📄 serv-u "mdtm"命令远程溢出分析.mht
字号:
=
=B6=D4=CA=B1=BC=E4=C7=F8=D3=F2=BD=F8=D0=D0=B4=A6=C0=ED=BC=EC=B2=E2<BR><BR=
>.text:0041FBB6 loc_41FBB6: =20
=
=20
=
=20
; CODE XREF:=20
sub_41FAE8+9B=18j<BR>.text:0041FBB6 =
=20
=20
push =20
20h<BR>.text:0041FBB8 =
=20
=
lea =20
edx, [ebp+var_9FC] =20
=
//ebp-9fc=D6=D0=B4=E6=B7=C5=C8=AB=B2=BF=C3=FC=C1=EE<BR>.text:0041FB=
BE =20
=
=20
push =20
edx<BR>.text:0041FBBF =
=20
=
call =20
sub_59BEB1 =
=20
=
//=D5=D2=C3=FC=C1=EE=D6=D0=B5=C4=BF=D5=B8=F1=D5=D2=B5=BD=
=BA=F3=B0=D1=BF=D5=B8=F1=BA=F3<BR> =20
=
=20
=
=20
=20
=
//=B5=C4=B5=D8=D6=B7=B7=C5=D4=DAebp-78=D6=D0=A3=AC=D2=B2=
=BE=CD=CA=C7=D5=D2=CE=C4=BC=FE=C3=FB<BR>.text:0041FBC4 =20
=
=20
add =
esp,=20
8<BR>.text:0041FBC7 =
=20
=
mov =20
[ebp+var_78],=20
eax<BR>.text:0041FBCA =
=20
=
test =20
eax, eax<BR>.text:0041FBCC =
=20
=20
jz =20
loc_41FE6D =
=
//=C3=BB=D3=D0=D5=D2=B5=BD=CE=C4=BC=FE=C3=FB=CC=F8=A3=AC=
=CC=F8=B9=FD=C8=A5=BD=AB=B4=A6=C0=ED<BR> =20
=
=20
=
=20
//mdtm=20
=
autoexec.bat=D5=E2=C0=E0=BF=B4=CE=C4=BC=FE=CA=B1=BC=E4=B5=C4=C3=FC=C1=EE<=
BR>.text:0041FBD2 =20
=
=20
lea =
edx,=20
[ebp+var_9FC]<BR>.text:0041FBD8 =
=20
=20
push =20
edx<BR>.text:0041FBD9 =
=20
=
call =20
sub_59BDA4 =
=20
=
//=B5=C3=B5=BD=C3=FC=C1=EE=B3=A4=B6=C8<BR>.text:0041FBD=
E =20
=
=20
pop =20
ecx<BR>.text:0041FBDF =20
=
=20
cmp =
eax,=20
10h =
=20
=
//=C3=FC=C1=EE=B3=A4=B6=C8=D0=A1=D3=DA16=CC=F8<BR>.text:0041FBE2 =
=20
=20
jb =20
loc_41FE6D<BR>.text:0041FBE8 =
=20
=20
lea =
ecx,=20
[ebp+var_9FC]<BR>.text:0041FBEE =
=20
=20
mov =
eax,=20
[ebp+var_78]<BR>.text:0041FBF1 =
=20
=20
sub =
eax,=20
ecx =
=20
=
//=B5=C3=CA=B1=BC=E4=C7=F8=D3=F2=B3=A4=B6=C8=B2=BB=D2=AA=BD=F4=D5=C5=D5=E2=
=B6=F9=C3=BB=B6=B4=B6=B4<BR>.text:0041FBF3 =20
=20
cmp =
eax,=20
0Eh<BR>.text:0041FBF6 =
=20
=
jl =20
loc_41FE6D =
=20
=
//=B1=D8=D0=EB=CA=C7=B4=F3=D3=DA=B5=C8=D3=DA14=D7=D6=BD=
=DA<BR>.text:0041FBFC =20
=
=20
mov =20
[ebp+var_88],=20
1<BR>.text:0041FC06 =
=20
=
xor =20
edi, =
edi<BR>.text:0041FC08 =20
=
=20
lea =
esi,=20
[ebp+var_9FC]<BR>.text:0041FC0E =
<BR>.text:0041FC0E=20
loc_41FC0E: =
=20
=
=20
; CODE XREF:=20
sub_41FAE8+141=19j<BR>.text:0041FC0E =
=20
=20
movsx eax, byte =
ptr=20
[esi]<BR>.text:0041FC11 =
=20
=
push =20
eax<BR>.text:0041FC12 =20
=20
call =20
sub_5A1304<BR>.text:0041FC17 =20
=20
pop =20
ecx<BR>.text:0041FC18 =20
=
=20
test eax,=20
eax<BR>.text:0041FC1A =
=20
=
jnz =20
short=20
loc_41FC24<BR>.text:0041FC1C =20
=20
xor =
edx,=20
edx<BR>.text:0041FC1E =
=20
=
mov =20
[ebp+var_88], =
edx<BR>.text:0041FC24=20
<BR>.text:0041FC24 loc_41FC24: =
=20
=
=20
=20
; CODE XREF:=20
sub_41FAE8+132=18j<BR>.text:0041FC24 =
=20
=20
inc =20
edi<BR>.text:0041FC25 =20
=
=20
inc =20
esi<BR>.text:0041FC26 =20
=
=20
cmp =
edi,=20
0Eh<BR>.text:0041FC29 =
=20
=
jl =20
short=20
loc_41FC0E<BR>.text:0041FC2B =20
=20
cmp =20
[ebp+var_88],=20
0<BR>.text:0041FC32 =
=20
=
jz =20
loc_41FD99 =
=20
=
//=C5=D0=B6=CF=CA=B1=BC=E4=C7=F8=D3=F2=B5=C4=C7=B014=B8=F6=D7=D6=C4=B8<BR=
> =20
=
=20
=
=20
=
=20
=
=20
=20
=
//=C8=E7=B9=FB=B2=BB=CA=C7=CA=FD=D7=D6=CC=F8=B5=BD41fd9=
9<BR><BR><BR>//-----------------------<BR>.text:0041FC38 =20
=
=20
push =20
4<BR>.text:0041FC3A =
=20
=
lea =20
ecx,=20
[ebp+var_9FC]<BR>.text:0041FC40 =
=20
=20
push =20
ecx<BR>.text:0041FC41 =
=20
=
lea =20
eax,=20
[ebp+var_84]<BR>.text:0041FC47 =
=20
=20
push =20
eax<BR>.text:0041FC48 =
=20
=
call =20
sub_59BFB8<BR>.text:0041FC4D =
=20
=20
add =
esp,=20
0Ch<BR>.text:0041FC50 =
=20
=
lea =20
edx,=20
[ebp+var_84]<BR>.text:0041FC56 =
=20
=20
mov =20
[ebp+var_80],=20
0<BR>.text:0041FC5A =
=20
=
push =20
edx<BR>.text:0041FC5B =20
=20
call =20
sub_5A4008<BR>.text:0041FC60 =20
&⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -