.html
+++ b/tags/文件格式/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/模型实现/index.html b/tags/模型实现/index.html
index 5cffe968..13d65098 100644
--- a/tags/模型实现/index.html
+++ b/tags/模型实现/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/自然语言处理/index.html b/tags/自然语言处理/index.html
index ca54a8e6..ac520825 100644
--- a/tags/自然语言处理/index.html
+++ b/tags/自然语言处理/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/访问控制/index.html b/tags/访问控制/index.html
index 1e2a10e3..246cba64 100644
--- a/tags/访问控制/index.html
+++ b/tags/访问控制/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/远程执行/index.html b/tags/远程执行/index.html
index 7607b65f..36c07d1d 100644
--- a/tags/远程执行/index.html
+++ b/tags/远程执行/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/逆向/index.html b/tags/逆向/index.html
index 1ee50386..8a99448c 100644
--- a/tags/逆向/index.html
+++ b/tags/逆向/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>
 
diff --git a/tags/重放攻击/index.html b/tags/重放攻击/index.html
index fc1294ef..bb13cf41 100644
--- a/tags/重放攻击/index.html
+++ b/tags/重放攻击/index.html
@@ -476,7 +476,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">15.5k</span>
+    <span title="Site words total count">15.8k</span>
   
 </div>