1.查壳 UPX
2.脱壳 UPX -d
int __cdecl main(int argc, const char **argv, const char **envp)
{
int v3; // ecx
int v5; // [esp-4h] [ebp-28h]
int i; // [esp+10h] [ebp-14h]
char v7[16]; // [esp+14h] [ebp-10h] BYREF
sub_401140(aGoThroughTheMa);
v5 = scanf("%14s", v7);
if ( (v3 ^ v5) == v3 )
JUMPOUT(0x40102E);
for ( i = 0; i <= 13; ++i )
{
switch ( v7[i] )
{
case 'a':
--*(_DWORD *)asc_408078;
break;
case 'd':
++*(_DWORD *)asc_408078;
break;
case 's':
--dword_40807C;
break;
case 'w':
++dword_40807C;
break;
default:
continue;
}
}
if ( *(_DWORD *)asc_408078 == 5 && dword_40807C == -4 )
{
sub_401140(aCongratulation);
sub_401140(aHereIsTheFlagF);
}
else
{
sub_401140(aTryAgain);
}
return 0;
}
结合
可以看出是一个迷宫
7行排列
db +** ****** **** ******* F**** ****'
db ''