Delphi¿Ø¼þEasyTableµÄÈ¥³ýNagScreen
[¿Ø¼þ½éÉÜ]
BDE×÷ΪÊý¾Ý¿âÒýÇæËƺõÌ«±¿ÖØÁËһЩ£¬ËùÒÔÏÖÔÚ³öÁ˺ܶàÌæ´úËüµÄ¹¤¾ß£¬EasyTableÊÇÆäÖеÄÒ»¸ö¡£
ËüÓÐ×Ô¼ºµÄÌص㣬±ÈÈçÊý¾Ý¿â¿ÉÒÔѹËõ£¬¿ÉÒÔÊý¾Ý¼ÓÃÜ£¬µ±È»£¬¹¦ÄÜ»¹ÊDz»¹»ÍêÉÆ£¬µ«ÊǶÔÓÚС³Ì
ÐòÀ´ËµÒѾ×ã¹»ÓÃÁË¡£
ÏÂÔصØÖ·£º
http://www.aidaim.com/cgi-bin/download.cgi?url=http://www.aidaim.com/download/tetfred5.zip
[ʹÓù¤¾ß]
Win32Dasm
DCUExplorer
DeDe
HEdit
[¹ý³Ì½éÉÜ]
Ê×ÏÈ°²×°ºÃÕâ¸ö¿Ø¼þ£¬È»ºó´ò¿ª×Ô´øµÄDemo½øÐбàÒë¡£ÔÚDelphiÔËÐÐʱºòÆô¶¯Demo£¬Ã»ÓÐNagscreen¡£
¹Ø±ÕDelphi£¬ÔËÐÐDemo£¬NagScreen³öÀ´ÁË¡£
Win32DasmÉϳ¡£¬·´±àÒëºó²éÕÒNagScreenÀïÃæÏÔʾµÄ×Ö´®£ºThis is....£¬Ã»ÓУ¡Easy Table
Free£¬
»¹ÊÇûÓУ¡ÕâÏÂÓÐЩÂé·³ÁË¡£Ê¹ÓÃDeDe·´±àÒ룬·¢ÏÖÓÐTAboutBoxÏºÃ°É£¬¾Í´ÓÕâÀïÈëÊÖ¡£
ÏÈÔڿؼþ°²×°Ä¿Â¼Ï²éÕÒ×Ö´®£º"Easy Table Free"ºÍ"This is blah blah blah"£¬ÔÚÁ½¸öDCUÎļþÖÐ
ÕÒµ½£ºAboutBox.dcu¡¢EasyTable.dcu¡£ÏÔÈ»£¬¶ÔÓÚ³ÌÐò¶øÑÔ£¬EasyTableÀïÃæ»áµ÷ÓÃAboutBox£¬ËùÒÔ×¢Òâ
Á¦¼¯ÖÐÔÚEasyTableÀïÃ档ʹÓÃDCUExplorer¶ÔEasyTable.dcu½øÐз´»ã±à£¬²éÕÒµÚÒ»¸öAboutScreen£¬Ëù¼û
ÈçÏ£º
{ 19F: u? |75 BA
| }
JNE @@015B; (0x15B) { OpCode : 03 }
{ 1A1: €}? |80 7D F7 00 | }
@@01A1 : CMP BYTE PTR [EBP-9],$00 { OpCode : 38 }
{ 1A5: u~ |75 7E
| }
JNE @@0225; (0x225) { OpCode : 03 }
{ 1A7: ?.... |8B 0D(00 00 00 00 | }
MOV ECX,DWORD PTR [AboutScreen {0x4}] {
OpCode : 87 }
{ 1AD: ?... |A1(00 00 00 00 | }
MOV EAX,DWORD PTR [Application {0x62}] {
OpCode : 87 }
ÓÐЩ¹ý·ÖÂÒÁË¡£ËäÈ»ÎÒ¿´²»Ì«Ã÷°×£¬²»¹ý¿ÉÒÔÊÔÊÔ¿´£¬¼ÙÉèAboutScreenÊÇÄǸöNagscreen£¬ÄÇô¿´¿´±àÒëºó
µÄDemoµÚÒ»´ÎÊÇÈçºÎµ÷ÓÃAboutScreenµÄÄØ£¿ºÃÁË£¬Ê¹ÓÃHex±à¼Æ÷²éÕÒDemoÖ÷³ÌÐòÀïµÄ
75 BA 80 7D F7 00 75 7E 8B 0D£¬Ö»ÄÜÕÒµ½Ò»´¦£¬¿´À´²»´í¡£
È»ºó¼ÇÏ´˴¦µÄoffset£¬µ½Win32Dasm·´±àÒë³öÀ´µÄÎļþÖÐÈ¥ÕÒ£¬»á¿´¼ûÈçÏ´úÂ룺
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0049D2C7(C)
|
:0049D2CF 46
inc esi
:0049D2D0 FF4DF0
dec [ebp-10]
:0049D2D3 75BA
jne 0049D28F <---------------
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0049D287(C), :0049D2CD(U)
|
:0049D2D5 807DF700
cmp byte ptr [ebp-09], 00 <-----------------
:0049D2D9 757E
jne 0049D359 <---------------
:0049D2DB 8B0DC0224B00 mov ecx, dword
ptr [004B22C0]
:0049D2E1 A1B0214B00 mov eax,
dword ptr [004B21B0]
:0049D2E6 8B00
mov eax, dword ptr [eax]
ÍùÉÏ¿´£¬´úÂëÈçÏ£º
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0049D2D3(C)
|
:0049D28F 8D4DEC
lea ecx, dword ptr [ebp-14]
:0049D292 8BD6
mov edx, esi
:0049D294 8B45F8
mov eax, dword ptr [ebp-08]
:0049D297 8B38
mov edi, dword ptr [eax]
:0049D299 FF570C
call [edi+0C]
:0049D29C 8B55EC
mov edx, dword ptr [ebp-14]
* Possible StringData Ref from Code Obj ->"Delphi"
|
:0049D29F B8ECD34900 mov eax,
0049D3EC
:0049D2A4 E8A36EF6FF call
0040414C
:0049D2A9 48
dec eax <----------------
@@
:0049D2AA 741D
je 0049D2C9 <---------------- @@
:0049D2AC 8D4DE8
lea ecx, dword ptr [ebp-18] <-- @@
:0049D2AF 8BD6
mov edx, esi
:0049D2B1 8B45F8
mov eax, dword ptr [ebp-08]
:0049D2B4 8B38
mov edi, dword ptr [eax]
:0049D2B6 FF570C
call [edi+0C]
:0049D2B9 8B55E8
mov edx, dword ptr [ebp-18]
* Possible StringData Ref from Code Obj ->"C++Builder"
|
:0049D2BC B8FCD34900 mov eax,
0049D3FC
:0049D2C1 E8866EF6FF call
0040414C
:0049D2C6 48
dec eax
:0049D2C7 7506
jne 0049D2CF
µ½ÁËÕâÀï¾ÍÓÐЩÃ÷°×ÁË£¬ËüËƺõÔÚÑ°ÕÒDelphi»òÕßC++BuilderÊÇ·ñÒѾÆô¶¯£¬Ã»ÓеĻ°¾ÍÌø
¶Ô»°¿ò¡£ÔÚDasmÀïÃæload Demo³ÌÐò£¬¶ÏµãÉèÔÚ0049D2AA´¦£¬·¢ÏÖ´Ë´¦²»Ìøת¡£
ÊÔ×ÅÔÚ0049D2AA´¦¸ÄΪjmp 0049D2C9£¬ÔÙÔËÐгÌÐò£¬Ã»ÓÐNagScreenÁË¡£
×îºóÒ»²½£¬½«EasyTable.dcuºÍtet_pack.bpl(°²×°¿Ø¼þµÄʱºò×Ô¼º½«Ð½¨°üÃüÃûΪtet_pack.dpk)
ÓÃHex±à¼Æ÷´ò¿ª£¬ÕÒ@@´¦µÄ»úÆ÷Â룬Ȼºó½«741D¸ÄΪEB1D¡£ÖØÐÂÔËÐÐDelphi£¬±àÒëDemo³ÌÐò£¬
¹Ø±ÕDelphi£¬ÔËÐÐDemo³ÌÐò£¬Ã»ÓÐÁËNagScreen¡£ÎªÁ˱£ÏÕÆð¼û£¬ÓÉÓÚÎÒµÄÓ²ÅÌÊÇÁ½¸öCÅÌ£¬ÔÚ
ÁíÍâÒ»¸ö¸É¾»µÄWin98ÖÐÊÔÓ㬽á¹û»¹ÊÇûÓÐNagScreen³öÏÖ£¬¿´À´¿ÉÒÔÊÕ¹¤ÁË¡£
- ±ê Ì⣺Delphi¿Ø¼þEasyTableµÄÈ¥³ýNagScreen (4ǧ×Ö)
- ×÷ Õߣºhenryw
- ʱ ¼ä£º2001-3-16 6:51:36
- Á´ ½Ó£ºhttp://bbs.pediy.com