实验吧just click

just click

看了****核心原理光刚门逆向，就找了实验吧的逆向那个题拿来练手，选了一个just click练手

打开程序后发现是一个窗口里面4个按钮排列，索性随便点了几下于是就关了。

于是乎直接上OD结果没有出现任何的反编译代码，直接就运行窗口，点了几下，窗口关闭，OD才显现代码但是已经是retn处了（至于为什么这样，希望喵总解答）

后来就认为是不是有壳，就用PEID查壳，结果

UPolyX V0.5后来看了很多也没头绪，很多帖子是未知壳子，（OD没用还是没有响应。）

于是用EXEInfoPE看了一下pe结构

发现是.net文件，没学过，后来查了一下可以用ILspy来反编译并学习工具的用法，打开工具后是这样的

然后打开反编译的文件，新增了一条我的文件名的选项，后点击加好，又有很多子菜单你，反编译代码就在这里

我们想要的代码在app里面没看懂，mainwindow的代码粘贴下来

using System;
using System.CodeDom.Compiler;
using System.ComponentModel;
using System.Diagnostics;
using System.Windows;
using System.Windows.Controls;
using System.Windows.Markup;

namespace rev4
{
	public class MainWindow : Window, IComponentConnector
	{
		private bool first;

		private int hit;

		private int correct;//定义成员数据

		internal StackPanel sp1;

		internal StackPanel sp2;

		internal StackPanel sp3;

		internal StackPanel sp4;

		internal TextBlock tb1;

		internal Button bt1;

		internal Button bt2;

		internal Button bt3;

		internal Button bt4;//定义所有的键

		private bool _contentLoaded;

		public MainWindow() //初始化所有成员数据
		{
			this.InitializeComponent();
			this.first = true;
			this.hit = 0;
			this.correct = 0;
		}

		private void bt1_Click(object sender, RoutedEventArgs e)
		{
			this.btn_Checker(1);
		}

		private void bt2_Click(object sender, RoutedEventArgs e)
		{
			this.btn_Checker(2);
		}

		private void bt3_Click(object sender, RoutedEventArgs e)
		{
			this.btn_Checker(3);
		}

		private void bt4_Click(object sender, RoutedEventArgs e)  //以上相同功能设置每个按钮所传递的值
		{
			this.btn_Checker(4);
		} 

		private void btn_Checker(int para) 
		{
			int[] array = new int[]   //这里就是按动的按钮顺序
			{
				0,
				1,
				3,
				4,
				2,
				1,
				2,
				3,
				4
			};
			bool flag = this.hit < 8;  //比较按动次数是否为8次
			if (flag)
			{
				int num = this.hit;
				this.hit = num + 1;
			}
			else
			{
				base.Close();
			}
			bool flag2 = this.first;
			if (flag2)  
			{
				this.tb1.Text = "";
				this.first = false;
			}
			bool flag3 = array[this.hit] == para; //比较我按动按钮传递的值和数组中的数比较
			if (flag3)
			{
				int num = this.correct;
				this.correct = num + 1;
			}
			bool flag4 = this.correct == 8;          //当八个都按对，弹出成功，得到flag
			if (flag4)
			{
				MessageBox.Show("Succeed!");
				TextBlock textBlock = this.tb1;
				textBlock.Text = string.Concat(new string[]
				{
					textBlock.Text,
					this.sp1.Tag.ToString(),
					this.sp2.Tag.ToString(),
					this.sp3.Tag.ToString(),
					this.sp4.Tag.ToString()
				});
			}
		}

		[GeneratedCode("PresentationBuildTasks", "4.0.0.0"), DebuggerNonUserCode]
		public void InitializeComponent()
		{
			bool contentLoaded = this._contentLoaded;
			if (!contentLoaded)
			{
				this._contentLoaded = true;
				Uri resourceLocator = new Uri("/rev4;component/mainwindow.xaml", UriKind.Relative);
				Application.LoadComponent(this, resourceLocator);
			}
		}

		[GeneratedCode("PresentationBuildTasks", "4.0.0.0"), EditorBrowsable(EditorBrowsableState.Never), DebuggerNonUserCode]
		void IComponentConnector.Connect(int connectionId, object target)
		{
			switch (connectionId)
			{
			case 1:
				this.sp1 = (StackPanel)target;
				break;
			case 2:
				this.sp2 = (StackPanel)target;
				break;
			case 3:
				this.sp3 = (StackPanel)target;
				break;
			case 4:
				this.sp4 = (StackPanel)target;
				break;
			case 5:
				this.tb1 = (TextBlock)target;
				break;
			case 6:
				this.bt1 = (Button)target;
				this.bt1.Click += new RoutedEventHandler(this.bt1_Click);
				break;
			case 7:
				this.bt2 = (Button)target;
				this.bt2.Click += new RoutedEventHandler(this.bt2_Click);
				break;
			case 8:
				this.bt3 = (Button)target;
				this.bt3.Click += new RoutedEventHandler(this.bt3_Click);
				break;
			case 9:
				this.bt4 = (Button)target;
				this.bt4.Click += new RoutedEventHandler(this.bt4_Click);
				break;
			default:
				this._contentLoaded = true;
				break;
			}
		}
	}
}