我已经反编译了一些汇编代码。它有什么作用?

I have uncompiled some assembly code. What does it do?

这是IDA Pro生成的代码。它在做什么?我很难理解它要做什么。这些变量的名字很奇怪,因为它们是由反编译器生成的。

int __cdecl main(int argc, const char **argv, const char **envp)
{
  int result; // eax@2
  int v4; // [sp+0h] [bp-38h]@0
  char v5; // [sp+4h] [bp-34h]@1
  char v6; // [sp+5h] [bp-33h]@1
  char v7; // [sp+6h] [bp-32h]@1
  char v8; // [sp+7h] [bp-31h]@1
  char v9; // [sp+8h] [bp-30h]@1
  int i; // [sp+Ch] [bp-2Ch]@5
  HMODULE hModule; // [sp+10h] [bp-28h]@17
  const char v12; // [sp+14h] [bp-24h]@12
  char v13; // [sp+18h] [bp-20h]@12
  FARPROC v14; // [sp+1Ch] [bp-1Ch]@19
  char v15; // [sp+20h] [bp-18h]@12
  char v16; // [sp+24h] [bp-14h]@12
  char v17; // [sp+28h] [bp-10h]@1
  char v18; // [sp+29h] [bp-Fh]@1
  char v19; // [sp+2Ah] [bp-Eh]@1
  char v20; // [sp+2Bh] [bp-Dh]@1
  char v21; // [sp+2Ch] [bp-Ch]@1
  char v22; // [sp+2Dh] [bp-Bh]@1
  char v23; // [sp+2Eh] [bp-Ah]@1
  char v24; // [sp+2Fh] [bp-9h]@1
  char v25; // [sp+30h] [bp-8h]@1
  char v26; // [sp+31h] [bp-7h]@1
  char v27; // [sp+32h] [bp-6h]@1
  char v28; // [sp+33h] [bp-5h]@1
  char v29; // [sp+34h] [bp-4h]@1

  v17 = 101;
  v18 = 118;
  v19 = 105;
  v20 = 108;
  v21 = 46;
  v22 = 109;
  v23 = 116;
  v24 = 120;
  v25 = 46;
  v26 = 99;
  v27 = 111;
  v28 = 109;
  v29 = 0;
  v5 = 56;
  v6 = 48;
  v7 = 56;
  v8 = 48;
  v9 = 0;
  if ( argc == 3 )
  {
    if ( strlen(argv[1]) == 5 )
    {
      for ( i = 0; i < 5; ++i )
        --*(&byte_407030 + i);
      if ( !strncmp(&byte_407030, argv[1], 5u) )
      {
        v24 = byte_407030;
        if ( strlen(argv[2]) == 4 )
        {
          v16 = *argv[2] + 20;
          v15 = argv[2][1] - 10;
          v13 = argv[2][2] + 20;
          v12 = argv[2][3];
          if ( v16 == 85 && v15 == 89 && v13 == 121 && v12 == 33 )
          {
            sub_401000();
            hModule = LoadLibraryA(LibFileName);
            if ( hModule == (HMODULE)-1 )
            {
              result = -1;
            }
            else
            {
              v14 = GetProcAddress(hModule, lpProcName);
              if ( v14 )
              {
                ((void (__cdecl *)(char *, char *))v14)(&v17, &v5);
                result = 0;
              }
              else
              {
                result = -1;
              }
            }
          }
          else
          {
            sub_40122B((int)aFail, v4);
            result = 0;
          }
        }
        else
        {
          result = 0;
        }
      }
      else
      {
        sub_40122B((int)aFail, v4);
        result = 0;
      }
    }
    else
    {
      result = 0;
    }
  }
  else
  {
    result = 0;
  }
  return result;
}

我会分享我到目前为止所理解的..

1) It expects 3 arguments, and the first one has to be of length 5.

2) After the comparison if ( !strncmp(&byte_407030, argv[1], 5u) ) which is pretty difficult to understand, They check for the length of the second argument here if ( strlen(argv[2]) == 4 )

3) After that they check if the second argument is Ace! or not.

v16 = *argv[2] + 20;
v15 = argv[2][1] - 10;
v13 = argv[2][2] + 20;
v12 = argv[2][3];
if ( v16 == 85 && v15 == 89 && v13 == 121 && v12 == 33 )

4) Then it loads module accordingly, shown in all the if else conditions.