注册PSXVIDEO
Ver1.12详细算法
软件名称:PSXVIDEO Ver1.12
软件下载:等我汉化完传到HTTP://ZOMBIEYS.126.COM去
主要功能:PSXVIDEO 是一个能将 PS 游戏 CD-ROM 上的动画档案转换成 PC 平台能播放的
AVI 档案的一个转档程式, 是由一位日本人 tany 先生所写, 目前为最新版v1.12
已经可以将大部分的 PS 游戏动画转出, 几乎没有转不出的动画
PSXVIDEO v1.07由tany先生於97/10/20完成 , 增加了 FF7 的检查选项,以及一
些细部的修正等.
主要目的:寻找合适的注册码
破解难度:非常简单(适合初学者)
正规方法:选注册填自己的大名,注册码填78787878,进s-ice下s 30:0 l ffffffff '78787878',下bpm
"搜到的地址",按f5返回,点注册被拦到,按几次f12知道进入PSXVIDEO领空,再按几次f10到这里
* Possible Reference to Dialog: REGIST, CONTROL_ID:03F7, ""
|
:004099FA 68F7030000 push
000003F7
:004099FF 56
push esi
:00409A00 FFD7
call edi
:00409A02 8D4C240C
lea ecx, dword ptr [esp+0C]
:00409A06 51
push ecx
:00409A07 E844B6FFFF call
00405050
//算KEY的CALL
:00409A0C 83C404
add esp, 00000004
:00409A0F 85C0
test eax, eax
:00409A11 740E
je 00409A21
//跳下去就成功了
:00409A13 6A10
push 00000010
* Possible StringData Ref from Data Obj ->"ERROR"
|
:00409A15 68E0514100 push
004151E0
* Possible StringData Ref from Data Obj ->"Password Error."
|
:00409A1A 689C664100 push
0041669C
:00409A1F EB18
jmp 00409A39
//骗子-_-(TANY语)
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00409A11(C)
|
:00409A21 C7056C9C450001000000 mov dword ptr [00459C6C], 00000001
//成功了,没被抓到^Q^
:00409A2B EB0F
jmp 00409A3C
我们来看看它怎码算的KEY吧@_@,还好了很短,也很简单:)
:00405050 81EC08010000 sub esp, 00000108
//准备抓骗子(TANY语)
:00405056 53
push ebx
:00405057 55
push ebp
:00405058 56
push esi
:00405059 57
push edi
:0040505A 8BBC241C010000 mov edi, dword
ptr [esp+0000011C] //取你输的注册码->EDI
:00405061 33D2
xor edx, edx
//准备了:)
:00405063 BE1A000000 mov esi,
0000001A
//做除数用
:00405068 BD1A000000 mov ebp,
0000001A
//做除数用
:0040506D 0FBE4F04
movsx ecx, byte ptr [edi+04] //注册码第5位->ECX
:00405071 F7D1
not ecx
//取反->ECX
:00405073 8A1F
mov bl, byte ptr [edi]
//注册码第1位->BL
:00405075 8D414F
lea eax, dword ptr [ecx+4F] //(第5位取反结果+4F)的地址->EAX
:00405078 83F050
xor eax, 00000050
//拿它与50做异或->EAX
:0040507B F7F6
div esi
//接着用EAX整除1A,余数在EDX
:0040507D 0FBEF3
movsx esi, bl
//注册码第1位->ESI
:00405080 F7D6
not esi
//取反->ESI
:00405082 8D4645
lea eax, dword ptr [esi+45] //(第1位取反结果+45)的地址->EAX
:00405085 83F053
xor eax, 00000053
//那它与53做异或->EAX
:00405088 80C241
add dl, 41
//余数变成1个大写字母?->DL
:0040508B 88542419
mov byte ptr [esp+19], dl
//好了,这是真注册码的第2位->[ESP+19]
:0040508F 33D2
xor edx, edx
//再来
:00405091 F7F5
div ebp
//用EAX(上次整除的商)整除1A,余数放在EDX里
:00405093 8D4144
lea eax, dword ptr [ecx+44] //(第5位取反结果+44)地址->EAX
:00405096 83F058
xor eax, 00000058
//拿它与58做异或->EAX
:00405099 80C241
add dl, 41
//余数变成1个大写字母?->DL
:0040509C 8854241A
mov byte ptr [esp+1A], dl
//作为真注册码的第3位->[ESP+1A]
:004050A0 33D2
xor edx, edx
//GOGOGO(TANY语) YUN~~(我)
:004050A2 F7F5
div ebp
//用EAX整除1A,余数放EDX
:004050A4 8D4659
lea eax, dword ptr [esi+59] //(注册码第1位取反结果+59)的地址->EAX
:004050A7 83F056
xor eax, 00000056
//拿它与56做异或->EAX
:004050AA 80C241
add dl, 41
//余数变成1个大写字母?
:004050AD 8854241B
mov byte ptr [esp+1B], dl
//作为真注册码的第4位->[ESP+1B]
:004050B1 33D2
xor edx, edx
//GOGOGO(TANY语) ......(我)
:004050B3 F7F5
div ebp
//用EAX(上次整除的商)整除1A,余数放在EDX里
:004050B5 8D4156
lea eax, dword ptr [ecx+56] //(第5位取反结果+56)的地址->EAX
:004050B8 83F049
xor eax, 00000049
//拿它与49做异或->EAX
:004050BB 80C241
add dl, 41
//余数变成1个大写字母?
:004050BE 8854241D
mov byte ptr [esp+1D], dl
//作为真注册码的第6位->[ESP+1D]
:004050C2 33D2
xor edx, edx
//晕死你(TANY语) -_-|(我)
:004050C4 F7F5
div ebp
//用EAX(上次整除的商)整除1A,余数放在EDX里
:004050C6 8D4658
lea eax, dword ptr [esi+58] //(注册码第1位取反结果+58)的地址-EAX
:004050C9 83F044
xor eax, 00000044
//拿它与44做异或->EAX
:004050CC 80C241
add dl, 41
//余数变成1个大写字母?
:004050CF 8854241E
mov byte ptr [esp+1E], dl
//作为真注册码的第7位->[ESP+1E]
:004050D3 33D2
xor edx, edx
//...... ......
:004050D5 F7F5
div ebp
//用EAX整除1A,余数放EDX
:004050D7 8D4153
lea eax, dword ptr [ecx+53] //(第5位取反结果+53)的地址->EAX
:004050DA 8BCD
mov ecx, ebp
//1A->ECX
:004050DC 83F045
xor eax, 00000045
//EAX(商)与45做异或->EAX
:004050DF 80C241
add dl, 41
//余数变成1个大写字母?
:004050E2 8854241F
mov byte ptr [esp+1F], dl
//作为真注册码的第8位->[ESP+1F]
:004050E6 33D2
xor edx, edx
//:) :(
:004050E8 F7F1
div ecx
//用EAX整除1A,余数放EDX
:004050EA 8D4650
lea eax, dword ptr [esi+50] //(注册码第1位取反结果+50)的地址->EAX
:004050ED 8BF5
mov esi, ebp
//1A->ESI
:004050EF 83F04F
xor eax, 0000004F
//EAX(商)与4F做异或->EAX
:004050F2 8BCA
mov ecx, edx
//余数->ECX
:004050F4 33D2
xor edx, edx
//EDX清0
:004050F6 F7F6
div esi
//EAX(商)整除1A,余数放EDX
:004050F8 80C141
add cl, 41
//真注册码的第9位->CL
:004050FB 80C241
add dl, 41
//真注册码的第10位->DL
:004050FE 80FB41
cmp bl, 41
//注册码第1位在A-Z之间?
:00405101 0F8CFD000000 jl 00405204
:00405107 80FB5A
cmp bl, 5A
:0040510A 0F8FF4000000 jg 00405204
:00405110 8A5F01
mov bl, byte ptr [edi+01]
//注册码第2位->BL且在A-Z之间?
:00405113 80FB41
cmp bl, 41
:00405116 0F8CE8000000 jl 00405204
:0040511C 80FB5A
cmp bl, 5A
:0040511F 0F8FDF000000 jg 00405204
:00405125 8A4702
mov al, byte ptr [edi+02]
//注册码第3位在A-Z之间?
:00405128 3C41
cmp al, 41
:0040512A 88442413
mov byte ptr [esp+13], al
:0040512E 0F8CD0000000 jl 00405204
:00405134 3C5A
cmp al, 5A
:00405136 0F8FC8000000 jg 00405204
:0040513C 8A4703
mov al, byte ptr [edi+03]
//注册码第4位在A-Z之间?
:0040513F 3C41
cmp al, 41
:00405141 88442417
mov byte ptr [esp+17], al
:00405145 0F8CB9000000 jl 00405204
:0040514B 3C5A
cmp al, 5A
:0040514D 0F8FB1000000 jg 00405204
:00405153 8A4704
mov al, byte ptr [edi+04]
//注册码第5位在A-Z之间?
:00405156 3C41
cmp al, 41
:00405158 0F8CA6000000 jl 00405204
:0040515E 3C5A
cmp al, 5A
:00405160 0F8F9E000000 jg 00405204
:00405166 8A4705
mov al, byte ptr [edi+05]
//注册码第6位在A-Z之间?
:00405169 3C41
cmp al, 41
:0040516B 88442415
mov byte ptr [esp+15], al
:0040516F 0F8C8F000000 jl 00405204
:00405175 3C5A
cmp al, 5A
:00405177 0F8F87000000 jg 00405204
:0040517D 8A4706
mov al, byte ptr [edi+06]
//注册码第7位在A-Z之间?
:00405180 3C41
cmp al, 41
:00405182 88442412
mov byte ptr [esp+12], al
:00405186 7C7C
jl 00405204
:00405188 3C5A
cmp al, 5A
:0040518A 7F78
jg 00405204
:0040518C 8A4707
mov al, byte ptr [edi+07]
//注册码第8位在A-Z之间?
:0040518F 3C41
cmp al, 41
:00405191 88442414
mov byte ptr [esp+14], al
:00405195 7C6D
jl 00405204
:00405197 3C5A
cmp al, 5A
:00405199 7F69
jg 00405204
:0040519B 8A4708
mov al, byte ptr [edi+08]
//注册码第9位在A-Z之间?
:0040519E 3C41
cmp al, 41
:004051A0 88442416
mov byte ptr [esp+16], al
:004051A4 7C5E
jl 00405204
:004051A6 3C5A
cmp al, 5A
:004051A8 7F5A
jg 00405204
:004051AA 8A4709
mov al, byte ptr [edi+09]
//注册码第10位->AL且在A-Z之间?
:004051AD 3C41
cmp al, 41
:004051AF 7C53
jl 00405204
:004051B1 3C5A
cmp al, 5A
:004051B3 7F4F
jg 00405204
:004051B5 3A5C2419
cmp bl, byte ptr [esp+19]
//真假注册码第2位比较
:004051B9 7549
jne 00405204
:004051BB 8A5C2413
mov bl, byte ptr [esp+13]
//假注册码第3位->[ESP+13]
:004051BF 3A5C241A
cmp bl, byte ptr [esp+1A]
//真假注册码第3位比较
:004051C3 753F
jne 00405204
:004051C5 8A5C2417
mov bl, byte ptr [esp+17]
//假注册码第4位->[ESP+17]
:004051C9 3A5C241B
cmp bl, byte ptr [esp+1B]
//真假注册码第3位比较
:004051CD 7535
jne 00405204
:004051CF 8A5C2415
mov bl, byte ptr [esp+15]
//假注册码第6位->[ESP+15]
:004051D3 3A5C241D
cmp bl, byte ptr [esp+1D]
//真假注册码第6位比较
:004051D7 752B
jne 00405204
:004051D9 8A5C2412
mov bl, byte ptr [esp+12]
//假注册码第7位->[ESP+12]
:004051DD 3A5C241E
cmp bl, byte ptr [esp+1E]
//真假注册码第7位比较
:004051E1 7521
jne 00405204
:004051E3 8A5C2414
mov bl, byte ptr [esp+14]
//假注册码第8位->[ESP+12]
:004051E7 3A5C241F
cmp bl, byte ptr [esp+1F]
//真假注册码第8位比较
:004051EB 7517
jne 00405204
:004051ED 384C2416
cmp byte ptr [esp+16], cl
//真假注册码第9位比较
:004051F1 7511
jne 00405204
:004051F3 3AC2
cmp al, dl
//真假注册码第10位比较
:004051F5 750D
jne 00405204
//想混过去没门(TANY语)
:004051F7 33C0
xor eax, eax
//oo混过来了:)
:004051F9 5F
pop edi
:004051FA 5E
pop esi
:004051FB 5D
pop ebp
:004051FC 5B
pop ebx
:004051FD 81C408010000 add esp, 00000108
:00405203 C3
ret
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:00405101(C), :0040510A(C), :00405116(C), :0040511F(C), :0040512E(C)
|:00405136(C), :00405145(C), :0040514D(C), :00405158(C), :00405160(C)
|:0040516F(C), :00405177(C), :00405186(C), :0040518A(C), :00405195(C)
|:00405199(C), :004051A4(C), :004051A8(C), :004051AF(C), :004051B3(C)
|:004051B9(C), :004051C3(C), :004051CD(C), :004051D7(C), :004051E1(C)
|:004051EB(C), :004051F1(C), :004051F5(C)
|
:00405204 5F
pop edi
//晕~~~没混过来:(
:00405205 5E
pop esi
:00405206 5D
pop ebp
:00405207 83C8FF
or eax, FFFFFFFF
:0040520A 5B
pop ebx
:0040520B 81C408010000 add esp, 00000108
:00405211 C3
ret
完活-_-,这是我第一次也是最后一次写详细的了,完全是为了初学者,自己努力吧:)
这个玩艺破解用10分钟,写出来花几个小时,我晕~~~~~~
部分注册码:(用户名任意)
Name:ZOMBIE
Code:RNFKCCNNWW
Code:ALCKENLEUN
———————————————————————————————>
.-"
"-. Cracked by zombieys >
/ \
My oicq is 1789655 >
|
| My hp is zombieys.yeah.net>
|, .-. .-.
,| My hp is zombieys.126.com >
|)(__/ \__)(|
>
|/ /\
\| Thanks for your supports >
(@_@) (_ ^^ _)
>
_ )\_______\__|IIIIII|__/_____
>
_)@8@8{}<________|-\IIIIII/-|____zombieys_____________________>
- 标 题:注册PSXVIDEO Ver1.12详细算法 (14千字)
- 作 者:zombieys
- 时 间:2001-4-11 20:22:18
- 链 接:http://bbs.pediy.com