IMAGEOPTIMIZER

标题：IMAGEOPTIMIZER.exe (8千字)
作者：abcde-12345
时间：2001-11-5 18:53:46
链接：http://bbs.pediy.com

IMAGEOPTIMIZER.exe 一个号称可以优化网页上图片大小的软件,我不会用
:004011CA A1F8B05200 mov eax, dword ptr [0052B0F8]   <--KEY
:004011CF 33DB xor ebx, ebx
:004011D1 3BC3 cmp eax, ebx
:004011D3 899C24A8000000 mov dword ptr [esp+000000A8], ebx
:004011DA 7439 je 00401215           <--NO jmp 则为DEMO
:004011DC 8D4C2410 lea ecx, dword ptr [esp+10]

* Possible Reference to String Resource ID=40030: "This is a commercial demo of Image Optimizer Professional."
|
:004011E0 685E9C0000 push 00009C5E
:004011E5 51 push ecx
:004011E6 E8105E0B00 call 004B6FFB
:004011EB 8B542418 mov edx, dword ptr [esp+18]
:004011EF 83C408 add esp, 00000008
:004011F2 8D8ED4000000 lea ecx, dword ptr [esi+000000D4]
:004011F8 52 push edx
:004011F9 E85AC60B00 call 004BD858
:004011FE 8D442410 lea eax, dword ptr [esp+10]

* Possible Reference to String Resource ID=40024: "Thank you for choosing to evaluate Image Optimizer Professio"
|
:00401202 68589C0000 push 00009C58
:00401207 50 push eax
:00401208 E8EE5D0B00 call 004B6FFB
:0040120D 83C408 add esp, 00000008
:00401210 E970010000 jmp 00401385

* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004011DA(C)
|
:00401215 A190B15200 mov eax, dword ptr [0052B190]
:0040121A 3DC35A42A3 cmp eax, A3425AC3
:0040121F 0F841C010000 je 00401341
:00401225 3DF35E43AB cmp eax, AB435EF3
:0040122A 7477 je 004012A3
:0040122C 3D6DE15404 cmp eax, 0454E16D
:00401231 0F855E010000 jne 00401395
:00401237 391D84B15200 cmp dword ptr [0052B184], ebx
:0040123D 740C je 0040124B
:0040123F 8D542410 lea edx, dword ptr [esp+10]

* Possible Reference to String Resource ID=40068: "This is the full registered version of Image Optimizer Profe"
|
:00401243 68849C0000 push 00009C84
:00401248 52 push edx
:00401249 EB0A jmp 00401255

///////////////////////////////////////////////////////////////////////////////////////
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0041A289(U), :0041A33B(U), :0041A389(U), :0041A411(C)   <--KEY
|
:0041A41D 33C0 xor eax, eax

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0041A2C0(U), :0041A306(U)
|
:0041A41F 2BC5 sub eax, ebp   <--EAX==2 ; EBP==0; EBX==1
:0041A421 0F849F000000 je 0041A4C6
:0041A427 48 dec eax
:0041A428 740F je 0041A439
:0041A42A 48 dec eax
:0041A42B 0F8559010000 jne 0041A58A
:0041A431 891DF8B05200 mov dword ptr [0052B0F8], ebx
:0041A437 EB06 jmp 0041A43F

///////////////////////////////////////////////////////////////////////////////////////
:0041A0E0 8B41F8 mov eax, dword ptr [ecx-08]
:0041A0E3 83F808 cmp eax, 00000008
:0041A0E6 757B jne 0041A163           是否为8位
:0041A0E8 8A01 mov al, byte ptr [ecx]

///////////////////////////////////////////////////////////////////////////////////////
709fyfbc 标准版
4A XOR 7D==7   ->7
B7 XOR 87==30 ->0
C3 XOR FA==39 ->9
AC XOR CA==66 ->f
F6 XOR 8F==79 ->y
FA XOR 9C==66 ->f
3C XOR 5E==62 ->b
1F XOR 7C==63 ->c

说明:
地址一 52B184 旗标之一 1--为peofessional 0--为nonprofessional
地址二 52B0F8 旗标之二 1--为UNregisteR 0--为Register   hahahahahaha 特别吗??????
  EAX   旗标之三 0--Register 1--professional 2--dome professional
1.程序先判断版本 professional 不予注册非professional才舆注册
:0043BA07 E8492A0800 call 004BE455           <--判断 1 小弟功力不足没找到专业版与
                              <--非专业版的定位???请高手指点
:0043BA0C 8B442414 mov eax, dword ptr [esp+14]
:0043BA10 3968F8 cmp dword ptr [eax-08], ebp
:0043BA13 743B je 0043BA50

* Possible StringData Ref from Data Obj ->"-professional"
|
:0043BA15 6834185200 push 00521834           <--判断 2 功力不足;请高手指点
:0043BA1A 8D4C2418 lea ecx, dword ptr [esp+18]
:0043BA1E E83FB20700 call 004B6C62
:0043BA23 83F8FF cmp eax, FFFFFFFF
:0043BA26 7428 je 0043BA50
:0043BA28 6A0D push 0000000D
:0043BA2A 50 push eax
:0043BA2B 8D4C241C lea ecx, dword ptr [esp+1C]
:0043BA2F C70584B1520001000000 mov dword ptr [0052B184], 00000001
:0043BA39 E838AE0700 call 004B6876
:0043BA3E 8D4C2414 lea ecx, dword ptr [esp+14]
:0043BA42 E849B60700 call 004B7090
:0043BA47 8D4C2414 lea ecx, dword ptr [esp+14]
:0043BA4B E8F4B50700 call 004B7044
2.注册
:0041A17F A184B15200 mov eax, dword ptr [0052B184]
:0041A184 C68424D401000008 mov byte ptr [esp+000001D4], 08
:0041A18C 3BC5 cmp eax, ebp
:0041A18E 0F85FA000000 jne 0041A28E           <--professional No Register
:0041A194 8B842484010000 mov eax, dword ptr [esp+00000184]
:0041A19B 8378F808 cmp dword ptr [eax-08], 00000008   <--Number of Register
:0041A19F 0F8566010000 jne 0041A30B
:0041A1A5 8A08 mov cl, byte ptr [eax]   <--|calculate 7
:0041A1A7 80F14A xor cl, 4A |
:0041A1AA 80F97D cmp cl, 7D |
:0041A1AD 0F8558010000 jne 0041A30B |
:0041A1B3 8A4801 mov cl, byte ptr [eax+01] | 0
:0041A1B6 80F1B7 xor cl, B7 |
:0041A1B9 80F987 cmp cl, 87 |
:0041A1BC 0F8549010000 jne 0041A30B |
:0041A1C2 8A4802 mov cl, byte ptr [eax+02] | 9
:0041A1C5 80F1C3 xor cl, C3 |
:0041A1C8 80F9FA cmp cl, FA |
:0041A1CB 0F853A010000 jne 0041A30B |
:0041A1D1 8A4803 mov cl, byte ptr [eax+03] | f
:0041A1D4 80F1AC xor cl, AC |
:0041A1D7 80F9CA cmp cl, CA |
:0041A1DA 0F852B010000 jne 0041A30B |
:0041A1E0 8A4804 mov cl, byte ptr [eax+04] | y
:0041A1E3 80F1F6 xor cl, F6 |
:0041A1E6 80F98F cmp cl, 8F |
:0041A1E9 0F851C010000 jne 0041A30B |
:0041A1EF 8A4805 mov cl, byte ptr [eax+05] | f
:0041A1F2 80F1FA xor cl, FA |
:0041A1F5 80F99C cmp cl, 9C |
:0041A1F8 0F850D010000 jne 0041A30B |
:0041A1FE 8A4806 mov cl, byte ptr [eax+06] | b
:0041A201 80F13C xor cl, 3C |
:0041A204 80F95E cmp cl, 5E |
:0041A207 0F85FE000000 jne 0041A30B |
:0041A20D 8A4007 mov al, byte ptr [eax+07] | c
:0041A210 341F xor al, 1F |
:0041A212 3C7C cmp al, 7C |
:0041A214 0F85F1000000 jne 0041A30B <--|
这个程序不太难可是费了我一天的时间,概说的都说了,不止大家明白否?