Utilizando Um Debugger Ollydbg

Utilizando um debugger - OllyDbg http://www.hardware.com.
br/comunidade/utilizando-debugger/785195/
!"
# $ !" % !& '( )
* # $ '
!" (+
, % (
- !" (.
/ ,
% ! 0 1 0#
1 2 23((('( - , *
% # '(
2( 4 !"
5(
6( 4 %
8( 7 / !"
9( )
:( -
; <
!" ,
$ =
(
- * *
, $ , % % (
* %
, !& >
# '( ?" % ,
@ < A, ABB (
" , !& ( +
4 . !" #C ,
/ '( + * % !" , *
< @ # !" !" ' !
@ ( $
1 de 18 29/4/2014 09:25
Utilizando um debugger - OllyDbg http://www.hardware.com.br/comunidade/utilizando-debugger/785195/
/ D E #.F.' ,
% @ $ ,
% !& (
+ / <,
% " = D65 + ;, 4 +, D , % 4A. (?
, * # '
< (G *
% , H E = =IIEEE( (
; J , J
@ % # J '( C
/ =
K (A (L !"
, %
!" (. * % J $
@ (
!" !& $
# !" '(
. ( % E " %
% % !" I (;
% H , " % (+
@* ,
$ @% < M (+ !" /
%* @% D E #D ; '*
/ @ (
+ ( * %
(C J *
< (
A * <
% (
- % *
% , % @ , ,
! ( * * ,$ *
(A " / J ,% N ,
< " , %
(+ / =
!""#$ % G * (G % !&
/ @ (G @
* #+ ', % #7- ', , J,
H(
! & # # "
'( K @
" (
'$! !(# !') $! ! & # G % /

!" @ (K J J
@ * ! ,
(
*+# , )# -. G ( < * %
2 de 18 29/4/2014 09:25
% , J , !
# 47 O ,7 OP , '( . % %
J (Q
,* (
!/ ") #$ !" - @ # "

% @ )+;'( ./ , A-
% !" !& (+
(
65 1 * 65
, " (
# )! 0 ! 1 !2! 2#2!* !')! #/!'" 3
+ ! ,
7
A !" (((
4
- % * # '
,$ * * (
+ # , * '* / <
@ # , $ / '
> (G !" (
, % , *
!" R ,
* ,$ * (
?" / % , (C
!"
(- % "
> " (
# , @ !" ' * !" *

(A , ,
!" ( ; > " !"
, < (C $ /
/ > ; C=
A@ =
MOV EAX,1
. 2 .+F #
/ !" '( ? %
# ', * $ 1
=
A@ =
B801000000
+ !" > # '* / ,

% 4 4+65( G
% / (
3 de 18 29/4/2014 09:25
+ % * , %
" < A - (? 4% 1
!& , E ,7 D (K *% !& ,
# S K + 4A'(
7 $ %
!& ,% !" ( ; ,
, J % !&
I @ J (
- , !" * !
@ ( J % !" *
< ! @ (A !" *
! , * % / @ ( J%
,* ! @ ,
!& + 4A (C $ / /
% @ A ,
=
A@ =
void main() {
int a = 4;
int b = 6;
int c;
if((a == 4) && (b == 6)) {

c = 5;
}
}
@ % #
@ * 1 , / % '=
A@ =
00000000 MOV EAX,4h ;move o valor 4 para EAX
00000005 MOV EBX,6h ;move o valor 6 para EBX
0000000A CMP EAX,4h ;compara EAX com 4, se for verdadeiro: ZF = 1
0000000D JNE 00000019h ;se ZF != 1, pule para endereço 00000019h
0000000F CMP EBX,6h ;compara EBX com 6, se for verdadeiro: ZF = 1
00000012 JNE 00000019h ;se ZF != 1, pule para endereço 00000019h
00000014 MOV ECX,5h ;move o valor 5 para ECX
00000019 RETN ;finaliza execução e retorna
- @ * &
(. * , ! !&
# > '(
% /
< , " (
4 65
65 = .+F, . F, .AF, . F, . -, . -, . 4, . 4 .4-( K
T% !" " U, ,
" @ (C J
@ "
# % I % '( 1 , .4-, *
, * !& % !
@/ !" ( + % /
% !" !" (
4 de 18 29/4/2014 09:25
. " 65 (? * * <
V 2: , / .+F / #
* '=
- !" V , " V %
+F W " V % +F( - !" 2: , "
2: % !" 65 (
+* , * 7 / , "
!& # % , '( . "/
!& A;- K. K( % , " =
X7 #X 7 ', A7 #A 7 ' 7# 7 '( + X7 * !"
# !" 1 * A;-
X7 !" $ ,
'( + % A7 * !" /
I # % E'( - 1 , 7,
* % % 2,
# '(
! " % /
(+ J !" " <
! @
( #Y ' * ! !& , *
* J % (
@ / * < !
!" #33832333' ! @ #33836333'
1 =
A@ =
00401000 MOV BYTE PTR DS:[00403000], 09h
- 1 !& , "
> , / % % (
+ / !& ,
# " / 263 !&
4 '(
5 ,
; (. !" !& ,
% % #
, @ , , '( + / =
MOV EAX, 10h

MOV AX, WORD PTR DS:[00403000]
MOV BYTE PTR DS:[00403002], 1Ch
2, 5
) !" (+ !" * %
% # ', X7
2( C !" " ,
% (
CMP EAX, 04h
5 de 18 29/4/2014 09:25
6 !
7 @ ! (
JMP 00401008h
67 ! I6 !
7 (A % $ 2, (
? $ A;- !"
$ (
JE 0040101Ah
6 7 ! I6 !
, % " %
#X7 Z 3'(
JNZ 0040102Ch
, 2
+ 2 (K * !& ,
& ; C( , A7 * (
ADD EBX, 04h

ADD EBX, DWORD PTR DS:[00403032]
, 2
) !" (+ !& < "
+ (
SUB ECX, 2Ah
8
A # H'( - W*
% !& #A+ ', * * % !"
(
PUSH 08h
) (
POP EAX
7 % !" ( G < %
A+ , , * % !" /
( A+ ! % !"
% / !" (
CALL User32!GetDlgItemTextA
CALL 0040115Fh
. " !& (A /
, "
(- / !" %
, ! =
=IIEEE( ( ( I % ((( I I
@/ < !" %
" (
A I < I & " , # " "
6 de 18 29/4/2014 09:25
% J '(
+ !
7
[ - % " C !
? 23 ,7
C +< !
9 4
+ @ @ , (
? < % , ,
(
- , % (. *
$ < # " !" , !"
'( C J / / $ @ % #
/ ;+ ;65 D + 4 .' H / =
=IIEEE(% ( I% I (
/ * =IIEEE( ( (G
" !" , / 1 (
+ @ / < , ,
# ( / '( ) $
(C / % ,$ $ < *
% , (+ =
7 de 18 29/4/2014 09:25
+ % * & ( * "
(+ % !& / * "
, /
% # " '(
. & 2 8(
!/ :
. * , * (. *
=
* '# O+ (. ! !& #
! , $ % / '(
C J ! " " !" (
4 % !& ,
(
* '# 0 O W / (+ @ !" % / #
5 , 2 '( " %
/ " (A
% , !& , ! @/
!" * ! !" !" (
C $ / / (. ! ! 33832333
# " D E ' !" * 5 #:+ 33'(
! @/ !" # / ' !
!" #33832333B5' Z 33832335(
* '# ; O (. * !" !"
8 de 18 29/4/2014 09:25
!& (+ *%
(
* '# < O A (. " % , *

% !& ( % % !"
$ # J %
+-4 D E ,%
!" '(
!/ : 0
. % @ #$
'( + !" * ,
(A % !" ,
# * '( + % " /
, A #A 7 ', X #X 7 ' # 7 '
!/ : ;
. " @ %< #)+;' (G <

@ ! (G J
=
* '# O+ (; ! @ (
* '# 0 O W / (. ! * @ (- "
V " ! V V
(
* '# ; O + A44( . / % %
@ (- " / !" + A44
( !" "
(
!/ : <
; # H'( A , *
% !" ( C * %
, % !& " (
K * * 6 =
* '# O+ (A ! (?
! , !" *
D ) #8 '
* '# 0 O C (C !
* '# ; O A ( % !&
! ( % # !
' % !& (
+* & @ % =
+ / !" " , (
=!' + / !"
!")# ) O )
* "! O 7 !"
9 de 18 29/4/2014 09:25
*#> O 4 / !" !" (A H

# ', / (
# "! O -
)!= ') O A H % !" ,

" % !" 1 % !" (
)!= 2! O (. " T U
# / ', !" @/ !" (
# ! ') O % H (. !&
! , * 1 % !& (
# ! 2! O , " % 1
(
?! )! ** !) ' O ./ !& *
#).K?'(
) $$ !"" O - % ! @ (
+ @ !" , & $ =
@ + A / B '$ A= / , !&
, (
@ + A $ *!" B '$ A= / @ % !& /
# '( A * < !&
$ # $ % '( .
$ @ * % H +-4 D E ,
% / !" " @ (
@ + A ! > B '$ A= @
, !& / !" I / !" ( -
@ , " @ %<
$ (
@ + A + !#$"= / (. !&
* < , * $ ,
(
B@ + A B '$ A"= % !" $
# % D - '( @ "
/ !" # * "
'(
8 @ + A 8#'$*!"= / % !" # % J
$ ' " (Q ,*
, * % , / (
@ + A =$ " , *
( 1 $ % / # &
% 2 8'(
% C + A #) +!"= % !& % / % $ ,
% % !" M !" (
D @ + A #** )# -= % !" * " %
(
@ + A !#-= ')" B '$ A= / H (
@ + A !E! !' !"= / % J # $
, !" , '( C (
@ ' # != $ * !"
# % K 4 I '( K *
, / !" % #*
< / !" @ $ '(
@ + A != * % !& ,
@ * * (?
$ / @ @ %
/ (; 1 @
(
- 1 & % !" $ (
10 de 18 29/4/2014 09:25

Utilizando Um Debugger Ollydbg

Enviado por

Dados do documento

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Utilizando Um Debugger Ollydbg

Enviado por

Direitos autorais:

Formatos disponíveis

Utilizando um debugger - OllyDbg http://www.hardware.com.

'$! !(# !') $! ! & # G % /

!/ ") #$ !" - @ # "

# )! 0 ! 1 !2! 2#2!* !')! #/!'" 3

# , @ !" ' * !" *

+ !" > # '* / ,

if((a == 4) && (b == 6)) {

MOV EAX, 10h

CMP EAX, 04h

ADD EBX, 04h

SUB ECX, 2Ah

A I < I & " , # " "

* '# ; O (. * !" !"

* '# < O A (. " % , *

. " @ %< #)+;' (G <

*#> O 4 / !" !" (A H

)!= ') O A H % !" ,

Você também pode gostar