渗透TEA加密算法
00401331 MOV ESI,EAX
;mirvar(0) 初始化esi
00401333 CALL <CrackMe_._mirvar>
00401338 PUSH 0
0040133A MOV EDI,EAX
;mirvar(0) 初始化edi
0040133C CALL <CrackMe_._mirvar>
00401341 PUSH 0
00401343 MOV EBX,EAX
;mirvar(0) 初始化ebx
00401345 CALL <CrackMe_._mirvar>
0040134A PUSH CrackMe_.0040D118
;ASCII
"16EDE8A1E238448FCFB017368DC4DC026F44BD6C5A531286267C16B9B6DC6EE0" 0040134F PUSH EDI
00401350 MOV EBP,EAX
;mirvar(0) 初始化ebp
00401352 CALL <CrackMe_._cinstr>
00401357 PUSH CrackMe_.0040D0D4
; ASCII "E7D47A8E307241130434E06254CE6561B4AF1790119DCB4B4544081A60B0A1BB" 0040135C PUSH EBP
;Cinstr() 字符串
0040135D CALL <CrackMe_._cinstr>
00401362 MOV EAX,DWORD PTR SS:[ESP+54]
00401366 LEA ECX,DWORD PTR SS:[ESP+120]
0040136D PUSH ECX
0040136E PUSH EBX
0040136F MOV DWORD PTR DS:[EAX+234],100
;转为256进制
00401379 CALL <CrackMe_._cinstr>
;Cinstr() 字符串转为大数
0040137E MOV EDX,DWORD PTR SS:[ESP+5C]
00401382 PUSH ESI
00401383 PUSH EBP
00401384 PUSH EBX
00401385 PUSH EDI
00401386 MOV DWORD PTR DS:[EDX+234],10
00401390 CALL <CrackMe_._powmod>
powmod(edi,ebx,ebp,esi)作用是esi=edi^ebx mod ebp
00401395 ADD ESP,44
00401398 PUSH ESI
00401399 PUSH EBP
0040139A PUSH ESI
0040139B PUSH EDI