分享
 
 
 

main()的研究方法

王朝other·作者佚名  2006-01-08
窄屏简体版  字體: |||超大  

现假设您能看懂汇编码.如果大家看不懂,我会抽空加上注释的(发表的文章是可以改的吗!).

在TC中写上下面的程序,

void main(void)

{

asm nop;

asm nop;

asm nop;

}

在C盘上保存文件名为a.c

然后用命令行编译连接:

C:\TCC -B a.c

注意用此命令时要求在C盘上有TASM.EXE.把MASM改名为TASM也可以.

然后用反汇编软件(推荐用W32DASM)反汇编a.exe

可得到下面的代码:

//********************** Start of Code in Segment: 1 **************

//******************** Program Entry Point ********

:0001.0000 BA5600 mov dx, 0056

:0001.0003 2E8916F801 mov cs:[01F8], dx

:0001.0008 B430 mov ah, 30

:0001.000A CD21 int 21

:0001.000C 8B2E0200 mov bp, [0002]

:0001.0010 8B1E2C00 mov bx, [002C]

:0001.0014 8EDA mov ds, dx

:0001.0016 A39200 mov word ptr [0092], ax

:0001.0019 8C069000 mov [0090], es

:0001.001D 891E8C00 mov [008C], bx

:0001.0021 892EAC00 mov [00AC], bp

:0001.0025 C7069600FFFF mov word ptr [0096], FFFF

:0001.002B E83401 call 0162

:0001.002E C43E8A00 les di, [008A]

:0001.0032 8BC7 mov ax, di

:0001.0034 8BD8 mov bx, ax

:0001.0036 B9FF7F mov cx, 7FFF

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.0061(C)

|

:0001.0039 26813D3837 cmp word ptr es:[di], 3738

:0001.003E 7519 jne 0059

:0001.0040 268B5502 mov dx, es:[di+02]

:0001.0044 80FA3D cmp dl, 3D

:0001.0047 7510 jne 0059

:0001.0049 80E6DF and dh, DF

:0001.004C FF069600 inc word ptr [0096]

:0001.0050 80FE59 cmp dh, 59

:0001.0053 7504 jne 0059

:0001.0055 FF069600 inc word ptr [0096]

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:

|:0001.003E(C), :0001.0047(C), :0001.0053(C)

|

:0001.0059 F2 repnz

:0001.005A AE scasb

:0001.005B E361 jcxz 00BE

:0001.005D 43 inc bx

:0001.005E 263805 cmp es:[di], al

:0001.0061 75D6 jne 0039

:0001.0063 80CD80 or ch, 80

:0001.0066 F7D9 neg cx

:0001.0068 890E8A00 mov [008A], cx

:0001.006C B90100 mov cx, 0001

:0001.006F D3E3 shl bx, cl

:0001.0071 83C308 add bx, 0008

:0001.0074 83E3F8 and bx, FFF8

:0001.0077 891E8E00 mov [008E], bx

:0001.007B 8CDA mov dx, ds

:0001.007D 2BEA sub bp, dx

:0001.007F 8B3E9C01 mov di, [019C]

:0001.0083 81FF0002 cmp di, 0200

:0001.0087 7307 jnb 0090

:0001.0089 BF0002 mov di, 0200

:0001.008C 893E9C01 mov [019C], di

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.0087(C)

|

:0001.0090 81C7EC01 add di, 01EC

:0001.0094 7228 jb 00BE

:0001.0096 033E9A01 add di, [019A]

:0001.009A 7222 jb 00BE

:0001.009C B104 mov cl, 04

:0001.009E D3EF shr di, cl

:0001.00A0 47 inc di

:0001.00A1 3BEF cmp bp, di

:0001.00A3 7219 jb 00BE

:0001.00A5 833E9C0100 cmp word ptr [019C], 0000

:0001.00AA 7407 je 00B3

:0001.00AC 833E9A0100 cmp word ptr [019A], 0000

:0001.00B1 750E jne 00C1

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.00AA(C)

|

:0001.00B3 BF0010 mov di, 1000

:0001.00B6 3BEF cmp bp, di

:0001.00B8 7707 ja 00C1

:0001.00BA 8BFD mov di, bp

:0001.00BC EB03 jmp 00C1

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:

|:0001.0094(C), :0001.009A(C), :0001.00A3(C)

|

:0001.00BE E92101 jmp 01E2

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:

|:0001.00B1(C), :0001.00B8(C), :0001.00BC(U)

|

:0001.00C1 8BDF mov bx, di

:0001.00C3 03DA add bx, dx

:0001.00C5 891EA400 mov [00A4], bx

:0001.00C9 891EA800 mov [00A8], bx

:0001.00CD A19000 mov ax, word ptr [0090]

:0001.00D0 2BD8 sub bx, ax

:0001.00D2 8EC0 mov es, ax

:0001.00D4 B44A mov ah, 4A

:0001.00D6 57 push di

:0001.00D7 CD21 int 21

:0001.00D9 5F pop di

:0001.00DA D3E7 shl di, cl

:0001.00DC FA cli

:0001.00DD 8ED2 mov ss, dx

:0001.00DF 8BE7 mov sp, di

:0001.00E1 FB sti

:0001.00E2 33C0 xor ax, ax

:0001.00E4 2E8E06F801 mov es, cs:[01F8]

:0001.00E9 BFA601 mov di, 01A6

:0001.00EC B9EC01 mov cx, 01EC

:0001.00EF 2BCF sub cx, di

:0001.00F1 F3 repz

:0001.00F2 AA stosb

:0001.00F3 0E push cs

:0001.00F4 FF16A001 call word ptr [01A0]

:0001.00F8 E83901 call 0234

:0001.00FB E82102 call 031F

:0001.00FE B400 mov ah, 00

:0001.0100 CD1A int 1A

:0001.0102 89169800 mov [0098], dx

:0001.0106 890E9A00 mov [009A], cx

:0001.010A FF16A401 call word ptr [01A4]

:0001.010E FF368800 push word ptr [0088]

:0001.0112 FF368600 push word ptr [0086]

:0001.0116 FF368400 push word ptr [0084]

:0001.011A E8DD00 call 01FA

:0001.011D 50 push ax

:0001.011E E8DE00 call 01FF

* Referenced by a CALL at Addresses:

|:0001.01F5, :0001.0228

|

:0001.0121 2E8E1EF801 mov ds, cs:[01F8]

:0001.0126 E87C00 call 01A5

:0001.0129 0E push cs

:0001.012A FF16A201 call word ptr [01A2]

:0001.012E 33C0 xor ax, ax

:0001.0130 8BF0 mov si, ax

:0001.0132 B92F00 mov cx, 002F

:0001.0135 90 nop

:0001.0136 FC cld

:0001.0137 0204 add al , [si]

:0001.0139 80D400 adc ah, 00

:0001.013C 46 inc si

:0001.013D E2F8 loop 0137

:0001.013F 2D370D sub ax, 0D37

:0001.0142 90 nop

:0001.0143 740A je 014F

:0001.0145 B91900 mov cx, 0019

:0001.0148 90 nop

:0001.0149 BA2F00 mov dx, 002F

:0001.014C E88B00 call 01DA

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.0143(C)

|

:0001.014F 8BEC mov bp, sp

:0001.0151 B44C mov ah, 4C

:0001.0153 8A4602 mov al , [bp+02]

:0001.0156 CD21 int 21

:0001.0158 B90E00 mov cx, 000E

:0001.015B 90 nop

:0001.015C BA4800 mov dx, 0048

:0001.015F E98700 jmp 01E9

* Referenced by a CALL at Address:

|:0001.002B

|

:0001.0162 1E push ds

:0001.0163 B80035 mov ax, 3500

:0001.0166 CD21 int 21

:0001.0168 891E7400 mov [0074], bx

:0001.016C 8C067600 mov [0076], es

:0001.0170 B80435 mov ax, 3504

:0001.0173 CD21 int 21

:0001.0175 891E7800 mov [0078], bx

:0001.0179 8C067A00 mov [007A], es

:0001.017D B80535 mov ax, 3505

:0001.0180 CD21 int 21

:0001.0182 891E7C00 mov [007C], bx

:0001.0186 8C067E00 mov [007E], es

:0001.018A B80635 mov ax, 3506

:0001.018D CD21 int 21

:0001.018F 891E8000 mov [0080], bx

:0001.0193 8C068200 mov [0082], es

:0001.0197 B80025 mov ax, 2500

:0001.019A 8CCA mov dx, cs

:0001.019C 8EDA mov ds, dx

:0001.019E BA5801 mov dx, 0158

:0001.01A1 CD21 int 21

:0001.01A3 1F pop ds

:0001.01A4 C3 ret

* Referenced by a CALL at Address:

|:0001.0126

|

:0001.01A5 1E push ds

:0001.01A6 B80025 mov ax, 2500

:0001.01A9 C5167400 lds dx, [0074]

:0001.01AD CD21 int 21

:0001.01AF 1F pop ds

:0001.01B0 1E push ds

:0001.01B1 B80425 mov ax, 2504

:0001.01B4 C5167800 lds dx, [0078]

:0001.01B8 CD21 int 21

:0001.01BA 1F pop ds

:0001.01BB 1E push ds

:0001.01BC B80525 mov ax, 2505

:0001.01BF C5167C00 lds dx, [007C]

:0001.01C3 CD21 int 21

:0001.01C5 1F pop ds

:0001.01C6 1E push ds

:0001.01C7 B80625 mov ax, 2506

:0001.01CA C5168000 lds dx, [0080]

:0001.01CE CD21 int 21

:0001.01D0 1F pop ds

:0001.01D1 C3 ret

:0001.01D2 C70696000000 mov word ptr [0096], 0000

:0001.01D8 CB retf

:0001.01D9 C3 ret

* Referenced by a CALL at Addresses:

|:0001.014C, :0001.01EE

|

:0001.01DA B440 mov ah, 40

:0001.01DC BB0200 mov bx, 0002

:0001.01DF CD21 int 21

:0001.01E1 C3 ret

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:

|:0001.00BE(U), :0001.02E5(U), :0001.0352(U)

|

:0001.01E2 B91E00 mov cx, 001E

:0001.01E5 90 nop

:0001.01E6 BA5600 mov dx, 0056

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.015F(U)

|

:0001.01E9 2E8E1EF801 mov ds, cs:[01F8]

:0001.01EE E8E9FF call 01DA

:0001.01F1 B80300 mov ax, 0003

:0001.01F4 50 push ax

:0001.01F5 E829FF call 0121

:0001.01F8 0000 add [bx+si], al

* Referenced by a CALL at Address:

|:0001.011A

|

:0001.01FA 90 nop

:0001.01FB 90 nop

:0001.01FC 90 nop

:0001.01FD C3 ret

:0001.01FE C3 ret

* Referenced by a CALL at Address:

|:0001.011E

|

:0001.01FF 55 push bp

:0001.0200 8BEC mov bp, sp

:0001.0202 EB0A jmp 020E

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.0217(C)

|

:0001.0204 8B1E9E01 mov bx, [019E]

:0001.0208 D1E3 shl bx, 01

:0001.020A FF97A601 call word ptr [bx+01A6]

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.0202(U)

|

:0001.020E A19E01 mov ax, word ptr [019E]

:0001.0211 FF0E9E01 dec word ptr [019E]

:0001.0215 0BC0 or ax, ax

:0001.0217 75EB jne 0204

:0001.0219 FF169401 call word ptr [0194]

:0001.021D FF169601 call word ptr [0196]

:0001.0221 FF169801 call word ptr [0198]

:0001.0225 FF7604 push word ptr [bp+04]

:0001.0228 E8F6FE call 0121

:0001.022B 59 pop cx

:0001.022C 5D pop bp

:0001.022D C3 ret

:0001.022E 000000000000 BYTE 6 DUP(0)

* Referenced by a CALL at Address:

|:0001.00F8

|

:0001.0234 2E8F062E02 pop word ptr cs:[022E]

:0001.0239 2E8C1E3002 mov cs:[0230], ds

:0001.023E FC cld

:0001.023F 8E069000 mov es, [0090]

:0001.0243 BE8000 mov si, 0080

:0001.0246 32E4 xor ah, ah

:0001.0248 26AC lodsb

:0001.024A 40 inc ax

:0001.024B 8CC5 mov bp, es

:0001.024D 87D6 xchg si, dx

:0001.024F 93 xchg ax,bx

:0001.0250 8B368A00 mov si, [008A]

:0001.0254 83C602 add si, 0002

:0001.0257 B90100 mov cx, 0001

:0001.025A 803E920003 cmp byte ptr [0092], 03

:0001.025F 7211 jb 0272

:0001.0261 8E068C00 mov es, [008C]

:0001.0265 8BFE mov di, si

:0001.0267 B17F mov cl, 7F

:0001.0269 32C0 xor al , al

:0001.026B F2 repnz

:0001.026C AE scasb

:0001.026D E376 jcxz 02E5

:0001.026F 80F17F xor cl, 7F

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.025F(C)

|

:0001.0272 83EC02 sub sp, 0002

:0001.0275 B80100 mov ax, 0001

:0001.0278 03C3 add ax, bx

:0001.027A 03C1 add ax, cx

:0001.027C 25FEFF and ax, FFFE

:0001.027F 8BFC mov di, sp

:0001.0281 2BF8 sub di, ax

:0001.0283 7260 jb 02E5

:0001.0285 8BE7 mov sp, di

:0001.0287 8CC0 mov ax, es

:0001.0289 8ED8 mov ds, ax

:0001.028B 8CD0 mov ax, ss

:0001.028D 8EC0 mov es, ax

:0001.028F 51 push cx

:0001.0290 49 dec cx

:0001.0291 F3 repz

:0001.0292 A4 movsb

:0001.0293 32C0 xor al , al

:0001.0295 AA stosb

:0001.0296 8EDD mov ds, bp

:0001.0298 87F2 xchg dx, si

:0001.029A 87D9 xchg cx, bx

:0001.029C 8BC3 mov ax, bx

:0001.029E 8BD0 mov dx, ax

:0001.02A0 43 inc bx

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:

|:0001.02B7(C), :0001.02BB(U)

|

:0001.02A1 E81900 call 02BD

:0001.02A4 7707 ja 02AD

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.02AB(C)

|

:0001.02A6 7240 jb 02E8

:0001.02A8 E81200 call 02BD

:0001.02AB 77F9 ja 02A6

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.02A4(C)

|

:0001.02AD 3C20 cmp al, 20

:0001.02AF 7408 je 02B9

:0001.02B1 3C0D cmp al, 0D

:0001.02B3 7404 je 02B9

:0001.02B5 3C09 cmp al, 09

:0001.02B7 75E8 jne 02A1

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:

|:0001.02AF(C), :0001.02B3(C)

|

:0001.02B9 32C0 xor al , al

:0001.02BB EBE4 jmp 02A1

* Referenced by a CALL at Addresses:

|:0001.02A1, :0001.02A8

|

:0001.02BD 0BC0 or ax, ax

:0001.02BF 7407 je 02C8

:0001.02C1 42 inc dx

:0001.02C2 AA stosb

:0001.02C3 0AC0 or al , al

:0001.02C5 7501 jne 02C8

:0001.02C7 43 inc bx

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:

|:0001.02BF(C), :0001.02C5(C)

|

:0001.02C8 86E0 xchg al , ah

:0001.02CA 32C0 xor al , al

:0001.02CC F9 stc

:0001.02CD E315 jcxz 02E4

:0001.02CF AC lodsb

:0001.02D0 49 dec cx

:0001.02D1 2C22 sub al, 22

:0001.02D3 740F je 02E4

:0001.02D5 0422 add al, 22

:0001.02D7 3C5C cmp al, 5C

:0001.02D9 7507 jne 02E2

:0001.02DB 803C22 cmp byte ptr [si], 22

:0001.02DE 7502 jne 02E2

:0001.02E0 AC lodsb

:0001.02E1 49 dec cx

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:

|:0001.02D9(C), :0001.02DE(C)

|

:0001.02E2 0BF6 or si, si

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.02D3(C)

|

:0001.02E4 C3 ret

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:

|:0001.0283(C), :0001.02FD(C)

|

:0001.02E5 E9FAFE jmp 01E2

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.02A6(C)

|

:0001.02E8 59 pop cx

:0001.02E9 03CA add cx, dx

:0001.02EB 2E8E1E3002 mov ds, cs:[0230]

:0001.02F0 891E8400 mov [0084], bx

:0001.02F4 43 inc bx

:0001.02F5 03DB add bx, bx

:0001.02F7 8BF4 mov si, sp

:0001.02F9 8BEC mov bp, sp

:0001.02FB 2BEB sub bp, bx

:0001.02FD 72E6 jb 02E5

:0001.02FF 8BE5 mov sp, bp

:0001.0301 892E8600 mov [0086], bp

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.0313(C)

|

:0001.0305 E30E jcxz 0315

:0001.0307 897600 mov [bp], si

:0001.030A 83C502 add bp, 0002

:0001.030D 36AC lodsb

:0001.030F 0AC0 or al , al

:0001.0311 E0FA loopnz 030D

:0001.0313 74F0 je 0305

:0001.0315 33C0 xor ax, ax

:0001.0317 894600 mov [bp], ax

:0001.031A 2EFF262E02 jmp word ptr cs:[022E]

* Referenced by a CALL at Address:

|:0001.00FB

|

:0001.031F 8B0E8A00 mov cx, [008A]

:0001.0323 51 push cx

:0001.0324 E84701 call 046E

:0001.0327 59 pop cx

:0001.0328 8BF8 mov di, ax

:0001.032A 0BC0 or ax, ax

:0001.032C 7424 je 0352

:0001.032E 1E push ds

:0001.032F 1E push ds

:0001.0330 07 pop es

:0001.0331 8E1E8C00 mov ds, [008C]

:0001.0335 33F6 xor si, si

:0001.0337 FC cld

:0001.0338 F3 repz

:0001.0339 A4 movsb

:0001.033A 1F pop ds

:0001.033B 8BF8 mov di, ax

:0001.033D 06 push es

:0001.033E FF368E00 push word ptr [008E]

:0001.0342 E82901 call 046E

:0001.0345 83C402 add sp, 0002

:0001.0348 8BD8 mov bx, ax

:0001.034A 07 pop es

:0001.034B A38800 mov word ptr [0088], ax

:0001.034E 0BC0 or ax, ax

:0001.0350 7503 jne 0355

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.032C(C)

|

:0001.0352 E98DFE jmp 01E2

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.0350(C)

|

:0001.0355 33C0 xor ax, ax

:0001.0357 B9FFFF mov cx, FFFF

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.0364(C)

|

:0001.035A 893F mov [bx], di

:0001.035C 83C302 add bx, 0002

:0001.035F F2 repnz

:0001.0360 AE scasb

:0001.0361 263805 cmp es:[di], al

:0001.0364 75F4 jne 035A

:0001.0366 8907 mov [bx], ax

:0001.0368 C3 ret

:0001.0369 55 push bp

:0001.036A 8BEC mov bp, sp

:0001.036C 833E9E0120 cmp word ptr [019E], 0020

:0001.0371 7505 jne 0378

:0001.0373 B80100 mov ax, 0001

:0001.0376 EB15 jmp 038D

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.0371(C)

|

:0001.0378 8B4604 mov ax, [bp+04]

:0001.037B 8B1E9E01 mov bx, [019E]

:0001.037F D1E3 shl bx, 01

:0001.0381 8987A601 mov [bx+01A6], ax

:0001.0385 FF069E01 inc word ptr [019E]

:0001.0389 33C0 xor ax, ax

:0001.038B EB00 jmp 038D

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:

|:0001.0376(U), :0001.038B(U)

|

:0001.038D 5D pop bp

:0001.038E C3 ret

* Referenced by a CALL at Address:

|:0001.04BB

|

:0001.038F 55 push bp

:0001.0390 8BEC mov bp, sp

:0001.0392 56 push si

:0001.0393 57 push di

:0001.0394 8B7E04 mov di, [bp+04]

:0001.0397 8B4506 mov ax, [di+06]

:0001.039A A3E801 mov word ptr [01E8], ax

:0001.039D 3BC7 cmp ax, di

:0001.039F 7508 jne 03A9

:0001.03A1 C706E8010000 mov word ptr [01E8], 0000

:0001.03A7 EB10 jmp 03B9

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.039F(C)

|

:0001.03A9 8B7504 mov si, [di+04]

:0001.03AC 8B1EE801 mov bx, [01E8]

:0001.03B0 897704 mov [bx+04], si

:0001.03B3 A1E801 mov ax, word ptr [01E8]

:0001.03B6 894406 mov [si+06], ax

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.03A7(U)

|

:0001.03B9 5F pop di

:0001.03BA 5E pop si

:0001.03BB 5D pop bp

:0001.03BC C3 ret

* Referenced by a CALL at Address:

|:0001.04AD

|

:0001.03BD 55 push bp

:0001.03BE 8BEC mov bp, sp

:0001.03C0 56 push si

:0001.03C1 57 push di

:0001.03C2 8B7E04 mov di, [bp+04]

:0001.03C5 8B4606 mov ax, [bp+06]

:0001.03C8 2905 sub [di], ax

:0001.03CA 8B35 mov si, [di]

:0001.03CC 03F7 add si, di

:0001.03CE 8B4606 mov ax, [bp+06]

:0001.03D1 40 inc ax

:0001.03D2 8904 mov [si], ax

:0001.03D4 897C02 mov [si+02], di

:0001.03D7 A1E601 mov ax, word ptr [01E6]

:0001.03DA 3BC7 cmp ax, di

:0001.03DC 7506 jne 03E4

:0001.03DE 8936E601 mov [01E6], si

:0001.03E2 EB08 jmp 03EC

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.03DC(C)

|

:0001.03E4 8BFE mov di, si

:0001.03E6 037E06 add di, [bp+06]

:0001.03E9 897502 mov [di+02], si

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.03E2(U)

|

:0001.03EC 8BC6 mov ax, si

:0001.03EE 050400 add ax, 0004

:0001.03F1 EB00 jmp 03F3

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.03F1(U)

|

:0001.03F3 5F pop di

:0001.03F4 5E pop si

:0001.03F5 5D pop bp

:0001.03F6 C3 ret

* Referenced by a CALL at Address:

|:0001.04D2

|

:0001.03F7 55 push bp

:0001.03F8 8BEC mov bp, sp

:0001.03FA 56 push si

:0001.03FB 8B4604 mov ax, [bp+04]

:0001.03FE 33D2 xor dx, dx

:0001.0400 25FFFF and ax, FFFF

:0001.0403 81E20000 and dx, 0000

:0001.0407 52 push dx

:0001.0408 50 push ax

:0001.0409 E8F400 call 0500

:0001.040C 59 pop cx

:0001.040D 59 pop cx

:0001.040E 8BF0 mov si, ax

:0001.0410 83FEFF cmp si, FFFF

:0001.0413 7504 jne 0419

:0001.0415 33C0 xor ax, ax

:0001.0417 EB18 jmp 0431

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.0413(C)

|

:0001.0419 A1E601 mov ax, word ptr [01E6]

:0001.041C 894402 mov [si+02], ax

:0001.041F 8B4604 mov ax, [bp+04]

:0001.0422 40 inc ax

:0001.0423 8904 mov [si], ax

:0001.0425 8936E601 mov [01E6], si

:0001.0429 A1E601 mov ax, word ptr [01E6]

:0001.042C 050400 add ax, 0004

:0001.042F EB00 jmp 0431

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:

|:0001.0417(U), :0001.042F(U)

|

:0001.0431 5E pop si

:0001.0432 5D pop bp

:0001.0433 C3 ret

* Referenced by a CALL at Address:

|:0001.0490

|

:0001.0434 55 push bp

:0001.0435 8BEC mov bp, sp

:0001.0437 56 push si

:0001.0438 8B4604 mov ax, [bp+04]

:0001.043B 33D2 xor dx, dx

:0001.043D 25FFFF and ax, FFFF

:0001.0440 81E20000 and dx, 0000

:0001.0444 52 push dx

:0001.0445 50 push ax

:0001.0446 E8B700 call 0500

:0001.0449 59 pop cx

:0001.044A 59 pop cx

:0001.044B 8BF0 mov si, ax

:0001.044D 83FEFF cmp si, FFFF

:0001.0450 7504 jne 0456

:0001.0452 33C0 xor ax, ax

:0001.0454 EB15 jmp 046B

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.0450(C)

|

:0001.0456 8936EA01 mov [01EA], si

:0001.045A 8936E601 mov [01E6], si

:0001.045E 8B4604 mov ax, [bp+04]

:0001.0461 40 inc ax

:0001.0462 8904 mov [si], ax

:0001.0464 8BC6 mov ax, si

:0001.0466 050400 add ax, 0004

:0001.0469 EB00 jmp 046B

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:

|:0001.0454(U), :0001.0469(U)

|

:0001.046B 5E pop si

:0001.046C 5D pop bp

:0001.046D C3 ret

* Referenced by a CALL at Addresses:

|:0001.0324, :0001.0342

|

:0001.046E 55 push bp

:0001.046F 8BEC mov bp, sp

:0001.0471 56 push si

:0001.0472 57 push di

:0001.0473 8B7E04 mov di, [bp+04]

:0001.0476 0BFF or di, di

:0001.0478 7504 jne 047E

:0001.047A 33C0 xor ax, ax

:0001.047C EB5A jmp 04D8

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.0478(C)

|

:0001.047E 8BC7 mov ax, di

:0001.0480 050B00 add ax, 000B

:0001.0483 25F8FF and ax, FFF8

:0001.0486 8BF8 mov di, ax

:0001.0488 833EEA0100 cmp word ptr [01EA], 0000

:0001.048D 7507 jne 0496

:0001.048F 57 push di

:0001.0490 E8A1FF call 0434

:0001.0493 59 pop cx

:0001.0494 EB42 jmp 04D8

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.048D(C)

|

:0001.0496 8B36E801 mov si, [01E8]

:0001.049A 8BC6 mov ax, si

:0001.049C 0BC0 or ax, ax

:0001.049E 7431 je 04D1

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.04CF(C)

|

:0001.04A0 8B04 mov ax, [si]

:0001.04A2 8BD7 mov dx, di

:0001.04A4 83C228 add dx, 0028

:0001.04A7 3BC2 cmp ax, dx

:0001.04A9 7209 jb 04B4

:0001.04AB 57 push di

:0001.04AC 56 push si

:0001.04AD E80DFF call 03BD

:0001.04B0 59 pop cx

:0001.04B1 59 pop cx

:0001.04B2 EB24 jmp 04D8

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.04A9(C)

|

:0001.04B4 8B04 mov ax, [si]

:0001.04B6 3BC7 cmp ax, di

:0001.04B8 720E jb 04C8

:0001.04BA 56 push si

:0001.04BB E8D1FE call 038F

:0001.04BE 59 pop cx

:0001.04BF FF04 inc word ptr [si]

:0001.04C1 8BC6 mov ax, si

:0001.04C3 050400 add ax, 0004

:0001.04C6 EB10 jmp 04D8

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.04B8(C)

|

:0001.04C8 8B7406 mov si, [si+06]

:0001.04CB 3B36E801 cmp si, [01E8]

:0001.04CF 75CF jne 04A0

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.049E(C)

|

:0001.04D1 57 push di

:0001.04D2 E822FF call 03F7

:0001.04D5 59 pop cx

:0001.04D6 EB00 jmp 04D8

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:

|:0001.047C(U), :0001.0494(U), :0001.04B2(U), :0001.04C6(U), :0001.04D6(U),

|

:0001.04D8 5F pop di

:0001.04D9 5E pop si

:0001.04DA 5D pop bp

:0001.04DB C3 ret

* Referenced by a CALL at Address:

|:0001.053A

|

:0001.04DC 55 push bp

:0001.04DD 8BEC mov bp, sp

:0001.04DF 8B4604 mov ax, [bp+04]

:0001.04E2 8BD4 mov dx, sp

:0001.04E4 81EA0001 sub dx, 0100

:0001.04E8 3BC2 cmp ax, dx

:0001.04EA 7307 jnb 04F3

:0001.04EC A39E00 mov word ptr [009E], ax

:0001.04EF 33C0 xor ax, ax

:0001.04F1 EB0B jmp 04FE

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.04EA(C)

|

:0001.04F3 C70694000800 mov word ptr [0094], 0008

:0001.04F9 B8FFFF mov ax, FFFF

:0001.04FC EB00 jmp 04FE

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:

|:0001.04F1(U), :0001.04FC(U)

|

:0001.04FE 5D pop bp

:0001.04FF C3 ret

* Referenced by a CALL at Addresses:

|:0001.0409, :0001.0446, :0001.054B

|

:0001.0500 55 push bp

:0001.0501 8BEC mov bp, sp

:0001.0503 8B4604 mov ax, [bp+04]

:0001.0506 8B5606 mov dx, [bp+06]

:0001.0509 03069E00 add ax, [009E]

:0001.050D 83D200 adc dx, 0000

:0001.0510 8BC8 mov cx, ax

:0001.0512 81C10001 add cx, 0100

:0001.0516 83D200 adc dx, 0000

:0001.0519 0BD2 or dx, dx

:0001.051B 750A jne 0527

:0001.051D 3BCC cmp cx, sp

:0001.051F 7306 jnb 0527

:0001.0521 87069E00 xchg [009E], ax

:0001.0525 EB0B jmp 0532

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:

|:0001.051B(C), :0001.051F(C)

|

:0001.0527 C70694000800 mov word ptr [0094], 0008

:0001.052D B8FFFF mov ax, FFFF

:0001.0530 EB00 jmp 0532

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:

|:0001.0525(U), :0001.0530(U)

|

:0001.0532 5D pop bp

:0001.0533 C3 ret

:0001.0534 55 push bp

:0001.0535 8BEC mov bp, sp

:0001.0537 FF7604 push word ptr [bp+04]

:0001.053A E89FFF call 04DC

:0001.053D 59 pop cx

:0001.053E EB00 jmp 0540

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.053E(U)

|

:0001.0540 5D pop bp

:0001.0541 C3 ret

:0001.0542 55 push bp

:0001.0543 8BEC mov bp, sp

:0001.0545 8B4604 mov ax, [bp+04]

:0001.0548 99 cwd

:0001.0549 52 push dx

:0001.054A 50 push ax

:0001.054B E8B2FF call 0500

:0001.054E 8BE5 mov sp, bp

:0001.0550 EB00 jmp 0552

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.0550(U)

|

:0001.0552 5D pop bp

:0001.0553 C3 ret

:0001.0554 00000000000000000000 BYTE 10 DUP(0)

:0001.055E 000000000000 BYTE 6 DUP(0)

:0001.0564 54 push sp

:0001.0565 7572 jne 05D9

:0001.0567 626F2D bound bp, [bx+2D]

:0001.056A 43 inc bx

:0001.056B 202D and [di], ch

:0001.056D 20436F and [bp+di+6F], al

:0001.0570 7079 jo 05EB

:0001.0572 7269 jb 05DD

:0001.0574 67687420 push 2074

:0001.0578 286329 sub [bp+di+29], ah

:0001.057B 2031 and [bx+di], dh

:0001.057D 3938 cmp [bx+si], di

:0001.057F 3820 cmp [bx+si], ah

:0001.0581 42 inc dx

:0001.0582 6F outsw

:0001.0583 726C jb 05F1

:0001.0585 61 popa

:0001.0586 6E outsb

:0001.0587 6420496E and fs:[bx+di+6E], cl

:0001.058B 746C je 05F9

:0001.058D 2E004E75 add cs:[bp+75], cl

:0001.0591 6C insb

:0001.0592 6C insb

:0001.0593 20706F and [bx+si+6F], dh

:0001.0596 696E746572 imul bp, [bp+74], 7265

:0001.059B 206173 and [bx+di+73], ah

:0001.059E 7369 jnb 0609

:0001.05A0 676E outsb

:0001.05A2 6D insw

:0001.05A3 65 BYTE 065h

:0001.05A4 6E outsb

:0001.05A5 740D je 05B4

:0001.05A7 0A4469 or al , [si+69]

:0001.05AA 7669 jbe 0615

:0001.05AC 64 BYTE 064h

:0001.05AD 65206572 and gs:[di+72], ah

:0001.05B1 726F jb 0622

:0001.05B3 720D jb 05C2

:0001.05B5 0A4162 or al , [bx+di+62]

:0001.05B8 6E outsb

:0001.05B9 6F outsw

:0001.05BA 726D jb 0629

:0001.05BC 61 popa

:0001.05BD 6C insb

:0001.05BE 207072 and [bx+si+72], dh

:0001.05C1 6F outsw

* Referenced by a (U)nconditional or (C)onditional Jump at Address:

|:0001.05B3(C)

|

:0001.05C2 677261 jb 0626

:0001.05C5 6D insw

:0001.05C6 207465 and [si+65], dh

:0001.05C9 726D jb 0638

:0001.05CB 696E617469 imul bp, [bp+61], 6974

:0001.05D0 6F outsw

:0001.05D1 6E outsb

:0001.05D2 0D0A00 or ax, 000A

:0001.05D5 00000000000000000000 BYTE 10 DUP(0)

:0001.05DF 00000000000000000000 BYTE 10 DUP(0)

:0001.05E9 00000000000000000000 BYTE 10 DUP(0)

:0001.05F3 000000000000000000 BYTE 9 DUP(0)

:0001.05FC EC in al, dx

:0001.05FD 01EC add sp, bp

:0001.05FF 01EC add sp, bp

:0001.0601 0100 add [bx+si], ax

:0001.0603 00000000000000000000 BYTE 10 DUP(0)

:0001.060D 00000000000000000000 BYTE 10 DUP(0)

:0001.0617 00000000000000000000 BYTE 10 DUP(0)

:0001.0621 00000000000000000000 BYTE 10 DUP(0)

:0001.062B 00000000000000000000 BYTE 10 DUP(0)

:0001.0635 00000000000000000000 BYTE 10 DUP(0)

:0001.063F 00000000000000000000 BYTE 10 DUP(0)

:0001.0649 00000000000000000000 BYTE 10 DUP(0)

:0001.0653 00000000000000000000 BYTE 10 DUP(0)

:0001.065D 00000000000000000000 BYTE 10 DUP(0)

:0001.0667 00000000000000000000 BYTE 10 DUP(0)

:0001.0671 00000000000000000000 BYTE 10 DUP(0)

:0001.067B 00000000000000000000 BYTE 10 DUP(0)

:0001.0685 00000000000000000000 BYTE 10 DUP(0)

:0001.068F 00000000000000000000 BYTE 10 DUP(0)

:0001.0699 00000000000000000000 BYTE 10 DUP(0)

:0001.06A3 00000000000000000000 BYTE 10 DUP(0)

:0001.06AD 00000000000000000000 BYTE 10 DUP(0)

:0001.06B7 00000000000000000000 BYTE 10 DUP(0)

:0001.06C1 00000000000000000000 BYTE 10 DUP(0)

:0001.06CB 00000000000000000000 BYTE 10 DUP(0)

:0001.06D5 00000000000000000000 BYTE 10 DUP(0)

:0001.06DF 00000000000000000000 BYTE 10 DUP(0)

:0001.06E9 00000000000000000000 BYTE 10 DUP(0)

:0001.06F3 00 BYTE 0

:0001.06F4 FE01 inc byte ptr [bx+di]

:0001.06F6 FE01 inc byte ptr [bx+di]

:0001.06F8 FE01 inc byte ptr [bx+di]

:0001.06FA 000000 BYTE 3 DUP(0)

:0001.06FD 1000 adc [bx+si], al

:0001.06FF 00D2 add dl, dl

:0001.0701 01D2 add dx, dx

:0001.0703 01D9 add cx, bx

:0001.0705 0100 add cx, bx

找到连续的三条nop指令,除了这三条nop指令外,其它的就是您的研究对象了.还有很多,如带参数的main(),也可以一一编译连接,然后再反汇编,本文只是给出方法,且以后我如果有时间加上注释后也仅是针对此C源程序.

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
2023年上半年GDP全球前十五强
 百态   2023-10-24
美众议院议长启动对拜登的弹劾调查
 百态   2023-09-13
上海、济南、武汉等多地出现不明坠落物
 探索   2023-09-06
印度或要将国名改为“巴拉特”
 百态   2023-09-06
男子为女友送行,买票不登机被捕
 百态   2023-08-20
手机地震预警功能怎么开?
 干货   2023-08-06
女子4年卖2套房花700多万做美容:不但没变美脸,面部还出现变形
 百态   2023-08-04
住户一楼被水淹 还冲来8头猪
 百态   2023-07-31
女子体内爬出大量瓜子状活虫
 百态   2023-07-25
地球连续35年收到神秘规律性信号,网友:不要回答!
 探索   2023-07-21
全球镓价格本周大涨27%
 探索   2023-07-09
钱都流向了那些不缺钱的人,苦都留给了能吃苦的人
 探索   2023-07-02
倩女手游刀客魅者强控制(强混乱强眩晕强睡眠)和对应控制抗性的关系
 百态   2020-08-20
美国5月9日最新疫情:美国确诊人数突破131万
 百态   2020-05-09
荷兰政府宣布将集体辞职
 干货   2020-04-30
倩女幽魂手游师徒任务情义春秋猜成语答案逍遥观:鹏程万里
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案神机营:射石饮羽
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案昆仑山:拔刀相助
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案天工阁:鬼斧神工
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案丝路古道:单枪匹马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:与虎谋皮
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:李代桃僵
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:指鹿为马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:小鸟依人
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:千金买邻
 干货   2019-11-12
 
推荐阅读
 
 
 
>>返回首頁<<
 
靜靜地坐在廢墟上,四周的荒凉一望無際,忽然覺得,淒涼也很美
© 2005- 王朝網路 版權所有