首页
论坛
课程
招聘
[求助]易语言IDA无法F5函数
2022-1-4 12:46 12131

[求助]易语言IDA无法F5函数

2022-1-4 12:46
12131

找到按钮事件位置,IDA提示无法F5,求大佬解释一下,下面是易语言源码和IDA的反汇编代码

 

IDA反汇编代码,从按钮事件开始

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
; Attributes: bp-based frame
.text:00401171
.text:00401171     sub_401171      proc near
.text:00401171
.text:00401171     var_10          = dword ptr -10h
.text:00401171     var_C           = dword ptr -0Ch
.text:00401171     var_8           = dword ptr -8
.text:00401171     lpMem           = dword ptr -4
.text:00401171
.text:00401171 000                 push    ebp
.text:00401172 004                 mov     ebp, esp
.text:00401174 004                 sub     esp, 10h
.text:0040117A 014                 push    8               ; dwBytes
.text:0040117F 018                 call    j__krnl_MMalloc
.text:00401184 018                 add     esp, 4
.text:00401187 014                 mov     [ebp+lpMem], eax
.text:0040118A 014                 mov     edi, eax
.text:0040118C 014                 mov     esi, offset unk_55166F
.text:00401191 014                 lodsd
.text:00401192 014                 stosd
.text:00401193 014                 lodsd
.text:00401194 014                 stosd
.text:00401195 014                 push    8               ; dwBytes
.text:0040119A 018                 call    j__krnl_MMalloc
.text:0040119F 018                 add     esp, 4
.text:004011A2 014                 mov     [ebp+var_8], eax
.text:004011A5 014                 mov     edi, eax
.text:004011A7 014                 mov     esi, offset unk_55166F
.text:004011AC 014                 lodsd
.text:004011AD 014                 stosd
.text:004011AE 014                 lodsd
.text:004011AF 014                 stosd
.text:004011B0 014                 mov     eax, offset unk_551634
.text:004011B5 014                 push    eax
.text:004011B6 018                 push    eax
.text:004011B7 01C                 mov     ebx, eax
.text:004011B9 01C                 call    sub_4010AC
.text:004011BE 01C                 pop     eax
.text:004011BF 018                 sub     ebx, eax
.text:004011C1 018                 add     ecx, ebx
.text:004011C3 018                 push    ecx             ; dwBytes
.text:004011C4 01C                 call    j__krnl_MMalloc
.text:004011C9 01C                 pop     ecx
.text:004011CA 018                 pop     esi
.text:004011CB 014                 mov     edi, eax
.text:004011CD 014                 rep movsb
.text:004011CF 014                 push    eax
.text:004011D0 018                 mov     ebx, [ebp+lpMem]
.text:004011D3 018                 push    ebx             ; lpMem
.text:004011D4 01C                 call    j__krnl_MFree
.text:004011D9 01C                 add     esp, 4
.text:004011DC 018                 pop     eax
.text:004011DD 014                 mov     [ebp+lpMem], eax
.text:004011E0 014                 mov     eax, offset unk_551645
.text:004011E5 014                 push    eax
.text:004011E6 018                 push    eax
.text:004011E7 01C                 mov     ebx, eax
.text:004011E9 01C                 call    sub_4010AC
.text:004011EE 01C                 pop     eax
.text:004011EF 018                 sub     ebx, eax
.text:004011F1 018                 add     ecx, ebx
.text:004011F3 018                 push    ecx             ; dwBytes
.text:004011F4 01C                 call    j__krnl_MMalloc
.text:004011F9 01C                 pop     ecx
.text:004011FA 018                 pop     esi
.text:004011FB 014                 mov     edi, eax
.text:004011FD 014                 rep movsb
.text:004011FF 014                 push    eax
.text:00401200 018                 mov     ebx, [ebp+var_8]
.text:00401203 018                 push    ebx             ; lpMem
.text:00401204 01C                 call    j__krnl_MFree
.text:00401209 01C                 add     esp, 4
.text:0040120C 018                 pop     eax
.text:0040120D 014                 mov     [ebp+var_8], eax
.text:00401210 014                 push    0FFFFFFFFh
.text:00401212 018                 push    8
.text:00401214 01C                 push    16010002h
.text:00401219 020                 push    52010001h
.text:0040121E 024                 call    j__krnl_MReadProperty
.text:00401223 024                 add     esp, 10h
.text:00401226 014                 mov     [ebp+var_C], eax
.text:00401229 014                 push    offset unk_551656
.text:0040122E 018                 push    [ebp+var_C]
.text:00401231 01C                 call    sub_4010CC
.text:00401236 01C                 add     esp, 8
.text:00401239 014                 cmp     eax, 0
.text:0040123C 014                 mov     eax, 0
.text:00401241 014                 setnz   al
.text:00401244 014                 mov     [ebp+var_10], eax
.text:00401247 014                 mov     ebx, [ebp+var_C]
.text:0040124A 014                 test    ebx, ebx
.text:0040124C 014                 jz      short loc_401257
.text:0040124E 014                 push    ebx             ; lpMem
.text:0040124F 018                 call    j__krnl_MFree
.text:00401254 018                 add     esp, 4
.text:00401257
.text:00401257     loc_401257:                             ; CODE XREF: sub_401171+DB↑j
.text:00401257 014                 cmp     [ebp+var_10], 0
.text:0040125B 014                 jz      loc_4013C5
.text:00401261 014                 push    0FFFFFFFFh
.text:00401263 018                 push    8
.text:00401265 01C                 push    16010002h
.text:0040126A 020                 push    52010001h
.text:0040126F 024                 call    j__krnl_MReadProperty
.text:00401274 024                 add     esp, 10h
.text:00401277 014                 mov     [ebp+var_C], eax
.text:0040127A 014                 push    offset a123456  ; "123456"
.text:0040127F 018                 push    [ebp+var_C]
.text:00401282 01C                 call    sub_4010CC
.text:00401287 01C                 add     esp, 8
.text:0040128A 014                 cmp     eax, 0
.text:0040128D 014                 mov     eax, 0
.text:00401292 014                 setz    al
.text:00401295 014                 mov     [ebp+var_10], eax
.text:00401298 014                 mov     ebx, [ebp+var_C]
.text:0040129B 014                 test    ebx, ebx
.text:0040129D 014                 jz      short loc_4012A8
.text:0040129F 014                 push    ebx             ; lpMem
.text:004012A0 018                 call    j__krnl_MFree
.text:004012A5 018                 add     esp, 4
.text:004012A8
.text:004012A8     loc_4012A8:                             ; CODE XREF: sub_401171+12C↑j
.text:004012A8 014                 cmp     [ebp+var_10], 0
.text:004012AC 014                 jz      loc_401355
.text:004012B2 014                 push    0A0000101h
.text:004012B7 018                 push    0
.text:004012B9 01C                 push    [ebp+var_8]
.text:004012BC 020                 push    1
.text:004012C1 024                 mov     ebx, offset _krnln_fnStr
.text:004012C6 024                 call    j__krnl_MCallKrnlLibCmd
.text:004012CB 024                 add     esp, 10h
.text:004012CE 014                 mov     [ebp+var_C], eax
.text:004012D1 014                 mov     ebx, 6
.text:004012D6 014                 call    sub_401169
.text:004012DB 014                 push    80000301h
.text:004012E0 018                 push    0
.text:004012E2 01C                 push    0
.text:004012E7 020                 push    80000004h
.text:004012EC 024                 push    0
.text:004012EE 028                 mov     eax, [ebp+var_C]
.text:004012F1 028                 test    eax, eax
.text:004012F3 028                 jnz     short loc_4012FA
.text:004012F5 028                 mov     eax, offset unk_551656
.text:004012FA
.text:004012FA     loc_4012FA:                             ; CODE XREF: sub_401171+182↑j
.text:004012FA 028                 push    eax
.text:004012FB 02C                 push    4
.text:00401300 030                 mov     ebx, offset _krnln_fnMsgBox
.text:00401305 030                 call    j__krnl_MCallKrnlLibCmd
.text:0040130A 030                 add     esp, 34h
.text:0040130D -04                 mov     ebx, [ebp+var_C]
.text:00401310 -04                 test    ebx, ebx
.text:00401312 -04                 jz      short loc_40131D
.text:00401314 -04                 push    ebx             ; lpMem
.text:00401315 000                 call    j__krnl_MFree
.text:0040131A 000                 add     esp, 4
.text:0040131D
.text:0040131D     loc_40131D:                             ; CODE XREF: sub_401171+1A1↑j
.text:0040131D -04                 push    80000002h
.text:00401322 000                 push    0
.text:00401324 004                 push    1
.text:00401329 008                 push    0
.text:0040132B 00C                 push    0
.text:0040132D 010                 push    0
.text:0040132F 014                 push    10001h
.text:00401334 018                 push    6010015h
.text:00401339 01C                 push    52010016h
.text:0040133E 020                 push    3
.text:00401343 024                 mov     ebx, offset _krnln_fnLoadWin
.text:00401348 024                 call    j__krnl_MCallKrnlLibCmd
.text:0040134D 024                 add     esp, 28h
.text:00401350 -04                 jmp     loc_4013C0
.text:00401355     ; ---------------------------------------------------------------------------
.text:00401355
.text:00401355     loc_401355:                             ; CODE XREF: sub_401171+13B↑j
.text:00401355 014                 push    0A0000101h
.text:0040135A 018                 push    0
.text:0040135C 01C                 push    [ebp+lpMem]
.text:0040135F 020                 push    1
.text:00401364 024                 mov     ebx, offset _krnln_fnStr
.text:00401369 024                 call    j__krnl_MCallKrnlLibCmd
.text:0040136E 024                 add     esp, 10h
.text:00401371 014                 mov     [ebp+var_C], eax
.text:00401374 014                 mov     ebx, 6
.text:00401379 014                 call    sub_401169
.text:0040137E 014                 push    80000301h
.text:00401383 018                 push    0
.text:00401385 01C                 push    0
.text:0040138A 020                 push    80000004h
.text:0040138F 024                 push    0
.text:00401391 028                 mov     eax, [ebp+var_C]
.text:00401394 028                 test    eax, eax
.text:00401396 028                 jnz     short loc_40139D
.text:00401398 028                 mov     eax, offset unk_551656
.text:0040139D
.text:0040139D     loc_40139D:                             ; CODE XREF: sub_401171+225↑j
.text:0040139D 028                 push    eax
.text:0040139E 02C                 push    4
.text:004013A3 030                 mov     ebx, offset _krnln_fnMsgBox
.text:004013A8 030                 call    j__krnl_MCallKrnlLibCmd
.text:004013AD 030                 add     esp, 34h
.text:004013B0 -04                 mov     ebx, [ebp+var_C]
.text:004013B3 -04                 test    ebx, ebx
.text:004013B5 -04                 jz      short loc_4013C0
.text:004013B7 -04                 push    ebx             ; lpMem
.text:004013B8 000                 call    j__krnl_MFree
.text:004013BD 000                 add     esp, 4
.text:004013C0
.text:004013C0     loc_4013C0:                             ; CODE XREF: sub_401171+1DF↑j
.text:004013C0                                             ; sub_401171+244↑j
.text:004013C0 -04                 jmp     loc_4013F9
.text:004013C5     ; ---------------------------------------------------------------------------
.text:004013C5
.text:004013C5     loc_4013C5:                             ; CODE XREF: sub_401171+EA↑j
.text:004013C5 014                 mov     ebx, 6
.text:004013CA 014                 call    sub_401169
.text:004013CF 014                 push    80000301h
.text:004013D4 018                 push    0
.text:004013D6 01C                 push    0
.text:004013DB 020                 push    80000004h
.text:004013E0 024                 push    0
.text:004013E2 028                 push    offset asc_55165E ; "您还没有输入内容"
.text:004013E7 02C                 push    4
.text:004013EC 030                 mov     ebx, offset _krnln_fnMsgBox
.text:004013F1 030                 call    j__krnl_MCallKrnlLibCmd
.text:004013F6 030                 add     esp, 34h
.text:004013F9
.text:004013F9     loc_4013F9:                             ; CODE XREF: sub_401171:loc_4013C0↑j
.text:004013F9 -04                 mov     ebx, [ebp+lpMem]
.text:004013FC -04                 push    ebx             ; lpMem
.text:004013FD 000                 call    j__krnl_MFree
.text:00401402 000                 add     esp, 4
.text:00401405 -04                 mov     ebx, [ebp+var_8]
.text:00401408 -04                 push    ebx             ; lpMem
.text:00401409 000                 call    j__krnl_MFree
.text:0040140E 000                 add     esp, 4
.text:00401411 -04                 mov     esp, ebp
.text:00401413 -14                 pop     ebp
.text:00401414 -18                 retn
.text:00401415     ; ---------------------------------------------------------------------------
.text:00401415
.text:00401415     locret_401415:                          ; CODE XREF: _EStartup+D↓p
.text:00401415 -18                 retn
.text:00401416     ; ---------------------------------------------------------------------------
.text:00401416
.text:00401416     locret_401416:                          ; DATA XREF: _EStartup+12↓o
.text:00401416 -18                 retn
.text:00401416     sub_401171      endp ; sp-analysis failed
.text:00401416
.text:00401417

看雪2022 KCTF 秋季赛 防守篇规则,征题截止日期11月12日!(iPhone 14等你拿!)

收藏
点赞1
打赏
分享
最新回复 (7)
雪    币: 201
活跃值: 活跃值 (497)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
signed 活跃值 2022-1-4 20:12
2
0
到30D去看看吧
雪    币: 1612
活跃值: 活跃值 (909)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
只是过客而已 活跃值 2022-1-4 21:17
3
0
signed 到30D去看看吧
什么意思,大佬
雪    币: 4547
活跃值: 活跃值 (1140)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
romobin 活跃值 2022-1-5 05:15
4
0
1171不行吗  ?
雪    币: 1612
活跃值: 活跃值 (909)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
只是过客而已 活跃值 2022-1-5 10:46
5
0
romobin 1171不行吗 ?
大佬,你们都在说什么,我怎么听不懂
雪    币: 290
活跃值: 活跃值 (393)
能力值: ( LV3,RANK:20 )
在线值:
发帖
回帖
粉丝
CrackM 活跃值 2022-1-6 14:50
6
0
IDA提示你0x40130D哪里sp指针出问题了,可能堆栈被破坏了,二进制发出来瞅瞅?
雪    币: 290
活跃值: 活跃值 (393)
能力值: ( LV3,RANK:20 )
在线值:
发帖
回帖
粉丝
CrackM 活跃值 2022-1-6 14:52
7
0
只是过客而已 大佬,你们都在说什么,我怎么听不懂[em_80]
是地址啊。。。。另外建议常用的英语还是要了解下的IDA报错都是英语
雪    币: 5983
活跃值: 活跃值 (2290)
能力值: ( LV6,RANK:80 )
在线值:
发帖
回帖
粉丝
黑洛 活跃值 1 2022-2-26 19:57
8
0
不是因为f5的起始地址不是函数头部吗?
游客
登录 | 注册 方可回帖
返回