BigInt Calculator 1.0

标题：破解一个CCG的软件，改半字节！ (6千字)
作者：购物狂
时间：2002-1-27 15:31:19
链接：http://bbs.pediy.com

URL http://www.h108.com/stkman/soft/calcpro.zip 专业版1.0

作者：stkman[CCG] & arbiter[CCG]

简述：BigInt Calculator 是一个支持超大整数运算的计算器,可以对长度最多达10000位10进制的数据进行运算。
它不但支持普通的四则混合运算,而且具有位操作和表达式运算功能,计算器本身提供了21个存贮单元可供
保存运算的中间结果,在表达式中可以引用这些存储单元。
BigInt Calculator的一个显著优点是软件体积小，可执行文件不足50K，纯绿色软件，不修改注册表。

upx加的壳，脱壳很简单。

注册文件为calcpro.key，如内容不对会退出。

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
:00402C5E A0294F4100 mov al, byte ptr [00414F29]<==============比较重要！
:00402C63 84C0 test al, al
:00402C65 7516 jne 00402C7D
:00402C67 6810100000 push 00001010

* Possible StringData Ref from Data Obj ->"Warning"
|
:00402C6C 682C294100 push 0041292C

* Possible StringData Ref from Data Obj ->"THANK YOU FOR TRYING BIGINT CALCULATOR! "
->"This is a unregistered version,If "
->"you like it,please register it,Thanks. "
->" "
|
:00402C71 68C8294100 push 004129C8
:00402C76 52 push edx

* Reference To: USER32.MessageBoxA, Ord:0000h
|
:00402C77 FF15F0104100 Call dword ptr [004110F0]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
:004030DC A0294F4100 mov al, byte ptr [00414F29]<==============比较重要！
:004030E1 84C0 test al, al
:004030E3 742D je 00403112
:004030E5 57 push edi
:004030E6 BF70434100 mov edi, 00414370
:004030EB 83C9FF or ecx, FFFFFFFF
:004030EE 33C0 xor eax, eax
:004030F0 F2 repnz
:004030F1 AE scasb
:004030F2 F7D1 not ecx
:004030F4 49 dec ecx
:004030F5 5F pop edi
:004030F6 741A je 00403112
:004030F8 8B4C2404 mov ecx, dword ptr [esp+04]
:004030FC 6870434100 push 00414370
:00403101 6837040000 push 00000437
:00403106 51 push ecx

* Reference To: USER32.SetDlgItemTextA, Ord:0000h
|
:00403107 FF15EC104100 Call dword ptr [004110EC]
:0040310D 33C0 xor eax, eax
:0040310F C21000 ret 0010

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:004030E3(C), :004030F6(C)
|
:00403112 8B542404 mov edx, dword ptr [esp+04]

* Possible StringData Ref from Data Obj ->"UNREGISTERED"
|
:00403116 68802A4100 push 00412A80
:0040311B 6837040000 push 00000437
:00403120 52 push edx

* Reference To: USER32.SetDlgItemTextA, Ord:0000h
|
:00403121 FF15EC104100 Call dword ptr [004110EC]

* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:004030BC(C), :004030C8(C)
|
:00403127 33C0 xor eax, eax
:00403129 C21000 ret 0010
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
:004035FB E860550000 call 00408B60
:00403600 83C430 add esp, 00000030
:00403603 85C0 test eax, eax
:00403605 751B jne 00403622<======================仅改这里741B即可！
:00403607 A118514100 mov eax, dword ptr [00415118]
:0040360C 6870434100 push 00414370
:00403611 50 push eax
:00403612 E8F9770000 call 0040AE10
:00403617 83C408 add esp, 00000008
:0040361A 881D294F4100 mov byte ptr [00414F29], bl<==============比较重要！
:00403620 EB2C jmp 0040364E

* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00403605(C)
|
:00403622 8D7C241C lea edi, dword ptr [esp+1C]
:00403626 83C9FF or ecx, FFFFFFFF
:00403629 33C0 xor eax, eax
:0040362B F2 repnz
:0040362C AE scasb
:0040362D F7D1 not ecx
:0040362F 2BF9 sub edi, ecx
:00403631 8BF7 mov esi, edi
:00403633 8BD1 mov edx, ecx

* Possible StringData Ref from Data Obj ->"BigInt Calculator Pro 1.0 "
|
:00403635 BFA8284100 mov edi, 004128A8
:0040363A 83C9FF or ecx, FFFFFFFF
:0040363D F2 repnz
:0040363E AE scasb
:0040363F 8BCA mov ecx, edx
:00403641 4F dec edi
:00403642 C1E902 shr ecx, 02
:00403645 F3 repz
:00403646 A5 movsd
:00403647 8BCA mov ecx, edx
:00403649 83E103 and ecx, 00000003
:0040364C F3 repz
:0040364D A4 movsb

* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00403620(U)
|

* Possible StringData Ref from Data Obj ->"BigInt Calculator Pro 1.0 "
|
:0040364E 68A8284100 push 004128A8
:00403653 55 push ebp

* Reference To: USER32.SetWindowTextA, Ord:0000h
|
:00403654 FF15DC104100 Call dword ptr [004110DC]
:0040365A A1582E4200 mov eax, dword ptr [00422E58]
:0040365F 8B0D882E4200 mov ecx, dword ptr [00422E88]
:00403665 5D pop ebp
:00403666 898834020000 mov dword ptr [eax+00000234], ecx
:0040366C 8B15582E4200 mov edx, dword ptr [00422E58]
:00403672 8BC3 mov eax, ebx
:00403674 899A28020000 mov dword ptr [edx+00000228], ebx
:0040367A 5B pop ebx
:0040367B 5F pop edi
:0040367C 5E pop esi
:0040367D 83C42C add esp, 0000002C
:00403680 C21000 ret 0010
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~