📄 serv-u "mdtm"命令远程溢出分析.mht
字号:
esp,=20
0FFFFF004h =20
=
//=CE=AA=B1=BE=B5=D8=B1=E4=C1=BF=B7=D6=C5=E4=BF=D5=BC=E4<BR>.text:0=
041FAF1 =20
=20
push =20
eax<BR>.text:0041FAF2 =
=20
=
add =20
esp, 0FFFFFC74h =
=20
=
//=CE=AA=B1=BE=B5=D8=B1=E4=C1=BF=B7=D6=C5=E4=BF=D5=BC=E4<BR>.text:0=
041FAF8 =20
=
=20
mov =
eax,=20
offset=20
=
unk_59C243 //=D6=D8=D2=AA=B3=CC=D0=F2=D7=D4=D2=D1=B5=C4=D2=EC=B3=
=A3=B4=A6=C0=ED=BA=AF=CA=FD=C8=EB=BF=DA<BR>.text:0041FAFD =20
=
=20
xor =
edx,=20
edx<BR>.text:0041FAFF =
=20
=
push =20
ebx<BR>.text:0041FB00 =20
=20
push =20
esi<BR>.text:0041FB01 =
=20
=
push =20
edi<BR>.text:0041FB02 =20
=20
mov =
ebx,=20
[ebp+8] =
=20
=
//=B4=A6=C0=ED=B5=DA=D2=BB=B8=F6=B2=CE=CA=FD<BR>.text:0041FB05 =
; =20
=20
mov =
dword ptr=20
[ebp-4Ch], offset unk_5B8520 =20
<BR>.text:0041FB0C =
=20
=
mov =20
[ebp-48h],=20
esp<BR><BR>.text:0041FB0F =20
=20
mov =
[ebp-50h],=20
eax =20
=
//=D6=D8=D2=AA=BD=A8=C1=A2ERR=BD=E1=B9=B9=B5=C4=B5=DA=B6=FE=B8=F6=B3=
=C9=D4=B1<BR> =20
=
=20
=
=20
=20
=
//=D2=B2=BE=CD=CA=C7=B3=CC=D0=F2=D7=D4=D2=D1=B5=C4=D2=EC=
=B3=A3=B4=A6=C0=ED=BA=AF=CA=FD=C8=EB=BF=DA<BR>.text:0041FB12 =20
=
=20
mov =
word ptr=20
[ebp-44h], 0<BR>.text:0041FB18 =
=20
=20
mov =
[ebp-38h],=20
edx<BR><BR>.text:0041FB1B =20
=20
mov =
ecx, large=20
fs:0 =20
=
//=D6=D8=D2=AA=B5=C3=B5=BD=C9=CF=D2=BB=B8=F6ERR=BD=E1=B9=
=B9=B5=D8=D6=B7<BR>.text:0041FB22 =20
=
=20
mov =
[ebp-54h],=20
ecx =20
=
//=BD=A8=C1=A2ERR=BD=E1=B9=B9=B5=C4=B5=DA=D2=BB=B8=F6=B3=C9=D4=B1<B=
R>.text:0041FB25 =20
=
=20
lea =
eax,=20
[ebp-54h] =20
=
//=B5=C3=B5=BD=B5=B1=C7=B0ERR=BD=E1=B9=B9=B5=C4=B5=D8=D6=B7(017AD28=
0)<BR>.text:0041FB28 =20
=
=20
mov =
large=20
fs:0, eax =20
=
//=B7=C5=B5=BDfs:[0]=D6=D0=A3=AC=D5=E2=D1=F9=C8=E7=B9=FB=
=D5=E2=B6=CE=B4=FA=C2=EB<BR> =20
=
=20
=
=20
=20
=
//=B3=F6=B4=ED=B5=C4=BB=B0=BE=CD=BB=E1=D6=B4=D0=D0ebp-50=C0=EF=B5=C4=B5=C4=
=BA=AF=CA=FD<BR>.text:0041FB2E =20
=
=20
mov =
byte ptr=20
[ebp-55h], 0<BR>.text:0041FB32 =
=20
=20
mov =
byte ptr=20
[ebp-56h],=20
=
0<BR>/////////////////////////////////////////////////////<BR>=B3=CC=D0=F2=
=D5=FD=B3=A3=B5=C4=D5=BB=C7=E9=BF=F6=C8=E7=CF=C2:<BR>ebp-56=20
017AD27E 00<BR>ebp-55 017AD27F 00<BR>epb-54 =
017AD280=20
40<BR>ebp-53 017AD281 E2<BR>ebp-52 017AD282 =
7A<BR>ebp-51=20
017AD283 01 =
017AE240=B5=C4=D6=B5=D6=B8=CF=F2=C9=CF=D2=BB=B8=F6ERR=BD=E1=B9=B9<BR>ebp-=
50 017AD284=20
43<BR>ebp-4F 017AD285 C2<BR>ebp-4E 017AD286 =
59<BR>ebp-4D=20
017AD287 00=20
=
0059C243=CA=C7=B3=CC=D0=F2=D7=D4=D2=D1=B5=C4=D2=EC=B3=A3=B4=A6=C0=ED=BA=AF=
=CA=FD=C8=EB=BF=DA<BR><BR>///////////////////////////////////////////////=
/////<BR>.text:0041FB36 =20
=
=20
xor =
edx,=20
edx<BR>.text:0041FB38 =
=20
=
mov =20
[ebp-74h], =
edx<BR>.text:0041FB3B =20
=
=20
mov =
[ebp-70h],=20
edx<BR>.text:0041FB3E =
=20
=
mov =20
[ebp-6Ch], =
edx<BR>.text:0041FB41 =20
=
=20
mov =
[ebp-68h],=20
edx<BR>.text:0041FB44 =
=20
=
mov =20
[ebp-64h], =
edx<BR>.text:0041FB47 =20
=
=20
mov =
[ebp-60h],=20
edx<BR>.text:0041FB4A =
=20
=
mov =20
[ebp-5Ch], edx =20
=
//=B1=BE=B5=D8=B1=E4=C1=BF=B8=F8=B3=F5=D6=B50<BR>.text:0041FB4D =
=20
=20
push =20
7FFh<BR>.text:0041FB52 =
=20
=
mov =20
eax, [ebp+0Ch] =20
=
//=B4=A6=C0=ED=B5=DA=B6=FE=B8=F6=B2=CE=CA=FD=D2=B2=BE=CD=CA=C7=C3=FC=C1=EE=
=D7=D6=B4=AE=B5=C4=B5=D8=D6=B7<BR>.text:0041FB55 =20
=20
add =
eax,=20
4 =20
=
//=C8=A5=B3=FD=C3=FC=C1=EE=D7=D6=B4=AE=BF=AA=CD=B7=B5=C4MDTM<BR>.te=
xt:0041FB58 =20
=
=20
push =20
eax<BR>.text:0041FB59 =
=20
=
lea =20
ecx,=20
[ebp-9FCh]<BR>.text:0041FB5F =20
=20
push =20
ecx<BR>.text:0041FB60 =
=20
=
call =20
sub_59BFB8 =20
=
//=CF=E0=B5=B1=D3=DAstrncpy=B0=D1=C3=FC=C1=EE=BF=BD=B5=BD=
=B1=BE=B5=D8=B1=E4=C1=BFebp-9fch=D6=D0<BR> =20
=
=20
=
=20
=
//=B3=A4=B6=C8=B2=BB=B3=AC=B9=FD2KB<BR>.text:0041FB65&n=
bsp;=20
=
=20
add =
esp,=20
0Ch<BR>.text:0041FB68 =
=20
=
lea =20
eax,=20
[ebp-9FCh]<BR>.text:0041FB6E =20
=20
mov =
byte ptr=20
[ebp-1FDh], 0<BR>.text:0041FB75 =
=20
=20
push =20
eax<BR>.text:0041FB76 =
=20
=
call =20
sub_4422A4 =20
=
//=B6=D4=D7=D6=B4=AE=BD=F8=D0=D0=D4=D9=D2=BB=B2=BD=B4=A6=
=C0=ED=C8=A5=B3=FDMDTM=D3=EB<BR> =20
=
=20
=
=20
=
//=C3=FC=C1=EE=D6=D0=BC=E4=B5=C4=C4=C7=B8=F6=BF=D5=B8=F1=
=A3=AC=C3=FC=C1=EE=BA=F3=C3=E6=B5=C4=BB=D8=B3=B5<BR> =20
=
=20
=
=20
=
=20
=20
=
//=BB=B9=D2=AA=C5=D0=B6=CF=C3=FC=C1=EE=CA=C7=B7=F1=CE=AA=
=BF=D5<BR>.text:0041FB7B =20
=
=20
cmp =
byte ptr=20
[ebp-9FCh], 0<BR>.text:0041FB82 =
=20
=20
pop =20
ecx<BR>.text:0041FB83 =20
=
=20
jnz =
short=20
=
loc_41FBB6 //=BA=CF=B7=A8=B5=C4=BB=B0=CC=F8<BR><BR>[2]=20
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -