.net 加密的疑问(见者有分)
这是用ILASM反编来的一个加密片段:
Public Class bc:
.......
Dim buffer As Byte() = New Byte() { &H55, &H8B,.......}
Dim lpStartAddress As UInt32 = bc.VirtualAlloc(0, buffer.Length, &H1000, &H40)
Marshal.Copy(buffer, 0, DirectCast(lpStartAddress, IntPtr), buffer.Length)
Dim hHandle As IntPtr = IntPtr.Zero
Dim lpThreadId As UInt32 = 0
Dim aaedcc As New ac//结构
Dim param As IntPtr = Marshal.AllocHGlobal(Marshal.SizeOf(GetType(ac)))
Marshal.StructureToPtr(aaedcc, param, False)
hHandle = bc.CreateThread(0, 0, lpStartAddress, param, 0, (lpThreadId))
bc.WaitForSingleObject(hHandle, UInt32.MaxValue)
aaedcc = Marshal.PtrToStructure(param, GetType(ac))
//aaedcc得到赋值
........
Public Structure ac
Public a As UInt32
.......
End Structure
我不明白里面bc.CreateThread的变化过程,aaedcc的值怎么来的,请高手指点
[解决办法]
解密 最好找个数学家 aaedcc怎么变成密码段的 因该是数学问题
[解决办法]
一般加密都是不可逆的,比如MD5
[解决办法]
lpStartAddress
跟进去看
