我从事汇编语言研究大概几年前,因为是我为了开发sepl计算机语言编译器。虽然到现在还没有开发出来,但是已经看到曙光了。为了研究汇编,我从反汇编入手,做了破解,脱壳,调试等。
但是汇编对我来说一直是读天书,没有任何突破。直到最近几天我有了重大发现。有人说做黑客从反汇编sqlserver.exe文件开始,可是在数以百万计的汇编代码丛林中,你能看到什么呢?能读懂么?
直到最近看了一本win32汇编书籍,他里面说可以把vc程序反汇编,获得汇编程序。如果随便用ida反汇编,如过没有把原程序和汇编放在一起,那么仍然没有收获。我按照说明操作了终于得到原程序和汇编放在一起的文件,就像在调试状态一样,每个c语言程序对应一个扩展名叫.cod文件.用它来学习真是大爽,天书变成可破解的代码!
具体做法是打开vc项目,选择菜单project->setting,在对话框选择c/c++页,然后category中选择Listing Files,在下面Listing file type选择 Assambly,machine code,and Source,确定退出。
现在编译程序,在release/debug目录下面生成对应的cod文件,包含有汇编,机器码和源代码。
通过阅读cod文件,你将很快了解汇编,你会发现原程序和汇编并不完全一一对应,当并不妨碍你分析汇编。
如果你不停的阅读和学习cod,也许一个月后你就会成为反汇编高手了!目前我刚开始2天。我决定坚持一个月。
文件Base64.cod内容如下
TITLE E:\cryptoLib\Base64.cpp
.386P
include listing.inc
if @Version gt 510
.model FLAT
else
_TEXT SEGMENT PARA USE32 PUBLIC 'CODE'
_TEXT ENDS
_DATA SEGMENT DWORD USE32 PUBLIC 'DATA'
_DATA ENDS
CONST SEGMENT DWORD USE32 PUBLIC 'CONST'
CONST ENDS
_BSS SEGMENT DWORD USE32 PUBLIC 'BSS'
_BSS ENDS
_TLS SEGMENT DWORD USE32 PUBLIC 'TLS'
_TLS ENDS
; COMDAT [email=??_C@_0BB@NAAD@Magellan?5MSWHEEL?$AA]??_C@_0BB@NAAD@Magellan?5MSWHEEL?$AA[/email]@
_DATA SEGMENT DWORD USE32 PUBLIC 'DATA'
_DATA ENDS
; COMDAT [email=??_C@_06FPAF@MouseZ?$AA]??_C@_06FPAF@MouseZ?$AA[/email]@
_DATA SEGMENT DWORD USE32 PUBLIC 'DATA'
..................
; COMDAT [email=??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B]??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B[/email]@
CONST SEGMENT DWORD USE32 PUBLIC 'CONST'
CONST ENDS
; COMDAT [email=?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB]?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB[/email]
CONST SEGMENT DWORD USE32 PUBLIC 'CONST'
CONST ENDS
FLAT GROUP _DATA, CONST, _BSS, CRT$XCA, CRT$XCU, CRT$XCL, CRT$XCC, CRT$XCZ, xdata$x
ASSUME CS: FLAT, DS: FLAT, SS: FLAT
endif
CONST SEGMENT
_EnBase64Tab DB 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123'
DB '456789+/', 00H
ORG $+3
_DeBase64Tab DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 03eH
DB 00H
DB 00H
DB 00H
DB 03fH
DB 034H
DB 035H
DB 036H
DB 037H
DB 038H
DB 039H
DB 03aH
DB 03bH
DB 03cH
DB 03dH
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 01H
DB 02H
DB 03H
DB 04H
DB 05H
DB 06H
DB 07H
DB 08H
DB 09H
DB 0aH
DB 0bH
DB 0cH
DB 0dH
DB 0eH
DB 0fH
DB 010H
DB 011H
DB 012H
DB 013H
DB 014H
DB 015H
DB 016H
DB 017H
DB 018H
DB 019H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 00H
DB 01aH
DB 01bH
DB 01cH
DB 01dH
DB 01eH
DB 01fH
DB 020H
DB 021H
DB 022H
DB 023H
DB 024H
DB 025H
DB 026H
DB 027H
DB 028H
DB 029H
DB 02aH
DB 02bH
DB 02cH
DB 02dH
DB 02eH
DB 02fH
DB 030H
DB 031H
DB 032H
DB 033H
CONST ENDS
CRT$XCU SEGMENT
_$S384 DD FLAT:_$E383
CRT$XCU ENDS
PUBLIC [email=?EncodeBase64@@YAHPBEPADH@Z]?EncodeBase64@@YAHPBEPADH@Z[/email] ; EncodeBase64
; COMDAT [email=?EncodeBase64@@YAHPBEPADH@Z]?EncodeBase64@@YAHPBEPADH@Z[/email]
_TEXT SEGMENT
_pSrc$ = 8
_pDst$ = 12
_nSrcLen$ = 16
_c1$ = 12
_c2$ = 8
_c3$ = 16
_nMod$ = -4
[email=?EncodeBase64@@YAHPBEPADH@Z]?EncodeBase64@@YAHPBEPADH@Z[/email] PROC NEAR ; EncodeBase64, COMDAT
; 7 : {
00000 51 push ecx
00001 55 push ebp
00002 56 push esi
; 8 : unsigned char c1, c2, c3; // 输入缓冲区读出3个字节
; 9 : int nDstLen = 0; // 输出的字符计数
; 10 : int nDiv = nSrcLen / 3; // 输入数据长度除以3得到的倍数
00003 8b 74 24 18 mov esi, DWORD PTR _nSrcLen$[esp+8]
00007 b8 56 55 55 55 mov eax, 1431655766 ; 55555556H
0000c f7 ee imul esi
0000e 8b c2 mov eax, edx
00010 33 ed xor ebp, ebp
00012 c1 e8 1f shr eax, 31 ; 0000001fH
00015 03 d0 add edx, eax
; 11 : int nMod = nSrcLen % 3; // 输入数据长度除以3得到的余数
00017 8b c6 mov eax, esi
00019 8b ca mov ecx, edx
0001b be 03 00 00 00 mov esi, 3
00020 99 cdq
00021 f7 fe idiv esi
; 12 :
; 13 : // 每次取3个字节,编码成4个字符
; 14 : for (int i = 0; i
00023 85 c9 test ecx, ecx
00025 89 54 24 08 mov DWORD PTR _nMod$[esp+12], edx
00029 0f 8e dc 00 00
00 jle $L132338
0002f 8b 44 24 14 mov eax, DWORD PTR _pDst$[esp+8]
00033 53 push ebx
00034 8b d9 mov ebx, ecx
00036 8d 2c 8d 00 00
00 00 lea ebp, DWORD PTR [ecx*4]
0003d 8b 4c 24 14 mov ecx, DWORD PTR _pSrc$[esp+12]
00041 57 push edi
$L129542:
; 15 : {
; 16 : // 取3个字节
; 17 : c1 = *pSrc++;
00042 8a 11 mov dl, BYTE PTR [ecx]
00044 41 inc ecx
00045 88 54 24 1c mov BYTE PTR _c1$[esp+16], dl
; 18 : c2 = *pSrc++;
00049 8a 11 mov dl, BYTE PTR [ecx]
; 19 : c3 = *pSrc++;
; 20 :
; 21 : // 编码成4个字符
; 22 : *pDst++ = EnBase64Tab[c1 >> 2];
0004b 8b 74 24 1c mov esi, DWORD PTR _c1$[esp+16]
0004f 41 inc ecx
00050 88 54 24 18 mov BYTE PTR _c2$[esp+16], dl
; 23 : *pDst++ = EnBase64Tab[((c1 > 4)) & 0x3f];
00054 8b 7c 24 18 mov edi, DWORD PTR _c2$[esp+16]
00058 81 e6 ff 00 00
00 and esi, 255 ; 000000ffH
0005e 8a 11 mov dl, BYTE PTR [ecx]
00060 81 e7 ff 00 00
00 and edi, 255 ; 000000ffH
00066 88 54 24 20 mov BYTE PTR _c3$[esp+16], dl
0006a 8b d6 mov edx, esi
0006c c1 ea 02 shr edx, 2
0006f 83 e6 03 and esi, 3
00072 41 inc ecx
00073 8a 92 00 00 00
00 mov dl, BYTE PTR _EnBase64Tab[edx]
00079 88 10 mov BYTE PTR [eax], dl
0007b 8b d7 mov edx, edi
0007d c1 ea 04 shr edx, 4
00080 c1 e6 04 shl esi, 4
00083 0b d6 or edx, esi
; 24 : *pDst++ = EnBase64Tab[((c2 > 6)) & 0x3f];
00085 8b 74 24 20 mov esi, DWORD PTR _c3$[esp+16]
00089 40 inc eax
0008a 81 e6 ff 00 00
00 and esi, 255 ; 000000ffH
00090 8a 92 00 00 00
00 mov dl, BYTE PTR _EnBase64Tab[edx]
00096 83 e7 0f and edi, 15 ; 0000000fH
00099 88 10 mov BYTE PTR [eax], dl
0009b 8b d6 mov edx, esi
0009d c1 ea 06 shr edx, 6
000a0 c1 e7 02 shl edi, 2
000a3 0b d7 or edx, edi
000a5 40 inc eax
; 25 : *pDst++ = EnBas
e64Tab[c3 & 0x3f];
000a6 83 e6 3f and esi, 63 ; 0000003fH
000a9 40 inc eax
000aa 8a 92 00 00 00
00 mov dl, BYTE PTR _EnBase64Tab[edx]
000b0 88 50 ff mov BYTE PTR [eax-1], dl
000b3 8a 96 00 00 00
00 mov dl, BYTE PTR _EnBase64Tab[esi]
000b9 88 10 mov BYTE PTR [eax], dl
000bb 40 inc eax
000bc 4b dec ebx
000bd 75 83 jne SHORT $L129542
000bf 8b 54 24 10 mov edx, DWORD PTR _nMod$[esp+20]
000c3 5f pop edi
000c4 5b pop ebx
$L129544:
; 26 : nDstLen += 4;
; 27 : }
; 28 :
; 29 : // 编码余下的字节
; 30 : if (nMod == 1)
000c5 83 fa 01 cmp edx, 1
000c8 75 4b jne SHORT $L129545
; 31 : {
; 32 : c1 = *pSrc++;
000ca 8a 09 mov cl, BYTE PTR [ecx]
000cc 5e pop esi
000cd 88 4c 24 10 mov BYTE PTR _c1$[esp+4], cl
; 33 : *pDst++ = EnBase64Tab[(c1 & 0xfc) >> 2];
000d1 8b 4c 24 10 mov ecx, DWORD PTR _c1$[esp+4]
000d5 81 e1 ff 00 00
00 and ecx, 255 ; 000000ffH
000db 8b d1 mov edx, ecx
; 34 : *pDst++ = EnBase64Tab[((c1 & 0x03)
000dd 83 e1 03 and ecx, 3
000e0 c1 ea 02 shr edx, 2
000e3 c1 e1 04 shl ecx, 4
000e6 8a 92 00 00 00
00 mov dl, BYTE PTR _EnBase64Tab[edx]
000ec 88 10 mov BYTE PTR [eax], dl
000ee 8a 89 00 00 00
00 mov cl, BYTE PTR _EnBase64Tab[ecx]
000f4 40 inc eax
000f5 88 08 mov BYTE PTR [eax], cl
000f7 40 inc eax
; 35 : *pDst++ = '=';
000f8 c6 00 3d mov BYTE PTR [eax], 61 ; 0000003dH
; 45 : *pDst++ = EnBase64Tab[((c2 & 0x0f)
000fb 40 inc eax
; 46 : *pDst++ = '=';
000fc c6 00 3d mov BYTE PTR [eax], 61 ; 0000003dH
000ff 40 inc eax
; 47 : nDstLen += 4;
00100 83 c5 04 add ebp, 4
; 48 : }
; 49 :
; 50 : // 输出加个结束符
; 51 : *pDst = '\0';
00103 c6 00 00 mov BYTE PTR [eax], 0
; 52 :
; 53 : return nDstLen;
00106 8b c5 mov eax, ebp
00108 5d pop ebp
; 54 : }
00109 59 pop ecx
0010a c3 ret 0
$L132338:
; 12 :
; 13 : // 每次取3个字节,编码成4个字符
; 14 : for (int i = 0; i
0010b 8b 44 24 14 mov eax, DWORD PTR _pDst$[esp+8]
0010f 8b 4c 24 10 mov ecx, DWORD PTR _pSrc$[esp+8]
00113 eb b0 jmp SHORT $L129544
$L129545:
; 36 : *pDst++ = '=';
; 37 : nDstLen += 4;
; 38 : }
; 39 : else if (nMod == 2)
00115 83 fa 02 cmp edx, 2
00118 75 5b jne SHORT $L132337
; 40 : {
; 41 : c1 = *pSrc++;
0011a 8a 11 mov dl, BYTE PTR [ecx]
; 42 : c2 = *pSrc++;
0011c 8a 49 01 mov cl, BYTE PTR [ecx+1]
0011f 88 54 24 14 mov BYTE PTR _c1$[esp+8], dl
00123 88 4c 24 10 mov BYTE PTR _c2$[esp+8], cl
; 43 : *pDst++ = EnBase64Tab[(c1 & 0xfc) >> 2];
00127 8b 4c 24 14 mov ecx, DWORD PTR _c1$[esp+8]
0012b 81 e1 ff 00 00
00 and ecx, 255 ; 000000ffH
00131 8b d1 mov edx, ecx
; 44 : *pDst++ = EnBase64Tab[((c1 & 0x03) > 4)];
00133 83 e1 03 and ecx, 3
00136 c1 ea 02 shr edx, 2
00139 c1 e1 04 shl ecx, 4
0013c 8a 92 00 00 00
00 mov dl, BYTE PTR _EnBase64Tab[edx]
00142 88 10 mov BYTE PTR [eax], dl
00144 8b 54 24 10 mov edx, DWORD PTR _c2$[esp+8]
00148 81 e2 ff 00 00
00 and edx, 255 ; 000000ffH
0014e 40 inc eax
0014f 8b f2 mov esi, edx
; 45 : *pDst++ = EnBase64Tab[((c2 & 0x0f)
00151 83 e2 0f and edx, 15 ; 0000000fH
00154 c1 ee 04 shr esi, 4
00157 0b f1 or esi, ecx
00159 40 inc eax
0015a 40 inc eax
0015b 8a 8e 00 00 00
00 mov cl, BYTE PTR _EnBase64Tab[esi]
00161 88 48 fe mov BYTE PTR [eax-2], cl
00164 8a 14 95 00 00
00 00 mov dl, BYTE PTR _EnBase64Tab[edx*4]
0016b 88 50 ff mov BYTE PTR [eax-1], dl
; 46 : *pDst++ = '=';
0016e c6 00 3d mov BYTE PTR [eax], 61 ; 0000003dH
00171 40 inc eax
; 47 : nDstLen += 4;
00172 83 c5 04 add ebp, 4
$L132337:
; 48 : }
; 49 :
; 50 : // 输出加个结束符
; 51 : *pDst = '\0';
00175 c6 00 00 mov BYTE PTR [eax], 0
; 52 :
; 53 : return nDstLen;
00178 8b c5 mov eax, ebp
0017a 5e pop esi
0017b 5d pop ebp
; 54 : }
0017c 59 pop ecx
0017d c3 ret 0
[email=?EncodeBase64@@YAHPBEPADH@Z]?EncodeBase64@@YAHPBEPADH@Z[/email] ENDP ; EncodeBase64
_TEXT ENDS
PUBLIC [email=?DecodeBase64@@YAHPBDPAEH@Z]?DecodeBase64@@YAHPBDPAEH@Z[/email] ; DecodeBase64
; COMDAT [email=?DecodeBase64@@YAHPBDPAEH@Z]?DecodeBase64@@YAHPBDPAEH@Z[/email]
_TEXT SEGMENT
_pSrc$ = 8
_pDst$ = 12
_nSrcLen$ = 16
_c3$ = 12
_c4$ = 8
_lc1$ = -5
_nDiv$ = -4
[email=?DecodeBase64@@YAHPBDPAEH@Z]?DecodeBase64@@YAHPBDPAEH@Z[/email] PROC NEAR ; DecodeBase64, COMDAT
; 74 : {
00000 83 ec 08 sub esp, 8
; 75 : unsigned char c1, c2, c3, c4; // 输入缓冲区读出4个字节
; 76 : unsigned char lc1, lc2;
; 77 : int nDstLen = 0; // 输出的字符计数
; 78 : int nDiv = nSrcLen / 4; // 输入数据长度除以4得到的倍数
00003 8b 44 24 14 mov eax, DWORD PTR _nSrcLen$[esp+4]
; 79 :
; 80 : // 每次取4个字节,解码成3个字符
; 81 : for (int i = 0; i
00007 8b 4c 24 10 mov ecx, DWORD PTR _pDst$[esp+4]
0000b 99 cdq
0000c 83 e2 03 and edx, 3
0000f 53 push ebx
00010 55 push ebp
00011 03 c2 add eax, edx
00013 56 push esi
00014 57 push edi
00015 c1 f8 02 sar eax, 2
00018 33 ff xor edi, edi
0001a 33 ed xor ebp, ebp
0001c 85 c0 test eax, eax
0001e 89 44 24 14 mov DWORD PTR _nDiv$[esp+24], eax
00022 0f 8e cd 00 00
00 ; jle $L132346
00028 8b 74 24 1c mov esi, DWORD PTR _pSrc$[esp+20]
$L129563:
; 82 : {
; 83 : // 取4个字节
; 84 : c1 = DeBase64Tab[*pSrc++];
0002c 0f be 06 movsx eax, BYTE PTR [esi]
0002f 46 inc esi
00030 8a 90 00 00 00
00 mov dl, BYTE PTR _DeBase64Tab[eax]
; 85 : c2 = DeBase64Tab[*pSrc++];
00036 0f be 06 movsx eax, BYTE PTR [esi]
; 86 : lc1 = *pSrc;
00039 8a 5e 01 mov bl, BYTE PTR [esi+1]
0003c 46 inc esi
0003d 88 5c 24 13 mov BYTE PTR _lc1$[esp+24], bl
; 87 : c3 = DeBase64Tab[*pSrc++];
00041 46 inc esi
00042 0f be db movsx ebx, bl
00045 8a 80 00 00 00
00 mov al, BYTE PTR _DeBase64Tab[eax]
; 88 : lc2 = *pSrc;
; 89 : c4 = DeBase64Tab[*pSrc++];
0004b 46 inc esi
0004c 8a 9b 00 00 00
00 mov bl, BYTE PTR _DeBase64Tab[ebx]
00052 88 5c 24 20 mov BYTE PTR _c3$[esp+20], bl
00056 8a 5e ff mov bl, BYTE PTR [esi-1]
00059 88 5c 24 24 mov BYTE PTR 16+[esp+20], bl
0005d 0f be db movsx ebx, bl
00060 8a 9b 00 00 00
00 mov bl, BYTE PTR _DeBase64Tab[ebx]
00066 88 5c 24 1c mov BYTE PTR _c4$[esp+20], bl
; 90 :
; 91 : if (lc2 == '=')
0006a 8a 5c 24 24 mov bl, BYTE PTR 16+[esp+20]
0006e 80 fb 3d cmp bl, 61 ; 0000003dH
00071 74 43 je SHORT $L132344
; 106 : }
; 107 : break;
; 108 : }
; 109 :
; 110 : // 解码成3个字符
; 111 : *pDst++ = (c1 > 4);
00073 8a d8 mov bl, al
; 112 : *pDst++ = (c2 > 2);
; 113 : *pDst++ = (c3
00075 83 c7 03 add edi, 3
00078 c0 eb 04 shr bl, 4
0007b c0 e2 02 shl dl, 2
0007e 0a da or bl, dl
00080 8a 54 24 20 mov dl, BYTE PTR _c3$[esp+20]
00084 88 19 mov BYTE PTR [ecx], bl
00086 8a da mov bl, dl
00088 c0 eb 02 shr bl, 2
0008b c0 e0 04 shl al, 4
0008e 41 inc ecx
0008f 0a d8 or bl, al
00091 8b 44 24 14 mov eax, DWORD PTR _nDiv$[esp+24]
00095 88 19 mov BYTE PTR [ecx], bl
00097 8a 5c 24 1c mov bl, BYTE PTR _c4$[esp+20]
0009b c0 e2 06 shl dl, 6
0009e 41 inc ecx
0009f 0a d3 or dl, bl
000a1 88 11 mov BYTE PTR [ecx], dl
000a3 41 inc ecx
000a4 45 inc ebp
000a5 3b e8 cmp ebp, eax
000a7 7c 83 jl SHORT $L129563
; 116 : }
; 117 :
; 118 : // 输出加个结束符
; 119 : *pDst = '\0';
; 120 :
; 121 : return nDstLen;
000a9 8b c7 mov eax, edi
000ab 5f pop edi
000ac 5e pop esi
000ad 5d pop ebp
000ae c6 01 00 mov BYTE PTR [ecx], 0
000b1 5b pop ebx
; 122 : }
000b2 83 c4 08 add esp, 8
000b5 c3 ret 0
$L132344:
; 92 : {
; 93 : if (lc1 == '=')
000b6 80 7c 24 13 3d cmp BYTE PTR _lc1$[esp+24], 61 ; 0000003dH
000bb 75 19 jne SHORT $L129567
; 94 : { //原文中除3后余数是1
; 95 : c3 = 0;
; 96 : c4 = 0;
; 97 : *pDst++ = (c1 > 4);
000bd c0 e8 04 shr al, 4
000c0 c0 e2 02 shl dl, 2
000c3 0a c2 or al, dl
000c5 88 01 mov BYTE PTR [ecx], al
000c7 41 inc ecx
; 98 : nDstLen += 1;
000c8 47 inc edi
; 116 : }
; 117 :
; 118 : // 输出加个结束符
; 119 : *pDst = '\0';
; 120 :
; 121 : return nDstLen;
000c9 8b c7 mov eax, edi
000cb 5f pop edi
000cc 5e pop esi
000cd 5d pop ebp
000ce c6 01 00 mov BYTE PTR [ecx], 0
000d1 5b pop ebx
; 122 : }
000d2 83 c4 08 add esp, 8
000d5 c3 ret 0
$L129567:
; 99 : }
; 100 : else
; 101 : { //原文中除3后余数是2
; 102 : c4 = 0;
; 103 : *pDst++ = (c1 > 4);
000d6 8a d8 mov bl, al
000d8 c0 eb 04 shr bl, 4
000db c0 e2 02 shl dl, 2
000de 0a da or bl, dl
; 104 : *pDst++ = (c2 > 2);
000e0 8a 54 24 20 mov dl, BYTE PTR _c3$[esp+20]
000e4 88 19 mov BYTE PTR [ecx], bl
000e6 41 inc ecx
000e7 c0 ea 02 shr dl, 2
000ea c0 e0 04 shl al, 4
000ed 0a d0 or dl, al
000ef 88 11 mov BYTE PTR [ecx], dl
000f1 41 inc ecx
; 105 : nDstLen += 2;
000f2 83 c7 02 add edi, 2
$L132346:
; 116 : }
; 117 :
; 118 : // 输出加个结束符
; 119 : *pDst = '\0';
; 120 :
; 121 : return nDstLen;
000f5 8b c7 mov eax, edi
000f7 5f pop edi
000f8 5e pop esi
000f9 5d pop ebp
000fa c6 01 00 mov BYTE PTR [ecx], 0
000fd 5b pop ebx
; 122 : }
000fe 83 c4 08 add esp, 8
00101 c3 ret 0
[email=?DecodeBase64@@YAHPBDPAEH@Z]?DecodeBase64@@YAHPBDPAEH@Z[/email] ENDP ; DecodeBase64
_TEXT ENDS
_DATA SEGMENT
COMM [email=??_B?1???id@?$ctype@G@std@@$D@@9@51:BYTE]??_B?1???id@?$ctype@G@std@@$D@@9@51:BYTE[/email] ; [email=??_B?1???id@?$ctype@G@std@@$D@@9@51]??_B?1???id@?$ctype@G@std@@$D@@9@51[/email]
_DATA ENDS
; COMDAT _$E383
_TEXT SEGMENT
_$E383 PROC NEAR ; COMDAT
00000 8a 0d 00 00 00
00 mov cl, BYTE PTR [email=??_B?1???id@?$ctype@G@std@@$D@@9@51]??_B?1???id@?$ctype@G@std@@$D@@9@51[/email] ; [email=??_B?1???id@?$ctype@G@std@@$D@@9@51]??_B?1???id@?$ctype@G@std@@$D@@9@51[/email]
00006 b0 01 mov al, 1
00008 84 c8 test cl, al
0000a 75 08 jne SHORT $L132352
0000c 0a c8 or cl, al
0000e 88 0d 00 00 00
00 mov BYTE PTR [email=??_B?1???id@?$ctype@G@std@@$D@@9@51]??_B?1???id@?$ctype@G@std@@$D@@9@51[/email], cl ; [email=??_B?1???id@?$ctype@G@std@@$D@@9@51]??_B?1???id@?$ctype@G@std@@$D@@9@51[/email]
$L132352:
00014 e9 00 00 00 00 jmp _$E382
_$E383 ENDP
_TEXT ENDS
PUBLIC [email=?id@?$ctype@G@std@@$E]?id@?$ctype@G@std@@$E[/email] ; std::ctype::id
EXTRN _atexit:NEAR
; COMDAT _$E382
_TEXT SEGMENT
_$E382 PROC NEAR ; COMDAT
; 467 : {_Ctype = _Lobj._Getctype(); }
00000 68 00 00 00 00 push OFFSET FLAT:?id@?$ctype@G@std@@$E ; std::ctype::id
00005 e8 00 00 00 00 call _atexit
0000a 59 pop ecx
0000b c3 ret 0
_$E382 ENDP
_TEXT ENDS
; COMDAT [email=?id@?$ctype@G@std@@$E]?id@?$ctype@G@std@@$E[/email]
_TEXT SEGMENT
[email=?id@?$ctype@G@std@@$E]?id@?$ctype@G@std@@$E[/email] PROC NEAR ; std::ctype::id, COMDAT
00000 c3 ret 0
[email=?id@?$ctype@G@std@@$E]?id@?$ctype@G@std@@$E[/email] ENDP ; std::ctype::id
_TEXT ENDS
END |