N
nnscccn
Unregistered / Unconfirmed
GUEST, unregistred user!
两个问题:
我用dede3.5反编译了一个小软件,这个软件只有一个exe文件,但是反编译后得到的结果都是汇编语句。
问题一:
procedure TfMain.HelpClick(Sender : TObject);
begin
(*
* Possible String Reference to: 'fxhelp.hlp'
|
0051B28C B8A0B25100 mov eax, $0051B2A0
|
0051B291 E8CE85FCFF call 004E3864
0051B296 C3 ret
*)
end;
procedure TfMain.UpdateNowClick(Sender : TObject);
begin
(*
|
0051B2CC E8BBE8FFFF call 00519B8C
0051B2D1 C3 ret
*)
end;
procedure TfMain.Readme1Click(Sender : TObject);
begin
(*
* Possible String Reference to: 'readme.txt'
|
0051B2AC B8C0B25100 mov eax, $0051B2C0
|
0051B2B1 E8AE85FCFF call 004E3864
0051B2B6 C3 ret
*)
end;
请问这三个过程分别是调用的哪个函数?第一个过程,当点击help菜单时,弹出fxhelp.hlp
帮助文件。第三个过程,当点击readme菜单时,弹出readme.txt文档。他们调用的是同一个函数,我试过winexec,shellexecute,winhelp,helpcommand,编译成exe文件后,再用dede3.5反编译,但都得不到上面的汇编代码,请问他们调用的是那个函数?
问题二:
procedure TfMain.FormCreate(Sender : TObject);
begin
(*
0051B0AC 53 push ebx
0051B0AD 8BD8 mov ebx, eax
* Reference to field TfMain.OFFS_0374 : Byte
|
0051B0AF C6837403000000 mov byte ptr [ebx+$0374], $00
* Reference to field TfMain.OFFS_0375 : Byte
|
0051B0B6 C6837503000001 mov byte ptr [ebx+$0375], $01
* Reference to field TfMain.OFFS_0378 : String
|
0051B0BD 8D8378030000 lea eax, [ebx+$0378]
* Reference to: System.@LStrClr(void;void);
|
0051B0C3 E83497EEFF call 004047FC
* Reference to field TfMain.TileMode : TTileMode
|
0051B0C8 C6833202000001 mov byte ptr [ebx+$0232], $01
* Reference to TScreen instance
|
0051B0CF A1B8EA5100 mov eax, dword ptr [$0051EAB8]
0051B0D4 8B00 mov eax, [eax]
* Reference to: Forms.TScreen.GetWidth(TScreen):Integer;
|
0051B0D6 E835CAF5FF call 00477B10
0051B0DB 8BD0 mov edx, eax
0051B0DD 83EA28 sub edx, +$28
0051B0E0 8BC3 mov eax, ebx
* Reference to: Controls.TControl.SetWidth(TControl;Integer);
|
0051B0E2 E875E4F3FF call 0045955C
* Reference to TScreen instance
|
0051B0E7 A1B8EA5100 mov eax, dword ptr [$0051EAB8]
0051B0EC 8B00 mov eax, [eax]
* Reference to: Forms.TScreen.GetHeight(TScreen):Integer;
|
0051B0EE E811CAF5FF call 00477B04
0051B0F3 8BD0 mov edx, eax
0051B0F5 83EA28 sub edx, +$28
0051B0F8 8BC3 mov eax, ebx
* Reference to: Controls.TControl.SetHeight(TControl;Integer);
|
0051B0FA E881E4F3FF call 00459580
0051B0FF 8BC3 mov eax, ebx
|
0051B101 E8C6000000 call 0051B1CC
0051B106 B201 mov dl, $01
* Reference to class TStringList
|
0051B108 A17CBF4100 mov eax, dword ptr [$0041BF7C]
* Reference to: System.TObject.Create(TObject;Boolean);
|
0051B10D E8A688EEFF call 004039B8
* Reference to field TfMain.OFFS_0370 : TStringList
|
0051B112 898370030000 mov [ebx+$0370], eax
0051B118 8BC3 mov eax, ebx
|
0051B11A E8B5010000 call 0051B2D4
0051B11F 5B pop ebx
0051B120 C3 ret
*)
end;
请问这段代码是什么意思?分别调用了那些函数?请给出详细解释。还有三百分,全送了。
我用dede3.5反编译了一个小软件,这个软件只有一个exe文件,但是反编译后得到的结果都是汇编语句。
问题一:
procedure TfMain.HelpClick(Sender : TObject);
begin
(*
* Possible String Reference to: 'fxhelp.hlp'
|
0051B28C B8A0B25100 mov eax, $0051B2A0
|
0051B291 E8CE85FCFF call 004E3864
0051B296 C3 ret
*)
end;
procedure TfMain.UpdateNowClick(Sender : TObject);
begin
(*
|
0051B2CC E8BBE8FFFF call 00519B8C
0051B2D1 C3 ret
*)
end;
procedure TfMain.Readme1Click(Sender : TObject);
begin
(*
* Possible String Reference to: 'readme.txt'
|
0051B2AC B8C0B25100 mov eax, $0051B2C0
|
0051B2B1 E8AE85FCFF call 004E3864
0051B2B6 C3 ret
*)
end;
请问这三个过程分别是调用的哪个函数?第一个过程,当点击help菜单时,弹出fxhelp.hlp
帮助文件。第三个过程,当点击readme菜单时,弹出readme.txt文档。他们调用的是同一个函数,我试过winexec,shellexecute,winhelp,helpcommand,编译成exe文件后,再用dede3.5反编译,但都得不到上面的汇编代码,请问他们调用的是那个函数?
问题二:
procedure TfMain.FormCreate(Sender : TObject);
begin
(*
0051B0AC 53 push ebx
0051B0AD 8BD8 mov ebx, eax
* Reference to field TfMain.OFFS_0374 : Byte
|
0051B0AF C6837403000000 mov byte ptr [ebx+$0374], $00
* Reference to field TfMain.OFFS_0375 : Byte
|
0051B0B6 C6837503000001 mov byte ptr [ebx+$0375], $01
* Reference to field TfMain.OFFS_0378 : String
|
0051B0BD 8D8378030000 lea eax, [ebx+$0378]
* Reference to: System.@LStrClr(void;void);
|
0051B0C3 E83497EEFF call 004047FC
* Reference to field TfMain.TileMode : TTileMode
|
0051B0C8 C6833202000001 mov byte ptr [ebx+$0232], $01
* Reference to TScreen instance
|
0051B0CF A1B8EA5100 mov eax, dword ptr [$0051EAB8]
0051B0D4 8B00 mov eax, [eax]
* Reference to: Forms.TScreen.GetWidth(TScreen):Integer;
|
0051B0D6 E835CAF5FF call 00477B10
0051B0DB 8BD0 mov edx, eax
0051B0DD 83EA28 sub edx, +$28
0051B0E0 8BC3 mov eax, ebx
* Reference to: Controls.TControl.SetWidth(TControl;Integer);
|
0051B0E2 E875E4F3FF call 0045955C
* Reference to TScreen instance
|
0051B0E7 A1B8EA5100 mov eax, dword ptr [$0051EAB8]
0051B0EC 8B00 mov eax, [eax]
* Reference to: Forms.TScreen.GetHeight(TScreen):Integer;
|
0051B0EE E811CAF5FF call 00477B04
0051B0F3 8BD0 mov edx, eax
0051B0F5 83EA28 sub edx, +$28
0051B0F8 8BC3 mov eax, ebx
* Reference to: Controls.TControl.SetHeight(TControl;Integer);
|
0051B0FA E881E4F3FF call 00459580
0051B0FF 8BC3 mov eax, ebx
|
0051B101 E8C6000000 call 0051B1CC
0051B106 B201 mov dl, $01
* Reference to class TStringList
|
0051B108 A17CBF4100 mov eax, dword ptr [$0041BF7C]
* Reference to: System.TObject.Create(TObject;Boolean);
|
0051B10D E8A688EEFF call 004039B8
* Reference to field TfMain.OFFS_0370 : TStringList
|
0051B112 898370030000 mov [ebx+$0370], eax
0051B118 8BC3 mov eax, ebx
|
0051B11A E8B5010000 call 0051B2D4
0051B11F 5B pop ebx
0051B120 C3 ret
*)
end;
请问这段代码是什么意思?分别调用了那些函数?请给出详细解释。还有三百分,全送了。