破解者:HMILY[BCG]
破解于:2002-12-29
软件名称:XX速查 v3.0
* Possible StringData
Ref from Code Obj ->"BiXwDIdi5168qcIEFMEWDSVdkvmemifPCiEsefGF21QCLM"
->"WE" --->这个是注册码计算的基数
|
:005B3567 B9E4365B00
mov ecx, 005B36E4
:005B356C E8FB140000
call 005B4A6C ->注册码的计算 ->跟进去研究一下。
:005B3571 8B45F4
mov eax, dword ptr [ebp-0C]
:005B3574 8D55FC
lea edx, dword ptr [ebp-04]
:005B3577 E84C64E5FF
call 004099C8
:005B357C 8D55E8
lea edx, dword ptr [ebp-18]
:005B357F 8B8600030000 mov eax,
dword ptr [esi+00000300]
:005B3585 E8B638E8FF
call 00436E40
:005B358A 8B45E8
mov eax, dword ptr [ebp-18]
:005B358D
8D55EC lea edx,
dword ptr [ebp-14]
:005B3590 E8C766E5FF
call 00409C5C
:005B3595 8B45EC
mov eax, dword ptr [ebp-14]
:005B3598 8D55F0
lea edx, dword ptr [ebp-10]
:005B359B E82864E5FF call
004099C8
:005B35A0 8B55F0
mov edx, dword ptr [ebp-10] -|真假注册码分别传入eax、edx
:005B35A3 8B45FC
mov eax, dword ptr [ebp-04]
-|
:005B35A6 E8590DE5FF call
00404304 ->注册码的对比
:005B35AB 757C
jne 005B3629 ->不相等、出错
:005B35AD 33C9
xor ecx, ecx
* Possible StringData Ref from Code Obj ->"Microyzcsjcid"
|
:005B35AF BACC365B00
mov edx, 005B36CC
:005B35B4 8BC3
mov eax, ebx
:005B35B6 E80901EBFF
call 004636C4
:005B35BB 8B4DFC
mov ecx, dword ptr [ebp-04]
* Possible StringData Ref from Code Obj ->"hdh"
|
:005B35BE BA20375B00
mov edx, 005B3720
:005B35C3 8BC3
mov eax, ebx
:005B35C5 E85600EBFF
call 00463620
:005B35CA 8BC3
mov eax, ebx
:005B35CC E877FAEAFF call 00463048
:005B35D1 8BC3
mov eax, ebx
:005B35D3 E874FBE4FF
call 0040314C
* Possible StringData Ref from Code Obj
->"注册成功!"
|
:005B35D8 BA2C375B00
mov edx, 005B372C
:005B35DD 8B8608030000
mov eax, dword ptr [esi+00000308]
:005B35E3
E88838E8FF call 00436E70
:005B35E8 A1CCA65B00 mov eax,
dword ptr [005BA6CC]
:005B35ED 8B00
mov eax, dword ptr [eax]
:005B35EF 8B803C040000
mov eax, dword ptr [eax+0000043C]
* Possible StringData Ref from Code Obj ->"软件已注册,谢谢您的支持!"
|
:005B35F5 BA40375B00
mov edx, 005B3740
:005B35FA E87138E8FF
call 00436E70
:005B35FF A1CCA65B00
mov eax, dword ptr [005BA6CC]
:005B3604 8B00
mov eax, dword
ptr [eax]
:005B3606 8B8040040000
mov eax, dword ptr [eax+00000440]
:005B360C 33D2
xor edx, edx
:005B360E E84537E8FF
call 00436D58
:005B3613 A1CCA65B00
mov eax, dword ptr [005BA6CC]
:005B3618
8B00 mov
eax, dword ptr [eax]
:005B361A 8B8040040000
mov eax, dword ptr [eax+00000440]
:005B3620 B201
mov dl, 01
:005B3622 8B08
mov ecx, dword
ptr [eax]
:005B3624 FF51FC
call [ecx-04]
:005B3627 EB2A
jmp 005B3653
* Referenced by a (U)nconditional
or (C)onditional Jump at Address:
|:005B35AB(C)
|
:005B3629 6A10
push 00000010
* Possible StringData Ref from Code Obj ->"提示"
|
:005B362B 685C375B00
push 005B375C
* Possible StringData Ref from Code Obj ->"注册码错误!请速与作者联系"
|
:005B3630 6864375B00
push 005B3764
:005B3635 A138BF5B00
mov eax, dword ptr [005BBF38]
:005B363A
E8AD99E8FF call 0043CFEC
:005B363F 50
push eax
==============================================================================================
* Referenced by a CALL at Addresses:
|:005B356C , :005B37D5
, :005B45D1
|
:005B4A6C 55
push ebp ->跟入上面那个call来到这里
:005B4A6D
8BEC mov
ebp, esp
:005B4A6F 83C4F4
add esp, FFFFFFF4
:005B4A72 53
push ebx
:005B4A73 56
push esi
:005B4A74
57
push edi
:005B4A75 894DF8
mov dword ptr [ebp-08], ecx
:005B4A78 8955FC
mov dword ptr [ebp-04], edx
:005B4A7B
8B45FC mov eax,
dword ptr [ebp-04]
:005B4A7E E825F9E4FF
call 004043A8
:005B4A83 8B45F8
mov eax, dword ptr [ebp-08]
:005B4A86 E81DF9E4FF
call 004043A8
:005B4A8B 33C0
xor eax, eax
:005B4A8D 55
push ebp
:005B4A8E 68334B5B00
push 005B4B33
:005B4A93 64FF30
push dword ptr fs:[eax]
:005B4A96 648920
mov dword ptr fs:[eax], esp
:005B4A99 837DF800 cmp
dword ptr [ebp-08], 00000000
:005B4A9D 750D
jne 005B4AAC
:005B4A9F 8D45F8
lea eax, dword ptr [ebp-08]
* Possible StringData Ref from Code Obj ->"diVEiXsMOie2bPqACIE"
|
:005B4AA2 BA4C4B5B00
mov edx, 005B4B4C
:005B4AA7 E860F5E4FF
call 0040400C
* Referenced by a (U)nconditional
or (C)onditional Jump at Address:
|:005B4A9D(C)
|
:005B4AAC BE01000000
mov esi, 00000001
:005B4AB1 8B45FC
mov eax, dword ptr [ebp-04]
:005B4AB4 E83BF7E4FF call
004041F4
:005B4AB9 8BF8
mov edi, eax
:005B4ABB 85FF
test edi, edi
:005B4ABD 7E4E
jle 005B4B0D
:005B4ABF
BB01000000 mov ebx, 00000001
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:005B4B0B(C)
|
:005B4AC4 8B45FC
mov eax, dword ptr [ebp-04] ->机器码传入eax
:005B4AC7 8A4418FF
mov al, byte ptr [eax+ebx-01]
->依次取机器码
:005B4ACB 240F
and al, 0F
->和0x0F做与运算
:005B4ACD 8B55F8
mov edx, dword ptr [ebp-08] ->基数传入edx
:005B4AD0
8A5432FF mov dl, byte ptr
[edx+esi-01] ->依次取基数
:005B4AD4 80E20F
and dl, 0F
->取得的基数和0x0F做与运算
:005B4AD7 32C2
xor al, dl
->两个数的结果相互做异或运算
:005B4AD9
8845F7 mov byte
ptr [ebp-09], al ->把异或的结果保存到ebp-09
:005B4ADC 8D45FC
lea eax, dword ptr [ebp-04]
:005B4ADF E8E0F8E4FF call 004043C4
:005B4AE4 8B55FC
mov edx, dword ptr [ebp-04] ->取机器码
:005B4AE7 8A541AFF
mov dl, byte ptr [edx+ebx-01] ->依次取机器码
:005B4AEB 80E2F0
and dl, F0
->取得的机器码和0xF0做与运算
:005B4AEE 8A4DF7
mov cl, byte ptr [ebp-09] ->取出异或结果传给cl
:005B4AF1 02D1
add dl, cl ->把机器码与0xF0的运算结果和cl相加
:005B4AF3 885418FF
mov byte ptr [eax+ebx-01], dl
:005B4AF7 46
inc esi
:005B4AF8 8B45F8
mov eax, dword ptr [ebp-08]
:005B4AFB E8F4F6E4FF call
004041F4
:005B4B00 3BF0
cmp esi, eax
:005B4B02 7E05
jle 005B4B09
:005B4B04 BE01000000
mov esi, 00000001
* Referenced
by a (U)nconditional or (C)onditional Jump at Address:
|:005B4B02(C)
|
:005B4B09 43
inc ebx
:005B4B0A 4F
dec edi
:005B4B0B 75B7
jne 005B4AC4
==============================================================================================
它的算法已经明确,就做个注册机吧。
TC 2.0下调试通过
#include "stdio.h"
int key[48]={'B','i','X','w','D','I','d','i','5','1','6','8','q','c','I','E','F','M','E','W','D','S','V','d','k','v','m','e','m','i','f','P','C','i','E','s','e','f','G','F','2','1','Q','C','L','M','W','E'};
main()
{
char S[10],*p=S;
int
*p1=key;
unsigned long a,b,c,d,e;
printf("ChengYuSuCha
v3.0 keygen by HMILY[BCG]\n");
printf("My e-mail : gyyxll@21cn.com\n");
printf("***************HMILY[BCG]***************\n");
printf("please enter your serial : ");
gets(S);
printf(" Your register code is : ");
while(*p!='\0')
{
a=*p&0x0F;
b=*p1&0x0F;
c=a^b;
d=*p&0xF0;
e=c+d;
p++;p1++;
printf("%c",e);
}
}
- 标 题:成语速查 v3.0-3.2破文加注册机源码,简单-高手看到不要笑 (8千字)
- 作 者:HMILY[BCG]
- 时 间:2003-1-22 17:50:33
- 链 接:http://bbs.pediy.com