DJUSP注册
用WDASM反汇编
:004698E5 E8FAFEFFFF call 004697E4
:004698EA 8BD8
mov ebx, eax
:004698EC 8D45F8
lea eax, dword ptr [ebp-08]
:004698EF E834A3F9FF call 00403C28
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004698E1(U)
|
:004698F4 84DB
test bl, bl <--bl=1注册成功
:004698F6 752C
jne 00469924
:004698F8 6A20
push 00000020
:004698FA E869D9F9FF Call 00407268
:004698FF 6A10
push 00000010
* Possible StringData Ref from Code Obj ->"Registration"
|
:00469901 68A0994600 push 004699A0
* Possible StringData Ref from Code Obj ->"Password incorrect. "
|
:00469906 68B0994600 push 004699B0
:0046990B 8BC7
mov eax, edi
:0046990D E8D2C2FCFF call 00435BE4
注意到:004698F4 84DB test bl, bl
处BL由:004698EA 8BD8 mov ebx, eax赋值,所以用F8进入
:004698E5 E8FAFEFFFF call 004697E4
......
:00469847 8BC3
mov eax, ebx <--eax为输入数值的16进制
:00469849 3513487D00 xor eax,
007D4813 <--异或
:0046984E 3DF0198E00 cmp eax,
008E19F0 <--比较
:00469853 7504
jne 00469859
所以我得到PASSWORD: 1767996592
此外,我用WDASM修改版不能正确反汇编, 看来还是要用原版.