vb 反编译和找回登录
vb decompile and retrieving login
我正在努力为这个 VB 应用程序找到正确的登录名和密码......
我已经尝试过:IDA,Olly,vb decompliler(从那里粘贴代码)等等...也许有人可以帮我找到它或者只是给我一个如何做的建议。(这不是商业应用程序只是一个我无法完成的练习:(.)
代码反编译:
Private Sub Command1_Click() '402AA0
var_eax = arg_8.AddRef 'Ignore this
On Error Resume Next
var_eax = Form1.Text1 'Ignore this
var_A4 = Text1.Text
var_B0 = var_A4
var_90 = var_A4
var_eax = Form1.Text2 'Ignore this
var_A4 = Text2.Text
var_40 = var_A4
var_ret_1 = (Len(var_90) = "")
var_ret_2 = (Len(var_40) = "")
call Or(var_F8, var_ret_2, var_ret_1, arg_8, arg_8, 00000001h, edi, %ecx = %S_edx_S, arg_8)
If CBool(Or(var_F8, var_ret_2, var_ret_1, arg_8, arg_8, 00000001h, edi, var_E8 = %S_edx_S, arg_8)) Then
var_eax = Call Form1.clearoff
var_B8 = Len(var_90)
If (var_B8 <> 6) Then
var_eax = Call Form1.clearoff
var_50 = vbNullString
For var_A0 = "" To Len(var_90) - 1 Step 1
If var_180 Then
var_120 = vbNullString
If (var_50 = vbNullString) Then
var_E8 = Mid(var_90, CLng(Len(var_90) - var_A0), 1)
var_A4 = CStr(var_E8)
var_F0 = Asc(var_A4)
var_50 = Str(Asc(var_A4))
call undef 'Ignore this '__vbaFreeVarList(00000003h, 2, var_E8, 2)
GoTo loc_00403074
End If
var_E8 = Mid(var_90, CLng(Len(var_90) - var_A0), 1)
var_A4 = CStr(var_E8)
var_F0 = Asc(var_A4)
var_108 = Str(Asc(var_A4))
var_118 = var_50 & var_108
var_50 = var_118
call undef 'Ignore this '__vbaFreeVarList(00000004h, 2, var_E8, 2, var_108)
'Referenced from: 00402F7E
Next var_A0
GoTo loc_00402E6B
End If
var_A0 = Len(var_50)
var_30 = Str(116)
call undef 'Ignore this '__vbaFreeVar(var_180, var_190)
var_C8 = Str(114)
var_30 = var_30 + var_C8
call undef 'Ignore this '__vbaFreeVarList(00000002h, 2, var_C8)
var_C8 = Str(97)
var_30 = var_30 + var_C8
call undef 'Ignore this '__vbaFreeVarList(00000002h, 2, var_C8)
var_C8 = Str(117)
var_30 = var_30 + var_C8
call undef 'Ignore this '__vbaFreeVarList(00000002h, 2, var_C8)
var_C8 = Str(116)
var_30 = var_30 + var_C8
call undef 'Ignore this '__vbaFreeVarList(00000002h, 2, var_C8)
var_C8 = Str(83)
var_30 = var_30 + var_C8
call undef 'Ignore this '__vbaFreeVarList(00000002h, 2, var_C8)
If (var_50 <> var_30) Then
var_eax = Call Form1.clearoff
For var_A0 = 1 To Len(var_90) Step 1
If var_A0 Then
var_C8 = Mid(var_90, CLng(var_A0), 1)
call undef 'Ignore this '__vbaFreeVarList(00000002h, 2, var_C8)
var_70 = var_70 & Hex(Asc(CStr(var_C8)))
call undef 'Ignore this '__vbaFreeVar
Next var_A0
GoTo loc_0040338A
End If
For var_A0 = Len(var_70) To 1 Step -1
If var_1D0 Then
var_C8 = Mid(var_70, CLng(var_A0), 1)
ebx = IsNumeric(var_C8) + 1
call undef 'Ignore this '__vbaFreeVarList(00000002h, 2, var_C8, var_1A0, var_1B0)
If IsNumeric(var_C8) + 1 Then
var_A4 = CStr(Mid(var_70, CLng(var_A0), 1))
var_130 = Asc(var_A4)
var_60 = var_60 & Asc(var_A4)
GoTo loc_0040368C
End If
var_C8 = Mid(var_70, CLng(var_A0), 1)
var_60 = var_60 & var_C8
'Referenced from: 0040361A
call undef 'Ignore this '__vbaFreeVarList(00000002h, var_B8, var_C8, 00000002h, var_B8, var_C8)
Next var_A0
GoTo loc_004034FB
End If
If (var_40 = var_60) Then
var_120 = "Welcome "
var_130 = ", Remote access link to Mod-X terminal created"
call undef 'Ignore this '__vbaFreeVarList(00000005h, var_B8, var_C8, var_D8, var_E8, var_F8, var_1C0, var_1D0)
GoTo loc_004037D6
End If
var_eax = Call Form1.clearoff
'Referenced from: 004037AB
End
var_eax = Call Form1.clearoff
If Call Form1.clearoff < 0 Then
Call Form1.clearoff = CheckObj(arg_8, var_00402174, 1784)
Exit Sub
GoTo loc_0040386E
call undef 'Ignore this '__vbaFreeVarList(00000007, var_B8, var_C8, var_D8, var_E8, var_F8, var_108, var_118, var_004038D8)
Exit Sub
'Referenced from: 00403817
call undef 'Ignore this '__vbaFreeVarList(00000006, var_180, var_190, var_1A0, var_1B0, var_1C0, var_1D0)
call undef 'Ignore this '__vbaFreeVar
call undef 'Ignore this '__vbaFreeVar
call undef 'Ignore this '__vbaFreeVar
call undef 'Ignore this '__vbaFreeVar
call undef 'Ignore this '__vbaFreeVar
call undef 'Ignore this '__vbaFreeVar
call undef 'Ignore this '__vbaFreeVar
call undef 'Ignore this '__vbaFreeVar
End Sub
Public Sub clearoff() '403900
var_eax = arg_8.AddRef 'Ignore this
var_34 = "Failed"
var_24 = "Incorrect. Verification failed."
call undef 'Ignore this '__vbaFreeVarList(00000004, var_24, var_34, var_44, var_54, 00000008h, %ecx = %S_edx_S, 0000000Ah)
End
GoTo loc_004039EC
call undef 'Ignore this '__vbaFreeVarList(00000004, var_24, var_34, var_44, var_54, var_004039ED)
Exit Sub
'Referenced from: 004039CE
End Sub
所以,如果没有程序来测试它,它会出现...
登录:斯图尔特
密码:472716574735
第一部分只是将登录文本框的输入反转,并将其与"trautS"(Ascii 字符:116,114,97,117,116,83)进行比较,如果不匹配,则清除表单.所以登录名必须是 Stuart。
密码:
var_70 是登录名的十六进制字符串
83,116,117,97,114,116 => 537475617274
然后它反向循环 var_70 ,寻找非数字值,然后它获取数字的字符串表示并将其添加到总数中,否则它只是将数字放在最后(var_60)。
密码似乎只是登录名的十六进制字符串。
编辑:发现我的逻辑有缺陷。
我正在努力为这个 VB 应用程序找到正确的登录名和密码...... 我已经尝试过:IDA,Olly,vb decompliler(从那里粘贴代码)等等...也许有人可以帮我找到它或者只是给我一个如何做的建议。(这不是商业应用程序只是一个我无法完成的练习:(.)
代码反编译:
Private Sub Command1_Click() '402AA0
var_eax = arg_8.AddRef 'Ignore this
On Error Resume Next
var_eax = Form1.Text1 'Ignore this
var_A4 = Text1.Text
var_B0 = var_A4
var_90 = var_A4
var_eax = Form1.Text2 'Ignore this
var_A4 = Text2.Text
var_40 = var_A4
var_ret_1 = (Len(var_90) = "")
var_ret_2 = (Len(var_40) = "")
call Or(var_F8, var_ret_2, var_ret_1, arg_8, arg_8, 00000001h, edi, %ecx = %S_edx_S, arg_8)
If CBool(Or(var_F8, var_ret_2, var_ret_1, arg_8, arg_8, 00000001h, edi, var_E8 = %S_edx_S, arg_8)) Then
var_eax = Call Form1.clearoff
var_B8 = Len(var_90)
If (var_B8 <> 6) Then
var_eax = Call Form1.clearoff
var_50 = vbNullString
For var_A0 = "" To Len(var_90) - 1 Step 1
If var_180 Then
var_120 = vbNullString
If (var_50 = vbNullString) Then
var_E8 = Mid(var_90, CLng(Len(var_90) - var_A0), 1)
var_A4 = CStr(var_E8)
var_F0 = Asc(var_A4)
var_50 = Str(Asc(var_A4))
call undef 'Ignore this '__vbaFreeVarList(00000003h, 2, var_E8, 2)
GoTo loc_00403074
End If
var_E8 = Mid(var_90, CLng(Len(var_90) - var_A0), 1)
var_A4 = CStr(var_E8)
var_F0 = Asc(var_A4)
var_108 = Str(Asc(var_A4))
var_118 = var_50 & var_108
var_50 = var_118
call undef 'Ignore this '__vbaFreeVarList(00000004h, 2, var_E8, 2, var_108)
'Referenced from: 00402F7E
Next var_A0
GoTo loc_00402E6B
End If
var_A0 = Len(var_50)
var_30 = Str(116)
call undef 'Ignore this '__vbaFreeVar(var_180, var_190)
var_C8 = Str(114)
var_30 = var_30 + var_C8
call undef 'Ignore this '__vbaFreeVarList(00000002h, 2, var_C8)
var_C8 = Str(97)
var_30 = var_30 + var_C8
call undef 'Ignore this '__vbaFreeVarList(00000002h, 2, var_C8)
var_C8 = Str(117)
var_30 = var_30 + var_C8
call undef 'Ignore this '__vbaFreeVarList(00000002h, 2, var_C8)
var_C8 = Str(116)
var_30 = var_30 + var_C8
call undef 'Ignore this '__vbaFreeVarList(00000002h, 2, var_C8)
var_C8 = Str(83)
var_30 = var_30 + var_C8
call undef 'Ignore this '__vbaFreeVarList(00000002h, 2, var_C8)
If (var_50 <> var_30) Then
var_eax = Call Form1.clearoff
For var_A0 = 1 To Len(var_90) Step 1
If var_A0 Then
var_C8 = Mid(var_90, CLng(var_A0), 1)
call undef 'Ignore this '__vbaFreeVarList(00000002h, 2, var_C8)
var_70 = var_70 & Hex(Asc(CStr(var_C8)))
call undef 'Ignore this '__vbaFreeVar
Next var_A0
GoTo loc_0040338A
End If
For var_A0 = Len(var_70) To 1 Step -1
If var_1D0 Then
var_C8 = Mid(var_70, CLng(var_A0), 1)
ebx = IsNumeric(var_C8) + 1
call undef 'Ignore this '__vbaFreeVarList(00000002h, 2, var_C8, var_1A0, var_1B0)
If IsNumeric(var_C8) + 1 Then
var_A4 = CStr(Mid(var_70, CLng(var_A0), 1))
var_130 = Asc(var_A4)
var_60 = var_60 & Asc(var_A4)
GoTo loc_0040368C
End If
var_C8 = Mid(var_70, CLng(var_A0), 1)
var_60 = var_60 & var_C8
'Referenced from: 0040361A
call undef 'Ignore this '__vbaFreeVarList(00000002h, var_B8, var_C8, 00000002h, var_B8, var_C8)
Next var_A0
GoTo loc_004034FB
End If
If (var_40 = var_60) Then
var_120 = "Welcome "
var_130 = ", Remote access link to Mod-X terminal created"
call undef 'Ignore this '__vbaFreeVarList(00000005h, var_B8, var_C8, var_D8, var_E8, var_F8, var_1C0, var_1D0)
GoTo loc_004037D6
End If
var_eax = Call Form1.clearoff
'Referenced from: 004037AB
End
var_eax = Call Form1.clearoff
If Call Form1.clearoff < 0 Then
Call Form1.clearoff = CheckObj(arg_8, var_00402174, 1784)
Exit Sub
GoTo loc_0040386E
call undef 'Ignore this '__vbaFreeVarList(00000007, var_B8, var_C8, var_D8, var_E8, var_F8, var_108, var_118, var_004038D8)
Exit Sub
'Referenced from: 00403817
call undef 'Ignore this '__vbaFreeVarList(00000006, var_180, var_190, var_1A0, var_1B0, var_1C0, var_1D0)
call undef 'Ignore this '__vbaFreeVar
call undef 'Ignore this '__vbaFreeVar
call undef 'Ignore this '__vbaFreeVar
call undef 'Ignore this '__vbaFreeVar
call undef 'Ignore this '__vbaFreeVar
call undef 'Ignore this '__vbaFreeVar
call undef 'Ignore this '__vbaFreeVar
call undef 'Ignore this '__vbaFreeVar
End Sub
Public Sub clearoff() '403900
var_eax = arg_8.AddRef 'Ignore this
var_34 = "Failed"
var_24 = "Incorrect. Verification failed."
call undef 'Ignore this '__vbaFreeVarList(00000004, var_24, var_34, var_44, var_54, 00000008h, %ecx = %S_edx_S, 0000000Ah)
End
GoTo loc_004039EC
call undef 'Ignore this '__vbaFreeVarList(00000004, var_24, var_34, var_44, var_54, var_004039ED)
Exit Sub
'Referenced from: 004039CE
End Sub
所以,如果没有程序来测试它,它会出现...
登录:斯图尔特
密码:472716574735
第一部分只是将登录文本框的输入反转,并将其与"trautS"(Ascii 字符:116,114,97,117,116,83)进行比较,如果不匹配,则清除表单.所以登录名必须是 Stuart。
密码: var_70 是登录名的十六进制字符串
83,116,117,97,114,116 => 537475617274
然后它反向循环 var_70 ,寻找非数字值,然后它获取数字的字符串表示并将其添加到总数中,否则它只是将数字放在最后(var_60)。
密码似乎只是登录名的十六进制字符串。
编辑:发现我的逻辑有缺陷。