?? unit2.~pas
字號:
unit Unit2;
interface
uses
Windows,SysUtils,Messages;
{包結構}
type
//第一次接的包結構
TFirstPackage=packed record
Packed_Len:Word;
Packed_Class:Word;
Packed_Data:DWORD;
end;
//第二次接的包結構
TSecondPackage=packed record
Packed_Len:Word;
Packed_Class:Word;
Packed_Data1:DWORD;
Packed_Data2:DWORD;
Packed_Data3:DWORD;
Packed_Data4:DWORD;
Packed_Info:array[0..31] of Char;
end;
//第二次發包
TSendSecondPackage=packed record
packed_Len:word;
packed_class:Word;
packed_Data1:DWORD;
packed_Data2:DWORD;
packed_Data3:DWORD;
packed_Data4:array [0..11] of Char;
end;
//KEY參數
TKEYVa=packed record
KEY:array [0..15] of Char;
end;
//登錄包結構
TLoginPackage=packed record
Packed_Len:Word;
Packed_Class:Word;
Packed_Data:DWORD;
Packed_Name:array[0..31] of Char;
Packed_Pass:array[0..31] of Char;
Packed_ServerName:array[0..31] of Char;
Packed_ServerNumber:array[0..31] of Char;
end;
{包結構}
{函數和過程}
procedure CreateCipherTable; //生成密鑰
procedure MakeTable; //制作密鑰表
procedure Decrypt(var buf;nLen:integer);
procedure Encrypt(var buf;nLen:integer);
procedure EnOrDecryptData; //加解密過程
procedure CreateKEYVa;
procedure CreateKEY;
procedure MakeKEY;
procedure CreateMiMaPacked;
procedure MakePass;
procedure CreateLoginPacked;
function conertde(s:string):string;
function StrToAsc(pp:PChar;nLen:integer):string;
function hextoint(s: string): Integer;
{函數和過程}
type
TRand=function:Integer;stdcall;
TSRand=procedure(seed:dword);cdecl;
{定義全局參數}
var
PackageID:integer;
RecvCipherTable:array[0..1055] of char;
MidCipherTable:array[0..1055] of char;
SendCipherTable:array[0..1055] of char;
SendmCipherTable:array[0..1055] of char;
FirstPackage:TFirstPackage;
SecondPackage:TSecondPackage;
SendSecondPackage:TSendSecondPackage;
LoginPackage:TLoginPackage;
KEY:array[0..128] of Char;
RandKey:array[0..15] of Char;
DllHandle:THandle;
Rand:TRand;
SRand:TSRand;
{定義全局參數}
implementation
function hextoint(s: string): Integer;
begin //$代表16進制
Result:=StrToInt('$'+s);
end;
procedure CreateKEYVa;
var
i:Integer;
s:string;
begin
s:='kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk';
SRand(FirstPackage.Packed_Data);
asm
pushad
xor esi,esi
end;
for i:=1 to 16 do
begin
Rand();
asm
lea edx,RandKey
and eax, $800000FF // 取低位
jns @ONE // 大于0跳走
dec eax
or eax, $FFFFFF00
inc eax
@ONE:
mov [edx+esi], al
inc esi
end;
end;
asm
popad
end;
end;
function conertde(s:string):string;
var
i:integer;
begin
for i:=1 to length(s) do
result:=result+inttohex(ord(s[i]),2);
end;
function StrToAsc(pp:PChar;nLen:integer):string;
var
i:Integer;
p:PChar;
begin
p:=@pp;
for i:=0 to nLen do
result:=result+inttohex(ord(p[i]),2);
end;
procedure CreateLoginPacked;
asm
push ebp
mov ebp, esp
push ebx
push esi
mov esi, [ebp+$C] //; 帳號
push edi
test esi, esi //; 判斷是否為空
mov ebx, ecx
je @ONE
mov edi, esi
or ecx, $FFFFFFFF
xor eax, eax
repne scas byte ptr es:[edi]
not ecx
dec ecx
cmp ecx, $20
jnb @ONE
mov eax, [ebp+$10] //; 取密碼
test eax, eax //; 是否為空
je @ONE
mov edi, [ebp+$14] //; 取服務器名稱
test edi, edi //; 是否為空
je @ONE
or ecx, $FFFFFFFF
xor eax, eax
repne scas byte ptr es:[edi]
not ecx
dec ecx
cmp ecx, $20
jnb @ONE //; 判斷服務器名稱大小
mov ecx, ebx
call @GoBegin
mov eax, [ebx+$404]
mov edx, esi //; 取帳號
add eax, $8 // ; 從第8位放帳號
@THREE:
mov cl, [edx]
inc edx
mov [eax], cl
inc eax
test cl, cl
jnz @THREE //; 放帳號完畢
mov edi, [ebx+$404]
mov esi, [ebp+$10] //; 取密碼地址
mov edx, [ebp+$14] //; 取服務器名稱
add edi, 28 //; 從第28位開始放密碼
mov ecx, 8 //; 一共放4*8=32個字節
rep movs dword ptr es:[edi], dword ptr[esi] //; 這里要看,登錄數據有關的
mov eax, [ebx+$404] //; 從第48位放服務器名稱
add eax, $48 //; 這里放服務器名稱
@TWO:
mov cl, [edx]
inc edx
mov [eax], cl
inc eax
test cl, cl
jnz @TWO // ; 放完
mov eax, [ebx+$404]
mov ecx, [ebp+$8] // ; 取參數5
mov edx, [ebp+$18] // ; 取參數版本號
mov [eax+$4], ecx // ; 第二個雙字,放一個參數05
mov eax, [ebx+$404]
add eax, $68 // ; 第68位放版本號
@FOUR:
inc edx
mov [eax], cl
inc eax
test cl, cl
jnz @FOUR /// ; 放完
mov edx, [ebx+$404]
pop edi
pop esi
mov word ptr [edx+$2], $442 // ; 第二個字放442
mov eax, [ebx+$404]
pop ebx
mov word ptr [eax], $88 // ; 第一個字放88
mov eax, $1
pop ebp
jmp @GoEnd
@ONE:
pop edi
pop esi
xor eax, eax
pop ebx
pop ebp
jmp @GoEnd
@GoBegin:
mov edx, ecx
push esi
push edi
mov ecx, $100
lea esi, [edx+$4]
xor eax, eax
mov edi, esi
rep stos dword ptr es:[edi]
mov [esi], ax
pop edi
mov [edx+$6], ax
pop esi
retn
@GoEnd:
nop
end;
procedure MakeKEY;
begin
asm
pushad
lea ecx,RandKey
push ecx // 隨機數作為參數
lea ecx,Key // 存放KEY的緩沖區
end;
CreateKEY;
asm
add esp,$4
popad
end;
end;
procedure CreateKEY;
asm
push ecx //存放最后KEY的地址
mov eax, [esp+$8] // 取隨機數的地址
push ebx
push ebp
push esi
mov esi, [eax] // 取隨機數1-4位放ESI
mov edx, ecx //取最后KEY的地址給EDX
push edi
mov [esp+$10], ecx
mov [edx], esi //放入隨機數(1-4)
mov esi, [eax+$4]
mov [edx+$4], esi // 5-8
mov esi, [eax+$8]
mov [edx+$8], esi // 9-12
mov eax, [eax+$C]
mov dword ptr [ecx+$10], $B7E15163 // 最后KEY的17-20放固定值
mov [edx+$C], eax // 13-16
lea eax, [ecx+$14] // 取KEY21開始的地址
mov edx, $19
@ONE:
mov esi, [eax-$4]
add eax, $4
sub esi, $61C88647
dec edx
mov [eax-$4], esi
jnz @ONE
xor ebx, ebx
xor esi, esi
xor ebp, ebp
xor edi, edi
mov dword ptr [esp+$18], $4E
jmp @TWO
@FOUR:
mov ecx, [esp+$10]
@TWO:
mov ecx, [ecx+edi*$4+$10]
push $3
add ecx, ebx
add ecx, esi
push ecx
call @Begin
mov ecx, [esp+$18]
mov esi, eax
mov [ecx+edi*$4+$10], eax
lea eax, [edi+$1]
cdq
mov edi, $1A
idiv edi
mov eax, [ecx+ebp*$4]
add eax, ebx
add eax, esi
mov edi, edx
lea edx, [ebx+esi]
push edx
push eax
call @Begin
mov ecx, [esp+$20]
add esp, $10
mov ebx, eax
mov [ecx+ebp*$4], eax
inc ebp
and ebp, $80000003
jns @THREE
dec ebp
or ebp, $FFFFFFFC
inc ebp
@THREE:
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -