汇编JP/JNP到C代码_C_Assembly - Fatal编程技术网

汇编JP/JNP到C代码

c assembly

汇编JP/JNP到C代码,c,assembly,C,Assembly,我如何将这样的程序集片段转换为C代码，而不使用任何ASM内联，因为我也想将其转换为.NET JP示例 seg000:0041FA29 jp short near ptr loc_41FA2B+2 seg000:0041FA2B seg000:0041FA2B loc_41FA2B: ; CODE XREF: seg000:0041FA29j seg000:0041FA2B

我如何将这样的程序集片段转换为C代码，而不使用任何ASM内联，因为我也想将其转换为.NET

JP示例

seg000:0041FA29                 jp      short near ptr loc_41FA2B+2
seg000:0041FA2B
seg000:0041FA2B loc_41FA2B:                             ; CODE XREF: seg000:0041FA29j
seg000:0041FA2B                 mov     eax, 104E8B00h
seg000:0041FA30                 mov     eax, ebx

JNP示例

seg000:0041FB8B                 mov     eax, 0x40F009
seg000:0041FB90                 sub     [ebp-18h], eax
seg000:0041FB93                 jnp     short near ptr loc_41FB95+2
seg000:0041FB95
seg000:0041FB95 loc_41FB95:                             ; CODE XREF: seg000:0041FB93j
seg000:0041FB95                 mov     eax, 1C468B00h

   int eax = 0x40F009;
   ebp_18 = eax;
   if(!(ebp_18 % 1))
     ebp_18 -= eax;
   else
     eax = 0x1C468B00;

我注意到这些操作码在IDA PRO中表现得很好，就像它们改变了自己一样。。我不知道如何解释这一点，但当你运行它们时，它们会变成不同的指令

起初，我踩着他们，把他们掐了出来，以为这是一种混淆。。但事实证明，这是一个非常有趣的东西，可能是经过优化的代码

我知道它们是一样的，比如JE/JMP/JNZ等等。。但它们不处理寄存器，而是使用溢出标志检查如何将其转换为C代码

我当时想可能是这样的

JP示例

   int eax = 0x4E8688;
   ebp_18 |= eax;
   if(ebp_18 % 2)
     eax = ebx;
   else
     eax = 0x104E8B00;

JNP示例

seg000:0041FB8B                 mov     eax, 0x40F009
seg000:0041FB90                 sub     [ebp-18h], eax
seg000:0041FB93                 jnp     short near ptr loc_41FB95+2
seg000:0041FB95
seg000:0041FB95 loc_41FB95:                             ; CODE XREF: seg000:0041FB93j
seg000:0041FB95                 mov     eax, 1C468B00h

   int eax = 0x40F009;
   ebp_18 = eax;
   if(!(ebp_18 % 1))
     ebp_18 -= eax;
   else
     eax = 0x1C468B00;

更糟糕的是，我甚至不能在Ollydebuger或IDA PRO中逐行执行此操作，因为它会实时修改指令

字节：

55 8B EC 6A FF 68 D0 58 4A 00 64 A1 00 00 00 50 64 89 25 00 00 00 00 00 83 EC 1C 53 56 57 8B F1 89 65 F0 89 55 E4 89 75 EC C7 45 FC 00 00 00 7A 03 7B 03 C7 7B FB 8B 7E 1C 8B 5E 2C 8B 56 34 33 FB 33 FA C7 45 E8 95 3B 58 3A 83 E7 0F 83 FF 07 75 37 B8 80 05 42 00 2D F0 5C 00 00 BA A1 50 36 F4 8B 4D EC FF D0 F7 D8 05 3A 4A 17 08 BA 18 AC 52 82 8B 4D EC FF D0 F7 D8 05 55 44 6A 21 89 45 E0 8B 56 20 8B CE FF 55 E0 83 FF 04 75 37 B8 70 3B 42 00 2D F0 9E 00 BA 35 48 BB E6 8B 4D EC FF D0 F7 D8 05 58 C7 8E 0A BA B0 A4 8C 72 8B 4D EC FF D0 F7 D8 05 7F C6 61 1D 89 45 E0 8B 56 1C 8B CE FF 55 E0 B8 21 4F 4B 00 29 45 E8 7A 02 B8 00 8B 5E 18 8B 4D E8 03 D9 0F AF 5D E4 85 FF 89 5D E4 75 37 B8 90 B0 41 00 2D 80 0E 00 00 BA 66 25 11 EF 8B 4D EC FF D0 F7 D8 05 52 2A A9 17 BA 5D DB 73 DD 8B 4D EC FF D0 F7 D8 05 FC 37 78 0B 89 45 E0 8B 56 34 8B CE FF 55 E0 83 FF 03 75 36 B8 80 B4 41 00 2D 80 16 00 BA 56 38 43 8B 4D EC FF D0 F7 D8 05 92 1B 7C 00 BA ED 14 2F EA 8B 4D EC FF D0 F7 D8 05 68 81 D5 06 89 45 E0 8B D3 8B CE FF 55 E0 83 FF 04 75 36 B8 D0 C9 41 00 2D 60 23 00 BA 84 2C04 D8 8B 4D EC FF D0 F7 D8 05 CF C0 F2 2D BA 26 D0 C0 33 8B 4D EC FF D0 F7 D8 05 B1 B3 6E 07 89 45 E0 8B D3 8B CE FF 55 E0 B8 2D 51 46 00 01 45 E8 7B 02 B8 00 8B 06 C7 45 E0 00 00 00 25 FF 00 00 89 45 DC DF 6D DC D9 FE DC 1D B8 91 4A 00 DF E0 F6 C4 01 8B 45 E8 75 03 8B 46 08 8B 4E 08 2B C8 83 FF 08 89 4E 08 75 37 B8 20 57 42 00 2D A0 AD 00 00 BA ED 0D F1 39 8B 4D EC FF D0 F7 D8 05 9F 37 9C 24 BA 30 FB 56 D3 8B 4D EC FF D0 F7 D8 05 92 46 66 00 89 45 E0 8B 56 24 8B CE FF 55 E0 83 FF 02 75 36 B8 70 BD 41 00 2D C0 1B 00 00 BA 27 17 9E D4 8B 4D EC FF D0 F7 D8 05 16 10 BA 01 BA 2B E4 43 DD 8B 4D EC FF D0 F7 D8 05 52 62 43 36 89 45 E0 8B D3 8B CE FF 55 E0 8B 4D E8 8B D3 D3 C2 8B 4E 38 03 CA 83 FF 05 89 4E 38 75 36 B8 F0 12 42 00 2D D0 6E 00 00 BA C7 BD 5E 4D 8B 4D EC FF D0 F7 D8 05 3D FB 97 74 BA 45 B1 48 FF 8B 4D EC FF D0 F7 D8 05 4E F7 24 09 89 45 E0 8B D3 8B CE FF 55 E0 83 FF 0F 75 37 B8 40 F9 41 00 2D B0 50 00 00 BA 64 3F CF FA 8B 4D EC FF D0 F7 D8 05 1F 3B BE 0C BA 06 F2 FE CE 8B 4D EC FF D0 F7 D8 05 F9 87 A7 02 89 45 E0 8B 56 34 8B CE FF 55 E0 85 FF 75 37 B8 F0 37 42 00 2D 50 9C 00 00 BA 33 9F FF 77 8B 4D EC FF D0 F7 D8 05 ED 30 75 02 BA 22 12 AB 2B 8B 4D EC FF D0 F7 D8 05 65 38 C9 2A 89 45 E0 8B 56 48 8B CE FF 55 E0 B8 56 11 4A 00 29 45 E8 7A 02 B8 00 8B 46 08 8B 4E 04 C1 C8 2A 03 C8 83 FF 06 89 4E 04 75 37 B8 D0 D8 41 00 2D E0 38 00 BA D2 B7 41 7D 8B 4D EC FF D0 F7 D8 05 BE 4A 08 46 BA 09 63 01 19 8B 4D EC FF D0 F7 D8 05 AE 75 31 27 89 45 E0 8B 56 30 8B CE FF 55 E0 83 FF 05 75 37 B8 A0 2F 42 00 2D 10 8C 00 00 BA 3E B1 68 38 8B 4D EC FF D0 F7 D8 05 87 8A 52 4F BA ED 64 32 38 8B 4D EC FF D0 F7 D8 05 90 3D DB 02 89 45 E0 8B 56 28 8B CE FF 55 E0 B8 26 03 4B 00 09 45 E8 7A 02 B8 00 8B 4E 48 C7 45 E0 00 00 00 8B D1 81 E2 FF 00 00 89 55 DC DF 6D DC D9 FF DC 1D B8 91 4A 00 DF E0 F6 C4 01 8B 45 E8 75 03 8B 46 38 2B C8 83 FF 0A 89 4E 48 75 37 B8 70 57 42 00 2D 10 B9 00 BA E6 41 C8 1C 8B 4D EC FF D0 F7 D8 05 DE 4B C7 0B BA A4 2B B2 0F 8B 4D EC FF D0 F7 D8 05 6E CC 6D 43 89 45 E0 8B 56 38 8B CE FF 55 E0 83 FF 01 75 6D B8 90 F4 41 00 2D B0 57 00 00 BA B7 F4 83 F7 8B 4D EC FF D0 F7 D8 05 8D EC E0 24 BA 07 0C F1 F2 8B 4D EC FF D0 F7 D8 05 03 70 13 89 45 E0 8B 56 08 8B CE FF 55 E0 B8 50 C5 41 00 2D F0 1C 00 00 BA 2C 0D A6 89 8B 4D EC FF D0 F7 D8 05 56 7D 64 28 BA E5 B2 75 76 8B 4D EC FF D0 F7 D8 05 4F 3E 2E 3B 89 45 E0 8B D3 8B CE FF 55 E0 8B 46 3C 8B 56 40 8D 0C 40 C1 E1 03 2B C8 F7 D9 D1 E1 03 D1 83 FF 0C 89 56 40 75 36 B8 A0 11 42 00 2D 60 76 00 BA 13 97 03 AE 8B 4D EC FF D0 F7 D8 05 5D B7 5E 27 BA 60 25 FE F9 8B 4D 欧共体FF D0 F7 D8 05 EF 9B 1C 05 89 45 E0 8B D3 8B CE FF 55 E0 83 FF 09 75 36 B8 D0 61 42 00 2D F0 C6 00 00 BA 46 B7 54 E3 8B 4D EC FF D0 F7 D8 05 C5 94 03 23 BA AF C6 A3 DD 8B 4D EC FF D0 F7 D8 05 88 3B 83 38 89 45 E0 8B D3 8B CE FF 55 E0 B8 2D 99 46 00 21 45 E8 7B 02 B8 00 0F 9F DB 8B 46 08 8B 4E 10 8D 14 C0 8D 04 90 8D 04 40 03 C8 83 FF 06 89 4E 10 75 37 B8 A0 4F 42 00 2D F0 B2 00 00 BA B5 12 5F DE 8B 4D EC FF D0 F7 D8 05 61 7F 90 38 BA 6F 86 71 46 8B 4D EC FF D0 F7 D8 05 0B D2 C5 2A 89 45 E0 8B 56 44 8B CE FF 55 E0 83 FF 02 75 37 B8 A0 AA 41 00 2D 00 0A 00 00 BA 31 5A 5C F8 8B 4D EC FF D0 F7 D8 05 A4 E3 FF 1D BA 1B 9E 8D AB 8B 4D EC FF D0 F7 D8 05 C8 E1 37 34 89 45 E0 8B 56 28 8B CE FF 55 E0 83 FF 0B 75 37 B8 70 48 42 00 2D B0 9D 00 BA 12 0B D6 72 8B 4D EC FF D0 F7 D8 05 9F 86 B4 00 BA D4 7F 57 E0 8B 4D EC FF D0 F7 D8 05 52 56 30 51 89 45 E0 8B 56 38 8B CE FF 55 E0 B8 46 93 48 00 09 45 E8 7B 02 B8 00 8B 46 44 8B 4E 0C 8B 56 4C C1 E1 06 0B D1 83 FF 03 89 56 4C 75 37 B8 A0 F8 41 00 2D 20 4F 00 BA 73 0A 63 F9 8B 4D EC FF D0 F7 D8 05 AE F9 FB 67 BA BE 6B 95 37 8B 4D EC FF D0 F7 D8 05 7D 2478 02 89 45 E0 8B 56 08 8B CE FF 55 E0 83 FF 0E 75 36 B8 20 6A 42 00 2D 60 C1 00 BA C2 F6 D8 04 8B 4D EC FF D0 F7 D8 05

mov eax,[esi+28]