x32dbg/x64dbg逆向之反向分析全局变量

📅 发布时间:2026/6/21 1:30:27 👁 浏览次数:
x32dbg/x64dbg逆向之反向分析全局变量

其他案例请查看,aes解码,密钥123456789,密文U2FsdGVkX1/Bd4k8ZAij4D8oMKFwS3bBvmalzk3NT7UEJTw7/qemqhDLwG4nl9H9/nO3Xk0Ebmv0W50P9akHkb0F2ubxR31a6lldXh/T1P5UbUFht0mf2SUJwAKMq1bg

其他案例请查看,aes解码,密钥123456789,密文U2FsdGVkX1/Bd4k8ZAij4D8oMKFwS3bBvmalzk3NT7UEJTw7/qemqhDLwG4nl9H9/nO3Xk0Ebmv0W50P9akHkb0F2ubxR31a6lldXh/T1P5UbUFht0mf2SUJwAKMq1bg

x32dbg/x64dbg逆向之反向分析全局变量
1) 逆向之反向分析全局变量介绍
咱们第一个逆向分析的来点简单的,先适应一下,顺便带这各位把C语言简单的过一遍,后面咱们再深入进去。
有之前汇编开发前期基础,这些对咱们来说已经是小儿科,无非就是mov赋值操作, 以及lea获取地址,movsd符号扩展等基本的操作。

咱们记牢以下关键规则哦,因为在后面使用x32/x64dbg进行调试分析时会频繁用到
ds:指向数据段(全局/静态变量)
ss:指向栈段(局部变量)

2)C语言案例代码
咱们在学习逆向分析的同时,同步梳理C和C++基础知识点,一正一反(正向开发,逆向分析)为后续深耕底层技术打好基础哦。

#define _CRT_SECURE_NO_WARNINGS #include <stdio.h> #include <string.h> #include <stdbool.h> // ===================== All Common C Global Data Types ===================== // Basic integer types char g_char = 0; unsigned char g_uchar = 0; short g_short = 0; unsigned short g_ushort = 0; int g_int = 0; unsigned int g_uint = 0; long g_long = 0; unsigned long g_ulong = 0; long long g_llong = 0; unsigned long long g_ullong = 0; // Floating-point types float g_float = 0.0f; double g_double = 0.0; long double g_ldouble = 0.0L; // Boolean type bool g_bool = false; // String & character array // char pointer char* g_pChar = NULL; // double char pointer char** g_ppChar = NULL; // char array char g_charArr[100] = { 0 }; // Void pointer void* g_pVoid = NULL; // Custom struct struct Student { // Bit-field type unsigned int age : 8; unsigned int sex : 1; int id; }; struct Student g_stu; // Union type union Data { int num; char ch; float f; }; union Data g_union; // Enum type enum Color { BLACK, WHITE, RED, BLUE }; enum Color g_color; // Array pointer & function pointer int g_arr[5] = { 0 }; // pointer to array int (*g_pArr)[5] = &g_arr; // function pointer void (*g_pFunc)(int) = NULL; // ========================================================================== // Function pointer void testFunc(int x) { printf("Function pointer call, x = %d\n", x); } int main(void) { g_char = 'Z'; g_uchar = 255; g_short = 100; g_ushort = 200; g_int = 999; g_uint = 1024; g_long = 123456L; g_ulong = 654321UL; g_llong = 1122334455LL; g_ullong = 9988776655ULL; // float g_float = 3.14f; g_double = 6.28; g_ldouble = 9.99L; // bool g_bool = true; // string g_pChar = (char*)"Hello All Types"; strcpy(g_charArr, "Char Array Content"); // void pointer point to int int temp = 888; g_pVoid = &temp; // struct g_stu.age = 20; g_stu.sex = 1; g_stu.id = 2025001; // union g_union.num = 520; // enum g_color = RED; // call function pointer g_pFunc = testFunc; g_pFunc(666); // Print all for verification printf("char : %c\n", g_char); printf("uchar : %u\n", g_uchar); printf("short : %d\n", g_short); printf("int : %d\n", g_int); printf("long long : %lld\n", g_llong); printf("float : %.2f\n", g_float); printf("double : %.2lf\n", g_double); printf("bool : %d\n", g_bool); printf("str pointer : %s\n", g_pChar); printf("char array : %s\n", g_charArr); printf("enum color : %d\n", g_color); printf("struct age : %d\n", g_stu.age); printf("union num : %d\n", g_union.num); return 0; }

3)汇编反向分析全局变量
咱们就用之前讲过的规则,来一步步分析这段汇编代码,核心就抓一个关键点:只要指令里看到 ds:,那操作的肯定就是全局 / 静态变量;看到 ss:,操作的就是局部变量,照着这个思路看就行。

x64
开头准备部分(没啥实质业务逻辑)
这几步是函数的 标准开场:保存栈底地址,开辟栈空间,然后把栈里刚开辟的这块内存全部填成 0xCCCCCCCC(调试器里常用这个值标记未初始化的栈内存)。这里全是 ss: 栈段操作,跟全局变量没关系,就是搭个运行的基础环境。

00007FF70D7118F0 | 40:55 | push rbp | FileName.cpp:89 00007FF70D7118F2 | 57 | push rdi | 00007FF70D7118F3 | 48:81EC 08010000 | sub rsp,108 | 00007FF70D7118FA | 48:8D6C24 20 | lea rbp,qword ptr ss:[rsp+20] | 00007FF70D7118FF | 48:8D7C24 20 | lea rdi,qword ptr ss:[rsp+20] | 00007FF70D711904 | B9 0A000000 | mov ecx,A | 0A:'\n' 00007FF70D711909 | B8 CCCCCCCC | mov eax,CCCCCCCC | 00007FF70D71190E | F3:AB | rep stosd 这里出现了第一个 ds:读了一个全局值__security_cookie,然后和栈底地址做异或,再存回栈里。这是编译器加的 安全防护后面咱们再说,用来检测栈溢出的,不用纠结细节,知道是读全局值就行。 | 00007FF70D711910 | 48:8B05 29B70000 | mov rax,qword ptr ds:[<__security_cookie>] | rax:__enc$textbss$end+276 00007FF70D711917 | 48:33C5 | xor rax,rbp | rax:__enc$textbss$end+276 00007FF70D71191A | 48:8985 D8000000 | mov qword ptr ss:[rbp+D8],rax | rax:__enc$textbss$end+276 又是ds:,取了个文件名相关的全局字符串地址,调用了个内部函数,还是初始化相关的操作,直接跳过就行。 00007FF70D711921 | 48:8D0D E7060100 | lea rcx,qword ptr ds:[<__14F49BB1_FileName@cpp>] | FileName.cpp:15732480 00007FF70D711928 | E8 48FAFFFF | call project1.7FF70D711375 | 00007FF70D71192D | 90 | nop 咱们的Main赋值正式开始 00007FF70D71192E | C605 DBB80000 5A | mov byte ptr ds:[<char g_char>],5A | 将全局char变量 g_char 赋值为 'Z'(0x5A) 00007FF70D711935 | C605 D5B80000 FF | mov byte ptr ds:[<unsigned char g_uchar>],FF | 将全局unsigned char变量 g_uchar 赋值为255 00007FF70D71193C | B8 64000000 | mov eax,64 | 将100装入EAX 00007FF70D711941 | 66:8905 CCB80000 | mov word ptr ds:[<short g_short>],ax | 将AX中的100写入short变量 g_short 00007FF70D711948 | B8 C8000000 | mov eax,C8 | 将200装入EAX 00007FF70D71194D | 66:8905 C4B80000 | mov word ptr ds:[<unsigned short g_ushort>],ax | 将AX中的200写入unsigned short变量 g_ushort 00007FF70D711954 | C705 BEB80000 E7030000 | mov dword ptr ds:[<int g_int>],3E7 | 将int变量 g_int 赋值为999 00007FF70D71195E | C705 B8B80000 00040000 | mov dword ptr ds:[<unsigned int g_uint>],400 | 将unsigned int变量 g_uint 赋值为1024 00007FF70D711968 | C705 B2B80000 40E20100 | mov dword ptr ds:[<long g_long>],1E240 | 将long变量 g_long 赋值为123456 00007FF70D711972 | C705 ACB80000 F1FB0900 | mov dword ptr ds:[<unsigned long g_ulong>],9FBF1 | 将unsigned long变量 g_ulong 赋值为654321 00007FF70D71197C | 48:C705 A9B80000 F776E54 | mov qword ptr ds:[<__int64 g_llong>],42E576F7 | 将64位整数1234567895写入g_llong 00007FF70D711987 | 48:B8 CFA2605302000000 | mov rax,25360A2CF | 将64位立即数10000000079装入RAX 00007FF70D711991 | 48:8905 A0B80000 | mov qword ptr ds:[<unsigned __int64 g_ullong>],rax | 将RAX写入unsigned long long变量 g_ullong 00007FF70D711998 | F3:0F1005 BC940000 | movss xmm0,dword ptr ds:[<__real@4048f5c3>] | 将float常量加载到XMM0 00007FF70D7119A0 | F3:0F1105 84B80000 | movss dword ptr ds:[<float g_float>],xmm0 | 将float值写入g_float 00007FF70D7119A8 | F2:0F1005 90940000 | movsd xmm0,qword ptr ds:[<__real@40191eb851eb851f>] | 将double常量加载到XMM0 00007FF70D7119B0 | F2:0F1105 88B80000 | movsd qword ptr ds:[<double g_double>],xmm0 | 将double值写入g_double 00007FF70D7119B8 | F2:0F1005 90940000 | movsd xmm0,qword ptr ds:[<__real@4023fae147ae147b>] | 将long double对应常量加载到XMM0 00007FF70D7119C0 | F2:0F1105 80B80000 | movsd qword ptr ds:[<long double g_ldouble>],xmm0 | 将值写入g_ldouble 00007FF70D7119C8 | C605 43B80000 01 | mov byte ptr ds:[<bool g_bool>],1 | 将bool变量 g_bool 赋值为true 00007FF70D7119CF | 48:8D05 FA920000 | lea rax,qword ptr ds:[<"Hello All Types"...>] | 获取字符串"Hello All Types"地址 00007FF70D7119D6 | 48:8905 73B80000 | mov qword ptr ds:[<char *g_pChar>],rax | 将字符串地址保存到g_pChar 00007FF70D7119DD | 48:8D15 04930000 | lea rdx,qword ptr ds:[<"Char Array Content"...>] | 获取字符串"Char Array Content"地址 00007FF70D7119E4 | 48:8D0D 75B80000 | lea rcx,qword ptr ds:[<char *g_charArr>] | 获取字符数组g_charArr地址作为目标缓冲区 00007FF70D7119EB | E8 37F7FFFF | call project1.7FF70D711127 | 调用字符串复制函数(类似strcpy) 00007FF70D7119F0 | 90 | nop | 空操作,占位 00007FF70D7119F1 | C745 04 78030000 | mov dword ptr ss:[rbp+4],378 | 局部变量赋值888 00007FF70D7119F8 | 48:8D45 04 | lea rax,qword ptr ss:[rbp+4] | 获取局部变量地址 00007FF70D7119FC | 48:8905 C5B80000 | mov qword ptr ds:[<void *g_pVoid>],rax | 将局部变量地址保存到void指针g_pVoid 00007FF70D711A03 | 8B05 C7B80000 | mov eax,dword ptr ds:[<struct Student g_stu>] | 读取结构体Student内容 00007FF70D711A09 | 25 00FFFFFF | and eax,FFFFFF00 | 清除最低8位(age字段) 00007FF70D711A0E | 83C8 14 | or eax,14 | 将age字段设置为20 00007FF70D711A11 | 8905 B9B80000 | mov dword ptr ds:[<struct Student g_stu>],eax | 写回结构体 00007FF70D711A17 | 8B05 B3B80000 | mov eax,dword ptr ds:[<struct Student g_stu>] | 再次读取结构体 00007FF70D711A1D | 0FBAE8 08 | bts eax,8 | 设置第8位(bit field成员) 00007FF70D711A21 | 8905 A9B80000 | mov dword ptr ds:[<struct Student g_stu>],eax | 写回修改后的结构体 00007FF70D711A27 | C705 A3B80000 29E61E00 | mov dword ptr ds:[7FF70D71D2D4],1EE629 | 设置结构体中其他成员值 00007FF70D711A31 | C705 89B80000 08020000 | mov dword ptr ds:[<union Data g_union>],208 | union变量赋值520 00007FF70D711A3B | C705 93B80000 02000000 | mov dword ptr ds:[<enum Color g_color>],2 | 枚举变量g_color赋值为2 00007FF70D711A45 | 48:8D05 E8F8FFFF | lea rax,qword ptr ds:[7FF70D711334] | 获取函数地址 00007FF70D711A4C | 48:8905 A5B80000 | mov qword ptr ds:[<void (__cdecl *g_pFunc)(int)>],rax | 保存到函数指针g_pFunc 00007FF70D711A53 | B9 9A020000 | mov ecx,29A | 准备函数参数666 00007FF70D711A58 | FF15 9AB80000 | call qword ptr ds:[<void (__cdecl *g_pFunc)(int)>] | 通过函数指针调用目标函数 00007FF70D711A5E | 90 | nop 00007FF70D711A5F | 0FBE05 AAB70000 | movsx eax,byte ptr ds:[<char g_char>] | FileName.cpp:134 00007FF70D711A66 | 8BD0 | mov edx,eax | 00007FF70D711A68 | 48:8D0D 91920000 | lea rcx,qword ptr ds:[<"char : %c\n"...>] | 00007FF70D71AD00:"char : %c\n" 00007FF70D711A6F | E8 26F7FFFF | call project1.7FF70D71119A | 00007FF70D711A74 | 90 | nop | 00007FF70D711A75 | 0FB605 95B70000 | movzx eax,byte ptr ds:[<unsigned char g_uchar>] | FileName.cpp:135 00007FF70D711A7C | 8BD0 | mov edx,eax | 00007FF70D711A7E | 48:8D0D 93920000 | lea rcx,qword ptr ds:[<"uchar : %u\n"...>] | 00007FF70D71AD18:"uchar : %u\n" 00007FF70D711A85 | E8 10F7FFFF | call project1.7FF70D71119A | 00007FF70D711A8A | 90 | nop | 00007FF70D711A8B | 0FBF05 82B70000 | movsx eax,word ptr ds:[<short g_short>] | FileName.cpp:136 00007FF70D711A92 | 8BD0 | mov edx,eax | 00007FF70D711A94 | 48:8D0D 95920000 | lea rcx,qword ptr ds:[<"short : %d\n"...>] | 00007FF70D71AD30:"short : %d\n" 00007FF70D711A9B | E8 FAF6FFFF | call project1.7FF70D71119A | 00007FF70D711AA0 | 90 | nop | 00007FF70D711AA1 | 8B15 75B70000 | mov edx,dword ptr ds:[<int g_int>] | FileName.cpp:137 00007FF70D711AA7 | 48:8D0D 9A920000 | lea rcx,qword ptr ds:[<"int : %d\n"...>] | 00007FF70D71AD48:"int : %d\n" 00007FF70D711AAE | E8 E7F6FFFF | call project1.7FF70D71119A | 00007FF70D711AB3 | 90 | nop | 00007FF70D711AB4 | 48:8B15 75B70000 | mov rdx,qword ptr ds:[<__int64 g_llong>] | FileName.cpp:138, rdx:__enc$textbss$end+276 00007FF70D711ABB | 48:8D0D 9E920000 | lea rcx,qword ptr ds:[<"long long : %lld\n"...>] | 00007FF70D71AD60:"long long : %lld\n" 00007FF70D711AC2 | E8 D3F6FFFF | call project1.7FF70D71119A | 00007FF70D711AC7 | 90 | nop | 00007FF70D711AC8 | F3:0F5A05 5CB70000 | cvtss2sd xmm0,dword ptr ds:[<float g_float>] | FileName.cpp:139 00007FF70D711AD0 | 0F28C8 | movaps xmm1,xmm0 | 00007FF70D711AD3 | 6648:0F7ECA | movq rdx,xmm1 | rdx:__enc$textbss$end+276 00007FF70D711AD8 | 48:8D0D 99920000 | lea rcx,qword ptr ds:[<"float : %.2f\n"...>] | 00007FF70D71AD78:"float : %.2f\n" 00007FF70D711ADF | E8 B6F6FFFF | call project1.7FF70D71119A | 00007FF70D711AE4 | 90 | nop | 00007FF70D711AE5 | F2:0F100D 53B70000 | movsd xmm1,qword ptr ds:[<double g_double>] | FileName.cpp:140 00007FF70D711AED | 6648:0F7ECA | movq rdx,xmm1 | rdx:__enc$textbss$end+276 00007FF70D711AF2 | 48:8D0D 97920000 | lea rcx,qword ptr ds:[<"double : %.2lf\n"...>] | 00007FF70D71AD90:"double : %.2lf\n" 00007FF70D711AF9 | E8 9CF6FFFF | call project1.7FF70D71119A | 00007FF70D711AFE | 90 | nop | 00007FF70D711AFF | 0FB605 0CB70000 | movzx eax,byte ptr ds:[<bool g_bool>] | FileName.cpp:141 00007FF70D711B06 | 8BD0 | mov edx,eax | 00007FF70D711B08 | 48:8D0D A1920000 | lea rcx,qword ptr ds:[<"bool : %d\n"...>] | 00007FF70D71ADB0:"bool : %d\n" 00007FF70D711B0F | E8 86F6FFFF | call project1.7FF70D71119A | 00007FF70D711B14 | 90 | nop | 00007FF70D711B15 | 48:8B15 34B70000 | mov rdx,qword ptr ds:[<char *g_pChar>] | FileName.cpp:142, rdx:__enc$textbss$end+276 00007FF70D711B1C | 48:8D0D A5920000 | lea rcx,qword ptr ds:[<"str pointer : %s\n"...>] | 00007FF70D71ADC8:"str pointer : %s\n" 00007FF70D711B23 | E8 72F6FFFF | call project1.7FF70D71119A | 00007FF70D711B28 | 90 | nop | 00007FF70D711B29 | 48:8D15 30B70000 | lea rdx,qword ptr ds:[<char *g_charArr>] | FileName.cpp:143, rdx:__enc$textbss$end+276 00007FF70D711B30 | 48:8D0D A9920000 | lea rcx,qword ptr ds:[<"char array : %s\n"...>] | 00007FF70D71ADE0:"char array : %s\n" 00007FF70D711B37 | E8 5EF6FFFF | call project1.7FF70D71119A | 00007FF70D711B3C | 90 | nop | 00007FF70D711B3D | 8B15 95B70000 | mov edx,dword ptr ds:[<enum Color g_color>] | FileName.cpp:144 00007FF70D711B43 | 48:8D0D AE920000 | lea rcx,qword ptr ds:[<"enum color : %d\n"...>] | 00007FF70D71ADF8:"enum color : %d\n" 00007FF70D711B4A | E8 4BF6FFFF | call project1.7FF70D71119A | 00007FF70D711B4F | 90 | nop | 00007FF70D711B50 | 8B05 7AB70000 | mov eax,dword ptr ds:[<struct Student g_stu>] | FileName.cpp:145 00007FF70D711B56 | 25 FF000000 | and eax,FF | 00007FF70D711B5B | 8BD0 | mov edx,eax | 00007FF70D711B5D | 48:8D0D AC920000 | lea rcx,qword ptr ds:[<"struct age : %d\n"...>] | 00007FF70D71AE10:"struct age : %d\n" 00007FF70D711B64 | E8 31F6FFFF | call project1.7FF70D71119A | 00007FF70D711B69 | 90 | nop | 00007FF70D711B6A | 8B15 54B70000 | mov edx,dword ptr ds:[<union Data g_union>] | FileName.cpp:146 00007FF70D711B70 | 48:8D0D B1920000 | lea rcx,qword ptr ds:[<"union num : %d\n"...>] | 00007FF70D71AE28:"union num : %d\n" 00007FF70D711B77 | E8 1EF6FFFF | call project1.7FF70D71119A | 00007FF70D711B7C | 90 | nop | 00007FF70D711B7D | 33C0 | xor eax,eax | FileName.cpp:148 00007FF70D711B7F | 8BF8 | mov edi,eax | FileName.cpp:151 main函数结束 00007FF70D711B81 | 48:8D4D E0 | lea rcx,qword ptr ss:[rbp-20] | 00007FF70D711B85 | 48:8D15 F4900000 | lea rdx,qword ptr ds:[7FF70D71AC80] | rdx:__enc$textbss$end+276 00007FF70D711B8C | E8 7BF7FFFF | call project1.7FF70D71130C | 00007FF70D711B91 | 8BC7 | mov eax,edi | 00007FF70D711B93 | 48:8B8D D8000000 | mov rcx,qword ptr ss:[rbp+D8] | 00007FF70D711B9A | 48:33CD | xor rcx,rbp | 00007FF70D711B9D | E8 11F6FFFF | call project1.7FF70D7111B3 | 00007FF70D711BA2 | 48:8DA5 E8000000 | lea rsp,qword ptr ss:[rbp+E8] | 00007FF70D711BA9 | 5F | pop rdi | 00007FF70D711BAA | 5D | pop rbp | 00007FF70D711BAB | C3 | ret | x32 00007FF7B17E18F0 | 40:55 | push rbp | FileName.cpp:89 00007FF7B17E18F2 | 57 | push rdi | 00007FF7B17E18F3 | 48:81EC 08010000 | sub rsp,108 | 00007FF7B17E18FA | 48:8D6C24 20 | lea rbp,qword ptr ss:[rsp+20] | 00007FF7B17E18FF | 48:8D7C24 20 | lea rdi,qword ptr ss:[rsp+20] | 00007FF7B17E1904 | B9 0A000000 | mov ecx,A | 0A:'\n' 00007FF7B17E1909 | B8 CCCCCCCC | mov eax,CCCCCCCC | 00007FF7B17E190E | F3:AB | rep stosd | 00007FF7B17E1910 | 48:8B05 29B70000 | mov rax,qword ptr ds:[<__security_cooki | rax:__enc$textbss$end+276 00007FF7B17E1917 | 48:33C5 | xor rax,rbp | rax:__enc$textbss$end+276 00007FF7B17E191A | 48:8985 D8000000 | mov qword ptr ss:[rbp+D8],rax | rax:__enc$textbss$end+276 00007FF7B17E1921 | 48:8D0D E7060100 | lea rcx,qword ptr ds:[<__14F49BB1_FileN | FileName.cpp:15732480 00007FF7B17E1928 | E8 48FAFFFF | call project1.7FF7B17E1375 | 00007FF7B17E192D | 90 | nop | 00007FF7B17E192E | C605 DBB80000 5A | mov byte ptr ds:[<char g_char>],5A | FileName.cpp:90, 5A:'Z' 00007FF7B17E1935 | C605 D5B80000 FF | mov byte ptr ds:[<unsigned char g_uchar | FileName.cpp:91 00007FF7B17E193C | B8 64000000 | mov eax,64 | FileName.cpp:92, 64:'d' 00007FF7B17E1941 | 66:8905 CCB80000 | mov word ptr ds:[<short g_short>],ax | 00007FF7B17E1948 | B8 C8000000 | mov eax,C8 | FileName.cpp:93 00007FF7B17E194D | 66:8905 C4B80000 | mov word ptr ds:[<unsigned short g_usho | 00007FF7B17E1954 | C705 BEB80000 E7030000 | mov dword ptr ds:[<int g_int>],3E7 | FileName.cpp:94 00007FF7B17E195E | C705 B8B80000 00040000 | mov dword ptr ds:[<unsigned int g_uint> | FileName.cpp:95 00007FF7B17E1968 | C705 B2B80000 40E20100 | mov dword ptr ds:[<long g_long>],1E240 | FileName.cpp:96 00007FF7B17E1972 | C705 ACB80000 F1FB0900 | mov dword ptr ds:[<unsigned long g_ulon | FileName.cpp:97 00007FF7B17E197C | 48:C705 A9B80000 F776E54 | mov qword ptr ds:[<__int64 g_llong>],42 | FileName.cpp:98 00007FF7B17E1987 | 48:B8 CFA2605302000000 | mov rax,25360A2CF | FileName.cpp:99, rax:__enc$textbss$end+276 00007FF7B17E1991 | 48:8905 A0B80000 | mov qword ptr ds:[<unsigned __int64 g_u | rax:__enc$textbss$end+276 00007FF7B17E1998 | F3:0F1005 BC940000 | movss xmm0,dword ptr ds:[<__real@4048f5 | FileName.cpp:102 00007FF7B17E19A0 | F3:0F1105 84B80000 | movss dword ptr ds:[<float g_float>],xm | 00007FF7B17E19A8 | F2:0F1005 90940000 | movsd xmm0,qword ptr ds:[<__real@40191e | FileName.cpp:103 00007FF7B17E19B0 | F2:0F1105 88B80000 | movsd qword ptr ds:[<double g_double>], | 00007FF7B17E19B8 | F2:0F1005 90940000 | movsd xmm0,qword ptr ds:[<__real@4023fa | FileName.cpp:104 00007FF7B17E19C0 | F2:0F1105 80B80000 | movsd qword ptr ds:[<long double g_ldou | 00007FF7B17E19C8 | C605 43B80000 01 | mov byte ptr ds:[<bool g_bool>],1 | FileName.cpp:107 00007FF7B17E19CF | 48:8D05 FA920000 | lea rax,qword ptr ds:[<"Hello All Types | FileName.cpp:110, rax:__enc$textbss$end+276, 00007FF7B17EACD0:"Hello All Types" 00007FF7B17E19D6 | 48:8905 73B80000 | mov qword ptr ds:[<char *g_pChar>],rax | rax:__enc$textbss$end+276 00007FF7B17E19DD | 48:8D15 04930000 | lea rdx,qword ptr ds:[<"Char Array Cont | FileName.cpp:111, rdx:__enc$textbss$end+276, 00007FF7B17EACE8:"Char Array Content" 00007FF7B17E19E4 | 48:8D0D 75B80000 | lea rcx,qword ptr ds:[<char *g_charArr> | 00007FF7B17E19EB | E8 37F7FFFF | call project1.7FF7B17E1127 | 00007FF7B17E19F0 | 90 | nop | 00007FF7B17E19F1 | C745 04 78030000 | mov dword ptr ss:[rbp+4],378 | FileName.cpp:114 00007FF7B17E19F8 | 48:8D45 04 | lea rax,qword ptr ss:[rbp+4] | FileName.cpp:115, rax:__enc$textbss$end+276 00007FF7B17E19FC | 48:8905 C5B80000 | mov qword ptr ds:[<void *g_pVoid>],rax | rax:__enc$textbss$end+276 00007FF7B17E1A03 | 8B05 C7B80000 | mov eax,dword ptr ds:[<struct Student g | FileName.cpp:118 00007FF7B17E1A09 | 25 00FFFFFF | and eax,FFFFFF00 | 00007FF7B17E1A0E | 83C8 14 | or eax,14 | 00007FF7B17E1A11 | 8905 B9B80000 | mov dword ptr ds:[<struct Student g_stu | 00007FF7B17E1A17 | 8B05 B3B80000 | mov eax,dword ptr ds:[<struct Student g | FileName.cpp:119 00007FF7B17E1A1D | 0FBAE8 08 | bts eax,8 | 00007FF7B17E1A21 | 8905 A9B80000 | mov dword ptr ds:[<struct Student g_stu | 00007FF7B17E1A27 | C705 A3B80000 29E61E00 | mov dword ptr ds:[7FF7B17ED2D4],1EE629 | FileName.cpp:120 00007FF7B17E1A31 | C705 89B80000 08020000 | mov dword ptr ds:[<union Data g_union>] | FileName.cpp:123 00007FF7B17E1A3B | C705 93B80000 02000000 | mov dword ptr ds:[<enum Color g_color>] | FileName.cpp:126 00007FF7B17E1A45 | 48:8D05 E8F8FFFF | lea rax,qword ptr ds:[7FF7B17E1334] | FileName.cpp:129, rax:__enc$textbss$end+276 00007FF7B17E1A4C | 48:8905 A5B80000 | mov qword ptr ds:[<void (__cdecl *g_pFu | rax:__enc$textbss$end+276 00007FF7B17E1A53 | B9 9A020000 | mov ecx,29A | FileName.cpp:130 00007FF7B17E1A58 | FF15 9AB80000 | call qword ptr ds:[<void (__cdecl *g_pF | 00007FF7B17E1A5E | 90 | nop | 00007FF7B17E1A5F | 0FBE05 AAB70000 | movsx eax,byte ptr ds:[<char g_char>] | FileName.cpp:134 00007FF7B17E1A66 | 8BD0 | mov edx,eax | 00007FF7B17E1A68 | 48:8D0D 91920000 | lea rcx,qword ptr ds:[<"char : % | 00007FF7B17EAD00:"char : %c\n" 00007FF7B17E1A6F | E8 26F7FFFF | call project1.7FF7B17E119A | 00007FF7B17E1A74 | 90 | nop | 00007FF7B17E1A75 | 0FB605 95B70000 | movzx eax,byte ptr ds:[<unsigned char g | FileName.cpp:135 00007FF7B17E1A7C | 8BD0 | mov edx,eax | 00007FF7B17E1A7E | 48:8D0D 93920000 | lea rcx,qword ptr ds:[<"uchar : % | 00007FF7B17EAD18:"uchar : %u\n" 00007FF7B17E1A85 | E8 10F7FFFF | call project1.7FF7B17E119A | 00007FF7B17E1A8A | 90 | nop | 00007FF7B17E1A8B | 0FBF05 82B70000 | movsx eax,word ptr ds:[<short g_short>] | FileName.cpp:136 00007FF7B17E1A92 | 8BD0 | mov edx,eax | 00007FF7B17E1A94 | 48:8D0D 95920000 | lea rcx,qword ptr ds:[<"short : % | 00007FF7B17EAD30:"short : %d\n" 00007FF7B17E1A9B | E8 FAF6FFFF | call project1.7FF7B17E119A | 00007FF7B17E1AA0 | 90 | nop | 00007FF7B17E1AA1 | 8B15 75B70000 | mov edx,dword ptr ds:[<int g_int>] | FileName.cpp:137 00007FF7B17E1AA7 | 48:8D0D 9A920000 | lea rcx,qword ptr ds:[<"int : % | 00007FF7B17EAD48:"int : %d\n" 00007FF7B17E1AAE | E8 E7F6FFFF | call project1.7FF7B17E119A | 00007FF7B17E1AB3 | 90 | nop | 00007FF7B17E1AB4 | 48:8B15 75B70000 | mov rdx,qword ptr ds:[<__int64 g_llong> | FileName.cpp:138, rdx:__enc$textbss$end+276 00007FF7B17E1ABB | 48:8D0D 9E920000 | lea rcx,qword ptr ds:[<"long long : % | 00007FF7B17EAD60:"long long : %lld\n" 00007FF7B17E1AC2 | E8 D3F6FFFF | call project1.7FF7B17E119A | 00007FF7B17E1AC7 | 90 | nop | 00007FF7B17E1AC8 | F3:0F5A05 5CB70000 | cvtss2sd xmm0,dword ptr ds:[<float g_fl | FileName.cpp:139 00007FF7B17E1AD0 | 0F28C8 | movaps xmm1,xmm0 | 00007FF7B17E1AD3 | 6648:0F7ECA | movq rdx,xmm1 | rdx:__enc$textbss$end+276 00007FF7B17E1AD8 | 48:8D0D 99920000 | lea rcx,qword ptr ds:[<"float : % | 00007FF7B17EAD78:"float : %.2f\n" 00007FF7B17E1ADF | E8 B6F6FFFF | call project1.7FF7B17E119A | 00007FF7B17E1AE4 | 90 | nop | 00007FF7B17E1AE5 | F2:0F100D 53B70000 | movsd xmm1,qword ptr ds:[<double g_doub | FileName.cpp:140 00007FF7B17E1AED | 6648:0F7ECA | movq rdx,xmm1 | rdx:__enc$textbss$end+276 00007FF7B17E1AF2 | 48:8D0D 97920000 | lea rcx,qword ptr ds:[<"double : % | 00007FF7B17EAD90:"double : %.2lf\n" 00007FF7B17E1AF9 | E8 9CF6FFFF | call project1.7FF7B17E119A | 00007FF7B17E1AFE | 90 | nop | 00007FF7B17E1AFF | 0FB605 0CB70000 | movzx eax,byte ptr ds:[<bool g_bool>] | FileName.cpp:141 00007FF7B17E1B06 | 8BD0 | mov edx,eax | 00007FF7B17E1B08 | 48:8D0D A1920000 | lea rcx,qword ptr ds:[<"bool : % | 00007FF7B17EADB0:"bool : %d\n" 00007FF7B17E1B0F | E8 86F6FFFF | call project1.7FF7B17E119A | 00007FF7B17E1B14 | 90 | nop | 00007FF7B17E1B15 | 48:8B15 34B70000 | mov rdx,qword ptr ds:[<char *g_pChar>] | FileName.cpp:142, rdx:__enc$textbss$end+276 00007FF7B17E1B1C | 48:8D0D A5920000 | lea rcx,qword ptr ds:[<"str pointer : % | 00007FF7B17EADC8:"str pointer : %s\n" 00007FF7B17E1B23 | E8 72F6FFFF | call project1.7FF7B17E119A | 00007FF7B17E1B28 | 90 | nop | 00007FF7B17E1B29 | 48:8D15 30B70000 | lea rdx,qword ptr ds:[<char *g_charArr> | FileName.cpp:143, rdx:__enc$textbss$end+276 00007FF7B17E1B30 | 48:8D0D A9920000 | lea rcx,qword ptr ds:[<"char array : % | 00007FF7B17EADE0:"char array : %s\n" 00007FF7B17E1B37 | E8 5EF6FFFF | call project1.7FF7B17E119A | 00007FF7B17E1B3C | 90 | nop | 00007FF7B17E1B3D | 8B15 95B70000 | mov edx,dword ptr ds:[<enum Color g_col | FileName.cpp:144 00007FF7B17E1B43 | 48:8D0D AE920000 | lea rcx,qword ptr ds:[<"enum color : % | 00007FF7B17EADF8:"enum color : %d\n" 00007FF7B17E1B4A | E8 4BF6FFFF | call project1.7FF7B17E119A | 00007FF7B17E1B4F | 90 | nop | 00007FF7B17E1B50 | 8B05 7AB70000 | mov eax,dword ptr ds:[<struct Student g | FileName.cpp:145 00007FF7B17E1B56 | 25 FF000000 | and eax,FF | 00007FF7B17E1B5B | 8BD0 | mov edx,eax | 00007FF7B17E1B5D | 48:8D0D AC920000 | lea rcx,qword ptr ds:[<"struct age : % | 00007FF7B17EAE10:"struct age : %d\n" 00007FF7B17E1B64 | E8 31F6FFFF | call project1.7FF7B17E119A | 00007FF7B17E1B69 | 90 | nop | 00007FF7B17E1B6A | 8B15 54B70000 | mov edx,dword ptr ds:[<union Data g_uni | FileName.cpp:146 00007FF7B17E1B70 | 48:8D0D B1920000 | lea rcx,qword ptr ds:[<"union num : % | 00007FF7B17EAE28:"union num : %d\n" 00007FF7B17E1B77 | E8 1EF6FFFF | call project1.7FF7B17E119A | 00007FF7B17E1B7C | 90 | nop | 00007FF7B17E1B7D | 33C0 | xor eax,eax | FileName.cpp:148 00007FF7B17E1B7F | 8BF8 | mov edi,eax | FileName.cpp:151 00007FF7B17E1B81 | 48:8D4D E0 | lea rcx,qword ptr ss:[rbp-20] | 00007FF7B17E1B85 | 48:8D15 F4900000 | lea rdx,qword ptr ds:[7FF7B17EAC80] | rdx:__enc$textbss$end+276 00007FF7B17E1B8C | E8 7BF7FFFF | call project1.7FF7B17E130C | 00007FF7B17E1B91 | 8BC7 | mov eax,edi | 00007FF7B17E1B93 | 48:8B8D D8000000 | mov rcx,qword ptr ss:[rbp+D8] | 00007FF7B17E1B9A | 48:33CD | xor rcx,rbp | 00007FF7B17E1B9D | E8 11F6FFFF | call project1.7FF7B17E11B3 | 00007FF7B17E1BA2 | 48:8DA5 E8000000 | lea rsp,qword ptr ss:[rbp+E8] | 00007FF7B17E1BA9 | 5F | pop rdi | 00007FF7B17E1BAA | 5D | pop rbp | 00007FF7B17E1BAB | C3 | ret |

其他案例请查看,aes解码,密钥123456789,密文U2FsdGVkX1/Bd4k8ZAij4D8oMKFwS3bBvmalzk3NT7UEJTw7/qemqhDLwG4nl9H9/nO3Xk0Ebmv0W50P9akHkb0F2ubxR31a6lldXh/T1P5UbUFht0mf2SUJwAKMq1bg

相关新闻

P89LPC924/925模拟比较器与看门狗定时器配置详解与实战避坑

P89LPC924/925模拟比较器与看门狗定时器配置详解与实战避坑

2026/6/21 1:30:27 查看详情
如何在5分钟内用AlphaFold3-PyTorch完成蛋白质结构预测:生物分子建模终极指南

如何在5分钟内用AlphaFold3-PyTorch完成蛋白质结构预测:生物分子建模终极指南

2026/6/21 1:30:27 查看详情
VectraFlow:流式语义处理技术在医疗与金融的应用

VectraFlow:流式语义处理技术在医疗与金融的应用

2026/6/21 1:30:27 查看详情
终极免费方案:解锁小爱音箱音乐会员限制,畅享无限播放

终极免费方案:解锁小爱音箱音乐会员限制,畅享无限播放

2026/6/21 2:46:29 查看详情
Django路由系统、视图、模板、ORM模型层全实战

Django路由系统、视图、模板、ORM模型层全实战

2026/6/21 2:46:29 查看详情
终极免费开源三国杀网页版:无名杀完整体验指南

终极免费开源三国杀网页版:无名杀完整体验指南

2026/6/21 2:46:29 查看详情
Windows安卓开发环境配置:从驱动诊断到高效开发的完整指南

Windows安卓开发环境配置:从驱动诊断到高效开发的完整指南

2026/6/21 2:46:29 查看详情
NoSleep:你的Windows防休眠终极解决方案,告别意外锁屏烦恼

NoSleep:你的Windows防休眠终极解决方案,告别意外锁屏烦恼

2026/6/21 2:46:29 查看详情
2026巴中漏水检测维修本地口碑防水商家榜单:厨卫/阳台/屋面/地下室渗漏水维修,持证施工+明码实价,防水补漏公司TOP5推荐 - 即刻修防水

2026巴中漏水检测维修本地口碑防水商家榜单:厨卫/阳台/屋面/地下室渗漏水维修,持证施工+明码实价,防水补漏公司TOP5推荐 - 即刻修防水

2026/6/21 2:46:29 查看详情
WSL2下部署Openclaw:Windows开发者高效落地AI智能体的实践指南

WSL2下部署Openclaw:Windows开发者高效落地AI智能体的实践指南

2026/6/21 0:01:30 查看详情
GameServerManager:游戏服务器管理的终极解决方案

GameServerManager:游戏服务器管理的终极解决方案

2026/6/21 0:01:30 查看详情
实验室无尘室设计规范解析——华川洁净 - 华川洁净

实验室无尘室设计规范解析——华川洁净 - 华川洁净

2026/6/21 0:01:30 查看详情
WSL2下部署Openclaw:Windows开发者高效落地AI智能体的实践指南

WSL2下部署Openclaw:Windows开发者高效落地AI智能体的实践指南

2026/6/21 0:01:30 查看详情
GameServerManager:游戏服务器管理的终极解决方案

GameServerManager:游戏服务器管理的终极解决方案

2026/6/21 0:01:30 查看详情
实验室无尘室设计规范解析——华川洁净 - 华川洁净

实验室无尘室设计规范解析——华川洁净 - 华川洁净

2026/6/21 0:01:30 查看详情
YOLOv11涨点改进| CVPR 2026 | 独家创新首发、特征融合改进篇| 引入CMGF 引导特征融合机制,实现对不同模态特征的自适应增强与高效融合,助力多模态目标检测,小目标检测或分割有效涨点

YOLOv11涨点改进| CVPR 2026 | 独家创新首发、特征融合改进篇| 引入CMGF 引导特征融合机制,实现对不同模态特征的自适应增强与高效融合,助力多模态目标检测,小目标检测或分割有效涨点

2026/6/19 22:53:17 查看详情
E-E-A-T 成第一权重:2027 年无经验内容将被彻底淘汰

E-E-A-T 成第一权重:2027 年无经验内容将被彻底淘汰

2026/6/20 4:40:29 查看详情
深圳福田园岭老小区搬家公司推荐 经验足师傅高效搬运攻略 - 从来都是英雄出少年

深圳福田园岭老小区搬家公司推荐 经验足师傅高效搬运攻略 - 从来都是英雄出少年

2026/6/20 22:03:27 查看详情