|
|
发表于 2004-5-15 22:38:25| 字数 1,474| - 英国–英格兰–大伦敦–伦敦城
|
显示全部楼层
from zoneup
你说的对,真正有用的代码就只有:
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0001.0236(U)
|
:0001.0251 BA7000 mov dx, 0070
:0001.0254 B06A mov al, 6A
:0001.0256 EE out dx, al
:0001.0257 BAED00 mov dx, 00ED
:0001.025A EE out dx, al
:0001.025B BA7100 mov dx, 0071
:0001.025E EC in al, dx
:0001.025F 0C80 or al, 80 //估计就是这里了
:0001.0261 EE out dx, al
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0001.020D(C), :0001.0215(C), :0001.021D(C), :0001.0225(C), :0001.022D(C),
|:0001.0234(C)
|
:0001.0262 B8004C mov ax, 4C00 //退到dos
:0001.0265 CD21 int 21
整个程序一开始就跳到0200处,接着判断你的bios信息,估计是js故意这样加的:
//********************** Start of Code in Segment: 1 **************
:0001.0100 E9FD00 jmp 0200
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0001.0100(U)
|
:0001.0200 B800F0 mov ax, F000 //这不就是js找你要的dat内容
么,呵呵
:0001.0203 8ED8 mov ds, ax
:0001.0205 BB8D6A mov bx, 6A8D
:0001.0208 B84A31 mov ax, 314A
:0001.020B 3B07 cmp ax, [bx] // f000:6a8d ?= "J1"
:0001.020D 7553 jne 0262 // 不等就虾米了
:0001.020F B8554C mov ax, 4C55
:0001.0212 3B4702 cmp ax, [bx+02] // 再比较后两个字节...
:0001.0215 754B jne 0262
:0001.0217 B83934 mov ax, 3439
:0001.021A 3B4704 cmp ax, [bx+04]
:0001.021D 7543 jne 0262
:0001.021F B83332 mov ax, 3233
:0001.0222 3B4706 cmp ax, [bx+06]
:0001.0225 753B jne 0262
:0001.0227 B83147 mov ax, 4731
:0001.022A 3B4708 cmp ax, [bx+08]
:0001.022D 7533 jne 0262
:0001.022F B045 mov al, 45
:0001.0231 3A470A cmp al , [bx+0A]
:0001.0234 752C jne 0262
:0001.0236 EB19 jmp 0251
上面这段代码就是看f000:6a8d开始的地址是否为"J1UL94321GE"。
你的f000:6a8d为"J1SVX36D1GB",就是你的Board Serial number。
所以整个程序根本什么都不干就退出了。
其实只要执行一下开头提到的那小段代码就行了,其他的根本就是塞空间的。
以上仅供参考,呵呵。 |
|
楼主: mygod999
[复制链接]
|自动提醒
狗仔卡
离线
