PDF密码破解工具,针对那些设定用户密码,无法编辑或更改、打印、复制文字或图片,增加注释等等方面,它可以轻松的解除这些限制。
源程序Adult PDF Password Recovery.exe用Aspack加壳,脱壳后,W32Dasm反汇编
注册码算法
* Referenced by a CALL at Addresses:
|:004041C1 , :00404940
|
:004049AC 56 push esi
:004049AD 8BF2 mov esi, edx
:004049AF 85F6 test esi, esi 注册码是否为空
:004049B1 7504 jne 004049B7 不空跳转
:004049B3 33C0 xor eax, eax
:004049B5 5E pop esi
:004049B6 C3 ret
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004049B1(C)
|
:004049B7 803E00 cmp byte ptr [esi], 00
:004049BA 7504 jne 004049C0
:004049BC 33C0 xor eax, eax
:004049BE 5E pop esi
:004049BF C3 ret
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004049BA(C)
|
:004049C0 56 push esi
:004049C1 E82A4B0C00 call 004C94F0 获取注册码长度入EAX
:004049C6 59 pop ecx
:004049C7 83F810 cmp eax, 00000010 长度是否为h10(十六位)
:004049CA 7404 je 004049D0 是跳转,否出错
:004049CC 33C0 xor eax, eax
:004049CE 5E pop esi
:004049CF C3 ret
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004049CA(C)
|
:004049D0 33D2 xor edx, edx
:004049D2 8BC6 mov eax, esi
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004049EA(C)
|
这段代码用来测试注册码的每一位属于A~Z之间
:004049D4 0FBE08 movsx ecx, byte ptr [eax]
:004049D7 83F941 cmp ecx, 00000041 A的ASCII值
:004049DA 7C05 jl 004049E1
:004049DC 83F95A cmp ecx, 0000005A Z的ASCII值
:004049DF 7E04 jle 004049E5
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004049DA(C)
|
:004049E1 33C0 xor eax, eax
:004049E3 5E pop esi
:004049E4 C3 ret
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004049DF(C)
|
:004049E5 42 inc edx edx=edx+1
:004049E6 40 inc eax
:004049E7 83FA10 cmp edx, 00000010 edx是否等于h10,即是否每位测试到
:004049EA 7CE8 jl 004049D4
:004049EC 0FBE5609 movsx edx, byte ptr [esi+09] edx=注册码的09偏移(第10位)的ASCII值
:004049F0 0FBE4E0C movsx ecx, byte ptr [esi+0C] ecx=注册码的0C偏移(第13位)的ASCII值
:004049F4 03D1 add edx, ecx edx=edx+ecx
:004049F6 81FA9B000000 cmp edx, 0000009B edx是否等于9B
:004049FC 7404 je 00404A02 是跳转,否出错
:004049FE 33C0 xor eax, eax
:00404A00 5E pop esi
:00404A01 C3 ret
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004049FC(C)
|
:00404A02 B001 mov al, 01
:00404A04 5E pop esi
:00404A05 C3 ret
总结如下:
Email地址任意,注册码需16位,全部为大写字母(A~Z),其中第10位和13位的ASCII值相加等于9B即可。
注册文件格式如下:
文件名:系统system目录下的adultpdf_Decrypt_reg.ini
[Decrypt_Register]
Mail=Coldeye@Crack.cn Eamil地址任意
Serial=COLDEYECRACKZZCN 注册码