锐捷网络RedGaint_Supplicant_802.1x 客户端应用软件2.45_0_0测试版破解手记

锐捷网络RedGaint_Supplicant_802.1x 客户端应用软件2.45_0_0测试版破解手记 ///////////////////////// -原文件信息- ////////////////////////////// // // For锐捷网络RedGaint_Supplicant_802.1x 客户端应用软件2.45_0_0测试版 // // 8021x.exe (V 2.45 beta) applanation Creat by GFWangY? // // CRC：6B2D31D0 // 大小：200 KB // 最后修改：2004年11月30日, 17:14:10 // 原始文件名：Supplicant.EXE // // “//”后为附加的注解。 // // 破解使用工具软件： // OllyDbg V1.0.10.0 // W32Dasm for Windows V1.0.0.0 // // 21:24 2005-5-10 更新 // ////////////////////////////////--Section 1 Start-- ///////////////////////////////////// //代理服务器等检测 // 00407E3D 90 NOP 00407E3E 90 NOP 00407E3F 90 NOP 00407E40 . 64:A1 00000000 MOV EAX,DWORD PTR FS:[0] 00407E46 . 6A FF PUSH -1 00407E48 . 68 F0D44100 PUSH 8021x.0041D4F0 00407E4D . 50 PUSH EAX 00407E4E . 64:8925 00000000 MOV DWORD PTR FS:[0],ESP 00407E55 . 83EC 08 SUB ESP,8 00407E58 . 8B4424 18 MOV EAX,DWORD PTR SS:[ESP+18] 00407E5C . 53 PUSH EBX 00407E5D . 56 PUSH ESI 00407E5E . 8BF1 MOV ESI,ECX 00407E60 . 57 PUSH EDI 00407E61 . 3B86 0C0D0000 CMP EAX,DWORD PTR DS:[ESI+D0C] 00407E67 . 74 19 JE SHORT 8021x.00407E82 00407E69 . B8 01000000 MOV EAX,1 00407E6E . 8B4C24 14 MOV ECX,DWORD PTR SS:[ESP+14] 00407E72 . 64:890D 00000000 MOV DWORD PTR FS:[0],ECX 00407E79 . 5F POP EDI 00407E7A . 5E POP ESI 00407E7B . 5B POP EBX 00407E7C . 83C4 14 ADD ESP,14 00407E7F . C2 0800 RETN 8 00407E82 > 8D4C24 24 LEA ECX,DWORD PTR SS:[ESP+24] 00407E86 . E8 35460100 CALL 00407E8B . 33FF XOR EDI,EDI 00407E8D . 8D4C24 0C LEA ECX,DWORD PTR SS:[ESP+C] 00407E91 . 897C24 1C MOV DWORD PTR SS:[ESP+1C],EDI 00407E95 . E8 26460100 CALL 00407E9A . 8B4424 28 MOV EAX,DWORD PTR SS:[ESP+28] 00407E9E . BB 01000000 MOV EBX,1 00407EA3 . 83F8 05 CMP EAX,5 00407EA6 . 885C24 1C MOV BYTE PTR SS:[ESP+1C],BL 00407EAA . 0F85 B8000000 JNZ 8021x.00407F68 00407EB0 . 53 PUSH EBX 00407EB1 . 50 PUSH EAX 00407EB2 . 8BCE MOV ECX,ESI 00407EB4 . E8 67030000 CALL 8021x.00408220 00407EB9 . 8B8E 80010000 MOV ECX,DWORD PTR DS:[ESI+180] 00407EBF . 3BCF CMP ECX,EDI 00407EC1 . 74 05 JE SHORT 8021x.00407EC8 00407EC3 . E8 38E3FFFF CALL 8021x.00406200 00407EC8 > 6A 05 PUSH 5 00407ECA . B9 78894200 MOV ECX,8021x.00428978 00407ECF . 89BE 80010000 MOV DWORD PTR DS:[ESI+180],EDI 00407ED5 . E8 74450100 CALL 00407EDA . 8BC8 MOV ECX,EAX 00407EDC . E8 E7460100 CALL 00407EE1 . B9 78894200 MOV ECX,8021x.00428978 00407EE6 . E8 63450100 CALL 00407EEB . 8B48 20 MOV ECX,DWORD PTR DS:[EAX+20] 00407EEE . 51 PUSH ECX ; /hWnd 00407EEF . FF15 E4054200 CALL NEAR DWORD PTR DS:[<&USER32.BringWindowToTop>] ; \BringWindowToTop 00407EF5 . 8D5424 28 LEA EDX,DWORD PTR SS:[ESP+28] 00407EF9 . 6A 06 PUSH 6 ; //目前系统工作环境与软件运行 环境相冲突，软件不能正常运行! 00407EFB . 52 PUSH EDX 00407EFC . E8 DFC2FFFF CALL 8021x.004041E0 00407F01 . 8BC8 MOV ECX,EAX 00407F03 . E8 68C3FFFF CALL 8021x.00404270 00407F08 . 50 PUSH EAX 00407F09 . 8D4C24 28 LEA ECX,DWORD PTR SS:[ESP+28] 00407F0D . C64424 20 02 MOV BYTE PTR SS:[ESP+20],2 00407F12 . E8 D9450100 CALL 00407F17 . 8D4C24 28 LEA ECX,DWORD PTR SS:[ESP+28] 00407F1B . 885C24 1C MOV BYTE PTR SS:[ESP+1C],BL 00407F1F . E8 90450100 CALL 00407F24 . 6A 05 PUSH 5 ; //您采用了拨号网络连接，和服 务器要求的不符合 00407F26 . 8D4424 10 LEA EAX,DWORD PTR SS:[ESP+10] 00407F2A . 68 58744200 PUSH 8021x.00427458 ; ASCII "(Code:%d)" 00407F2F . 50 PUSH EAX 00407F30 . E8 D9450100 CALL 00407F35 . 83C4 0C ADD ESP,0C 00407F38 . 8D4C24 0C LEA ECX,DWORD PTR SS:[ESP+C] 00407F3C . 8D5424 24 LEA EDX,DWORD PTR SS:[ESP+24] 00407F40 . 8D4424 28 LEA EAX,DWORD PTR SS:[ESP+28] 00407F44 . 51 PUSH ECX 00407F45 . 52 PUSH EDX 00407F46 . 50 PUSH EAX 00407F47 . E8 E0450100 CALL 00407F4C . 50 PUSH EAX 00407F4D . 8D4C24 28 LEA ECX,DWORD PTR SS:[ESP+28] 00407F51 . C64424 20 03 MOV BYTE PTR SS:[ESP+20],3 00407F56 . E8 95450100 CALL 00407F5B . 885C24 1C MOV BYTE PTR SS:[ESP+1C],BL 00407F5F . 8D4C24 28 LEA ECX,DWORD PTR SS:[ESP+28] 00407F63 . E9 74010000 JMP 8021x.004080DC 00407F68 > 83F8 04 CMP EAX,4 00407F6B . 53 PUSH EBX 00407F6C E9 B9000000 JMP 8021x.0040802A 0040802A 00407F71 006A 04 ADD BYTE PTR DS:[EDX+4],CH 00407F74 8BCE MOV ECX,ESI 00407F76 E8 A5020000 CALL 8021x.00408220 00407F7B . 8B8E 80010000 MOV ECX,DWORD PTR DS:[ESI+180] 00407F81 . 3BCF CMP ECX,EDI 00407F83 . 74 05 JE SHORT 8021x.00407F8A 00407F85 . E8 76E2FFFF CALL 8021x.00406200 00407F8A > 6A 05 PUSH 5 00407F8C . B9 78894200 MOV ECX,8021x.00428978 00407F91 . 89BE 80010000 MOV DWORD PTR DS:[ESI+180],EDI 00407F97 . E8 B2440100 CALL 00407F9C . 8BC8 MOV ECX,EAX 00407F9E . E8 25460100 CALL 00407FA3 . B9 78894200 MOV ECX,8021x.00428978 00407FA8 . E8 A1440100 CALL 00407FAD . 8B48 20 MOV ECX,DWORD PTR DS:[EAX+20] 00407FB0 . 51 PUSH ECX ; /hWnd 00407FB1 . FF15 E4054200 CALL NEAR DWORD PTR DS:[<&USER32.BringWindowToTop>] ; \BringWindowToTop 00407FB7 . 8D5424 28 LEA EDX,DWORD PTR SS:[ESP+28] 00407FBB . 6A 06 PUSH 6 ; //目前系统工作环境与软件运行 环境相冲突，软件不能正常运行! 00407FBD . 52 PUSH EDX 00407FBE . E8 1DC2FFFF CALL 8021x.004041E0 00407FC3 . 8BC8 MOV ECX,EAX 00407FC5 . E8 A6C2FFFF CALL 8021x.00404270 00407FCA . 50 PUSH EAX 00407FCB . 8D4C24 28 LEA ECX,DWORD PTR SS:[ESP+28] 00407FCF . C64424 20 04 MOV BYTE PTR SS:[ESP+20],4 00407FD4 . E8 17450100 CALL 00407FD9 . 8D4C24 28 LEA ECX,DWORD PTR SS:[ESP+28] 00407FDD . 885C24 1C MOV BYTE PTR SS:[ESP+1C],BL 00407FE1 . E8 CE440100 CALL 00407FE6 . 6A 04 PUSH 4 ; //您安装了代理服务器，和服务 器要求的不符合 00407FE8 . 8D4424 10 LEA EAX,DWORD PTR SS:[ESP+10] 00407FEC . 68 58744200 PUSH 8021x.00427458 ; ASCII "(Code:%d)" 00407FF1 . 50 PUSH EAX 00407FF2 . E8 17450100 CALL 00407FF7 . 83C4 0C ADD ESP,0C 00407FFA . 8D4C24 0C LEA ECX,DWORD PTR SS:[ESP+C] 00407FFE . 8D5424 24 LEA EDX,DWORD PTR SS:[ESP+24] 00408002 . 8D4424 28 LEA EAX,DWORD PTR SS:[ESP+28] 00408006 . 51 PUSH ECX 00408007 . 52 PUSH EDX 00408008 . 50 PUSH EAX 00408009 . E8 1E450100 CALL 0040800E . 50 PUSH EAX 0040800F . 8D4C24 28 LEA ECX,DWORD PTR SS:[ESP+28] 00408013 . C64424 20 05 MOV BYTE PTR SS:[ESP+20],5 00408018 . E8 D3440100 CALL 0040801D . 885C24 1C MOV BYTE PTR SS:[ESP+1C],BL 00408021 . 8D4C24 28 LEA ECX,DWORD PTR SS:[ESP+28] 00408025 . E9 B2000000 JMP 8021x.004080DC 0040802A > 6A 06 PUSH 6 ; //目前系统工作环境与软件运行 环境相冲突，软件不能正常运行！ 0040802C . 8BCE MOV ECX,ESI 0040802E . E8 ED010000 CALL 8021x.00408220 00408033 . 8B8E 80010000 MOV ECX,DWORD PTR DS:[ESI+180] 00408039 . 3BCF CMP ECX,EDI 0040803B . 74 05 JE SHORT 8021x.00408042 0040803D . E8 BEE1FFFF CALL 8021x.00406200 00408042 > 6A 05 PUSH 5 00408044 . B9 78894200 MOV ECX,8021x.00428978 00408049 . 89BE 80010000 MOV DWORD PTR DS:[ESI+180],EDI 0040804F . E8 FA430100 CALL 00408054 . 8BC8 MOV ECX,EAX 00408056 . E8 6D450100 CALL 0040805B . B9 78894200 MOV ECX,8021x.00428978 00408060 . E8 E9430100 CALL 00408065 . 8B48 20 MOV ECX,DWORD PTR DS:[EAX+20] 00408068 . 51 PUSH ECX ; /hWnd 00408069 . FF15 E4054200 CALL NEAR DWORD PTR DS:[<&USER32.BringWindowToTop>] ; \BringWindowToTop 0040806F . 8D5424 28 LEA EDX,DWORD PTR SS:[ESP+28] 00408073 . 53 PUSH EBX 00408074 . 52 PUSH EDX 00408075 . E8 66C1FFFF CALL 8021x.004041E0 0040807A . 8BC8 MOV ECX,EAX 0040807C . E8 EFC1FFFF CALL 8021x.00404270 00408081 . 50 PUSH EAX 00408082 . 8D4C24 28 LEA ECX,DWORD PTR SS:[ESP+28] 00408086 . C64424 20 06 MOV BYTE PTR SS:[ESP+20],6 0040808B . E8 60440100 CALL 00408090 . 8D4C24 28 LEA ECX,DWORD PTR SS:[ESP+28] 00408094 . 885C24 1C MOV BYTE PTR SS:[ESP+1C],BL 00408098 . E8 17440100 CALL 0040809D . 6A 05 PUSH 5 ; //您采用了拨号网络连接，和服 务器要求的不符合 0040809F . 8D4424 10 LEA EAX,DWORD PTR SS:[ESP+10] 004080A3 . 68 58744200 PUSH 8021x.00427458 ; ASCII "(Code:%d)" 004080A8 . 50 PUSH EAX 004080A9 . E8 60440100 CALL 004080AE . 83C4 0C ADD ESP,0C 004080B1 . 8D4C24 0C LEA ECX,DWORD PTR SS:[ESP+C] 004080B5 . 8D5424 24 LEA EDX,DWORD PTR SS:[ESP+24] 004080B9 . 8D4424 28 LEA EAX,DWORD PTR SS:[ESP+28] 004080BD . 51 PUSH ECX 004080BE . 52 PUSH EDX 004080BF . 50 PUSH EAX 004080C0 . E8 67440100 CALL 004080C5 . 50 PUSH EAX 004080C6 . 8D4C24 28 LEA ECX,DWORD PTR SS:[ESP+28] 004080CA . C64424 20 07 MOV BYTE PTR SS:[ESP+20],7 004080CF . E8 1C440100 CALL 004080D4 . 885C24 1C MOV BYTE PTR SS:[ESP+1C],BL 004080D8 . 8D4C24 28 LEA ECX,DWORD PTR SS:[ESP+28] 004080DC > E8 D3430100 CALL 004080E1 . 8B3D 60004200 MOV EDI,DWORD PTR DS:[<&KERNEL32.Sleep>] ; kernel32.Sleep 004080E7 . 68 E8030000 PUSH 3E8 ; /Timeout = 1000. ms 004080EC . FFD7 CALL NEAR EDI ; \Sleep 004080EE . 68 DC050000 PUSH 5DC ; /Timeout = 1500. ms 004080F3 . FFD7 CALL NEAR EDI ; \Sleep 004080F5 . 68 4C040000 PUSH 44C ; /Timeout = 1100. ms 004080FA . FFD7 CALL NEAR EDI ; \Sleep 004080FC . 68 DB040000 PUSH 4DB ; /Timeout = 1243. ms 00408101 . FFD7 CALL NEAR EDI ; \Sleep 00408103 . 51 PUSH ECX 00408104 . 8D5424 28 LEA EDX,DWORD PTR SS:[ESP+28] 00408108 . 8BCC MOV ECX,ESP 0040810A . 896424 14 MOV DWORD PTR SS:[ESP+14],ESP 0040810E . 52 PUSH EDX 0040810F . E8 8E430100 CALL 00408114 . 8BCE MOV ECX,ESI 00408116 . E8 15100000 CALL 8021x.00409130 0040811B . 8B86 0C0D0000 MOV EAX,DWORD PTR DS:[ESI+D0C] 00408121 . 8D4C24 0C LEA ECX,DWORD PTR SS:[ESP+C] 00408125 . 40 INC EAX 00408126 . C64424 1C 00 MOV BYTE PTR SS:[ESP+1C],0 0040812B . 8986 0C0D0000 MOV DWORD PTR DS:[ESI+D0C],EAX 00408131 . E8 7E430100 CALL 00408136 . 8D4C24 24 LEA ECX,DWORD PTR SS:[ESP+24] 0040813A . C74424 1C FFFFFFFF MOV DWORD PTR SS:[ESP+1C],-1 00408142 . E8 6D430100 CALL 00408147 . 8B4C24 14 MOV ECX,DWORD PTR SS:[ESP+14] 0040814B . 5F POP EDI 0040814C . 5E POP ESI 0040814D . 33C0 XOR EAX,EAX 0040814F . 64:890D 00000000 MOV DWORD PTR FS:[0],ECX 00408156 . 5B POP EBX 00408157 . 83C4 14 ADD ESP,14 0040815A . C2 0800 RETN 8 0040815D 90 NOP 0040815E 90 NOP 0040815F 90 NOP 00408160 . 8B4424 08 MOV EAX,DWORD PTR SS:[ESP+8] 00408164 . 8B5424 04 MOV EDX,DWORD PTR SS:[ESP+4] 00408168 . 50 PUSH EAX ; /lParam 00408169 . 8B81 14060000 MOV EAX,DWORD PTR DS:[ECX+614] ; | 0040816F . 52 PUSH EDX ; |wParam 00408170 . 68 7C040000 PUSH 47C ; |Message = MSG(47C) 00408175 . 8B48 30 MOV ECX,DWORD PTR DS:[EAX+30] ; | 00408178 . 51 PUSH ECX ; |ThreadId 00408179 . FF15 34064200 CALL NEAR DWORD PTR DS:[<&USER32.PostThreadMessageA>] ; \PostThreadMessageA 0040817F . C2 0800 RETN 8 00408182 90 NOP 00408183 90 NOP 00408184 90 NOP // ////////////////////////////////--Section 1 End-- ///////////////////////////////////// *********************************************************************** ////////////////////////////////--Section 2 Start-- ///////////////////////////////////// //多块网卡检测 00408E10 /$ 64:A1 00000000 MOV EAX,DWORD PTR FS:[0] 00408E16 |. 6A FF PUSH -1 00408E18 |. 68 B8D64100 PUSH 8021x.0041D6B8 00408E1D |. 50 PUSH EAX 00408E1E |. 64:8925 00000000 MOV DWORD PTR FS:[0],ESP 00408E25 |. 83EC 18 SUB ESP,18 00408E28 |. 53 PUSH EBX 00408E29 |. 56 PUSH ESI 00408E2A |. 8BF1 MOV ESI,ECX 00408E2C |. 33DB XOR EBX,EBX 00408E2E |. 399E F4020000 CMP DWORD PTR DS:[ESI+2F4],EBX 00408E34 |. 0F85 36010000 JNZ 8021x.00408F70 00408E3A |. 8D4C24 14 LEA ECX,DWORD PTR SS:[ESP+14] 00408E3E |. E8 7D360100 CALL 00408E43 |. 8D4C24 10 LEA ECX,DWORD PTR SS:[ESP+10] 00408E47 |. 895C24 28 MOV DWORD PTR SS:[ESP+28],EBX 00408E4B |. E8 70360100 CALL 00408E50 |. C64424 28 01 MOV BYTE PTR SS:[ESP+28],1 00408E55 |. E8 06CF0000 CALL 8021x.00415D60 ; ///核心判断，通过检测本机的IP地址数判断启用的网络接口数，子程序附后 00408E5A |. 85C0 TEST EAX,EAX 00408E5C |. 0F84 F0000000 JE 8021x.00408F52 00408E62 |. 6A 01 PUSH 1 00408E64 |. 6A 02 PUSH 2 00408E66 |. 8BCE MOV ECX,ESI 00408E68 |. C705 1C974200 75040000 MOV DWORD PTR DS:[42971C],475 00408E72 |. E8 A9F3FFFF CALL 8021x.00408220 00408E77 |. 8B8E 80010000 MOV ECX,DWORD PTR DS:[ESI+180] 00408E7D |. 3BCB CMP ECX,EBX 00408E7F |. 74 05 JE SHORT 8021x.00408E86 00408E81 |. E8 7AD3FFFF CALL 8021x.00406200 00408E86 |> 6A 05 PUSH 5 00408E88 |. B9 78894200 MOV ECX,8021x.00428978 00408E8D |. 899E 80010000 MOV DWORD PTR DS:[ESI+180],EBX 00408E93 |. E8 B6350100 CALL 00408E98 |. 8BC8 MOV ECX,EAX 00408E9A |. E8 29370100 CALL 00408E9F |. B9 78894200 MOV ECX,8021x.00428978 00408EA4 |. E8 A5350100 CALL 00408EA9 |. 8B40 20 MOV EAX,DWORD PTR DS:[EAX+20] 00408EAC |. 50 PUSH EAX ; /hWnd 00408EAD |. FF15 E4054200 CALL NEAR DWORD PTR DS:[<&USER32.BringWindowToTop>] ; \BringWindowToTop 00408EB3 |. 8D4C24 08 LEA ECX,DWORD PTR SS:[ESP+8] 00408EB7 |. 6A 06 PUSH 6 ; //目前系统工作环境与软件运行环境相冲突，软件不能正常运行！ 00408EB9 |. 51 PUSH ECX 00408EBA |. E8 21B3FFFF CALL 8021x.004041E0 00408EBF |. 8BC8 MOV ECX,EAX 00408EC1 |. E8 AAB3FFFF CALL 8021x.00404270 00408EC6 |. 8D4C24 0C LEA ECX,DWORD PTR SS:[ESP+C] 00408ECA |. C64424 28 02 MOV BYTE PTR SS:[ESP+28],2 00408ECF |. E8 EC350100 CALL 00408ED4 |. 6A 02 PUSH 2 ; ////您安装了多块网卡，和服务器要求的不符合 00408ED6 |. 8D5424 10 LEA EDX,DWORD PTR SS:[ESP+10] 00408EDA |. 68 58744200 PUSH 8021x.00427458 ; ASCII "(Code:%d)" 00408EDF |. 52 PUSH EDX 00408EE0 |. C64424 34 03 MOV BYTE PTR SS:[ESP+34],3 00408EE5 |. E8 24360100 CALL 00408EEA |. 83C4 0C ADD ESP,0C 00408EED |. 8D4424 0C LEA EAX,DWORD PTR SS:[ESP+C] 00408EF1 |. 8D4C24 08 LEA ECX,DWORD PTR SS:[ESP+8] 00408EF5 |. 8D5424 18 LEA EDX,DWORD PTR SS:[ESP+18] 00408EF9 |. 50 PUSH EAX 00408EFA |. 51 PUSH ECX 00408EFB |. 52 PUSH EDX 00408EFC |. E8 2B360100 CALL 00408F01 |. 50 PUSH EAX 00408F02 |. 8D4C24 0C LEA ECX,DWORD PTR SS:[ESP+C] 00408F06 |. C64424 2C 04 MOV BYTE PTR SS:[ESP+2C],4 00408F0B |. E8 E0350100 CALL 00408F10 |. 8D4C24 18 LEA ECX,DWORD PTR SS:[ESP+18] 00408F14 |. C64424 28 03 MOV BYTE PTR SS:[ESP+28],3 00408F19 |. E8 96350100 CALL 00408F1E |. 51 PUSH ECX 00408F1F |. 8D4424 0C LEA EAX,DWORD PTR SS:[ESP+C] 00408F23 |. 8BCC MOV ECX,ESP 00408F25 |. 896424 20 MOV DWORD PTR SS:[ESP+20],ESP 00408F29 |. 50 PUSH EAX 00408F2A |. E8 73350100 CALL 00408F2F |. 8BCE MOV ECX,ESI 00408F31 |. E8 FA010000 CALL 8021x.00409130 00408F36 |. 8D4C24 0C LEA ECX,DWORD PTR SS:[ESP+C] 00408F3A |. C64424 28 02 MOV BYTE PTR SS:[ESP+28],2 00408F3F |. E8 70350100 CALL 00408F44 |. 8D4C24 08 LEA ECX,DWORD PTR SS:[ESP+8] 00408F48 |. C64424 28 01 MOV BYTE PTR SS:[ESP+28],1 00408F4D |. E8 62350100 CALL 00408F52 |> 8D4C24 10 LEA ECX,DWORD PTR SS:[ESP+10] 00408F56 |. 885C24 28 MOV BYTE PTR SS:[ESP+28],BL 00408F5A |. E8 55350100 CALL 00408F5F |. 8D4C24 14 LEA ECX,DWORD PTR SS:[ESP+14] 00408F63 |. C74424 28 FFFFFFFF MOV DWORD PTR SS:[ESP+28],-1 00408F6B |. E8 44350100 CALL 00408F70 |> 8B4C24 20 MOV ECX,DWORD PTR SS:[ESP+20] 00408F74 |. 5E POP ESI 00408F75 |. 64:890D 00000000 MOV DWORD PTR FS:[0],ECX 00408F7C |. 5B POP EBX 00408F7D |. 83C4 24 ADD ESP,24 00408F80 \. C3 RETN ****************************************************** ////////////////////////////////--Section 3 Start-- ///////////////////////////////////// // 004172DD 90 NOP 004172DE 90 NOP 004172DF 90 NOP 004172E0 . 64:A1 0000000>MOV EAX,DWORD PTR FS:[0] 004172E6 . 6A FF PUSH -1 004172E8 . 68 A0E84100 PUSH 8021x.0041E8A0 004172ED . 50 PUSH EAX 004172EE . 64:8925 00000>MOV DWORD PTR FS:[0],ESP 004172F5 . 83EC 08 SUB ESP,8 004172F8 . 56 PUSH ESI 004172F9 . 8BF1 MOV ESI,ECX 004172FB . 6A 01 PUSH 1 004172FD . E8 C0520000 CALL 00417302 . 6A 00 PUSH 0 00417304 . 8BCE MOV ECX,ESI 00417306 . E8 E5540000 CALL 0041730B . 8B86 10010000 MOV EAX,DWORD PTR DS:[ESI+110] 00417311 . 8B40 F8 MOV EAX,DWORD PTR DS:[EAX-8] 00417314 . 85C0 TEST EAX,EAX 00417316 . 0F8E 24010000 JLE 8021x.00417440 0041731C . 83F8 3F CMP EAX,3F 0041731F . 0F8F 1B010000 JG 8021x.00417440 00417325 . 8B8E 14010000 MOV ECX,DWORD PTR DS:[ESI+114] 0041732B . 8B41 F8 MOV EAX,DWORD PTR DS:[ECX-8] 0041732E . 85C0 TEST EAX,EAX 00417330 . 0F8E D0000000 JLE 8021x.00417406 00417336 . 83F8 3F CMP EAX,3F 00417339 . 0F8F C7000000 JG 8021x.00417406 0041733F 83BE 28010000>CMP DWORD PTR DS:[ESI+128],5 ; //时间间隔是否小于5分钟? 00417346 . 73 3D JNB SHORT 8021x.00417385 00417348 . 8D5424 04 LEA EDX,DWORD PTR SS:[ESP+4] 0041734C . 6A 11 PUSH 11 ; //时间间隔不小于5分钟 0041734E . 52 PUSH EDX 0041734F . E8 8CCEFEFF CALL 8021x.004041E0 00417354 . 8BC8 MOV ECX,EAX 00417356 . E8 15CFFEFF CALL 8021x.00404270 0041735B . 8B00 MOV EAX,DWORD PTR DS:[EAX] 0041735D . 6A 40 PUSH 40 0041735F . 68 E8764200 PUSH 8021x.004276E8 ; ASCII "Information" 00417364 . 50 PUSH EAX 00417365 . 8BCE MOV ECX,ESI 00417367 . C74424 20 020>MOV DWORD PTR SS:[ESP+20],2 0041736F . E8 6E530000 CALL 00417374 . C74424 14 FFF>MOV DWORD PTR SS:[ESP+14],-1 0041737C . 8D4C24 04 LEA ECX,DWORD PTR SS:[ESP+4] 00417380 . E9 F3000000 JMP 8021x.00417478 00417385 > 83BE 30010000>CMP DWORD PTR DS:[ESI+130],3 ; //DHCP服务器的最大响应时间 大于3秒? 0041738C . 77 3D JA SHORT 8021x.004173CB 0041738E . 8D4424 08 LEA EAX,DWORD PTR SS:[ESP+8] 00417392 . 6A 12 PUSH 12 ; //DHCP服务器的最大响应时间 必须设置为大于3秒 00417394 . 50 PUSH EAX 00417395 . E8 46CEFEFF CALL 8021x.004041E0 0041739A . 8BC8 MOV ECX,EAX 0041739C . E8 CFCEFEFF CALL 8021x.00404270 004173A1 . 8B00 MOV EAX,DWORD PTR DS:[EAX] 004173A3 . 6A 40 PUSH 40 004173A5 . 68 E8764200 PUSH 8021x.004276E8 ; ASCII "Information" 004173AA . 50 PUSH EAX 004173AB . 8BCE MOV ECX,ESI 004173AD . C74424 20 030>MOV DWORD PTR SS:[ESP+20],3 004173B5 . E8 28530000 CALL 004173BA . C74424 14 FFF>MOV DWORD PTR SS:[ESP+14],-1 004173C2 . 8D4C24 08 LEA ECX,DWORD PTR SS:[ESP+8] 004173C6 . E9 AD000000 JMP 8021x.00417478 004173CB > 8B15 18974200 MOV EDX,DWORD PTR DS:[429718] 004173D1 . 8B8E 2C010000 MOV ECX,DWORD PTR DS:[ESI+12C] 004173D7 . 898A 64060000 MOV DWORD PTR DS:[EDX+664],ECX 004173DD . 8B0D 18974200 MOV ECX,DWORD PTR DS:[429718] 004173E3 . 8B86 30010000 MOV EAX,DWORD PTR DS:[ESI+130] 004173E9 . 8981 68060000 MOV DWORD PTR DS:[ECX+668],EAX 004173EF . 8BCE MOV ECX,ESI 004173F1 . E8 B6520000 CALL 004173F6 . 5E POP ESI 004173F7 . 8B4C24 08 MOV ECX,DWORD PTR SS:[ESP+8] 004173FB . 64:890D 00000>MOV DWORD PTR FS:[0],ECX 00417402 . 83C4 14 ADD ESP,14 00417405 . C3 RETN 00417406 > 8D5424 04 LEA EDX,DWORD PTR SS:[ESP+4] 0041740A . 6A 10 PUSH 10 ; //用户密码不能为空并且不能 超过63个字符 0041740C . 52 PUSH EDX 0041740D . E8 CECDFEFF CALL 8021x.004041E0 00417412 . 8BC8 MOV ECX,EAX 00417414 . E8 57CEFEFF CALL 8021x.00404270 00417419 . 8B00 MOV EAX,DWORD PTR DS:[EAX] 0041741B . 6A 40 PUSH 40 0041741D . 68 E8764200 PUSH 8021x.004276E8 ; ASCII "Information" 00417422 . 50 PUSH EAX 00417423 . 8BCE MOV ECX,ESI 00417425 . C74424 20 010>MOV DWORD PTR SS:[ESP+20],1 0041742D . E8 B0520000 CALL 00417432 . C74424 14 FFF>MOV DWORD PTR SS:[ESP+14],-1 0041743A . 8D4C24 04 LEA ECX,DWORD PTR SS:[ESP+4] 0041743E . EB 38 JMP SHORT 8021x.00417478 00417440 > 8D4424 04 LEA EAX,DWORD PTR SS:[ESP+4] 00417444 . 6A 0F PUSH 0F ; //用户名不能为空并且不能超 过65个字符 00417446 . 50 PUSH EAX 00417447 . E8 94CDFEFF CALL 8021x.004041E0 0041744C . 8BC8 MOV ECX,EAX 0041744E . E8 1DCEFEFF CALL 8021x.00404270 00417453 . 8B00 MOV EAX,DWORD PTR DS:[EAX] 00417455 . 6A 40 PUSH 40 00417457 . 68 E8764200 PUSH 8021x.004276E8 ; ASCII "Information" 0041745C . 50 PUSH EAX 0041745D . 8BCE MOV ECX,ESI 0041745F . C74424 20 000>MOV DWORD PTR SS:[ESP+20],0 00417467 . E8 76520000 CALL 0041746C . C74424 14 FFF>MOV DWORD PTR SS:[ESP+14],-1 00417474 . 8D4C24 04 LEA ECX,DWORD PTR SS:[ESP+4] 00417478 > E8 37500000 CALL 0041747D . 8BCE MOV ECX,ESI 0041747F . E8 1C000000 CALL 8021x.004174A0 00417484 . 8B4C24 0C MOV ECX,DWORD PTR SS:[ESP+C] 00417488 . 33C0 XOR EAX,EAX 0041748A . 5E POP ESI 0041748B . 64:890D 00000>MOV DWORD PTR FS:[0],ECX 00417492 . 83C4 14 ADD ESP,14 00417495 . C3 RETN 00417496 90 NOP 00417497 90 NOP 00417498 90 NOP // //////////////////////////////////--Section 3 Start-- ///////////////////////////////////// ***************************************************************** // //通过获取本机的IP地址来判断是否启用了一个或多个网络接口（网卡） //Local call from 00408E55 00415D60 /$ 81EC 04010000 SUB ESP,104 00415D66 |. B9 41000000 MOV ECX,41 00415D6B |. 33C0 XOR EAX,EAX 00415D6D |. 57 PUSH EDI 00415D6E |. 8D7C24 04 LEA EDI,DWORD PTR SS:[ESP+4] 00415D72 |. F3:AB REP STOS DWORD PTR ES:[EDI] 00415D74 |. 8D4424 04 LEA EAX,DWORD PTR SS:[ESP+4] 00415D78 |. 68 04010000 PUSH 104 ; /BufSize = 104 (260.) 00415D7D |. 50 PUSH EAX ; |Buffer 00415D7E |. E8 7B6D0000 CALL ; \gethostname 00415D83 |. 85C0 TEST EAX,EAX ; //成功获取计算机名返回0 00415D85 |. 5F POP EDI 00415D86 |. 74 09 JE SHORT 8021x.00415D91 00415D88 |. 33C0 XOR EAX,EAX 00415D8A |. 81C4 04010000 ADD ESP,104 00415D90 |. C3 RETN 00415D91 |> 8D4C24 00 LEA ECX,DWORD PTR SS:[ESP] 00415D95 |. 51 PUSH ECX ; /Name 00415D96 |. E8 5D6D0000 CALL ; \gethostbyname 00415D9B |. 85C0 TEST EAX,EAX ; //返回IP地址,返回NULL为无法获取IP 00415D9D |. 75 07 JNZ SHORT 8021x.00415DA6 00415D9F |. 81C4 04010000 ADD ESP,104 00415DA5 |. C3 RETN 00415DA6 |> 8B40 0C MOV EAX,DWORD PTR DS:[EAX+C] 00415DA9 |. 33C9 XOR ECX,ECX 00415DAB |. 8338 00 CMP DWORD PTR DS:[EAX],0 00415DAE |. 74 10 JE SHORT 8021x.00415DC0 00415DB0 |> 8B50 04 /MOV EDX,DWORD PTR DS:[EAX+4] 00415DB3 |. 83C0 04 |ADD EAX,4 00415DB6 |. 41 |INC ECX 00415DB7 |. 85D2 |TEST EDX,EDX 00415DB9 |.^ 75 F5 \JNZ SHORT 8021x.00415DB0 00415DBB |. 83F9 01 CMP ECX,1 00415DBE |. 7F 09 JG SHORT 8021x.00415DC9 ; //本机IP地址数量>=1? 00415DC0 |> 33C0 XOR EAX,EAX 00415DC2 |. 81C4 04010000 ADD ESP,104 00415DC8 |. C3 RETN 00415DC9 |> C705 1C974200 >MOV DWORD PTR DS:[42971C],475 00415DD3 |. B8 01000000 MOV EAX,1 00415DD8 |. 81C4 04010000 ADD ESP,104 00415DDE \. C3 RETN ---------------------- 看看一个类似的C++代码： //////////////////////////////////////////////////////////////// // getAdapter.cpp // // 通过IP地址检测已启用网卡的数量 // 命令行编译命令为: // // cl getAdapter.cpp wsock32.lib // // #include #include #include #include int main() { WORD wVersionRequested = MAKEWORD(1, 1); WSADATA wsaData; if (WSAStartup(wVersionRequested, &wsaData)) { printf("WSAStartup failed %s\n", WSAGetLastError()); // 初始化 Windows sockets API. return -1; } char hostname[260]; int res = gethostname(hostname, sizeof(hostname));// 获取本机主机名. if (res ==0) { //printf("hostname=%s\n", hostname); hostent* pHostent = gethostbyname(hostname);// 根据主机名获取主机信息. if (pHostent!=NULL) { hostent& he = *pHostent; sockaddr_in sa; for (int nAdapter=0; he.h_addr_list[nAdapter]; nAdapter++) { if (nAdapter>=1) { printf("Infomation: Active Adapter Number: %d\n",nAdapter+1); return 1; } } }else{ printf("Error: %u\n", WSAGetLastError()); return -1; } }else{ printf("Error: %u\n", WSAGetLastError()); return -1; } sockaddr_in sa; WSACleanup(); return 0; } ----------------------- ***************************************************************** ===============[MESSAGEINFO]================ [MESSAGEINFO] 1=初始化网卡信息失败! 2=无法读取系统配置信息! 3=客户端程序升级失败,网络连接被断开，请与管理员联系! 4=升级成功,客户端程序将重新启动! 5=802.1x客户端版本不匹配，网络连接被断开，请联系网络管理员获得最新的客户端软件。 6=目前系统工作环境与软件运行环境相冲突，软件不能正常运行! 7=不能打开文件 8=信息不完整,无法恢复网络参数 9=用户名不能为空 10=用户名不能超过65个字符 11=用户密码不能为空 12=找不到配置文件 13=您已经运行了一个客户端 14=无法获取客户端软件的版本信息! 15=用户名不能为空并且不能超过65个字符 16=用户密码不能为空并且不能超过63个字符 17=时间间隔不小于5分钟 18=DHCP服务器的最大响应时间必须设置为大于3秒 19=协议参数值不能小于默认值 20=必须选择连接的网卡 21=无法打开配置文件! 22=无法读取用户配置文件! 23=无法支持该类型的网卡，请检查您的网卡设置！ 24=锐捷802.1x认证客户端: 网卡没有连接上，请检查网卡连接! 25=锐捷802.1x认证客户端: 网卡连接正常，连接速度: 26=正在初始化... 27=连接持续时间: 28=认证成功 29=认证失败 30=认证已关闭 31=网卡没有连接上，请检查网卡连接! 32=寻找认证服务器... 33=连接认证服务器... 34=正在进行认证... 35=不使用 36=认证后获取 37=认证前获取 38=认证前后获取 39=当前系统配置: 40=中文 41=英语 42=网络参数 43=用户参数设置 44=协议参数设置 45=系统配置 46=PlugIn程序被破坏，软件不能正常运行! 47=网卡没有连接上，是否继续! 48=获取DHCP地址失败,请重新认证! ===============[MESSAGEINFO]================ ================================== 在认证软件运行过程中有可能会弹出消息框，有“目前系统工作环境与软件运行环境相冲突，软件不能正常运行！\n(Code: 1)”类似的信息出现，其返回Code值表示了冲突的原因。 Code=2，您安装了多块网卡，和服务器要求的不符合 Code=4，您安装了代理服务器，和服务器要求的不符合 Code=5，您采用了拨号网络连接，和服务器要求的不符合 Code=6，系统错误

• ·算法优化－－strcpy
• ·确定包含全角和半角字符的字符串长度（VB）
• ·李开复博士写给中国大学生的第一封信
• ·企业应用系统权限控制关键是类型抽象- -
• ·(备忘)类型萃取另一法。
• ·最易得乳腺癌的10种女性 生活_美丽顾问
• ·从windows启动列表里启动Linux的方法
• ·蓝色空间新闻系统最终完美版 II 修正版
• ·简单的使用.NET非对称加密算法的例子
• ·用CodeViz绘制函数调用关系图(call