?? p2pstock.0(初始化).txt
字號:
00406098 /. 55 PUSH EBP
00406099 |. 8BEC MOV EBP,ESP
0040609B |. 83C4 EC ADD ESP,-14
0040609E |. 53 PUSH EBX
0040609F |. 56 PUSH ESI
004060A0 |. 8B5D 08 MOV EBX,DWORD PTR SS:[EBP+8]
004060A3 |. 6A 0C PUSH 0C ; /Count = C (12.)
004060A5 |. 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14] ; |
004060A8 |. 50 PUSH EAX ; |Buffer
004060A9 |. 53 PUSH EBX ; |hWnd
004060AA |. E8 D7880800 CALL <JMP.&USER32.GetWindowTextA> ; \GetWindowTextA
004060AF |. 6A 0A PUSH 0A ; /Arg3 = 0000000A
004060B1 |. 68 95F44900 PUSH P2PStock.0049F495 ; |大智慧level
004060B6 |. 8D55 EC LEA EDX,DWORD PTR SS:[EBP-14] ; |
004060B9 |. 52 PUSH EDX ; |Arg1
004060BA |. E8 EDD20700 CALL P2PStock.004833AC ; \P2PStock.004833AC
004060BF |. 83C4 0C ADD ESP,0C
004060C2 |. 85C0 TEST EAX,EAX
004060C4 |. 74 07 JE SHORT P2PStock.004060CD
004060C6 |. B8 01000000 MOV EAX,1
004060CB |. EB 24 JMP SHORT P2PStock.004060F1
004060CD |> 6A 00 PUSH 0 ; /Title = NULL
004060CF |. 68 A1F44900 PUSH P2PStock.0049F4A1 ; |afxwnd42s
004060D4 |. 6A 00 PUSH 0 ; |hAfterWnd = NULL
004060D6 |. 53 PUSH EBX ; |hParent
004060D7 |. E8 A2870800 CALL <JMP.&USER32.FindWindowExA> ; \FindWindowExA
004060DC |. 8BF0 MOV ESI,EAX
004060DE |. 8935 3C4B4A00 MOV DWORD PTR DS:[4A4B3C],ESI
004060E4 |. 85F6 TEST ESI,ESI
004060E6 |. 74 04 JE SHORT P2PStock.004060EC
004060E8 |. 33C0 XOR EAX,EAX
004060EA |. EB 05 JMP SHORT P2PStock.004060F1
004060EC |> B8 01000000 MOV EAX,1
004060F1 |> 5E POP ESI
004060F2 |. 5B POP EBX
004060F3 |. 8BE5 MOV ESP,EBP
004060F5 |. 5D POP EBP
004060F6 \. C2 0800 RETN 8
004060F9 90 NOP
004060FA 90 NOP
004060FB 90 NOP
004060FC . 53 PUSH EBX
004060FD . 8BD8 MOV EBX,EAX
004060FF . 56 PUSH ESI
00406100 . 57 PUSH EDI
00406101 . 55 PUSH EBP
00406102 . 83C4 8C ADD ESP,-74
00406105 . 8B83 54030000 MOV EAX,DWORD PTR DS:[EBX+354]
0040610B . BF 404B4A00 MOV EDI,P2PStock.004A4B40
00406110 . 8B10 MOV EDX,DWORD PTR DS:[EAX]
00406112 . FF92 C4000000 CALL DWORD PTR DS:[EDX+C4]
00406118 . 84C0 TEST AL,AL
0040611A . 74 18 JE SHORT P2PStock.00406134
0040611C . 8B83 48030000 MOV EAX,DWORD PTR DS:[EBX+348]
00406122 . 8B10 MOV EDX,DWORD PTR DS:[EAX]
00406124 . FF52 50 CALL DWORD PTR DS:[EDX+50]
00406127 . 84C0 TEST AL,AL
00406129 . 74 09 JE SHORT P2PStock.00406134
0040612B . 33D2 XOR EDX,EDX
0040612D . 8BC3 MOV EAX,EBX
0040612F . E8 CCFEFFFF CALL P2PStock.00406000
00406134 > 8B8B B4030000 MOV ECX,DWORD PTR DS:[EBX+3B4]
0040613A . 83B9 A0060000>CMP DWORD PTR DS:[ECX+6A0],0
00406141 . 0F84 85020000 JE P2PStock.004063CC
00406147 . 6A 00 PUSH 0 ; /Arg1 = 00000000
00406149 . E8 F63F0800 CALL P2PStock.0048A144 ; \P2PStock.0048A144
0040614E . 59 POP ECX
0040614F . 8983 E0030000 MOV DWORD PTR DS:[EBX+3E0],EAX
00406155 . 8B83 B4030000 MOV EAX,DWORD PTR DS:[EBX+3B4]
0040615B . 8B80 A0060000 MOV EAX,DWORD PTR DS:[EAX+6A0]
00406161 . 8983 E4030000 MOV DWORD PTR DS:[EBX+3E4],EAX
00406167 . 8BF0 MOV ESI,EAX
00406169 . 8B93 E0030000 MOV EDX,DWORD PTR DS:[EBX+3E0]
0040616F . 2BF2 SUB ESI,EDX
00406171 . 3BC2 CMP EAX,EDX
00406173 . 7D 06 JGE SHORT P2PStock.0040617B
00406175 . 8983 E0030000 MOV DWORD PTR DS:[EBX+3E0],EAX
0040617B > 8B83 B4030000 MOV EAX,DWORD PTR DS:[EBX+3B4]
00406181 . 8B8B E0030000 MOV ECX,DWORD PTR DS:[EBX+3E0]
00406187 . 8988 9C060000 MOV DWORD PTR DS:[EAX+69C],ECX
0040618D . FF05 C0F14900 INC DWORD PTR DS:[49F1C0]
00406193 . 8B15 C0F14900 MOV EDX,DWORD PTR DS:[49F1C0]
00406199 . 83FA 64 CMP EDX,64
0040619C . 7E 20 JLE SHORT P2PStock.004061BE
0040619E . 6A 00 PUSH 0 ; /Arg7 = 00000000
004061A0 . 6A 00 PUSH 0 ; |Arg6 = 00000000
004061A2 . 6A 00 PUSH 0 ; |Arg5 = 00000000
004061A4 . 68 50F34900 PUSH P2PStock.0049F350 ; |Arg4 = 0049F350
004061A9 . 6A 00 PUSH 0 ; |Arg3 = 00000000
004061AB . 33C9 XOR ECX,ECX ; |
004061AD . 6A 02 PUSH 2 ; |Arg2 = 00000002
004061AF . 50 PUSH EAX ; |Arg1
004061B0 . 890D C0F14900 MOV DWORD PTR DS:[49F1C0],ECX ; |
004061B6 . E8 55DEFFFF CALL P2PStock.00404010 ; \P2PStock.00404010
004061BB . 83C4 1C ADD ESP,1C
004061BE > 81FE 5C1C0000 CMP ESI,1C5C
004061C4 . 7D 05 JGE SHORT P2PStock.004061CB
004061C6 . 83FE C4 CMP ESI,-3C
004061C9 . 7F 10 JG SHORT P2PStock.004061DB
004061CB > 81FE DC500000 CMP ESI,50DC
004061D1 . 7D 47 JGE SHORT P2PStock.0040621A
004061D3 . 81FE 38310000 CMP ESI,3138
004061D9 . 7E 3F JLE SHORT P2PStock.0040621A
004061DB > FF05 C4F14900 INC DWORD PTR DS:[49F1C4]
004061E1 . A1 C4F14900 MOV EAX,DWORD PTR DS:[49F1C4]
004061E6 . 83F8 05 CMP EAX,5
004061E9 . 7E 19 JLE SHORT P2PStock.00406204
004061EB . 8B83 B4030000 MOV EAX,DWORD PTR DS:[EBX+3B4]
004061F1 . 80B8 73060000>CMP BYTE PTR DS:[EAX+673],0
004061F8 . 74 0A JE SHORT P2PStock.00406204
004061FA . 33D2 XOR EDX,EDX
004061FC . 8915 C4F14900 MOV DWORD PTR DS:[49F1C4],EDX
00406202 . EB 16 JMP SHORT P2PStock.0040621A
00406204 > 833D C4F14900>CMP DWORD PTR DS:[49F1C4],1E
0040620B . 7E 0D JLE SHORT P2PStock.0040621A
0040620D . 8B8B B4030000 MOV ECX,DWORD PTR DS:[EBX+3B4]
00406213 . C681 73060000>MOV BYTE PTR DS:[ECX+673],1
0040621A > A1 3C4B4A00 MOV EAX,DWORD PTR DS:[4A4B3C]
0040621F . 50 PUSH EAX ; /hWnd => 00050250 (class='AfxWnd42s',parent=00040616)
00406220 . E8 A3870800 CALL <JMP.&USER32.IsWindow> ; \IsWindow
00406225 . 85C0 TEST EAX,EAX
00406227 . 0F85 9F010000 JNZ P2PStock.004063CC
0040622D . 6A 00 PUSH 0 ; /lParam = 0
0040622F . 68 98604000 PUSH P2PStock.00406098 ; |Callback = P2PStock.00406098
00406234 . E8 2D860800 CALL <JMP.&USER32.EnumWindows> ; \EnumWindows
00406239 . 85C0 TEST EAX,EAX
0040623B . 0F85 5A010000 JNZ P2PStock.0040639B ; *{ 00406241- 00406329 獲取大智慧信息
00406241 . 54 PUSH ESP ; /pProcessID
00406242 . 8B15 3C4B4A00 MOV EDX,DWORD PTR DS:[4A4B3C] ; |
00406248 . 52 PUSH EDX ; |hWnd => 00050250 (class='AfxWnd42s',parent=00040616)
00406249 . E8 3E870800 CALL <JMP.&USER32.GetWindowThreadProcess>; \GetWindowThreadProcessId
0040624E . 8B0C24 MOV ECX,DWORD PTR SS:[ESP]
00406251 . 51 PUSH ECX ; /ProcessId
00406252 . 6A 00 PUSH 0 ; |Inheritable = FALSE
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -